@gotgenes/pi-permission-system 10.3.1 → 10.4.0

package/src/permission-session.ts

@@ -10,11 +10,9 @@ import type { PermissionSystemExtensionConfig } from "./extension-config";
 import type { ExtensionPaths } from "./extension-paths";
 import type { ForwardingController } from "./forwarding-manager";
 import type { GateHandlerSession } from "./gate-handler-session";
-import type { GatePrompter } from "./gate-prompter";
-import type { PermissionPromptDecision } from "./permission-dialog";
 import type { ScopedPermissionManager } from "./permission-manager";
-import type { PromptPermissionDetails } from "./permission-prompter";
 import type { PermissionResolver } from "./permission-resolver";
+import type { PromptingGatewayLifecycle } from "./prompting-gateway";
 import type { Rule } from "./rule";
 import type { SessionApproval } from "./session-approval";
 import type { SessionApprovalRecorder } from "./session-approval-recorder";
@@ -28,21 +26,6 @@ import {
 } from "./tool-preview-formatter";
 import type { PermissionCheckResult, PermissionState } from "./types";
 
-/**
- * Runtime operations that `PermissionSession` delegates to but does not own.
- *
- * Injected at construction time from the composition root (`index.ts`).
- */
-export interface PermissionSessionRuntimeDeps {
-  /** Whether the current context can show an interactive permission prompt. */
-  canRequestPermissionConfirmation(ctx: ExtensionContext): boolean;
-  /** Prompt the user for a permission decision, log the outcome, and return it. */
-  promptPermission(
-    ctx: ExtensionContext,
-    details: PromptPermissionDetails,
-  ): Promise<PermissionPromptDecision>;
-}
-
 /**
  * Encapsulates all mutable session state and exposes operations instead of
  * fields.
@@ -56,13 +39,12 @@ export interface PermissionSessionRuntimeDeps {
  * - `SessionLogger` — debug + review + warn
  * - `ForwardingController` — polling lifecycle
  * - `SessionConfigStore` — owns extension config; provides refresh, log, read
- * - `PermissionSessionRuntimeDeps` — prompting + permission-confirmation bridge
+ * - `PromptingGatewayLifecycle` — prompting lifecycle forwarded via activate/deactivate
  */
 export class PermissionSession
   implements
     PermissionResolver,
     SessionApprovalRecorder,
-    GatePrompter,
     GateHandlerSession,
     AgentPrepSession,
     SessionLifecycleSession
@@ -80,21 +62,23 @@ export class PermissionSession
     private readonly permissionManager: ScopedPermissionManager,
     private readonly sessionRules: SessionRules,
     private readonly configStore: SessionConfigStore,
-    private readonly runtimeDeps: PermissionSessionRuntimeDeps,
+    private readonly gateway: PromptingGatewayLifecycle,
   ) {}
 
   // ── Context lifecycle ──────────────────────────────────────────────────
 
-  /** Store the current extension context and start forwarding. */
+  /** Store the current extension context, start forwarding, and activate the gateway. */
   activate(ctx: ExtensionContext): void {
     this.context = ctx;
     this.forwarding.start(ctx);
+    this.gateway.activate(ctx);
   }
 
-  /** Clear the context and stop forwarding. */
+  /** Clear the context, stop forwarding, and deactivate the gateway. */
   deactivate(): void {
     this.context = null;
     this.forwarding.stop();
+    this.gateway.deactivate();
   }
 
   /** Return the current runtime context, or null if not activated. */
@@ -291,44 +275,4 @@ export class PermissionSession
   getToolPreviewLimits(): ToolPreviewFormatterOptions {
     return resolveToolPreviewLimits(this.config);
   }
-
-  // ── Prompting ──────────────────────────────────────────────────────────
-
-  /** Whether the current context can show an interactive permission prompt. */
-  canPrompt(ctx: ExtensionContext): boolean {
-    return this.runtimeDeps.canRequestPermissionConfirmation(ctx);
-  }
-
-  /** Prompt the user for a permission decision, log the outcome, and return it. */
-  prompt(
-    ctx: ExtensionContext,
-    details: PromptPermissionDetails,
-  ): Promise<PermissionPromptDecision> {
-    return this.runtimeDeps.promptPermission(ctx, details);
-  }
-
-  /**
-   * Whether an interactive confirmation is possible using the stored context.
-   * Returns `false` when no context is active (before `activate` is called).
-   * Implements {@link GatePrompter}.
-   */
-  canConfirm(): boolean {
-    return this.context !== null && this.canPrompt(this.context);
-  }
-
-  /**
-   * Prompt the user for a permission decision using the stored context.
-   * Throws if no context is active — `canConfirm()` guards this in normal use.
-   * Implements {@link GatePrompter}.
-   */
-  promptPermission(
-    details: PromptPermissionDetails,
-  ): Promise<PermissionPromptDecision> {
-    if (this.context === null) {
-      return Promise.reject(
-        new Error("promptPermission called before the session was activated"),
-      );
-    }
-    return this.prompt(this.context, details);
-  }
 }

