npm - @gotgenes/pi-permission-system - Versions diffs - 10.0.0 → 10.1.0 - Mend

@gotgenes/pi-permission-system 10.0.0 → 10.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (64) hide show

package/CHANGELOG.md +26 -0
package/README.md +1 -1
package/package.json +1 -1
package/src/agent-prep-session.ts +28 -0
package/src/decision-reporter.ts +41 -0
package/src/denial-messages.ts +11 -0
package/src/forwarded-permissions/permission-forwarder.ts +549 -0
package/src/forwarding-manager.ts +3 -7
package/src/gate-handler-session.ts +13 -0
package/src/gate-prompter.ts +14 -0
package/src/handlers/before-agent-start.ts +2 -3
package/src/handlers/gates/bash-command.ts +4 -18
package/src/handlers/gates/bash-external-directory.ts +3 -15
package/src/handlers/gates/bash-path.ts +3 -16
package/src/handlers/gates/descriptor.ts +0 -28
package/src/handlers/gates/path.ts +3 -15
package/src/handlers/gates/runner.ts +142 -105
package/src/handlers/gates/skill-input-gate-pipeline.ts +104 -0
package/src/handlers/gates/skill-input.ts +44 -0
package/src/handlers/gates/tool-call-gate-pipeline.ts +120 -0
package/src/handlers/lifecycle.ts +9 -9
package/src/handlers/permission-gate-handler.ts +34 -238
package/src/index.ts +49 -69
package/src/mcp-targets.ts +56 -46
package/src/permission-prompter.ts +7 -58
package/src/permission-resolver.ts +17 -0
package/src/permission-session.ts +77 -9
package/src/permissions-service.ts +53 -0
package/src/service-lifecycle.ts +49 -0
package/src/session-approval-recorder.ts +6 -0
package/src/session-lifecycle-session.ts +24 -0
package/src/tool-input-preview.ts +0 -62
package/src/tool-input-prompt-formatters.ts +63 -0
package/src/tool-preview-formatter.ts +6 -4
package/test/decision-reporter.test.ts +112 -0
package/test/denial-messages.test.ts +62 -0
package/test/forwarding-manager.test.ts +26 -44
package/test/handlers/before-agent-start.test.ts +45 -21
package/test/handlers/external-directory-integration.test.ts +86 -22
package/test/handlers/external-directory-session-dedup.test.ts +102 -55
package/test/handlers/gates/bash-command.test.ts +49 -90
package/test/handlers/gates/bash-external-directory.test.ts +54 -95
package/test/handlers/gates/bash-path.test.ts +63 -148
package/test/handlers/gates/path.test.ts +38 -105
package/test/handlers/gates/runner.test.ts +150 -93
package/test/handlers/gates/skill-input-gate-pipeline.test.ts +176 -0
package/test/handlers/gates/skill-input.test.ts +128 -0
package/test/handlers/gates/tool-call-gate-pipeline.test.ts +180 -0
package/test/handlers/input.test.ts +1 -2
package/test/handlers/lifecycle.test.ts +49 -33
package/test/handlers/tool-call-events.test.ts +1 -1
package/test/helpers/gate-fixtures.ts +147 -16
package/test/helpers/handler-fixtures.ts +143 -27
package/test/mcp-targets.test.ts +55 -0
package/test/permission-forwarder.test.ts +295 -0
package/test/permission-forwarding.test.ts +0 -282
package/test/permission-prompter.test.ts +33 -44
package/test/permission-session.test.ts +160 -27
package/test/permissions-service.test.ts +151 -0
package/test/runtime.test.ts +0 -4
package/test/service-lifecycle.test.ts +162 -0
package/test/tool-input-preview.test.ts +0 -111
package/test/tool-input-prompt-formatters.test.ts +115 -0
package/src/forwarded-permissions/polling.ts +0 -411

package/test/permission-forwarder.test.ts ADDED Viewed

@@ -0,0 +1,295 @@
+import { mkdirSync, mkdtempSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
+import { afterEach, describe, expect, test, vi } from "vitest";
+import {
+  PermissionForwarder,
+  type PermissionForwarderDeps,
+} from "#src/forwarded-permissions/permission-forwarder";
+import { createPermissionForwardingLocation } from "#src/permission-forwarding";
