feat(tui): persist permission rules from approval prompts

[greyfreedom]

Summary

Add TUI support for persisting typed permission rules directly from tool approval prompts.

This builds on the typed execpolicy/config work by letting users save a scoped allow rule while approving a tool call, with a preview of the rule that will be written to user config.

Changes

• Add generated persistent permission rules to ApprovalRequest.
• Add approval prompt actions:
  • s: save this rule and approve
  • p: view the full generated rule preview
• Persist approved rules into user config under [[permissions.rules]].
• Inject successfully saved rules into the live ExecPolicyEngine so the current session benefits immediately.
• Generate scoped rules for:
  • shell tools via exact command patterns
  • file tools via normalized workspace-relative paths
  • apply_patch via extracted patch/file paths
• Write compatibility alias rules for file tools, such as edit_file and file_edit.
• Avoid auto-generating file rules for paths containing glob metacharacters.
• Adjust non-deny rule priority so more specific allow rules can override broader ask rules, while deny remains absolute.
• Keep approval modal previews compact and expose the full rule preview through a pager.

Safety Notes

• Auto-generated file rules are exact-path only.
• Paths are normalized before persistence.
• Absolute paths inside the workspace are saved as workspace-relative paths.
• Paths containing glob metacharacters are not persisted automatically to avoid accidental broad permissions.
• Deny rules still win over allow/ask rules across layers.

Tests

• cargo fmt --all
• cargo test -p deepseek-execpolicy --all-features
• cargo test -p deepseek-tui persistent_permission --all-features
• cargo test -p deepseek-tui typed_permission --all-features
• cargo test -p deepseek-tui approval --all-features
• cargo test -p deepseek-tui persist_permission --all-features
• cargo clippy -p deepseek-tui --all-targets --all-features -- -D warnings
• git diff --check

Depends On

This PR is stacked on top of PR2: feat/execpolicy-typed-rules
Closes #1186
Depends on #1413

[gemini-code-assist]

Code Review

This pull request implements a comprehensive tool permission system, introducing typed rules for shell commands and file paths with support for persistent allow, deny, and ask decisions. The changes include a new execution policy engine, integration with the TUI for rule management and previews, and logic to merge project-specific security constraints. Feedback identifies several high-severity issues: the configuration persistence logic currently strips user comments; a security vulnerability exists in apply_patch where patches aren't always validated; diff header parsing fails on timestamps; and parallel tool calls are insecurely auto-approved by default. Medium-severity concerns regarding rule resolution performance and manual TOML string escaping were also noted.

[Hmbown]

Thanks for the contribution. I’m keeping the v0.8.33 branch focused on final release polish and not pulling this PR into that branch right now. Leaving it open for review in the next cycle.

[Hmbown]

This PR was opened before the v0.8.41 rebrand and is now stale. Feel free to rebase onto current main and reopen. 鲸鱼兄弟们等你 🐋

[greyfreedom]

This PR was opened before the v0.8.41 rebrand and is now stale. Feel free to rebase onto current main and reopen. 鲸鱼兄弟们等你 🐋

Since I cannot reopen the current PR, I created a new PR #2062 .