ripperdoc 0.2.9__py3-none-any.whl → 0.3.0__py3-none-any.whl

ripperdoc/utils/permissions/tool_permission_utils.py

@@ -2,6 +2,7 @@
 
 from __future__ import annotations
 
+import fnmatch
 from dataclasses import dataclass
 from typing import Callable, Iterable, List, Optional, Set
 
@@ -27,8 +28,25 @@ class PermissionDecision:
     rule_suggestions: Optional[List[ToolRule] | List[str]] = None
 
 
-def create_wildcard_rule(rule_name: str) -> str:
-    """Create a wildcard/prefix rule string."""
+def create_wildcard_rule(rule_name: str, use_glob_style: bool = False) -> str:
+    """Create a wildcard/prefix rule string.
+
+    Args:
+        rule_name: The command prefix (e.g., "git", "npm")
+        use_glob_style: If True, creates "rule_name *" format;
+                       if False, creates "rule_name:*" format (default for compatibility)
+
+    Returns:
+        Wildcard rule string in requested format
+
+    Examples:
+        >>> create_wildcard_rule("git")
+        "git:*"
+        >>> create_wildcard_rule("git", use_glob_style=True)
+        "git *"
+    """
+    if use_glob_style:
+        return f"{rule_name} *"
     return f"{rule_name}:*"
 
 
@@ -36,22 +54,124 @@ def create_tool_rule(rule_content: str) -> List[ToolRule]:
     return [ToolRule(tool_name="Bash", rule_content=rule_content)]
 
 
-def create_wildcard_tool_rule(rule_name: str) -> List[ToolRule]:
-    return [ToolRule(tool_name="Bash", rule_content=create_wildcard_rule(rule_name))]
+def create_wildcard_tool_rule(rule_name: str, use_glob_style: bool = False) -> List[ToolRule]:
+    """Create a wildcard tool rule.
+
+    Args:
+        rule_name: The command prefix
+        use_glob_style: Whether to use glob-style format
+
+    Returns:
+        List containing a single ToolRule with wildcard pattern
+    """
+    return [
+        ToolRule(tool_name="Bash", rule_content=create_wildcard_rule(rule_name, use_glob_style))
+    ]
 
 
 def extract_rule_prefix(rule_string: str) -> Optional[str]:
     return rule_string[:-2] if rule_string.endswith(":*") else None
 
