@gotgenes/pi-permission-system 4.1.1 → 4.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +35 -0
- package/README.md +19 -10
- package/package.json +3 -3
- package/src/external-directory.ts +208 -11
- package/src/forwarded-permissions/polling.ts +7 -1
- package/src/handlers/tool-call.ts +37 -1
- package/src/handlers/types.ts +2 -0
- package/src/pattern-suggest.ts +91 -0
- package/src/permission-dialog.ts +16 -2
- package/src/permission-gate.ts +11 -1
- package/src/permission-manager.ts +59 -0
- package/src/runtime.ts +1 -0
- package/tests/bash-external-directory.test.ts +244 -94
- package/tests/handlers/tool-call.test.ts +212 -0
- package/tests/pattern-suggest.test.ts +139 -0
- package/tests/permission-dialog.test.ts +39 -0
- package/tests/permission-gate.test.ts +68 -0
- package/tests/permission-system.test.ts +181 -0
|
@@ -493,6 +493,20 @@ export class PermissionManager {
|
|
|
493
493
|
if (normalizedToolName === "skill") {
|
|
494
494
|
const skillName = toRecord(input).name;
|
|
495
495
|
const lookupValue = typeof skillName === "string" ? skillName : "*";
|
|
496
|
+
|
|
497
|
+
// Session check.
|
|
498
|
+
if (sessionRules && sessionRules.length > 0) {
|
|
499
|
+
const sessionRule = evaluate("skill", lookupValue, sessionRules);
|
|
500
|
+
if (sessionRules.includes(sessionRule)) {
|
|
501
|
+
return {
|
|
502
|
+
toolName,
|
|
503
|
+
state: "allow",
|
|
504
|
+
matchedPattern: sessionRule.pattern,
|
|
505
|
+
source: "session",
|
|
506
|
+
};
|
|
507
|
+
}
|
|
508
|
+
}
|
|
509
|
+
|
|
496
510
|
const rule = evaluate("skill", lookupValue, composedRules);
|
|
497
511
|
return {
|
|
498
512
|
toolName,
|
|
@@ -506,6 +520,21 @@ export class PermissionManager {
|
|
|
506
520
|
if (normalizedToolName === "bash") {
|
|
507
521
|
const record = toRecord(input);
|
|
508
522
|
const command = typeof record.command === "string" ? record.command : "";
|
|
523
|
+
|
|
524
|
+
// Session check.
|
|
525
|
+
if (sessionRules && sessionRules.length > 0) {
|
|
526
|
+
const sessionRule = evaluate("bash", command, sessionRules);
|
|
527
|
+
if (sessionRules.includes(sessionRule)) {
|
|
528
|
+
return {
|
|
529
|
+
toolName,
|
|
530
|
+
state: "allow",
|
|
531
|
+
command,
|
|
532
|
+
matchedPattern: sessionRule.pattern,
|
|
533
|
+
source: "session",
|
|
534
|
+
};
|
|
535
|
+
}
|
|
536
|
+
}
|
|
537
|
+
|
|
509
538
|
const rule = evaluate("bash", command, composedRules);
|
|
510
539
|
return {
|
|
511
540
|
toolName,
|
|
@@ -527,6 +556,22 @@ export class PermissionManager {
|
|
|
527
556
|
];
|
|
528
557
|
const fallbackTarget = mcpTargets[0] || "mcp";
|
|
529
558
|
|
|
559
|
+
// Session check: try each candidate target against session rules.
|
|
560
|
+
if (sessionRules && sessionRules.length > 0) {
|
|
561
|
+
for (const target of mcpTargets) {
|
|
562
|
+
const sessionRule = evaluate("mcp", target, sessionRules);
|
|
563
|
+
if (sessionRules.includes(sessionRule)) {
|
|
564
|
+
return {
|
|
565
|
+
toolName,
|
|
566
|
+
state: "allow",
|
|
567
|
+
matchedPattern: sessionRule.pattern,
|
|
568
|
+
target,
|
|
569
|
+
source: "session",
|
|
570
|
+
};
|
|
571
|
+
}
|
|
572
|
+
}
|
|
573
|
+
}
|
|
574
|
+
|
|
530
575
|
// Try each candidate target. Stop on the first non-default match.
|
|
531
576
|
for (const target of mcpTargets) {
|
|
532
577
|
const rule = evaluate("mcp", target, composedRules);
|
|
@@ -552,6 +597,20 @@ export class PermissionManager {
|
|
|
552
597
|
}
|
|
553
598
|
|
|
554
599
|
// --- Tools (read, write, edit, grep, find, ls, extension tools) ---
|
|
600
|
+
|
|
601
|
+
// Session check.
|
|
602
|
+
if (sessionRules && sessionRules.length > 0) {
|
|
603
|
+
const sessionRule = evaluate(normalizedToolName, "*", sessionRules);
|
|
604
|
+
if (sessionRules.includes(sessionRule)) {
|
|
605
|
+
return {
|
|
606
|
+
toolName,
|
|
607
|
+
state: "allow",
|
|
608
|
+
matchedPattern: sessionRule.pattern,
|
|
609
|
+
source: "session",
|
|
610
|
+
};
|
|
611
|
+
}
|
|
612
|
+
}
|
|
613
|
+
|
|
555
614
|
const rule = evaluate(normalizedToolName, "*", composedRules);
|
|
556
615
|
|
|
557
616
|
if (BUILT_IN_TOOL_PERMISSION_NAMES.has(normalizedToolName)) {
|
package/src/runtime.ts
CHANGED