MCPcopy
hub / github.com/shareAI-lab/learn-claude-code / permission_hook

Function permission_hook

s04_hooks/code.py:176–198  ·  view source on GitHub ↗

PreToolUse: s03 check_permission() logic moved here.

(block)

Source from the content-addressed store, hash-verified

174DESTRUCTIVE = ["rm ", "> /etc/", "chmod 777"]
175
176def permission_hook(block):
177 """PreToolUse: s03 check_permission() logic moved here."""
178 if block.name == "bash":
179 for pattern in DENY_LIST:
180 if pattern in block.input.get("command", ""):
181 print(f"\n\033[31m⛔ Blocked: '{pattern}'\033[0m")
182 return "Permission denied by deny list"
183 for kw in DESTRUCTIVE:
184 if kw in block.input.get("command", ""):
185 print(f"\n\033[33m⚠ Potentially destructive command\033[0m")
186 print(f" Tool: {block.name}({block.input})")
187 choice = input(" Allow? [y/N] ").strip().lower()
188 if choice not in ("y", "yes"):
189 return "Permission denied by user"
190 if block.name in ("write_file", "edit_file"):
191 path = block.input.get("path", "")
192 if not (WORKDIR / path).resolve().is_relative_to(WORKDIR):
193 print(f"\n\033[33m⚠ Writing outside workspace\033[0m")
194 print(f" Tool: {block.name}({block.input})")
195 choice = input(" Allow? [y/N] ").strip().lower()
196 if choice not in ("y", "yes"):
197 return "Permission denied by user"
198 return None
199
200def log_hook(block):
201 """PreToolUse: log every tool call."""

Callers

nothing calls this directly

Calls 1

getMethod · 0.45

Tested by

no test coverage detected