Add new Policy tab

Signed-off-by: Gabriel Costa <gabrielcg@proton.me>

Author: gcgoncalves

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "^.secrets.baseline|package-lock.json|Cargo.lock|scripts/sign_image.sh|scripts/zap|sonar-project.properties|uv.lock|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2026-04-13T09:59:07Z",
+  "generated_at": "2026-04-13T13:45:24Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -5086,31 +5086,31 @@
         "hashed_secret": "fa9beb99e4029ad5a6615399e7bbae21356086b3",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 4240,
+        "line_number": 4264,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "559b05f1b2863e725b76e216ac3dadecbf92e244",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 4841,
+        "line_number": 4865,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "a8af4759392d4f7496d613174f33afe2074a4b8d",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 4843,
+        "line_number": 4867,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "85b60d811d16ff56b3654587d4487f713bfa33b7",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 15169,
+        "line_number": 15193,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -6288,7 +6288,7 @@
         "hashed_secret": "b4e44716dbbf57be3dae2f819d96795a85d06652",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 12498,
+        "line_number": 12510,
         "type": "Secret Keyword",
         "verified_result": null
       }

mcpgateway/admin.py

@@ -19630,10 +19630,7 @@ async def get_policy_partial(
     pdp = getattr(request.app.state, "pdp", None)
 
     if pdp is None:
-        return HTMLResponse(
-            "<div class='p-8 text-center text-gray-500'>Policy engine not initialised. "
-            "Set up the PDP singleton in main.py startup.</div>"
-        )
+        return HTMLResponse("<div class='p-8 text-center text-gray-500'>Policy engine not initialised. Set up the PDP singleton in main.py startup.</div>")
 
     # First-Party
     from plugins.unified_pdp.pdp_models import EngineType
@@ -19642,20 +19639,18 @@ async def get_policy_partial(
     cache_stats = pdp.cache_stats()
 
     # Get native rules for the table
-    native = pdp._engines.get(EngineType.NATIVE)  # pylint: disable=protected-access  # pylint: disable=protected-access
-    rules = native._rules if native else []  # pylint: disable=protected-access  # pylint: disable=protected-access
+    native = pdp.get_engine(EngineType.NATIVE)
+    rules = native.rules if native else []
 
     context = {
         "request": request,
         "health": health,
-        "engine_count": len(pdp._engines),
+        "engine_count": pdp.engine_count,
         "rule_count": len(rules),
         "rules": rules,
         "cache_stats": cache_stats,
     }
-    return request.app.state.templates.TemplateResponse(
-        request, "policy_partial.html", context
-    )
+    return request.app.state.templates.TemplateResponse(request, "policy_partial.html", context)
 
 
 @admin_router.get("/policy/rules")
@@ -19798,22 +19793,24 @@ async def test_policy_access(
 
     decision = await pdp.check_access(subject, body.action, resource, context)
 
-    return JSONResponse({
-        "decision": decision.decision.value,
-        "reason": decision.reason,
-        "matching_policies": decision.matching_policies,
-        "duration_ms": decision.duration_ms,
-        "cached": decision.cached,
-        "engine_decisions": [
-            {
-                "engine": ed.engine.value,
-                "decision": ed.decision.value,
-                "reason": ed.reason,
-                "matching_policies": ed.matching_policies,
-            }
-            for ed in decision.engine_decisions
-        ],
-    })
+    return JSONResponse(
+        {
+            "decision": decision.decision.value,
+            "reason": decision.reason,
+            "matching_policies": decision.matching_policies,
+            "duration_ms": decision.duration_ms,
+            "cached": decision.cached,
+            "engine_decisions": [
+                {
+                    "engine": ed.engine.value,
+                    "decision": ed.decision.value,
+                    "reason": ed.reason,
+                    "matching_policies": ed.matching_policies,
+                }
+                for ed in decision.engine_decisions
+            ],
+        }
+    )
 
