vtcode_core/cli/
tool_policy_commands.rs

1//! CLI commands for managing tool policies
2
3use crate::tool_policy::{ToolPolicy, ToolPolicyManager};
4use anyhow::Result;
5use clap::Subcommand;
6use console::style;
7
8/// Tool policy management commands
9#[derive(Debug, Clone, Subcommand)]
10pub enum ToolPolicyCommands {
11    /// Show current tool policy status
12    Status,
13    /// Allow a specific tool
14    Allow {
15        /// Tool name to allow
16        tool: String,
17    },
18    /// Deny a specific tool
19    Deny {
20        /// Tool name to deny
21        tool: String,
22    },
23    /// Set a tool to prompt for confirmation
24    Prompt {
25        /// Tool name to set to prompt
26        tool: String,
27    },
28    /// Allow all tools
29    AllowAll,
30    /// Deny all tools
31    DenyAll,
32    /// Reset all tools to prompt
33    ResetAll,
34}
35
36/// Handle tool policy commands
37pub async fn handle_tool_policy_command(command: ToolPolicyCommands) -> Result<()> {
38    let mut policy_manager = ToolPolicyManager::new()?;
39
40    match command {
41        ToolPolicyCommands::Status => {
42            policy_manager.print_status();
43        }
44        ToolPolicyCommands::Allow { tool } => {
45            policy_manager.set_policy(&tool, ToolPolicy::Allow)?;
46            println!(
47                "{}",
48                style(format!("✓ Tool '{}' is now allowed", tool)).green()
49            );
50        }
51        ToolPolicyCommands::Deny { tool } => {
52            policy_manager.set_policy(&tool, ToolPolicy::Deny)?;
53            println!(
54                "{}",
55                style(format!("✗ Tool '{}' is now denied", tool)).red()
56            );
57        }
58        ToolPolicyCommands::Prompt { tool } => {
59            policy_manager.set_policy(&tool, ToolPolicy::Prompt)?;
60            println!(
61                "{}",
62                style(format!(
63                    "? Tool '{}' will now prompt for confirmation",
64                    tool
65                ))
66                .yellow()
67            );
68        }
69        ToolPolicyCommands::AllowAll => {
70            policy_manager.allow_all_tools()?;
71            println!("{}", style("✓ All tools are now allowed").green());
72        }
73        ToolPolicyCommands::DenyAll => {
74            policy_manager.deny_all_tools()?;
75            println!("{}", style("✗ All tools are now denied").red());
76        }
77        ToolPolicyCommands::ResetAll => {
78            policy_manager.reset_all_to_prompt()?;
79            println!(
80                "{}",
81                style("? All tools reset to prompt for confirmation").yellow()
82            );
83        }
84    }
85
86    Ok(())
87}
88
89/// Print tool policy help
90pub fn print_tool_policy_help() {
91    println!("{}", style("Tool Policy Management").cyan().bold());
92    println!();
93    println!("Tool policies control which tools the agent can use:");
94    println!();
95    println!(
96        "  {} - Tool executes automatically without prompting",
97        style("allow").green()
98    );
99    println!(
100        "  {} - Tool prompts for user confirmation each time",
101        style("prompt").yellow()
102    );
103    println!(
104        "  {} - Tool is never allowed to execute",
105        style("deny").red()
106    );
107    println!();
108    println!("Policies are stored in ~/.vtcode/tool-policy.json");
109    println!("Once you approve or deny a tool, your choice is remembered for future runs.");
110    println!();
111    println!("Examples:");
112    println!("  vtcode tool-policy status           # Show current policies");
113    println!("  vtcode tool-policy allow read_file  # Allow read_file tool");
114    println!("  vtcode tool-policy deny rm          # Deny rm tool");
115    println!("  vtcode tool-policy reset-all        # Reset all to prompt");
116}