@gotgenes/pi-permission-system 0.7.0

package/tests/config-modal.test.ts

@@ -0,0 +1,248 @@
+import assert from "node:assert/strict";
+import { mkdtempSync, readFileSync, rmSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { test, vi } from "vitest";
+import { registerPermissionSystemCommand } from "../src/config-modal.js";
+import {
+  DEFAULT_EXTENSION_CONFIG,
+  loadPermissionSystemConfig,
+  type PermissionSystemExtensionConfig,
+  savePermissionSystemConfig,
+} from "../src/extension-config.js";
+
+vi.mock("@mariozechner/pi-coding-agent", () => ({
+  getSettingsListTheme: () => ({}),
+}));
+
+vi.mock("@mariozechner/pi-tui", () => ({
+  Box: class {},
+  Container: class {
+    addChild(): void {}
+    render(): string[] {
+      return [];
+    }
+    invalidate(): void {}
+  },
+  SettingsList: class {
+    handleInput(): void {}
+    updateValue(): void {}
+    render(): string[] {
+      return [];
+    }
+    invalidate(): void {}
+  },
+  Spacer: class {},
+  Text: class {},
+  truncateToWidth: (text: string) => text,
+  visibleWidth: (text: string) => text.length,
+}));
+
+type Notification = { message: string; level: "info" | "warning" | "error" };
+
+type CommandContextStub = {
+  hasUI: boolean;
+  ui: {
+    notify(message: string, level: "info" | "warning" | "error"): void;
+    custom<T>(
+      renderer: (...args: unknown[]) => unknown,
+      options?: unknown,
+    ): Promise<T>;
+  };
+};
+
+function createCommandContext(hasUI: boolean): {
+  ctx: CommandContextStub;
+  notifications: Notification[];
+  getCustomCalls(): number;
+} {
+  const notifications: Notification[] = [];
+  let customCalls = 0;
+
+  return {
+    ctx: {
+      hasUI,
+      ui: {
+        notify(message: string, level: "info" | "warning" | "error") {
+          notifications.push({ message, level });
+        },
+        async custom<T>(
+          _renderer: (...args: unknown[]) => unknown,
+          _options?: unknown,
+        ): Promise<T> {
+          customCalls += 1;
+          return undefined as T;
+        },
+      },
+    },
+    notifications,
+    getCustomCalls: () => customCalls,
+  };
+}
+
+function lastNotification(notifications: Notification[]): Notification {
+  return notifications[notifications.length - 1] as Notification;
+}
+
+test("permission-system command completions expose top-level config actions", () => {
+  const baseDir = mkdtempSync(
+    join(tmpdir(), "pi-permission-system-command-completions-"),
+  );
+  const configPath = join(baseDir, "config.json");
+  let config: PermissionSystemExtensionConfig = { ...DEFAULT_EXTENSION_CONFIG };
+
+  try {
+    const controller = {
+      getConfig: () => config,
+      setConfig: (next: PermissionSystemExtensionConfig) => {
+        config = next;
+      },
+      getConfigPath: () => configPath,
+    };
+
+    let definition: {
+      description: string;
+      getArgumentCompletions?: (
+        argumentPrefix: string,
+      ) => Array<{ value: string; label: string; description?: string }> | null;
+      handler: (args: string, ctx: CommandContextStub) => Promise<void>;
+    } | null = null;
+
+    registerPermissionSystemCommand(
+      {
+        registerCommand(_name: string, nextDefinition: typeof definition) {
+          definition = nextDefinition;
+        },
+      } as never,
+      controller as never,
+    );
+
+    assert.ok(definition !== null);
+    assert.ok(typeof definition?.getArgumentCompletions === "function");
+
+    const topLevel = definition?.getArgumentCompletions?.("");
+    assert.ok(Array.isArray(topLevel));
+    assert.ok(topLevel?.some((item) => item.value === "show"));
+    assert.ok(topLevel?.some((item) => item.value === "reset"));
+
+    const filtered = definition?.getArgumentCompletions?.("pa");
+    assert.deepEqual(
+      filtered?.map((item) => item.value),
+      ["path"],
+    );
+    assert.equal(definition?.getArgumentCompletions?.("path extra"), null);
+    assert.equal(definition?.getArgumentCompletions?.("zzz"), null);
