Deterministic policy evaluation layer for dbl-core
Project description
DBL Policy
Deterministic, tenant-scoped policy evaluation for DBL. This package produces DECISION events only. It does not execute tasks. Status: Stable
What it is
dbl-policy is the normative gate in the DBL stack:
- It evaluates a policy from authoritative inputs only
- It returns ALLOW or DENY with stable reason codes
- It can be bridged into a
dbl-coreDECISION event with a strict, contract-shapeddatamapping - It is pure: no IO, no time, no randomness, no env, no network, no trace-dependence
Non-goals
- No execution
- No orchestration
- No reading or depending on observational fields (trace, runtime, exceptions, etc.)
- No mutation of event streams
Contract
The authoritative specification is in:
docs/dbl_policy_contract.md
Key invariants enforced by this package:
- Inputs must be JSON-safe and deterministic
- No floats (including nested)
- Mapping keys must be exact
str(no subclasses)
- Policy input is whitelisted
- Unknown keys are rejected
PolicyContextis snapshotted- Caller mutation after construction cannot affect evaluation or digest
- Output can be converted into a
dbl-coreDECISION eventDECISION.datais a Mapping with a strict shape- Includes policy lineage:
policy_id,policy_version,tenant_id
Install
pip install dbl-policy
Requires Python 3.11+ and dbl-core>=0.3,<0.4.
Quickstart
- Use a built-in policy
from dbl_policy import PolicyContext, TenantId
from dbl_policy.allow_all import POLICY as ALLOW_ALL
ctx = PolicyContext(
tenant_id=TenantId("tenant-1"),
inputs={"intent_type": "chat.message"},
)
decision = ALLOW_ALL.evaluate(ctx)
- Convert a decision to a DBL DECISION event
from dbl_policy import decision_to_dbl_event
event = decision_to_dbl_event(decision, correlation_id="c1")
event.data will be shaped like:
{
"policy_id": "...",
"policy_version": "...",
"tenant_id": "...",
"gate": {
"decision": "ALLOW" | "DENY",
"reason_code": "...",
# "reason_message": "..." (optional)
}
}
Writing your own policy
Policies only implement evaluate(context) and must be deterministic.
from dataclasses import dataclass
from dbl_policy import (
PolicyContext,
PolicyDecision,
PolicyId,
PolicyVersion,
DecisionOutcome,
)
from dbl_policy import reason_codes
@dataclass(frozen=True)
class ExamplePolicy:
policy_id: PolicyId = PolicyId("example")
policy_version: PolicyVersion = PolicyVersion("1.0.0")
def evaluate(self, context: PolicyContext) -> PolicyDecision:
intent_type = context.inputs.get("intent_type")
if intent_type == "blocked":
return PolicyDecision(
outcome=DecisionOutcome.DENY,
reason_code=reason_codes.TENANT_BLOCKED,
reason_message="blocked intent_type",
policy_id=self.policy_id,
policy_version=self.policy_version,
tenant_id=context.tenant_id,
)
return PolicyDecision(
outcome=DecisionOutcome.ALLOW,
reason_code=reason_codes.OK,
policy_id=self.policy_id,
policy_version=self.policy_version,
tenant_id=context.tenant_id,
)
Safe evaluation (recommended)
decide_safe wraps context validation and converts failures into a stable DENY.
- Valid inputs: evaluates policy, ensures
authoritative_digestis populated - Invalid inputs: DENY with stable reason_code
- Exceptions during evaluation: DENY with
evaluation_error
from dbl_policy import decide_safe
from dbl_policy.allow_all import POLICY
d1 = decide_safe(POLICY, "tenant-1", {"intent_type": "x"})
d2 = decide_safe(POLICY, "tenant-1", {"unknown_key": "x"}) # -> DENY
Starter policy pack
The minimal starter pack is in dbl_policy.policies.compose and is designed for
small teams. It evaluates in order and stops at the first DENY.
Allowed context keys (strict whitelist):
- principal_id
- workspace_id
- intent_type
- capability
- model_id
- provider
- max_output_tokens
- input_bytes
- input_chars
- risk_tier
- request_tags
- extensions
Policy configuration lives in a single static dict:
dbl_policy.policies.compose.POLICY_CONFIG.
Edit it in-code to change allowlists and caps (no IO or env).
Reason codes
Reason codes are stable semantic identifiers:
- ok
- allow_all
- deny_all
- invalid_input
- unknown_context_key
- tenant_blocked
- missing_required_input
- evaluation_error
- admission.missing_required
- admission.invalid_value
- capability.denied
- model.denied
- cost.output_tokens_cap
- cost.input_bytes_cap
- cost.input_chars_cap
- risk.high_requires_override
See src/dbl_policy/reason_codes.py.
Development
python -m venv .venv
.venv\Scripts\Activate.ps1
python -m pip install -e ".[dev]"
pytest
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file dbl_policy-0.2.2.tar.gz.
File metadata
- Download URL: dbl_policy-0.2.2.tar.gz
- Upload date:
- Size: 15.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d66d7386a5d0dc4f1efb9afec13021e498226d1c20e9ce99d1ff03fb9b36be07
|
|
| MD5 |
6cca73413917b918b74c7c74d7802e82
|
|
| BLAKE2b-256 |
616a781ceec47f3ce45f52b5d4c9800de650fce76966f4ead17ea47c873f5e55
|
File details
Details for the file dbl_policy-0.2.2-py3-none-any.whl.
File metadata
- Download URL: dbl_policy-0.2.2-py3-none-any.whl
- Upload date:
- Size: 15.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
386938d7bdd05ece8d4d28cfc8c404b5a5333a9d2dbf887ecdd64cafd5a58eb4
|
|
| MD5 |
84a250d16852a5423c3c9eade1485760
|
|
| BLAKE2b-256 |
91adb981766f33dd96b3f913a0c183f0259447773614fc333d86b79d1a497f2e
|
