@gotgenes/pi-permission-system 8.0.0 → 8.2.0

package/test/scope-merge.test.ts

@@ -0,0 +1,116 @@
+import { describe, expect, it } from "vitest";
+import type { MergedScopes } from "#src/scope-merge";
+import { mergeScopesWithOrigins } from "#src/scope-merge";
+
+describe("mergeScopesWithOrigins", () => {
+  it("returns empty result for empty scopes array", () => {
+    const result: MergedScopes = mergeScopesWithOrigins([]);
+    expect(result.mergedPermission).toEqual({});
+    expect(result.origins.size).toBe(0);
+  });
+
+  it("attributes a string surface value to the contributing scope via the '*' pattern", () => {
+    const result = mergeScopesWithOrigins([
+      ["global", { permission: { bash: "allow" } }],
+    ]);
+    expect(result.mergedPermission).toEqual({ bash: "allow" });
+    expect(result.origins.get("bash")?.get("*")).toBe("global");
+  });
+
+  it("attributes each pattern of an object surface value to the contributing scope", () => {
+    const result = mergeScopesWithOrigins([
+      [
+        "project",
+        { permission: { bash: { "git *": "allow", "npm *": "deny" } } },
+      ],
+    ]);
+    expect(result.mergedPermission).toEqual({
+      bash: { "git *": "allow", "npm *": "deny" },
+    });
+    expect(result.origins.get("bash")?.get("git *")).toBe("project");
+    expect(result.origins.get("bash")?.get("npm *")).toBe("project");
+  });
+
+  it(
+    "shallow-merge: patterns not redefined by the higher scope keep their lower-scope origin;" +
+      " patterns the higher scope defines switch to the higher scope",
+    () => {
+      const result = mergeScopesWithOrigins([
+        [
+          "global",
+          { permission: { bash: { "ls *": "allow", "git *": "allow" } } },
+        ],
+        ["project", { permission: { bash: { "git *": "deny" } } }],
+      ]);
+      expect(result.mergedPermission).toEqual({
+        bash: { "ls *": "allow", "git *": "deny" },
+      });
+      // "ls *" was not touched by project — retains global attribution
+      expect(result.origins.get("bash")?.get("ls *")).toBe("global");
+      // "git *" was overridden by project — switches to project attribution
+      expect(result.origins.get("bash")?.get("git *")).toBe("project");
+    },
+  );
+
+  it("full replacement (string over object): higher scope re-attributes the entire surface to its own origin", () => {
+    const result = mergeScopesWithOrigins([
+      ["global", { permission: { bash: { "ls *": "allow" } } }],
+      ["project", { permission: { bash: "deny" } }],
+    ]);
+    expect(result.mergedPermission).toEqual({ bash: "deny" });
+    // The string value produces a single "*" pattern for the replacing scope
+    expect(result.origins.get("bash")?.get("*")).toBe("project");
+    // The former "ls *" pattern from global is gone — origins are replaced, not merged
+    expect(result.origins.get("bash")?.has("ls *")).toBe(false);
+  });
+
+  it("full replacement (object over string): higher scope re-attributes the entire surface to its own origin", () => {
+    const result = mergeScopesWithOrigins([
+      ["global", { permission: { bash: "ask" } }],
+      ["project", { permission: { bash: { "git *": "deny" } } }],
+    ]);
+    expect(result.mergedPermission).toEqual({ bash: { "git *": "deny" } });
+    // The object value attributes each pattern to the replacing scope
+    expect(result.origins.get("bash")?.get("git *")).toBe("project");
+    // The former "*" attribution from global is gone
+    expect(result.origins.get("bash")?.has("*")).toBe(false);
+  });
+
+  it("applies four-scope precedence in lowest→highest order (global → project → agent → project-agent)", () => {
+    const result = mergeScopesWithOrigins([
+      ["global", { permission: { read: "ask" } }],
+      ["project", { permission: { write: "deny" } }],
+      ["agent", { permission: { bash: "deny" } }],
+      ["project-agent", { permission: { mcp: "allow" } }],
+    ]);
+    expect(result.mergedPermission).toEqual({
+      read: "ask",
+      write: "deny",
+      bash: "deny",
+      mcp: "allow",
+    });
+    expect(result.origins.get("read")?.get("*")).toBe("global");
+    expect(result.origins.get("write")?.get("*")).toBe("project");
+    expect(result.origins.get("bash")?.get("*")).toBe("agent");
+    expect(result.origins.get("mcp")?.get("*")).toBe("project-agent");
+  });
+
+  it("skips scopes with no permission key, contributing nothing to either map", () => {
+    const result = mergeScopesWithOrigins([
+      ["global", {}],
+      ["project", { permission: { bash: "allow" } }],
+    ]);
+    expect(result.mergedPermission).toEqual({ bash: "allow" });
+    expect(result.origins.get("bash")?.get("*")).toBe("project");
+  });
+
+  it("attributes the universal '*' surface like any other (downstream reads origins.get('*')?.get('*') for universalFallbackOrigin)", () => {
+    const result = mergeScopesWithOrigins([
+      ["global", { permission: { "*": "deny" } }],
+      ["project", { permission: { "*": "allow" } }],
+    ]);
+    expect(result.mergedPermission).toEqual({ "*": "allow" });
+    // Both scopes write a string — each is a full replacement; project wins last
+    expect(result.origins.get("*")?.get("*")).toBe("project");
+  });
+});

