← Back to Blog

Validate \u201cSafe Delete\u201d Protections with Hexarch Guardrails

This walkthrough demonstrates how Hexarch Guardrails enforces API-level control over destructive operations. The example uses a minimal script that attempts to delete data, showing how guardrails intercept execution before any irreversible action occurs. The hexarch-guardrails library evaluates policy intent ahead of runtime, preventing accidental or unauthorized behavior at the function boundary.

How API Control Works in Practice

Hexarch Guardrails introduces a pre-execution enforcement layer around sensitive functions. When a function is wrapped with the @guardian.check("policy_id") decorator, the following sequence occurs:

  1. Execution is intercepted. Before the function body runs, the Guardian assembles contextual information such as actor identity, intent, and any supplied metadata.
  2. Policy is evaluated. This context is passed to the policy engine defined in hexarch.yaml to determine whether the requested action complies with declared policy.
  3. Decision is enforced. If the action is permitted, the function proceeds normally. If the action violates policy, execution is halted immediately by raising a PolicyViolation exception.
  4. Decision is recorded. Every evaluation allowed or denied is written to the audit system, producing a durable record for later inspection, review, or compliance analysis.

This pattern ensures that safety checks are not advisory; they are structural and enforced by default.

Testing a \u201cSafe Delete\u201d Policy

To observe this behavior directly, a simple test script can be created. The example below assumes a safe_delete policy exists in hexarch.yaml.

Create a new file named test_safety.py and add the following code:

from hexarch_guardrails import Guardian
from hexarch_guardrails.exceptions import PolicyViolation

# Initialize the Guardian (automatically loads hexarch.yaml)
guardian = Guardian()

# This function is protected by the "safe_delete" policy
@guardian.check("safe_delete")
def delete_user_records(user_id):
    # In a real application, this would execute a delete operation
    print(f"\u2705 SUCCESSFULLY DELETED records for user: {user_id}")

# --- TEST 1: Accidental deletion attempt (expected to fail) ---
print("--- TEST 1: Attempting an accidental delete ---")
try:
    delete_user_records("user_123")
except PolicyViolation as e:
    print(f"\u274c BLOCKED: {e}")

# --- TEST 2: Intentional deletion attempt (expected to pass) ---
print("\n--- TEST 2: Attempting a confirmed delete ---")
# Explicit confirmation is added to the execution context
guarded_delete = guardian.check(
    "safe_delete",
    context={"confirm": True}
)(delete_user_records)

guarded_delete("user_123")

Running the Test

With the project\u2019s virtual environment active, run the script from the command line:

python test_safety.py

Interpreting the Results

  • Test 1 fails (blocked): Because no confirmation flag is provided, the policy blocks execution and raises a PolicyViolation. This demonstrates the default safety posture: destructive actions do not proceed unless intent is explicit.
  • Test 2 passes: By supplying confirm: True in the execution context, the policy requirements are satisfied, and the function is allowed to run. This mirrors real application behavior, such as a user explicitly confirming a destructive action in a UI.

Together, these tests illustrate how Hexarch Guardrails transforms \u201csafe delete\u201d from a convention into an enforced control. The protection lives at the function boundary, decisions are auditable, and accidental damage is prevented by design rather than by discipline alone.