claudewheel v0.15.1 /claudewheel.permission
Edit
On this page

Core logic for managing profile permission rules.

#claudewheel.permission

#claudewheel.permission

Core logic for managing profile permission rules.

#validate_rule

python
def validate_rule(rule: str) -> None

Raise ValueError if rule is not a valid permission rule string.

Rules are either bare tool names (Bash) or tool-with-pattern (Bash(git diff:*)). Empty, whitespace-only, and malformed strings are rejected.

#load_settings

python
def load_settings(settings_path: Path) -> dict

Read and parse a profile's settings.json.

Raises FileNotFoundError if the file does not exist and json.JSONDecodeError if the content is not valid JSON.

#save_settings

python
def save_settings(settings_path: Path, data: dict) -> None

Atomic-write data as JSON to settings_path.

Writes to a temporary sibling file first, then renames over the original to avoid partial writes.

#add_rule

python
def add_rule(data: dict, category: str, rule: str) -> str

Append rule to data["permissions"][category].

Returns "added" on success or "already present" if the rule already exists in the list. The list is never sorted -- append only.

#remove_rule

python
def remove_rule(data: dict, category: str, rule: str) -> str

Remove rule from data["permissions"][category].

Returns "removed" on success or "not found" if the rule is not in the list.

#resolve_profiles

python
def resolve_profiles(profile: str | None, all_profiles: bool) -> list[tuple[str, Path]]

Map the mutex flag values to a list of (name, settings_path) pairs.

Exactly one of profile or all_profiles must be truthy (enforced by the caller's MutexGroup). Prints to stderr and exits on error.