Skip to content

feat(ui): add admin UI for RBAC/ABAC policy engine#3810

Open
WilliamChen000 wants to merge 2 commits intoIBM:mainfrom
WilliamChen000:feature/issue-2019-policy-engine-phase3
Open

feat(ui): add admin UI for RBAC/ABAC policy engine#3810
WilliamChen000 wants to merge 2 commits intoIBM:mainfrom
WilliamChen000:feature/issue-2019-policy-engine-phase3

Conversation

@WilliamChen000
Copy link
Copy Markdown

@WilliamChen000 WilliamChen000 commented Mar 23, 2026

🔗 Related Issue

Closes #2019(Phase3)

📝 Summary

Implements Phase 3 of #2019 - Admin UI for the centralized RBAC/ABAC Policy Engine.

🧪 Verification

Check Command Status
Lint suite make lint passed
Unit tests make test passed

📓 Notes (optional)

What was accomplished

  • mcpgateway/templates/policy_partial.html - New admin UI template with:
    • Engine health status cards (Native/OPA/Cedar/MAC)
    • Native RBAC rules table with add/delete support
    • Policy tester/simulator (subject + action + resource → allow/deny result)
    • Cache statistics display
  • mcpgateway/main.py - Wire PolicyDecisionPoint singleton into app.state at startup
  • mcpgateway/admin.py - 7 new API routes under /admin/policy/*:
    • GET /admin/policy/partial
    • GET /admin/policy/rules
    • POST /admin/policy/rules
    • DELETE /admin/policy/rules/{rule_id}
    • POST /admin/policy/test
    • GET /admin/policy/health
    • GET /admin/policy/cache/stats
  • mcpgateway/templates/admin.html - Policy Engine tab and panel in sidebar
  • mcpgateway/static/admin.js - Tab loader and event delegation for policy UI
  • Verified engine health cards show Native engine as Healthy
  • Verified rules can be added and deleted via the UI
  • Verified policy tester returns correct ALLOW/DENY decisions
  • Verified cache stats display correctly

@WilliamChen000
feat(policy): add Phase 3 admin UI for RBAC/ABAC policy engine (IBM#2019
a47ba61 
)

Signed-off-by: WilliamChen000 <chenwi@tcd.ie>
@WilliamChen000
fix(policy): fix lint issues in policy engine admin UI
ab03afc 
Signed-off-by: WilliamChen000 <chenwi@tcd.ie>
@crivetimihai crivetimihai changed the title FEATURE(POLICY): add Phase 3 admin UI for RBAC/ABAC policy engine (#2019) feat(ui): add admin UI for RBAC/ABAC policy engine Mar 29, 2026
@crivetimihai crivetimihai added enhancement New feature or request COULD P3: Nice-to-have features with minimal impact if left out; included if time permits ui User Interface rbac Role-based Access Control labels Mar 29, 2026
@crivetimihai crivetimihai added this to the Release 1.1.0 milestone Mar 29, 2026
@crivetimihai
Copy link
Copy Markdown
Member

crivetimihai commented Mar 29, 2026

Thanks @WilliamChen000. Will review the UI implementation and integration with the policy engine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crivetimihai crivetimihai Awaiting requested review from crivetimihai crivetimihai is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

COULD P3: Nice-to-have features with minimal impact if left out; included if time permits enhancement New feature or request rbac Role-based Access Control ui User Interface

Projects

None yet

Milestone

Release 1.1.0

Development

Successfully merging this pull request may close these issues.

[FEATURE]: Centralized configurable RBAC/ABAC policy engine

2 participants

@WilliamChen000 @crivetimihai