Add main-agent tool allowlist plus permission and prune helpers.

2026-05-06 22:32:39 +02:00 · 2026-05-01 23:17:46 +02:00 · 2026-05-01 23:17:46 +02:00 · 083a9f7946
commit 083a9f7946
parent d9c873b2e1
9 changed files with 153 additions and 0 deletions
--- a/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/init.py
+++ b/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/init.py
@ -0,0 +1,5 @@
 """SurfSense main-agent package (factory export added when runtime lands)."""
 from __future__ import annotations
 __all__: list[str] = []
--- a/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/context_prune/init.py
+++ b/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/context_prune/init.py
@ -0,0 +1,7 @@
 """Tool-name pruning for context editing (exclude lists without dropping protected tools)."""
 from __future__ import annotations
 from .prune_tool_names import PRUNE_PROTECTED_TOOL_NAMES, safe_exclude_tools
 __all__ = ["PRUNE_PROTECTED_TOOL_NAMES", "safe_exclude_tools"]
--- a/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/context_prune/prune_tool_names.py
+++ b/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/context_prune/prune_tool_names.py
@ -0,0 +1,26 @@
 """Tool names excluded from context-editing prune when bound."""
 from __future__ import annotations
 from collections.abc import Sequence
 from langchain_core.tools import BaseTool
 PRUNE_PROTECTED_TOOL_NAMES: frozenset[str] = frozenset(
    {
        "generate_report",
        "generate_resume",
        "generate_podcast",
        "generate_video_presentation",
        "generate_image",
        "read_email",
        "search_emails",
        "invalid",
    },
 )
 def safe_exclude_tools(tools: Sequence[BaseTool]) -> tuple[str, ...]:
    """Names from ``PRUNE_PROTECTED_TOOL_NAMES`` that appear in ``tools``."""
    enabled = {t.name for t in tools}
    return tuple(n for n in PRUNE_PROTECTED_TOOL_NAMES if n in enabled)
--- a/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/permissions/init.py
+++ b/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/permissions/init.py
@ -0,0 +1,13 @@
 """Connector-gated tool deny rules and small permission helpers for the main-agent graph."""
 from __future__ import annotations
 from .connector_deny_rules import synthesize_connector_deny_rules
 from .connector_gated_tool_names import iter_connector_gated_tools
 from .rule import Rule
 __all__ = [
    "Rule",
    "iter_connector_gated_tools",
    "synthesize_connector_deny_rules",
 ]
--- a/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/permissions/connector_deny_rules.py
+++ b/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/permissions/connector_deny_rules.py
@ -0,0 +1,21 @@
 """Synthesized PermissionMiddleware deny rules for tools gated by connector."""
 from __future__ import annotations
 from .connector_gated_tool_names import iter_connector_gated_tools
 from .rule import Rule
 def synthesize_connector_deny_rules(
    *,
    available_connectors: list[str] | None,
    enabled_tool_names: set[str],
 ) -> list[Rule]:
    available = set(available_connectors or [])
    deny: list[Rule] = []
    for name, required in iter_connector_gated_tools():
        if name not in enabled_tool_names:
            continue
        if required not in available:
            deny.append(Rule(permission=name, pattern="*", action="deny"))
    return deny
--- a/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/permissions/connector_gated_tool_names.py
+++ b/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/permissions/connector_gated_tool_names.py
@ -0,0 +1,42 @@
 """Tool name → required searchable connector type (keep in sync with new_chat ``BUILTIN_TOOLS``)."""
