safe_chains/targets/
qwen.rs1use std::path::{Path, PathBuf};
2
3use serde::Deserialize;
4use serde_json::{Map, Value, json};
5
6use super::{HookFormat, HookInput, HookResponse, InstallOutcome, ParseError, Target, allow_reason};
7use crate::verdict::Verdict;
8
9pub struct QwenTarget;
10
11impl Target for QwenTarget {
12 fn name(&self) -> &'static str {
13 "qwen"
14 }
15
16 fn display_name(&self) -> &'static str {
17 "Qwen Code"
18 }
19
20 fn detect_paths(&self, home: &Path) -> Vec<PathBuf> {
21 vec![home.join(".qwen")]
22 }
23
24 fn install(&self, home: &Path) -> Result<InstallOutcome, String> {
25 let dir = home.join(".qwen");
26 if !dir.exists() {
27 return Ok(InstallOutcome::Skipped {
28 reason: format!(
29 "~/.qwen not found at {} (Qwen Code not installed)",
30 dir.display()
31 ),
32 });
33 }
34
35 let path = dir.join("settings.json");
36 let binary = "safe-chains hook qwen";
37
38 if path.exists() {
39 let contents = std::fs::read_to_string(&path)
40 .map_err(|e| format!("Could not read {}: {e}", path.display()))?;
41 let mut settings: Value = serde_json::from_str(&contents)
42 .map_err(|e| format!("Could not parse {}: {e}", path.display()))?;
43
44 if has_safe_chains_hook(&settings) {
45 return Ok(InstallOutcome::AlreadyConfigured { path });
46 }
47
48 add_hook(&mut settings, binary);
49 let output = serde_json::to_string_pretty(&settings).expect("serializing valid JSON");
50 std::fs::write(&path, format!("{output}\n"))
51 .map_err(|e| format!("Could not write {}: {e}", path.display()))?;
52 Ok(InstallOutcome::Installed { path })
53 } else {
54 let mut settings = Value::Object(Map::new());
55 add_hook(&mut settings, binary);
56 let output = serde_json::to_string_pretty(&settings).expect("serializing valid JSON");
57 std::fs::write(&path, format!("{output}\n"))
58 .map_err(|e| format!("Could not write {}: {e}", path.display()))?;
59 Ok(InstallOutcome::Installed { path })
60 }
61 }
62
63 fn hook_format(&self) -> Option<&dyn HookFormat> {
64 Some(&QwenHookFormat)
65 }
66}
67
68struct QwenHookFormat;
69
70#[derive(Deserialize)]
71struct ToolInput {
72 command: String,
73}
74
75#[derive(Deserialize)]
76struct QwenHookEnvelope {
77 tool_input: ToolInput,
78 #[serde(default)]
79 cwd: Option<String>,
80}
81
82impl HookFormat for QwenHookFormat {
83 fn parse_input(&self, stdin: &str) -> Result<HookInput, ParseError> {
84 let envelope: QwenHookEnvelope = serde_json::from_str(stdin).map_err(|e| ParseError {
85 message: e.to_string(),
86 })?;
87 Ok(HookInput {
88 command: envelope.tool_input.command,
89 cwd: envelope.cwd,
90 })
91 }
92
93 fn render_response(&self, verdict: Verdict) -> HookResponse {
94 if verdict.is_allowed() {
95 let reason = allow_reason(verdict);
96 let body = json!({
98 "hookSpecificOutput": {
99 "hookEventName": "PreToolUse",
100 "permissionDecision": "allow",
101 "permissionDecisionReason": reason,
102 }
103 });
104 HookResponse {
105 stdout: serde_json::to_string(&body).unwrap_or_default(),
106 exit_code: 0,
107 }
108 } else {
109 HookResponse {
110 stdout: String::new(),
111 exit_code: 0,
112 }
113 }
114 }
115}
116
117fn hook_entry(binary: &str) -> Value {
118 json!({
119 "matcher": "^Bash$",
120 "hooks": [{
121 "type": "command",
122 "command": binary,
123 "timeout": 60_000,
124 }]
125 })
126}
127
128fn has_safe_chains_hook(settings: &Value) -> bool {
129 settings
130 .get("hooks")
131 .and_then(|h| h.get("PreToolUse"))
132 .and_then(|arr| arr.as_array())
133 .is_some_and(|entries| {
134 entries.iter().any(|entry| {
135 entry
136 .get("hooks")
137 .and_then(|h| h.as_array())
138 .is_some_and(|hooks| {
139 hooks.iter().any(|hook| {
140 hook.get("command")
141 .and_then(|c| c.as_str())
142 .is_some_and(|cmd| cmd.contains("safe-chains"))
