MCPcopy Create free account
hub / github.com/AI45Lab/Code / check

Method check

core/src/permissions/policy.rs:121–149  ·  view source on GitHub ↗

Check permission for a tool invocation Returns the permission decision based on rule evaluation order: 1. Deny rules (any match = Deny) 2. Allow rules (any match = Allow) 3. Ask rules (any match = Ask) 4. Default decision

(&self, tool_name: &str, args: &serde_json::Value)

Source from the content-addressed store, hash-verified

119 /// 3. Ask rules (any match = Ask)
120 /// 4. Default decision
121 pub fn check(&self, tool_name: &str, args: &serde_json::Value) -> PermissionDecision {
122 if !self.enabled {
123 return PermissionDecision::Allow;
124 }
125
126 // 1. Check deny rules first
127 for rule in &self.deny {
128 if rule.matches(tool_name, args) {
129 return PermissionDecision::Deny;
130 }
131 }
132
133 // 2. Check allow rules
134 for rule in &self.allow {
135 if rule.matches(tool_name, args) {
136 return PermissionDecision::Allow;
137 }
138 }
139
140 // 3. Check ask rules
141 for rule in &self.ask {
142 if rule.matches(tool_name, args) {
143 return PermissionDecision::Ask;
144 }
145 }
146
147 // 4. Fall back to default
148 self.default_decision
149 }
150
151 /// Check if a tool invocation is allowed (Allow or not Deny)
152 pub fn is_allowed(&self, tool_name: &str, args: &serde_json::Value) -> bool {

Calls 1

matchesMethod · 0.45