Role-based permissions DAP - Execute permission check integration for custom agents

Summary

This issue integrates DAP (Duo Agent Platform) role-based Run permission checks into custom agents. It ensures that users can only execute custom agents if they have the appropriate role-based permissions configured at the instance or namespace level.

Background

As part of the DAP role-based permissions epic (#19743 (closed)), we need to enforce the Run permission across all DAP execution points. Custom agents are a key component of the DAP platform where users can execute custom functionality:

  • Built-in flows
  • Agents in Agentic Chat
  • Custom agents (this issue)
  • Custom flows

The Run permission controls who can execute agents and flows in the context of projects, with default access set to developer+ roles.

Requirements

Permission Check Integration

  • Identify all entry points where custom agents are executed
  • Integrate DapPermissionService.can_user_perform_action? checks
  • Ensure permission checks occur before agent execution
  • Handle permission denial gracefully with appropriate error messages
  • Consider service account permission intersections
  • Support both direct invocation and agent-to-agent calls

Service Account Considerations

Each agent has a service account assigned (see epic #19478 (closed)). The effective permissions are the intersection of:

  • User's role-based permissions
  • Service account's permissions

Developer+ users communicate with agents via a specific service account handle. The service account can only be added by an owner+ to a top-level namespace.

Agent Lifecycle Permissions

Custom agents have multiple interaction points that need permission checks:

  • Execution: Running the agent (requires Run permission)
  • Invocation: Calling the agent from other contexts
  • Configuration: Viewing agent settings (may require separate permission)
  • Monitoring: Viewing agent execution history and logs

Technical Implementation

Locations to Update

Based on the codebase analysis from issue #578370 (closed), identify and update all locations where custom agents are executed. This may include:

  • Agent execution controllers
  • GraphQL mutations for custom agent execution
  • API endpoints for agent invocation
  • Agent-to-agent communication handlers
  • Background jobs that execute agents
  • Integration points with flows and chat

Permission Check Pattern 

# Before executing custom agent
unless DapPermissionService.can_user_perform_action?(current_user, namespace, :run)
  return error_response('Insufficient permissions to run custom agents')
end

# Verify service account permissions
unless agent.service_account.can_execute_in_context?(project)
  return error_response('Service account lacks necessary permissions')
end

# Execute agent with permission intersection
execute_custom_agent_with_permissions(agent, current_user, service_account)

Acceptance Criteria

  • All custom agent execution points have permission checks
  • Users without Run permission receive clear error messages
  • Service account permission intersections are properly enforced
  • Permission checks are performant (use caching from DapPermissionService)
  • Both direct and indirect agent invocations are protected
  • Integration tests verify permission enforcement
  • Tests cover both allowed and denied scenarios
  • Audit logging captures permission check results

Testing Scenarios

  • User with developer+ role can execute custom agents
  • User with reporter role cannot execute custom agents (default config)
  • Custom permission configuration is respected
  • Service account permissions properly limit agent capabilities
  • Instance-level and namespace-level permissions work correctly
  • Agent execution via different contexts (direct, flow, chat) respects permissions
  • Permission checks work for agents in different project contexts
  • Agent-to-agent calls respect permission boundaries

Performance Considerations

Custom agents may be executed frequently and in various contexts:

  • Leverage caching from DapPermissionService
  • Optimize permission checks for high-frequency execution
  • Consider batch permission checks for multiple agents
  • Monitor performance impact on agent execution time
  • Handle agent-to-agent permission checks efficiently

Related Issues

  • Parent Epic: #19743 (closed) - [Backend] Role-based permissions controls for DAP
  • Depends on: #578556 (closed) - Role-based permissions DAP - Run permission
  • Related: #578553 - Run permission for built-in flows
  • Related: #578554 - Run permission for agents in Agentic chat
  • Related: #578555 - Run permission for custom flows
  • Related: #19478 (closed) - Service account implementation

Notes

Custom agents are a core DAP feature with multiple execution contexts and interaction patterns. This implementation must be robust and handle all execution scenarios while maintaining good performance.

Edited by 🤖 GitLab Bot 🤖