@gotgenes/pi-permission-system 5.18.1 → 5.18.3

package/tests/handlers/gates/path.test.ts

@@ -4,6 +4,7 @@ import type { GateDescriptor } from "../../../src/handlers/gates/descriptor";
 import { isGateDescriptor } from "../../../src/handlers/gates/descriptor";
 import { describePathGate } from "../../../src/handlers/gates/path";
 import type { ToolCallContext } from "../../../src/handlers/gates/types";
+import type { Rule } from "../../../src/rule";
 import type { PermissionCheckResult } from "../../../src/types";
 
 // ── helpers ────────────────────────────────────────────────────────────────
@@ -35,17 +36,20 @@ type CheckPermissionFn = (
   surface: string,
   input: unknown,
   agentName?: string,
-  sessionRules?: unknown[],
+  sessionRules?: Rule[],
 ) => PermissionCheckResult;
 
 // ── tests ──────────────────────────────────────────────────────────────────
 
 describe("describePathGate", () => {
+  const getSessionRuleset = vi.fn<() => Rule[]>().mockReturnValue([]);
+
   it("returns null for non-path-bearing tools", () => {
     const checkPermission = vi.fn<CheckPermissionFn>();
     const result = describePathGate(
       makeTcc({ toolName: "bash", input: { command: "ls" } }),
       checkPermission,
+      getSessionRuleset,
     );
     expect(result).toBeNull();
     expect(checkPermission).not.toHaveBeenCalled();
@@ -56,6 +60,7 @@ describe("describePathGate", () => {
     const result = describePathGate(
       makeTcc({ toolName: "read", input: {} }),
       checkPermission,
+      getSessionRuleset,
     );
     expect(result).toBeNull();
   });
@@ -64,10 +69,49 @@ describe("describePathGate", () => {
     const checkPermission = vi
       .fn<CheckPermissionFn>()
       .mockReturnValue(makeCheckResult({ state: "allow" }));
-    const result = describePathGate(makeTcc(), checkPermission);
+    const result = describePathGate(
+      makeTcc(),
+      checkPermission,
+      getSessionRuleset,
+    );
     expect(result).toBeNull();
   });
 
+  it("returns null when matchedPattern is undefined (universal default)", () => {
+    const checkPermission = vi.fn<CheckPermissionFn>().mockReturnValue(
+      makeCheckResult({
+        state: "ask",
+        matchedPattern: undefined,
+        source: "special",
+        origin: "builtin",
+      }),
+    );
+    const result = describePathGate(
+      makeTcc(),
+      checkPermission,
+      getSessionRuleset,
+    );
+    expect(result).toBeNull();
+  });
+
+  it("returns GateDescriptor when matchedPattern is defined (explicit path rule)", () => {
+    const checkPermission = vi.fn<CheckPermissionFn>().mockReturnValue(
+      makeCheckResult({
+        state: "ask",
+        matchedPattern: "*.env",
+        source: "special",
+        origin: "global",
+      }),
+    );
+    const result = describePathGate(
+      makeTcc(),
+      checkPermission,
+      getSessionRuleset,
+    );
+    expect(result).not.toBeNull();
+    expect(isGateDescriptor(result)).toBe(true);
+  });
+
   it("returns GateDescriptor when path check result is deny", () => {
     const checkPermission = vi.fn<CheckPermissionFn>().mockReturnValue(
       makeCheckResult({
@@ -75,7 +119,11 @@ describe("describePathGate", () => {
         matchedPattern: "*.env",
       }),
     );
-    const result = describePathGate(makeTcc(), checkPermission);
+    const result = describePathGate(
+      makeTcc(),
+      checkPermission,
+      getSessionRuleset,
+    );
     expect(result).not.toBeNull();
     expect(isGateDescriptor(result)).toBe(true);
     const desc = result as GateDescriptor;
@@ -90,7 +138,11 @@ describe("describePathGate", () => {
         matchedPattern: "*.env",
       }),
     );
-    const result = describePathGate(makeTcc(), checkPermission);
+    const result = describePathGate(
+      makeTcc(),
+      checkPermission,
+      getSessionRuleset,
+    );
     expect(result).not.toBeNull();
     expect(isGateDescriptor(result)).toBe(true);
     const desc = result as GateDescriptor;
@@ -101,10 +153,11 @@ describe("describePathGate", () => {
   it("descriptor has correct session approval surface and pattern", () => {
     const checkPermission = vi
       .fn<CheckPermissionFn>()
-      .mockReturnValue(makeCheckResult({ state: "ask" }));
+      .mockReturnValue(makeCheckResult({ state: "ask", matchedPattern: "*" }));
     const result = describePathGate(
       makeTcc({ input: { path: "/test/project/src/.env" } }),
       checkPermission,
+      getSessionRuleset,
     ) as GateDescriptor;
     expect(result.sessionApproval).toBeDefined();
     expect(result.sessionApproval).toHaveProperty("surface", "path");
@@ -114,10 +167,13 @@ describe("describePathGate", () => {
   it("descriptor messages reference the file path", () => {
     const checkPermission = vi
       .fn<CheckPermissionFn>()
-      .mockReturnValue(makeCheckResult({ state: "deny" }));
+      .mockReturnValue(
+        makeCheckResult({ state: "deny", matchedPattern: "*.env" }),
+      );
     const result = describePathGate(
       makeTcc(),
       checkPermission,
+      getSessionRuleset,
     ) as GateDescriptor;
     expect(result.messages.denyReason).toContain(".env");
     expect(result.messages.unavailableReason).toContain(".env");
@@ -126,24 +182,41 @@ describe("describePathGate", () => {
   it("descriptor decision uses surface 'path' and the file path as value", () => {
     const checkPermission = vi
       .fn<CheckPermissionFn>()
-      .mockReturnValue(makeCheckResult({ state: "deny" }));
+      .mockReturnValue(
+        makeCheckResult({ state: "deny", matchedPattern: "*.env" }),
+      );
     const result = describePathGate(
       makeTcc(),
       checkPermission,
+      getSessionRuleset,
     ) as GateDescriptor;
     expect(result.decision.surface).toBe("path");
     expect(result.decision.value).toBe(".env");
   });
 
