d-bis/FusionAGI
4
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

Initial commit: add .gitignore and README
Some checks failed
Tests / test (3.10) (push) Has been cancelled
Details
Tests / test (3.11) (push) Has been cancelled
Details
Tests / test (3.12) (push) Has been cancelled
Details
Tests / lint (push) Has been cancelled
Details
Tests / docker (push) Has been cancelled
Details

Browse Source
This commit is contained in:
defiQUG
2026-02-09 21:51:42 -08:00
commit c052b07662
3146 changed files with 808305 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
fusionagi/governance/access_control.py Normal file
View File

@@ -0,0 +1,30 @@
"""Tool access control: central policy for which agent may call which tools.
Optional; not wired to Executor or Orchestrator by default. Wire by passing
an AccessControl instance and checking allowed(agent_id, tool_name, task_id)
before tool invocation.
"""
class AccessControl:
"""Policy: (agent_id, tool_name, task_id) -> allowed."""
def __init__(self) -> None:
self._deny: set[tuple[str, str]] = set()
self._task_tools: dict[str, set[str]] = {}
def deny(self, agent_id: str, tool_name: str) -> None:
"""Deny agent from using tool (global)."""
self._deny.add((agent_id, tool_name))
def allow_tools_for_task(self, task_id: str, tool_names: list[str]) -> None:
"""Set allowed tools for a task (empty = all allowed)."""
self._task_tools[task_id] = set(tool_names)
def allowed(self, agent_id: str, tool_name: str, task_id: str | None = None) -> bool:
"""Return True if agent may call tool (optionally for this task)."""
if (agent_id, tool_name) in self._deny:
return False
if task_id and task_id in self._task_tools:
return tool_name in self._task_tools[task_id]
return True