"""Policy engine schemas: hard constraints independent of LLM."""

from datetime import datetime, timezone
from enum import Enum
from typing import Any

from pydantic import BaseModel, Field


def _utc_now() -> datetime:
    return datetime.now(timezone.utc)


class PolicyEffect(str, Enum):
    """Allow or deny."""

    ALLOW = "allow"
    DENY = "deny"


class PolicyRule(BaseModel):
    """Single policy rule: condition -> effect."""

    rule_id: str = Field(..., min_length=1)
    effect: PolicyEffect = Field(...)
    condition: dict[str, Any] = Field(default_factory=dict, description="e.g. tool_name, domain, data_class")
    reason: str = Field(default="")
    priority: int = Field(default=0, ge=0, description="Higher = evaluated first")
    created_at: datetime = Field(default_factory=_utc_now)