@gotgenes/pi-permission-system 3.0.0 → 3.0.2

package/src/forwarded-permissions/io.ts

@@ -0,0 +1,328 @@
+import {
+  existsSync,
+  mkdirSync,
+  readdirSync,
+  readFileSync,
+  renameSync,
+  rmdirSync,
+  unlinkSync,
+  writeFileSync,
+} from "node:fs";
+
+import { isPermissionDecisionState } from "../permission-dialog.js";
+import {
+  createPermissionForwardingLocation,
+  type ForwardedPermissionRequest,
+  type ForwardedPermissionResponse,
+  type PermissionForwardingLocation,
+} from "../permission-forwarding.js";
+
+type LogFn = (event: string, details: Record<string, unknown>) => void;
+
+export interface ForwardedPermissionLogger {
+  writeReviewLog: LogFn;
+  writeDebugLog: LogFn;
+}
+
+let logger: ForwardedPermissionLogger | null = null;
+
+export function setForwardedPermissionLogger(
+  l: ForwardedPermissionLogger,
+): void {
+  logger = l;
+}
+
+export function formatUnknownErrorMessage(error: unknown): string {
+  if (error instanceof Error && error.message) {
+    return error.message;
+  }
+  return String(error);
+}
+
+export function isErrnoCode(error: unknown, code: string): boolean {
+  return Boolean(
+    error &&
+      typeof error === "object" &&
+      "code" in error &&
+      (error as { code?: string }).code === code,
+  );
+}
+
+export function logPermissionForwardingWarning(
+  message: string,
+  error?: unknown,
+): void {
+  const details =
+    typeof error === "undefined"
+      ? { message }
+      : { message, error: formatUnknownErrorMessage(error) };
+
+  logger?.writeReviewLog("permission_forwarding.warning", details);
+  logger?.writeDebugLog("permission_forwarding.warning", details);
+}
+
+export function logPermissionForwardingError(
+  message: string,
+  error?: unknown,
+): void {
+  const details =
+    typeof error === "undefined"
+      ? { message }
+      : { message, error: formatUnknownErrorMessage(error) };
+
+  logger?.writeReviewLog("permission_forwarding.error", details);
+  logger?.writeDebugLog("permission_forwarding.error", details);
+}
+
+export function ensureDirectoryExists(
+  path: string,
+  description: string,
+): boolean {
+  try {
+    mkdirSync(path, { recursive: true });
+    return true;
+  } catch (error) {
+    logPermissionForwardingError(
+      `Failed to create ${description} directory '${path}'`,
+      error,
+    );
+    return false;
+  }
+}
+
+export function getPermissionForwardingLocationForSession(
+  forwardingDir: string,
+  sessionId: string,
+): PermissionForwardingLocation {
+  return createPermissionForwardingLocation(forwardingDir, sessionId);
+}
+
+export function ensurePermissionForwardingLocation(
+  forwardingDir: string,
+  sessionId: string,
+): PermissionForwardingLocation | null {
+  let location: PermissionForwardingLocation;
+  try {
+    location = getPermissionForwardingLocationForSession(
+      forwardingDir,
+      sessionId,
+    );
+  } catch (error) {
+    logPermissionForwardingError(
+      "Failed to resolve permission forwarding location",
+      error,
+    );
+    return null;
+  }
+
+  const sessionRootReady = ensureDirectoryExists(
+    location.sessionRootDir,
+    "permission forwarding session root",
+  );
+  const requestsReady = ensureDirectoryExists(
+    location.requestsDir,
+    "permission forwarding requests",
+  );
+  const responsesReady = ensureDirectoryExists(
+    location.responsesDir,
+    "permission forwarding responses",
+  );
+
+  return sessionRootReady && requestsReady && responsesReady ? location : null;
+}
+
+export function getExistingPermissionForwardingLocation(
+  forwardingDir: string,
+  sessionId: string,
+): PermissionForwardingLocation | null {
+  let location: PermissionForwardingLocation;
+  try {
+    location = getPermissionForwardingLocationForSession(
+      forwardingDir,
+      sessionId,
+    );