package/test/session-approval.test.ts

@@ -0,0 +1,75 @@
+import { describe, expect, it } from "vitest";
+
+import { SessionApproval } from "#src/session-approval";
+
+describe("SessionApproval", () => {
+  describe("single", () => {
+    it("stores surface and one pattern", () => {
+      const approval = SessionApproval.single("bash", "git *");
+      expect(approval.surface).toBe("bash");
+      expect(approval.patterns).toEqual(["git *"]);
+    });
+
+    it("representativePattern returns the pattern", () => {
+      const approval = SessionApproval.single("bash", "git *");
+      expect(approval.representativePattern).toBe("git *");
+    });
+
+    it("toGateApproval returns { surface, pattern }", () => {
+      const approval = SessionApproval.single("bash", "git *");
+      expect(approval.toGateApproval()).toEqual({
+        surface: "bash",
+        pattern: "git *",
+      });
+    });
+  });
+
+  describe("multiple", () => {
+    it("stores surface and all patterns", () => {
+      const approval = SessionApproval.multiple("external_directory", [
+        "/outside/a/*",
+        "/outside/b/*",
+      ]);
+      expect(approval.surface).toBe("external_directory");
+      expect(approval.patterns).toEqual(["/outside/a/*", "/outside/b/*"]);
+    });
+
+    it("representativePattern returns the first pattern", () => {
+      const approval = SessionApproval.multiple("external_directory", [
+        "/outside/a/*",
+        "/outside/b/*",
+      ]);
+      expect(approval.representativePattern).toBe("/outside/a/*");
+    });
+
+    it("toGateApproval returns { surface, pattern } using the first pattern", () => {
+      const approval = SessionApproval.multiple("external_directory", [
+        "/outside/a/*",
+        "/outside/b/*",
+      ]);
+      expect(approval.toGateApproval()).toEqual({
+        surface: "external_directory",
+        pattern: "/outside/a/*",
+      });
+    });
+
+    it("defensive copy — mutating the source array does not affect patterns", () => {
+      const source = ["/outside/a/*", "/outside/b/*"];
+      const approval = SessionApproval.multiple("external_directory", source);
+      source.push("/outside/c/*");
+      expect(approval.patterns).toEqual(["/outside/a/*", "/outside/b/*"]);
+    });
+  });
+
+  describe("empty patterns (degenerate case)", () => {
+    it("representativePattern returns undefined", () => {
+      const approval = SessionApproval.multiple("external_directory", []);
+      expect(approval.representativePattern).toBeUndefined();
+    });
+
+    it("toGateApproval returns undefined", () => {
+      const approval = SessionApproval.multiple("external_directory", []);
+      expect(approval.toGateApproval()).toBeUndefined();
+    });
+  });
+});

package/test/session-rules.test.ts

@@ -1,6 +1,7 @@
 import { describe, expect, it } from "vitest";
 
 import { evaluate } from "#src/rule";
+import { SessionApproval } from "#src/session-approval";
 import { deriveApprovalPattern, SessionRules } from "#src/session-rules";
 
