@gotgenes/pi-permission-system 5.4.0 → 5.5.1

package/src/policy-loader.ts

@@ -0,0 +1,350 @@
+import { existsSync, readFileSync, statSync } from "node:fs";
+import { join } from "node:path";
+import { getAgentDir } from "@mariozechner/pi-coding-agent";
+
+import { extractFrontmatter, parseSimpleYamlMap, toRecord } from "./common";
+import {
+  loadUnifiedConfig,
+  normalizeUnifiedConfig,
+  stripJsonComments,
+} from "./config-loader";
+import { getGlobalConfigPath } from "./config-paths";
+import type { ScopeConfig } from "./types";
+
+// ---------------------------------------------------------------------------
+// File-stamp helper
+// ---------------------------------------------------------------------------
+
+function getFileStamp(path: string): string {
+  try {
+    return String(statSync(path).mtimeMs);
+  } catch {
+    return "missing";
+  }
+}
+
+// ---------------------------------------------------------------------------
+// MCP server-name reading helpers
+// ---------------------------------------------------------------------------
+
+function readConfiguredMcpServerNamesFromConfigPath(
+  configPath: string,
+): string[] {
+  try {
+    const raw = readFileSync(configPath, "utf-8");
+    const parsed = JSON.parse(stripJsonComments(raw)) as unknown;
+    const root = toRecord(parsed);
+    const serverRecord = toRecord(root.mcpServers ?? root["mcp-servers"]);
+
+    return Object.keys(serverRecord)
+      .map((name) => name.trim())
+      .filter((name) => name.length > 0);
+  } catch {
+    return [];
+  }
+}
+
+function getConfiguredMcpServerNamesFromPaths(
+  paths: readonly string[],
+): string[] {
+  const seen = new Set<string>();
+
+  for (const path of paths) {
+    for (const name of readConfiguredMcpServerNamesFromConfigPath(path)) {
+      seen.add(name);
+    }
+  }
+
+  return [...seen].sort(
+    (left, right) => right.length - left.length || left.localeCompare(right),
+  );
+}
+
+// ---------------------------------------------------------------------------
+// Resolved policy paths
+// ---------------------------------------------------------------------------
+
+export interface ResolvedPolicyPaths {
+  globalConfigPath: string;
+  globalConfigExists: boolean;
+  projectConfigPath: string | null;
+  projectConfigExists: boolean;
+  agentsDir: string;
+  agentsDirExists: boolean;
+  projectAgentsDir: string | null;
+  projectAgentsDirExists: boolean;
+}
+
+// ---------------------------------------------------------------------------
+// PolicyLoader interface
+// ---------------------------------------------------------------------------
+
+/**
+ * Abstraction over file I/O for loading permission policy from disk.
+ * Implementations handle caching, path resolution, and config-issue
+ * accumulation.  `PermissionManager` depends on this interface so that
+ * merge + evaluation logic can be tested with an in-memory stub.
+ */
+export interface PolicyLoader {
+  loadGlobalConfig(): ScopeConfig;
+  loadProjectConfig(): ScopeConfig;
+  loadAgentConfig(agentName?: string): ScopeConfig;
+  loadProjectAgentConfig(agentName?: string): ScopeConfig;
+  getConfiguredMcpServerNames(): readonly string[];
+  /** Combined mtime stamp for cache invalidation. */
+  getCacheStamp(agentName?: string): string;
+  /** Accumulated config-parse issues across all loads. */
+  getConfigIssues(): string[];
+  /** Resolved paths for the /permission-system show command. */
+  getResolvedPolicyPaths(): ResolvedPolicyPaths;
+}
+
+// ---------------------------------------------------------------------------
+// Default path factories (deferred until call-time, not module scope)
+// ---------------------------------------------------------------------------
+
+function defaultGlobalConfigPath(): string {
+  return getGlobalConfigPath(getAgentDir());
+}
+function defaultAgentsDir(): string {
