Add AggregationMethod enum and DecisionSeverity to PolicyEvaluation for deterministic aggregation

maaydin · maaydin · commit ffa70384d4b2 · 2025-12-10T04:32:46.000Z
diff --git a/lib/go/cabincrew/protocol.go b/lib/go/cabincrew/protocol.go
@@ -1,6 +1,7 @@
 package cabincrew
 
 type CabinCrewProtocol struct {
+	AggregationMethod                *AggregationMethod      `json:"AggregationMethod,omitempty"`
 	AnyMap                           map[string]interface{}  `json:"AnyMap,omitempty"`
 	ApprovalReceivedData             *ApprovalReceivedData   `json:"ApprovalReceivedData,omitempty"`
 	ApprovalRecord                   *ApprovalRecord         `json:"ApprovalRecord,omitempty"`
@@ -19,6 +20,7 @@ type CabinCrewProtocol struct {
 	AuditPolicy                      *AuditPolicy            `json:"AuditPolicy,omitempty"`
 	AuditWorkflow                    *AuditWorkflow          `json:"AuditWorkflow,omitempty"`
 	Decision                         *Decision               `json:"Decision,omitempty"`
+	DecisionSeverity                 *float64                `json:"DecisionSeverity,omitempty"`
 	EngineArtifact                   *EngineArtifact         `json:"EngineArtifact,omitempty"`
 	EngineInput                      *EngineInput            `json:"EngineInput,omitempty"`
 	EngineMeta                       *EngineMeta             `json:"EngineMeta,omitempty"`
@@ -291,8 +293,9 @@ type PlanArtifactHash struct {
 // Extended to support chain-of-custody reconstruction.
 type AuditPolicy struct {
 	// Aggregation method used to combine individual policy decisions.                                 
-	// Examples: 'most_restrictive', 'unanimous', 'majority'                                           
-	AggregationMethod                                                               *string            `json:"aggregation_method,omitempty"`
+	// REQUIRED if multiple policies were evaluated.                                                   
+	// Ensures deterministic aggregation across orchestrators.                                         
+	AggregationMethod                                                               *AggregationMethod `json:"aggregation_method,omitempty"`
 	// Final aggregated decision after all policy evaluations.                                         
 	// REQUIRED for chain-of-custody.                                                                  
 	Decision                                                                        Decision           `json:"decision"`
@@ -323,6 +326,10 @@ type PolicyEvaluation struct {
 	PolicyID                                                                string           `json:"policy_id"`
 	// Reason for this decision.                                                             
 	Reason                                                                  *string          `json:"reason,omitempty"`
+	// Decision severity for aggregation ordering.                                           
+	// 0=allow, 1=warn, 2=require_approval, 3=deny                                           
+	// REQUIRED for deterministic "most restrictive" aggregation.                            
+	Severity                                                                float64          `json:"severity"`
 	// Policy source type.                                                                   
 	Source                                                                  Source           `json:"source"`
 }
@@ -593,6 +600,23 @@ type WorkflowStateRecord struct {
 	WorkflowID        string                   `json:"workflow_id"`
 }
 
+// Policy aggregation strategy.
+// Defines how multiple policy decisions are combined into a final decision.
+//
+// Aggregation method used to combine individual policy decisions.
+// REQUIRED if multiple policies were evaluated.
+// Ensures deterministic aggregation across orchestrators.
+type AggregationMethod string
+
+const (
+	AggregationMethodCustom AggregationMethod = "custom"
+	AllAllow                AggregationMethod = "all_allow"
+	AnyDeny                 AggregationMethod = "any_deny"
+	Majority                AggregationMethod = "majority"
+	MostRestrictive         AggregationMethod = "most_restrictive"
+	Unanimous               AggregationMethod = "unanimous"
+)
+
 // Final aggregated decision after all policy evaluations.
 // REQUIRED for chain-of-custody.
 //
@@ -610,11 +634,11 @@ const (
 type Source string
 
 const (
-	Custom     Source = "custom"
-	LlmGateway Source = "llm_gateway"
-	MCPGateway Source = "mcp_gateway"
-	Onnx       Source = "onnx"
-	Opa        Source = "opa"
+	LlmGateway   Source = "llm_gateway"
+	MCPGateway   Source = "mcp_gateway"
+	Onnx         Source = "onnx"
+	Opa          Source = "opa"
+	SourceCustom Source = "custom"
 )
 
 type Severity string
diff --git a/lib/nodejs/src/protocol.ts b/lib/nodejs/src/protocol.ts
@@ -1,4 +1,5 @@
 export interface CabinCrewProtocol {
+    AggregationMethod?:      AggregationMethod;
     AnyMap?:                 { [key: string]: any };
     ApprovalReceivedData?:   ApprovalReceivedData;
     ApprovalRecord?:         ApprovalRecord;
@@ -17,6 +18,7 @@ export interface CabinCrewProtocol {
     AuditPolicy?:            AuditPolicy;
     AuditWorkflow?:          AuditWorkflow;
     Decision?:               Decision;
+    DecisionSeverity?:       number;
     EngineArtifact?:         EngineArtifact;
     EngineInput?:            EngineInput;
     EngineMeta?:             EngineMeta;
@@ -58,6 +60,16 @@ export interface CabinCrewProtocol {
     [property: string]: any;
 }
 
