@gotgenes/pi-permission-system 3.10.0 → 4.0.0

package/tests/rule.test.ts

@@ -137,4 +137,35 @@ describe("evaluate", () => {
     expect(result.pattern).toBe("git status");
     expect(result.action).toBe("ask");
   });
+
+  test("rule.layer is ignored by evaluate() — matching is identical with or without it", () => {
+    const withLayer: Rule = {
+      surface: "bash",
+      pattern: "git *",
+      action: "allow",
+      layer: "config",
+    };
+    const withoutLayer: Rule = {
+      surface: "bash",
+      pattern: "git *",
+      action: "allow",
+    };
+    const withDefault: Rule = {
+      surface: "bash",
+      pattern: "*",
+      action: "ask",
+      layer: "default",
+    };
+    // Both rules with and without layer field produce the same match.
+    expect(evaluate("bash", "git status", [withLayer]).action).toBe("allow");
+    expect(evaluate("bash", "git status", [withoutLayer]).action).toBe("allow");
+    // Layer metadata does not affect last-match-wins ordering.
+    const ruleset: Rule[] = [withDefault, withLayer];
+    expect(evaluate("bash", "git status", ruleset)).toEqual(withLayer);
+    // A rule with layer: "default" still wins if it is last in the array.
+    const reversedRuleset: Rule[] = [withLayer, withDefault];
+    expect(evaluate("bash", "git status", reversedRuleset)).toEqual(
+      withDefault,
+    );
+  });
 });

package/tests/session-rules.test.ts

@@ -20,6 +20,7 @@ describe("SessionRules", () => {
           surface: "external_directory",
           pattern: "/other/project/*",
           action: "allow",
+          layer: "session",
         },
       ]);
     });

package/tests/session-start.test.ts

@@ -27,13 +27,7 @@ describe("session_start handler consolidation", () => {
     mkdirSync(dirname(globalConfigPath), { recursive: true });
 
     const config: ScopeConfig = {
-      defaultPolicy: {
-        tools: "ask",
-        bash: "ask",
-        mcp: "ask",
-        skills: "ask",
-        special: "ask",
-      },
+      permission: { "*": "ask" },
     };
     writeFileSync(
       globalConfigPath,