+  } catch {
+    return null;
+  }
+
+  return existsSync(location.requestsDir) ? location : null;
+}
+
+export function tryRemoveDirectoryIfEmpty(
+  path: string,
+  description: string,
+): void {
+  if (!existsSync(path)) {
+    return;
+  }
+
+  let entries: string[];
+  try {
+    entries = readdirSync(path);
+  } catch (error) {
+    logPermissionForwardingWarning(
+      `Failed to inspect ${description} directory '${path}'`,
+      error,
+    );
+    return;
+  }
+
+  if (entries.length > 0) {
+    return;
+  }
+
+  try {
+    rmdirSync(path);
+  } catch (error) {
+    if (isErrnoCode(error, "ENOENT") || isErrnoCode(error, "ENOTEMPTY")) {
+      return;
+    }
+
+    logPermissionForwardingWarning(
+      `Failed to remove empty ${description} directory '${path}'`,
+      error,
+    );
+  }
+}
+
+export function cleanupPermissionForwardingLocationIfEmpty(
+  location: PermissionForwardingLocation,
+): void {
+  tryRemoveDirectoryIfEmpty(
+    location.requestsDir,
+    `${location.label} permission forwarding requests`,
+  );
+  tryRemoveDirectoryIfEmpty(
+    location.responsesDir,
+    `${location.label} permission forwarding responses`,
+  );
+  tryRemoveDirectoryIfEmpty(
+    location.sessionRootDir,
+    `${location.label} permission forwarding session root`,
+  );
+}
+
+export function safeDeleteFile(filePath: string, description: string): void {
+  try {
+    unlinkSync(filePath);
+  } catch (error) {
+    if (isErrnoCode(error, "ENOENT")) {
+      return;
+    }
+
+    logPermissionForwardingWarning(
+      `Failed to delete ${description} file '${filePath}'`,
+      error,
+    );
+  }
+}
+
+export function writeJsonFileAtomic(filePath: string, value: unknown): void {
+  const tempPath = `${filePath}.${process.pid}.${Date.now()}.tmp`;
+
+  try {
+    writeFileSync(tempPath, JSON.stringify(value), "utf-8");
+    renameSync(tempPath, filePath);
+  } catch (error) {
+    safeDeleteFile(tempPath, "temporary permission-forwarding");
+    throw error;
+  }
+}
+
+export function readForwardedPermissionRequest(
+  filePath: string,
+): ForwardedPermissionRequest | null {
+  try {
+    const raw = readFileSync(filePath, "utf-8");
+    const parsed = JSON.parse(raw) as Partial<ForwardedPermissionRequest>;
+    if (
+      !parsed ||
+      typeof parsed.id !== "string" ||
+      typeof parsed.createdAt !== "number" ||
+      typeof parsed.requesterSessionId !== "string" ||
+      typeof parsed.targetSessionId !== "string" ||
+      typeof parsed.requesterAgentName !== "string" ||
+      typeof parsed.message !== "string"
+    ) {
+      logPermissionForwardingWarning(
+        `Ignoring invalid forwarded permission request format in '${filePath}'`,
+      );
+      return null;
+    }
+
+    return {
+      id: parsed.id,
+      createdAt: parsed.createdAt,
+      requesterSessionId: parsed.requesterSessionId,
+      targetSessionId: parsed.targetSessionId,
+      requesterAgentName: parsed.requesterAgentName,
+      message: parsed.message,
+    };
+  } catch (error) {
+    logPermissionForwardingWarning(
+      `Failed to read forwarded permission request '${filePath}'`,
+      error,
+    );
+    return null;
+  }
+}
+
+export function readForwardedPermissionResponse(
+  filePath: string,
+): ForwardedPermissionResponse | null {
+  try {
+    const raw = readFileSync(filePath, "utf-8");
+    const parsed = JSON.parse(raw) as Partial<ForwardedPermissionResponse>;
+    if (
+      !parsed ||
+      typeof parsed.approved !== "boolean" ||
+      !isPermissionDecisionState(parsed.state) ||
+      typeof parsed.responderSessionId !== "string"
+    ) {
+      logPermissionForwardingWarning(
+        `Ignoring invalid forwarded permission response format in '${filePath}'`,
+      );
+      return null;
+    }
+
+    return {
+      approved: parsed.approved,
