claude-code-agent-sdk 0.1.39

Rust SDK for Claude Code CLI with bidirectional streaming, hooks, custom tools, and plugin support
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264

//! Permission types for Claude Agent SDK

use futures::future::BoxFuture;
use serde::{Deserialize, Serialize};
use std::sync::Arc;

/// Callback for tool usage permission
pub type CanUseToolCallback = Arc<
    dyn Fn(String, serde_json::Value, ToolPermissionContext) -> BoxFuture<'static, PermissionResult>
        + Send
        + Sync,
>;

/// Context provided to permission callbacks
#[derive(Debug, Clone, Default)]
pub struct ToolPermissionContext {
    /// Abort signal (future feature)
    pub signal: Option<()>,
    /// Permission suggestions from Claude
    pub suggestions: Vec<PermissionUpdate>,
    /// Tool use ID from the content block (if available)
    pub tool_use_id: Option<String>,
}

/// Result of a permission check
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(tag = "behavior", rename_all = "lowercase")]
pub enum PermissionResult {
    /// Allow the tool use
    Allow(PermissionResultAllow),
    /// Deny the tool use
    Deny(PermissionResultDeny),
}

/// Permission result for allowing tool use
#[derive(Debug, Clone, Default, Serialize, Deserialize)]
pub struct PermissionResultAllow {
    /// Updated tool input (if modified)
    #[serde(skip_serializing_if = "Option::is_none", rename = "updatedInput")]
    pub updated_input: Option<serde_json::Value>,
    /// Permission updates to apply
    #[serde(skip_serializing_if = "Option::is_none", rename = "updatedPermissions")]
    pub updated_permissions: Option<Vec<PermissionUpdate>>,
}

/// Permission result for denying tool use
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PermissionResultDeny {
    /// Denial message
    pub message: String,
    /// Whether to interrupt execution
    pub interrupt: bool,
}

impl Default for PermissionResultDeny {
    fn default() -> Self {
        Self {
            message: "Tool use denied".to_string(),
            interrupt: false,
        }
    }
}

/// Permission update to apply
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PermissionUpdate {
    /// Type of update
    #[serde(rename = "type")]
    pub type_: PermissionUpdateType,
    /// Permission rules (for rule updates)
    #[serde(skip_serializing_if = "Option::is_none")]
    pub rules: Option<Vec<PermissionRuleValue>>,
    /// Permission behavior (for rule updates)
    #[serde(skip_serializing_if = "Option::is_none")]
    pub behavior: Option<PermissionBehavior>,
    /// Permission mode (for mode updates)
    #[serde(skip_serializing_if = "Option::is_none")]
    pub mode: Option<super::config::PermissionMode>,
    /// Directories (for directory updates)
    #[serde(skip_serializing_if = "Option::is_none")]
    pub directories: Option<Vec<String>>,
    /// Destination for the update
    #[serde(skip_serializing_if = "Option::is_none")]
    pub destination: Option<PermissionUpdateDestination>,
}

/// Type of permission update
#[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq)]
#[serde(rename_all = "camelCase")]
pub enum PermissionUpdateType {
    /// Add permission rules
    AddRules,
    /// Replace permission rules
    ReplaceRules,
    /// Remove permission rules
    RemoveRules,
    /// Set permission mode
    SetMode,
    /// Add directories
    AddDirectories,
    /// Remove directories
    RemoveDirectories,
}

/// Permission rule value
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PermissionRuleValue {
    /// Tool name for this rule
    #[serde(rename = "toolName")]
    pub tool_name: String,
    /// Rule content (optional pattern/constraint)
    #[serde(skip_serializing_if = "Option::is_none", rename = "ruleContent")]
    pub rule_content: Option<String>,
}

/// Permission behavior
#[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq)]
#[serde(rename_all = "lowercase")]
pub enum PermissionBehavior {
    /// Allow the action
    Allow,
    /// Deny the action
    Deny,
    /// Ask for permission
    Ask,
}

