agentool 0.1.0

Rust toolkit for AI agents: JSON Schema-defined tools for workspace files, search, web, Markdown, Git, memory, human-in-the-loop hooks, and todos.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213

//! 工作区路径:相对根目录拼接、词法规范化、沙箱内解析,以及常见 `std::io::Error` → [`ToolError`](crate::tool::ToolError) 映射。
//!
//! 供 `fs` / `md` 等需要「工作区根 + 可选越界」语义的工具使用;`git` 仅需 [`combine_and_normalize`] 时也可复用。

use std::io::ErrorKind;
use std::path::{Component, Path, PathBuf};

use crate::tool::ToolError;

#[derive(Clone, Copy)]
enum PathResolutionCode {
    InvalidPath,
    FileNotFound,
}

impl PathResolutionCode {
    const fn as_str(self) -> &'static str {
        match self {
            Self::InvalidPath => "INVALID_PATH",
            Self::FileNotFound => "FILE_NOT_FOUND",
        }
    }
}

fn path_tool_error(code: PathResolutionCode, message: impl Into<String>) -> ToolError {
    ToolError {
        code: code.as_str().to_string(),
        message: message.into(),
    }
}

/// 将常见 `std::io::Error` 映射为稳定 `error.code`(文件类操作通用)。
pub(crate) fn map_io_error(err: std::io::Error, context: &str) -> ToolError {
    let code = match err.kind() {
        ErrorKind::NotFound => "FILE_NOT_FOUND",
        ErrorKind::PermissionDenied => "PERMISSION_DENIED",
        ErrorKind::AlreadyExists => "FILE_ALREADY_EXISTS",
        ErrorKind::DirectoryNotEmpty => "DIRECTORY_NOT_EMPTY",
        ErrorKind::InvalidInput | ErrorKind::InvalidData => "INVALID_PATH",
        #[cfg(target_os = "windows")]
        ErrorKind::InvalidFilename => "INVALID_PATH",
        _ => "INVALID_PATH",
    };
    let prefix = if context.is_empty() {
        String::new()
    } else {
        format!("{context}: ")
    };
    ToolError {
        code: code.to_string(),
        message: format!("{prefix}{err}"),
    }
}

/// 词法规范化:折叠 `.` / `..`,不访问文件系统。
pub(crate) fn normalize_path(path: &Path) -> PathBuf {
    let mut out = PathBuf::new();
    for component in path.components() {
        match component {
            Component::Prefix(_) | Component::RootDir => {
                out.push(component.as_os_str());
            }
            Component::CurDir => {}
            Component::ParentDir => {
                let _ = out.pop();
            }
            Component::Normal(part) => out.push(part),
        }
    }
    out
}

/// `path` 等于 `root` 或为其严格子路径(按路径分量比较)。
pub(crate) fn is_descendant(root: &Path, path: &Path) -> bool {
    let r: Vec<_> = root.components().collect();
    let p: Vec<_> = path.components().collect();
    if p.len() < r.len() {
        return false;
    }
    r.iter().zip(p.iter()).all(|(a, b)| a == b)
}

pub(crate) fn ensure_under_root(root: &Path, resolved: &Path) -> Result<(), ToolError> {
    if is_descendant(root, resolved) {
        Ok(())
    } else {
        Err(path_tool_error(
            PathResolutionCode::InvalidPath,
            "path escapes working root (sandbox)",
        ))
    }
}

/// 将用户路径接到 `base` 上再做词法规范化。
pub(crate) fn combine_and_normalize(base: &Path, user: &Path) -> PathBuf {
    let combined = if user.is_absolute() {
        user.to_path_buf()
    } else {
        base.join(user)
    };
    normalize_path(&combined)
}

/// `logical` 不存在时向上找到已存在祖先,再 `canonicalize(祖先) + 尾部相对段`。
pub(crate) fn resolve_with_existing_prefix(logical: &Path) -> Result<PathBuf, ToolError> {
    if logical.exists() {
        return logical
            .canonicalize()
            .map_err(|e| map_io_error(e, "canonicalize"));
    }

    let mut cur = logical.to_path_buf();
    let mut tail_parts: Vec<std::ffi::OsString> = Vec::new();

    while !cur.exists() {
        let Some(name) = cur.file_name() else {
            return Err(path_tool_error(
                PathResolutionCode::InvalidPath,
                "invalid path (no file name component)",
            ));
        };
        tail_parts.push(name.to_os_string());
        if !cur.pop() {
            break;
        }
    }

    let base = if cur.as_os_str().is_empty() {
        std::env::current_dir().map_err(|e| map_io_error(e, "cwd"))?
    } else {
        cur.canonicalize()
            .map_err(|e| map_io_error(e, "canonicalize"))?
    };

    let mut out = base;
    for name in tail_parts.into_iter().rev() {
        out.push(name);
    }
    Ok(out)
}

/// 在沙箱根 `root_canonical` 内解析已词法规范化的 `logical`。
pub(crate) fn resolve_sandboxed(
    root_canonical: &Path,
    logical: &Path,
) -> Result<PathBuf, ToolError> {
    if logical.exists() {
        let c = logical
            .canonicalize()
            .map_err(|e| map_io_error(e, "canonicalize"))?;
        ensure_under_root(root_canonical, &c)?;
        return Ok(c);
    }

    let mut cur = logical.to_path_buf();
    let mut tail_parts: Vec<std::ffi::OsString> = Vec::new();

    while !cur.exists() {
        let Some(name) = cur.file_name() else {
            return Err(path_tool_error(
                PathResolutionCode::InvalidPath,
                "invalid path (no file name component)",
            ));
        };
        tail_parts.push(name.to_os_string());
        if !cur.pop() {
            return Err(path_tool_error(
                PathResolutionCode::FileNotFound,
                "path has no existing parent under sandbox",
            ));
        }
    }

    let base = cur
        .canonicalize()
        .map_err(|e| map_io_error(e, "canonicalize"))?;
    ensure_under_root(root_canonical, &base)?;

    let mut out = base;
    for name in tail_parts.into_iter().rev() {
        out.push(name);
    }
    ensure_under_root(root_canonical, &out)?;
    Ok(out)
}

/// 与 `fs` 工具一致:相对路径相对 `root_canonical`;`allow_outside_root == true` 时不校验留在根下。
pub(crate) fn resolve_against_workspace_root(
    root_canonical: &Path,
    allow_outside_root: bool,
    user: &str,
) -> Result<PathBuf, ToolError> {
    let s = user.trim();
    if s.is_empty() {
        return Err(path_tool_error(
            PathResolutionCode::InvalidPath,
            "path is empty",
        ));
    }
    let user_path = Path::new(s);
    let logical = combine_and_normalize(root_canonical, user_path);

    if allow_outside_root {
        if logical.exists() {
            return logical
                .canonicalize()
                .map_err(|e| map_io_error(e, "canonicalize"));
        }
        return resolve_with_existing_prefix(&logical);
    }

    resolve_sandboxed(root_canonical, &logical)
}