+      state: parsed.state,
+      denialReason:
+        typeof parsed.denialReason === "string"
+          ? parsed.denialReason
+          : undefined,
+      responderSessionId: parsed.responderSessionId,
+      respondedAt:
+        typeof parsed.respondedAt === "number"
+          ? parsed.respondedAt
+          : Date.now(),
+    };
+  } catch (error) {
+    logPermissionForwardingWarning(
+      `Failed to read forwarded permission response '${filePath}'`,
+      error,
+    );
+    return null;
+  }
+}
+
+export function listRequestFiles(requestsDir: string): string[] {
+  try {
+    return readdirSync(requestsDir)
+      .filter((name) => name.endsWith(".json"))
+      .sort();
+  } catch (error) {
+    logPermissionForwardingWarning(
+      `Failed to read permission forwarding requests from '${requestsDir}'`,
+      error,
+    );
+    return [];
+  }
+}
+
+export function sleep(ms: number): Promise<void> {
+  return new Promise((resolve) => {
+    setTimeout(resolve, ms);
+  });
+}

package/src/forwarded-permissions/polling.ts

@@ -0,0 +1,334 @@
+import { existsSync } from "node:fs";
+import { join } from "node:path";
+import type { ExtensionContext } from "@mariozechner/pi-coding-agent";
+
+import {
+  getActiveAgentName,
+  getActiveAgentNameFromSystemPrompt,
+} from "../active-agent.js";
+import { toRecord } from "../common.js";
+import type { PermissionPromptDecision } from "../permission-dialog.js";
+import {
+  type ForwardedPermissionRequest,
+  type ForwardedPermissionResponse,
+  isForwardedPermissionRequestForSession,
+  PERMISSION_FORWARDING_POLL_INTERVAL_MS,
+  PERMISSION_FORWARDING_TIMEOUT_MS,
+  resolvePermissionForwardingTargetSessionId,
+} from "../permission-forwarding.js";
+import { isSubagentExecutionContext } from "../subagent-context.js";
+
+import {
+  cleanupPermissionForwardingLocationIfEmpty,
+  ensurePermissionForwardingLocation,
+  getExistingPermissionForwardingLocation,
+  listRequestFiles,
+  logPermissionForwardingError,
+  logPermissionForwardingWarning,
+  readForwardedPermissionRequest,
+  readForwardedPermissionResponse,
+  safeDeleteFile,
+  sleep,
+  writeJsonFileAtomic,
+} from "./io.js";
+
+export interface PermissionForwardingDeps {
+  forwardingDir: string;
+  subagentSessionsDir: string;
+  writeReviewLog: (event: string, details: Record<string, unknown>) => void;
+  requestPermissionDecisionFromUi: (
+    ui: ExtensionContext["ui"],
+    title: string,
+    message: string,
+  ) => Promise<PermissionPromptDecision>;
+  shouldAutoApprove: () => boolean;
+}
+
+export function getSessionId(ctx: ExtensionContext): string {
+  try {
+    const sessionId = ctx.sessionManager.getSessionId();
+    if (typeof sessionId === "string" && sessionId.trim()) {
+      return sessionId.trim();
+    }
+  } catch {}
+
+  return "unknown";
+}
+
+function getContextSystemPrompt(ctx: ExtensionContext): string | undefined {
+  const getSystemPrompt = toRecord(ctx).getSystemPrompt;
+  if (typeof getSystemPrompt !== "function") {
+    return undefined;
+  }
+
+  try {
+    const systemPrompt = getSystemPrompt.call(ctx);
+    return typeof systemPrompt === "string" ? systemPrompt : undefined;
+  } catch (error) {
+    logPermissionForwardingWarning(
+      "Failed to read context system prompt for forwarded permission metadata",
+      error,
+    );
+    return undefined;
+  }
+}
+
+export function formatForwardedPermissionPrompt(
+  request: ForwardedPermissionRequest,
+): string {
+  const agentName = request.requesterAgentName || "unknown";
+  const sessionId = request.requesterSessionId || "unknown";
+  return [
+    `Subagent '${agentName}' requested permission.`,
+    `Session ID: ${sessionId}`,
+    "",
+    request.message,
+  ].join("\n");
+}
+
+export async function waitForForwardedPermissionApproval(
+  ctx: ExtensionContext,
