| | | 1 | | namespace AsiBackbone.Core.Classification; |
| | | 2 | | |
| | | 3 | | /// <summary> |
| | | 4 | | /// Defines provider-neutral policy options for resolving DLP or classification failure behavior. |
| | | 5 | | /// </summary> |
| | | 6 | | public sealed class DlpFailurePolicyOptions |
| | | 7 | | { |
| | | 8 | | /// <summary> |
| | | 9 | | /// Gets or sets the default behavior for low-risk intents. |
| | | 10 | | /// </summary> |
| | 42 | 11 | | public DlpFailureBehavior LowRiskBehavior { get; set; } = DlpFailureBehavior.WarnAndAllow; |
| | | 12 | | |
| | | 13 | | /// <summary> |
| | | 14 | | /// Gets or sets the default behavior for medium-risk intents. |
| | | 15 | | /// </summary> |
| | 35 | 16 | | public DlpFailureBehavior MediumRiskBehavior { get; set; } = DlpFailureBehavior.RequireAcknowledgment; |
| | | 17 | | |
| | | 18 | | /// <summary> |
| | | 19 | | /// Gets or sets the default behavior for high-risk or regulated intents. |
| | | 20 | | /// </summary> |
| | 32 | 21 | | public DlpFailureBehavior HighRiskBehavior { get; set; } = DlpFailureBehavior.Deny; |
| | | 22 | | |
| | | 23 | | /// <summary> |
| | | 24 | | /// Gets risk- and failure-specific behavior overrides. |
| | | 25 | | /// </summary> |
| | 30 | 26 | | public IDictionary<DlpFailurePolicyKey, DlpFailureBehavior> BehaviorOverrides { get; } = |
| | 26 | 27 | | new Dictionary<DlpFailurePolicyKey, DlpFailureBehavior>(); |
| | | 28 | | |
| | | 29 | | /// <summary> |
| | | 30 | | /// Resolves the configured behavior for the supplied failure context. |
| | | 31 | | /// </summary> |
| | | 32 | | /// <param name="context">The DLP failure policy context.</param> |
| | | 33 | | /// <returns>The configured behavior.</returns> |
| | | 34 | | public DlpFailureBehavior GetBehavior(DlpFailurePolicyContext context) |
| | | 35 | | { |
| | 26 | 36 | | ArgumentNullException.ThrowIfNull(context); |
| | | 37 | | |
| | 24 | 38 | | var key = new DlpFailurePolicyKey(context.RiskLevel, context.FailureKind); |
| | | 39 | | |
| | 24 | 40 | | if (BehaviorOverrides.TryGetValue(key, out DlpFailureBehavior overrideBehavior)) |
| | | 41 | | { |
| | 6 | 42 | | return ValidateBehavior(overrideBehavior, nameof(BehaviorOverrides)); |
| | | 43 | | } |
| | | 44 | | |
| | 18 | 45 | | DlpFailureBehavior behavior = context.RiskLevel switch |
| | 18 | 46 | | { |
| | 9 | 47 | | DlpIntentRiskLevel.Low => LowRiskBehavior, |
| | 5 | 48 | | DlpIntentRiskLevel.Medium => MediumRiskBehavior, |
| | 4 | 49 | | DlpIntentRiskLevel.High => HighRiskBehavior, |
| | 0 | 50 | | _ => throw new ArgumentOutOfRangeException(nameof(context), context.RiskLevel, "DLP intent risk level must b |
| | 18 | 51 | | }; |
| | | 52 | | |
| | 18 | 53 | | return ValidateBehavior(behavior, nameof(context)); |
| | | 54 | | } |
| | | 55 | | |
| | | 56 | | private static DlpFailureBehavior ValidateBehavior( |
| | | 57 | | DlpFailureBehavior behavior, |
| | | 58 | | string parameterName) |
| | | 59 | | { |
| | 24 | 60 | | return Enum.IsDefined(behavior) |
| | 24 | 61 | | ? behavior |
| | 24 | 62 | | : throw new ArgumentOutOfRangeException(parameterName, behavior, "DLP failure behavior must be defined."); |
| | | 63 | | } |
| | | 64 | | } |