@gotgenes/pi-permission-system 10.4.0 → 10.5.1

package/test/permission-resolver.test.ts

@@ -0,0 +1,196 @@
+import { beforeEach, describe, expect, it, vi } from "vitest";
+import type { ScopedPermissionManager } from "#src/permission-manager";
+import { PermissionResolver } from "#src/permission-resolver";
+import type { Ruleset } from "#src/rule";
+import { SessionApproval } from "#src/session-approval";
+import { SessionRules } from "#src/session-rules";
+import type { PermissionCheckResult, PermissionState } from "#src/types";
+
+function makePermissionManager() {
+  return {
+    configureForCwd: vi.fn<(cwd: string | undefined | null) => void>(),
+    checkPermission: vi
+      .fn<
+        (
+          toolName: string,
+          input: unknown,
+          agentName?: string,
+          sessionRules?: Ruleset,
+        ) => PermissionCheckResult
+      >()
+      .mockReturnValue({
+        state: "allow",
+        toolName: "read",
+        source: "tool",
+        origin: "builtin",
+      }),
+    getToolPermission: vi
+      .fn<(toolName: string, agentName?: string) => PermissionState>()
+      .mockReturnValue("allow"),
+    getConfigIssues: vi.fn((): string[] => []),
+    getPolicyCacheStamp: vi.fn((): string => "stamp-1"),
+  };
+}
+
+function makeResolver(
+  pm?: ScopedPermissionManager,
+  sessionRules?: Pick<SessionRules, "getRuleset">,
+) {
+  const permissionManager = pm ?? makePermissionManager();
+  const rules = sessionRules ?? new SessionRules();
+  return {
+    resolver: new PermissionResolver(permissionManager, rules),
+    permissionManager,
+  };
+}
+
+beforeEach(() => {
+  // no module-level vi.fn() stubs to reset
+});
+
+describe("PermissionResolver", () => {
+  describe("resolve", () => {
+    it("forwards surface, input, and agentName, applying the empty session ruleset", () => {
+      const { resolver, permissionManager } = makeResolver();
+
+      resolver.resolve("bash", { command: "ls" }, "agent-x");
+
+      expect(permissionManager.checkPermission).toHaveBeenCalledWith(
+        "bash",
+        { command: "ls" },
+        "agent-x",
+        [],
+      );
+    });
+
+    it("defaults agentName to undefined when omitted", () => {
+      const { resolver, permissionManager } = makeResolver();
+
+      resolver.resolve("read", { path: ".env" });
+
+      expect(permissionManager.checkPermission).toHaveBeenCalledWith(
+        "read",
+        { path: ".env" },
+        undefined,
+        [],
+      );
+    });
+
+    it("applies a recorded session approval on the next resolve", () => {
+      const pm = makePermissionManager();
+      const sessionRules = new SessionRules();
+      const { resolver } = makeResolver(pm, sessionRules);
+
+      // Record an approval directly into the shared SessionRules instance.
+      sessionRules.recordSessionApproval(
+        SessionApproval.single("bash", "git *"),
+      );
+      resolver.resolve("bash", { command: "git status" });
+
+      const passedRules = vi.mocked(pm.checkPermission).mock.calls[0][3];
+      expect(passedRules).toHaveLength(1);
+      expect(passedRules?.[0]).toMatchObject({
+        surface: "bash",
+        pattern: "git *",
+        action: "allow",
+      });
+    });
+
+    it("returns the PermissionManager's check result", () => {
+      const pm = makePermissionManager();
+      vi.mocked(pm.checkPermission).mockReturnValue({
+        state: "deny",
+        toolName: "bash",
+        source: "bash",
+        origin: "global",
+        matchedPattern: "rm *",
+      });
+      const { resolver } = makeResolver(pm);
+
+      const result = resolver.resolve("bash", { command: "rm -rf /" });
+
+      expect(result).toEqual({
+        state: "deny",
+        toolName: "bash",
+        source: "bash",
+        origin: "global",
+        matchedPattern: "rm *",
+      });
+    });
+  });
+
+  describe("checkPermission", () => {
+    it("delegates to permissionManager.checkPermission with the given args", () => {
+      const { resolver, permissionManager } = makeResolver();
+
+      resolver.checkPermission("bash", { command: "ls" }, "agent-1");
+
+      expect(permissionManager.checkPermission).toHaveBeenCalledWith(
+        "bash",
+        { command: "ls" },
+        "agent-1",
+        undefined,
+      );
+    });
+
+    it("passes optional sessionRules through when supplied", () => {
+      const { resolver, permissionManager } = makeResolver();
+      const extraRules: Ruleset = [
+        { surface: "bash", pattern: "*", action: "allow", origin: "session" },
+      ];
+
+      resolver.checkPermission(
+        "bash",
+        { command: "ls" },
+        undefined,
+        extraRules,
+      );
+
+      expect(permissionManager.checkPermission).toHaveBeenCalledWith(
+        "bash",
+        { command: "ls" },
+        undefined,
+        extraRules,
+      );
+    });
+  });
+
+  describe("getToolPermission", () => {
+    it("delegates to permissionManager.getToolPermission", () => {
+      const pm = makePermissionManager();
+      vi.mocked(pm.getToolPermission).mockReturnValue("deny");
+      const { resolver } = makeResolver(pm);
+
+      const result = resolver.getToolPermission("write", "my-agent");
+
+      expect(pm.getToolPermission).toHaveBeenCalledWith("write", "my-agent");
+      expect(result).toBe("deny");
+    });
+  });
+
+  describe("getConfigIssues", () => {
+    it("delegates to permissionManager.getConfigIssues", () => {
+      const pm = makePermissionManager();
+      vi.mocked(pm.getConfigIssues).mockReturnValue(["issue-1"]);
+      const { resolver } = makeResolver(pm);
+
+      const result = resolver.getConfigIssues("agent-1");
+
+      expect(pm.getConfigIssues).toHaveBeenCalledWith("agent-1");
+      expect(result).toEqual(["issue-1"]);
+    });
+  });
+
+  describe("getPolicyCacheStamp", () => {
+    it("delegates to permissionManager.getPolicyCacheStamp", () => {
+      const pm = makePermissionManager();
+      vi.mocked(pm.getPolicyCacheStamp).mockReturnValue("stamp-abc");
+      const { resolver } = makeResolver(pm);
+
+      const result = resolver.getPolicyCacheStamp("agent-1");
+
+      expect(pm.getPolicyCacheStamp).toHaveBeenCalledWith("agent-1");
+      expect(result).toBe("stamp-abc");
+    });
+  });
+});

