MCPcopy
hub / github.com/codeaashu/claude-code / syncPermissionRulesFromDisk

Function syncPermissionRulesFromDisk

src/utils/permissions/permissions.ts:1419–1471  ·  view source on GitHub ↗
(
  toolPermissionContext: ToolPermissionContext,
  rules: PermissionRule[],
)

Source from the content-addressed store, hash-verified

1417 * Sync permission rules from disk (replacement - for settings changes)
1418 */
1419export function syncPermissionRulesFromDisk(
1420 toolPermissionContext: ToolPermissionContext,
1421 rules: PermissionRule[],
1422): ToolPermissionContext {
1423 let context = toolPermissionContext
1424
1425 // When allowManagedPermissionRulesOnly is enabled, clear all non-policy sources
1426 if (shouldAllowManagedPermissionRulesOnly()) {
1427 const sourcesToClear: PermissionUpdateDestination[] = [
1428 'userSettings',
1429 'projectSettings',
1430 'localSettings',
1431 'cliArg',
1432 'session',
1433 ]
1434 const behaviors: PermissionBehavior[] = ['allow', 'deny', 'ask']
1435
1436 for (const source of sourcesToClear) {
1437 for (const behavior of behaviors) {
1438 context = applyPermissionUpdate(context, {
1439 type: 'replaceRules',
1440 rules: [],
1441 behavior,
1442 destination: source,
1443 })
1444 }
1445 }
1446 }
1447
1448 // Clear all disk-based source:behavior combos before applying new rules.
1449 // Without this, removing a rule from settings (e.g. deleting a deny entry)
1450 // would leave the old rule in the context because convertRulesToUpdates
1451 // only generates replaceRules for source:behavior pairs that have rules —
1452 // an empty group produces no update, so stale rules persist.
1453 const diskSources: PermissionUpdateDestination[] = [
1454 'userSettings',
1455 'projectSettings',
1456 'localSettings',
1457 ]
1458 for (const diskSource of diskSources) {
1459 for (const behavior of ['allow', 'deny', 'ask'] as PermissionBehavior[]) {
1460 context = applyPermissionUpdate(context, {
1461 type: 'replaceRules',
1462 rules: [],
1463 behavior,
1464 destination: diskSource,
1465 })
1466 }
1467 }
1468
1469 const updates = convertRulesToUpdates(rules, 'replaceRules')
1470 return applyPermissionUpdates(context, updates)
1471}
1472
1473/**
1474 * Extract updatedInput from a permission result, falling back to the original input.

Callers 1

applySettingsChangeFunction · 0.85

Calls 4

applyPermissionUpdateFunction · 0.85
convertRulesToUpdatesFunction · 0.85
applyPermissionUpdatesFunction · 0.85

Tested by

no test coverage detected