`smelt.permissions`¶

Tier: UiHost — Requires a terminal UI; calling these from headless mode raises.

List session/workspace rules and sync a Lua-built ruleset back through the App. UiHost-only.

`smelt.permissions.check`¶

fun(mode_str: string, bucket: string, value: string): string

Decide a subcommand bucket (e.g. ("normal", "shell", "git status")) against the current ruleset. Returns "allow", "ask", or "deny"; defaults to "ask" when no app context is available.

`smelt.permissions.check_tool`¶

fun(mode_str: string, name: string): string

Decision primitives for tool decide callbacks. Returns "allow"/"ask"/"deny".

`smelt.permissions.list`¶

fun(): table

Return current permission rules as { session = { { tool, pattern } }, workspace = { { tool, patterns } } }. Session entries come from runtime approvals; workspace entries come from the on-disk store rooted at the current cwd.

`smelt.permissions.set_rules`¶

fun(spec: smelt.permissions.RulesSpec): nil

Types: smelt.permissions.RulesSpec

Install the per-mode permission ruleset. See smelt.permissions.RulesSpec.

`smelt.permissions.sync`¶

fun(spec: smelt.permissions.SyncSpec): nil

Types: smelt.permissions.SyncSpec

Replace runtime + workspace permission entries with spec.session and spec.workspace. Persists workspace rules to disk; session rules apply for this run only.

smelt.permissions¶

smelt.permissions.check¶

smelt.permissions.check_tool¶

smelt.permissions.list¶

smelt.permissions.set_rules¶

smelt.permissions.sync¶