package/test/permission-session.test.ts

@@ -17,20 +17,19 @@ vi.mock("../src/active-agent", () => ({
 
 // ── Test helpers ───────────────────────────────────────────────────────────
 
-import type { SessionConfigStore } from "#src/config-store";
-import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
-import type { ExtensionPaths } from "#src/extension-paths";
-import type { ForwardingController } from "#src/forwarding-manager";
-import type { ScopedPermissionManager } from "#src/permission-manager";
-import { PermissionSession } from "#src/permission-session";
-import type { PromptingGatewayLifecycle } from "#src/prompting-gateway";
-import type { Ruleset } from "#src/rule";
+import type { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
 import { SessionApproval } from "#src/session-approval";
-import type { SessionLogger } from "#src/session-logger";
-import { SessionRules } from "#src/session-rules";
 import type { SkillPromptEntry } from "#src/skill-prompt-sanitizer";
-import type { PermissionCheckResult, PermissionState } from "#src/types";
 import { makeCtx } from "#test/helpers/handler-fixtures";
+import {
+  makeConfigStore,
+  makeFakePermissionManager,
+  makeRealSession,
+} from "#test/helpers/session-fixtures";
+
+// Alias so the existing tests read naturally.
+const createSession = makeRealSession;
+const makePermissionManager = makeFakePermissionManager;
 
 function makeSkillEntry(
   name: string,
@@ -47,125 +46,6 @@ function makeSkillEntry(
   };
 }
 
