26 lines
1.1 KiB
PowerShell
26 lines
1.1 KiB
PowerShell
# Claude Code PreToolUse hook: DB-vedelem — csak _DEV nevu adatbazis erheto el shell-parancsbol.
|
|
# Bemenet: hook JSON a stdin-en; ha a parancs connection stringet tartalmaz (Initial Catalog= / Database=)
|
|
# es a DB-nev NEM tartalmazza a "_DEV"-et, a tool-hivast DENY-jal blokkolja.
|
|
|
|
$payloadText = [Console]::In.ReadToEnd()
|
|
if ([string]::IsNullOrWhiteSpace($payloadText)) { exit 0 }
|
|
|
|
try { $payload = $payloadText | ConvertFrom-Json } catch { exit 0 }
|
|
|
|
$command = $payload.tool_input.command
|
|
if ([string]::IsNullOrWhiteSpace($command)) { exit 0 }
|
|
|
|
$pattern = [regex]'(?i)(?:Initial\s+Catalog|Database)\s*=\s*([^;"''\s]+)'
|
|
|
|
foreach ($match in $pattern.Matches($command)) {
|
|
$dbName = $match.Groups[1].Value
|
|
if ($dbName -notmatch '(?i)_DEV') {
|
|
$reason = "Blokkolt: csak _DEV adatbazis modosithato! (talalt adatbazis: $dbName)"
|
|
$result = @{ hookSpecificOutput = @{ hookEventName = 'PreToolUse'; permissionDecision = 'deny'; permissionDecisionReason = $reason } }
|
|
Write-Output ($result | ConvertTo-Json -Depth 5 -Compress)
|
|
exit 0
|
|
}
|
|
}
|
|
|
|
exit 0
|