+  } finally {
+    rmSync(baseDir, { recursive: true, force: true });
+  }
+});
+
+test("permission-system command handlers manage config summary, persistence, and modal routing", async () => {
+  const baseDir = mkdtempSync(join(tmpdir(), "pi-permission-system-command-"));
+  const configPath = join(baseDir, "config.json");
+  let config: PermissionSystemExtensionConfig = {
+    debugLog: true,
+    permissionReviewLog: false,
+    yoloMode: true,
+  };
+
+  try {
+    const initialSave = savePermissionSystemConfig(config, configPath);
+    assert.equal(initialSave.success, true);
+
+    const controller = {
+      getConfig: () => config,
+      setConfig: (next: PermissionSystemExtensionConfig) => {
+        const normalized = loadPermissionSystemConfig(configPath).config;
+        const saved = savePermissionSystemConfig(next, configPath);
+        assert.equal(saved.success, true);
+        config = loadPermissionSystemConfig(configPath).config;
+        assert.notDeepEqual(config, normalized);
+      },
+      getConfigPath: () => configPath,
+    };
+
+    let registeredName = "";
+    let definition: {
+      description: string;
+      getArgumentCompletions?: (
+        argumentPrefix: string,
+      ) => Array<{ value: string; label: string; description?: string }> | null;
+      handler: (args: string, ctx: CommandContextStub) => Promise<void>;
+    } | null = null;
+
+    registerPermissionSystemCommand(
+      {
+        registerCommand(name: string, nextDefinition: typeof definition) {
+          registeredName = name;
+          definition = nextDefinition;
+        },
+      } as never,
+      controller as never,
+    );
+
+    assert.equal(registeredName, "permission-system");
+    assert.ok(definition !== null);
+    assert.ok(
+      (definition?.description ?? "").includes(
+        "Configure pi-permission-system",
+      ),
+    );
+
+    const infoCtx = createCommandContext(true);
+    await definition?.handler("show", infoCtx.ctx);
+    assert.ok(
+      lastNotification(infoCtx.notifications).message.includes("yoloMode=on"),
+    );
+    assert.ok(
+      lastNotification(infoCtx.notifications).message.includes("debugLog=on"),
+    );
+
+    await definition?.handler("path", infoCtx.ctx);
+    assert.equal(
+      lastNotification(infoCtx.notifications).message,
+      `permission-system config: ${configPath}`,
+    );
+
+    await definition?.handler("help", infoCtx.ctx);
+    assert.ok(
+      lastNotification(infoCtx.notifications).message.includes(
+        "Usage: /permission-system",
+      ),
+    );
+
+    await definition?.handler("reset", infoCtx.ctx);
+    assert.deepEqual(config, DEFAULT_EXTENSION_CONFIG);
+    assert.equal(
+      lastNotification(infoCtx.notifications).message,
+      "Permission system settings reset to defaults.",
+    );
+
+    const persisted = JSON.parse(readFileSync(configPath, "utf8")) as Record<
+      string,
+      unknown
+    >;
+    assert.deepEqual(persisted, DEFAULT_EXTENSION_CONFIG);
+
+    await definition?.handler("unknown", infoCtx.ctx);
+    assert.equal(lastNotification(infoCtx.notifications).level, "warning");
+    assert.ok(
+      lastNotification(infoCtx.notifications).message.includes(
+        "Usage: /permission-system",
+      ),
+    );
+
+    const headlessCtx = createCommandContext(false);
+    await definition?.handler("", headlessCtx.ctx);
+    assert.equal(
+      lastNotification(headlessCtx.notifications).message,
+      "/permission-system requires interactive TUI mode.",
+    );
+
+    const modalCtx = createCommandContext(true);
+    await definition?.handler("", modalCtx.ctx);
+    assert.equal(modalCtx.getCustomCalls(), 1);
+  } finally {
+    rmSync(baseDir, { recursive: true, force: true });
+  }
+});

package/tests/config-reporter.test.ts

@@ -0,0 +1,139 @@
+import assert from "node:assert/strict";
+import {
+  mkdirSync,
+  mkdtempSync,
+  readFileSync,
+  rmSync,
+  writeFileSync,