 
+def _has_unquoted_shell_operators(command: str) -> bool:
+    """Check if command contains shell operators outside of quotes.
+
+    This prevents wildcard rules from matching commands with shell operators
+    like &&, ||, ;, | which could be used to chain dangerous commands.
+
+    Args:
+        command: The command to check
+
+    Returns:
+        True if command contains unquoted shell operators, False otherwise
+
+    Examples:
+        >>> _has_unquoted_shell_operators("git status && rm -rf /")
+        True
+        >>> _has_unquoted_shell_operators("echo 'foo && bar'")
+        False
+        >>> _has_unquoted_shell_operators("ls | grep foo")
+        True
+        >>> _has_unquoted_shell_operators("echo hi; rm -rf /")
+        True
+    """
+    # Parse the command into tokens, which handles quotes correctly
+    tokens = parse_shell_tokens(command)
+
+    # Check for shell operators in the tokens
+    # Note: parse_shell_tokens may attach semicolon to adjacent tokens
+    # (e.g., "echo hi; rm" -> ["echo", "hi;", "rm"] or ";echo" -> [";echo"])
+    for token in tokens:
+        # Check for separate operator tokens
+        if token in {"&&", "||", "|"}:
+            return True
+        # Check for semicolon (may be attached to previous or next token)
+        if token.endswith(";") or token.startswith(";"):
+            return True
+
+    return False
+
+
 def match_rule(command: str, rule: str) -> bool:
-    """Return True if a command matches a rule (exact or wildcard)."""
+    """Return True if a command matches a rule (exact, prefix wildcard, or glob pattern).
+
+    Supports three formats:
+    - Exact match: "git status" matches "git status" only
+    - Legacy prefix: "git:*" matches any command starting with "git"
+    - Glob patterns: "git * main" matches "git push main", "git pull main", etc.
+
+    Glob patterns support:
+    - * (matches any characters)
+    - ? (matches single character)
+    - [seq] (matches any character in seq)
+    - [!seq] (matches any character NOT in seq)
+
+    Security: Wildcard rules (both legacy and glob) will NOT match commands
+    containing shell operators (&&, ||, ;, |) outside of quotes. This prevents
+    a rule like "git:*" from matching "git status && rm -rf /". Exact match
+    rules still work with operators (user explicitly approved the full command).
+
+    Args:
+        command: The command to check
+        rule: The rule pattern to match against
+
+    Returns:
+        True if command matches rule, False otherwise
+
+    Examples:
+        >>> match_rule("git status", "git:*")
+        True
+        >>> match_rule("npm install", "npm *")
+        True
+        >>> match_rule("pip install", "* install")
+        True
+        >>> match_rule("git push main", "git * main")
+        True
+        >>> match_rule("git status && rm -rf /", "git:*")
+        False
+        >>> match_rule("git status && git commit", "git status && git commit")
+        True
+    """
     command = command.strip()
     if not command:
         return False
+
+    # Legacy format: prefix:* (highest priority for backward compatibility)
     prefix = extract_rule_prefix(rule)
     if prefix is not None:
+        # For wildcard rules, reject commands with shell operators for security
+        if _has_unquoted_shell_operators(command):
+            return False
         return command.startswith(prefix)
+
+    # New format: glob-style patterns with wildcards
+    if "*" in rule or "?" in rule or "[" in rule:
+        # For wildcard rules, reject commands with shell operators for security
+        if _has_unquoted_shell_operators(command):
+            return False
+        return fnmatch.fnmatch(command, rule)
+
+    # Exact match - allow even with operators (user explicitly approved full command)
     return command == rule
 
 
@@ -131,10 +251,41 @@ def _is_command_read_only(
 
 
 def _collect_rule_suggestions(command: str) -> List[ToolRule]:
-    suggestions: list[ToolRule] = [ToolRule(tool_name="Bash", rule_content=command)]
+    """Collect rule suggestions for a command.
+
+    Suggests three options:
+    1. Exact command match
+    2. Legacy prefix wildcard (git:*)
+    3. Glob-style wildcard (git *)
+
+    This gives users choice between formats while maintaining backward compatibility.
+
+    Args:
+        command: The command to generate suggestions for
+
+    Returns:
+        List of suggested ToolRule objects
+    """
+    suggestions: list[ToolRule] = [
+        # Exact match
+        ToolRule(tool_name="Bash", rule_content=command)
+    ]
+
     tokens = parse_and_clean_shell_tokens(command)
     if tokens:
-        suggestions.append(ToolRule(tool_name="Bash", rule_content=create_wildcard_rule(tokens[0])))
+        # Legacy prefix format
+        suggestions.append(
+            ToolRule(
+                tool_name="Bash", rule_content=create_wildcard_rule(tokens[0], use_glob_style=False)
+            )
+        )
+        # New glob-style format
+        suggestions.append(
+            ToolRule(
+                tool_name="Bash", rule_content=create_wildcard_rule(tokens[0], use_glob_style=True)
+            )
+        )
+
     return suggestions
 