+/**
+ * Policy aggregation strategy.
+ * Defines how multiple policy decisions are combined into a final decision.
+ *
+ * Aggregation method used to combine individual policy decisions.
+ * REQUIRED if multiple policies were evaluated.
+ * Ensures deterministic aggregation across orchestrators.
+ */
+export type AggregationMethod = "all_allow" | "any_deny" | "custom" | "majority" | "most_restrictive" | "unanimous";
+
 export interface ApprovalReceivedData {
     approval_id: string;
     approved:    boolean;
@@ -385,9 +397,10 @@ export interface PlanArtifactHash {
 export interface AuditPolicy {
     /**
      * Aggregation method used to combine individual policy decisions.
-     * Examples: 'most_restrictive', 'unanimous', 'majority'
+     * REQUIRED if multiple policies were evaluated.
+     * Ensures deterministic aggregation across orchestrators.
      */
-    aggregation_method?: string;
+    aggregation_method?: AggregationMethod;
     /**
      * Final aggregated decision after all policy evaluations.
      * REQUIRED for chain-of-custody.
@@ -442,6 +455,12 @@ export interface PolicyEvaluation {
      * Reason for this decision.
      */
     reason?: string;
+    /**
+     * Decision severity for aggregation ordering.
+     * 0=allow, 1=warn, 2=require_approval, 3=deny
+     * REQUIRED for deterministic "most restrictive" aggregation.
+     */
+    severity: number;
     /**
      * Policy source type.
      */
diff --git a/lib/python/src/cabincrew_protocol/protocol.py b/lib/python/src/cabincrew_protocol/protocol.py
@@ -1,6 +1,22 @@
+from enum import Enum
 from dataclasses import dataclass
 from typing import List, Optional, Dict, Any, Union
-from enum import Enum
+
+
+class AggregationMethod(Enum):
+    """Policy aggregation strategy.
+    Defines how multiple policy decisions are combined into a final decision.
+    
+    Aggregation method used to combine individual policy decisions.
+    REQUIRED if multiple policies were evaluated.
+    Ensures deterministic aggregation across orchestrators.
+    """
+    ALL_ALLOW = "all_allow"
+    ANY_DENY = "any_deny"
+    CUSTOM = "custom"
+    MAJORITY = "majority"
+    MOST_RESTRICTIVE = "most_restrictive"
+    UNANIMOUS = "unanimous"
 
 
 @dataclass
@@ -278,6 +294,11 @@ class PolicyEvaluation:
     policy_id: str = None
     """Policy identifier (e.g., OPA policy name, ONNX model name)."""
 
+    severity: float = None
+    """Decision severity for aggregation ordering.
+    0=allow, 1=warn, 2=require_approval, 3=deny
+    REQUIRED for deterministic "most restrictive" aggregation.
+    """
     source: Source = None
     """Policy source type."""
 
@@ -301,9 +322,10 @@ class AuditPolicy:
     """Workflow state when this policy evaluation occurred.
     REQUIRED for temporal chain-of-custody.
     """
-    aggregation_method: Optional[str] = None
+    aggregation_method: Optional[AggregationMethod] = None
     """Aggregation method used to combine individual policy decisions.
-    Examples: 'most_restrictive', 'unanimous', 'majority' = None
+    REQUIRED if multiple policies were evaluated.
+    Ensures deterministic aggregation across orchestrators.
     """
     engine: Optional[str] = None
     """Legacy field for backward compatibility."""
@@ -721,6 +743,7 @@ class WorkflowStateRecord:
 