+  return join(getAgentDir(), "agents");
+}
+function defaultGlobalMcpConfigPath(): string {
+  return join(getAgentDir(), "mcp.json");
+}
+
+// ---------------------------------------------------------------------------
+// File cache helper type
+// ---------------------------------------------------------------------------
+
+type FileCacheEntry<TValue> = {
+  stamp: string;
+  value: TValue;
+};
+
+// ---------------------------------------------------------------------------
+// Options shared between FilePolicyLoader and the backward-compat
+// PermissionManager constructor.
+// ---------------------------------------------------------------------------
+
+export interface PolicyLoaderOptions {
+  globalConfigPath?: string;
+  agentsDir?: string;
+  projectGlobalConfigPath?: string;
+  projectAgentsDir?: string;
+  globalMcpConfigPath?: string;
+  mcpServerNames?: readonly string[];
+}
+
+// ---------------------------------------------------------------------------
+// FilePolicyLoader — the production implementation
+// ---------------------------------------------------------------------------
+
+/**
+ * Production `PolicyLoader` that reads config files from disk with
+ * mtime-based caching.
+ */
+export class FilePolicyLoader implements PolicyLoader {
+  private readonly globalConfigPath: string;
+  private readonly agentsDir: string;
+  private readonly projectGlobalConfigPath: string | null;
+  private readonly projectAgentsDir: string | null;
+  private readonly globalMcpConfigPath: string;
+  private readonly configuredMcpServerNamesOverride: readonly string[] | null;
+
+  private globalConfigCache: FileCacheEntry<ScopeConfig> | null = null;
+  private projectGlobalConfigCache: FileCacheEntry<ScopeConfig> | null = null;
+  private readonly agentConfigCache = new Map<
+    string,
+    FileCacheEntry<ScopeConfig>
+  >();
+  private readonly projectAgentConfigCache = new Map<
+    string,
+    FileCacheEntry<ScopeConfig>
+  >();
+  private configuredMcpServerNamesCache: FileCacheEntry<
+    readonly string[]
+  > | null = null;
+  private accumulatedConfigIssues: string[] = [];
+
+  constructor(options: PolicyLoaderOptions = {}) {
+    this.globalConfigPath =
+      options.globalConfigPath || defaultGlobalConfigPath();
+    this.agentsDir = options.agentsDir || defaultAgentsDir();
+    this.projectGlobalConfigPath = options.projectGlobalConfigPath || null;
+    this.projectAgentsDir = options.projectAgentsDir || null;
+    this.globalMcpConfigPath =
+      options.globalMcpConfigPath || defaultGlobalMcpConfigPath();
+    this.configuredMcpServerNamesOverride = options.mcpServerNames
+      ? [
+          ...new Set(
+            options.mcpServerNames
+              .map((name) => name.trim())
+              .filter((name) => name.length > 0),
+          ),
+        ]
+      : null;
+  }
+
+  // ── Config issue accumulation ────────────────────────────────────────
+
+  private accumulateConfigIssues(issues: string[]): void {
+    for (const issue of issues) {
+      if (!this.accumulatedConfigIssues.includes(issue)) {
+        this.accumulatedConfigIssues.push(issue);
+      }
+    }
+  }
+
+  getConfigIssues(): string[] {
+    return [...this.accumulatedConfigIssues];
+  }
+
+  // ── Scope loaders ────────────────────────────────────────────────────
+
+  loadGlobalConfig(): ScopeConfig {
+    const stamp = getFileStamp(this.globalConfigPath);
+    if (this.globalConfigCache?.stamp === stamp) {
+      return this.globalConfigCache.value;
+    }
+
+    const { config, issues } = loadUnifiedConfig(this.globalConfigPath);
+    this.accumulateConfigIssues(issues);
+
+    const value: ScopeConfig = {
+      permission: config.permission,
+    };
+
+    this.globalConfigCache = { stamp, value };
+    return value;
+  }
+
+  loadProjectConfig(): ScopeConfig {
+    if (!this.projectGlobalConfigPath) {
