npm - @gotgenes/pi-permission-system - Versions diffs - 10.3.0 → 10.3.1 - Mend

@gotgenes/pi-permission-system 10.3.0 → 10.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/CHANGELOG.md +7 -0
package/package.json +1 -1
package/src/config-store.ts +7 -23
package/src/index.ts +65 -30
package/src/permission-session.ts +4 -5
package/src/permissions-service.ts +3 -5
package/src/session-logger.ts +46 -9
package/test/composition-root.test.ts +85 -1
package/test/config-store.test.ts +16 -40
package/test/permission-session.test.ts +14 -1
package/test/session-logger.test.ts +151 -64
package/src/runtime.ts +0 -147
package/test/runtime.test.ts +0 -303

package/test/session-logger.test.ts CHANGED Viewed

@@ -1,113 +1,200 @@
-import { describe, expect, it, vi } from "vitest";
-import type { ExtensionRuntime } from "#src/runtime";
+import { existsSync, mkdtempSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { beforeEach, describe, expect, it, vi } from "vitest";
+import { DEBUG_LOG_FILENAME, REVIEW_LOG_FILENAME } from "#src/config-paths";
+import {
+  DEFAULT_EXTENSION_CONFIG,
+  type PermissionSystemExtensionConfig,
+} from "#src/extension-config";
+import type { SessionLoggerDeps } from "#src/session-logger";
 import { createSessionLogger } from "#src/session-logger";
 // ── helpers ────────────────────────────────────────────────────────────────
-function makeRuntime(
-  overrides: Partial<ExtensionRuntime> = {},
-): ExtensionRuntime {
+let tempDir: string;
+beforeEach(() => {
+  tempDir = mkdtempSync(join(tmpdir(), "ps-session-logger-"));
+});
+function makeDeps(
+  overrides: {
+    globalLogsDir?: string;
+    getConfig?: () => PermissionSystemExtensionConfig;
+  } = {},
+) {
   return {
-    runtimeContext: null,
-    writeDebugLog: vi.fn(),
-    writeReviewLog: vi.fn(),
-    ...overrides,
-  } as unknown as ExtensionRuntime;
+    globalLogsDir: overrides.globalLogsDir ?? tempDir,
+    getConfig:
+      overrides.getConfig ??
+      ((): PermissionSystemExtensionConfig => ({
+        ...DEFAULT_EXTENSION_CONFIG,
+      })),
+    notify: vi.fn<(message: string) => void>(),
+  };
+}
+/** A `globalLogsDir` that cannot be created: a file at the parent path blocks it. */
+function makeBlockedLogsDir(): string {
+  const barrier = join(tempDir, "barrier");
+  writeFileSync(barrier, "");
+  return join(barrier, "logs");
 }
 // ── createSessionLogger ────────────────────────────────────────────────────
 describe("createSessionLogger", () => {
+  // ── debug ────────────────────────────────────────────────────────────────
   describe("debug", () => {
-    it("delegates to runtime.writeDebugLog with event and details", () => {
-      const runtime = makeRuntime();
-      const logger = createSessionLogger(runtime);
+    it("writes a JSONL line to the debug log file when debugLog is true", () => {
+      const deps = makeDeps({
+        getConfig: () => ({ ...DEFAULT_EXTENSION_CONFIG, debugLog: true }),
+      });
+      const logger = createSessionLogger(deps);
       logger.debug("test.event", { key: "value" });
-      expect(runtime.writeDebugLog).toHaveBeenCalledWith("test.event", {
-        key: "value",
-      });
+      expect(existsSync(join(tempDir, DEBUG_LOG_FILENAME))).toBe(true);
+      expect(deps.notify).not.toHaveBeenCalled();
     });
-    it("delegates to runtime.writeDebugLog with event and no details", () => {
-      const runtime = makeRuntime();
-      const logger = createSessionLogger(runtime);
+    it("does not write to the debug log when debugLog is false", () => {
+      // DEFAULT_EXTENSION_CONFIG.debugLog === false
+      const deps = makeDeps();
+      const logger = createSessionLogger(deps);
       logger.debug("test.event");
-      expect(runtime.writeDebugLog).toHaveBeenCalledWith(
-        "test.event",
-        undefined,
-      );
+      expect(existsSync(join(tempDir, DEBUG_LOG_FILENAME))).toBe(false);
