ripperdoc 0.2.6__py3-none-any.whl

ripperdoc/core/permissions.py

@@ -0,0 +1,252 @@
+"""Permission handling for tool execution."""
+
+from __future__ import annotations
+
+import asyncio
+from collections import defaultdict
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Any, Awaitable, Callable, Optional, Set
+
+from ripperdoc.core.config import config_manager
+from ripperdoc.core.tool import Tool
+from ripperdoc.utils.permissions import PermissionDecision, ToolRule
+from ripperdoc.utils.log import get_logger
+
+logger = get_logger()
+
+
+@dataclass
+class PermissionResult:
+    """Result of a permission check."""
+
+    result: bool
+    message: Optional[str] = None
+    updated_input: Any = None
+    decision: Optional[PermissionDecision] = None
+
+
+def _format_input_preview(parsed_input: Any) -> str:
+    """Create a short, human-friendly preview for prompts."""
+    if hasattr(parsed_input, "command"):
+        return f"command='{getattr(parsed_input, 'command')}'"
+    if hasattr(parsed_input, "file_path"):
+        return f"file='{getattr(parsed_input, 'file_path')}'"
+    if hasattr(parsed_input, "path"):
+        return f"path='{getattr(parsed_input, 'path')}'"
+
+    preview = str(parsed_input)
+    if len(preview) > 140:
+        return preview[:137] + "..."
+    return preview
+
+
+def permission_key(tool: Tool[Any, Any], parsed_input: Any) -> str:
+    """Build a stable permission key for persistence."""
+    if hasattr(parsed_input, "command"):
+        return f"{tool.name}::command::{getattr(parsed_input, 'command')}"
+    if hasattr(parsed_input, "file_path"):
+        try:
+            return f"{tool.name}::path::{Path(getattr(parsed_input, 'file_path')).resolve()}"
+        except (OSError, RuntimeError) as exc:
+            logger.warning(
+                "[permissions] Failed to resolve file_path for permission key",
+                extra={"tool": getattr(tool, "name", None), "error": str(exc)},
+            )
+            return f"{tool.name}::path::{getattr(parsed_input, 'file_path')}"
+    if hasattr(parsed_input, "path"):
+        try:
+            return f"{tool.name}::path::{Path(getattr(parsed_input, 'path')).resolve()}"
+        except (OSError, RuntimeError) as exc:
+            logger.warning(
+                "[permissions] Failed to resolve path for permission key",
+                extra={"tool": getattr(tool, "name", None), "error": str(exc)},
+            )
+            return f"{tool.name}::path::{getattr(parsed_input, 'path')}"
+    return tool.name
+
+
+def _render_options_prompt(prompt: str, options: list[tuple[str, str]]) -> str:
+    """Render a simple numbered prompt."""
+    border = "─" * 120
+    lines = [border, prompt, ""]
+    for idx, (_, label) in enumerate(options, start=1):
+        prefix = "❯" if idx == 1 else " "
+        lines.append(f"{prefix} {idx}. {label}")
+    numeric_choices = "/".join(str(i) for i in range(1, len(options) + 1))
+    shortcut_choices = "/".join(opt[0] for opt in options)
+    lines.append(f"Choice ({numeric_choices} or {shortcut_choices}): ")
+    return "\n".join(lines)
+
+
+def _rule_strings(rule_suggestions: Optional[Any]) -> list[str]:
+    """Normalize rule suggestions to simple strings."""
+    if not rule_suggestions:
+        return []
+    rules: list[str] = []
+    for suggestion in rule_suggestions:
+        if isinstance(suggestion, ToolRule):
+            rules.append(suggestion.rule_content)
+        else:
+            rules.append(str(suggestion))
+    return [rule for rule in rules if rule]
+
+
+def make_permission_checker(
+    project_path: Path,
+    safe_mode: bool,
+    prompt_fn: Optional[Callable[[str], str]] = None,
+) -> Callable[[Tool[Any, Any], Any], Awaitable[PermissionResult]]:
+    """Create a permission checking function for the current project."""
+
+    project_path = project_path.resolve()
+    config_manager.get_project_config(project_path)
+
+    session_allowed_tools: Set[str] = set()
+    session_tool_rules: dict[str, Set[str]] = defaultdict(set)
+
+    async def _prompt_user(prompt: str, options: list[tuple[str, str]]) -> str:
+        """Prompt the user without blocking the event loop."""
