Struct PathPolicy 

pub struct PathPolicy { /* private fields */ }

A PermissionPolicy that governs FileSystemPermissionRequests by checking whether target paths fall within allowed or protected directory trees.

Protected roots take priority: any path under a protected root is denied immediately. Paths under an allowed root are permitted. Paths outside both sets either require approval or are denied, depending on require_approval_outside_allowed.

Example

use agentkit_tools_core::PathPolicy;

let policy = PathPolicy::new()
    .allow_root("/workspace/project")
    .read_only_root("/workspace/project/vendor")
    .protect_root("/workspace/project/.env")
    .require_approval_outside_allowed(true);

Implementations

impl PathPolicy

pub fn new() -> Self

Creates a new path policy with no roots and approval required for paths outside allowed roots.

pub fn allow_root(self, root: impl Into<PathBuf>) -> Self

Adds a directory tree that filesystem operations are allowed to target.

pub fn read_only_root(self, root: impl Into<PathBuf>) -> Self

Adds a directory tree that may be read or listed but not mutated.

pub fn protect_root(self, root: impl Into<PathBuf>) -> Self

Adds a directory tree that filesystem operations are never allowed to target.

pub fn require_approval_outside_allowed(self, value: bool) -> Self

When true (the default), paths outside allowed roots trigger an approval request instead of an outright denial.

Trait Implementations

impl Default for PathPolicy

fn default() -> Self

Returns the “default value” for a type.

impl PermissionPolicy for PathPolicy

fn evaluate(&self, request: &dyn PermissionRequest) -> PolicyMatch

Evaluate the request and return a match or PolicyMatch::NoOpinion.