+      expect(deps.notify).not.toHaveBeenCalled();
+    });
+    it("reads getConfig at write time — a mid-session toggle change takes effect", () => {
+      let debugLog = true;
+      const deps = makeDeps({
+        getConfig: () => ({ ...DEFAULT_EXTENSION_CONFIG, debugLog }),
+      });
+      const logger = createSessionLogger(deps);
+      debugLog = false;
+      logger.debug("test.event");
+      expect(existsSync(join(tempDir, DEBUG_LOG_FILENAME))).toBe(false);
     });
   });
+  // ── review ───────────────────────────────────────────────────────────────
   describe("review", () => {
-    it("delegates to runtime.writeReviewLog with event and details", () => {
-      const runtime = makeRuntime();
-      const logger = createSessionLogger(runtime);
+    it("writes a JSONL line to the review log file when permissionReviewLog is true", () => {
+      // DEFAULT_EXTENSION_CONFIG.permissionReviewLog === true
+      const deps = makeDeps();
+      const logger = createSessionLogger(deps);
       logger.review("permission.granted", { agentName: "coder" });
-      expect(runtime.writeReviewLog).toHaveBeenCalledWith(
-        "permission.granted",
-        { agentName: "coder" },
-      );
+      expect(existsSync(join(tempDir, REVIEW_LOG_FILENAME))).toBe(true);
+      expect(deps.notify).not.toHaveBeenCalled();
     });
-    it("delegates to runtime.writeReviewLog with event and no details", () => {
-      const runtime = makeRuntime();
-      const logger = createSessionLogger(runtime);
+    it("does not write to the review log when permissionReviewLog is false", () => {
+      const deps = makeDeps({
+        getConfig: () => ({
+          ...DEFAULT_EXTENSION_CONFIG,
+          permissionReviewLog: false,
+        }),
+      });
+      const logger = createSessionLogger(deps);
       logger.review("permission.granted");
-      expect(runtime.writeReviewLog).toHaveBeenCalledWith(
-        "permission.granted",
-        undefined,
-      );
+      expect(existsSync(join(tempDir, REVIEW_LOG_FILENAME))).toBe(false);
+      expect(deps.notify).not.toHaveBeenCalled();
     });
   });
-  describe("warn", () => {
-    it("calls ui.notify with the message and 'warning' severity when runtimeContext is present", () => {
-      const notify = vi.fn();
-      const runtime = makeRuntime({
-        runtimeContext: {
-          ui: { notify, setStatus: vi.fn(), select: vi.fn(), input: vi.fn() },
-        } as unknown as ExtensionRuntime["runtimeContext"],
+  // ── IO-failure warnings ───────────────────────────────────────────────────
+  describe("IO-failure warnings", () => {
+    it("calls notify with the error message when the logs directory cannot be created", () => {
+      const deps = makeDeps({
+        globalLogsDir: makeBlockedLogsDir(),
+        getConfig: () => ({ ...DEFAULT_EXTENSION_CONFIG, debugLog: true }),
       });
-      const logger = createSessionLogger(runtime);
+      const logger = createSessionLogger(deps);
-      logger.warn("Something went wrong");
+      logger.debug("test.event");
+      expect(deps.notify).toHaveBeenCalledOnce();
+      expect(deps.notify).toHaveBeenCalledWith(
+        expect.stringContaining("Failed to"),
+      );
+    });
+    it("deduplicates the same IO-failure warning across multiple writes", () => {
+      const deps = makeDeps({
+        globalLogsDir: makeBlockedLogsDir(),
+        getConfig: () => ({ ...DEFAULT_EXTENSION_CONFIG, debugLog: true }),
+      });
+      const logger = createSessionLogger(deps);
+      logger.debug("event.one");
+      logger.debug("event.two");
+      expect(deps.notify).toHaveBeenCalledOnce();
+    });
+    it("shares the dedup set across debug and review — same message notified only once", () => {
+      const deps = makeDeps({
+        globalLogsDir: makeBlockedLogsDir(),
+        getConfig: () => ({
+          ...DEFAULT_EXTENSION_CONFIG,
+          debugLog: true,
+          permissionReviewLog: true,
+        }),
+      });
+      const logger = createSessionLogger(deps);
-      expect(notify).toHaveBeenCalledWith("Something went wrong", "warning");
+      logger.debug("event.one"); // emits warning
+      logger.review("event.two"); // same error message → suppressed
+      expect(deps.notify).toHaveBeenCalledOnce();
     });
+  });
-    it("does not throw when runtimeContext is null", () => {
-      const runtime = makeRuntime({ runtimeContext: null });
-      const logger = createSessionLogger(runtime);
+  // ── warn ──────────────────────────────────────────────────────────────────
-      expect(() => logger.warn("no-op warning")).not.toThrow();
+  describe("warn", () => {
+    it("calls notify with the message directly", () => {
+      const deps = makeDeps();
+      const logger = createSessionLogger(deps);
+      logger.warn("Something went wrong");
+      expect(deps.notify).toHaveBeenCalledWith("Something went wrong");
     });
-    it("reads runtimeContext at call time, not at creation time", () => {
-      const runtime = makeRuntime({ runtimeContext: null });
-      const logger = createSessionLogger(runtime);
+    it("calls notify for every warn — not deduplicated", () => {
+      const deps = makeDeps();
+      const logger = createSessionLogger(deps);
-      // runtimeContext is null at creation — warn should be a no-op now
-      logger.warn("early warning");
+      logger.warn("same message");
+      logger.warn("same message");
-      // Later runtimeContext is set
-      const notify = vi.fn();
-      runtime.runtimeContext = {
-        ui: { notify, setStatus: vi.fn(), select: vi.fn(), input: vi.fn() },
-      } as unknown as ExtensionRuntime["runtimeContext"];
+      expect(deps.notify).toHaveBeenCalledTimes(2);
+    });
-      logger.warn("late warning");
+    it("does not throw when notify is a no-op", () => {
+      const deps: SessionLoggerDeps = {
+        globalLogsDir: tempDir,
+        getConfig: () => ({ ...DEFAULT_EXTENSION_CONFIG }),
+        notify: () => {},
+      };
+      const logger = createSessionLogger(deps);
-      expect(notify).toHaveBeenCalledOnce();
-      expect(notify).toHaveBeenCalledWith("late warning", "warning");
+      expect(() => logger.warn("test")).not.toThrow();
     });
   });
 });

package/src/runtime.ts DELETED Viewed

@@ -1,147 +0,0 @@
-import { join } from "node:path";
-import {
-  type ExtensionContext,
-  getAgentDir,
-} from "@earendil-works/pi-coding-agent";
-import { DEBUG_LOG_FILENAME, REVIEW_LOG_FILENAME } from "./config-paths";
-import { ConfigStore, type RuntimeContextRef } from "./config-store";
-import { ensurePermissionSystemLogsDirectory } from "./extension-config";
-import { computeExtensionPaths, type ExtensionPaths } from "./extension-paths";
-export type { ExtensionPaths } from "./extension-paths";
-import { createPermissionSystemLogger } from "./logging";
-import { PermissionManager } from "./permission-manager";
-import { SessionRules } from "./session-rules";
-import type { SkillPromptEntry } from "./skill-prompt-sanitizer";
-/**
- * Mutable session state — the subset of ExtensionRuntime that holds
- * per-session fields. `PermissionSession` now owns these for handler
- * use; this interface remains so `ExtensionRuntime` can still serve
- * as the internal composition root (config-modal, RPC handlers).
- */
-interface SessionState {
-  runtimeContext: ExtensionContext | null;
-  permissionManager: PermissionManager;
-  readonly sessionRules: SessionRules;
-  activeSkillEntries: SkillPromptEntry[];
-  lastKnownActiveAgentName: string | null;
-  lastActiveToolsCacheKey: string | null;
-  lastPromptStateCacheKey: string | null;
-}
-/**
- * Runtime context object created once inside `piPermissionSystemExtension()`.
- *
- * Holds all path constants (derived from `getAgentDir()` at construction time),
- * mutable extension state, and the log-writing methods — eliminating the
- * module-scope cached constants and setter-injection pattern that previously
- * lived in `src/index.ts`.
- *
- * Tests construct this via `createExtensionRuntime({ agentDir: tmpDir })`
- * without timing issues around `PI_CODING_AGENT_DIR`.
- */
-export interface ExtensionRuntime extends ExtensionPaths, SessionState {
-  /** The store that owns extension config. */
-  configStore: ConfigStore;
-  // ── Logging (backed by logger created at construction) ─────────────────
-  writeDebugLog(event: string, details?: Record<string, unknown>): void;
-  writeReviewLog(event: string, details?: Record<string, unknown>): void;
-}
-// ── Factory ────────────────────────────────────────────────────────────────
-/**
- * Create a fully-initialized `ExtensionRuntime`.
- *
- * Calls `getAgentDir()` at invocation time (never at module scope), so tests
- * may set `PI_CODING_AGENT_DIR` before calling the factory.
- */
-export function createExtensionRuntime(options?: {
-  agentDir?: string;
-}): ExtensionRuntime {
-  const agentDir = options?.agentDir ?? getAgentDir();
-  const paths = computeExtensionPaths(agentDir);
-  const permissionManager = new PermissionManager({ agentDir });
-  const runtime: ExtensionRuntime = {
-    ...paths,
-    runtimeContext: null,
-    configStore: null as unknown as ConfigStore,
-    permissionManager,
-    activeSkillEntries: [],
-    lastKnownActiveAgentName: null,
-    lastActiveToolsCacheKey: null,
-    lastPromptStateCacheKey: null,
-    sessionRules: new SessionRules(),
-    // Logging methods are replaced below after the logger is constructed.
-    writeDebugLog: () => {},
-    writeReviewLog: () => {},
-  };
-  // Transitional RuntimeContextRef: reads/writes the still-runtime-owned
-  // `runtimeContext` field until Step 4 (#337) unifies context onto
-  // PermissionSession.
-  const contextRef: RuntimeContextRef = {
-    get: () => runtime.runtimeContext,
-    set: (ctx) => {
-      runtime.runtimeContext = ctx;
-    },
-  };
-  const configStore = new ConfigStore({
-    agentDir,
-    context: contextRef,
-    policyPaths: permissionManager,
-    logger: {
-      // Deferred-binding: `runtime.writeDebugLog` is replaced below after
-      // the logger is constructed — same deferred pattern as before Step 2.
-      writeDebugLog: (e, d) => runtime.writeDebugLog(e, d),
-      writeReviewLog: (e, d) => runtime.writeReviewLog(e, d),
-    },
-  });
-  runtime.configStore = configStore;
-  const reportedLoggingWarnings = new Set<string>();
-  const logger = createPermissionSystemLogger({
-    getConfig: () => configStore.current(),
-    debugLogPath: join(paths.globalLogsDir, DEBUG_LOG_FILENAME),
-    reviewLogPath: join(paths.globalLogsDir, REVIEW_LOG_FILENAME),
-    ensureLogsDirectory: () =>
-      ensurePermissionSystemLogsDirectory(paths.globalLogsDir),
-  });
-  const reportLoggingWarning = (message: string): void => {
-    if (reportedLoggingWarnings.has(message)) {
-      return;
-    }
-    reportedLoggingWarnings.add(message);
-    runtime.runtimeContext?.ui.notify(message, "warning");
-  };
-  runtime.writeDebugLog = (
-    event: string,
-    details: Record<string, unknown> = {},
-  ): void => {
-    const warning = logger.debug(event, details);
-    if (warning) {
-      reportLoggingWarning(warning);
-    }
-  };
-  runtime.writeReviewLog = (
-    event: string,
-    details: Record<string, unknown> = {},
-  ): void => {
-    const warning = logger.review(event, details);
-    if (warning) {
-      reportLoggingWarning(warning);
-    }
-  };
-  return runtime;
-}