+  message: string,
+  deps: PermissionForwardingDeps,
+): Promise<PermissionPromptDecision> {
+  const requesterSessionId = getSessionId(ctx);
+  const targetSessionId = resolvePermissionForwardingTargetSessionId({
+    hasUI: ctx.hasUI,
+    isSubagent: isSubagentExecutionContext(ctx, deps.subagentSessionsDir),
+    currentSessionId: requesterSessionId,
+    env: process.env,
+  });
+
+  if (!targetSessionId) {
+    logPermissionForwardingError(
+      "Permission forwarding target session could not be resolved from subagent runtime metadata (expected PI_AGENT_ROUTER_PARENT_SESSION_ID)",
+    );
+    return { approved: false, state: "denied" };
+  }
+
+  const location = ensurePermissionForwardingLocation(
+    deps.forwardingDir,
+    targetSessionId,
+  );
+  if (!location) {
+    logPermissionForwardingError(
+      `Permission forwarding is unavailable because session-scoped directories could not be prepared for '${targetSessionId}'`,
+    );
+    return { approved: false, state: "denied" };
+  }
+
+  const requestId = `${Date.now()}-${Math.random().toString(36).slice(2, 10)}-${process.pid}`;
+  const requesterAgentName =
+    getActiveAgentName(ctx) ||
+    getActiveAgentNameFromSystemPrompt(getContextSystemPrompt(ctx)) ||
+    "unknown";
+  const request: ForwardedPermissionRequest = {
+    id: requestId,
+    createdAt: Date.now(),
+    requesterSessionId,
+    targetSessionId,
+    requesterAgentName,
+    message,
+  };
+
+  const requestPath = join(location.requestsDir, `${requestId}.json`);
+  const responsePath = join(location.responsesDir, `${requestId}.json`);
+
+  deps.writeReviewLog("forwarded_permission.request_created", {
+    requestId,
+    requesterAgentName,
+    requesterSessionId: request.requesterSessionId,
+    targetSessionId,
+    requestPath,
+    responsePath,
+  });
+
+  try {
+    writeJsonFileAtomic(requestPath, request);
+  } catch (error) {
+    logPermissionForwardingError(
+      `Failed to write forwarded permission request '${requestPath}'`,
+      error,
+    );
+    return { approved: false, state: "denied" };
+  }
+
+  const deadline = Date.now() + PERMISSION_FORWARDING_TIMEOUT_MS;
+  while (Date.now() < deadline) {
+    if (existsSync(responsePath)) {
+      const response = readForwardedPermissionResponse(responsePath);
+      deps.writeReviewLog("forwarded_permission.response_received", {
+        requestId,
+        approved: response?.approved ?? null,
+        state: response?.state ?? null,
+        denialReason: response?.denialReason ?? null,
+        responderSessionId: response?.responderSessionId ?? null,
+        targetSessionId,
+        responsePath,
+      });
+      safeDeleteFile(responsePath, "forwarded permission response");
+      safeDeleteFile(requestPath, "forwarded permission request");
+      cleanupPermissionForwardingLocationIfEmpty(location);
+      return response ?? { approved: false, state: "denied" };
+    }
+
+    await sleep(PERMISSION_FORWARDING_POLL_INTERVAL_MS);
+  }
+
+  logPermissionForwardingWarning(
+    `Timed out waiting for forwarded permission response '${responsePath}'`,
+  );
+  deps.writeReviewLog("forwarded_permission.response_timed_out", {
+    requestId,
+    requesterAgentName,
+    targetSessionId,
+    responsePath,
+  });
+  safeDeleteFile(requestPath, "forwarded permission request");
+  cleanupPermissionForwardingLocationIfEmpty(location);
+  return { approved: false, state: "denied" };
+}
+
+export async function processForwardedPermissionRequests(
+  ctx: ExtensionContext,
+  deps: PermissionForwardingDeps,
+): Promise<void> {
+  if (!ctx.hasUI) {
+    return;
+  }
+
+  const currentSessionId = getSessionId(ctx);
+  const location = getExistingPermissionForwardingLocation(
+    deps.forwardingDir,
+    currentSessionId,
+  );
+  if (!location) {
+    return;
+  }
+