143 })
144 })
145 })
146 })
147}
148
149fn add_hook(settings: &mut Value, binary: &str) {
150 if !settings.is_object() {
151 *settings = json!({});
152 }
153 let Some(obj) = settings.as_object_mut() else {
154 unreachable!("settings was just set to an object");
155 };
156 let hooks = obj
157 .entry("hooks")
158 .or_insert_with(|| json!({}))
159 .as_object_mut()
160 .expect("hooks key was created above as an object");
161 let pre_tool_use = hooks
162 .entry("PreToolUse")
163 .or_insert_with(|| json!([]))
164 .as_array_mut()
165 .expect("PreToolUse was created above as an array");
166 pre_tool_use.push(hook_entry(binary));
167}
168
169#[cfg(test)]
170mod tests {
171 use super::*;
172 use crate::verdict::SafetyLevel;
173
174 fn target() -> QwenTarget {
175 QwenTarget
176 }
177
178 const QWEN_DOCS_SAMPLE: &str = r#"{
180 "session_id": "abc123",
181 "transcript_path": "/Users/me/.qwen/transcripts/abc.json",
182 "cwd": "/Users/me/project",
183 "hook_event_name": "PreToolUse",
184 "timestamp": "2026-05-06T12:00:00Z",
185 "permission_mode": "default",
186 "tool_name": "Bash",
187 "tool_input": {"command": "ls -la"},
188 "tool_use_id": "tu_123"
189 }"#;
190
191 #[test]
192 fn install_no_qwen_dir_skips() {
193 let dir = tempfile::tempdir().unwrap();
194 let outcome = target().install(dir.path()).unwrap();
195 assert!(matches!(outcome, InstallOutcome::Skipped { .. }));
196 }
197
198 #[test]
199 fn install_creates_settings_file() {
200 let dir = tempfile::tempdir().unwrap();
201 std::fs::create_dir(dir.path().join(".qwen")).unwrap();
202 let outcome = target().install(dir.path()).unwrap();
203 assert!(matches!(outcome, InstallOutcome::Installed { .. }));
204 let contents = std::fs::read_to_string(dir.path().join(".qwen/settings.json")).unwrap();
205 let settings: Value = serde_json::from_str(&contents).unwrap();
206 assert!(has_safe_chains_hook(&settings));
207 }
208
209 #[test]
210 fn install_uses_bash_matcher() {
211 let dir = tempfile::tempdir().unwrap();
212 std::fs::create_dir(dir.path().join(".qwen")).unwrap();
213 target().install(dir.path()).unwrap();
214 let contents = std::fs::read_to_string(dir.path().join(".qwen/settings.json")).unwrap();
215 assert!(contents.contains("^Bash$"));
216 assert!(contents.contains("safe-chains hook qwen"));
217 }
218
219 #[test]
220 fn install_idempotent() {
221 let dir = tempfile::tempdir().unwrap();
222 std::fs::create_dir(dir.path().join(".qwen")).unwrap();
223 target().install(dir.path()).unwrap();
224 let outcome = target().install(dir.path()).unwrap();
225 assert!(matches!(outcome, InstallOutcome::AlreadyConfigured { .. }));
226 }
227
228 #[test]
229 fn parse_input_extracts_command() {
230 let parsed = QwenHookFormat.parse_input(QWEN_DOCS_SAMPLE).unwrap();
231 assert_eq!(parsed.command, "ls -la");
232 assert_eq!(parsed.cwd.as_deref(), Some("/Users/me/project"));
233 }
234
235 #[test]
236 fn parse_input_rejects_garbage() {
237 assert!(QwenHookFormat.parse_input("not json").is_err());
238 assert!(QwenHookFormat.parse_input("{}").is_err());
239 }
240
241 #[test]
242 fn render_response_emits_claude_shaped_envelope() {
243 let r = QwenHookFormat.render_response(Verdict::Allowed(SafetyLevel::Inert));
244 let v: Value = serde_json::from_str(&r.stdout).unwrap();
245 assert_eq!(
246 v.pointer("/hookSpecificOutput/permissionDecision")
247 .and_then(|d| d.as_str()),
248 Some("allow"),
249 );
250 assert_eq!(
251 v.pointer("/hookSpecificOutput/hookEventName")
252 .and_then(|d| d.as_str()),
253 Some("PreToolUse"),
254 );
255 }
256
257 #[test]
258 fn render_response_deny_emits_empty_body() {
259 let r = QwenHookFormat.render_response(Verdict::Denied);
260 assert_eq!(r.stdout, "");
261 }
262}