-
-
Notifications
You must be signed in to change notification settings - Fork 34
Permission Matrix
Saros Industries edited this page Jun 28, 2025
·
1 revision
Complete reference for the CursorRIPERβ¦Ξ£ permission system, showing what operations are allowed in each mode.
β = {C: create, R: read, U: update, D: delete}
| Symbol | Meaning | Description |
|---|---|---|
| β | Allowed | Full permission |
| β | Forbidden | Not permitted |
| ~ | Conditional | Limited/restricted |
| Mode | Create (C) | Read (R) | Update (U) | Delete (D) |
|---|---|---|---|---|
| RESEARCH Ξ©β | β | β | β | β |
| INNOVATE Ξ©β | ~ | β | β | β |
| PLAN Ξ©β | β | β | ~ | β |
| EXECUTE Ξ©β | β | β | β | ~ |
| REVIEW Ξ©β | β | β | β | β |
β(Ξ©β) = {R: β, C: β, U: β, D: β} // Research: Read-only
β(Ξ©β) = {R: β, C: ~, U: β, D: β} // Innovate: Read + conceptual
β(Ξ©β) = {R: β, C: β, U: ~, D: β} // Plan: Read/Create + limited update
β(Ξ©β) = {R: β, C: β, U: β, D: ~} // Execute: Full + limited delete
β(Ξ©β
) = {R: β, C: β, U: β, D: β} // Review: Read-only
| Operation | Research | Innovate | Plan | Execute | Review |
|---|---|---|---|---|---|
| Read file | β | β | β | β | β |
| Create file | β | β | βΒΉ | β | β |
| Update file | β | β | βΒΉ | β | β |
| Delete file | β | β | β | βΒ² | β |
| Create directory | β | β | β | β | β |
| List directory | β | β | β | β | β |
ΒΉ Plan mode: Only plan/specification documents Β² Execute mode: With confirmation, no mass deletion
| File Type | Research | Innovate | Plan | Execute | Review |
|---|---|---|---|---|---|
| Source code | Read | Read | Read | All | Read |
| Config files | Read | Read | Read | AllΒ³ | Read |
| Documentation | Read | Read | Create/Update | All | Read |
| Test files | Read | Read | Read | All | Read |
| Binary files | Read | Read | Read | Limited | Read |
Β³ Config files: Extra caution required
| Operation | Research | Innovate | Plan | Execute | Review |
|---|---|---|---|---|---|
| SELECT | β | β | β | β | β |
| INSERT | β | β | β | β | β |
| UPDATE | β | β | β | β | β |
| DELETE | β | β | β | ββ΄ | β |
| CREATE TABLE | β | β | β | β | β |
| DROP TABLE | β | β | β | β | β |
| ALTER TABLE | β | β | β | ββ΅ | β |
β΄ DELETE: Must have WHERE clause β΅ ALTER: Non-destructive changes only
| Service | Research | Innovate | Plan | Execute | Review |
|---|---|---|---|---|---|
| Web Search | β | β | β | β | β |
| API Read | β | β | β | β | β |
| API Write | β | β | β | β | β |
| Git Read | β | β | β | β | β |
| Git Write | β | β | β | β | β |
| Package Install | β | β | ββΆ | β | β |
βΆ Plan mode: Only in package.json
Execute mode blocks web search to maintain focus on implementation. Complete research before entering Execute mode.
π(Ξ©β) = {πβᡦββα΅£α΅₯β: β, πα΅₯α΅’α΅£βα΅€ββ: ~, πα΅£βββ: β}
π(Ξ©β) = {πβᡦββα΅£α΅₯β: β, πα΅₯α΅’α΅£βα΅€ββ: β, πα΅£βββ: β}
π(Ξ©β) = {πβᡦββα΅£α΅₯β: β, πα΅₯α΅’α΅£βα΅€ββ: β, πα΅£βββ: ~}
π(Ξ©β) = {πβᡦββα΅£α΅₯β: β, πα΅₯α΅’α΅£βα΅€ββ: ~, πα΅£βββ: β}
π(Ξ©β
) = {πβᡦββα΅£α΅₯β: β, πα΅₯α΅’α΅£βα΅€ββ: ~, πα΅£βββ: β}πβᡦββα΅£α΅₯β (Observation):
- read_files
- analyze_content
- identify_patterns
- review_code
πα΅₯α΅’α΅£βα΅€ββ (Virtual/Conceptual):
- suggest_ideas
- explore_concepts
- evaluate_approaches
- design_architecture
πα΅£βββ (Real/Physical):
- modify_files
- write_code
- delete_content
- refactor
| Operation | Research | Innovate | Plan | Execute | Review |
|---|---|---|---|---|---|
| View protections | β | β | β | β | β |
| Add protection | β | β | ββ· | β | β |
| Modify protected | β | β | β | ββΈ | β |
| Remove protection | β | β | β | β | β |
β· Plan mode: Plan protection strategy only βΈ Execute mode: Only with explicit approval
| Protection | Research | Innovate | Plan | Execute | Review |
|---|---|---|---|---|---|
| Ξ¨β PROTECTED | Observe | Observe | Observe | Enforce | Verify |
| Ξ¨β GUARDED | Observe | Observe | Request | Ask | Verify |
| Ξ¨β INFO | Read | Read | Update | Update | Read |
| Ξ¨β DEBUG | Observe | Observe | Plan | Modify | Review |
| Ξ¨β TEST | Observe | Observe | Plan | Modify | Review |
| Ξ¨β CRITICAL | Observe | Observe | Observe | Enforce | Verify |
| Operation | Research | Innovate | Plan | Execute | Review |
|---|---|---|---|---|---|
| Add context | β | β | β | β | β |
| Remove context | β | β | β | β | β |
| Clear context | β | β | β | β | β |
| Set status | β | β | β | β | β |
| Auto-context | β | β | β | β | β |
MΞ[Ξ©β] = [Ξβ, Ξβ, Ξβ] // Research: Docs, Folders, Git
MΞ[Ξ©β] = [Ξβ, Ξβ, Ξβ] // Innovate: Code, Docs, Notepads
MΞ[Ξ©β] = [Ξβ, Ξβ, Ξβ
] // Plan: Files, Folders, Rules
MΞ[Ξ©β] = [Ξβ, Ξβ, Ξβ] // Execute: Code, Files, Pinned
