@gotgenes/pi-permission-system 3.7.0 → 3.9.0

package/tests/normalize.test.ts

@@ -0,0 +1,121 @@
+import { describe, expect, test } from "vitest";
+import { normalizeConfig } from "../src/normalize";
+
+describe("normalizeConfig", () => {
+  describe("tools entries", () => {
+    test("converts tools entries to tool-name-as-surface rules", () => {
+      const result = normalizeConfig({
+        tools: { read: "allow", write: "deny" },
+      });
+      expect(result).toEqual([
+        { surface: "read", pattern: "*", action: "allow" },
+        { surface: "write", pattern: "*", action: "deny" },
+      ]);
+    });
+
+    test("tools.bash is excluded (handled as fallback override)", () => {
+      const result = normalizeConfig({
+        tools: { bash: "allow", read: "allow" },
+      });
+      expect(result).toEqual([
+        { surface: "read", pattern: "*", action: "allow" },
+      ]);
+    });
+
+    test("tools.mcp is excluded (handled as fallback override)", () => {
+      const result = normalizeConfig({
+        tools: { mcp: "ask", read: "allow" },
+      });
+      expect(result).toEqual([
+        { surface: "read", pattern: "*", action: "allow" },
+      ]);
+    });
+  });
+
+  describe("bash entries", () => {
+    test("converts bash entries to surface 'bash' rules", () => {
+      const result = normalizeConfig({
+        bash: { "git *": "allow", "rm -rf *": "deny" },
+      });
+      expect(result).toEqual([
+        { surface: "bash", pattern: "git *", action: "allow" },
+        { surface: "bash", pattern: "rm -rf *", action: "deny" },
+      ]);
+    });
+  });
+
+  describe("mcp entries", () => {
+    test("converts mcp entries to surface 'mcp' rules", () => {
+      const result = normalizeConfig({
+        mcp: { "exa:*": "allow", mcp_status: "allow" },
+      });
+      expect(result).toEqual([
+        { surface: "mcp", pattern: "exa:*", action: "allow" },
+        { surface: "mcp", pattern: "mcp_status", action: "allow" },
+      ]);
+    });
+  });
+
+  describe("skills entries", () => {
+    test("converts skills entries to surface 'skill' rules", () => {
+      const result = normalizeConfig({
+        skills: { "*": "ask", librarian: "allow" },
+      });
+      expect(result).toEqual([
+        { surface: "skill", pattern: "*", action: "ask" },
+        { surface: "skill", pattern: "librarian", action: "allow" },
+      ]);
+    });
+  });
+
+  describe("special entries", () => {
+    test("converts special entries to surface 'special' with key as pattern", () => {
+      const result = normalizeConfig({
+        special: { external_directory: "ask" },
+      });
+      expect(result).toEqual([
+        { surface: "special", pattern: "external_directory", action: "ask" },
+      ]);
+    });
+  });
+
+  describe("ordering", () => {
+    test("tools.bash excluded; bash entries come after tools", () => {
+      const result = normalizeConfig({
+        tools: { bash: "allow", read: "deny" },
+        bash: { "git *": "ask" },
+      });
+      expect(result).toEqual([
+        { surface: "read", pattern: "*", action: "deny" },
+        { surface: "bash", pattern: "git *", action: "ask" },
+      ]);
+    });
+
+    test("full ordering: tools → bash → mcp → skills → special", () => {
+      const result = normalizeConfig({
+        tools: { read: "allow" },
+        bash: { "git *": "allow" },
+        mcp: { "exa:*": "allow" },
+        skills: { librarian: "allow" },
+        special: { external_directory: "ask" },
+      });
+      expect(result).toEqual([
+        { surface: "read", pattern: "*", action: "allow" },
+        { surface: "bash", pattern: "git *", action: "allow" },
+        { surface: "mcp", pattern: "exa:*", action: "allow" },
+        { surface: "skill", pattern: "librarian", action: "allow" },
+        { surface: "special", pattern: "external_directory", action: "ask" },
+      ]);
+    });
+  });
+
+  describe("empty and missing sections", () => {
+    test("empty config produces empty ruleset", () => {
+      expect(normalizeConfig({})).toEqual([]);
+    });
+
+    test("undefined sections are skipped", () => {
+      expect(normalizeConfig({ tools: undefined })).toEqual([]);
+    });
+  });
+});