 
 @admin_router.get("/policy/health")
@@ -19837,18 +19834,20 @@ async def policy_health(
         raise HTTPException(status_code=503, detail="Policy engine not initialised")
 
     health = await pdp.health()
-    return JSONResponse({
-        "healthy": health.healthy,
-        "engines": [
-            {
-                "engine": e.engine.value,
-                "status": e.status.value,
-                "latency_ms": e.latency_ms,
-                "detail": e.detail,
-            }
-            for e in health.engines
-        ],
-    })
+    return JSONResponse(
+        {
+            "healthy": health.healthy,
+            "engines": [
+                {
+                    "engine": e.engine.value,
+                    "status": e.status.value,
+                    "latency_ms": e.latency_ms,
+                    "detail": e.detail,
+                }
+                for e in health.engines
+            ],
+        }
+    )
 
 
 @admin_router.get("/policy/cache/stats")

mcpgateway/admin_ui/events.js

@@ -21,6 +21,13 @@ import {
 import { llmModelComboboxSelect } from "./llmModels.js";
 import { closeModal } from "./modals.js";
 import { initializeRealTimeMonitoring } from "./monitoring.js";
+import {
+  closeAddRuleModal,
+  deleteRule,
+  openAddRuleModal,
+  runPolicyTest,
+  submitAddRule,
+} from "./policy.js";
 import { ensureAddStoreListeners } from "./servers.js";
 import { initializeTagFiltering, updateAvailableTags } from "./tags.js";
 import {
@@ -661,6 +668,62 @@ import {
     }
   });
 
+  // ===================================================================
+  // Policy Page setup
+  // ===================================================================
+
+  // Policy Engine button delegation
+  document.addEventListener("click", function (e) {
+    const btn = e.target.closest("[onclick]");
+    if (!btn) return;
+    const fn = btn.getAttribute("onclick");
+    if (fn && fn.includes("openAddRuleModal")) {
+      e.preventDefault();
+      openAddRuleModal();
+    }
+    if (fn && fn.includes("closeAddRuleModal")) {
+      e.preventDefault();
+      closeAddRuleModal();
+    }
+    if (fn && fn.includes("submitAddRule")) {
+      e.preventDefault();
+      submitAddRule();
+    }
+    if (fn && fn.includes("runPolicyTest")) {
+      e.preventDefault();
+      runPolicyTest();
+    }
+    if (fn && fn.includes("deleteRule")) {
+      e.preventDefault();
+      const match = fn.match(/deleteRule\('(.+?)'\)/);
+      if (match) deleteRule(match[1]);
+    }
+  });
+
+  // Policy Engine event delegation
+  document.addEventListener("click", function (e) {
+    const el = e.target.closest("[data-action]");
+    if (!el) return;
+    const action = el.getAttribute("data-action");
+    if (action === "open-add-rule") openAddRuleModal();
+    if (action === "close-add-rule") closeAddRuleModal();
+    if (action === "submit-add-rule") submitAddRule();
+    if (action === "run-policy-test") runPolicyTest();
+    if (action === "delete-rule") deleteRule(el.getAttribute("data-rule-id"));
+  });
+
+  // Policy Engine event delegation
+  document.addEventListener("click", function (e) {
+    const el = e.target.closest("[data-action]");
+    if (!el) return;
+    const action = el.getAttribute("data-action");
+    if (action === "open-add-rule") openAddRuleModal();
+    if (action === "close-add-rule") closeAddRuleModal();
+    if (action === "submit-add-rule") submitAddRule();
+    if (action === "run-policy-test") runPolicyTest();
+    if (action === "delete-rule") deleteRule(el.getAttribute("data-rule-id"));
+  });
+
   // ===================================================================
   // GLOBAL ERROR HANDLERS
   // ===================================================================
@@ -841,7 +904,9 @@ import {
   // ===================================================================
   // Alpine Components
   // ===================================================================
-  document.addEventListener('alpine:init', () => {
-    Alpine.data('overflowMenu', (wrapperId = null) => overflowMenu(wrapperId));
+  document.addEventListener("alpine:init", () => {
+    window.Alpine.data("overflowMenu", (wrapperId = null) =>
+      overflowMenu(wrapperId)
+    );
   });
 })(window.Admin);