 
@@ -144,19 +295,34 @@ def evaluate_shell_command_permissions(
     denied_rules: Iterable[str],
     allowed_working_dirs: Set[str] | None = None,
     *,
-    command_injection_detected: bool = False,
-    injection_detector: Callable[[str], bool] | None = None,
+    danger_detector: Callable[[str], bool] | None = None,
     read_only_detector: Callable[[str, Callable[[str], bool]], bool] | None = None,
 ) -> PermissionDecision:
-    """Evaluate whether a bash command should be allowed."""
+    """Evaluate whether a bash command should be allowed.
+
+    Args:
+        tool_request: The tool request containing the command.
+        allowed_rules: Rules that allow commands.
+        denied_rules: Rules that deny commands.
+        allowed_working_dirs: Allowed working directories.
+        danger_detector: Callable that returns True if command contains dangerous
+            shell patterns (injection, destructive commands, etc.).
+        read_only_detector: Callable that returns True if command is read-only.
+
+    Returns:
+        PermissionDecision indicating whether the command should be allowed.
+    """
     command = tool_request.command if hasattr(tool_request, "command") else str(tool_request)
     trimmed_command = command.strip()
     allowed_working_dirs = allowed_working_dirs or {safe_get_cwd()}
-    injection_detector = injection_detector or (
+    danger_detector = danger_detector or (
         lambda cmd: validate_shell_command(cmd).behavior != "passthrough"
     )
     read_only_detector = read_only_detector or _is_command_read_only
 
+    # Detect dangerous patterns once, reuse the result
+    has_dangerous_patterns = danger_detector(trimmed_command)
+
     merged_denied = _merge_rules(denied_rules)
     merged_allowed = _merge_rules(allowed_rules)
 
@@ -217,11 +383,10 @@ def evaluate_shell_command_permissions(
             merged_allowed,
             merged_denied,
             allowed_working_dirs,
-            command_injection_detected=command_injection_detected,
-            injection_detector=injection_detector,
+            danger_detector=danger_detector,
             read_only_detector=read_only_detector,
         )
-        right_read_only = read_only_detector(right_command, injection_detector)
+        right_read_only = read_only_detector(right_command, danger_detector)
 
         if left_result.behavior == "deny":
             return left_result
@@ -245,7 +410,7 @@ def evaluate_shell_command_permissions(
             rule_suggestions=_collect_rule_suggestions(trimmed_command),
         )
 
-    if read_only_detector(trimmed_command, injection_detector) and not command_injection_detected:
+    if read_only_detector(trimmed_command, danger_detector) and not has_dangerous_patterns:
         return PermissionDecision(
             behavior="allow",
             updated_input=tool_request,