+  const requestFiles = listRequestFiles(location.requestsDir);
+  if (requestFiles.length === 0) {
+    return;
+  }
+
+  for (const fileName of requestFiles) {
+    const requestPath = join(location.requestsDir, fileName);
+    const request = readForwardedPermissionRequest(requestPath);
+    if (!request) {
+      safeDeleteFile(
+        requestPath,
+        `${location.label} forwarded permission request`,
+      );
+      continue;
+    }
+
+    if (!isForwardedPermissionRequestForSession(request, currentSessionId)) {
+      logPermissionForwardingWarning(
+        `Ignoring forwarded permission request '${request.id}' because it targets session '${request.targetSessionId}' instead of '${currentSessionId}'`,
+      );
+      safeDeleteFile(
+        requestPath,
+        `${location.label} forwarded permission request`,
+      );
+      continue;
+    }
+
+    const forwardedPermissionLogDetails = {
+      requestId: request.id,
+      source: location.label,
+      requesterAgentName: request.requesterAgentName,
+      requesterSessionId: request.requesterSessionId,
+      targetSessionId: request.targetSessionId,
+      requestPath,
+    };
+
+    let decision: PermissionPromptDecision = {
+      approved: false,
+      state: "denied",
+    };
+    if (deps.shouldAutoApprove()) {
+      deps.writeReviewLog(
+        "forwarded_permission.auto_approved",
+        forwardedPermissionLogDetails,
+      );
+      decision = { approved: true, state: "approved" };
+    } else {
+      deps.writeReviewLog(
+        "forwarded_permission.prompted",
+        forwardedPermissionLogDetails,
+      );
+      try {
+        decision = await deps.requestPermissionDecisionFromUi(
+          ctx.ui,
+          "Permission Required (Subagent)",
+          formatForwardedPermissionPrompt(request),
+        );
+      } catch (error) {
+        logPermissionForwardingError(
+          "Failed to show forwarded permission confirmation dialog",
+          error,
+        );
+        decision = { approved: false, state: "denied" };
+      }
+    }
+
+    const responsePath = join(location.responsesDir, `${request.id}.json`);
+    deps.writeReviewLog(
+      decision.approved
+        ? "forwarded_permission.approved"
+        : "forwarded_permission.denied",
+      {
+        requestId: request.id,
+        source: location.label,
+        requesterAgentName: request.requesterAgentName,
+        requesterSessionId: request.requesterSessionId,
+        targetSessionId: request.targetSessionId,
+        responsePath,
+        resolution: decision.state,
+        denialReason: decision.denialReason ?? null,
+      },
+    );
+    try {
+      writeJsonFileAtomic(responsePath, {
+        approved: decision.approved,
+        state: decision.state,
+        denialReason: decision.denialReason,
+        responderSessionId: currentSessionId,
+        respondedAt: Date.now(),
+      } satisfies ForwardedPermissionResponse);
+    } catch (error) {
+      logPermissionForwardingError(
+        `Failed to write ${location.label} forwarded permission response '${responsePath}'`,
+        error,
+      );
+      continue;
+    }
+
+    safeDeleteFile(
+      requestPath,
+      `${location.label} forwarded permission request`,
+    );
+  }
+
+  cleanupPermissionForwardingLocationIfEmpty(location);
+}
+
+export async function confirmPermission(
+  ctx: ExtensionContext,
+  message: string,
+  deps: PermissionForwardingDeps,
+): Promise<PermissionPromptDecision> {
+  if (ctx.hasUI) {
+    return deps.requestPermissionDecisionFromUi(
+      ctx.ui,
+      "Permission Required",
+      message,
+    );
+  }
+
+  if (!isSubagentExecutionContext(ctx, deps.subagentSessionsDir)) {
+    return { approved: false, state: "denied" };
+  }
+
+  return waitForForwardedPermissionApproval(ctx, message, deps);
+}