Skip to main content

agent_sdk_toolkit/workspace/
policy.rs

1//! Concrete workspace tool helpers layered over core tool/effect contracts. Use these
2//! modules for bounded read, search, edit, write, and format-aware extraction
3//! behavior under a host-selected workspace policy. Reads search local files;
4//! edit/write helpers may mutate files only through explicit executor calls. This
5//! file contains the policy portion of that contract.
6//!
7use std::path::PathBuf;
8
9use agent_sdk_core::{PolicyKind, PolicyRef, WorkspaceBoundsSnapshot};
10
11#[derive(Clone, Debug)]
12/// Workspace workspace policy request or result value.
13/// Creating the value does not touch the filesystem; workspace executors document read, write, edit, or search effects.
14pub struct WorkspacePolicy {
15    /// Stable workspace id used for typed lineage, lookup, or dedupe.
16    pub workspace_id: String,
17    /// Root used by this record or request.
18    pub root: PathBuf,
19    /// max file bytes used for bounds checks, summaries, or truncation
20    /// evidence.
21    pub max_file_bytes: u64,
22    /// max output bytes used for bounds checks, summaries, or truncation
23    /// evidence.
24    pub max_output_bytes: u64,
25    /// Maximum number of matches to return.
26    /// Use it to keep search output bounded for model context.
27    pub max_matches: usize,
28    /// Whether include hidden is enabled.
29    /// Policy, validation, or routing code uses this flag to choose the explicit behavior.
30    pub include_hidden: bool,
31    /// Whether follow symlinks is enabled.
32    /// Policy, validation, or routing code uses this flag to choose the explicit behavior.
33    pub follow_symlinks: bool,
34    /// Boolean policy/capability flag for whether allow create is enabled.
35    pub allow_create: bool,
36    /// Boolean policy/capability flag for whether allow overwrite is enabled.
37    pub allow_overwrite: bool,
38}
39
40impl WorkspacePolicy {
41    /// Creates a new workspace::policy value with explicit
42    /// caller-provided inputs. This constructor is data-only and
43    /// performs no I/O or external side effects.
44    pub fn new(root: impl Into<PathBuf>) -> Self {
45        Self {
46            workspace_id: "workspace.default".to_string(),
47            root: root.into(),
48            max_file_bytes: 64 * 1024,
49            max_output_bytes: 64 * 1024,
50            max_matches: 100,
51            include_hidden: false,
52            follow_symlinks: false,
53            allow_create: false,
54            allow_overwrite: false,
55        }
56    }
57
58    /// Returns the bounds snapshot currently held by this value.
59    /// This snapshots workspace bounds policy metadata without reading or writing workspace
60    /// files.
61    pub fn bounds_snapshot(&self, root_policy_ref: PolicyRef) -> WorkspaceBoundsSnapshot {
62        WorkspaceBoundsSnapshot {
63            workspace_id: self.workspace_id.clone(),
64            root_policy_ref,
65            max_file_bytes: self.max_file_bytes,
66            max_output_bytes: self.max_output_bytes,
67            max_matches: self.max_matches,
68            follow_symlinks: self.follow_symlinks,
69            include_hidden: self.include_hidden,
70            anchor_validation: agent_sdk_core::AnchorValidationRequirement::HashLineRequired,
71            preview_apply: agent_sdk_core::PreviewApplyRequirement::ApplyRequiresPreviewAndApproval,
72        }
73    }
74}
75
76/// Returns filesystem policy for the current value.
77/// This is a read-only or data-construction helper unless the method body explicitly calls a
78/// port or store.
79pub fn filesystem_policy(id: &str) -> PolicyRef {
80    PolicyRef::with_kind(PolicyKind::Permission, id)
81}
82
83/// Returns approval policy for the current value.
84/// This is a read-only or data-construction helper unless the method body explicitly calls a
85/// port or store.
86pub fn approval_policy(id: &str) -> PolicyRef {
87    PolicyRef::with_kind(PolicyKind::Approval, id)
88}