MCPcopy Index your code
hub / github.com/codeaashu/claude-code / hasPermissionsToUseToolInner

Function hasPermissionsToUseToolInner

src/utils/permissions/permissions.ts:1158–1319  ·  view source on GitHub ↗
(
  tool: Tool,
  input: { [key: string]: unknown },
  context: ToolUseContext,
)

Source from the content-addressed store, hash-verified

1156}
1157
1158async function hasPermissionsToUseToolInner(
1159 tool: Tool,
1160 input: { [key: string]: unknown },
1161 context: ToolUseContext,
1162): Promise<PermissionDecision> {
1163 if (context.abortController.signal.aborted) {
1164 throw new AbortError()
1165 }
1166
1167 let appState = context.getAppState()
1168
1169 // 1. Check if the tool is denied
1170 // 1a. Entire tool is denied
1171 const denyRule = getDenyRuleForTool(appState.toolPermissionContext, tool)
1172 if (denyRule) {
1173 return {
1174 behavior: 'deny',
1175 decisionReason: {
1176 type: 'rule',
1177 rule: denyRule,
1178 },
1179 message: `Permission to use ${tool.name} has been denied.`,
1180 }
1181 }
1182
1183 // 1b. Check if the entire tool should always ask for permission
1184 const askRule = getAskRuleForTool(appState.toolPermissionContext, tool)
1185 if (askRule) {
1186 // When autoAllowBashIfSandboxed is on, sandboxed commands skip the ask rule and
1187 // auto-allow via Bash's checkPermissions. Commands that won't be sandboxed (excluded
1188 // commands, dangerouslyDisableSandbox) still need to respect the ask rule.
1189 const canSandboxAutoAllow =
1190 tool.name === BASH_TOOL_NAME &&
1191 SandboxManager.isSandboxingEnabled() &&
1192 SandboxManager.isAutoAllowBashIfSandboxedEnabled() &&
1193 shouldUseSandbox(input)
1194
1195 if (!canSandboxAutoAllow) {
1196 return {
1197 behavior: 'ask',
1198 decisionReason: {
1199 type: 'rule',
1200 rule: askRule,
1201 },
1202 message: createPermissionRequestMessage(tool.name),
1203 }
1204 }
1205 // Fall through to let Bash's checkPermissions handle command-specific rules
1206 }
1207
1208 // 1c. Ask the tool implementation for a permission result
1209 // Overridden unless tool input schema is not valid
1210 let toolPermissionResult: PermissionResult = {
1211 behavior: 'passthrough',
1212 message: createPermissionRequestMessage(tool.name),
1213 }
1214 try {
1215 const parsedInput = tool.inputSchema.parse(input)

Callers 1

hasPermissionsToUseToolFunction · 0.85

Calls 12

getDenyRuleForToolFunction · 0.85
getAskRuleForToolFunction · 0.85
shouldUseSandboxFunction · 0.85
toolAlwaysAllowedRuleFunction · 0.85
logForDebuggingFunction · 0.85
jsonStringifyFunction · 0.85
isSandboxingEnabledMethod · 0.80
logErrorFunction · 0.50
parseMethod · 0.45

Tested by

no test coverage detected