coulomb/reuse-surface
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete WP-0006 through WP-0009: registry expansion, catalog, graph, tests
Some checks failed
ci / validate-registry (push) Has been cancelled
Details

Browse Source 
Register six new capabilities (12 total), add searchable catalog UI and graph
explorer, introduce pytest suite with CI fail-on-warnings, and close gap
analysis priorities 13 and 16. WP-0010 remains backlog for network federation.
This commit is contained in:
Bernd Worsch
2026-06-15 02:24:20 +02:00
parent 399690a5b6
commit e766f38e6f
30 changed files with 1632 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
registry/capabilities/capability.authorization.policy-evaluate.md Normal file
View File

@@ -0,0 +1,80 @@
---
id: capability.authorization.policy-evaluate
name: Authorization Policy Evaluation
summary: Evaluate access decisions from policy-as-code rules for subjects, resources, and actions.
owner: flex-auth
status: draft
domain: helix_forge
tags: [authorization, policy, flex-auth]
maturity:
discovery:
current: D4
target: D6
confidence: medium
rationale: flex-auth INTENT defines policy-as-code boundary and enterprise growth path.
availability:
current: A2
target: A5
confidence: low
rationale: Policy registry and evaluation logic exist in repo; service packaging evolving.
external_evidence:
completeness:
level: C2
name: Partial
confidence: low
basis: scope_vs_intent_and_consumer_expectations
satisfied_expectations:
- policy-as-code intent documented
broken_expectations:
- not yet indexed from flex-auth native registry
out_of_scope_expectations:
- identity proofing
reliability:
level: R1
confidence: low
basis: consumer_quality_signals
known_reliability_risks:
- early implementation phase
discovery:
intent: >
Provide inspectable authorization decisions between verified identity and
protected resources using policy-as-code.
includes:
- policy evaluation
- authorization registry
- decision explainability
excludes:
- identity issuance
- authentication protocols
use_cases: []
availability:
current_level: A2
target_level: A5
current_artifacts:
- flex-auth/
consumption_modes:
- source module
relations:
depends_on:
- capability.identity.subject-resolution
related_to:
- capability.feature-control.evaluate
consumer_guidance:
recommended_for:
- planning authorization layer between identity and resources
not_recommended_for:
- feature visibility toggles without policy intent
known_limitations:
- maturity evidence is registry-external today
---
# Authorization Policy Evaluation
Policy evaluation from flex-auth sits between identity resolution and protected
systems.