1  /**
 2   * Zod schemas for permission updates.
 3   *
 4   * This file is intentionally kept minimal with no complex dependencies
 5   * so it can be safely imported by src/types/hooks.ts without creating
 6   * circular dependencies.
 7   */
 8  import z from 'zod/v4'
 9  // Types extracted to src/types/permissions.ts to break import cycles
10  import type {
11    PermissionUpdate,
12    PermissionUpdateDestination,
13  } from '../../types/permissions.js'
14  import { lazySchema } from '../lazySchema.js'
15  import { externalPermissionModeSchema } from './PermissionMode.js'
16  import {
17    permissionBehaviorSchema,
18    permissionRuleValueSchema,
19  } from './PermissionRule.js'
20  
21  // Re-export for backwards compatibility
22  export type { PermissionUpdate, PermissionUpdateDestination }
23  
24  /**
25   * PermissionUpdateDestination is where a new permission rule should be saved to.
26   */
27  export const permissionUpdateDestinationSchema = lazySchema(() =>
28    z.enum([
29      // User settings (global)
30      'userSettings',
31      // Project settings (shared per-directory)
32      'projectSettings',
33      // Local settings (gitignored)
34      'localSettings',
35      // In-memory for the current session only
36      'session',
37      // From the command line arguments
38      'cliArg',
39    ]),
40  )
41  
42  export const permissionUpdateSchema = lazySchema(() =>
43    z.discriminatedUnion('type', [
44      z.object({
45        type: z.literal('addRules'),
46        rules: z.array(permissionRuleValueSchema()),
47        behavior: permissionBehaviorSchema(),
48        destination: permissionUpdateDestinationSchema(),
49      }),
50      z.object({
51        type: z.literal('replaceRules'),
52        rules: z.array(permissionRuleValueSchema()),
53        behavior: permissionBehaviorSchema(),
54        destination: permissionUpdateDestinationSchema(),
55      }),
56      z.object({
57        type: z.literal('removeRules'),
58        rules: z.array(permissionRuleValueSchema()),
59        behavior: permissionBehaviorSchema(),
60        destination: permissionUpdateDestinationSchema(),
61      }),
62      z.object({
63        type: z.literal('setMode'),
64        mode: externalPermissionModeSchema(),
65        destination: permissionUpdateDestinationSchema(),
66      }),
67      z.object({
68        type: z.literal('addDirectories'),
69        directories: z.array(z.string()),
70        destination: permissionUpdateDestinationSchema(),
71      }),
72      z.object({
73        type: z.literal('removeDirectories'),
74        directories: z.array(z.string()),
75        destination: permissionUpdateDestinationSchema(),
76      }),
77    ]),
78  )