"""Corrective action implementations (Phase 2+).

All actions validate against the configured action policy tier and
write to the audit log before executing. This module is the ONLY
place corrective actions may be invoked.
"""
from __future__ import annotations

import logging

from .models import ActionTier, RCAResult

logger = logging.getLogger(__name__)


class ActionExecutor:
    """Governs and executes corrective actions within the configured tier.

    Hard rules:
    - Never modifies depot data or metadata
    - Never deletes or truncates logs
    - Always writes audit entry before any action
    - Refuses actions above the configured max_tier
    """

    def __init__(self, max_tier: ActionTier = ActionTier.ALERT) -> None:
        self.max_tier = max_tier

    def execute(self, result: RCAResult) -> bool:
        """Execute the recommended action if within tier policy.

        Returns True if an action was taken, False if suppressed.
        """
        raise NotImplementedError