+      return {};
+    }
+
+    const stamp = getFileStamp(this.projectGlobalConfigPath);
+    if (this.projectGlobalConfigCache?.stamp === stamp) {
+      return this.projectGlobalConfigCache.value;
+    }
+
+    const { config, issues } = loadUnifiedConfig(this.projectGlobalConfigPath);
+    this.accumulateConfigIssues(issues);
+
+    const value: ScopeConfig = {
+      permission: config.permission,
+    };
+
+    this.projectGlobalConfigCache = { stamp, value };
+    return value;
+  }
+
+  private loadScopeConfigFrom(
+    dir: string | null,
+    cache: Map<string, FileCacheEntry<ScopeConfig>>,
+    agentName?: string,
+  ): ScopeConfig {
+    if (!dir || !agentName) {
+      return {};
+    }
+
+    const filePath = join(dir, `${agentName}.md`);
+    const stamp = getFileStamp(filePath);
+    const cached = cache.get(agentName);
+    if (cached?.stamp === stamp) {
+      return cached.value;
+    }
+
+    let value: ScopeConfig;
+    try {
+      const markdown = readFileSync(filePath, "utf-8");
+      const frontmatter = extractFrontmatter(markdown);
+      if (!frontmatter) {
+        value = {};
+      } else {
+        const parsed = parseSimpleYamlMap(frontmatter);
+        const { config, issues } = normalizeUnifiedConfig(parsed);
+        this.accumulateConfigIssues(issues);
+        value = { permission: config.permission };
+      }
+    } catch {
+      value = {};
+    }
+
+    cache.set(agentName, { stamp, value });
+    return value;
+  }
+
+  loadAgentConfig(agentName?: string): ScopeConfig {
+    return this.loadScopeConfigFrom(
+      this.agentsDir,
+      this.agentConfigCache,
+      agentName,
+    );
+  }
+
+  loadProjectAgentConfig(agentName?: string): ScopeConfig {
+    return this.loadScopeConfigFrom(
+      this.projectAgentsDir,
+      this.projectAgentConfigCache,
+      agentName,
+    );
+  }
+
+  // ── MCP server names ─────────────────────────────────────────────────
+
+  getConfiguredMcpServerNames(): readonly string[] {
+    if (this.configuredMcpServerNamesOverride) {
+      return this.configuredMcpServerNamesOverride;
+    }
+
+    const paths = [this.globalMcpConfigPath];
+    const stamp = paths
+      .map((path) => `${path}:${getFileStamp(path)}`)
+      .join("|");
+    if (this.configuredMcpServerNamesCache?.stamp === stamp) {
+      return this.configuredMcpServerNamesCache.value;
+    }
+
+    const value = getConfiguredMcpServerNamesFromPaths(paths);
+    this.configuredMcpServerNamesCache = { stamp, value };
+    return value;
+  }
+
+  // ── Cache stamp ───────────────────────────────────────────────────────
+
+  getCacheStamp(agentName?: string): string {
+    const agentStamp = agentName
+      ? getFileStamp(join(this.agentsDir, `${agentName}.md`))
+      : "missing";
+    const projectStamp = this.projectGlobalConfigPath
+      ? getFileStamp(this.projectGlobalConfigPath)
+      : "none";
+    const projectAgentStamp =
+      this.projectAgentsDir && agentName
+        ? getFileStamp(join(this.projectAgentsDir, `${agentName}.md`))
+        : "none";
+
+    return `${getFileStamp(this.globalConfigPath)}|${projectStamp}|${agentStamp}|${projectAgentStamp}`;
+  }
+
+  // ── Resolved paths ────────────────────────────────────────────────────
+
+  getResolvedPolicyPaths(): ResolvedPolicyPaths {
+    return {
+      globalConfigPath: this.globalConfigPath,
+      globalConfigExists: existsSync(this.globalConfigPath),
+      projectConfigPath: this.projectGlobalConfigPath,
+      projectConfigExists: this.projectGlobalConfigPath
+        ? existsSync(this.projectGlobalConfigPath)
+        : false,
+      agentsDir: this.agentsDir,
+      agentsDirExists: existsSync(this.agentsDir),
+      projectAgentsDir: this.projectAgentsDir,
+      projectAgentsDirExists: this.projectAgentsDir
+        ? existsSync(this.projectAgentsDir)
+        : false,
+    };
+  }
+}

