@safeapi/safeapi
Version:
SafeAPI: Secure, deterministic, and tamper-resistant API policy engine for Node and browser.
43 lines (42 loc) • 1.53 kB
JavaScript
/**
* @internal
* SafeAPI CLI Simulator Engine
*/
import { deepFreeze } from "../shared";
import { SafeApiEngine } from "../SafeApiEngine";
import { evaluateGuards } from "../SafeApiGuardEngine";
import { computePolicyHash, normalizePolicy } from "../SafeApiPolicyLifecycle";
import { createSafeApiAuditPayload } from "../audit/SafeApiAuditPayload";
export function simulateRequest(policy, context, options) {
const normPolicy = normalizePolicy(policy);
const policyHash = computePolicyHash(normPolicy);
const engine = new SafeApiEngine({
policyResolver: { resolve: async () => normPolicy },
guardEvaluator: { evaluate: async (req, ctx, pol) => Promise.resolve({ allowed: true }) },
audit: { record: () => Promise.resolve() },
hooks: {},
});
// Evaluate guards with trace
const guardEval = evaluateGuards(normPolicy.guards, context, { trace: !!options?.trace });
// Build audit payload
const auditPayload = createSafeApiAuditPayload({
ruleId: normPolicy.policyId ?? normPolicy.ruleSetId,
phase: "safeapi",
priority: 0,
eventType: "evaluation",
timestampMs: Date.now(),
meta: {
safeApi: {
policyHash,
guardTrace: guardEval.guardTrace,
result: guardEval.allowed ? "allow" : "deny",
},
},
});
return deepFreeze({
result: guardEval,
policyHash,
guardTrace: guardEval.guardTrace,
auditPayload,
});
}