package/tests/synthesize.test.ts

@@ -0,0 +1,240 @@
+import { describe, expect, test } from "vitest";
+import { evaluate } from "../src/rule";
+import {
+  composeRuleset,
+  synthesizeBaseline,
+  synthesizeDefaults,
+} from "../src/synthesize";
+
+// ── synthesizeDefaults ─────────────────────────────────────────────────────
+
+describe("synthesizeDefaults", () => {
+  test("emits a single universal catch-all rule with layer 'default'", () => {
+    const rules = synthesizeDefaults("ask");
+    expect(rules).toHaveLength(1);
+    expect(rules[0]).toEqual({
+      surface: "*",
+      pattern: "*",
+      action: "ask",
+      layer: "default",
+    });
+  });
+
+  test("reflects the supplied PermissionState as the action", () => {
+    expect(synthesizeDefaults("allow")[0].action).toBe("allow");
+    expect(synthesizeDefaults("deny")[0].action).toBe("deny");
+    expect(synthesizeDefaults("ask")[0].action).toBe("ask");
+  });
+
+  test("universal rule catches any surface via wildcardMatch", () => {
+    const rules = synthesizeDefaults("ask");
+    expect(evaluate("read", "*", rules).action).toBe("ask");
+    expect(evaluate("bash", "git status", rules).action).toBe("ask");
+    expect(evaluate("external_directory", "*", rules).action).toBe("ask");
+    expect(evaluate("future_surface", "*", rules).action).toBe("ask");
+  });
+
+  test("universal rule has layer 'default'", () => {
+    const rules = synthesizeDefaults("allow");
+    expect(evaluate("read", "*", rules).layer).toBe("default");
+  });
+});
+
+// ── synthesizeBaseline ─────────────────────────────────────────────────────
+
+describe("synthesizeBaseline", () => {
+  test("returns empty ruleset when config has no mcp allow rules", () => {
+    const configRules = [
+      {
+        surface: "mcp",
+        pattern: "*",
+        action: "deny" as const,
+        layer: "config" as const,
+      },
+    ];
+    expect(synthesizeBaseline(configRules)).toEqual([]);
+  });
+
+  test("returns empty ruleset for empty config rules", () => {
+    expect(synthesizeBaseline([])).toEqual([]);
+  });
+
+  test("synthesizes 5 baseline rules when at least one mcp allow config rule exists", () => {
+    const configRules = [
+      {
+        surface: "mcp",
+        pattern: "exa:*",
+        action: "allow" as const,
+        layer: "config" as const,
+      },
+    ];
+    const rules = synthesizeBaseline(configRules);
+    expect(rules).toHaveLength(5);
+  });
+
+  test("baseline rules all have layer 'baseline' and action 'allow'", () => {
+    const configRules = [
+      {
+        surface: "mcp",
+        pattern: "exa:*",
+        action: "allow" as const,
+        layer: "config" as const,
+      },
+    ];
+    const rules = synthesizeBaseline(configRules);
+    for (const rule of rules) {
+      expect(rule.layer).toBe("baseline");
+      expect(rule.action).toBe("allow");
+      expect(rule.surface).toBe("mcp");
+    }
+  });
+
+  test("baseline rules cover the 5 MCP metadata targets", () => {
+    const configRules = [
+      {
+        surface: "mcp",
+        pattern: "exa:*",
+        action: "allow" as const,
+        layer: "config" as const,
+      },
+    ];
+    const rules = synthesizeBaseline(configRules);
+    const patterns = rules.map((r) => r.pattern);
+    expect(patterns).toContain("mcp_status");
+    expect(patterns).toContain("mcp_list");
+    expect(patterns).toContain("mcp_search");
+    expect(patterns).toContain("mcp_describe");
+    expect(patterns).toContain("mcp_connect");
+  });
+
+  test("baseline is NOT synthesized when allow rule is on a non-mcp surface", () => {
+    const configRules = [
+      {
+        surface: "bash",
+        pattern: "git *",
+        action: "allow" as const,
+        layer: "config" as const,
+      },
+    ];
+    expect(synthesizeBaseline(configRules)).toEqual([]);
+  });
+
+  test("baseline auto-allows mcp_status when an mcp allow rule exists", () => {
+    const configRules = [
+      {
+        surface: "mcp",
+        pattern: "exa:*",
+        action: "allow" as const,
+        layer: "config" as const,
+      },
+    ];
+    const rules = synthesizeBaseline(configRules);
+    const result = evaluate("mcp", "mcp_status", rules);
+    expect(result.action).toBe("allow");
+    expect(result.layer).toBe("baseline");
+  });
+});
+
+// ── composeRuleset ─────────────────────────────────────────────────────────
+
+describe("composeRuleset", () => {
+  test("returns concatenation of all layers in order", () => {
+    const defaults = synthesizeDefaults("ask");
+    const baseline = synthesizeBaseline([
+      { surface: "mcp", pattern: "exa:*", action: "allow", layer: "config" },
+    ]);
+    const config = [
+      { surface: "bash", pattern: "rm -rf *", action: "deny" as const },
+    ];
+    const composed = composeRuleset(defaults, baseline, config);
+    expect(composed.length).toBe(
+      defaults.length + baseline.length + config.length,
+    );
+  });
+
+  test("defaults come first (lowest priority), config comes last (highest priority)", () => {
+    const defaults = synthesizeDefaults("ask");
+    const config = [
+      {
+        surface: "bash",
+        pattern: "*",
+        action: "deny" as const,
+        layer: "config" as const,
+      },
+    ];
+    const composed = composeRuleset(defaults, [], config);
+    const result = evaluate("bash", "echo hello", composed);
+    expect(result.action).toBe("deny");
+    expect(result.layer).toBe("config");
+  });
+
+  test("config beats default for matching patterns", () => {
+    const defaults = synthesizeDefaults("ask");
+    const config = [
+      {
+        surface: "read",
+        pattern: "*",
+        action: "allow" as const,
+        layer: "config" as const,
+      },
+    ];
+    const composed = composeRuleset(defaults, [], config);
+    const result = evaluate("read", "*", composed);
+    expect(result.action).toBe("allow");
+    expect(result.layer).toBe("config");
+  });
+
+  test("baseline beats default but config beats baseline", () => {
+    const defaults = synthesizeDefaults("ask");
+    const baseline = [
+      {
+        surface: "mcp",
+        pattern: "mcp_status",
+        action: "allow" as const,
+        layer: "baseline" as const,
+      },
+    ];
+    const config = [
+      {
+        surface: "mcp",
+        pattern: "mcp_status",
+        action: "deny" as const,
+        layer: "config" as const,
+      },
+    ];
+    const composed = composeRuleset(defaults, baseline, config);
+    const result = evaluate("mcp", "mcp_status", composed);
+    expect(result.action).toBe("deny");
+    expect(result.layer).toBe("config");
+  });
+
+  test("config beats baseline for specific patterns", () => {
+    const defaults = synthesizeDefaults("ask");
+    const baseline = [
+      {
+        surface: "mcp",
+        pattern: "mcp_status",
+        action: "allow" as const,
+        layer: "baseline" as const,
+      },
+    ];
+    const config = [
+      {
+        surface: "mcp",
+        pattern: "exa_web_search",
+        action: "allow" as const,
+        layer: "config" as const,
+      },
+    ];
+    const composed = composeRuleset(defaults, baseline, config);
+    const result = evaluate("mcp", "exa_web_search", composed);
+    expect(result.action).toBe("allow");
+    expect(result.layer).toBe("config");
+  });
+
+  test("handles empty layers gracefully", () => {
+    const defaults = synthesizeDefaults("ask");
+    const composed = composeRuleset(defaults, [], []);
+    expect(composed).toEqual(defaults);
+  });
+});