Change the evaluation rules for multiple InlineTools policies/rules targeting the same Gateway object

[haiyanmeng]

Problem:
Today, if there are multiple InlineTools policies/rules target the same Gateway object, the Envoy Agentic Gateway managed by our reference implementation allows a request only if all the policies/rules allow it. For example, we have two XAccessPolicy objects, policy1 (which only allows an agent running with the Service Account adk-agent-sa to access get-sum) and policy2 (which only allows an agent running with the Service Account adk-agent-sa to access get-tiny-image). Currently, an agent running with the Service Account adk-agent-sa is not allowed to access both tools.

apiVersion: agentic.prototype.x-k8s.io/v0alpha0
kind: XAccessPolicy
metadata:
  name: policy1
spec:
  targetRefs:
    ...  
  rules:
    - name: tools-for-adk-agent-sa
      source:
        type: ServiceAccount
        serviceAccount:
          name: adk-agent-sa
          namespace: quickstart-ns
      authorization:
        type: InlineTools
        tools:
          - "get-sum"

apiVersion: agentic.prototype.x-k8s.io/v0alpha0
kind: XAccessPolicy
metadata:
  name: policy2
spec:
  targetRefs:
    ...
  rules:
    - name: tools-for-adk-agent-sa
      source:
        type: ServiceAccount
        serviceAccount:
          name: adk-agent-sa
          namespace: quickstart-ns
      authorization:
        type: InlineTools
        tools:
          - "get-tiny-image"

Desired behavior:
if there are multiple InlineTools policies/rules target the same Gateway object, the Envoy Agentic Gateway managed by our reference implementation allows a request if any policies/rules allow it.

For the example above, an agent running with the Service Account adk-agent-sa should be allowed to access both tools.

[haiyanmeng]

@guicassolato , @LiorLieberman , I would like to move this to the implementation stage since we have consensus on this. Any objections?