 from __future__ import annotations
 # Synced from ``app.agents.new_chat.tools.registry`` ToolDefinition.required_connector entries.
 _CONNECTOR_GATED: tuple[tuple[str, str], ...] = (
    ("create_notion_page", "NOTION_CONNECTOR"),
    ("update_notion_page", "NOTION_CONNECTOR"),
    ("delete_notion_page", "NOTION_CONNECTOR"),
    ("create_google_drive_file", "GOOGLE_DRIVE_FILE"),
    ("delete_google_drive_file", "GOOGLE_DRIVE_FILE"),
    ("create_dropbox_file", "DROPBOX_FILE"),
    ("delete_dropbox_file", "DROPBOX_FILE"),
    ("create_onedrive_file", "ONEDRIVE_FILE"),
    ("delete_onedrive_file", "ONEDRIVE_FILE"),
    ("search_calendar_events", "GOOGLE_CALENDAR_CONNECTOR"),
    ("create_calendar_event", "GOOGLE_CALENDAR_CONNECTOR"),
    ("update_calendar_event", "GOOGLE_CALENDAR_CONNECTOR"),
    ("delete_calendar_event", "GOOGLE_CALENDAR_CONNECTOR"),
    ("search_gmail", "GOOGLE_GMAIL_CONNECTOR"),
    ("read_gmail_email", "GOOGLE_GMAIL_CONNECTOR"),
    ("create_gmail_draft", "GOOGLE_GMAIL_CONNECTOR"),
    ("send_gmail_email", "GOOGLE_GMAIL_CONNECTOR"),
    ("trash_gmail_email", "GOOGLE_GMAIL_CONNECTOR"),
    ("update_gmail_draft", "GOOGLE_GMAIL_CONNECTOR"),
    ("create_confluence_page", "CONFLUENCE_CONNECTOR"),
    ("update_confluence_page", "CONFLUENCE_CONNECTOR"),
    ("delete_confluence_page", "CONFLUENCE_CONNECTOR"),
    ("list_discord_channels", "DISCORD_CONNECTOR"),
    ("read_discord_messages", "DISCORD_CONNECTOR"),
    ("send_discord_message", "DISCORD_CONNECTOR"),
    ("list_teams_channels", "TEAMS_CONNECTOR"),
    ("read_teams_messages", "TEAMS_CONNECTOR"),
    ("send_teams_message", "TEAMS_CONNECTOR"),
    ("list_luma_events", "LUMA_CONNECTOR"),
    ("read_luma_event", "LUMA_CONNECTOR"),
    ("create_luma_event", "LUMA_CONNECTOR"),
 )
 def iter_connector_gated_tools() -> tuple[tuple[str, str], ...]:
    return _CONNECTOR_GATED
--- a/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/permissions/rule.py
+++ b/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/permissions/rule.py
@ -0,0 +1,15 @@
 """Minimal permission rule type (mirrors OpenCode semantics used by PermissionMiddleware)."""
 from __future__ import annotations
 from dataclasses import dataclass
 from typing import Literal
 RuleAction = Literal["allow", "deny", "ask"]
@dataclass(frozen=True)
 class Rule:
    permission: str
    pattern: str
    action: RuleAction
--- a/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/tools/init.py
+++ b/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/tools/init.py
@ -0,0 +1,7 @@
 """Main-agent SurfSense tool allowlist."""
 from __future__ import annotations
 from .index import MAIN_AGENT_SURFSENSE_TOOL_NAMES, MAIN_AGENT_SURFSENSE_TOOL_NAMES_ORDERED
 __all__ = ["MAIN_AGENT_SURFSENSE_TOOL_NAMES", "MAIN_AGENT_SURFSENSE_TOOL_NAMES_ORDERED"]
--- a/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/tools/index.py
+++ b/surfsense_backend/app/agents/multi_agent_with_deepagents/main_agent/tools/index.py
@ -0,0 +1,17 @@
 """Main-agent SurfSense builtin tool names (not full ``new_chat``).
 Connector integrations, MCP, deliverables, etc. are delegated via ``task`` subagents.
 """
 from __future__ import annotations
 MAIN_AGENT_SURFSENSE_TOOL_NAMES_ORDERED: tuple[str, ...] = (
    "search_surfsense_docs",
    "web_search",
    "scrape_webpage",
    "update_memory",
 )
 MAIN_AGENT_SURFSENSE_TOOL_NAMES: frozenset[str] = frozenset(
    MAIN_AGENT_SURFSENSE_TOOL_NAMES_ORDERED,
 )