package/src/prompting-gateway.ts

@@ -0,0 +1,104 @@
+import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
+
+import type { ConfigReader } from "./config-store";
+import type { GatePrompter } from "./gate-prompter";
+import type { PermissionPromptDecision } from "./permission-dialog";
+import type {
+  PermissionPrompterApi,
+  PromptPermissionDetails,
+} from "./permission-prompter";
+import { isSubagentExecutionContext } from "./subagent-context";
+import type { SubagentSessionRegistry } from "./subagent-registry";
+import { canResolveAskPermissionRequest } from "./yolo-mode";
+
+/**
+ * Dependencies required by PromptingGateway.
+ *
+ * All four fields are actively consumed:
+ * - `config` + `subagentSessionsDir` + `registry` drive `canConfirm()`.
+ * - `prompter` is called by `prompt()`.
+ */
+export interface PromptingGatewayDeps {
+  /** Read current config for the yolo-mode branch of the can-prompt policy. */
+  config: ConfigReader;
+  /** Static path used to detect a forwarding subagent context. */
+  subagentSessionsDir: string;
+  /** Process-global registry used to detect a registered child session. */
+  registry?: SubagentSessionRegistry;
+  /** Resolves the permission decision: direct UI dialog or forwarded to parent. */
+  prompter: PermissionPrompterApi;
+}
+
+/**
+ * The lifecycle slice of the gateway that PermissionSession drives.
+ *
+ * PermissionSession calls activate/deactivate to keep the gateway's stored
+ * context in sync with its own — the same pattern used for ForwardingController.
+ */
+export interface PromptingGatewayLifecycle {
+  activate(ctx: ExtensionContext): void;
+  deactivate(): void;
+}
+
+/**
+ * Context-owning implementation of the GatePrompter role.
+ *
+ * Owns the stored ExtensionContext and the "can we prompt?" policy
+ * (UI / subagent / yolo-mode), replacing the four twin methods
+ * that previously lived on PermissionSession.
+ *
+ * Lifecycle: PermissionSession drives activate/deactivate so the stored
+ * context mirrors the session context without independent call-site changes.
+ */
+export class PromptingGateway
+  implements GatePrompter, PromptingGatewayLifecycle
+{
+  private context: ExtensionContext | null = null;
+
+  constructor(private readonly deps: PromptingGatewayDeps) {}
+
+  /** Store the current extension context. */
+  activate(ctx: ExtensionContext): void {
+    this.context = ctx;
+  }
+
+  /** Clear the stored context. */
+  deactivate(): void {
+    this.context = null;
+  }
+
+  /**
+   * Whether an interactive permission prompt can be shown.
+   *
+   * Returns false when no context is active. Otherwise delegates to
+   * canResolveAskPermissionRequest, which checks hasUI, subagent status,
+   * and yolo-mode — relocating the policy from the index.ts closure.
+   */
+  canConfirm(): boolean {
+    if (this.context === null) return false;
+    return canResolveAskPermissionRequest({
+      config: this.deps.config.current(),
+      hasUI: this.context.hasUI,
+      isSubagent: isSubagentExecutionContext(
+        this.context,
+        this.deps.subagentSessionsDir,
+        this.deps.registry,
+      ),
+    });
+  }
+
+  /**
+   * Prompt the user for a permission decision using the stored context.
+   *
+   * Rejects if no context is active — canConfirm() guards this in normal use.
+   * Implements {@link GatePrompter}.
+   */
+  prompt(details: PromptPermissionDetails): Promise<PermissionPromptDecision> {
+    if (this.context === null) {
+      return Promise.reject(
+        new Error("prompt called before the session was activated"),
+      );
+    }
+    return this.deps.prompter.prompt(this.context, details);
+  }
+}

package/src/session-logger.ts

@@ -6,6 +6,22 @@ import {
 } from "./extension-config";
 import { createPermissionSystemLogger } from "./logging";
 
