feat: hooks wiring, session persistence, enhanced permissions - v0.4.1

Hooks:
- Config hooks (preToolUse/postToolUse) now wired into SDK agent
- Shell command hooks execute via bash -c
- /hooks command shows configured hooks

Session Management:
- Conversation blocks saved to <session>-conv.json after each query
- --resume flag restores conversation history in TUI
- /resume lists sessions with turn count and cost
- Session metadata (model, turns, cost, title) auto-updated

Permissions:
- Pattern-based allow/deny rules in ~/.codeany/permissions.json
- /permissions rules - show all configured rules
- /permissions allow <tool> [pattern] - add allow rule
- /permissions deny <tool> [pattern] - add deny rule
- Permission callback checks deny rules before allow rules
- Support wildcard patterns (git*, src/**)

Total: 5900+ lines, 49 commands

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: idoubi

internal/config/permissions.go

@@ -2,18 +2,28 @@ package config
 
 import (
 	"encoding/json"
+	"fmt"
 	"os"
 	"path/filepath"
+	"strings"
 	"sync"
 )
 
 // PermissionRules stores persistent permission rules
 type PermissionRules struct {
-	AlwaysAllow map[string]bool `json:"alwaysAllow"` // tool name -> always allow
+	AlwaysAllow map[string]bool `json:"alwaysAllow"`         // tool name -> always allow
+	AllowRules  []PermRule      `json:"allowRules,omitempty"` // pattern-based allow rules
+	DenyRules   []PermRule      `json:"denyRules,omitempty"`  // pattern-based deny rules
 	mu          sync.RWMutex
 	path        string
 }
 
+// PermRule is a pattern-based permission rule
+type PermRule struct {
+	Tool    string `json:"tool"`              // tool name (e.g., "Bash", "Edit", "*")
+	Pattern string `json:"pattern,omitempty"` // pattern to match against input (e.g., "git *", "src/**")
+}
+
 // LoadPermissionRules loads rules from disk
 func LoadPermissionRules() *PermissionRules {
 	path := filepath.Join(GlobalConfigDir(), "permissions.json")
@@ -34,13 +44,40 @@ func LoadPermissionRules() *PermissionRules {
 	return pr
 }
 
-// IsAllowed checks if a tool is always allowed
+// IsAllowed checks if a tool call is allowed by rules
 func (pr *PermissionRules) IsAllowed(toolName string) bool {
 	pr.mu.RLock()
 	defer pr.mu.RUnlock()
 	return pr.AlwaysAllow[toolName]
 }
 
+// IsAllowedWithInput checks allow/deny rules with input pattern matching
+func (pr *PermissionRules) IsAllowedWithInput(toolName string, input map[string]interface{}) (allowed bool, denied bool) {
+	pr.mu.RLock()
+	defer pr.mu.RUnlock()
+
+	// Check deny rules first
+	for _, rule := range pr.DenyRules {
+		if matchRule(rule, toolName, input) {
+			return false, true
+		}
+	}
+
+	// Check always allow
+	if pr.AlwaysAllow[toolName] {
+		return true, false
+	}
+
+	// Check allow rules
+	for _, rule := range pr.AllowRules {
+		if matchRule(rule, toolName, input) {
+			return true, false
+		}
+	}
+
+	return false, false
+}
+
 // SetAlwaysAllow marks a tool as always allowed and saves to disk
 func (pr *PermissionRules) SetAlwaysAllow(toolName string) {
 	pr.mu.Lock()
@@ -49,6 +86,75 @@ func (pr *PermissionRules) SetAlwaysAllow(toolName string) {
 	pr.save()
 }
 
