Return a ``ToolContext`` with resolved allow/deny sets. Global and agent policy establish the base allowlist and hard denies. Agent profile overrides global profile. Channel/default/sender layers can further restrict or add tools, but global/agent denies still win.
(
ctx: ToolContext,
*,
available_tools: list[str],
global_policy: ToolPolicy | None = None,
agent_policy: ToolPolicy | None = None,
default_channel_policy: ToolPolicy | None = None,
channel_policy: ToolPolicy | None = None,
)
| 21 | |
| 22 | |
| 23 | def apply_tool_policy( |
| 24 | ctx: ToolContext, |
| 25 | *, |
| 26 | available_tools: list[str], |
| 27 | global_policy: ToolPolicy | None = None, |
| 28 | agent_policy: ToolPolicy | None = None, |
| 29 | default_channel_policy: ToolPolicy | None = None, |
| 30 | channel_policy: ToolPolicy | None = None, |
| 31 | ) -> ToolContext: |
| 32 | """Return a ``ToolContext`` with resolved allow/deny sets. |
| 33 | |
| 34 | Global and agent policy establish the base allowlist and hard denies. |
| 35 | Agent profile overrides global profile. Channel/default/sender layers can |
| 36 | further restrict or add tools, but global/agent denies still win. |
| 37 | """ |
| 38 | |
| 39 | available = frozenset(available_tools) |
| 40 | allowed_tools = set(ctx.allowed_tools) if ctx.allowed_tools is not None else None |
| 41 | denied_tools = set(ctx.denied_tools) |
| 42 | |
| 43 | allowed_tools, denied_tools = policy_config.apply_base_policy( |
| 44 | allowed_tools, |
| 45 | denied_tools, |
| 46 | global_policy, |
| 47 | available, |
| 48 | ) |
| 49 | allowed_tools, denied_tools = policy_config.apply_base_policy( |
| 50 | allowed_tools, |
| 51 | denied_tools, |
| 52 | agent_policy, |
| 53 | available, |
| 54 | profile_overrides=True, |
| 55 | ) |
| 56 | hard_denied = set(denied_tools) |
| 57 | |
| 58 | channel_denied: set[str] = set() |
| 59 | allowed_tools, channel_denied = policy_config.apply_channel_layer( |
| 60 | allowed_tools, |
| 61 | channel_denied, |
| 62 | default_channel_policy, |
| 63 | available, |
| 64 | ) |
| 65 | allowed_tools, channel_denied = policy_config.apply_sender_layer( |
| 66 | allowed_tools, |
| 67 | channel_denied, |
| 68 | policy_config.sender_policy(default_channel_policy, ctx.sender_id), |
| 69 | available, |
| 70 | ) |
| 71 | allowed_tools, channel_denied = policy_config.apply_channel_layer( |
| 72 | allowed_tools, |
| 73 | channel_denied, |
| 74 | channel_policy, |
| 75 | available, |
| 76 | ) |
| 77 | allowed_tools, channel_denied = policy_config.apply_sender_layer( |
| 78 | allowed_tools, |
| 79 | channel_denied, |
| 80 | policy_config.sender_policy(channel_policy, ctx.sender_id), |
no test coverage detected