 // ── SessionRules ───────────────────────────────────────────────────────────
@@ -66,6 +67,54 @@ describe("SessionRules", () => {
     });
   });
 
+  describe("record", () => {
+    it("records a single-pattern approval as one rule", () => {
+      const rules = new SessionRules();
+      rules.record(SessionApproval.single("bash", "git *"));
+      expect(rules.getRuleset()).toEqual([
+        {
+          surface: "bash",
+          pattern: "git *",
+          action: "allow",
+          layer: "session",
+          origin: "session",
+        },
+      ]);
+    });
+
+    it("records a multi-pattern approval as one rule per pattern", () => {
+      const rules = new SessionRules();
+      rules.record(
+        SessionApproval.multiple("external_directory", [
+          "/outside/a/*",
+          "/outside/b/*",
+        ]),
+      );
+      expect(rules.getRuleset()).toHaveLength(2);
+      expect(rules.getRuleset()[0].pattern).toBe("/outside/a/*");
+      expect(rules.getRuleset()[1].pattern).toBe("/outside/b/*");
+    });
+
+    it("records each rule with the correct surface", () => {
+      const rules = new SessionRules();
+      rules.record(
+        SessionApproval.multiple("external_directory", [
+          "/outside/a/*",
+          "/outside/b/*",
+        ]),
+      );
+      for (const rule of rules.getRuleset()) {
+        expect(rule.surface).toBe("external_directory");
+      }
+    });
+
+    it("records nothing for an empty patterns list", () => {
+      const rules = new SessionRules();
+      rules.record(SessionApproval.multiple("external_directory", []));
+      expect(rules.getRuleset()).toEqual([]);
+    });
+  });
+
   describe("evaluate() integration", () => {
     it("returns allow for a path under an approved directory", () => {
       const session = new SessionRules();

package/test/tool-input-preview.test.ts

@@ -10,22 +10,15 @@ import {
   countTextLines,
   formatCount,
   formatEditInputForPrompt,
-  formatGenericToolInputForLog,
   formatReadInputForPrompt,
-  formatSearchInputForPrompt,
-  formatToolInputForPrompt,
   formatWriteInputForPrompt,
-  getPermissionLogContext,
   getPromptPath,
-  getToolInputPreviewForLog,
-  sanitizeInlineText,
   serializeToolInputPreview,
   TOOL_INPUT_LOG_PREVIEW_MAX_LENGTH,
   TOOL_INPUT_PREVIEW_MAX_LENGTH,
   TOOL_TEXT_SUMMARY_MAX_LENGTH,
   truncateInlineText,
 } from "#src/tool-input-preview";
-import type { PermissionCheckResult } from "#src/types";
 
 const mockedStringify = vi.mocked(safeJsonStringify);
 
@@ -73,29 +66,6 @@ describe("truncateInlineText", () => {
   });
 });
 
-describe("sanitizeInlineText", () => {
-  test("collapses whitespace and trims", () => {
-    expect(sanitizeInlineText("  hello   world  ")).toBe("hello world");
-  });
-
-  test("returns 'empty text' for blank string", () => {
-    expect(sanitizeInlineText("")).toBe("empty text");
-    expect(sanitizeInlineText("   ")).toBe("empty text");
-  });
-
-  test("truncates to default TOOL_TEXT_SUMMARY_MAX_LENGTH", () => {
-    const long = "x".repeat(100);
-    const result = sanitizeInlineText(long);
-    expect(result.length).toBeLessThanOrEqual(TOOL_TEXT_SUMMARY_MAX_LENGTH + 1); // +1 for ellipsis char
-    expect(result).toContain("…");
-  });
-
-  test("respects custom maxLength", () => {
-    const result = sanitizeInlineText("hello world", 5);
-    expect(result).toBe("hello…");
-  });
-});
-
 describe("countTextLines", () => {
   test("returns 0 for empty string", () => {
     expect(countTextLines("")).toBe(0);
@@ -239,33 +209,6 @@ describe("formatReadInputForPrompt", () => {
   });
 });
 