+// AddAllowRule adds a pattern-based allow rule
+func (pr *PermissionRules) AddAllowRule(tool, pattern string) {
+	pr.mu.Lock()
+	pr.AllowRules = append(pr.AllowRules, PermRule{Tool: tool, Pattern: pattern})
+	pr.mu.Unlock()
+	pr.save()
+}
+
+// AddDenyRule adds a pattern-based deny rule
+func (pr *PermissionRules) AddDenyRule(tool, pattern string) {
+	pr.mu.Lock()
+	pr.DenyRules = append(pr.DenyRules, PermRule{Tool: tool, Pattern: pattern})
+	pr.mu.Unlock()
+	pr.save()
+}
+
+// RemoveAlwaysAllow removes an always-allow entry
+func (pr *PermissionRules) RemoveAlwaysAllow(toolName string) {
+	pr.mu.Lock()
+	delete(pr.AlwaysAllow, toolName)
+	pr.mu.Unlock()
+	pr.save()
+}
+
+// FormatRules returns a readable summary
+func (pr *PermissionRules) FormatRules() string {
+	pr.mu.RLock()
+	defer pr.mu.RUnlock()
+
+	var b strings.Builder
+	b.WriteString("Permission rules:\n\n")
+
+	if len(pr.AlwaysAllow) > 0 {
+		b.WriteString("  Always allow:\n")
+		for tool := range pr.AlwaysAllow {
+			b.WriteString(fmt.Sprintf("    ✓ %s\n", tool))
+		}
+	}
+
+	if len(pr.AllowRules) > 0 {
+		b.WriteString("  Allow rules:\n")
+		for _, r := range pr.AllowRules {
+			p := r.Pattern
+			if p == "" {
+				p = "*"
+			}
+			b.WriteString(fmt.Sprintf("    ✓ %s (%s)\n", r.Tool, p))
+		}
+	}
+
+	if len(pr.DenyRules) > 0 {
+		b.WriteString("  Deny rules:\n")
+		for _, r := range pr.DenyRules {
+			p := r.Pattern
+			if p == "" {
+				p = "*"
+			}
+			b.WriteString(fmt.Sprintf("    ✗ %s (%s)\n", r.Tool, p))
+		}
+	}
+
+	if len(pr.AlwaysAllow) == 0 && len(pr.AllowRules) == 0 && len(pr.DenyRules) == 0 {
+		b.WriteString("  (no rules configured)\n")
+	}
+
+	b.WriteString(fmt.Sprintf("\n  Stored in: %s", pr.path))
+	return b.String()
+}
+
 // save writes rules to disk
 func (pr *PermissionRules) save() {
 	pr.mu.RLock()
@@ -61,3 +167,41 @@ func (pr *PermissionRules) save() {
 	os.MkdirAll(filepath.Dir(pr.path), 0755)
 	os.WriteFile(pr.path, data, 0644)
 }
+
+// matchRule checks if a rule matches a tool call
+func matchRule(rule PermRule, toolName string, input map[string]interface{}) bool {
+	if rule.Tool != "*" && rule.Tool != toolName {
+		return false
+	}
+	if rule.Pattern == "" {
+		return true
+	}
+	// Match pattern against relevant input field
+	var value string
+	switch toolName {
+	case "Bash":
+		value, _ = input["command"].(string)
+	case "Edit", "Write", "Read":
+		value, _ = input["file_path"].(string)
+	case "Glob":
+		value, _ = input["pattern"].(string)
+	case "Grep":
+		value, _ = input["pattern"].(string)
+	default:
+		return true
+	}
+	return simpleMatch(rule.Pattern, value)
+}
+
+func simpleMatch(pattern, value string) bool {
+	if pattern == "*" {
+		return true
+	}
+	if strings.HasSuffix(pattern, "*") {
+		return strings.HasPrefix(value, strings.TrimSuffix(pattern, "*"))
+	}
+	if strings.HasPrefix(pattern, "*") {
+		return strings.HasSuffix(value, strings.TrimPrefix(pattern, "*"))
+	}
+	return pattern == value
+}

internal/session/session.go

@@ -172,6 +172,15 @@ func FormatSessionList(sessions []SessionSummary) string {
 	return b.String()
 }
 
+// ConversationEntry stores one message in the conversation log
+type ConversationEntry struct {
+	Role      string `json:"role"` // "user", "assistant", "system", "tool"
+	Content   string `json:"content,omitempty"`
+	ToolName  string `json:"toolName,omitempty"`
+	ToolInput string `json:"toolInput,omitempty"`
+	Timestamp int64  `json:"ts"`
+}
+
 // UpdateMeta updates session metadata
 func (s *Session) UpdateMeta(model string, turns int, cost float64, title string) {
 	s.Model = model
@@ -183,6 +192,34 @@ func (s *Session) UpdateMeta(model string, turns int, cost float64, title string
 	s.Save()
 }
 
+// SaveConversation saves the conversation log alongside the session
+func (s *Session) SaveConversation(entries []ConversationEntry) error {
+	if s.path == "" {
+		return nil
+	}
+	convPath := strings.TrimSuffix(s.path, ".json") + "-conv.json"
+	data, err := json.MarshalIndent(entries, "", "  ")
+	if err != nil {
+		return err
+	}
+	return os.WriteFile(convPath, data, 0644)
+}
+
+// LoadConversation loads the conversation log for this session
+func (s *Session) LoadConversation() []ConversationEntry {
+	if s.path == "" {
+		return nil
+	}
+	convPath := strings.TrimSuffix(s.path, ".json") + "-conv.json"
+	data, err := os.ReadFile(convPath)
+	if err != nil {
+		return nil
+	}
+	var entries []ConversationEntry
+	json.Unmarshal(data, &entries)
+	return entries
+}
+
 // Save persists the session to disk
 func (s *Session) Save() error {
 	if s.path == "" {

internal/slash/slash.go

@@ -425,8 +425,32 @@ func (h *Handler) permissions(args []string) Result {
 			indicator = " 🔒 Will ask for write operations"
 		}
 		return Result{Message: fmt.Sprintf("Permission mode: %s%s", mode, indicator)}
+	case "rules":
+		return Result{Message: config.LoadPermissionRules().FormatRules()}
+	case "allow":
+		if len(args) < 2 {
+			return Result{Message: "Usage: /permissions allow <tool> [pattern]\nExample: /permissions allow Bash git*"}
+		}
+		tool := args[1]
+		pattern := ""
+		if len(args) > 2 {
+			pattern = strings.Join(args[2:], " ")
+		}
+		config.LoadPermissionRules().AddAllowRule(tool, pattern)
+		return Result{Message: fmt.Sprintf("✓ Allow rule added: %s %s", tool, pattern)}
+	case "deny":
+		if len(args) < 2 {
+			return Result{Message: "Usage: /permissions deny <tool> [pattern]\nExample: /permissions deny Bash rm*"}
+		}
+		tool := args[1]
+		pattern := ""
+		if len(args) > 2 {
+			pattern = strings.Join(args[2:], " ")
+		}
+		config.LoadPermissionRules().AddDenyRule(tool, pattern)
+		return Result{Message: fmt.Sprintf("✓ Deny rule added: %s %s", tool, pattern)}
 	default:
-		return Result{Message: fmt.Sprintf("Unknown mode: %s\nUse: bypass, auto, default, plan", mode)}
+		return Result{Message: fmt.Sprintf("Unknown: %s\nUse: bypass, auto, default, plan, rules, allow <tool>, deny <tool>", mode)}
 	}
 }