package/tests/permission-system.test.ts

@@ -10,7 +10,7 @@ import {
 import { tmpdir } from "node:os";
 import { dirname, join, resolve } from "node:path";
 import { test } from "vitest";
-import { BashFilter } from "../src/bash-filter";
+
 import {
   createActiveToolsCacheKey,
   createBeforeAgentStartPromptStateKey,
@@ -46,11 +46,7 @@ import {
   checkRequestedToolRegistration,
   getToolNameFromValue,
 } from "../src/tool-registry";
-import type {
-  AgentPermissions,
-  GlobalPermissionConfig,
-  PermissionState,
-} from "../src/types";
+import type { PermissionState, ScopeConfig } from "../src/types";
 import {
   canResolveAskPermissionRequest,
   shouldAutoApprovePermissionState,
@@ -61,7 +57,7 @@ type CreateManagerOptions = {
 };
 
 function createManager(
-  config: GlobalPermissionConfig,
+  config: ScopeConfig,
   agentFiles: Record<string, string> = {},
   options: CreateManagerOptions = {},
 ) {
@@ -146,7 +142,7 @@ async function withIsolatedSubagentEnv<T>(
 }
 
 function createToolCallHarness(
-  config: GlobalPermissionConfig,
+  config: ScopeConfig,
   toolNames: readonly string[],
   options: ExtensionHarnessOptions = {},
 ): ExtensionHarness {
@@ -652,30 +648,6 @@ test("Permission-system logger respects debug toggle and keeps review log enable
   }
 });
 
-test("BashFilter uses opencode-style last-match hierarchy", () => {
-  const filter = new BashFilter(
-    {
-      "*": "ask",
-      "git *": "deny",
-      "git status *": "ask",
-      "git status": "allow",
-    },
-    "deny",
-  );
-
-  const exact = filter.check("git status");
-  assert.equal(exact.state, "allow");
-  assert.equal(exact.matchedPattern, "git status");
-
-  const subcommand = filter.check("git status --short");
-  assert.equal(subcommand.state, "ask");
-  assert.equal(subcommand.matchedPattern, "git status *");
-
-  const generic = filter.check("git commit -m test");
-  assert.equal(generic.state, "deny");
-  assert.equal(generic.matchedPattern, "git *");
-});
-
 test("PermissionManager canonical built-in permission checking", () => {
   const { manager, cleanup } = createManager({
     defaultPolicy: {
@@ -910,7 +882,7 @@ test("MCP server names in settings.json are not used — only mcp.json is consul
   // which matches this rule and returns "allow".
   // After the fix, settings.json is ignored, so no server name is derived and the
   // result falls through to the default mcp policy ("ask").
-  const config: GlobalPermissionConfig = {
+  const config: ScopeConfig = {
     defaultPolicy: {
       tools: "ask",
       bash: "ask",
@@ -1510,12 +1482,12 @@ test("Permission forwarding rejects unresolved sentinel session ids", () => {
 });
 
 type CreateManagerWithProjectOptions = CreateManagerOptions & {
-  projectConfig?: AgentPermissions;
+  projectConfig?: ScopeConfig;
   projectAgentFiles?: Record<string, string>;
 };
 
 function createManagerWithProject(
-  config: GlobalPermissionConfig,
+  config: ScopeConfig,
   agentFiles: Record<string, string> = {},
   options: CreateManagerWithProjectOptions = {},
 ) {
@@ -1807,7 +1779,7 @@ test("PermissionManager reads config from PI_CODING_AGENT_DIR when set", () => {
   mkdirSync(agentsDir, { recursive: true });
   mkdirSync(dirname(newConfigPath), { recursive: true });
 
-  const config: GlobalPermissionConfig = {
+  const config: ScopeConfig = {
     defaultPolicy: {
       tools: "deny",
       bash: "deny",
@@ -2609,7 +2581,7 @@ test("normalizeRawPermission emits no issues when special is absent", () => {
 });
 
 test("PermissionManager.getConfigIssues returns deprecation for tool_call_limit in global config", () => {
-  const config: GlobalPermissionConfig = {
+  const config: ScopeConfig = {
     defaultPolicy: {
       tools: "ask",
       bash: "ask",
@@ -2634,7 +2606,7 @@ test("PermissionManager.getConfigIssues returns deprecation for tool_call_limit
 });
 
 test("PermissionManager.getConfigIssues returns empty array for clean config", () => {
-  const config: GlobalPermissionConfig = {
+  const config: ScopeConfig = {
     defaultPolicy: {
       tools: "ask",
       bash: "ask",
@@ -2660,7 +2632,7 @@ test("PermissionManager.getConfigIssues returns empty array for clean config", (
 // --- doom_loop config-loader deprecation tests (#54) ---
 