-function makePaths(overrides: Partial<ExtensionPaths> = {}): ExtensionPaths {
-  return {
-    agentDir: "/test/agent",
-    sessionsDir: "/test/agent/sessions",
-    subagentSessionsDir: "/test/agent/subagent-sessions",
-    forwardingDir: "/test/agent/sessions/permission-forwarding",
-    globalLogsDir: "/test/agent/logs",
-    piInfrastructureDirs: ["/test/agent", "/test/agent/git"],
-    ...overrides,
-  };
-}
-
-function makeLogger(): SessionLogger {
-  return {
-    debug: vi.fn(),
-    review: vi.fn(),
-    warn: vi.fn(),
-  };
-}
-
-function makeConfigStore(
-  overrides: Partial<SessionConfigStore> = {},
-): SessionConfigStore {
-  return {
-    current:
-      overrides.current ??
-      vi
-        .fn<() => typeof DEFAULT_EXTENSION_CONFIG>()
-        .mockReturnValue({ ...DEFAULT_EXTENSION_CONFIG }),
-    refresh: overrides.refresh ?? vi.fn<(ctx?: ExtensionContext) => void>(),
-    logResolvedPaths: overrides.logResolvedPaths ?? vi.fn<() => void>(),
-  };
-}
-
-function makeGateway(): PromptingGatewayLifecycle {
-  return {
-    activate: vi.fn<PromptingGatewayLifecycle["activate"]>(),
-    deactivate: vi.fn<PromptingGatewayLifecycle["deactivate"]>(),
-  };
-}
-
-function makeForwarding(): ForwardingController {
-  return {
-    start: vi.fn(),
-    stop: vi.fn(),
-  };
-}
-
-function makePermissionManager() {
-  return {
-    configureForCwd: vi.fn<(cwd: string | undefined | null) => void>(),
-    checkPermission: vi
-      .fn<
-        (
-          toolName: string,
-          input: unknown,
-          agentName?: string,
-          sessionRules?: Ruleset,
-        ) => PermissionCheckResult
-      >()
-      .mockReturnValue({
-        state: "allow",
-        toolName: "read",
-        source: "tool",
-        origin: "builtin",
-      }),
-    getToolPermission: vi
-      .fn<(toolName: string, agentName?: string) => PermissionState>()
-      .mockReturnValue("allow"),
-    getConfigIssues: vi.fn((): string[] => []),
-    getPolicyCacheStamp: vi.fn((): string => "stamp-1"),
-  };
-}
-
-function createSession(overrides?: {
-  paths?: Partial<ExtensionPaths>;
-  logger?: SessionLogger;
-  forwarding?: ForwardingController;
-  permissionManager?: ScopedPermissionManager;
-  sessionRules?: SessionRules;
-  configStore?: SessionConfigStore;
-  gateway?: PromptingGatewayLifecycle;
-}): {
-  session: PermissionSession;
-  paths: ExtensionPaths;
-  logger: SessionLogger;
-  forwarding: ForwardingController;
-  sessionRules: SessionRules;
-  configStore: SessionConfigStore;
-  gateway: PromptingGatewayLifecycle;
-} {
-  const paths = makePaths(overrides?.paths);
-  const logger = overrides?.logger ?? makeLogger();
-  const forwarding = overrides?.forwarding ?? makeForwarding();
-  const permissionManager =
-    overrides?.permissionManager ?? makePermissionManager();
-  const sessionRules = overrides?.sessionRules ?? new SessionRules();
-  const configStore = overrides?.configStore ?? makeConfigStore();
-  const gateway = overrides?.gateway ?? makeGateway();
-  const session = new PermissionSession(
-    paths,
-    logger,
-    forwarding,
-    permissionManager,
-    sessionRules,
-    configStore,
-    gateway,
-  );
-  return {
-    session,
-    paths,
-    logger,
-    forwarding,
-    sessionRules,
-    configStore,
-    gateway,
-  };
-}
-
 // ── Tests ──────────────────────────────────────────────────────────────────
 
 beforeEach(() => {
@@ -176,138 +56,6 @@ beforeEach(() => {
 });
 