MΞ[Ξ©β
] = [Ξβ, Ξβ, Ξβ] // Review: Code, Files, Git| Memory File | Research | Innovate | Plan | Execute | Review |
|---|---|---|---|---|---|
| Οβ projectbrief | Read | Read | Update | Read | Verify |
| Οβ systemPatterns | Read | Update | Update | Read | Read |
| Οβ techContext | Update | Read | Update | Update | Read |
| Οβ activeContext | Update | Update | Update | Update | Update |
| Οβ progress | Read | Read | Update | Update | Update |
| Οβ protection | Read | Read | Plan | Update | Verify |
| Operation | In Mode | Severity | Response |
|---|---|---|---|
| Write code | Research | HIGH | Block + backup |
| Delete file | Review | CRITICAL | Block + revert |
| Web search | Execute | MEDIUM | Block + notify |
| Modify plan | Execute | HIGH | Block + backup |
| Fix issue | Review | MEDIUM | Block + suggest |
π(op, Ξ©) = {
log_violation(op, Ξ©), // Always log
create_backup(), // If HIGH/CRITICAL
revert_to_safe_mode(), // If CRITICAL
notify_violation(op, Ξ©) // Always notify
}RESEARCH: R:β only β Gather requirements
INNOVATE: R:β C:~ β Design conceptually
PLAN: R:β C:β β Create specifications
EXECUTE: Full permissions β Implement
REVIEW: R:β only β Validate
RESEARCH: R:β β Investigate issue
PLAN: R:β C:β β Design fix
EXECUTE: R:β U:β β Apply fix
REVIEW: R:β β Verify fix
RESEARCH: R:β β Analyze current code
INNOVATE: R:β C:~ β Design improvements
PLAN: R:β C:β β Plan refactor steps
EXECUTE: R:β U:β D:~ β Refactor code
REVIEW: R:β β Ensure functionality
| Need to... | Required Mode | Permission |
|---|---|---|
| Read code | Any mode | R:β |
| Write new code | Execute | C:β |
| Modify code | Execute | U:β |
| Delete code | Execute | D:~ |
| Search web | Not Execute | R:β |
| Create plan | Plan | C:β |
| Add protection | Execute | C:β |
| Mode | Primary Permission | Focus |
|---|---|---|
| Research | Read | Understanding |
| Innovate | Read + Virtual | Exploration |
| Plan | Create specs | Design |
| Execute | All operations | Implementation |
| Review | Read | Validation |
-
!ckp- Current mode permissions -
!pm <operation>- Is operation allowed? -
!sp <mode>- Show mode permissions -
!vm <operation>- Which mode for operation?
if (!check_permission(operation, current_mode)) {
handle_violation(operation, current_mode);
return blocked;
}- ποΈ Framework Overview
- π RIPER Modes
- πΎ Memory System
- π£ Symbolic Notation
- π Phase Management
- π‘οΈ Code Protection
- π Context References
- π Permission System
- π Cross-References
- πΎ Backup System
- π Mode Transitions
- πΎ Memory Management
- π‘οΈ Protection Workflow
- π Context Management
- π₯ Team Collaboration
- π£ Symbol Reference
- β¨οΈ Command Reference
- π Mode Reference
- π Permission Matrix
- π API Reference
- π Overview
- π GitHub Integration
- π Web Search
- π Browser Automation
- π³ Docker Integration
-
Installation Issues
- Node.js Version Compatibility
- Package Installation Failures
- Framework Dependencies Missing
- Database Connection Issues
- Port Conflicts
- Environment Setup Issues
- Build and Development Issues
- Framework CLI Issues
-
Configuration & Runtime Issues
- Framework Configuration Problems
- Runtime Performance Issues
- Module Loading and Plugin Issues
- Database and Storage Issues
- Memory Leaks and High Memory Usage
- High CPU Usage
-
BMAD Module Issues
- BMAD Module Initialization Problems
- Business Model Canvas Issues
- Stakeholder Management Issues
- Analytics and Reporting Issues
- Performance Optimization
-
Database & API Issues
- Database Connection Problems
- Database Migration Issues
- API Performance and Reliability Issues
- Data Consistency Issues
- Transaction Problems
-
Performance & Memory Issues
- Memory Management
- CPU Optimization
- Database Query Performance
- Caching Issues
- Resource Monitoring
-
Security & Authentication Issues
- Authentication Failures
- Authorization Problems
- JWT Token Issues
- Session Management
- CORS and Security Headers
- SSL/TLS Configuration
-
Deployment & Production Issues
- Production Deployment Failures
- Environment Configuration
- Load Balancing Issues
- Monitoring and Logging
- Backup and Recovery
When reporting issues, please include:
- Framework version (
npm list @cursoriper/core) - Node.js version (
node --version) - Operating system and version
- Error messages and stack traces
- Steps to reproduce the issue
- Configuration files (sanitized)
- Recent changes or deployments
- Technical Support: support@cursoriper.com
- Documentation: https://docs.cursoriper.com
- Community Forum: https://community.cursoriper.com