+// ── Helpers ───────────────────────────────────────────────────────────────
+function makeDeps(
+  overrides: Partial<PermissionForwarderDeps> = {},
+): PermissionForwarderDeps {
+  return {
+    forwardingDir: "/tmp/forwarding",
+    subagentSessionsDir: "/tmp/subagents",
+    logger: { writeReviewLog: vi.fn(), writeDebugLog: vi.fn() },
+    writeReviewLog: vi.fn(),
+    requestPermissionDecisionFromUi: vi
+      .fn()
+      .mockResolvedValue({ approved: true, state: "approved" as const }),
+    shouldAutoApprove: () => false,
+    ...overrides,
+  };
+}
+afterEach(() => {
+  vi.unstubAllEnvs();
+});
+// ── requestApproval ───────────────────────────────────────────────────────
+describe("requestApproval — UI fast path", () => {
+  test("calls requestPermissionDecisionFromUi but does not emit a UI prompt event (the prompter does)", async () => {
+    const events = {
+      emit: vi.fn(),
+      on: vi.fn().mockReturnValue(() => undefined),
+    };
+    const requestPermissionDecisionFromUi = vi
+      .fn()
+      .mockResolvedValue({ approved: true, state: "approved" as const });
+    const forwarder = new PermissionForwarder(
+      makeDeps({ events, requestPermissionDecisionFromUi }),
+    );
+    await forwarder.requestApproval(
+      {
+        hasUI: true,
+        ui: { select: vi.fn(), input: vi.fn() },
+      } as unknown as ExtensionContext,
+      "Allow git push?",
+    );
+    expect(requestPermissionDecisionFromUi).toHaveBeenCalled();
+    expect(events.emit).not.toHaveBeenCalledWith(
+      "permissions:ui_prompt",
+      expect.anything(),
+    );
+  });
+});
+describe("requestApproval — non-UI, non-subagent path", () => {
+  test("returns denied without showing a dialog or emitting when there is no active UI", async () => {
+    const events = {
+      emit: vi.fn(),
+      on: vi.fn().mockReturnValue(() => undefined),
+    };
+    const requestPermissionDecisionFromUi = vi.fn();
+    const forwarder = new PermissionForwarder(
+      makeDeps({ events, requestPermissionDecisionFromUi }),
+    );
+    const result = await forwarder.requestApproval(
+      {
+        hasUI: false,
+        sessionManager: {
+          getSessionDir: vi.fn().mockReturnValue(null),
+        },
+      } as unknown as ExtensionContext,
+      "Allow git push?",
+    );
+    expect(result).toEqual({ approved: false, state: "denied" });
+    expect(events.emit).not.toHaveBeenCalledWith(
+      "permissions:ui_prompt",
+      expect.anything(),
+    );
+    expect(requestPermissionDecisionFromUi).not.toHaveBeenCalled();
+  });
+});
+// ── processInbox ──────────────────────────────────────────────────────────
+describe("processInbox", () => {
+  test("emits a UI prompt event before showing a forwarded permission dialog", async () => {
+    const root = mkdtempSync(join(tmpdir(), "permission-forwarding-"));
+    try {
+      const forwardingDir = join(root, "forwarding");
+      const location = createPermissionForwardingLocation(
+        forwardingDir,
+        "parent-session",
+      );
+      mkdirSync(location.requestsDir, { recursive: true });
+      mkdirSync(location.responsesDir, { recursive: true });
+      writeFileSync(
+        join(location.requestsDir, "req-forwarded.json"),
+        JSON.stringify({
+          id: "req-forwarded",
+          createdAt: Date.now(),
+          requesterSessionId: "child-session",
+          targetSessionId: "parent-session",
+          requesterAgentName: "Explore",
+          message: "Allow git push?",
+        }),
+        "utf-8",
+      );
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
+      const requestPermissionDecisionFromUi = vi
+        .fn()
+        .mockResolvedValue({ approved: true, state: "approved" as const });