package/src/runtime.ts

@@ -47,6 +47,21 @@ import type { SkillPromptEntry } from "./skill-prompt-sanitizer";
 import { syncPermissionSystemStatus } from "./status";
 import { isSubagentExecutionContext } from "./subagent-context";
 
+/**
+ * Mutable session state — the subset of ExtensionRuntime that handlers
+ * read and write. Lifecycle handlers reset fields here on session
+ * start/shutdown; gate adapters read permissionManager and sessionRules.
+ */
+export interface SessionState {
+  runtimeContext: ExtensionContext | null;
+  permissionManager: PermissionManager;
+  readonly sessionRules: SessionRules;
+  activeSkillEntries: SkillPromptEntry[];
+  lastKnownActiveAgentName: string | null;
+  lastActiveToolsCacheKey: string | null;
+  lastPromptStateCacheKey: string | null;
+}
+
 /**
  * Runtime context object created once inside `piPermissionSystemExtension()`.
  *
@@ -58,7 +73,7 @@ import { isSubagentExecutionContext } from "./subagent-context";
  * Tests construct this via `createExtensionRuntime({ agentDir: tmpDir })`
  * without timing issues around `PI_CODING_AGENT_DIR`.
  */
-export interface ExtensionRuntime {
+export interface ExtensionRuntime extends SessionState {
   // ── Immutable paths (derived from agentDir at construction) ───────────
   readonly agentDir: string;
   readonly sessionsDir: string;
@@ -74,16 +89,9 @@ export interface ExtensionRuntime {
    */
   readonly piInfrastructureDirs: string[];
 
-  // ── Mutable state ──────────────────────────────────────────────────────
+  // ── Mutable state (beyond SessionState) ───────────────────────────────────
   config: PermissionSystemExtensionConfig;
-  runtimeContext: ExtensionContext | null;
-  permissionManager: PermissionManager;
-  activeSkillEntries: SkillPromptEntry[];
-  lastKnownActiveAgentName: string | null;
-  lastActiveToolsCacheKey: string | null;
-  lastPromptStateCacheKey: string | null;
   lastConfigWarning: string | null;
-  readonly sessionRules: SessionRules;
 
   // ── Forwarding polling state ───────────────────────────────────────────
   permissionForwardingContext: ExtensionContext | null;

package/tests/handlers/before-agent-start.test.ts

@@ -7,7 +7,7 @@ import {
 } from "../../src/handlers/before-agent-start";
 import type { HandlerDeps } from "../../src/handlers/types";
 import type { PermissionManager } from "../../src/permission-manager";
-import type { ExtensionRuntime } from "../../src/runtime";
+import type { SessionState } from "../../src/runtime";
 import type { SkillPromptEntry } from "../../src/skill-prompt-sanitizer";
 
 // ── SDK stubs ──────────────────────────────────────────────────────────────
@@ -57,40 +57,30 @@ function makePm(
   } as unknown as PermissionManager;
 }
 
-function makeRuntime(
-  overrides: Partial<ExtensionRuntime> = {},
-): ExtensionRuntime {
+function makeSession(overrides: Partial<SessionState> = {}): SessionState {
   return {
-    agentDir: "/test/agent",
-    sessionsDir: "/test/agent/sessions",
-    subagentSessionsDir: "/test/agent/subagent-sessions",
-    forwardingDir: "/test/agent/sessions/permission-forwarding",
-    globalLogsDir: "/test/agent/extensions/pi-permission-system/logs",
-    config: { debugLog: false, permissionReviewLog: true, yoloMode: false },
     runtimeContext: null,
     permissionManager: makePm() as unknown as PermissionManager,
     activeSkillEntries: [] as SkillPromptEntry[],
     lastKnownActiveAgentName: null,
     lastActiveToolsCacheKey: null,
     lastPromptStateCacheKey: null,
-    lastConfigWarning: null,
     sessionRules: {
       approve: vi.fn(),
       getRuleset: vi.fn().mockReturnValue([]),
       clear: vi.fn(),
-    } as unknown as ExtensionRuntime["sessionRules"],
-    permissionForwardingContext: null,
-    permissionForwardingTimer: null,
-    isProcessingForwardedRequests: false,
-    writeDebugLog: vi.fn(),
-    writeReviewLog: vi.fn(),
+    } as unknown as SessionState["sessionRules"],
     ...overrides,
-  } as ExtensionRuntime;
+  };
 }
 
