safe_chains/targets/
claude.rs1use std::path::{Path, PathBuf};
2
3use serde::Deserialize;
4use serde_json::{Map, Value, json};
5
6use super::{HookFormat, HookInput, HookResponse, InstallOutcome, ParseError, Target, allow_reason};
7use crate::verdict::Verdict;
8
9pub struct ClaudeTarget;
10
11impl Target for ClaudeTarget {
12 fn name(&self) -> &'static str {
13 "claude"
14 }
15
16 fn display_name(&self) -> &'static str {
17 "Claude Code"
18 }
19
20 fn detect_paths(&self, home: &Path) -> Vec<PathBuf> {
21 vec![home.join(".claude")]
22 }
23
24 fn install(&self, home: &Path) -> Result<InstallOutcome, String> {
25 let dir = home.join(".claude");
26 if !dir.exists() {
27 return Ok(InstallOutcome::Skipped {
28 reason: format!(
29 "~/.claude not found at {} (Claude Code not installed)",
30 dir.display()
31 ),
32 });
33 }
34
35 let path = dir.join("settings.json");
36 let binary = "safe-chains";
37
38 if path.exists() {
39 let contents = std::fs::read_to_string(&path)
40 .map_err(|e| format!("Could not read {}: {e}", path.display()))?;
41 let mut settings: Value = serde_json::from_str(&contents)
42 .map_err(|e| format!("Could not parse {}: {e}", path.display()))?;
43
44 if has_safe_chains_hook(&settings) {
45 return Ok(InstallOutcome::AlreadyConfigured { path });
46 }
47
48 add_hook(&mut settings, binary);
49 let output = serde_json::to_string_pretty(&settings).expect("serializing valid JSON");
50 std::fs::write(&path, format!("{output}\n"))
51 .map_err(|e| format!("Could not write {}: {e}", path.display()))?;
52 Ok(InstallOutcome::Installed { path })
53 } else {
54 let mut settings = Value::Object(Map::new());
55 add_hook(&mut settings, binary);
56 let output = serde_json::to_string_pretty(&settings).expect("serializing valid JSON");
57 std::fs::write(&path, format!("{output}\n"))
58 .map_err(|e| format!("Could not write {}: {e}", path.display()))?;
59 Ok(InstallOutcome::Installed { path })
60 }
61 }
62
63 fn hook_format(&self) -> Option<&dyn HookFormat> {
64 Some(&ClaudeHookFormat)
65 }
66}
67
68struct ClaudeHookFormat;
69
70#[derive(Deserialize)]
71struct ToolInput {
72 command: String,
73}
74
75#[derive(Deserialize)]
76struct ClaudeHookEnvelope {
77 tool_input: ToolInput,
78 #[serde(default)]
79 cwd: Option<String>,
80}
81
82impl HookFormat for ClaudeHookFormat {
83 fn parse_input(&self, stdin: &str) -> Result<HookInput, ParseError> {
84 let envelope: ClaudeHookEnvelope = serde_json::from_str(stdin).map_err(|e| ParseError {
85 message: e.to_string(),
86 })?;
87 Ok(HookInput {
88 command: envelope.tool_input.command,
89 cwd: envelope.cwd,
90 })
91 }
92
93 fn render_response(&self, verdict: Verdict) -> HookResponse {
94 if verdict.is_allowed() {
95 let reason = allow_reason(verdict);
96 let body = json!({
97 "hookSpecificOutput": {
98 "hookEventName": "PreToolUse",
99 "permissionDecision": "allow",
100 "permissionDecisionReason": reason,
101 }
102 });
103 HookResponse {
104 stdout: serde_json::to_string(&body).unwrap_or_default(),
105 exit_code: 0,
106 }
107 } else {
108 HookResponse {
109 stdout: String::new(),
110 exit_code: 0,
111 }
112 }
113 }
114}
115
116fn hook_entry(binary: &str) -> Value {
117 json!({
118 "matcher": "Bash",
119 "hooks": [{
120 "type": "command",
121 "command": binary,
122 }]
123 })
124}
125
126fn has_safe_chains_hook(settings: &Value) -> bool {
127 settings
128 .get("hooks")
129 .and_then(|h| h.get("PreToolUse"))
130 .and_then(|arr| arr.as_array())
131 .is_some_and(|entries| {
132 entries.iter().any(|entry| {
133 entry
134 .get("hooks")
135 .and_then(|h| h.as_array())
136 .is_some_and(|hooks| {
137 hooks.iter().any(|hook| {
138 hook.get("command")
139 .and_then(|c| c.as_str())
140 .is_some_and(|cmd| cmd.contains("safe-chains"))
141 })
142 })
143 })
144 })
145}
146
147fn add_hook(settings: &mut Value, binary: &str) {
148 if !settings.is_object() {
149 *settings = json!({});
150 }
151 let Some(obj) = settings.as_object_mut() else {
152 unreachable!("settings was just set to an object");
153 };
154 let hooks = obj