+      const forwarder = new PermissionForwarder(
+        makeDeps({
+          forwardingDir,
+          events,
+          requestPermissionDecisionFromUi,
+        }),
+      );
+      await forwarder.processInbox({
+        hasUI: true,
+        ui: { select: vi.fn(), input: vi.fn() },
+        sessionManager: {
+          getSessionId: vi.fn().mockReturnValue("parent-session"),
+        },
+      } as unknown as ExtensionContext);
+      expect(events.emit).toHaveBeenCalledWith(
+        "permissions:ui_prompt",
+        expect.objectContaining({
+          requestId: "req-forwarded",
+          source: "tool_call",
+          surface: null,
+          value: null,
+          agentName: "Explore",
+          message: expect.stringContaining("Allow git push?"),
+          forwarding: {
+            requesterAgentName: "Explore",
+            requesterSessionId: "child-session",
+          },
+        }),
+      );
+      expect(requestPermissionDecisionFromUi).toHaveBeenCalled();
+    } finally {
+      rmSync(root, { recursive: true, force: true });
+    }
+  });
+  test("emits a non-degraded UI prompt event when the request carries display fields", async () => {
+    const root = mkdtempSync(join(tmpdir(), "permission-forwarding-"));
+    try {
+      const forwardingDir = join(root, "forwarding");
+      const location = createPermissionForwardingLocation(
+        forwardingDir,
+        "parent-session",
+      );
+      mkdirSync(location.requestsDir, { recursive: true });
+      mkdirSync(location.responsesDir, { recursive: true });
+      writeFileSync(
+        join(location.requestsDir, "req-forwarded-rich.json"),
+        JSON.stringify({
+          id: "req-forwarded-rich",
+          createdAt: Date.now(),
+          requesterSessionId: "child-session",
+          targetSessionId: "parent-session",
+          requesterAgentName: "Explore",
+          message: "Allow git push?",
+          source: "tool_call",
+          surface: "bash",
+          value: "git push",
+        }),
+        "utf-8",
+      );
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
+      const requestPermissionDecisionFromUi = vi
+        .fn()
+        .mockResolvedValue({ approved: true, state: "approved" as const });
+      const forwarder = new PermissionForwarder(
+        makeDeps({
+          forwardingDir,
+          events,
+          requestPermissionDecisionFromUi,
+        }),
+      );
+      await forwarder.processInbox({
+        hasUI: true,
+        ui: { select: vi.fn(), input: vi.fn() },
+        sessionManager: {
+          getSessionId: vi.fn().mockReturnValue("parent-session"),
+        },
+      } as unknown as ExtensionContext);
+      expect(events.emit).toHaveBeenCalledWith(
+        "permissions:ui_prompt",
+        expect.objectContaining({
+          requestId: "req-forwarded-rich",
+          source: "tool_call",
+          surface: "bash",
+          value: "git push",
+          agentName: "Explore",
+          message: expect.stringContaining("Allow git push?"),
+          forwarding: {
+            requesterAgentName: "Explore",
+            requesterSessionId: "child-session",
+          },
+        }),
+      );
+      expect(requestPermissionDecisionFromUi).toHaveBeenCalled();
+    } finally {
+      rmSync(root, { recursive: true, force: true });
+    }
+  });
+  test("does not emit a UI prompt event when forwarded permission auto-approves", async () => {
+    const root = mkdtempSync(join(tmpdir(), "permission-forwarding-"));
+    try {
+      const forwardingDir = join(root, "forwarding");
+      const location = createPermissionForwardingLocation(
+        forwardingDir,
+        "parent-session",