 describe("PermissionSession", () => {
-  describe("constructor and delegation", () => {
-    it("delegates checkPermission to internal PermissionManager", () => {
-      const pm = makePermissionManager();
-      const { session } = createSession({ permissionManager: pm });
-
-      const result = session.checkPermission("bash", { command: "ls" });
-
-      expect(pm.checkPermission).toHaveBeenCalledWith(
-        "bash",
-        { command: "ls" },
-        undefined,
-        undefined,
-      );
-      expect(result.state).toBe("allow");
-    });
-
-    it("delegates getToolPermission to internal PermissionManager", () => {
-      const pm = makePermissionManager();
-      const { session } = createSession({ permissionManager: pm });
-
-      const result = session.getToolPermission("read");
-
-      expect(pm.getToolPermission).toHaveBeenCalledWith("read", undefined);
-      expect(result).toBe("allow");
-    });
-
-    it("delegates getConfigIssues to internal PermissionManager", () => {
-      const pm = makePermissionManager();
-      vi.mocked(pm.getConfigIssues).mockReturnValue(["issue1"]);
-      const { session } = createSession({ permissionManager: pm });
-
-      expect(session.getConfigIssues("agent1")).toEqual(["issue1"]);
-      expect(pm.getConfigIssues).toHaveBeenCalledWith("agent1");
-    });
-
-    it("delegates getPolicyCacheStamp to internal PermissionManager", () => {
-      const pm = makePermissionManager();
-      const { session } = createSession({ permissionManager: pm });
-
-      expect(session.getPolicyCacheStamp("agent1")).toBe("stamp-1");
-      expect(pm.getPolicyCacheStamp).toHaveBeenCalledWith("agent1");
-    });
-
-    it("delegates getSessionRuleset to internal SessionRules", () => {
-      const { session } = createSession();
-      const rules = session.getSessionRuleset();
-      expect(rules).toEqual([]);
-    });
-
-    it("delegates recordSessionApproval to internal SessionRules", () => {
-      const { session } = createSession();
-      session.recordSessionApproval(
-        SessionApproval.single("bash", "/usr/bin/*"),
-      );
-      const rules = session.getSessionRuleset();
-      expect(rules).toHaveLength(1);
-      expect(rules[0]).toMatchObject({
-        surface: "bash",
-        pattern: "/usr/bin/*",
-        action: "allow",
-      });
-    });
-  });
-
-  describe("resolve", () => {
-    it("forwards surface, input, and agentName, applying the empty session ruleset", () => {
-      const pm = makePermissionManager();
-      const { session } = createSession({ permissionManager: pm });
-
-      session.resolve("bash", { command: "ls" }, "agent-x");
-
-      expect(pm.checkPermission).toHaveBeenCalledWith(
-        "bash",
-        { command: "ls" },
-        "agent-x",
-        [],
-      );
-    });
-
-    it("defaults agentName to undefined when omitted", () => {
-      const pm = makePermissionManager();
-      const { session } = createSession({ permissionManager: pm });
-
-      session.resolve("read", { path: ".env" });
-
-      expect(pm.checkPermission).toHaveBeenCalledWith(
-        "read",
-        { path: ".env" },
-        undefined,
-        [],
-      );
-    });
-
-    it("applies a recorded session approval on the next resolve", () => {
-      const pm = makePermissionManager();
-      const { session } = createSession({ permissionManager: pm });
-
-      session.recordSessionApproval(SessionApproval.single("bash", "git *"));
-      session.resolve("bash", { command: "git status" });
-
-      const sessionRules = vi.mocked(pm.checkPermission).mock.calls[0][3];
-      expect(sessionRules).toHaveLength(1);
-      expect(sessionRules?.[0]).toMatchObject({
-        surface: "bash",
-        pattern: "git *",
-        action: "allow",
-      });
-    });
-
-    it("returns the PermissionManager's check result", () => {
-      const pm = makePermissionManager();
-      vi.mocked(pm.checkPermission).mockReturnValue({
-        state: "deny",
-        toolName: "bash",
-        source: "bash",
-        origin: "global",
-        matchedPattern: "rm *",
-      });
-      const { session } = createSession({ permissionManager: pm });
-
-      const result = session.resolve("bash", { command: "rm -rf /" });
-
-      expect(result).toEqual({
-        state: "deny",
-        toolName: "bash",
-        source: "bash",
-        origin: "global",
-        matchedPattern: "rm *",
-      });
-    });
-  });
-
   describe("activate and deactivate", () => {
     it("stores the context on activate", () => {
       const { session, forwarding } = createSession();
@@ -403,13 +151,13 @@ describe("PermissionSession", () => {
 
   describe("shutdown", () => {
     it("clears session rules", () => {
-      const { session } = createSession();
-      session.recordSessionApproval(SessionApproval.single("bash", "*"));
-      expect(session.getSessionRuleset()).toHaveLength(1);
+      const { session, sessionRules } = createSession();
+      sessionRules.recordSessionApproval(SessionApproval.single("bash", "*"));
+      expect(sessionRules.getRuleset()).toHaveLength(1);
 
       session.shutdown();
 
-      expect(session.getSessionRuleset()).toEqual([]);
+      expect(sessionRules.getRuleset()).toEqual([]);
     });
 
     it("clears cache keys", () => {

package/test/session-rules.test.ts

@@ -2,6 +2,7 @@ import { describe, expect, it } from "vitest";
 
 import { evaluate } from "#src/rule";
 import { SessionApproval } from "#src/session-approval";
+import type { SessionApprovalRecorder } from "#src/session-approval-recorder";
 import { deriveApprovalPattern, SessionRules } from "#src/session-rules";
 
 // ── SessionRules ───────────────────────────────────────────────────────────
@@ -67,10 +68,15 @@ describe("SessionRules", () => {
     });
   });
 