+} from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { test } from "vitest";
+import { buildResolvedConfigLogEntry } from "../src/config-reporter.js";
+import { createPermissionSystemLogger } from "../src/logging.js";
+import type { ResolvedPolicyPaths } from "../src/permission-manager.js";
+import { PermissionManager } from "../src/permission-manager.js";
+
+test("buildResolvedConfigLogEntry merges extension config path with policy paths", () => {
+  const policyPaths: ResolvedPolicyPaths = {
+    globalConfigPath: "/home/user/.pi/agent/pi-permissions.jsonc",
+    globalConfigExists: true,
+    projectConfigPath: "/projects/my-app/.pi/agent/pi-permissions.jsonc",
+    projectConfigExists: false,
+    agentsDir: "/home/user/.pi/agent/agents",
+    agentsDirExists: true,
+    projectAgentsDir: "/projects/my-app/.pi/agent/agents",
+    projectAgentsDirExists: false,
+  };
+
+  const result = buildResolvedConfigLogEntry(
+    "/ext/pi-permission-system/config.json",
+    true,
+    policyPaths,
+  );
+
+  assert.equal(
+    result.extensionConfigPath,
+    "/ext/pi-permission-system/config.json",
+  );
+  assert.equal(result.extensionConfigExists, true);
+  assert.equal(
+    result.globalConfigPath,
+    "/home/user/.pi/agent/pi-permissions.jsonc",
+  );
+  assert.equal(result.globalConfigExists, true);
+  assert.equal(
+    result.projectConfigPath,
+    "/projects/my-app/.pi/agent/pi-permissions.jsonc",
+  );
+  assert.equal(result.projectConfigExists, false);
+  assert.equal(result.agentsDir, "/home/user/.pi/agent/agents");
+  assert.equal(result.agentsDirExists, true);
+  assert.equal(result.projectAgentsDir, "/projects/my-app/.pi/agent/agents");
+  assert.equal(result.projectAgentsDirExists, false);
+});
+
+test("buildResolvedConfigLogEntry handles null project paths", () => {
+  const policyPaths: ResolvedPolicyPaths = {
+    globalConfigPath: "/home/user/.pi/agent/pi-permissions.jsonc",
+    globalConfigExists: false,
+    projectConfigPath: null,
+    projectConfigExists: false,
+    agentsDir: "/home/user/.pi/agent/agents",
+    agentsDirExists: false,
+    projectAgentsDir: null,
+    projectAgentsDirExists: false,
+  };
+
+  const result = buildResolvedConfigLogEntry(
+    "/ext/config.json",
+    false,
+    policyPaths,
+  );
+
+  assert.equal(result.extensionConfigPath, "/ext/config.json");
+  assert.equal(result.extensionConfigExists, false);
+  assert.equal(result.projectConfigPath, null);
+  assert.equal(result.projectConfigExists, false);
+  assert.equal(result.projectAgentsDir, null);
+  assert.equal(result.projectAgentsDirExists, false);
+});
+
+test("config.resolved entry appears in review log via logger", () => {
+  const tempDir = mkdtempSync(join(tmpdir(), "config-resolved-log-"));
+  try {
+    const logsDir = join(tempDir, "logs");
+    mkdirSync(logsDir, { recursive: true });
+    const reviewLogPath = join(logsDir, "review.jsonl");
+
+    const globalConfigPath = join(tempDir, "pi-permissions.jsonc");
+    writeFileSync(globalConfigPath, "{}", "utf-8");
+    const agentsDir = join(tempDir, "agents");
+
+    const pm = new PermissionManager({
+      globalConfigPath,
+      agentsDir,
+    });
+
+    const extensionConfigPath = join(tempDir, "config.json");
+    writeFileSync(extensionConfigPath, "{}", "utf-8");
+
+    const logger = createPermissionSystemLogger({
+      getConfig: () => ({
+        debugLog: false,
+        permissionReviewLog: true,
+        yoloMode: false,
+      }),
+      reviewLogPath,
+      ensureLogsDirectory: () => undefined,
+    });
+
+    const policyPaths = pm.getResolvedPolicyPaths();
+    const entry = buildResolvedConfigLogEntry(
+      extensionConfigPath,
+      true,
+      policyPaths,
+    );
+    logger.review(
+      "config.resolved",
+      entry as unknown as Record<string, unknown>,
+    );
+
+    const logContent = readFileSync(reviewLogPath, "utf-8").trim();
+    const parsed = JSON.parse(logContent) as Record<string, unknown>;
+
+    assert.equal(parsed.event, "config.resolved");
