agent_sdk_toolkit/workspace/policy.rs
1//! Concrete workspace tool helpers layered over core tool/effect contracts. Use these
2//! modules for bounded read, search, edit, write, and format-aware extraction
3//! behavior under a host-selected workspace policy. Reads search local files;
4//! edit/write helpers may mutate files only through explicit executor calls. This
5//! file contains the policy portion of that contract.
6//!
7use std::path::PathBuf;
8
9use agent_sdk_core::{PolicyKind, PolicyRef, WorkspaceBoundsSnapshot};
10
11#[derive(Clone, Debug)]
12/// Workspace workspace policy request or result value.
13/// Creating the value does not touch the filesystem; workspace executors document read, write, edit, or search effects.
14pub struct WorkspacePolicy {
15 /// Stable workspace id used for typed lineage, lookup, or dedupe.
16 pub workspace_id: String,
17 /// Root used by this record or request.
18 pub root: PathBuf,
19 /// max file bytes used for bounds checks, summaries, or truncation
20 /// evidence.
21 pub max_file_bytes: u64,
22 /// max output bytes used for bounds checks, summaries, or truncation
23 /// evidence.
24 pub max_output_bytes: u64,
25 /// Maximum number of matches to return.
26 /// Use it to keep search output bounded for model context.
27 pub max_matches: usize,
28 /// Whether include hidden is enabled.
29 /// Policy, validation, or routing code uses this flag to choose the explicit behavior.
30 pub include_hidden: bool,
31 /// Whether follow symlinks is enabled.
32 /// Policy, validation, or routing code uses this flag to choose the explicit behavior.
33 pub follow_symlinks: bool,
34 /// Boolean policy/capability flag for whether allow create is enabled.
35 pub allow_create: bool,
36 /// Boolean policy/capability flag for whether allow overwrite is enabled.
37 pub allow_overwrite: bool,
38}
39
40impl WorkspacePolicy {
41 /// Creates a new workspace::policy value with explicit
42 /// caller-provided inputs. This constructor is data-only and
43 /// performs no I/O or external side effects.
44 pub fn new(root: impl Into<PathBuf>) -> Self {
45 Self {
46 workspace_id: "workspace.default".to_string(),
47 root: root.into(),
48 max_file_bytes: 64 * 1024,
49 max_output_bytes: 64 * 1024,
50 max_matches: 100,
51 include_hidden: false,
52 follow_symlinks: false,
53 allow_create: false,
54 allow_overwrite: false,
55 }
56 }
57
58 /// Returns the bounds snapshot currently held by this value.
59 /// This snapshots workspace bounds policy metadata without reading or writing workspace
60 /// files.
61 pub fn bounds_snapshot(&self, root_policy_ref: PolicyRef) -> WorkspaceBoundsSnapshot {
62 WorkspaceBoundsSnapshot {
63 workspace_id: self.workspace_id.clone(),
64 root_policy_ref,
65 max_file_bytes: self.max_file_bytes,
66 max_output_bytes: self.max_output_bytes,
67 max_matches: self.max_matches,
68 follow_symlinks: self.follow_symlinks,
69 include_hidden: self.include_hidden,
70 anchor_validation: agent_sdk_core::AnchorValidationRequirement::HashLineRequired,
71 preview_apply: agent_sdk_core::PreviewApplyRequirement::ApplyRequiresPreviewAndApproval,
72 }
73 }
74}
75
76/// Returns filesystem policy for the current value.
77/// This is a read-only or data-construction helper unless the method body explicitly calls a
78/// port or store.
79pub fn filesystem_policy(id: &str) -> PolicyRef {
80 PolicyRef::with_kind(PolicyKind::Permission, id)
81}
82
83/// Returns approval policy for the current value.
84/// This is a read-only or data-construction helper unless the method body explicitly calls a
85/// port or store.
86pub fn approval_policy(id: &str) -> PolicyRef {
87 PolicyRef::with_kind(PolicyKind::Approval, id)
88}