@gotgenes/pi-permission-system 5.5.0 → 5.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. package/CHANGELOG.md +23 -0
  2. package/package.json +1 -1
  3. package/src/handlers/before-agent-start.ts +7 -7
  4. package/src/handlers/gates/bash-external-directory.ts +70 -67
  5. package/src/handlers/gates/descriptor.ts +115 -0
  6. package/src/handlers/gates/external-directory.ts +62 -130
  7. package/src/handlers/gates/index.ts +12 -4
  8. package/src/handlers/gates/runner.ts +144 -0
  9. package/src/handlers/gates/skill-read.ts +40 -59
  10. package/src/handlers/gates/tool.ts +35 -104
  11. package/src/handlers/gates/types.ts +0 -2
  12. package/src/handlers/input.ts +3 -3
  13. package/src/handlers/lifecycle.ts +21 -21
  14. package/src/handlers/tool-call.ts +121 -20
  15. package/src/handlers/types.ts +20 -7
  16. package/src/index.ts +6 -1
  17. package/src/runtime.ts +17 -9
  18. package/tests/handlers/before-agent-start.test.ts +17 -27
  19. package/tests/handlers/gates/bash-external-directory.test.ts +129 -184
  20. package/tests/handlers/gates/external-directory.test.ts +118 -264
  21. package/tests/handlers/gates/runner.test.ts +361 -0
  22. package/tests/handlers/gates/skill-read.test.ts +86 -137
  23. package/tests/handlers/gates/tool.test.ts +109 -346
  24. package/tests/handlers/input-events.test.ts +10 -21
  25. package/tests/handlers/input.test.ts +26 -43
  26. package/tests/handlers/lifecycle.test.ts +47 -66
  27. package/tests/handlers/tool-call-events.test.ts +29 -40
  28. package/tests/handlers/tool-call.test.ts +19 -30
package/tests/handlers/tool-call.test.ts CHANGED
@@ -3,7 +3,7 @@ import { describe, expect, it, vi } from "vitest";
3
3
 
4
4
  import { getEventInput, handleToolCall } from "../../src/handlers/tool-call";
5
5
  import type { HandlerDeps } from "../../src/handlers/types";
6
- import type { ExtensionRuntime } from "../../src/runtime";
6
+ import type { SessionState } from "../../src/runtime";
7
7
  import type { PermissionCheckResult } from "../../src/types";
8
8
 
9
9
  // ── SDK stubs ──────────────────────────────────────────────────────────────
@@ -55,43 +55,32 @@ function makePermissionResult(
55
55
  return { state, toolName: "read", source: "tool", origin: "builtin" };
56
56
  }
57
57
 
58
- function makeRuntime(
59
- overrides: Partial<ExtensionRuntime> = {},
60
- ): ExtensionRuntime {
58
+ function makeSession(overrides: Partial<SessionState> = {}): SessionState {
61
59
  return {
62
- agentDir: "/test/agent",
63
- sessionsDir: "/test/agent/sessions",
64
- subagentSessionsDir: "/test/agent/subagent-sessions",
65
- forwardingDir: "/test/agent/sessions/permission-forwarding",
66
- globalLogsDir: "/test/agent/extensions/pi-permission-system/logs",
67
- piInfrastructureDirs: ["/test/agent", "/test/agent/git"],
68
- config: { debugLog: false, permissionReviewLog: true, yoloMode: false },
69
60
  runtimeContext: null,
70
61
  permissionManager: {
71
62
  checkPermission: vi.fn().mockReturnValue(makePermissionResult("allow")),
72
- } as unknown as ExtensionRuntime["permissionManager"],
63
+ } as unknown as SessionState["permissionManager"],
73
64
  activeSkillEntries: [],
74
65
  lastKnownActiveAgentName: null,
75
66
  lastActiveToolsCacheKey: null,
76
67
  lastPromptStateCacheKey: null,
77
- lastConfigWarning: null,
78
68
  sessionRules: {
79
69
  approve: vi.fn(),
80
70
  getRuleset: vi.fn().mockReturnValue([]),
81
71
  clear: vi.fn(),
82
- } as unknown as ExtensionRuntime["sessionRules"],
83
- permissionForwardingContext: null,
84
- permissionForwardingTimer: null,
85
- isProcessingForwardedRequests: false,
86
- writeDebugLog: vi.fn(),
87
- writeReviewLog: vi.fn(),
72
+ } as unknown as SessionState["sessionRules"],
88
73
  ...overrides,
89
- } as ExtensionRuntime;
74
+ };
90
75
  }
91
76
 
