From b4084d63ceaff662b6c2f483fa6be5217bc965e9 Mon Sep 17 00:00:00 2001
From: "Yifeng[Terry] Yu" <125581657+xiaojiou176@users.noreply.github.com>
Date: Sun, 12 Apr 2026 16:39:28 -0700
Subject: [PATCH] feat: add runtime policy to desktop desk

---
 apps/desktop/src/pages/PoliciesPage.tsx               | 11 +++++++++--
 .../src/pages/overview_policies_branch.test.tsx       |  3 +++
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/apps/desktop/src/pages/PoliciesPage.tsx b/apps/desktop/src/pages/PoliciesPage.tsx
index 0644746..808b353 100644
--- a/apps/desktop/src/pages/PoliciesPage.tsx
+++ b/apps/desktop/src/pages/PoliciesPage.tsx
@@ -4,8 +4,15 @@ import { fetchPolicies } from "../lib/api";
 import { Button } from "../components/ui/Button";
 import { Card, CardBody, CardHeader, CardTitle } from "../components/ui/Card";
 
-const POLICY_SECTIONS = ["agent_registry", "command_allowlist", "forbidden_actions", "tool_registry"] as const;
+const POLICY_SECTIONS = [
+  "control_plane_runtime_policy",
+  "agent_registry",
+  "command_allowlist",
+  "forbidden_actions",
+  "tool_registry",
+] as const;
 const SECTION_LABELS: Record<string, string> = {
+  control_plane_runtime_policy: "Control-plane runtime policy",
   agent_registry: "Agent registry",
   command_allowlist: "Command allowlist",
   forbidden_actions: "Forbidden actions",
@@ -24,7 +31,7 @@ export function PoliciesPage() {
 
   return (
     <div className="content">
-      <div className="section-header"><div><h1 className="page-title">Policies</h1><p className="page-subtitle">Security policy settings: agent registry, command allowlist, tool permissions, and forbidden actions</p></div><Button onClick={load} disabled={loading}>{loading ? "Refreshing..." : "Refresh"}</Button></div>
+      <div className="section-header"><div><h1 className="page-title">Policies</h1><p className="page-subtitle">Audit control-plane runtime rules, agent registry, command allowlist, tool permissions, and forbidden actions from one policy desk.</p></div><Button onClick={load} disabled={loading}>{loading ? "Refreshing..." : "Refresh"}</Button></div>
       {error && <div className="alert alert-danger" role="alert" aria-live="assertive">{error}</div>}
       {loading ? <div className="skeleton-stack-lg"><div className="skeleton skeleton-row" /><div className="skeleton skeleton-row" /></div> : (
         <div className="grid-2">
diff --git a/apps/desktop/src/pages/overview_policies_branch.test.tsx b/apps/desktop/src/pages/overview_policies_branch.test.tsx
index 63840be..7677e07 100644
--- a/apps/desktop/src/pages/overview_policies_branch.test.tsx
+++ b/apps/desktop/src/pages/overview_policies_branch.test.tsx
@@ -176,6 +176,7 @@ describe("overview + policies low-branch coverage", () => {
       )
       .mockRejectedValueOnce(new Error("policies error"))
       .mockResolvedValueOnce({
+        control_plane_runtime_policy: { completion_governance: { components: ["dod_checker", "reply_auditor", "continuation_policy"] } },
         agent_registry: "ALLOW_ALL",
         command_allowlist: { commands: ["run"] },
         forbidden_actions: null,
@@ -199,7 +200,9 @@ describe("overview + policies low-branch coverage", () => {
     fireEvent.click(screen.getByRole("button", { name: "Refresh" }));
     await waitFor(() => {
       expect(screen.queryByText("policies error")).not.toBeInTheDocument();
+      expect(screen.getByText("Control-plane runtime policy")).toBeInTheDocument();
       expect(screen.getByText("ALLOW_ALL")).toBeInTheDocument();
+      expect(screen.getByText(/"completion_governance": \{/)).toBeInTheDocument();
       expect(screen.getByText(/"commands": \[/)).toBeInTheDocument();
       expect(screen.getAllByText("No data").length).toBeGreaterThanOrEqual(2);
     });