Policy Engine
Phase 1 implements role-based field filtering via middleware. The system uses three hardcoded roles with progressive data visibility.
Roles and Visibility
Section titled “Roles and Visibility”| Role | Budget | Strategy | Metrics | Logs |
|---|---|---|---|---|
ceo | Full access | Full access | All metrics | Full access |
dept_head | Allocated visible, spent redacted (-1) | Proposed strategies redacted | All metrics | Full access |
team_member | Hidden entirely | Descriptions redacted, IDs stripped | target direction metrics hidden | Hidden entirely |
Implementation
Section titled “Implementation”The policyMiddleware reads the X-Lattice-Role header, defaults to team_member, and attaches a filterEntity function to the Hono context. This function deep-clones the entity and strips fields based on role before the response is sent. The filter is applied on GET single entity and PATCH responses.
Policy Check Endpoint
Section titled “Policy Check Endpoint”Beyond the middleware filtering, a dedicated endpoint allows explicit policy evaluation against the policies table in D1. This table stores {subject, action, object, condition, effect} rules. Evaluation is deny-first: deny rules are sorted before allow rules, and if no policy matches, the default is deny.