Lesson 4: Permissions and Safety

Learning Objectives

After completing this lesson, you will be able to:

• Understand the philosophy behind permissions
• Use all four permission modes effectively
• Leverage Plan mode for complex tasks
• Switch modes using keyboard shortcuts
• Configure allowed and denied operations
• Choose the right mode for any situation

Prerequisites

• Completed Lessons 1-3 - Basic file operations and codebase navigation
• Comfortable with chat mode - Understanding of tool permissions
• Basic familiarity - You've approved a few file operations

Estimated Time: 25 minutes

---

Why Permissions Exist

Claude Code's permission system is designed with a core principle: you should always know what's happening to your code.

The Permission Philosophy

Transparency:

• Every operation is visible before it executes
• You see exactly what will change
• No silent modifications

Control:

• You decide what executes
• You can deny any operation
• You're always in charge

Safety:

• Prevent accidental destructive actions
• Catch mistakes before they happen
• Review changes systematically

Learning:

• Understand what Claude is doing
• Learn from the proposed changes
• Build trust in the system

The Permission Flow

┌─────────────────┐
│ Claude wants    │
│ to use a tool   │
└────────┬────────┘
         │
         ▼
┌─────────────────┐
│ System displays │
│ the request     │
└────────┬────────┘
         │
         ▼
┌─────────────────┐       ┌──────────────┐
│ You decide      │──────▶│ Approve      │
│ (based on mode) │       │ Deny         │
└─────────────────┘       │ Cancel       │
                          └──────────────┘

---

Permission Modes Explained

Claude Code has four permission modes, each suited for different workflows.

Mode 1: Default (Recommended for Beginners)

Behavior: Asks for permission for every tool use

When to use:

• Learning Claude Code
• Working with important codebases
• When you want to review every change
• Understanding what Claude is doing

Example flow:

Claude: I'll read src/main.py
System: 📖 Read src/main.py
        Proceed? [Y/n]
You: Y
[File is read]

Advantages:

• Maximum control
• Full visibility
• Great for learning

Disadvantages:

• More interactions required
• Can slow down workflows

Mode 2: Accept Edits

Behavior: Automatically approves Edit and Write operations, asks for others

When to use:

• Rapid prototyping
• When you trust Claude's changes
• Feature development
• Quick iterations

Example flow:

Claude: I'll update the function in src/utils.py
[Edit is automatically approved and applied]
[No prompt shown]

But you'll still be prompted for:

• Running commands (Bash)
• Reading sensitive files

Advantages:

• Faster development
• Less interruption
• Still maintains safety for commands

Disadvantages:

• Less review of changes
• Potential for unintended modifications

Mode 3: Don't Ask

Behavior: Automatically approves all tool uses except destructive commands

When to use:

• Highly trusted workflows
• Scratch/development environments
• Automated tasks
• When speed is critical

Example flow:

Claude: I'll read files, make edits, and run tests
[All operations execute automatically]
[No prompts shown]

Still protected:

• Destructive commands (rm, git clean, etc.)
• File deletions
• Certain system operations

Advantages:

• Maximum speed
• Minimal interruption
• Great for experimentation

Disadvantages:

• Less visibility into changes
• Requires trust in Claude
• Not recommended for critical codebases

Mode 4: Bypass

Behavior: No permission prompts, including for most destructive commands

⚠️ WARNING: Use with extreme caution

When to use:

• Automated scripts
• Sandboxed environments
• Complete trust in the workflow
• CI/CD pipelines

Never use for:

• Production codebases
• Important projects
• Learning or exploration

Advantages:

• Complete automation
• No interruption

Disadvantages:

• High risk of unintended changes
• No safety net
• Not recommended for interactive use

---

Plan Mode: Planning Before Executing

Plan mode is a special workflow for complex tasks that require careful consideration.

What is Plan Mode?

In plan mode, Claude:

• Analyzes the task thoroughly
• Explores the codebase to understand context
• Creates a detailed plan for implementation
• Presents the plan for your review
• Waits for approval before executing

When to Use Plan Mode

Use plan mode for:

• New features - "Add user authentication"
• Major refactoring - "Convert to TypeScript"
• Architecture changes - "Switch to microservices"
• Multi-file changes - "Update error handling across the codebase"

Don't use for:

• Simple edits
• Single-file changes
• Quick questions
• Trivial modifications

How Plan Mode Works

┌──────────────────┐
│ Enter plan mode  │
└────────┬─────────┘
         │
         ▼
┌──────────────────┐
│ Describe task    │
│ (e.g., "Add      │
│ user auth")      │
└────────┬─────────┘
         │
         ▼
┌──────────────────┐
│ Claude explores  │
│ codebase         │
└────────┬─────────┘
         │
         ▼
┌──────────────────┐
│ Claude creates   │
│ detailed plan    │
└────────┬─────────┘
         │
         ▼
┌──────────────────┐
│ You review plan  │
│ Approve or       │
│ request changes  │
└────────┬─────────┘
         │
         ▼
┌──────────────────┐
│ Claude executes  │
│ the plan         │
└──────────────────┘

