Class: OllamaAgent::Runtime::Policies

Inherits:

Object

• Object
• OllamaAgent::Runtime::Policies

Defined in:

lib/ollama_agent/runtime/policies.rb

Overview

Policy engine for the agent runtime.

A Policy is a named rule that can:

- Block a tool call (returns a rejection reason string)
- Allow it (returns nil / :allow)
- Modify args before execution

Policies are evaluated in registration order. First blocking policy wins.

Examples:

policies = OllamaAgent::Runtime::Policies.new
policies.add(:no_outside_writes) do |tool, args, ctx|
  if tool == "write_file" && !args["path"]&.start_with?(ctx[:root])
    "write_file: cannot write outside project root"
  end
end

Defined Under Namespace

Classes: Policy

Instance Method Summary

• #add(name, &handler) ⇒ Object

  Register a policy.

• #blocked?(tool_name, args, context = {}) ⇒ Boolean

  Check read_only at the policy level.

• #evaluate(tool_name, args, context = {}) ⇒ nil, String

  Evaluate all policies for a tool call.

• #initialize ⇒ Policies constructor

  A new instance of Policies.

• #policy_names ⇒ Object
• #remove(name) ⇒ Object

  Remove a named policy.

Constructor Details

#initialize ⇒ Policies

Returns a new instance of Policies.

# File 'lib/ollama_agent/runtime/policies.rb', line 25

def initialize
  @policies = []
  install_default_policies
end

Instance Method Details

#add(name, &handler) ⇒ Object

Register a policy.

Parameters:

• name (Symbol, String)
• handler (Proc) —

  receives (tool_name, args, context) → nil | String (rejection reason)

Raises:

• (ArgumentError)

# File 'lib/ollama_agent/runtime/policies.rb', line 33

def add(name, &handler)
  raise ArgumentError, "Policy handler block required" unless block_given?

  @policies << Policy.new(name: name.to_sym, handler: handler)
end

#blocked?(tool_name, args, context = {}) ⇒ Boolean

Check read_only at the policy level

Returns:

• (Boolean)

# File 'lib/ollama_agent/runtime/policies.rb', line 55

def blocked?(tool_name, args, context = {})
  !evaluate(tool_name, args, context).nil?
end

#evaluate(tool_name, args, context = {}) ⇒ nil, String

Evaluate all policies for a tool call.

Returns:

• (nil, String) —

  nil = allowed; String = rejection reason

# File 'lib/ollama_agent/runtime/policies.rb', line 46

def evaluate(tool_name, args, context = {})
  @policies.each do |policy|
    result = policy.handler.call(tool_name.to_s, args, context)
    return result.to_s if result && result != :allow
  end
  nil
end

#policy_names ⇒ Object

# File 'lib/ollama_agent/runtime/policies.rb', line 59

def policy_names
  @policies.map(&:name)
end

#remove(name) ⇒ Object

Remove a named policy.

# File 'lib/ollama_agent/runtime/policies.rb', line 40

def remove(name)
  @policies.reject! { |p| p.name == name.to_sym }
end