92
77
  function makeDeps(overrides: Partial<HandlerDeps> = {}): HandlerDeps {
93
78
  return {
94
- runtime: makeRuntime(),
79
+ session: makeSession(),
80
+ writeDebugLog: vi.fn(),
81
+ writeReviewLog: vi.fn(),
82
+ piInfrastructureDirs: ["/test/agent", "/test/agent/git"],
83
+ getPiInfrastructureReadPaths: vi.fn().mockReturnValue([]),
95
84
  createPermissionManagerForCwd: vi.fn(),
96
85
  refreshExtensionConfig: vi.fn(),
97
86
  notifyWarning: vi.fn(),
@@ -145,7 +134,7 @@ describe("handleToolCall", () => {
145
134
  const ctx = makeCtx();
146
135
  const deps = makeDeps();
147
136
  await handleToolCall(deps, makeToolCallEvent("read"), ctx);
148
- expect(deps.runtime.runtimeContext).toBe(ctx);
137
+ expect(deps.session.runtimeContext).toBe(ctx);
149
138
  });
150
139
 
151
140
  it("starts forwarded permission polling", async () => {
@@ -190,12 +179,12 @@ describe("handleToolCall", () => {
190
179
 
191
180
  it("blocks when tool is denied by policy", async () => {
192
181
  const deps = makeDeps({
193
- runtime: makeRuntime({
182
+ session: makeSession({
194
183
  permissionManager: {
195
184
  checkPermission: vi
196
185
  .fn()
197
186
  .mockReturnValue(makePermissionResult("deny")),
198
- } as unknown as ExtensionRuntime["permissionManager"],
187
+ } as unknown as SessionState["permissionManager"],
199
188
  }),
200
189
  });
201
190
  const result = await handleToolCall(
@@ -220,7 +209,7 @@ describe("handleToolCall — skill-read gate", () => {
220
209
  normalizedBaseDir: "/skills/librarian",
221
210
  };
222
211
  const deps = makeDeps({
223
- runtime: makeRuntime({ activeSkillEntries: [skillEntry] }),
212
+ session: makeSession({ activeSkillEntries: [skillEntry] }),
224
213
  getAllTools: vi.fn().mockReturnValue([{ toolName: "read" }]),
225
214
  });
226
215
  const event = {
@@ -243,7 +232,7 @@ describe("handleToolCall — skill-read gate", () => {
243
232
  normalizedBaseDir: "/skills/librarian",
244
233
  };
245
234
  const deps = makeDeps({
246
- runtime: makeRuntime({ activeSkillEntries: [skillEntry] }),
235
+ session: makeSession({ activeSkillEntries: [skillEntry] }),
247
236
  getAllTools: vi.fn().mockReturnValue([{ toolName: "read" }]),
248
237
  });
249
238
  const event = {
@@ -262,12 +251,12 @@ describe("handleToolCall — skill-read gate", () => {
262
251
  describe("handleToolCall — external-directory gate", () => {
263
252
  it("blocks a read of a path outside cwd when policy is deny", async () => {
264
253
  const deps = makeDeps({
265
- runtime: makeRuntime({
254
+ session: makeSession({
266
255
  permissionManager: {
267
256
  checkPermission: vi
268
257
  .fn()
269
258
  .mockReturnValue(makePermissionResult("deny")),
270
- } as unknown as ExtensionRuntime["permissionManager"],
259
+ } as unknown as SessionState["permissionManager"],
271
260
  }),
272
261
  getAllTools: vi.fn().mockReturnValue([{ name: "read" }]),
273
262
  });
@@ -287,12 +276,12 @@ describe("handleToolCall — external-directory gate", () => {
287
276
  describe("handleToolCall — bash external-directory gate", () => {
288
277
  it("blocks a bash command referencing an external path when policy is deny", async () => {
289
278
  const deps = makeDeps({
290
- runtime: makeRuntime({
279
+ session: makeSession({
291
280
  permissionManager: {
292
281
  checkPermission: vi
293
282
  .fn()
294
283
  .mockReturnValue(makePermissionResult("deny")),
295
- } as unknown as ExtensionRuntime["permissionManager"],
284
+ } as unknown as SessionState["permissionManager"],
296
285
  }),
297
286
  getAllTools: vi.fn().mockReturnValue([{ name: "bash" }]),
298
287
  });