from __future__ import annotations from dataclasses import dataclass from typing import Set @dataclass class SecurityConfig: readonly_mode: bool sandbox_mode: bool allow_external_tools: bool allow_network: bool max_document_size: int max_open_documents: int def get_summary(self) -> str: parts = [] if self.readonly_mode: parts.append("readonly") if self.sandbox_mode: parts.append("sandbox") if self.allow_external_tools: parts.append("external-tools") if self.allow_network: parts.append("network") return ", ".join(parts) or "default" # Tools allowed in readonly mode READONLY_COMMANDS: Set[str] = { "list_documents", "open_document", "extract_text", "get_metadata", "get_document_structure", "get_outline", "get_ranges", "get_tables", "list_images", "list_hyperlinks", "get_fields_summary", "get_document_properties", "get_word_count", "search_text", "analyze_formatting", "get_security_info", "get_storage_info", "list_templates", } # Tools that modify documents WRITE_COMMANDS: Set[str] = { "create_document", "add_paragraph", "add_heading", "add_table", "add_section_break", "add_list", "add_list_item", "add_page_break", "insert_toc", "insert_bookmark_after_heading", "set_header", "set_footer", "set_page_numbering", "embed_page_number_fields", "add_image", "add_hyperlink", "find_and_replace", "find_and_replace_advanced", "apply_paragraph_format", "save_document", "close_document", "convert_to_pdf", "export_pdf_with_field_refresh", "convert_to_images", "convert_to_images_with_preference", "merge_documents", "split_document", "replace_range_text", "set_table_cell_text", "set_document_properties", "insert_after_heading", "sanitize_external_links", "redact_text", "strip_personal_info", "export_to_markdown", "export_to_html", "open_template", "generate_from_template", } def is_command_allowed(name: str, config: SecurityConfig) -> bool: if config.readonly_mode: return name in READONLY_COMMANDS return True