 @dataclass
 class CabinCrewProtocol:
+    aggregation_method: Optional[AggregationMethod] = None
     any_map: Optional[Dict[str, Any]] = None
     approval_received_data: Optional[ApprovalReceivedData] = None
     approval_record: Optional[ApprovalRecord] = None
@@ -739,6 +762,7 @@ class CabinCrewProtocol:
     audit_policy: Optional[AuditPolicy] = None
     audit_workflow: Optional[AuditWorkflow] = None
     decision: Optional[Decision] = None
+    decision_severity: Optional[float] = None
     engine_artifact: Optional[EngineArtifact] = None
     engine_input: Optional[EngineInput] = None
     engine_meta: Optional[EngineMeta] = None
diff --git a/schemas/draft/schema.json b/schemas/draft/schema.json
@@ -836,6 +836,28 @@
       },
       "additionalProperties": false
     },
+    "AggregationMethod": {
+      "description": "Policy aggregation strategy.\nDefines how multiple policy decisions are combined into a final decision.",
+      "enum": [
+        "all_allow",
+        "any_deny",
+        "custom",
+        "majority",
+        "most_restrictive",
+        "unanimous"
+      ],
+      "type": "string"
+    },
+    "DecisionSeverity": {
+      "description": "Decision severity for ordering.\nUsed to determine \"most restrictive\" in aggregation.",
+      "enum": [
+        0,
+        1,
+        2,
+        3
+      ],
+      "type": "number"
+    },
     "AuditPolicy": {
       "description": "Policy evaluation audit record.\nExtended to support chain-of-custody reconstruction.",
       "type": "object",
@@ -852,7 +874,15 @@
           }
         },
         "aggregation_method": {
-          "description": "Aggregation method used to combine individual policy decisions.\nExamples: 'most_restrictive', 'unanimous', 'majority'",
+          "description": "Aggregation method used to combine individual policy decisions.\nREQUIRED if multiple policies were evaluated.\nEnsures deterministic aggregation across orchestrators.",
+          "enum": [
+            "all_allow",
+            "any_deny",
+            "custom",
+            "majority",
+            "most_restrictive",
+            "unanimous"
+          ],
           "type": "string"
         },
         "workflow_state": {
@@ -904,14 +934,12 @@
           "type": "string"
         },
         "decision": {
-          "description": "Decision from this specific policy.",
-          "enum": [
-            "allow",
-            "deny",
-            "require_approval",
-            "warn"
-          ],
-          "type": "string"
+          "$ref": "#/definitions/Decision",
+          "description": "Decision from this specific policy."
+        },
+        "severity": {
+          "$ref": "#/definitions/DecisionSeverity",
+          "description": "Decision severity for aggregation ordering.\n0=allow, 1=warn, 2=require_approval, 3=deny\nREQUIRED for deterministic \"most restrictive\" aggregation."
         },
         "reason": {
           "description": "Reason for this decision.",
@@ -931,6 +959,7 @@
         "decision",
         "evaluated_at",
         "policy_id",
+        "severity",
         "source"
       ]
     },
diff --git a/schemas/draft/schema.mdx b/schemas/draft/schema.mdx
@@ -239,7 +239,7 @@ Extended to support chain-of-custody reconstruction.
 |---|---|---|---|
 | `decision` | `[Decision]` | Yes | Final aggregated decision after all policy evaluations. REQUIRED for chain-of-custody. |
 | `policy_evaluations` | `array` | No | Individual policy evaluation results. Captures which specific policies (OPA/ONNX/gateway) produced which decisions. |
-| `aggregation_method` | `string` | No | Aggregation method used to combine individual policy decisions. Examples: 'most_restrictive', 'unanimous', 'majority' |
+| `aggregation_method` | `string` | No | Aggregation method used to combine individual policy decisions. REQUIRED if multiple policies were evaluated. Ensures deterministic aggregation across orchestrators. |
 | `workflow_state` | `string` | Yes | Workflow state when this policy evaluation occurred. REQUIRED for temporal chain-of-custody. |
 | `violations` | `array` | No | Policy violations detected. |
 | `warnings` | `array` | No | Policy warnings (non-blocking). |
diff --git a/src/audit.ts b/src/audit.ts
@@ -22,6 +22,24 @@ export interface AuditArtifact {
     size?: number;
 }
 
+/**
+ * Policy aggregation strategy.
+ * Defines how multiple policy decisions are combined into a final decision.
+ */
+export type AggregationMethod =
+    | 'most_restrictive'  // deny > require_approval > warn > allow
+    | 'unanimous'         // all must agree, otherwise most restrictive
+    | 'majority'          // majority vote, ties go to most restrictive
+    | 'any_deny'          // single deny blocks all
+    | 'all_allow'         // all must allow, otherwise most restrictive
+    | 'custom';           // implementation-defined (must document)
+
+/**
+ * Decision severity for ordering.
+ * Used to determine "most restrictive" in aggregation.
+ */
+export type DecisionSeverity = 0 | 1 | 2 | 3; // allow=0, warn=1, require_approval=2, deny=3
+
 /**
  * Policy evaluation audit record.
  * Extended to support chain-of-custody reconstruction.
@@ -41,9 +59,10 @@ export interface AuditPolicy {
 
     /**
      * Aggregation method used to combine individual policy decisions.
-     * Examples: 'most_restrictive', 'unanimous', 'majority'
+     * REQUIRED if multiple policies were evaluated.
+     * Ensures deterministic aggregation across orchestrators.
      */
-    aggregation_method?: string;
+    aggregation_method?: AggregationMethod;
 
     /**
      * Workflow state when this policy evaluation occurred.
@@ -86,7 +105,14 @@ export interface PolicyEvaluation {
     /**
      * Decision from this specific policy.
      */
-    decision: 'allow' | 'warn' | 'require_approval' | 'deny';
+    decision: Decision;
+
+    /**
+     * Decision severity for aggregation ordering.
+     * 0=allow, 1=warn, 2=require_approval, 3=deny
+     * REQUIRED for deterministic "most restrictive" aggregation.
+     */
+    severity: DecisionSeverity;
 
     /**
      * Reason for this decision.
