[BLOCKED] Validation of Policies with PolicyTemplates provided by PolicyHub

[mkanal]

As CATENA-X data space
I want products using compliant and valid policy definition
so that data sovereignty is guaranteed without using policies improperly or incorrectly

Link

• relates to Data Sovereignty Guardrails Presentation #333
• blocked by Endpoint for validation of policy against compliant policy templates /api/policy-hub/validate-policy policy-hub#64

Info

After releasing the blocked by eclipse-tractusx/policy-hub#64 the concept has to be reworked according to new api endpoint

Hints / Details

• Concept https://github.com/catenax-ng/tx-item-relationship-service/blob/ec22085c6f1879501dd463470549e935f9ba2df2/docs/concept/%23333-Policy-hub-concept/%23333-policy-hub-concept.md (Note: Might already be merged!!! )

"technicalEnforced": false /true:
It informs you whether this policy is automatically validated. If the value is 'true', it indicates that the requesting customer compliance of that policy will get validated as part of the communication between the connectors. Please let me know if you have any suggestions for better wording.

Acceptance Criteria

• The policies accepted by the Policy Store must comply with the specifications (PolicyTemplates) defined by the Policy Hub.
• Each policy must be evaluated against a policy template and MUST only be accepted in case the entire policy meets the requirements of the template.
• Implementation according to concept
• Documentation OpenAPI, Arc42, Admin Manual is adjusted
• E2E Test Cases are adjusted
• Mocks for INT tests are adjusted

NFR

• [ ]Performance: A user who wants to register a policy with a maximum of 10 constraints in the Policy Store will receive feedback on whether the policy is valid in less than a second.
• If a user registers one or more non-compliant policies, he receives a meaningful error message with instructions on how to correct the policy.
• OpenAPI 3.0 endpoints contain a sufficient and meaningful description, including instructions how to correct policy.
• Fail fast strategy for api endpoints is implemented. If several policies are registered and at least one policy is not valid, all policies are not accepted.

Out of Scope

• ...

[mkanal]

@jzbmw This is the outcome pbi for the data soverignty guardrails for 24.5 please have a look.

[mkanal]

BLOCKED as After releasing the blocked by eclipse-tractusx/policy-hub#64 the concept has to be reworked according to new api endpoint