/// Destination for permission updates
#[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq)]
#[serde(rename_all = "camelCase")]
pub enum PermissionUpdateDestination {
    /// User settings
    UserSettings,
    /// Project settings
    ProjectSettings,
    /// Local settings
    LocalSettings,
    /// Current session only
    #[serde(rename = "session")]
    Session,
}

#[cfg(test)]
mod tests {
    use super::*;
    use serde_json::json;

    #[test]
    fn test_permission_behavior_serialization() {
        assert_eq!(
            serde_json::to_string(&PermissionBehavior::Allow).unwrap(),
            "\"allow\""
        );
        assert_eq!(
            serde_json::to_string(&PermissionBehavior::Deny).unwrap(),
            "\"deny\""
        );
        assert_eq!(
            serde_json::to_string(&PermissionBehavior::Ask).unwrap(),
            "\"ask\""
        );
    }

    #[test]
    fn test_permission_result_allow_serialization() {
        let result = PermissionResult::Allow(PermissionResultAllow {
            updated_input: Some(json!({"modified": true})),
            updated_permissions: None,
        });

        let json = serde_json::to_value(&result).unwrap();
        assert_eq!(json["behavior"], "allow");
        assert_eq!(json["updatedInput"]["modified"], true);
    }

    #[test]
    fn test_permission_result_deny_serialization() {
        let result = PermissionResult::Deny(PermissionResultDeny {
            message: "Access denied".to_string(),
            interrupt: true,
        });

        let json = serde_json::to_value(&result).unwrap();
        assert_eq!(json["behavior"], "deny");
        assert_eq!(json["message"], "Access denied");
        assert_eq!(json["interrupt"], true);
    }

    #[test]
    fn test_permission_update_type_serialization() {
        assert_eq!(
            serde_json::to_string(&PermissionUpdateType::AddRules).unwrap(),
            "\"addRules\""
        );
        assert_eq!(
            serde_json::to_string(&PermissionUpdateType::SetMode).unwrap(),
            "\"setMode\""
        );
        assert_eq!(
            serde_json::to_string(&PermissionUpdateType::RemoveDirectories).unwrap(),
            "\"removeDirectories\""
        );
    }

    #[test]
    fn test_permission_update_destination_serialization() {
        assert_eq!(
            serde_json::to_string(&PermissionUpdateDestination::UserSettings).unwrap(),
            "\"userSettings\""
        );
        assert_eq!(
            serde_json::to_string(&PermissionUpdateDestination::ProjectSettings).unwrap(),
            "\"projectSettings\""
        );
        assert_eq!(
            serde_json::to_string(&PermissionUpdateDestination::LocalSettings).unwrap(),
            "\"localSettings\""
        );
        assert_eq!(
            serde_json::to_string(&PermissionUpdateDestination::Session).unwrap(),
            "\"session\""
        );
    }

    #[test]
    fn test_permission_update_with_rules() {
        let update = PermissionUpdate {
            type_: PermissionUpdateType::AddRules,
            rules: Some(vec![PermissionRuleValue {
                tool_name: "Bash".to_string(),
                rule_content: Some("allow echo".to_string()),
            }]),
            behavior: Some(PermissionBehavior::Allow),
            mode: None,
            directories: None,
            destination: Some(PermissionUpdateDestination::Session),
        };

        let json = serde_json::to_value(&update).unwrap();
        assert_eq!(json["type"], "addRules");
        assert_eq!(json["rules"][0]["toolName"], "Bash");
        assert_eq!(json["rules"][0]["ruleContent"], "allow echo");
        assert_eq!(json["behavior"], "allow");
        assert_eq!(json["destination"], "session");
    }

    #[test]
    fn test_permission_update_optional_fields_omitted() {
        let update = PermissionUpdate {
            type_: PermissionUpdateType::SetMode,
            rules: None,
            behavior: None,
            mode: Some(super::super::config::PermissionMode::AcceptEdits),
            directories: None,
            destination: None,
        };

        let json = serde_json::to_value(&update).unwrap();
        assert_eq!(json["type"], "setMode");
        assert!(json.get("rules").is_none());
        assert!(json.get("behavior").is_none());
        assert!(json.get("destination").is_none());
    }
}