+        loop = asyncio.get_running_loop()
+        responder = prompt_fn or input
+
+        def _ask() -> str:
+            rendered = _render_options_prompt(prompt, options)
+            return responder(rendered)
+
+        return await loop.run_in_executor(None, _ask)
+
+    async def can_use_tool(tool: Tool[Any, Any], parsed_input: Any) -> PermissionResult:
+        """Check and optionally persist permission for a tool invocation."""
+        config = config_manager.get_project_config(project_path)
+
+        if not safe_mode:
+            return PermissionResult(result=True)
+
+        try:
+            if hasattr(tool, "needs_permissions") and not tool.needs_permissions(parsed_input):
+                return PermissionResult(result=True)
+        except (TypeError, AttributeError, ValueError) as exc:
+            # Tool implementation error - log and deny for safety
+            logger.warning(
+                "[permissions] Tool needs_permissions check failed",
+                extra={"tool": getattr(tool, "name", None), "error": str(exc), "error_type": type(exc).__name__},
+            )
+            return PermissionResult(
+                result=False,
+                message=f"Permission check failed: {type(exc).__name__}: {exc}",
+            )
+
+        allowed_tools = set(config.allowed_tools or [])
+        allow_rules = {
+            "Bash": set(config.bash_allow_rules or []) | session_tool_rules.get("Bash", set())
+        }
+        deny_rules = {"Bash": set(config.bash_deny_rules or [])}
+        allowed_working_dirs = {
+            str(project_path.resolve()),
+            *[str(Path(p).resolve()) for p in config.working_directories or []],
+        }
+
+        # Persisted approvals
+        if tool.name in allowed_tools or tool.name in session_allowed_tools:
+            return PermissionResult(result=True)
+
+        decision: Optional[PermissionDecision] = None
+        if hasattr(tool, "check_permissions"):
+            try:
+                maybe_decision = tool.check_permissions(
+                    parsed_input,
+                    {
+                        "allowed_rules": allow_rules.get(tool.name, set()),
+                        "denied_rules": deny_rules.get(tool.name, set()),
+                        "allowed_working_directories": allowed_working_dirs,
+                    },
+                )
+                decision = (
+                    await maybe_decision if asyncio.iscoroutine(maybe_decision) else maybe_decision
+                )
+                # Allow tools to return a plain dict shaped like PermissionDecision.
+                if isinstance(decision, dict) and "behavior" in decision:
+                    decision = PermissionDecision(**decision)
+            except (TypeError, AttributeError, ValueError, KeyError) as exc:
+                # Tool implementation error - fall back to asking user
+                logger.warning(
+                    "[permissions] Tool check_permissions failed",
+                    extra={"tool": getattr(tool, "name", None), "error": str(exc), "error_type": type(exc).__name__},
+                )
+                decision = PermissionDecision(
+                    behavior="ask",
+                    message=f"Error checking permissions: {type(exc).__name__}",
+                    rule_suggestions=None,
+                )
+
+        if decision is None:
+            decision = PermissionDecision(
+                behavior="passthrough",
+                message=f"Allow tool '{tool.name}'?",
+                rule_suggestions=[ToolRule(tool_name=tool.name, rule_content=tool.name)],
+            )
+
+        if decision.behavior == "allow":
+            return PermissionResult(
+                result=True,
+                message=decision.message,
+                updated_input=decision.updated_input,
+                decision=decision,
+            )
+
+        if decision.behavior == "deny":
+            return PermissionResult(
+                result=False,
+                message=decision.message or f"Permission denied for tool '{tool.name}'.",
+                decision=decision,
+            )
+
+        # Ask/passthrough flows prompt the user.
+        input_preview = _format_input_preview(parsed_input)
+        prompt_lines = [
+            f"{tool.name}",
+            "",
+            f"  {input_preview}",
+        ]
+        if decision.message:
+            prompt_lines.append(f"  {decision.message}")
+        prompt_lines.append("  Do you want to proceed?")
