feat(core) RequestRule (#9489)

## Summary Instead of trying to derive the prefix_rule for a command mechanically, let's let the model decide for us. ## Testing - [x] tested locally
2026-04-24 22:54:54 +00:00 · 2026-01-28 01:43:17 -07:00
parent 9f79365691
commit 996e09ca24
20 changed files with 696 additions and 302 deletions
--- a/codex-rs/execpolicy/src/policy.rs
+++ b/codex-rs/execpolicy/src/policy.rs
@@ -31,6 +31,30 @@ impl Policy {
        &self.rules_by_program
    }

+    pub fn get_allowed_prefixes(&self) -> Vec<Vec<String>> {
+        let mut prefixes = Vec::new();
+
+        for (_program, rules) in self.rules_by_program.iter_all() {
+            for rule in rules {
+                let Some(prefix_rule) = rule.as_any().downcast_ref::<PrefixRule>() else {
+                    continue;
+                };
+                if prefix_rule.decision != Decision::Allow {
+                    continue;
+                }
+
+                let mut prefix = Vec::with_capacity(prefix_rule.pattern.rest.len() + 1);
+                prefix.push(prefix_rule.pattern.first.as_ref().to_string());
+                prefix.extend(prefix_rule.pattern.rest.iter().map(render_pattern_token));
+                prefixes.push(prefix);
+            }
+        }
+
+        prefixes.sort();
+        prefixes.dedup();
+        prefixes
+    }
+
    pub fn add_prefix_rule(&mut self, prefix: &[String], decision: Decision) -> Result<()> {
        let (first_token, rest) = prefix
            .split_first()
@@ -116,6 +140,13 @@ impl Policy {
    }
 }

+fn render_pattern_token(token: &PatternToken) -> String {
+    match token {
+        PatternToken::Single(value) => value.clone(),
+        PatternToken::Alts(alternatives) => format!("[{}]", alternatives.join("|")),
+    }
+}
+
 #[derive(Clone, Debug, Eq, PartialEq, Serialize, Deserialize)]
 #[serde(rename_all = "camelCase")]
 pub struct Evaluation {
--- a/codex-rs/execpolicy/src/rule.rs
+++ b/codex-rs/execpolicy/src/rule.rs
@@ -96,6 +96,8 @@ pub trait Rule: Any + Debug + Send + Sync {
    fn program(&self) -> &str;

    fn matches(&self, cmd: &[String]) -> Option<RuleMatch>;
+
+    fn as_any(&self) -> &dyn Any;
 }

 pub type RuleRef = Arc<dyn Rule>;
@@ -114,6 +116,10 @@ impl Rule for PrefixRule {
                justification: self.justification.clone(),
            })
    }
+
+    fn as_any(&self) -> &dyn Any {
+        self
+    }
 }

 /// Count how many rules match each provided example and error if any example is unmatched.