+/**
+ * Narrowest logging seam — consumers that only write review-log entries.
+ * Injected into `PermissionPrompter` and the RPC handlers.
+ */
+export interface ReviewLogger {
+  review(event: string, details?: Record<string, unknown>): void;
+}
+
+/**
+ * Logging seam for consumers that write both debug and review entries.
+ * Injected into `ConfigStore` and `PermissionForwarder`.
+ */
+export interface DebugReviewLogger extends ReviewLogger {
+  debug(event: string, details?: Record<string, unknown>): void;
+}
+
 /**
  * Unified logging + notification surface for handler deps.
  *
@@ -13,9 +29,7 @@ import { createPermissionSystemLogger } from "./logging";
  * `writeReviewLog`, `notifyWarning`) with a single typed collaborator.
  * This is an intermediate abstraction on the path to PermissionSession (#129).
  */
-export interface SessionLogger {
-  debug(event: string, details?: Record<string, unknown>): void;
-  review(event: string, details?: Record<string, unknown>): void;
+export interface SessionLogger extends DebugReviewLogger {
   warn(message: string): void;
 }
 

package/test/config-modal.test.ts

@@ -9,7 +9,7 @@ import {
   normalizePermissionSystemConfig,
   type PermissionSystemExtensionConfig,
 } from "#src/extension-config";
-import type { Rule } from "#src/rule";
+import type { Rule, Ruleset } from "#src/rule";
 
 vi.mock("@earendil-works/pi-coding-agent", () => ({
   getSettingsListTheme: () => ({}),
@@ -88,7 +88,9 @@ test("permission-system command completions expose top-level config actions", ()
     };
     const controller = {
       config: configStore,
-      getConfigPath: () => configPath,
+      configPath,
+      permissionManager: { getComposedConfigRules: () => [] as Ruleset },
+      session: { lastKnownActiveAgentName: null },
     };
 
     let definition: {
@@ -160,7 +162,9 @@ test("permission-system command handlers manage config summary, persistence, and
     };
     const controller = {
       config: configStore,
-      getConfigPath: () => configPath,
+      configPath,
+      permissionManager: { getComposedConfigRules: () => [] as Ruleset },
+      session: { lastKnownActiveAgentName: null },
     };
 
     let registeredName = "";
@@ -257,8 +261,9 @@ test("show output includes rule origins when getComposedRules is provided", asyn
 
   const controller = {
     config: { current: () => config, save: () => {} } as CommandConfigStore,
-    getConfigPath: () => "/fake/config.json",
-    getComposedRules: () => composedRules,
+    configPath: "/fake/config.json",
+    permissionManager: { getComposedConfigRules: () => composedRules },
+    session: { lastKnownActiveAgentName: null },
   };
 
   let definition: {
@@ -289,8 +294,9 @@ test("show output omits rule summary when getComposedRules is not provided", asy
 
   const controller = {
     config: { current: () => config, save: () => {} } as CommandConfigStore,
-    getConfigPath: () => "/fake/config.json",
-    // no getComposedRules
+    configPath: "/fake/config.json",
+    permissionManager: { getComposedConfigRules: () => [] as Ruleset },
+    session: { lastKnownActiveAgentName: null },
   };
 
   let definition: {

package/test/config-store.test.ts

@@ -90,10 +90,8 @@ function makePolicyPathProvider(
 
 function makeLogger() {
   return {
-    writeDebugLog:
-      vi.fn<(event: string, details?: Record<string, unknown>) => void>(),
-    writeReviewLog:
-      vi.fn<(event: string, details?: Record<string, unknown>) => void>(),
+    debug: vi.fn<(event: string, details?: Record<string, unknown>) => void>(),
+    review: vi.fn<(event: string, details?: Record<string, unknown>) => void>(),
   };
 }
 