Example Plan Mode Session

You> /plan
[Entering plan mode]

You> I want to add user authentication with JWT tokens

Claude: [Explores codebase]

Claude: Here's my plan:
1. Install dependencies (pyjwt, bcrypt)
2. Create auth module with:
   - User model
   - JWT token generation
   - Password hashing
3. Add login endpoint
4. Add authentication middleware
5. Update protected routes

Files to modify:
- Create: src/auth.py
- Create: src/middleware.py
- Modify: src/main.py
- Modify: requirements.txt

Do you want to proceed? [Y/n/modify]

You> Y

Claude: [Executes the plan step by step]

Entering Plan Mode

Method 1: Use the command

You> /plan

Method 2: Start with plan flag

claude --plan

Exiting plan mode:

You> /exit

---

Switching Modes with Keyboard Shortcuts

You can change permission modes during a session using keyboard shortcuts.

Mode Switching Shortcuts

Shortcut	Action
Ctrl+P	Cycle to next permission mode
Ctrl+Shift+P	Switch to Default mode
Ctrl+O	Toggle "Don't Ask" mode
Escape	Cancel current operation

Current Mode Display

Your prompt shows the current mode:

[Default] You>
[Accept Edits] You>
[Don't Ask] You>

Practical Example

[Default] You> Add error handling to all API endpoints
[Permission prompts for each file]

[Press Ctrl+P to switch to Accept Edits]

[Accept Edits] You> Continue
[Edits proceed without prompts]

---

Setting Up Allowed and Denied Operations

You can pre-configure which operations Claude can perform without asking.

Configuration Files

Settings are stored in:

• Linux/macOS: ~/.config/claude-code/settings.json
• Windows: %APPDATA%\claude-code\settings.json

Allowing Operations

Example: Allow all Read operations

{
  "permissions": {
    "allowedOperations": ["Read"]
  }
}

Now Read operations won't prompt, but Edit/Write/Bash still will.

Denying Operations

Example: Never allow Bash commands

{
  "permissions": {
    "deniedOperations": ["Bash"]
  }
}

Claude will never be able to run shell commands.

File-Specific Permissions

Example: Never modify .env files

{
  "permissions": {
    "deniedPatterns": [
      {"pattern": "\\.env$", "operation": "Edit"}
    ]
  }
}

Directory-Specific Permissions

Example: Auto-approve operations in test/ directory

{
  "permissions": {
    "allowedPatterns": [
      {"pattern": "^test/", "operation": "*"}
    ]
  }
}

---

Practical Example: Comparing Permission Modes

Let's experience the difference between modes.

Step 1: Create Test Environment

cd ~/claude-test
mkdir permission-demo
cd permission-demo
echo "print('hello')" > demo.py
claude

Step 2: Test Default Mode

[Default] You> Read @demo.py and add a comment with your name

Observe:

• Prompt to read
• Prompt to edit
• See the diff
• Approve each step

Step 3: Switch to Accept Edits

Press Ctrl+P or use:

You> /mode accept-edits

Step 4: Test Accept Edits Mode

[Accept Edits] You> Add another print statement to @demo.py

Observe:

• Read prompts (if needed)
• Edit happens automatically
• No edit approval shown

Step 5: Test Plan Mode

You> /plan
[In plan mode] You> Refactor demo.py into a module with multiple functions

Observe:

• Claude creates a plan
• Review the plan
• Approve execution
• Watch it implement

---

✅ Check Your Understanding

1. Which permission mode asks before every operation?

   • Accept Edits
   • Don't Ask
   • Default
   • Bypass

2. When should you use Plan mode?

   • For simple edits
   • For complex, multi-file changes
   • For reading files
   • For running tests

3. What does Ctrl+P do?

   • Prints the current file
   • Pauses the session
   • Cycles to next permission mode
   • Opens plan mode

4. True or False: Bypass mode is safe for production codebases.

   • True
   • False

5. Which mode automatically approves Edit and Write, but not Bash?

   • Default
   • Accept Edits
   • Don't Ask
   • Bypass

Answers: 1-c, 2-b, 3-c, 4-False, 5-b

---

Summary

In this lesson, you learned:

• Permission philosophy - Transparency, control, safety, learning
• Four modes - Default, Accept Edits, Don't Ask, Bypass
• When to use each - Match mode to task and comfort level
• Plan mode - For complex tasks requiring careful planning
• Keyboard shortcuts - Quick mode switching during sessions
• Configuration - Pre-configure allowed/denied operations

Next Steps

In Lesson 5: Skills System, you'll learn:

• What skills are and how they work
• Using built-in skills like /commit and /memory
• Creating your own custom skills
• Skill structure and organization

Further Reading

• Permission Modes Reference
• Plan Mode Guide
• Security Best Practices

---

Continue to Lesson 5: Skills System →