-describe("formatSearchInputForPrompt", () => {
-  test("includes pattern and path", () => {
-    const result = formatSearchInputForPrompt("grep", {
-      pattern: "TODO",
-      path: "/src",
-    });
-    expect(result).toContain("pattern 'TODO'");
-    expect(result).toContain("path '/src'");
-  });
-
-  test("includes glob when present", () => {
-    const result = formatSearchInputForPrompt("find", { glob: "*.ts" });
-    expect(result).toContain("glob '*.ts'");
-  });
-
-  test("uses 'current working directory' for find/grep/ls without path", () => {
-    for (const toolName of ["find", "grep", "ls"]) {
-      const result = formatSearchInputForPrompt(toolName, {});
-      expect(result).toContain("current working directory");
-    }
-  });
-
-  test("returns empty string for other tools with no input", () => {
-    expect(formatSearchInputForPrompt("other", {})).toBe("");
-  });
-});
-
 describe("serializeToolInputPreview", () => {
   test("delegates serialization to safeJsonStringify", () => {
     mockedStringify.mockReturnValue('{"key":"value"}');
@@ -295,190 +238,3 @@ describe("serializeToolInputPreview", () => {
     expect(result).toBe('{ "key": "val" }');
   });
 });
-
-describe("formatToolInputForPrompt", () => {
-  test("dispatches 'edit' to formatEditInputForPrompt", () => {
-    mockedStringify.mockReturnValue(undefined);
-    const result = formatToolInputForPrompt("edit", {
-      path: "/foo.ts",
-      edits: [],
-    });
-    expect(result).toContain("for '/foo.ts'");
-  });
-
-  test("dispatches 'write' to formatWriteInputForPrompt", () => {
-    const result = formatToolInputForPrompt("write", {
-      path: "/out.ts",
-      content: "hi",
-    });
-    expect(result).toContain("for '/out.ts'");
-  });
-
-  test("dispatches 'read' to formatReadInputForPrompt", () => {
-    const result = formatToolInputForPrompt("read", { path: "/src/x.ts" });
-    expect(result).toContain("path '/src/x.ts'");
-  });
-
-  test("dispatches 'find'/'grep'/'ls' to formatSearchInputForPrompt", () => {
-    for (const tool of ["find", "grep", "ls"]) {
-      const result = formatToolInputForPrompt(tool, {});
-      expect(result).toContain("current working directory");
-    }
-  });
-
-  test("falls back to JSON preview for unknown tools", () => {
-    mockedStringify.mockReturnValue('{"x":1}');
-    const result = formatToolInputForPrompt("unknown", { x: 1 });
-    expect(result).toContain('{"x":1}');
-  });
-});
-
-describe("formatGenericToolInputForLog", () => {
-  test("returns undefined when serialization yields empty string", () => {
-    mockedStringify.mockReturnValue(undefined);
-    expect(formatGenericToolInputForLog({})).toBeUndefined();
-  });
-
-  test("returns prefixed input preview", () => {
-    mockedStringify.mockReturnValue('{"k":"v"}');
-    expect(formatGenericToolInputForLog({ k: "v" })).toBe('input {"k":"v"}');
-  });
-
-  test("truncates to TOOL_INPUT_LOG_PREVIEW_MAX_LENGTH", () => {
-    const longJson = `{"k":"${"x".repeat(2000)}"}`;
-    mockedStringify.mockReturnValue(longJson);
-    const result = formatGenericToolInputForLog({});
-    expect(result).toBeDefined();
-    // result is "input " + truncated, so total > TOOL_INPUT_LOG_PREVIEW_MAX_LENGTH by "input ".length
-    const preview = result!.slice("input ".length);
-    expect(preview.length).toBeLessThanOrEqual(
-      TOOL_INPUT_LOG_PREVIEW_MAX_LENGTH + 1,
-    );
-  });
-});
-
-describe("getToolInputPreviewForLog", () => {
