checkWrite method

PermissionDecision checkWrite(String path)

Check write permission for a file path.

Implementation

PermissionDecision checkWrite(String path) {
  final normalized = _normalizePath(path);

  if (isProtectedPath(normalized)) {
    return PermissionDecision(
      level: PermissionLevel.deny,
      reason:
          'Path "$normalized" is a protected system path. '
          'Write operations are blocked.',
    );
  }

  if (!isInSandbox(normalized)) {
    return PermissionDecision(
      level: PermissionLevel.deny,
      reason: 'Path "$normalized" is outside the sandbox.',
    );
  }

  final risk = _isSensitiveFile(normalized)
      ? RiskLevel.critical
      : RiskLevel.medium;
  final request = PermissionRequest(
    scope: PermissionScope.file,
    action: 'write',
    resource: normalized,
    detail: 'Write file: $normalized',
    riskLevel: risk,
  );

  return _ruleSet.evaluateWithCache(request, _cache);
}