 test("PermissionManager.getConfigIssues returns deprecation for doom_loop in global config", () => {
-  const config: GlobalPermissionConfig = {
+  const config: ScopeConfig = {
     defaultPolicy: {
       tools: "ask",
       bash: "ask",

package/tests/rule.test.ts

@@ -1,38 +1,6 @@
-import { afterEach, describe, expect, test, vi } from "vitest";
+import { describe, expect, test } from "vitest";
 import type { Rule, Ruleset } from "../src/rule";
-import { evaluate, getDefaultAction } from "../src/rule";
-
-afterEach(() => {
-  vi.restoreAllMocks();
-});
-
-describe("getDefaultAction", () => {
-  test("returns 'ask' for bash surface", () => {
-    expect(getDefaultAction("bash")).toBe("ask");
-  });
-
-  test("returns 'ask' for mcp surface", () => {
-    expect(getDefaultAction("mcp")).toBe("ask");
-  });
-
-  test("returns 'ask' for skill surface", () => {
-    expect(getDefaultAction("skill")).toBe("ask");
-  });
-
-  test("returns 'ask' for special surface", () => {
-    expect(getDefaultAction("special")).toBe("ask");
-  });
-
-  test("returns 'ask' for tools surface", () => {
-    expect(getDefaultAction("tools")).toBe("ask");
-  });
-
-  test("returns 'ask' for unknown surface (least privilege)", () => {
-    expect(getDefaultAction("unknown_surface")).toBe("ask");
-    expect(getDefaultAction("")).toBe("ask");
-    expect(getDefaultAction("external_directory")).toBe("ask");
-  });
-});
+import { evaluate } from "../src/rule";
 
 describe("evaluate", () => {
   const allowBashGit: Rule = {
@@ -64,11 +32,23 @@ describe("evaluate", () => {
     expect(result).toEqual(allowBashGit);
   });
 
-  test("returns synthetic rule with default action when no rules match", () => {
+  test("returns synthetic rule with 'ask' when no rules match and no defaultAction", () => {
     const result = evaluate("bash", "npm install", [allowBashGit]);
     expect(result.surface).toBe("bash");
     expect(result.pattern).toBe("npm install");
-    expect(result.action).toBe("ask"); // getDefaultAction("bash")
+    expect(result.action).toBe("ask");
+  });
+
+  test("returns synthetic rule with custom defaultAction when no rules match", () => {
+    const result = evaluate("bash", "npm install", [allowBashGit], "deny");
+    expect(result.surface).toBe("bash");
+    expect(result.pattern).toBe("npm install");
+    expect(result.action).toBe("deny");
+  });
+
+  test("defaultAction does not affect matched rules", () => {
+    const result = evaluate("bash", "git status", [allowBashGit], "deny");
+    expect(result).toEqual(allowBashGit);
   });
 
   test("returns synthetic rule for empty ruleset", () => {
@@ -126,18 +106,19 @@ describe("evaluate", () => {
     expect(result.action).toBe("ask"); // falls back to default
   });
 
-  test("multiple rulesets: rules from later rulesets take priority", () => {
+  test("merged rulesets: rules from later scope take priority", () => {
     const globalRules: Ruleset = [
       { surface: "bash", pattern: "git *", action: "ask" },
     ];
     const agentRules: Ruleset = [
       { surface: "bash", pattern: "git *", action: "allow" },
     ];
-    const result = evaluate("bash", "git status", globalRules, agentRules);
+    const merged = [...globalRules, ...agentRules];
+    const result = evaluate("bash", "git status", merged);
     expect(result.action).toBe("allow"); // agent rule wins
   });
 
-  test("multiple rulesets: earlier rulesets used when later rulesets have no match", () => {
+  test("merged rulesets: earlier scope used when later scope has no match", () => {
     const globalRules: Ruleset = [
       { surface: "bash", pattern: "git *", action: "allow" },
     ];
@@ -145,12 +126,13 @@ describe("evaluate", () => {
       { surface: "bash", pattern: "npm *", action: "deny" },
     ];
     // git status matches global but not agent rule
-    const result = evaluate("bash", "git status", globalRules, agentRules);
+    const merged = [...globalRules, ...agentRules];
+    const result = evaluate("bash", "git status", merged);
     expect(result.action).toBe("allow"); // global rule is the last match for this pattern
   });
 
-  test("no rulesets at all returns synthetic default", () => {
-    const result = evaluate("bash", "git status");
+  test("empty ruleset returns synthetic default", () => {
+    const result = evaluate("bash", "git status", []);
     expect(result.surface).toBe("bash");
     expect(result.pattern).toBe("git status");
     expect(result.action).toBe("ask");