capo_agent/permissions/
gate.rs

1use async_trait::async_trait;
2use serde_json::Value;
3
4#[derive(Debug, Clone, PartialEq, Eq)]
5pub enum Decision {
6    Allowed,
7    Denied(String),
8}
9
10#[derive(Debug, Clone)]
11pub struct PermissionRequest {
12    pub tool: String,
13    pub args: Value,
14}
15
16impl PermissionRequest {
17    pub fn new(tool: impl Into<String>, args: Value) -> Self {
18        Self {
19            tool: tool.into(),
20            args,
21        }
22    }
23}
24
25#[async_trait]
26pub trait PermissionGate: Send + Sync {
27    async fn check(&self, request: PermissionRequest) -> Decision;
28}
29
30pub struct NoOpPermissionGate;
31
32#[async_trait]
33impl PermissionGate for NoOpPermissionGate {
34    async fn check(&self, _request: PermissionRequest) -> Decision {
35        Decision::Allowed
36    }
37}

capo_agent/permissions/gate.rs

capo_agent/permissions/
gate.rs