-  const pathBearingTools = new Set(["read", "write", "edit"]);
-
-  test("returns undefined for bash tool", () => {
-    const result: PermissionCheckResult = {
-      toolName: "bash",
-      state: "allow",
-      source: "tool",
-      origin: "builtin",
-    };
-    expect(
-      getToolInputPreviewForLog(result, { command: "ls" }, pathBearingTools),
-    ).toBeUndefined();
-  });
-
-  test("returns undefined for mcp tool", () => {
-    const result: PermissionCheckResult = {
-      toolName: "mcp",
-      state: "allow",
-      source: "tool",
-      origin: "builtin",
-    };
-    expect(
-      getToolInputPreviewForLog(result, {}, pathBearingTools),
-    ).toBeUndefined();
-  });
-
-  test("returns undefined for mcp source", () => {
-    const result: PermissionCheckResult = {
-      toolName: "some-server:some-tool",
-      state: "allow",
-      source: "mcp",
-      origin: "builtin",
-    };
-    expect(
-      getToolInputPreviewForLog(result, {}, pathBearingTools),
-    ).toBeUndefined();
-  });
-
-  test("returns path-based preview for path-bearing tools", () => {
-    const result: PermissionCheckResult = {
-      toolName: "read",
-      state: "allow",
-      source: "tool",
-      origin: "builtin",
-    };
-    const preview = getToolInputPreviewForLog(
-      result,
-      { path: "/src/foo.ts" },
-      pathBearingTools,
-    );
-    expect(preview).toContain("/src/foo.ts");
-  });
-
-  test("returns generic JSON preview for non-path-bearing tools", () => {
-    mockedStringify.mockReturnValue('{"n":1}');
-    const result: PermissionCheckResult = {
-      toolName: "task",
-      state: "allow",
-      source: "tool",
-      origin: "builtin",
-    };
-    const preview = getToolInputPreviewForLog(
-      result,
-      { n: 1 },
-      pathBearingTools,
-    );
-    expect(preview).toContain('{"n":1}');
-  });
-});
-
-describe("getPermissionLogContext", () => {
-  const pathBearingTools = new Set(["read", "write", "edit"]);
-
-  test("returns command, target, and toolInputPreview", () => {
-    const result: PermissionCheckResult = {
-      toolName: "bash",
-      state: "allow",
-      source: "tool",
-      origin: "builtin",
-      command: "ls -la",
-    };
-    const ctx = getPermissionLogContext(result, {}, pathBearingTools);
-    expect(ctx.command).toBe("ls -la");
-    expect(ctx.target).toBeUndefined();
-    expect(ctx.toolInputPreview).toBeUndefined();
-  });
-
-  test("includes toolInputPreview for non-bash path-bearing tools", () => {
-    const result: PermissionCheckResult = {
-      toolName: "read",
-      state: "allow",
-      source: "tool",
-      origin: "builtin",
-    };
-    const ctx = getPermissionLogContext(
-      result,
-      { path: "/foo.ts" },
-      pathBearingTools,
-    );
-    expect(ctx.toolInputPreview).toContain("/foo.ts");
-  });
-
-  test("includes origin from check result when present", () => {
-    const result: PermissionCheckResult = {
-      toolName: "read",
-      state: "allow",
-      source: "tool",
-      origin: "project",
-    };
-    const ctx = getPermissionLogContext(result, {}, pathBearingTools);
-    expect(ctx.origin).toBe("project");
-  });
-
-  test("origin is 'builtin' when check result has builtin origin", () => {
-    const result: PermissionCheckResult = {
-      toolName: "read",
-      state: "allow",
-      source: "tool",
-      origin: "builtin",
-    };
-    const ctx = getPermissionLogContext(result, {}, pathBearingTools);
-    expect(ctx.origin).toBe("builtin");
-  });
-});