@@ -197,7 +195,7 @@ describe("ConfigStore", () => {
     it("writes config.loaded debug log", () => {
       const { store, logger } = makeStore();
       store.refresh();
-      expect(logger.writeDebugLog).toHaveBeenCalledWith(
+      expect(logger.debug).toHaveBeenCalledWith(
         "config.loaded",
         expect.objectContaining({ debugLog: false }),
       );
@@ -336,7 +334,7 @@ describe("ConfigStore", () => {
     it("writes config.saved debug log after a successful save", () => {
       const { store, logger } = makeStore();
       store.save({ ...DEFAULT_EXTENSION_CONFIG }, makeCommandCtx());
-      expect(logger.writeDebugLog).toHaveBeenCalledWith(
+      expect(logger.debug).toHaveBeenCalledWith(
         "config.saved",
         expect.objectContaining({ debugLog: false }),
       );
@@ -357,7 +355,7 @@ describe("ConfigStore", () => {
       // current() is not updated on failure
       expect(store.current()).toEqual(DEFAULT_EXTENSION_CONFIG);
       // no debug log on failure
-      expect(logger.writeDebugLog).not.toHaveBeenCalledWith(
+      expect(logger.debug).not.toHaveBeenCalledWith(
         "config.saved",
         expect.anything(),
       );
@@ -381,11 +379,11 @@ describe("ConfigStore", () => {
     it("writes config.resolved to both review and debug logs", () => {
       const { store, logger } = makeStore();
       store.logResolvedPaths();
-      expect(logger.writeReviewLog).toHaveBeenCalledWith(
+      expect(logger.review).toHaveBeenCalledWith(
         "config.resolved",
         expect.any(Object),
       );
-      expect(logger.writeDebugLog).toHaveBeenCalledWith(
+      expect(logger.debug).toHaveBeenCalledWith(
         "config.resolved",
         expect.any(Object),
       );

package/test/forwarded-permissions/io.test.ts

@@ -1,19 +1,19 @@
 import { describe, expect, it, vi } from "vitest";
 
-import type { ForwardedPermissionLogger } from "#src/forwarded-permissions/io";
 import {
   formatUnknownErrorMessage,
   isErrnoCode,
   logPermissionForwardingError,
   logPermissionForwardingWarning,
 } from "#src/forwarded-permissions/io";
+import type { DebugReviewLogger } from "#src/session-logger";
 
 // ── helpers ────────────────────────────────────────────────────────────────
 
-function makeLogger(): ForwardedPermissionLogger {
+function makeLogger(): DebugReviewLogger {
   return {
-    writeReviewLog: vi.fn(),
-    writeDebugLog: vi.fn(),
+    review: vi.fn(),
+    debug: vi.fn(),
   };
 }
 
@@ -59,28 +59,27 @@ describe("isErrnoCode", () => {
 // ── logPermissionForwardingWarning ─────────────────────────────────────────
 
 describe("logPermissionForwardingWarning", () => {
-  it("calls logger.writeReviewLog with the warning event", () => {
+  it("calls logger.review with the warning event", () => {
     const logger = makeLogger();
     logPermissionForwardingWarning(logger, "something went wrong");
-    expect(logger.writeReviewLog).toHaveBeenCalledWith(
+    expect(logger.review).toHaveBeenCalledWith(
       "permission_forwarding.warning",
       { message: "something went wrong" },
     );
   });
 
-  it("calls logger.writeDebugLog with the warning event", () => {
+  it("calls logger.debug with the warning event", () => {
     const logger = makeLogger();
     logPermissionForwardingWarning(logger, "something went wrong");
-    expect(logger.writeDebugLog).toHaveBeenCalledWith(
-      "permission_forwarding.warning",
-      { message: "something went wrong" },
-    );
+    expect(logger.debug).toHaveBeenCalledWith("permission_forwarding.warning", {
+      message: "something went wrong",
+    });
   });
 
   it("includes formatted error when an error is provided", () => {
     const logger = makeLogger();
     logPermissionForwardingWarning(logger, "bad thing", new Error("fs fail"));
-    expect(logger.writeReviewLog).toHaveBeenCalledWith(
+    expect(logger.review).toHaveBeenCalledWith(
       "permission_forwarding.warning",
       { message: "bad thing", error: "fs fail" },
     );
@@ -102,31 +101,29 @@ describe("logPermissionForwardingWarning", () => {
 // ── logPermissionForwardingError ───────────────────────────────────────────
 