+      );
+      mkdirSync(location.requestsDir, { recursive: true });
+      mkdirSync(location.responsesDir, { recursive: true });
+      writeFileSync(
+        join(location.requestsDir, "req-forwarded-auto.json"),
+        JSON.stringify({
+          id: "req-forwarded-auto",
+          createdAt: Date.now(),
+          requesterSessionId: "child-session",
+          targetSessionId: "parent-session",
+          requesterAgentName: "Explore",
+          message: "Allow git push?",
+        }),
+        "utf-8",
+      );
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
+      const requestPermissionDecisionFromUi = vi.fn();
+      const forwarder = new PermissionForwarder(
+        makeDeps({
+          forwardingDir,
+          events,
+          requestPermissionDecisionFromUi,
+          shouldAutoApprove: () => true,
+        }),
+      );
+      await forwarder.processInbox({
+        hasUI: true,
+        ui: { select: vi.fn(), input: vi.fn() },
+        sessionManager: {
+          getSessionId: vi.fn().mockReturnValue("parent-session"),
+        },
+      } as unknown as ExtensionContext);
+      expect(events.emit).not.toHaveBeenCalledWith(
+        "permissions:ui_prompt",
+        expect.anything(),
+      );
+      expect(requestPermissionDecisionFromUi).not.toHaveBeenCalled();
+    } finally {
+      rmSync(root, { recursive: true, force: true });
+    }
+  });
+});

package/test/permission-forwarding.test.ts CHANGED Viewed

@@ -1,14 +1,5 @@
-import { mkdirSync, mkdtempSync, rmSync, writeFileSync } from "node:fs";
-import { tmpdir } from "node:os";
-import { join } from "node:path";
-import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
 import { afterEach, describe, expect, test, vi } from "vitest";
 import {
-  confirmPermission,
-  processForwardedPermissionRequests,
-} from "#src/forwarded-permissions/polling";
-import {
-  createPermissionForwardingLocation,
   resolvePermissionForwardingTargetSessionId,
   SUBAGENT_PARENT_SESSION_ENV_CANDIDATES,
   SUBAGENT_PARENT_SESSION_ENV_KEY,
@@ -249,276 +240,3 @@ describe("resolvePermissionForwardingTargetSessionId — registry resolution", (
     ).toBe("parent-from-env");
   });
 });
-describe("processForwardedPermissionRequests", () => {
-  test("emits a UI prompt event before showing a forwarded permission dialog", async () => {
-    const root = mkdtempSync(join(tmpdir(), "permission-forwarding-"));
-    try {
-      const forwardingDir = join(root, "forwarding");
-      const location = createPermissionForwardingLocation(
-        forwardingDir,
-        "parent-session",
-      );
-      mkdirSync(location.requestsDir, { recursive: true });
-      mkdirSync(location.responsesDir, { recursive: true });
-      writeFileSync(
-        join(location.requestsDir, "req-forwarded.json"),
-        JSON.stringify({
-          id: "req-forwarded",
-          createdAt: Date.now(),
-          requesterSessionId: "child-session",
-          targetSessionId: "parent-session",
-          requesterAgentName: "Explore",
-          message: "Allow git push?",
-        }),
-        "utf-8",
-      );
-      const events = {
-        emit: vi.fn(),
-        on: vi.fn().mockReturnValue(() => undefined),
-      };
-      const requestPermissionDecisionFromUi = vi
-        .fn()
-        .mockResolvedValue({ approved: true, state: "approved" as const });
-      await processForwardedPermissionRequests(
-        {
-          hasUI: true,
-          ui: { select: vi.fn(), input: vi.fn() },
-          sessionManager: {
-            getSessionId: vi.fn().mockReturnValue("parent-session"),
-          },
-        } as unknown as ExtensionContext,
-        {
-          forwardingDir,