-  describe("record", () => {
+  describe("recordSessionApproval", () => {
+    it("satisfies the SessionApprovalRecorder interface", () => {
+      const rules: SessionApprovalRecorder = new SessionRules();
+      expect(typeof rules.recordSessionApproval).toBe("function");
+    });
+
     it("records a single-pattern approval as one rule", () => {
       const rules = new SessionRules();
-      rules.record(SessionApproval.single("bash", "git *"));
+      rules.recordSessionApproval(SessionApproval.single("bash", "git *"));
       expect(rules.getRuleset()).toEqual([
         {
           surface: "bash",
@@ -84,7 +90,7 @@ describe("SessionRules", () => {
 
     it("records a multi-pattern approval as one rule per pattern", () => {
       const rules = new SessionRules();
-      rules.record(
+      rules.recordSessionApproval(
         SessionApproval.multiple("external_directory", [
           "/outside/a/*",
           "/outside/b/*",
@@ -97,7 +103,7 @@ describe("SessionRules", () => {
 
     it("records each rule with the correct surface", () => {
       const rules = new SessionRules();
-      rules.record(
+      rules.recordSessionApproval(
         SessionApproval.multiple("external_directory", [
           "/outside/a/*",
           "/outside/b/*",
@@ -110,7 +116,9 @@ describe("SessionRules", () => {
 
     it("records nothing for an empty patterns list", () => {
       const rules = new SessionRules();
-      rules.record(SessionApproval.multiple("external_directory", []));
+      rules.recordSessionApproval(
+        SessionApproval.multiple("external_directory", []),
+      );
       expect(rules.getRuleset()).toEqual([]);
     });
   });

package/src/agent-prep-session.ts

@@ -1,28 +0,0 @@
-import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
-
-import type { GateHandlerSession } from "./gate-handler-session";
-import type {
-  SkillPermissionChecker,
-  SkillPromptEntry,
-} from "./skill-prompt-sanitizer";
-import type { PermissionState } from "./types";
-
-/**
- * The session surface `AgentPrepHandler` invokes during `before_agent_start`:
- * bind context + identify the agent (via {@link GateHandlerSession}), check
- * skill permissions for prompt sanitization (via {@link SkillPermissionChecker}),
- * refresh config, decide tool exposure, manage the active-tools / prompt-state
- * cache keys, and store the resolved skill entries.
- */
-export interface AgentPrepSession
-  extends GateHandlerSession,
-    SkillPermissionChecker {
-  refreshConfig(ctx?: ExtensionContext): void;
-  getToolPermission(toolName: string, agentName?: string): PermissionState;
-  shouldUpdateActiveTools(cacheKey: string): boolean;
-  commitActiveToolsCacheKey(cacheKey: string): void;
-  getPolicyCacheStamp(agentName?: string): string;
-  shouldUpdatePromptState(cacheKey: string): boolean;
-  commitPromptStateCacheKey(cacheKey: string): void;
-  setActiveSkillEntries(entries: SkillPromptEntry[]): void;
-}

package/src/gate-handler-session.ts

@@ -1,13 +0,0 @@
-import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
-
-/**
- * The session surface `PermissionGateHandler` invokes directly: bind the
- * per-event context and identify the agent.
- *
- * This is the two-method context role both entry points share after [#329]
- * extracted `SkillInputGatePipeline` to own the skill-input gate assembly.
- */
-export interface GateHandlerSession {
-  activate(ctx: ExtensionContext): void;
-  resolveAgentName(ctx: ExtensionContext, systemPrompt?: string): string | null;
-}

package/src/session-lifecycle-session.ts

@@ -1,24 +0,0 @@
-import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
-
-import type { SessionLogger } from "./session-logger";
-
-/**
- * The session surface `SessionLifecycleHandler` invokes across
- * `session_start`, `resources_discover`, and `session_shutdown`: refresh and
- * report config, reset / reload / shut down session state, resolve the agent
- * name, surface config issues, read the runtime context, and log.
- *
- * `activate` is intentionally absent — the lifecycle handler never calls it
- * directly (ISP: do not depend on methods you do not use).
- */
-export interface SessionLifecycleSession {
-  refreshConfig(ctx?: ExtensionContext): void;
-  resetForNewSession(ctx: ExtensionContext): void;
-  logResolvedConfigPaths(): void;
-  resolveAgentName(ctx: ExtensionContext, systemPrompt?: string): string | null;
-  getConfigIssues(agentName?: string): string[];
-  reload(): void;
-  getRuntimeContext(): ExtensionContext | null;
-  shutdown(): void;
-  readonly logger: SessionLogger;
-}