fleetforge_policy/

budget.rs

use anyhow::{anyhow, Result};
use async_trait::async_trait;
use serde_json::Value;

use crate::{Decision, DecisionEffect, PolicyEngine, PolicyRequest};

#[derive(Clone, Default)]
pub struct BudgetCapsPolicy {
    max_tokens: Option<i64>,
    max_cost: Option<f64>,
    warn_ratio: Option<f64>,
}

impl BudgetCapsPolicy {
    pub fn from_config(config: &Value) -> Result<Self> {
        let max_tokens = config
            .get("max_tokens")
            .and_then(Value::as_i64)
            .map(|value| value.max(0));

        let max_cost = config
            .get("max_cost")
            .and_then(Value::as_f64)
            .map(|value| value.max(0.0));

        let warn_ratio = config
            .get("warn_ratio")
            .and_then(Value::as_f64)
            .map(|value| {
                if value.is_finite() {
                    value.clamp(0.0, 1.0)
                } else {
                    0.0
                }
            });

        if max_tokens.is_none() && max_cost.is_none() {
            return Err(anyhow!(
                "budget_caps pack requires at least one of 'max_tokens' or 'max_cost'"
            ));
        }

        Ok(Self {
            max_tokens,
            max_cost,
            warn_ratio,
        })
    }
}

fn read_reserved_tokens(budget: &Value) -> Option<i64> {
    budget
        .get("reserved")
        .and_then(|reserved| reserved.get("tokens"))
        .and_then(Value::as_i64)
}

fn read_reserved_cost(budget: &Value) -> Option<f64> {
    budget
        .get("reserved")
        .and_then(|reserved| reserved.get("cost"))
        .and_then(Value::as_f64)
}

fn read_actual_tokens(payload: &Value, budget: &Value) -> Option<i64> {
    payload
        .get("usage")
        .and_then(|usage| usage.get("tokens"))
        .and_then(Value::as_i64)
        .or_else(|| {
            budget
                .get("actual")
                .and_then(|actual| actual.get("tokens"))
                .and_then(Value::as_i64)
        })
}

fn read_actual_cost(payload: &Value, budget: &Value) -> Option<f64> {
    payload
        .get("usage")
        .and_then(|usage| usage.get("cost"))
        .and_then(Value::as_f64)
        .or_else(|| {
            budget
                .get("actual")
                .and_then(|actual| actual.get("cost"))
                .and_then(Value::as_f64)
        })
}

fn warn_reason(prefix: &str, value: f64) -> String {
    format!("{prefix}:{:.2}", value)
}

#[async_trait]
impl PolicyEngine for BudgetCapsPolicy {
    async fn evaluate(&self, request: &PolicyRequest) -> Result<Decision> {
        let payload = request
            .context()
            .get("payload")
            .cloned()
            .unwrap_or(Value::Null);
        let boundary = request
            .context()
            .get("boundary")
            .and_then(Value::as_str)
            .unwrap_or_default()
            .to_ascii_lowercase();

        let budget = payload.get("budget").cloned().unwrap_or(Value::Null);

        let is_pre_phase = matches!(
            boundary.as_str(),
            "ingress_prompt" | "ingress_tool" | "scheduler"
        );
        let is_post_phase = matches!(boundary.as_str(), "egress_prompt" | "egress_tool");

        if !is_pre_phase && !is_post_phase {
            return Ok(Decision::allow());
        }

        if is_pre_phase {
            if let (Some(limit), Some(reserved)) = (self.max_tokens, read_reserved_tokens(&budget))
            {
                if reserved > limit {
                    return Ok(Decision {
                        effect: DecisionEffect::Deny,
                        reason: Some("budget_tokens_reserved_exceeded".into()),
                        patches: Vec::new(),
                    });
                }
            }
            if let (Some(limit), Some(reserved)) = (self.max_cost, read_reserved_cost(&budget)) {
                if reserved > limit + f64::EPSILON {
                    return Ok(Decision {
                        effect: DecisionEffect::Deny,
                        reason: Some("budget_cost_reserved_exceeded".into()),
                        patches: Vec::new(),
                    });
                }
            }
            return Ok(Decision::allow());
        }

        // Post phase – evaluate actual usage and warnings.
        let mut warnings: Vec<String> = Vec::new();

        if let (Some(limit), Some(actual)) =
            (self.max_tokens, read_actual_tokens(&payload, &budget))
        {
            if actual > limit {
                return Ok(Decision {
                    effect: DecisionEffect::Deny,
                    reason: Some("budget_tokens_actual_exceeded".into()),
                    patches: Vec::new(),
                });
            }
            if let Some(ratio) = self.warn_ratio {
                if limit > 0 && (actual as f64) / (limit as f64) >= ratio {
                    warnings.push(warn_reason(
                        "budget_tokens_watermark",
                        (actual as f64) / (limit as f64),
                    ));
                }
            }
        }

        if let (Some(limit), Some(actual)) = (self.max_cost, read_actual_cost(&payload, &budget)) {
            if actual > limit + f64::EPSILON {
                return Ok(Decision {
                    effect: DecisionEffect::Deny,
                    reason: Some("budget_cost_actual_exceeded".into()),
                    patches: Vec::new(),
                });
            }
            if let Some(ratio) = self.warn_ratio {
                if limit > 0.0 && actual / limit >= ratio {
                    warnings.push(warn_reason("budget_cost_watermark", actual / limit));
                }
            }
        }

        if warnings.is_empty() {
            Ok(Decision::allow())
        } else {
            Ok(Decision {
                effect: DecisionEffect::Allow,
                reason: Some(warnings.join(";")),
                patches: Vec::new(),
            })
        }
    }
}