-          subagentSessionsDir: join(root, "subagents"),
-          events,
-          logger: { writeReviewLog: vi.fn(), writeDebugLog: vi.fn() },
-          writeReviewLog: vi.fn(),
-          requestPermissionDecisionFromUi,
-          shouldAutoApprove: () => false,
-        },
-      );
-      expect(events.emit).toHaveBeenCalledWith(
-        "permissions:ui_prompt",
-        expect.objectContaining({
-          requestId: "req-forwarded",
-          source: "tool_call",
-          surface: null,
-          value: null,
-          agentName: "Explore",
-          message: expect.stringContaining("Allow git push?"),
-          forwarding: {
-            requesterAgentName: "Explore",
-            requesterSessionId: "child-session",
-          },
-        }),
-      );
-      expect(requestPermissionDecisionFromUi).toHaveBeenCalled();
-    } finally {
-      rmSync(root, { recursive: true, force: true });
-    }
-  });
-  test("emits a non-degraded UI prompt event when the request carries display fields", async () => {
-    const root = mkdtempSync(join(tmpdir(), "permission-forwarding-"));
-    try {
-      const forwardingDir = join(root, "forwarding");
-      const location = createPermissionForwardingLocation(
-        forwardingDir,
-        "parent-session",
-      );
-      mkdirSync(location.requestsDir, { recursive: true });
-      mkdirSync(location.responsesDir, { recursive: true });
-      writeFileSync(
-        join(location.requestsDir, "req-forwarded-rich.json"),
-        JSON.stringify({
-          id: "req-forwarded-rich",
-          createdAt: Date.now(),
-          requesterSessionId: "child-session",
-          targetSessionId: "parent-session",
-          requesterAgentName: "Explore",
-          message: "Allow git push?",
-          source: "tool_call",
-          surface: "bash",
-          value: "git push",
-        }),
-        "utf-8",
-      );
-      const events = {
-        emit: vi.fn(),
-        on: vi.fn().mockReturnValue(() => undefined),
-      };
-      const requestPermissionDecisionFromUi = vi
-        .fn()
-        .mockResolvedValue({ approved: true, state: "approved" as const });
-      await processForwardedPermissionRequests(
-        {
-          hasUI: true,
-          ui: { select: vi.fn(), input: vi.fn() },
-          sessionManager: {
-            getSessionId: vi.fn().mockReturnValue("parent-session"),
-          },
-        } as unknown as ExtensionContext,
-        {
-          forwardingDir,
-          subagentSessionsDir: join(root, "subagents"),
-          events,
-          logger: { writeReviewLog: vi.fn(), writeDebugLog: vi.fn() },
-          writeReviewLog: vi.fn(),
-          requestPermissionDecisionFromUi,
-          shouldAutoApprove: () => false,
-        },
-      );
-      expect(events.emit).toHaveBeenCalledWith(
-        "permissions:ui_prompt",
-        expect.objectContaining({
-          requestId: "req-forwarded-rich",
-          source: "tool_call",
-          surface: "bash",
-          value: "git push",
-          agentName: "Explore",
-          message: expect.stringContaining("Allow git push?"),
-          forwarding: {
-            requesterAgentName: "Explore",
-            requesterSessionId: "child-session",
-          },
-        }),
-      );
-      expect(requestPermissionDecisionFromUi).toHaveBeenCalled();
-    } finally {
-      rmSync(root, { recursive: true, force: true });
-    }
-  });
-  test("does not emit a UI prompt event when forwarded permission auto-approves", async () => {
-    const root = mkdtempSync(join(tmpdir(), "permission-forwarding-"));
-    try {
-      const forwardingDir = join(root, "forwarding");
-      const location = createPermissionForwardingLocation(
