PermissionRule Type
A single allow/deny rule the user granted.
Record fields
| Record Field |
Description
|
|
|
|
|
Full Usage:
Id
Field type: string
|
Stable identifier (used to revoke).
|
|
|
Full Usage:
Operations
Field type: string list
|
Operations this rule covers, lowercased (e.g. ["read"; "write"]). Empty = any.
|
Full Usage:
Pattern
Field type: string
|
Match pattern.
• File: an absolute path prefix — matches the path itself and anything under it
(e.g. "/home/me/project" matches "/home/me/project/sub/a.txt"). Globs allowed.
• Web: a host or host suffix — "example.com" matches "example.com" and any
subdomain "*.example.com". A bare "*" matches everything. Globs allowed.
• Tool: the tool name, a glob, or "*".
|
|
Nao