ripperdoc/utils/platform.py

@@ -0,0 +1,198 @@
+"""Platform detection utilities.
+
+This module provides a unified interface for detecting the current operating system
+and platform-specific capabilities. It should be used instead of direct checks
+like `sys.platform == "win32"` or `os.name == "nt"`.
+
+Usage:
+    from ripperdoc.utils.platform import (
+        is_windows,
+        is_linux,
+        is_macos,
+        is_unix,
+        Platform,
+    )
+
+    if is_windows():
+        # Windows-specific code
+    elif is_macos():
+        # macOS-specific code
+    else:
+        # Linux or other Unix-specific code
+"""
+
+import os
+import sys
+from typing import Final, Literal
+
+
+# Platform type definitions
+PlatformType = Literal["windows", "linux", "macos", "unknown"]
+
+
+class Platform:
+    """Platform detection constants and utilities.
+
+    This class provides platform detection methods and constants that should
+    be used throughout the codebase instead of direct checks.
+    """
+
+    # Platform constants (using sys.platform for consistency)
+    WINDOWS: Final = "win32"
+    LINUX: Final = "linux"
+    MACOS: Final = "darwin"
+    FREEBSD: Final = "freebsd"
+    OPENBSD: Final = "openbsd"
+    NETBSD: Final = "netbsd"
+
+    # os.name constants
+    NAME_NT: Final = "nt"  # Windows
+    NAME_POSIX: Final = "posix"  # Unix-like systems
+
+    @staticmethod
+    def get_system() -> PlatformType:
+        """Get the current operating system name.
+
+        Returns:
+            'windows', 'linux', 'macos', or 'unknown'
+        """
+        platform = sys.platform.lower()
+
+        if platform.startswith("win"):
+            return "windows"
+        elif platform.startswith("darwin"):
+            return "macos"
+        elif platform.startswith("linux"):
+            return "linux"
+        elif platform in {"freebsd", "openbsd", "netbsd"}:
+            return "linux"  # Treat BSD as Linux for most purposes
+        else:
+            return "unknown"
+
+    @staticmethod
+    def is_windows() -> bool:
+        """Check if running on Windows."""
+        return sys.platform == Platform.WINDOWS
+
+    @staticmethod
+    def is_linux() -> bool:
+        """Check if running on Linux."""
+        return sys.platform.startswith("linux")
+
+    @staticmethod
+    def is_macos() -> bool:
+        """Check if running on macOS."""
+        return sys.platform == Platform.MACOS
+
+    @staticmethod
+    def is_bsd() -> bool:
+        """Check if running on any BSD variant."""
+        return sys.platform in {Platform.FREEBSD, Platform.OPENBSD, Platform.NETBSD}
+
+    @staticmethod
+    def is_unix() -> bool:
+        """Check if running on any Unix-like system (Linux, macOS, BSD)."""
+        return os.name == Platform.NAME_POSIX
+
+    @staticmethod
+    def is_posix() -> bool:
+        """Check if running on a POSIX-compliant system.
+
+        This is equivalent to is_unix() but uses os.name for the check.
+        """
+        return os.name == Platform.NAME_POSIX
+
+    @staticmethod
+    def get_raw_name() -> str:
+        """Get the raw sys.platform value.
+
+        Returns:
+            The raw sys.platform string (e.g., 'win32', 'linux', 'darwin').
+        """
+        return sys.platform
+
+    @staticmethod
+    def get_os_name() -> str:
+        """Get the os.name value.
+
+        Returns:
+            'nt' for Windows, 'posix' for Unix-like systems.
+        """
+        return os.name
+
+
+# Convenience functions for direct import
+def is_windows() -> bool:
+    """Check if running on Windows."""
+    return Platform.is_windows()
+
+
+def is_linux() -> bool:
+    """Check if running on Linux."""
+    return Platform.is_linux()
+
+
+def is_macos() -> bool:
+    """Check if running on macOS."""
+    return Platform.is_macos()
+
+
+def is_bsd() -> bool:
+    """Check if running on any BSD variant."""
+    return Platform.is_bsd()
+
+
+def is_unix() -> bool:
+    """Check if running on any Unix-like system (Linux, macOS, BSD)."""
+    return Platform.is_unix()
+
+
+def is_posix() -> bool:
+    """Check if running on a POSIX-compliant system."""
+    return Platform.is_posix()
+
+
+# Module-level constants for backward compatibility
+IS_WINDOWS: Final = is_windows()
+IS_LINUX: Final = is_linux()
+IS_MACOS: Final = is_macos()
+IS_BSD: Final = is_bsd()
+IS_UNIX: Final = is_unix()
+IS_POSIX: Final = is_posix()
+
+
+# Platform-specific module availability
+def has_termios() -> bool:
+    """Check if the termios module is available (Unix-like systems only)."""
+    try:
+        import termios  # noqa: F401
+
+        return True
+    except ImportError:
+        return False
+
+
+def has_fcntl() -> bool:
+    """Check if the fcntl module is available (Unix-like systems only)."""
+    try:
+        import fcntl  # noqa: F401
+
+        return True
+    except ImportError:
+        return False
+
+
+def has_tty() -> bool:
+    """Check if the tty module is available (Unix-like systems only)."""
+    try:
+        import tty  # noqa: F401
+
+        return True
+    except ImportError:
+        return False
+
+
+# Module-level constants for module availability
+HAS_TERMIOS: Final = has_termios()
+HAS_FCNTL: Final = has_fcntl()
+HAS_TTY: Final = has_tty()