155 .entry("hooks")
156 .or_insert_with(|| json!({}))
157 .as_object_mut()
158 .expect("hooks key was created above as an object");
159 let pre_tool_use = hooks
160 .entry("PreToolUse")
161 .or_insert_with(|| json!([]))
162 .as_array_mut()
163 .expect("PreToolUse key was created above as an array");
164 pre_tool_use.push(hook_entry(binary));
165}
166
167#[cfg(test)]
168mod tests {
169 use super::*;
170 use crate::verdict::SafetyLevel;
171
172 fn target() -> ClaudeTarget {
173 ClaudeTarget
174 }
175
176 #[test]
177 fn install_no_claude_dir_skips() {
178 let dir = tempfile::tempdir().unwrap();
179 let outcome = target().install(dir.path()).unwrap();
180 assert!(matches!(outcome, InstallOutcome::Skipped { .. }));
181 }
182
183 #[test]
184 fn install_creates_settings_file() {
185 let dir = tempfile::tempdir().unwrap();
186 std::fs::create_dir(dir.path().join(".claude")).unwrap();
187 let outcome = target().install(dir.path()).unwrap();
188 assert!(matches!(outcome, InstallOutcome::Installed { .. }));
189 let contents =
190 std::fs::read_to_string(dir.path().join(".claude/settings.json")).unwrap();
191 let settings: Value = serde_json::from_str(&contents).unwrap();
192 assert!(has_safe_chains_hook(&settings));
193 }
194
195 #[test]
196 fn install_preserves_existing_settings() {
197 let dir = tempfile::tempdir().unwrap();
198 let claude_dir = dir.path().join(".claude");
199 std::fs::create_dir(&claude_dir).unwrap();
200 std::fs::write(
201 claude_dir.join("settings.json"),
202 r#"{"permissions": {"allow": ["Bash(cargo test *)"]}}"#,
203 )
204 .unwrap();
205 target().install(dir.path()).unwrap();
206 let contents = std::fs::read_to_string(claude_dir.join("settings.json")).unwrap();
207 let settings: Value = serde_json::from_str(&contents).unwrap();
208 assert!(has_safe_chains_hook(&settings));
209 assert!(
210 settings
211 .get("permissions")
212 .and_then(|p| p.get("allow"))
213 .is_some(),
214 "existing permissions must be preserved"
215 );
216 }
217
218 #[test]
219 fn install_idempotent() {
220 let dir = tempfile::tempdir().unwrap();
221 std::fs::create_dir(dir.path().join(".claude")).unwrap();
222 target().install(dir.path()).unwrap();
223 let outcome = target().install(dir.path()).unwrap();
224 assert!(matches!(outcome, InstallOutcome::AlreadyConfigured { .. }));
225 }
226
227 #[test]
228 fn detect_paths_returns_claude_dir() {
229 let dir = tempfile::tempdir().unwrap();
230 let paths = target().detect_paths(dir.path());
231 assert_eq!(paths, vec![dir.path().join(".claude")]);
232 }
233
234 #[test]
235 fn parse_input_extracts_command() {
236 let stdin = r#"{"tool_input": {"command": "ls -la"}, "cwd": "/tmp"}"#;
237 let parsed = ClaudeHookFormat.parse_input(stdin).unwrap();
238 assert_eq!(parsed.command, "ls -la");
239 assert_eq!(parsed.cwd.as_deref(), Some("/tmp"));
240 }
241
242 #[test]
243 fn parse_input_rejects_garbage() {
244 assert!(ClaudeHookFormat.parse_input("not json").is_err());
245 assert!(ClaudeHookFormat.parse_input("{}").is_err());
246 }
247
248 #[test]
249 fn render_response_allow_emits_allow_envelope() {
250 let r = ClaudeHookFormat.render_response(Verdict::Allowed(SafetyLevel::Inert));
251 assert_eq!(r.exit_code, 0);
252 let v: Value = serde_json::from_str(&r.stdout).unwrap();
253 assert_eq!(
254 v.pointer("/hookSpecificOutput/permissionDecision")
255 .and_then(|d| d.as_str()),
256 Some("allow"),
257 );
258 }
259
260 #[test]
261 fn render_response_deny_emits_empty_body() {
262 let r = ClaudeHookFormat.render_response(Verdict::Denied);
263 assert_eq!(r.exit_code, 0);
264 assert_eq!(r.stdout, "");
265 }
266
267 #[test]
268 fn render_response_safewrite_carries_appropriate_reason() {
269 let r = ClaudeHookFormat.render_response(Verdict::Allowed(SafetyLevel::SafeWrite));
270 let v: Value = serde_json::from_str(&r.stdout).unwrap();
271 assert_eq!(
272 v.pointer("/hookSpecificOutput/permissionDecisionReason")
273 .and_then(|s| s.as_str()),
274 Some(allow_reason(Verdict::Allowed(SafetyLevel::SafeWrite))),
275 );
276 }
277}