 describe("logPermissionForwardingError", () => {
-  it("calls logger.writeReviewLog with the error event", () => {
+  it("calls logger.review with the error event", () => {
     const logger = makeLogger();
     logPermissionForwardingError(logger, "critical failure");
-    expect(logger.writeReviewLog).toHaveBeenCalledWith(
-      "permission_forwarding.error",
-      { message: "critical failure" },
-    );
+    expect(logger.review).toHaveBeenCalledWith("permission_forwarding.error", {
+      message: "critical failure",
+    });
   });
 
-  it("calls logger.writeDebugLog with the error event", () => {
+  it("calls logger.debug with the error event", () => {
     const logger = makeLogger();
     logPermissionForwardingError(logger, "critical failure");
-    expect(logger.writeDebugLog).toHaveBeenCalledWith(
-      "permission_forwarding.error",
-      { message: "critical failure" },
-    );
+    expect(logger.debug).toHaveBeenCalledWith("permission_forwarding.error", {
+      message: "critical failure",
+    });
   });
 
   it("includes formatted error when an error is provided", () => {
     const logger = makeLogger();
     logPermissionForwardingError(logger, "io error", new Error("ENOENT"));
-    expect(logger.writeReviewLog).toHaveBeenCalledWith(
-      "permission_forwarding.error",
-      { message: "io error", error: "ENOENT" },
-    );
+    expect(logger.review).toHaveBeenCalledWith("permission_forwarding.error", {
+      message: "io error",
+      error: "ENOENT",
+    });
   });
 
   it("does not throw when logger is null", () => {

package/test/handlers/external-directory-integration.test.ts

@@ -12,6 +12,7 @@
 import { describe, expect, it, vi } from "vitest";
 
 import { EXTENSION_TAG } from "#src/denial-messages";
+import type { GatePrompter } from "#src/gate-prompter";
 import { formatExternalDirectoryAskPrompt } from "#src/handlers/gates/external-directory-messages";
 import type { PermissionCheckResult } from "#src/types";
 
@@ -218,13 +219,13 @@ describe("external_directory — allow external reads, gate external writes (#14
   });
 
   it("prompts for write to external path when external_directory allows but write is ask", async () => {
-    const prompt = vi
-      .fn()
-      .mockResolvedValue({ approved: true, state: "approved" });
-    const { handler } = makeHandler({
-      session: {
-        checkPermission: makeExtDirCheck("allow", "ask"),
-        prompt,
+    const { handler, prompter } = makeHandler({
+      session: { checkPermission: makeExtDirCheck("allow", "ask") },
+      prompter: {
+        canConfirm: vi.fn().mockReturnValue(true),
+        prompt: vi
+          .fn<GatePrompter["prompt"]>()
+          .mockResolvedValue({ approved: true, state: "approved" }),
       },
       tools: ALL_TOOLS,
     });
@@ -234,7 +235,7 @@ describe("external_directory — allow external reads, gate external writes (#14
     const result = await handler.handleToolCall(event, makeCtx());
     // external_directory passes; write gate prompts and user approves
     expect(result).toEqual({});
-    expect(prompt).toHaveBeenCalledOnce();
+    expect(prompter.prompt).toHaveBeenCalledOnce();
   });
 
   it("blocks write to external path when external_directory allows but write is deny", async () => {
@@ -341,10 +342,11 @@ describe("external_directory policy state — deny", () => {
 describe("external_directory policy state — ask", () => {
   it("does not block when user approves", async () => {
     const { handler } = makeHandler({
-      session: {
-        checkPermission: makeExtDirCheck("ask"),
+      session: { checkPermission: makeExtDirCheck("ask") },
+      prompter: {
+        canConfirm: vi.fn().mockReturnValue(true),
         prompt: vi
-          .fn()
+          .fn<GatePrompter["prompt"]>()
           .mockResolvedValue({ approved: true, state: "approved" }),
       },
       tools: ALL_TOOLS,
@@ -356,10 +358,11 @@ describe("external_directory policy state — ask", () => {
 