+        prompt = "\n".join(prompt_lines)
+
+        options = [
+            ("y", "Yes"),
+            ("s", "Yes, for this session"),
+            ("n", "No"),
+        ]
+
+        answer = (await _prompt_user(prompt, options=options)).strip().lower()
+        logger.debug(
+            "[permissions] User answer for permission prompt",
+            extra={"answer": answer, "tool": getattr(tool, "name", None)},
+        )
+        rule_suggestions = _rule_strings(decision.rule_suggestions) or [
+            permission_key(tool, parsed_input)
+        ]
+
+        if answer in ("1", "y", "yes"):
+            return PermissionResult(
+                result=True, updated_input=decision.updated_input, decision=decision
+            )
+
+        if answer in ("2", "s", "session", "a"):
+            if tool.name == "Bash":
+                session_tool_rules["Bash"].update(rule_suggestions)
+            else:
+                session_allowed_tools.add(tool.name)
+            return PermissionResult(
+                result=True, updated_input=decision.updated_input, decision=decision
+            )
+
+        return PermissionResult(
+            result=False,
+            message=decision.message or f"Permission denied for tool '{tool.name}'.",
+            decision=decision,
+        )
+
+    return can_use_tool

ripperdoc/core/providers/__init__.py

@@ -0,0 +1,47 @@
+"""Provider client registry with optional dependencies."""
+
+from __future__ import annotations
+
+import importlib
+from typing import Optional, TYPE_CHECKING, Type, cast
+
+from ripperdoc.core.config import ProviderType
+from ripperdoc.core.providers.base import ProviderClient
+from ripperdoc.utils.log import get_logger
+
+if TYPE_CHECKING:  # pragma: no cover - type checking only
+    from ripperdoc.core.providers.anthropic import AnthropicClient  # noqa: F401
+    from ripperdoc.core.providers.gemini import GeminiClient  # noqa: F401
+    from ripperdoc.core.providers.openai import OpenAIClient  # noqa: F401
+
+logger = get_logger()
+
+
+def _load_client(module: str, cls: str, extra: str) -> Type[ProviderClient]:
+    """Dynamically import a provider client, pointing users to the right extra."""
+    try:
+        mod = importlib.import_module(f"ripperdoc.core.providers.{module}")
+        client_cls = cast(Type[ProviderClient], getattr(mod, cls, None))
+        if client_cls is None:
+            raise ImportError(f"{cls} not found in {module}")
+        return client_cls
+    except ImportError as exc:
+        raise RuntimeError(
+            f"{cls} requires optional dependency group '{extra}'. "
+            f"Install with `pip install ripperdoc[{extra}]`."
+        ) from exc
+
+
+def get_provider_client(provider: ProviderType) -> Optional[ProviderClient]:
+    """Return a provider client for the given protocol."""
+    if provider == ProviderType.ANTHROPIC:
+        return _load_client("anthropic", "AnthropicClient", "anthropic")()
+    if provider == ProviderType.OPENAI_COMPATIBLE:
+        return _load_client("openai", "OpenAIClient", "openai")()
+    if provider == ProviderType.GEMINI:
+        return _load_client("gemini", "GeminiClient", "gemini")()
+    logger.warning("[providers] Unsupported provider", extra={"provider": provider})
+    return None
+
+
+__all__ = ["ProviderClient", "get_provider_client"]

ripperdoc/core/providers/anthropic.py

@@ -0,0 +1,250 @@
+"""Anthropic provider client."""
+
+from __future__ import annotations
+
+import asyncio
+import time
+from typing import Any, Awaitable, Callable, Dict, List, Optional
+
+import anthropic
+from anthropic import AsyncAnthropic
+
+from ripperdoc.core.config import ModelProfile
+from ripperdoc.core.providers.base import (
+    ProgressCallback,
+    ProviderClient,
+    ProviderResponse,
+    call_with_timeout_and_retries,
+    iter_with_timeout,
+    sanitize_tool_history,
+)
+from ripperdoc.core.query_utils import (
+    anthropic_usage_tokens,
+    build_anthropic_tool_schemas,
+    content_blocks_from_anthropic_response,
+    estimate_cost_usd,
+)
+from ripperdoc.core.tool import Tool
+from ripperdoc.utils.log import get_logger
+from ripperdoc.utils.session_usage import record_usage
+
+logger = get_logger()
+
+
+def _classify_anthropic_error(exc: Exception) -> tuple[str, str]:
+    """Classify an Anthropic exception into error code and user-friendly message."""