-        forwardingDir,
-        "parent-session",
-      );
-      mkdirSync(location.requestsDir, { recursive: true });
-      mkdirSync(location.responsesDir, { recursive: true });
-      writeFileSync(
-        join(location.requestsDir, "req-forwarded-auto.json"),
-        JSON.stringify({
-          id: "req-forwarded-auto",
-          createdAt: Date.now(),
-          requesterSessionId: "child-session",
-          targetSessionId: "parent-session",
-          requesterAgentName: "Explore",
-          message: "Allow git push?",
-        }),
-        "utf-8",
-      );
-      const events = {
-        emit: vi.fn(),
-        on: vi.fn().mockReturnValue(() => undefined),
-      };
-      const requestPermissionDecisionFromUi = vi.fn();
-      await processForwardedPermissionRequests(
-        {
-          hasUI: true,
-          ui: { select: vi.fn(), input: vi.fn() },
-          sessionManager: {
-            getSessionId: vi.fn().mockReturnValue("parent-session"),
-          },
-        } as unknown as ExtensionContext,
-        {
-          forwardingDir,
-          subagentSessionsDir: join(root, "subagents"),
-          events,
-          logger: { writeReviewLog: vi.fn(), writeDebugLog: vi.fn() },
-          writeReviewLog: vi.fn(),
-          requestPermissionDecisionFromUi,
-          shouldAutoApprove: () => true,
-        },
-      );
-      expect(events.emit).not.toHaveBeenCalledWith(
-        "permissions:ui_prompt",
-        expect.anything(),
-      );
-      expect(requestPermissionDecisionFromUi).not.toHaveBeenCalled();
-    } finally {
-      rmSync(root, { recursive: true, force: true });
-    }
-  });
-});
-describe("confirmPermission", () => {
-  test("shows the UI dialog but does not emit a UI prompt event (the prompter does)", async () => {
-    const events = {
-      emit: vi.fn(),
-      on: vi.fn().mockReturnValue(() => undefined),
-    };
-    const requestPermissionDecisionFromUi = vi
-      .fn()
-      .mockResolvedValue({ approved: true, state: "approved" as const });
-    await confirmPermission(
-      {
-        hasUI: true,
-        ui: { select: vi.fn(), input: vi.fn() },
-      } as unknown as ExtensionContext,
-      "Allow git push?",
-      {
-        forwardingDir: "/tmp/forwarding",
-        subagentSessionsDir: "/tmp/subagents",
-        events,
-        logger: { writeReviewLog: vi.fn(), writeDebugLog: vi.fn() },
-        writeReviewLog: vi.fn(),
-        requestPermissionDecisionFromUi,
-        shouldAutoApprove: () => false,
-      },
-    );
-    expect(requestPermissionDecisionFromUi).toHaveBeenCalled();
-    expect(events.emit).not.toHaveBeenCalledWith(
-      "permissions:ui_prompt",
-      expect.anything(),
-    );
-  });
-  test("does not show a dialog or emit when there is no active UI", async () => {
-    const events = {
-      emit: vi.fn(),
-      on: vi.fn().mockReturnValue(() => undefined),
-    };
-    const requestPermissionDecisionFromUi = vi.fn();
-    await confirmPermission(
-      {
-        hasUI: false,
-        sessionManager: {
-          getSessionDir: vi.fn().mockReturnValue(null),
-        },
-      } as unknown as ExtensionContext,
-      "Allow git push?",
-      {
-        forwardingDir: "/tmp/forwarding",
-        subagentSessionsDir: "/tmp/subagents",
-        events,
-        logger: { writeReviewLog: vi.fn(), writeDebugLog: vi.fn() },
-        writeReviewLog: vi.fn(),
-        requestPermissionDecisionFromUi,
-        shouldAutoApprove: () => false,
-      },
-    );
-    expect(events.emit).not.toHaveBeenCalledWith(
-      "permissions:ui_prompt",
-      expect.anything(),
-    );
-    expect(requestPermissionDecisionFromUi).not.toHaveBeenCalled();
-  });
-});