+    assert.equal(parsed.extensionConfigPath, extensionConfigPath);
+    assert.equal(parsed.extensionConfigExists, true);
+    assert.equal(parsed.globalConfigPath, globalConfigPath);
+    assert.equal(parsed.globalConfigExists, true);
+    assert.equal(parsed.agentsDir, agentsDir);
+    assert.equal(parsed.agentsDirExists, false);
+    assert.equal(parsed.projectConfigPath, null);
+    assert.equal(parsed.projectConfigExists, false);
+    assert.equal(parsed.projectAgentsDir, null);
+    assert.equal(parsed.projectAgentsDirExists, false);
+  } finally {
+    rmSync(tempDir, { recursive: true, force: true });
+  }
+});

package/tests/extension-config.test.ts

@@ -0,0 +1,120 @@
+import { mkdtempSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { afterEach, beforeEach, describe, expect, it } from "vitest";
+
+import {
+  detectMisplacedPermissionKeys,
+  loadPermissionSystemConfig,
+} from "../src/extension-config.js";
+
+describe("detectMisplacedPermissionKeys", () => {
+  it("returns an empty array for a record with only valid extension keys", () => {
+    const result = detectMisplacedPermissionKeys({
+      debugLog: true,
+      permissionReviewLog: true,
+      yoloMode: false,
+    });
+    expect(result).toEqual([]);
+  });
+
+  it("returns an empty array for an empty record", () => {
+    const result = detectMisplacedPermissionKeys({});
+    expect(result).toEqual([]);
+  });
+
+  it("returns misplaced key names when permission-rule keys are present", () => {
+    const result = detectMisplacedPermissionKeys({
+      debugLog: true,
+      defaultPolicy: { tools: "ask" },
+      bash: { "git status": "allow" },
+    });
+    expect(result).toEqual(["defaultPolicy", "bash"]);
+  });
+
+  it("detects all known permission-rule keys", () => {
+    const result = detectMisplacedPermissionKeys({
+      defaultPolicy: {},
+      tools: {},
+      bash: {},
+      mcp: {},
+      skills: {},
+      special: {},
+      external_directory: {},
+      doom_loop: {},
+    });
+    expect(result).toEqual([
+      "defaultPolicy",
+      "tools",
+      "bash",
+      "mcp",
+      "skills",
+      "special",
+      "external_directory",
+      "doom_loop",
+    ]);
+  });
+
+  it("ignores unknown keys that are not permission-rule keys", () => {
+    const result = detectMisplacedPermissionKeys({
+      debugLog: true,
+      someRandomKey: "value",
+    });
+    expect(result).toEqual([]);
+  });
+});
+
+describe("loadPermissionSystemConfig", () => {
+  let tempDir: string;
+  let configPath: string;
+
+  beforeEach(() => {
+    tempDir = mkdtempSync(join(tmpdir(), "perm-config-test-"));
+    configPath = join(tempDir, "config.json");
+  });
+
+  afterEach(() => {
+    rmSync(tempDir, { recursive: true, force: true });
+  });
+
+  it("returns no warning for a clean config", () => {
+    writeFileSync(
+      configPath,
+      JSON.stringify({
+        debugLog: false,
+        permissionReviewLog: true,
+        yoloMode: false,
+      }),
+    );
+    const result = loadPermissionSystemConfig(configPath);
+    expect(result.warning).toBeUndefined();
+  });
+
+  it("returns a warning naming misplaced permission-rule keys", () => {
+    writeFileSync(
+      configPath,
+      JSON.stringify({
+        debugLog: true,
+        defaultPolicy: { tools: "ask" },
+        bash: { "git status": "allow" },
+      }),
+    );
+    const result = loadPermissionSystemConfig(configPath);
+    expect(result.warning).toBeDefined();
+    expect(result.warning).toContain("defaultPolicy");
+    expect(result.warning).toContain("bash");
+    expect(result.warning).toContain("pi-permissions.jsonc");
+  });
+
+  it("still returns the valid extension config fields when misplaced keys are present", () => {
+    writeFileSync(
+      configPath,
+      JSON.stringify({
+        debugLog: true,
+        bash: { "git status": "allow" },
+      }),
+    );
+    const result = loadPermissionSystemConfig(configPath);
+    expect(result.config.debugLog).toBe(true);
+  });
+});