-  it("passes agentName to checkPermission", () => {
+  it("passes agentName and session rules to checkPermission", () => {
+    const sessionRules: Rule[] = [
+      {
+        surface: "path",
+        pattern: "/project/*",
+        action: "allow",
+        origin: "session",
+      },
+    ];
+    const getSession = vi.fn<() => Rule[]>().mockReturnValue(sessionRules);
     const checkPermission = vi
       .fn<CheckPermissionFn>()
       .mockReturnValue(makeCheckResult({ state: "allow" }));
-    describePathGate(makeTcc({ agentName: "my-agent" }), checkPermission);
+    describePathGate(
+      makeTcc({ agentName: "my-agent" }),
+      checkPermission,
+      getSession,
+    );
     expect(checkPermission).toHaveBeenCalledWith(
       "path",
       { path: ".env" },
       "my-agent",
+      sessionRules,
     );
   });
 });

package/tests/handlers/tool-call.test.ts

@@ -307,7 +307,7 @@ describe("handleToolCall — path gate (tools)", () => {
       .mockImplementation(
         (surface: string, _input: unknown, _agentName?: string) => {
           if (surface === "path") {
-            return makePermissionResult("deny");
+            return { ...makePermissionResult("deny"), matchedPattern: "*.env" };
           }
           return makePermissionResult("allow");
         },
@@ -354,7 +354,7 @@ describe("handleToolCall — bash path gate", () => {
       .mockImplementation(
         (surface: string, _input: unknown, _agentName?: string) => {
           if (surface === "path") {
-            return makePermissionResult("deny");
+            return { ...makePermissionResult("deny"), matchedPattern: "*.env" };
           }
           return makePermissionResult("allow");
         },

package/tests/permission-manager-unified.test.ts

@@ -1209,6 +1209,32 @@ describe("cross-cutting path surface", () => {
     }
   });
 
+  it("universal default produces undefined matchedPattern for gate skip (#58)", () => {
+    const { manager, cleanup } = makeManagerWithConfig({
+      "*": "ask",
+      read: "allow",
+      find: "allow",
+    });
+    try {
+      // No explicit "path" key → matchedPattern must be undefined so the
+      // path gate skips (describePathGate returns null).
+      const result = manager.checkPermission("path", {
+        path: "src/main.ts",
+      });
+      expect(result.state).toBe("ask");
+      expect(result.matchedPattern).toBeUndefined();
+
+      // Meanwhile the tool-level check should allow read.
+      const readResult = manager.checkPermission("read", {
+        path: "src/main.ts",
+      });
+      expect(readResult.state).toBe("allow");
+      expect(readResult.matchedPattern).toBe("*");
+    } finally {
+      cleanup();
+    }
+  });
+
   // ── Last-match-wins ordering ────────────────────────────────────────────
 
   it("last-match-wins: catch-all after deny overrides the deny", () => {