   it("emits user_approved decision when user approves", async () => {
     const { handler, events } = makeHandler({
-      session: {
-        checkPermission: makeExtDirCheck("ask"),
+      session: { checkPermission: makeExtDirCheck("ask") },
+      prompter: {
+        canConfirm: vi.fn().mockReturnValue(true),
         prompt: vi
-          .fn()
+          .fn<GatePrompter["prompt"]>()
           .mockResolvedValue({ approved: true, state: "approved" }),
       },
       tools: ALL_TOOLS,
@@ -379,9 +382,12 @@ describe("external_directory policy state — ask", () => {
 
   it("blocks when user denies", async () => {
     const { handler } = makeHandler({
-      session: {
-        checkPermission: makeExtDirCheck("ask"),
-        prompt: vi.fn().mockResolvedValue({ approved: false, state: "denied" }),
+      session: { checkPermission: makeExtDirCheck("ask") },
+      prompter: {
+        canConfirm: vi.fn().mockReturnValue(true),
+        prompt: vi
+          .fn<GatePrompter["prompt"]>()
+          .mockResolvedValue({ approved: false, state: "denied" }),
       },
       tools: ALL_TOOLS,
     });
@@ -392,9 +398,12 @@ describe("external_directory policy state — ask", () => {
 
   it("emits user_denied decision when user denies", async () => {
     const { handler, events } = makeHandler({
-      session: {
-        checkPermission: makeExtDirCheck("ask"),
-        prompt: vi.fn().mockResolvedValue({ approved: false, state: "denied" }),
+      session: { checkPermission: makeExtDirCheck("ask") },
+      prompter: {
+        canConfirm: vi.fn().mockReturnValue(true),
+        prompt: vi
+          .fn<GatePrompter["prompt"]>()
+          .mockResolvedValue({ approved: false, state: "denied" }),
       },
       tools: ALL_TOOLS,
     });
@@ -413,9 +422,10 @@ describe("external_directory policy state — ask", () => {
 
   it("block reason includes denialReason when user provides one", async () => {
     const { handler } = makeHandler({
-      session: {
-        checkPermission: makeExtDirCheck("ask"),
-        prompt: vi.fn().mockResolvedValue({
+      session: { checkPermission: makeExtDirCheck("ask") },
+      prompter: {
+        canConfirm: vi.fn().mockReturnValue(true),
+        prompt: vi.fn<GatePrompter["prompt"]>().mockResolvedValue({
           approved: false,
           state: "denied",
           denialReason: "not needed",
@@ -431,9 +441,10 @@ describe("external_directory policy state — ask", () => {
 
   it("blocks with confirmation_unavailable when no UI is available", async () => {
     const { handler } = makeHandler({
-      session: {
-        checkPermission: makeExtDirCheck("ask"),
-        canPrompt: vi.fn().mockReturnValue(false),
+      session: { checkPermission: makeExtDirCheck("ask") },
+      prompter: {
+        canConfirm: vi.fn().mockReturnValue(false),
+        prompt: vi.fn<GatePrompter["prompt"]>(),
       },
       tools: ALL_TOOLS,
     });
@@ -448,9 +459,10 @@ describe("external_directory policy state — ask", () => {
 
   it("writes review-log entry with confirmation_unavailable when no UI", async () => {
     const { handler, session } = makeHandler({
-      session: {
-        checkPermission: makeExtDirCheck("ask"),
-        canPrompt: vi.fn().mockReturnValue(false),
+      session: { checkPermission: makeExtDirCheck("ask") },
+      prompter: {
+        canConfirm: vi.fn().mockReturnValue(false),
+        prompt: vi.fn<GatePrompter["prompt"]>(),
       },
       tools: ALL_TOOLS,
     });
@@ -469,9 +481,10 @@ describe("external_directory policy state — ask", () => {
 
   it("emits confirmation_unavailable decision when no UI", async () => {
     const { handler, events } = makeHandler({
-      session: {
-        checkPermission: makeExtDirCheck("ask"),
-        canPrompt: vi.fn().mockReturnValue(false),
+      session: { checkPermission: makeExtDirCheck("ask") },
+      prompter: {
+        canConfirm: vi.fn().mockReturnValue(false),
+        prompt: vi.fn<GatePrompter["prompt"]>(),
       },
       tools: ALL_TOOLS,
     });