+    exc_type = type(exc).__name__
+    exc_msg = str(exc)
+
+    if isinstance(exc, anthropic.AuthenticationError):
+        return "authentication_error", f"Authentication failed: {exc_msg}"
+    if isinstance(exc, anthropic.PermissionDeniedError):
+        if "balance" in exc_msg.lower() or "insufficient" in exc_msg.lower():
+            return "insufficient_balance", f"Insufficient balance: {exc_msg}"
+        return "permission_denied", f"Permission denied: {exc_msg}"
+    if isinstance(exc, anthropic.NotFoundError):
+        return "model_not_found", f"Model not found: {exc_msg}"
+    if isinstance(exc, anthropic.BadRequestError):
+        if "context" in exc_msg.lower() or "token" in exc_msg.lower():
+            return "context_length_exceeded", f"Context length exceeded: {exc_msg}"
+        if "content" in exc_msg.lower() and "policy" in exc_msg.lower():
+            return "content_policy_violation", f"Content policy violation: {exc_msg}"
+        return "bad_request", f"Invalid request: {exc_msg}"
+    if isinstance(exc, anthropic.RateLimitError):
+        return "rate_limit", f"Rate limit exceeded: {exc_msg}"
+    if isinstance(exc, anthropic.APIConnectionError):
+        return "connection_error", f"Connection error: {exc_msg}"
+    if isinstance(exc, anthropic.APIStatusError):
+        status = getattr(exc, "status_code", "unknown")
+        return "api_error", f"API error ({status}): {exc_msg}"
+    if isinstance(exc, asyncio.TimeoutError):
+        return "timeout", f"Request timed out: {exc_msg}"
+
+    return "unknown_error", f"Unexpected error ({exc_type}): {exc_msg}"
+
+
+class AnthropicClient(ProviderClient):
+    """Anthropic client with streaming and non-streaming support."""
+
+    def __init__(self, client_factory: Optional[Callable[[], Awaitable[AsyncAnthropic]]] = None):
+        self._client_factory = client_factory
+
+    async def _client(self, kwargs: Dict[str, Any]) -> AsyncAnthropic:
+        if self._client_factory:
+            return await self._client_factory()
+        return AsyncAnthropic(**kwargs)
+
+    async def call(
+        self,
+        *,
+        model_profile: ModelProfile,
+        system_prompt: str,
+        normalized_messages: Any,
+        tools: List[Tool[Any, Any]],
+        tool_mode: str,
+        stream: bool,
+        progress_callback: Optional[ProgressCallback],
+        request_timeout: Optional[float],
+        max_retries: int,
+        max_thinking_tokens: int,
+    ) -> ProviderResponse:
+        start_time = time.time()
+
+        try:
+            return await self._call_impl(
+                model_profile=model_profile,
+                system_prompt=system_prompt,
+                normalized_messages=normalized_messages,
+                tools=tools,
+                tool_mode=tool_mode,
+                stream=stream,
+                progress_callback=progress_callback,
+                request_timeout=request_timeout,
+                max_retries=max_retries,
+                max_thinking_tokens=max_thinking_tokens,
+                start_time=start_time,
+            )
+        except asyncio.CancelledError:
+            raise  # Don't suppress task cancellation
+        except Exception as exc:
+            duration_ms = (time.time() - start_time) * 1000
+            error_code, error_message = _classify_anthropic_error(exc)
+            logger.error(
+                "[anthropic_client] API call failed",
+                extra={
+                    "model": model_profile.model,
+                    "error_code": error_code,
+                    "error_message": error_message,
+                    "duration_ms": round(duration_ms, 2),
+                },
+            )
+            return ProviderResponse.create_error(
+                error_code=error_code,
+                error_message=error_message,
+                duration_ms=duration_ms,
+            )
+
+    async def _call_impl(
+        self,
+        *,
+        model_profile: ModelProfile,
+        system_prompt: str,
+        normalized_messages: Any,
+        tools: List[Tool[Any, Any]],
+        tool_mode: str,
+        stream: bool,
+        progress_callback: Optional[ProgressCallback],
+        request_timeout: Optional[float],
+        max_retries: int,
+        max_thinking_tokens: int,
+        start_time: float,
+    ) -> ProviderResponse:
+        """Internal implementation of call, may raise exceptions."""
