from brane import CapabilityDeniedError, Decision, Effect, Runtime
TENANT_LIMITS = {
"tenant_acme": 100.0,
"tenant_globex": 250.0,
"tenant_initech": 50.0,
}
DEFAULT_LIMIT = 100.0
runtime = Runtime(
agent_id="support-agent",
environment="prod",
tenant_id="tenant_acme",
)
@runtime.capability(
name="refund_customer",
type="tool",
risk="high",
effect=Effect(
type="financial",
reversible=False,
external=True,
description="Issues a payment refund",
),
data_namespace="billing.refunds",
owner="payments-team",
)
def refund_customer(customer_id: str, amount_usd: float, reason: str = ""):
return {"refunded": True, "customer_id": customer_id, "amount": amount_usd}
@runtime.before_capability(
"refund_customer",
name="refund_require_prod",
version="1.0",
priority=200,
)
def require_prod_for_refunds(ctx):
if not ctx.is_prod:
return Decision(
type="deny",
reason="Refunds can only be issued in the production environment",
)
return Decision(type="allow")
@runtime.before_capability(
"refund_customer",
name="refund_amount_limit",
version="1.0",
priority=100,
)
def refund_amount_limit(ctx):
amount = ctx.arg("amount_usd", 0)
limit = TENANT_LIMITS.get(ctx.tenant_id, DEFAULT_LIMIT)
if amount <= 0:
return Decision(type="deny", reason="Refund amount must be positive")
if amount > limit:
return Decision(
type="deny",
reason=(
f"Refund of ${amount:.2f} exceeds the ${limit:.2f} limit "
f"for tenant {ctx.tenant_id}. Human approval is required."
),
)
return Decision(type="allow")
try:
result = refund_customer("cust_123", 75.00, reason="Duplicate charge")
print(result)
refund_customer("cust_456", 349.00, reason="Defective product")
except CapabilityDeniedError as e:
print(f"Blocked: {e.reason}")
print(f"Action ID: {e.action_id}")