 function makeDeps(overrides: Partial<HandlerDeps> = {}): HandlerDeps {
   return {
-    runtime: makeRuntime(),
+    session: makeSession(),
+    writeDebugLog: vi.fn(),
+    writeReviewLog: vi.fn(),
+    piInfrastructureDirs: ["/test/agent", "/test/agent/git"],
+    getPiInfrastructureReadPaths: vi.fn().mockReturnValue([]),
     createPermissionManagerForCwd: vi.fn().mockReturnValue(makePm()),
     refreshExtensionConfig: vi.fn(),
     notifyWarning: vi.fn(),
@@ -176,7 +166,7 @@ describe("handleBeforeAgentStart", () => {
   it("filters out denied tools from allowed list", async () => {
     const pm = makePm("deny");
     const deps = makeDeps({
-      runtime: makeRuntime({
+      session: makeSession({
         permissionManager: pm as unknown as PermissionManager,
       }),
       getAllTools: vi
@@ -191,7 +181,7 @@ describe("handleBeforeAgentStart", () => {
   it("includes allowed and ask tools in the active list", async () => {
     const pm = makePm("allow");
     const deps = makeDeps({
-      runtime: makeRuntime({
+      session: makeSession({
         permissionManager: pm as unknown as PermissionManager,
       }),
       getAllTools: vi
@@ -207,7 +197,7 @@ describe("handleBeforeAgentStart", () => {
       getAllTools: vi.fn().mockReturnValue([{ name: "read" }]),
     });
     await handleBeforeAgentStart(deps, makeEvent(), makeCtx());
-    expect(deps.runtime.lastActiveToolsCacheKey).not.toBeNull();
+    expect(deps.session.lastActiveToolsCacheKey).not.toBeNull();
   });
 
   it("skips setActiveTools when cache key is unchanged", async () => {
@@ -217,7 +207,7 @@ describe("handleBeforeAgentStart", () => {
     );
     const key = createActiveToolsCacheKey(["read"]);
     const deps = makeDeps({
-      runtime: makeRuntime({ lastActiveToolsCacheKey: key }),
+      session: makeSession({ lastActiveToolsCacheKey: key }),
       getAllTools: vi.fn().mockReturnValue([{ name: "read" }]),
     });
     await handleBeforeAgentStart(deps, makeEvent(), makeCtx());
@@ -238,7 +228,7 @@ describe("handleBeforeAgentStart", () => {
     );
     // The prompt was modified, so systemPrompt should be returned
     expect(result).toHaveProperty("systemPrompt");
-    expect(deps.runtime.lastPromptStateCacheKey).not.toBeNull();
+    expect(deps.session.lastPromptStateCacheKey).not.toBeNull();
   });
 
   it("returns empty object when systemPrompt is unchanged", async () => {
@@ -259,7 +249,7 @@ describe("handleBeforeAgentStart", () => {
       getAllTools: vi.fn().mockReturnValue([]),
     });
     await handleBeforeAgentStart(deps, makeEvent(), makeCtx());
-    expect(deps.runtime.activeSkillEntries).toEqual(expect.any(Array));
+    expect(deps.session.activeSkillEntries).toEqual(expect.any(Array));
   });
 
   it("returns empty object and skips prompt work when prompt cache key is unchanged", async () => {
@@ -277,7 +267,7 @@ describe("handleBeforeAgentStart", () => {
       allowedToolNames: allowedTools,
     });
     const deps = makeDeps({
-      runtime: makeRuntime({
+      session: makeSession({
         permissionManager: pm as unknown as PermissionManager,
         lastPromptStateCacheKey: key,
       }),
@@ -286,6 +276,6 @@ describe("handleBeforeAgentStart", () => {
     const result = await handleBeforeAgentStart(deps, makeEvent("hello"), ctx);
     expect(result).toEqual({});
     // activeSkillEntries was not assigned by the handler (early return)
-    expect(deps.runtime.activeSkillEntries).toEqual([]);
+    expect(deps.session.activeSkillEntries).toEqual([]);
   });
 });