bob-adapters 0.2.2

Adapter implementations for Bob Agent Framework ports
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92

//! Static approval adapter for tool-call guardrails.

use bob_core::{
    ToolError, normalize_tool_list,
    ports::ApprovalPort,
    tools_match,
    types::{ApprovalContext, ApprovalDecision, ToolCall},
};

/// Approval behavior mode.
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum StaticApprovalMode {
    AllowAll,
    DenyAll,
}

/// Runtime static approval policy.
#[derive(Debug, Clone)]
pub struct StaticApprovalPort {
    mode: StaticApprovalMode,
    deny_tools: Vec<String>,
}

impl StaticApprovalPort {
    #[must_use]
    pub fn new(mode: StaticApprovalMode, deny_tools: Vec<String>) -> Self {
        Self { mode, deny_tools: normalize_tool_list(deny_tools.iter().map(String::as_str)) }
    }
}

#[async_trait::async_trait]
impl ApprovalPort for StaticApprovalPort {
    async fn approve_tool_call(
        &self,
        call: &ToolCall,
        _context: &ApprovalContext,
    ) -> Result<ApprovalDecision, ToolError> {
        if self.mode == StaticApprovalMode::DenyAll {
            return Ok(ApprovalDecision::Denied {
                reason: "tool calls are disabled by approval policy".to_string(),
            });
        }
        if self.deny_tools.iter().any(|tool| tools_match(tool, &call.name)) {
            return Ok(ApprovalDecision::Denied {
                reason: format!("tool '{}' denied by approval policy", call.name),
            });
        }
        Ok(ApprovalDecision::Approved)
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    fn make_tool_call(name: &str) -> ToolCall {
        ToolCall::new(name.to_string(), serde_json::json!({}))
    }

    fn test_context() -> ApprovalContext {
        ApprovalContext { session_id: "s1".to_string(), turn_step: 1, selected_skills: Vec::new() }
    }

    #[tokio::test]
    async fn deny_all_rejects_everything() {
        let approval = StaticApprovalPort::new(StaticApprovalMode::DenyAll, vec![]);
        let decision =
            approval.approve_tool_call(&make_tool_call("local/read_file"), &test_context()).await;
        assert!(decision.is_ok());
        assert!(matches!(decision.ok(), Some(ApprovalDecision::Denied { .. })));
    }

    #[tokio::test]
    async fn deny_tools_rejects_listed_tools() {
        let approval =
            StaticApprovalPort::new(StaticApprovalMode::AllowAll, vec!["local/shell_exec".into()]);
        let decision =
            approval.approve_tool_call(&make_tool_call("local/shell_exec"), &test_context()).await;
        assert!(decision.is_ok());
        assert!(matches!(decision.ok(), Some(ApprovalDecision::Denied { .. })));
    }

    #[tokio::test]
    async fn allow_mode_allows_unlisted_tools() {
        let approval =
            StaticApprovalPort::new(StaticApprovalMode::AllowAll, vec!["local/shell_exec".into()]);
        let decision =
            approval.approve_tool_call(&make_tool_call("local/read_file"), &test_context()).await;
        assert!(decision.is_ok());
        assert!(matches!(decision.ok(), Some(ApprovalDecision::Approved)));
    }
}