Skip to content

test(execpolicy): cover action precedence for file permission rules#3966

Open
greyfreedom wants to merge 1 commit into
Hmbown:mainfrom
greyfreedom:test/execpolicy-file-action-precedence
Open

test(execpolicy): cover action precedence for file permission rules#3966
greyfreedom wants to merge 1 commit into
Hmbown:mainfrom
greyfreedom:test/execpolicy-file-action-precedence

Conversation

@greyfreedom

Copy link
Copy Markdown
Contributor

Summary

Add focused execpolicy coverage for file permission rule action precedence.

Scope

  • Covers deny > ask > allow when the same tool + path matches.
  • Covers path-specific versus tool-wide rule selection.
  • Covers action precedence outranking path specificity.
  • Covers workspace-relative normalization for absolute and relative paths.
  • Covers Windows separator normalization.
  • Covers read_file, write_file, and apply_patch path rules staying scoped by tool.

Builds on

Current upstream/main.

Issues

Refs #1186 (partial)
Refs #2242 (partial)

Validation

  • cargo fmt --all
  • git diff --check
  • cargo test -p codewhale-execpolicy --locked

Add focused file-path permission rule tests for deny, ask, and allow precedence across identical paths, path-specific versus tool-wide matches, workspace-relative normalization, and Windows separator normalization.

Also cover read_file, write_file, and apply_patch path rules staying scoped by tool while preserving their current deny, ask, and allow behavior.
@greyfreedom greyfreedom requested a review from Hmbown as a code owner July 3, 2026 09:14
@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown

Thanks @greyfreedom for taking the time to contribute.

This repository is observing a maintainer-managed PR intake gate in dry-run mode, so this pull request is staying open. This note helps maintainers prepare the allowlist before any enforcement is considered.

Please read CONTRIBUTING.md for the expected contribution shape. A maintainer can grant recurring PR access by commenting /lgtm on a pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant