@gotgenes/pi-permission-system 10.3.0 → 10.4.0

package/test/permission-forwarder.test.ts

@@ -3,7 +3,7 @@ import { tmpdir } from "node:os";
 import { join } from "node:path";
 import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
 import { afterEach, describe, expect, test, vi } from "vitest";
-
+import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
 import {
   PermissionForwarder,
   type PermissionForwarderDeps,
@@ -18,12 +18,11 @@ function makeDeps(
   return {
     forwardingDir: "/tmp/forwarding",
     subagentSessionsDir: "/tmp/subagents",
-    logger: { writeReviewLog: vi.fn(), writeDebugLog: vi.fn() },
-    writeReviewLog: vi.fn(),
+    logger: { review: vi.fn(), debug: vi.fn() },
     requestPermissionDecisionFromUi: vi
       .fn()
       .mockResolvedValue({ approved: true, state: "approved" as const }),
-    shouldAutoApprove: () => false,
+    config: { current: () => ({ ...DEFAULT_EXTENSION_CONFIG }) },
     ...overrides,
   };
 }
@@ -271,7 +270,9 @@ describe("processInbox", () => {
           forwardingDir,
           events,
           requestPermissionDecisionFromUi,
-          shouldAutoApprove: () => true,
+          config: {
+            current: () => ({ ...DEFAULT_EXTENSION_CONFIG, yoloMode: true }),
+          },
         }),
       );
 

package/test/permission-prompter.test.ts

@@ -50,7 +50,7 @@ function makeDeps(
 ): PermissionPrompterDeps {
   return {
     config: makeConfigReader(),
-    writeReviewLog: vi.fn(),
+    logger: { review: vi.fn() },
     events: { emit: vi.fn(), on: vi.fn().mockReturnValue(() => undefined) },
     forwarder: { requestApproval: mockRequestApproval },
     ...overrides,
@@ -97,32 +97,32 @@ describe("PermissionPrompter", () => {
     });
 
     it("logs permission_request.auto_approved in yolo mode", async () => {
-      const writeReviewLog = vi.fn();
+      const logger = { review: vi.fn() };
       const deps = makeDeps({
         config: makeConfigReader({ yoloMode: true }),
-        writeReviewLog,
+        logger,
       });
       const prompter = new PermissionPrompter(deps);
 
       await prompter.prompt(makeCtx(false), makeDetails());
 
-      expect(writeReviewLog).toHaveBeenCalledWith(
+      expect(logger.review).toHaveBeenCalledWith(
         "permission_request.auto_approved",
         expect.objectContaining({ requestId: "req-123" }),
       );
     });
 
     it("does not log permission_request.waiting in yolo mode", async () => {
-      const writeReviewLog = vi.fn();
+      const logger = { review: vi.fn() };
       const deps = makeDeps({
         config: makeConfigReader({ yoloMode: true }),
-        writeReviewLog,
+        logger,
       });
       const prompter = new PermissionPrompter(deps);
 
       await prompter.prompt(makeCtx(false), makeDetails());
 
-      expect(writeReviewLog).not.toHaveBeenCalledWith(
+      expect(logger.review).not.toHaveBeenCalledWith(
         "permission_request.waiting",
         expect.anything(),
       );
@@ -144,18 +144,18 @@ describe("PermissionPrompter", () => {
 
   describe("non-yolo path (UI present)", () => {
     it("logs permission_request.waiting before calling confirmPermission", async () => {
-      const writeReviewLog = vi.fn();
+      const logger = { review: vi.fn() };
       const approved: PermissionPromptDecision = {
         approved: true,
         state: "approved",
       };
       mockRequestApproval.mockResolvedValue(approved);
-      const deps = makeDeps({ writeReviewLog });
+      const deps = makeDeps({ logger });
       const prompter = new PermissionPrompter(deps);
 
       await prompter.prompt(makeCtx(true), makeDetails());
 
-      const calls = writeReviewLog.mock.calls.map((c) => c[0] as string);
+      const calls = logger.review.mock.calls.map((c) => c[0] as string);
       expect(
         calls.indexOf("permission_request.waiting"),
       ).toBeGreaterThanOrEqual(0);
@@ -249,17 +249,17 @@ describe("PermissionPrompter", () => {
     });
 
     it("logs permission_request.approved when confirmPermission returns approved", async () => {
-      const writeReviewLog = vi.fn();
+      const logger = { review: vi.fn() };
       mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
-      const deps = makeDeps({ writeReviewLog });
+      const deps = makeDeps({ logger });
       const prompter = new PermissionPrompter(deps);
 
       await prompter.prompt(makeCtx(true), makeDetails());
 
-      expect(writeReviewLog).toHaveBeenCalledWith(
+      expect(logger.review).toHaveBeenCalledWith(
         "permission_request.approved",
         expect.objectContaining({
           requestId: "req-123",
@@ -269,17 +269,17 @@ describe("PermissionPrompter", () => {
     });
 
     it("logs permission_request.denied when confirmPermission returns denied", async () => {
-      const writeReviewLog = vi.fn();
+      const logger = { review: vi.fn() };
       mockRequestApproval.mockResolvedValue({
         approved: false,
         state: "denied",
       });
-      const deps = makeDeps({ writeReviewLog });
+      const deps = makeDeps({ logger });
       const prompter = new PermissionPrompter(deps);
 
       await prompter.prompt(makeCtx(true), makeDetails());
 
-      expect(writeReviewLog).toHaveBeenCalledWith(
+      expect(logger.review).toHaveBeenCalledWith(
         "permission_request.denied",
         expect.objectContaining({
           requestId: "req-123",
@@ -289,18 +289,18 @@ describe("PermissionPrompter", () => {
     });
 
     it("logs permission_request.denied with denialReason when present", async () => {
-      const writeReviewLog = vi.fn();
+      const logger = { review: vi.fn() };
       mockRequestApproval.mockResolvedValue({
         approved: false,
         state: "denied_with_reason",
         denialReason: "too sensitive",
       });
-      const deps = makeDeps({ writeReviewLog });
+      const deps = makeDeps({ logger });
       const prompter = new PermissionPrompter(deps);
 
       await prompter.prompt(makeCtx(true), makeDetails());
 
-      expect(writeReviewLog).toHaveBeenCalledWith(
+      expect(logger.review).toHaveBeenCalledWith(
         "permission_request.denied",
         expect.objectContaining({
           denialReason: "too sensitive",
@@ -406,12 +406,12 @@ describe("PermissionPrompter", () => {
 
   describe("review log fields", () => {
     it("includes all standard fields in the waiting log entry", async () => {
-      const writeReviewLog = vi.fn();
+      const logger = { review: vi.fn() };
       mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
-      const deps = makeDeps({ writeReviewLog });
+      const deps = makeDeps({ logger });
       const prompter = new PermissionPrompter(deps);
       const details = makeDetails({
         toolCallId: "tc-1",
@@ -424,7 +424,7 @@ describe("PermissionPrompter", () => {
 
       await prompter.prompt(makeCtx(true), details);
 
-      expect(writeReviewLog).toHaveBeenCalledWith(
+      expect(logger.review).toHaveBeenCalledWith(
         "permission_request.waiting",
         expect.objectContaining({
           requestId: "req-123",
@@ -443,17 +443,17 @@ describe("PermissionPrompter", () => {
     });
 
     it("uses null for optional fields not present in details", async () => {
-      const writeReviewLog = vi.fn();
+      const logger = { review: vi.fn() };
       mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
-      const deps = makeDeps({ writeReviewLog });
+      const deps = makeDeps({ logger });
       const prompter = new PermissionPrompter(deps);
 
       await prompter.prompt(makeCtx(true), makeDetails());
 
-      expect(writeReviewLog).toHaveBeenCalledWith(
+      expect(logger.review).toHaveBeenCalledWith(
         "permission_request.waiting",
         expect.objectContaining({
           toolCallId: null,
@@ -499,17 +499,17 @@ describe("PermissionPrompter", () => {
     });
 
     it("logs the outcome when confirmPermission resolves via forwarding", async () => {
-      const writeReviewLog = vi.fn();
+      const logger = { review: vi.fn() };
       mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
-      const deps = makeDeps({ writeReviewLog });
+      const deps = makeDeps({ logger });
       const prompter = new PermissionPrompter(deps);
 
       await prompter.prompt(makeCtx(false), makeDetails());
 
-      expect(writeReviewLog).toHaveBeenCalledWith(
+      expect(logger.review).toHaveBeenCalledWith(
         "permission_request.approved",
         expect.objectContaining({ requestId: "req-123" }),
       );

package/test/permission-session.test.ts

@@ -22,13 +22,12 @@ import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
 import type { ExtensionPaths } from "#src/extension-paths";
 import type { ForwardingController } from "#src/forwarding-manager";
 import type { ScopedPermissionManager } from "#src/permission-manager";
-import {
-  PermissionSession,
-  type PermissionSessionRuntimeDeps,
-} from "#src/permission-session";
+import { PermissionSession } from "#src/permission-session";
+import type { PromptingGatewayLifecycle } from "#src/prompting-gateway";
 import type { Ruleset } from "#src/rule";
 import { SessionApproval } from "#src/session-approval";
 import type { SessionLogger } from "#src/session-logger";
+import { SessionRules } from "#src/session-rules";
 import type { SkillPromptEntry } from "#src/skill-prompt-sanitizer";
 import type { PermissionCheckResult, PermissionState } from "#src/types";
 import { makeCtx } from "#test/helpers/handler-fixtures";
@@ -82,12 +81,10 @@ function makeConfigStore(
   };
 }
 
-function makeRuntimeDeps(): PermissionSessionRuntimeDeps {
+function makeGateway(): PromptingGatewayLifecycle {
   return {
-    canRequestPermissionConfirmation: vi.fn().mockReturnValue(true),
-    promptPermission: vi
-      .fn()
-      .mockResolvedValue({ approved: true, state: "approved" }),
+    activate: vi.fn<PromptingGatewayLifecycle["activate"]>(),
+    deactivate: vi.fn<PromptingGatewayLifecycle["deactivate"]>(),
   };
 }
 
@@ -129,32 +126,44 @@ function createSession(overrides?: {
   logger?: SessionLogger;
   forwarding?: ForwardingController;
   permissionManager?: ScopedPermissionManager;
+  sessionRules?: SessionRules;
   configStore?: SessionConfigStore;
-  runtimeDeps?: PermissionSessionRuntimeDeps;
+  gateway?: PromptingGatewayLifecycle;
 }): {
   session: PermissionSession;
   paths: ExtensionPaths;
   logger: SessionLogger;
   forwarding: ForwardingController;
+  sessionRules: SessionRules;
   configStore: SessionConfigStore;
-  runtimeDeps: PermissionSessionRuntimeDeps;
+  gateway: PromptingGatewayLifecycle;
 } {
   const paths = makePaths(overrides?.paths);
   const logger = overrides?.logger ?? makeLogger();
   const forwarding = overrides?.forwarding ?? makeForwarding();
   const permissionManager =
     overrides?.permissionManager ?? makePermissionManager();
+  const sessionRules = overrides?.sessionRules ?? new SessionRules();
   const configStore = overrides?.configStore ?? makeConfigStore();
-  const runtimeDeps = overrides?.runtimeDeps ?? makeRuntimeDeps();
+  const gateway = overrides?.gateway ?? makeGateway();
   const session = new PermissionSession(
     paths,
     logger,
     forwarding,
     permissionManager,
+    sessionRules,
     configStore,
-    runtimeDeps,
+    gateway,
   );
-  return { session, paths, logger, forwarding, configStore, runtimeDeps };
+  return {
+    session,
+    paths,
+    logger,
+    forwarding,
+    sessionRules,
+    configStore,
+    gateway,
+  };
 }
 
 // ── Tests ──────────────────────────────────────────────────────────────────
@@ -316,6 +325,23 @@ describe("PermissionSession", () => {
 
       expect(forwarding.stop).toHaveBeenCalled();
     });
+
+    it("forwards activate to the gateway", () => {
+      const { session, gateway } = createSession();
+      const ctx = makeCtx();
+
+      session.activate(ctx);
+
+      expect(gateway.activate).toHaveBeenCalledWith(ctx);
+    });
+
+    it("forwards deactivate to the gateway", () => {
+      const { session, gateway } = createSession();
+      session.activate(makeCtx());
+      session.deactivate();
+
+      expect(gateway.deactivate).toHaveBeenCalled();
+    });
   });
 
   describe("resetForNewSession", () => {
@@ -614,102 +640,4 @@ describe("PermissionSession", () => {
       expect(session.getRuntimeContext()).toBeNull();
     });
   });
-
-  describe("canConfirm", () => {
-    it("returns true when context is active and canPrompt returns true", () => {
-      const { session } = createSession();
-      session.activate(makeCtx());
-      expect(session.canConfirm()).toBe(true);
-    });
-
-    it("returns false when no context is active", () => {
-      const { session } = createSession();
-      expect(session.canConfirm()).toBe(false);
-    });
-
-    it("returns false when canPrompt returns false", () => {
-      const runtimeDeps = makeRuntimeDeps();
-      (
-        runtimeDeps.canRequestPermissionConfirmation as ReturnType<typeof vi.fn>
-      ).mockReturnValue(false);
-      const { session } = createSession({ runtimeDeps });
-      session.activate(makeCtx());
-      expect(session.canConfirm()).toBe(false);
-    });
-  });
-
-  describe("promptPermission", () => {
-    it("delegates to prompt with stored context", async () => {
-      const { session, runtimeDeps } = createSession();
-      const ctx = makeCtx();
-      session.activate(ctx);
-      const details = {
-        requestId: "req-1",
-        source: "tool_call" as const,
-        agentName: null,
-        message: "Allow?",
-      };
-
-      const result = await session.promptPermission(details);
-
-      expect(runtimeDeps.promptPermission).toHaveBeenCalledWith(ctx, details);
-      expect(result).toEqual({ approved: true, state: "approved" });
-    });
-
-    it("throws when no context is active", async () => {
-      const { session } = createSession();
-      const details = {
-        requestId: "req-1",
-        source: "tool_call" as const,
-        agentName: null,
-        message: "Allow?",
-      };
-
-      await expect(session.promptPermission(details)).rejects.toThrow(
-        "promptPermission called before the session was activated",
-      );
-    });
-  });
-
-  describe("canPrompt", () => {
-    it("delegates to runtimeDeps.canRequestPermissionConfirmation", () => {
-      const { session, runtimeDeps } = createSession();
-      const ctx = makeCtx();
-
-      const result = session.canPrompt(ctx);
-
-      expect(runtimeDeps.canRequestPermissionConfirmation).toHaveBeenCalledWith(
-        ctx,
-      );
-      expect(result).toBe(true);
-    });
-
-    it("returns false when runtimeDeps says no", () => {
-      const runtimeDeps = makeRuntimeDeps();
-      (
-        runtimeDeps.canRequestPermissionConfirmation as ReturnType<typeof vi.fn>
-      ).mockReturnValue(false);
-      const { session } = createSession({ runtimeDeps });
-
-      expect(session.canPrompt(makeCtx())).toBe(false);
-    });
-  });
-
-  describe("prompt", () => {
-    it("delegates to runtimeDeps.promptPermission", async () => {
-      const { session, runtimeDeps } = createSession();
-      const ctx = makeCtx();
-      const details = {
-        requestId: "req-1",
-        source: "tool_call" as const,
-        agentName: null,
-        message: "Allow?",
-      };
-
-      const result = await session.prompt(ctx, details);
-
-      expect(runtimeDeps.promptPermission).toHaveBeenCalledWith(ctx, details);
-      expect(result).toEqual({ approved: true, state: "approved" });
-    });
-  });
 });

package/test/prompting-gateway.test.ts

@@ -0,0 +1,230 @@
+/**
+ * Unit tests for PromptingGateway.
+ *
+ * The gateway owns the stored ExtensionContext and is the sole implementation
+ * of the GatePrompter role. These tests exercise canConfirm() across all
+ * policy permutations and verify the prompt/reject contract for promptPermission().
+ */
+import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
+import { afterEach, describe, expect, it, vi } from "vitest";
+
+import type { ConfigReader } from "#src/config-store";
+import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
+import type { PermissionPromptDecision } from "#src/permission-dialog";
+import type {
+  PermissionPrompterApi,
+  PromptPermissionDetails,
+} from "#src/permission-prompter";
+import {
+  PromptingGateway,
+  type PromptingGatewayDeps,
+} from "#src/prompting-gateway";
+
+// ── Test helpers ──────────────────────────────────────────────────────────
+
+function makeCtx(overrides: Partial<ExtensionContext> = {}): ExtensionContext {
+  return {
+    cwd: "/test/project",
+    hasUI: true,
+    ui: {
+      setStatus: vi.fn(),
+      notify: vi.fn(),
+      select: vi.fn(),
+      input: vi.fn(),
+    },
+    sessionManager: {
+      getEntries: vi.fn().mockReturnValue([]),
+      getSessionDir: vi.fn().mockReturnValue("/sessions/test"),
+      getSessionId: vi.fn().mockReturnValue(null),
+      addEntry: vi.fn(),
+    },
+    ...overrides,
+  } as unknown as ExtensionContext;
+}
+
+function makeConfigReader(
+  overrides: Partial<typeof DEFAULT_EXTENSION_CONFIG> = {},
+): ConfigReader {
+  return {
+    current: vi
+      .fn<() => typeof DEFAULT_EXTENSION_CONFIG>()
+      .mockReturnValue({ ...DEFAULT_EXTENSION_CONFIG, ...overrides }),
+  };
+}
+
+function makePrompterApi(): PermissionPrompterApi & {
+  prompt: ReturnType<typeof vi.fn>;
+} {
+  return {
+    prompt: vi
+      .fn<PermissionPrompterApi["prompt"]>()
+      .mockResolvedValue({ approved: true, state: "approved" }),
+  };
+}
+
+function makeDetails(): PromptPermissionDetails {
+  return {
+    requestId: "req-1",
+    source: "tool_call",
+    agentName: null,
+    message: "Allow this?",
+  };
+}
+
+function makeDeps(
+  overrides: Partial<PromptingGatewayDeps> = {},
+): PromptingGatewayDeps {
+  return {
+    config: overrides.config ?? makeConfigReader(),
+    subagentSessionsDir:
+      overrides.subagentSessionsDir ?? "/test/agent/subagent-sessions",
+    registry: overrides.registry,
+    prompter: overrides.prompter ?? makePrompterApi(),
+  };
+}
+
+// ── Tests ─────────────────────────────────────────────────────────────────
+
+describe("PromptingGateway", () => {
+  describe("canConfirm", () => {
+    it("returns false before activate", () => {
+      const gateway = new PromptingGateway(makeDeps());
+      expect(gateway.canConfirm()).toBe(false);
+    });
+
+    it("returns true after activate when context has UI", () => {
+      const gateway = new PromptingGateway(makeDeps());
+      gateway.activate(makeCtx({ hasUI: true }));
+      expect(gateway.canConfirm()).toBe(true);
+    });
+
+    it("returns false when context has no UI, is not a subagent, and yolo mode is off", () => {
+      const gateway = new PromptingGateway(
+        makeDeps({ config: makeConfigReader({ yoloMode: false }) }),
+      );
+      gateway.activate(makeCtx({ hasUI: false }));
+      expect(gateway.canConfirm()).toBe(false);
+    });
+
+    it("returns true when yolo mode is enabled (no UI, not subagent)", () => {
+      const gateway = new PromptingGateway(
+        makeDeps({ config: makeConfigReader({ yoloMode: true }) }),
+      );
+      gateway.activate(makeCtx({ hasUI: false }));
+      expect(gateway.canConfirm()).toBe(true);
+    });
+
+    it("returns true when running as a subagent (env hint)", () => {
+      vi.stubEnv("PI_IS_SUBAGENT", "1");
+      const gateway = new PromptingGateway(
+        makeDeps({ config: makeConfigReader({ yoloMode: false }) }),
+      );
+      gateway.activate(makeCtx({ hasUI: false }));
+      expect(gateway.canConfirm()).toBe(true);
+      vi.unstubAllEnvs();
+    });
+
+    it("returns false after deactivate", () => {
+      const gateway = new PromptingGateway(makeDeps());
+      gateway.activate(makeCtx({ hasUI: true }));
+      gateway.deactivate();
+      expect(gateway.canConfirm()).toBe(false);
+    });
+
+    it("returns true after re-activate following deactivate", () => {
+      const gateway = new PromptingGateway(makeDeps());
+      gateway.activate(makeCtx({ hasUI: true }));
+      gateway.deactivate();
+      gateway.activate(makeCtx({ hasUI: true }));
+      expect(gateway.canConfirm()).toBe(true);
+    });
+  });
+
+  describe("prompt", () => {
+    it("rejects before activate", async () => {
+      const gateway = new PromptingGateway(makeDeps());
+      await expect(gateway.prompt(makeDetails())).rejects.toThrow(
+        "prompt called before the session was activated",
+      );
+    });
+
+    it("delegates to deps.prompter.prompt with the stored context", async () => {
+      const prompter = makePrompterApi();
+      const gateway = new PromptingGateway(makeDeps({ prompter }));
+      const ctx = makeCtx();
+      gateway.activate(ctx);
+      const details = makeDetails();
+
+      const result = await gateway.prompt(details);
+
+      expect(prompter.prompt).toHaveBeenCalledWith(ctx, details);
+      expect(result).toEqual({ approved: true, state: "approved" });
+    });
+
+    it("uses the most recently activated context", async () => {
+      const prompter = makePrompterApi();
+      const gateway = new PromptingGateway(makeDeps({ prompter }));
+      const firstCtx = makeCtx({ cwd: "/first" });
+      const secondCtx = makeCtx({ cwd: "/second" });
+
+      gateway.activate(firstCtx);
+      gateway.activate(secondCtx);
+
+      await gateway.prompt(makeDetails());
+
+      expect(prompter.prompt).toHaveBeenCalledWith(
+        secondCtx,
+        expect.anything(),
+      );
+    });
+
+    it("rejects after deactivate", async () => {
+      const gateway = new PromptingGateway(makeDeps());
+      gateway.activate(makeCtx());
+      gateway.deactivate();
+      await expect(gateway.prompt(makeDetails())).rejects.toThrow(
+        "prompt called before the session was activated",
+      );
+    });
+
+    it("returns the prompter decision", async () => {
+      const decision: PermissionPromptDecision = {
+        approved: false,
+        state: "denied",
+        denialReason: "user declined",
+      };
+      const prompter = makePrompterApi();
+      prompter.prompt.mockResolvedValue(decision);
+      const gateway = new PromptingGateway(makeDeps({ prompter }));
+      gateway.activate(makeCtx());
+
+      const result = await gateway.prompt(makeDetails());
+
+      expect(result).toEqual(decision);
+    });
+  });
+
+  describe("lifecycle", () => {
+    afterEach(() => {
+      vi.unstubAllEnvs();
+    });
+
+    it("activate then deactivate clears the stored context", () => {
+      const gateway = new PromptingGateway(makeDeps());
+      gateway.activate(makeCtx());
+      gateway.deactivate();
+      expect(gateway.canConfirm()).toBe(false);
+    });
+
+    it("multiple activate calls update the stored context", () => {
+      const prompter = makePrompterApi();
+      const gateway = new PromptingGateway(makeDeps({ prompter }));
+      const ctx2 = makeCtx({ cwd: "/new" });
+      gateway.activate(makeCtx({ cwd: "/old" }));
+      gateway.activate(ctx2);
+
+      // canConfirm still works (context set)
+      expect(gateway.canConfirm()).toBe(true);
+    });
+  });
+});