utils/permissions/permission_rule library

Classes

ClassifierReason

HookReason

ModeReason

PermissionCheckResult

Result of a permission check.

PermissionDecisionReason

Why a permission decision was made.

PermissionRule

A permission rule.

RuleReason

SafetyCheckReason

Enums

PermissionBehavior

Permission rule behavior.

PermissionMode

Permission modes.

PermissionRuleSource

Where a permission rule was loaded from.

Constants

dangerousDirectories → const Set<String>

Directories that require extra permission.

dangerousFiles → const Set<String>

Files that require extra permission to modify.

systemPaths → const Set<String>

System paths that should never be removed.

Functions

evaluatePermission({required String toolName, required String? toolInput, required List<PermissionRule> rules, required PermissionMode mode, String? filePath}) → PermissionCheckResult

Evaluate permissions for a tool invocation.

isDangerousPath(String path) → bool

Check if a file path is dangerous.

isSystemPath(String path) → bool

Check if a path is a system path.

loadPermissionRules({Map<String, dynamic>? policySettings, Map<String, dynamic>? projectSettings, Map<String, dynamic>? localSettings, Map<String, dynamic>? userSettings, bool managedOnly = false}) → List<PermissionRule>

Load permission rules from all settings sources.

matchesGlob(String path, String pattern) → bool

Match a file path against a glob pattern.

matchesRule(String input, String pattern) → bool

Match a command against a rule pattern (supports exact, prefix, wildcard).

parsePermissionRule(String rule) → ({String? content, String toolName})

Parse a permission rule string like "Bash(npm install)" or "FileEdit(src/**)".

suggestRule({required String toolName, required String? input, String? filePath}) → String

Suggest a permission rule for a tool invocation.

validatePermissionRule(String rule) → String?

Validate a permission rule string.