+        tool_schemas = await build_anthropic_tool_schemas(tools)
+        collected_text: List[str] = []
+        reasoning_parts: List[str] = []
+        response_metadata: Dict[str, Any] = {}
+
+        anthropic_kwargs = {"base_url": model_profile.api_base}
+        if model_profile.api_key:
+            anthropic_kwargs["api_key"] = model_profile.api_key
+        auth_token = getattr(model_profile, "auth_token", None)
+        if auth_token:
+            anthropic_kwargs["auth_token"] = auth_token
+
+        normalized_messages = sanitize_tool_history(list(normalized_messages))
+
+        thinking_payload: Optional[Dict[str, Any]] = None
+        if max_thinking_tokens > 0:
+            thinking_payload = {"type": "enabled", "budget_tokens": max_thinking_tokens}
+
+        async with await self._client(anthropic_kwargs) as client:
+
+            async def _stream_request() -> Any:
+                stream_cm = client.messages.stream(
+                    model=model_profile.model,
+                    max_tokens=model_profile.max_tokens,
+                    system=system_prompt,
+                    messages=normalized_messages,  # type: ignore[arg-type]
+                    tools=tool_schemas if tool_schemas else None,  # type: ignore
+                    temperature=model_profile.temperature,
+                    thinking=thinking_payload,  # type: ignore[arg-type]
+                )
+                stream_resp = (
+                    await asyncio.wait_for(stream_cm.__aenter__(), timeout=request_timeout)
+                    if request_timeout and request_timeout > 0
+                    else await stream_cm.__aenter__()
+                )
+                try:
+                    async for text in iter_with_timeout(stream_resp.text_stream, request_timeout):
+                        if text:
+                            collected_text.append(text)
+                            if progress_callback:
+                                try:
+                                    await progress_callback(text)
+                                except (RuntimeError, ValueError, TypeError, OSError) as cb_exc:
+                                    logger.warning(
+                                        "[anthropic_client] Stream callback failed: %s: %s",
+                                        type(cb_exc).__name__, cb_exc,
+                                    )
+                    getter = getattr(stream_resp, "get_final_response", None) or getattr(
+                        stream_resp, "get_final_message", None
+                    )
+                    if getter:
+                        return await getter()
+                    return None
+                finally:
+                    await stream_cm.__aexit__(None, None, None)
+
+            async def _non_stream_request() -> Any:
+                return await client.messages.create(
+                    model=model_profile.model,
+                    max_tokens=model_profile.max_tokens,
+                    system=system_prompt,
+                    messages=normalized_messages,  # type: ignore[arg-type]
+                    tools=tool_schemas if tool_schemas else None,  # type: ignore
+                    temperature=model_profile.temperature,
+                    thinking=thinking_payload,  # type: ignore[arg-type]
+                )
+
+            timeout_for_call = None if stream else request_timeout
+            response = await call_with_timeout_and_retries(
+                _stream_request if stream else _non_stream_request,
+                timeout_for_call,
+                max_retries,
+            )
+
+        duration_ms = (time.time() - start_time) * 1000
+        usage_tokens = anthropic_usage_tokens(getattr(response, "usage", None))
+        cost_usd = estimate_cost_usd(model_profile, usage_tokens)
+        record_usage(
+            model_profile.model, duration_ms=duration_ms, cost_usd=cost_usd, **usage_tokens
+        )
+
+        content_blocks = content_blocks_from_anthropic_response(response, tool_mode)
+        for blk in content_blocks:
+            if blk.get("type") == "thinking":
+                thinking_text = blk.get("thinking") or blk.get("text") or ""
+                if thinking_text:
+                    reasoning_parts.append(str(thinking_text))
+        if reasoning_parts:
+            response_metadata["reasoning_content"] = "\n".join(reasoning_parts)
+        # Streaming progress is handled via text_stream; final content retains thinking blocks.
+
+        logger.info(
+            "[anthropic_client] Response received",
+            extra={
+                "model": model_profile.model,
+                "duration_ms": round(duration_ms, 2),
+                "tool_mode": tool_mode,
+                "tool_schemas": len(tool_schemas),
+            },
+        )
+
+        return ProviderResponse(
+            content_blocks=content_blocks,
+            usage_tokens=usage_tokens,
+            cost_usd=cost_usd,
+            duration_ms=duration_ms,
+            metadata=response_metadata,
+        )