npm - @gotgenes/pi-permission-system - Versions diffs - 8.2.0 → 8.2.1 - Mend

@gotgenes/pi-permission-system 8.2.0 → 8.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/CHANGELOG.md +7 -0
package/package.json +1 -1
package/src/config-loader.ts +53 -46
package/src/handlers/gates/bash-path-extractor.ts +135 -169
package/src/handlers/gates/bash-token-classification.ts +105 -0
package/test/config-loader.test.ts +82 -0
package/test/handlers/before-agent-start.test.ts +2 -20
package/test/handlers/external-directory-integration.test.ts +43 -81
package/test/handlers/external-directory-session-dedup.test.ts +2 -29
package/test/handlers/gates/bash-path.test.ts +5 -26
package/test/handlers/gates/bash-token-classification.test.ts +241 -0
package/test/handlers/gates/path.test.ts +3 -12
package/test/handlers/gates/runner.test.ts +78 -91
package/test/handlers/input-events.test.ts +42 -95
package/test/handlers/input.test.ts +3 -71
package/test/handlers/lifecycle.test.ts +3 -20
package/test/handlers/tool-call-events.test.ts +30 -127
package/test/handlers/tool-call.test.ts +21 -110
package/test/helpers/gate-fixtures.ts +105 -0
package/test/helpers/handler-fixtures.ts +141 -0
package/test/helpers/manager-harness.ts +51 -0
package/test/permission-session.test.ts +1 -19
package/test/permission-system.test.ts +4 -40

package/test/handlers/tool-call.test.ts CHANGED Viewed

@@ -1,13 +1,13 @@
-import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
 import { describe, expect, it, vi } from "vitest";
-import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
+import { getEventInput } from "#src/handlers/permission-gate-handler";
 import {
-  getEventInput,
-  PermissionGateHandler,
-} from "#src/handlers/permission-gate-handler";
-import type { PermissionSession } from "#src/permission-session";
-import type { ToolRegistry } from "#src/tool-registry";
-import type { PermissionCheckResult } from "#src/types";
+  makeCheckResult,
+  makeCtx,
+  makeHandler,
+  makeToolCallEvent,
+} from "#test/helpers/handler-fixtures";
 // ── SDK stubs ──────────────────────────────────────────────────────────────
 vi.mock("@earendil-works/pi-coding-agent", async (importOriginal) => {
@@ -16,101 +16,6 @@ vi.mock("@earendil-works/pi-coding-agent", async (importOriginal) => {
   return { ...original };
 });
-// ── helpers ────────────────────────────────────────────────────────────────
-function makeCtx(
-  overrides: Partial<ExtensionContext> & { cwd?: string } = {},
-): ExtensionContext {
-  return {
-    cwd: "/test/project",
-    hasUI: true,
-    ui: {
-      setStatus: vi.fn(),
-      notify: vi.fn(),
-      select: vi.fn(),
-      input: vi.fn(),
-    },
-    sessionManager: {
-      getEntries: vi.fn().mockReturnValue([]),
-      getSessionDir: vi.fn().mockReturnValue("/sessions/test"),
-      addEntry: vi.fn(),
-    },
-    ...overrides,
-  } as unknown as ExtensionContext;
-}
-function makeToolCallEvent(
-  toolName: string,
-  extraFields: Record<string, unknown> = {},
-) {
-  return {
-    type: "tool_call",
-    toolCallId: "tc-1",
-    name: toolName,
-    input: {},
-    ...extraFields,
-  };
-}
-function makePermissionResult(
-  state: "allow" | "deny" | "ask",
-): PermissionCheckResult {
-  return { state, toolName: "read", source: "tool", origin: "builtin" };
-}
-function makeSession(
-  overrides: Partial<Record<keyof PermissionSession, unknown>> = {},
-): PermissionSession {
-  return {
-    logger: { debug: vi.fn(), review: vi.fn(), warn: vi.fn() },
-    activate: vi.fn(),
-    resolveAgentName: vi.fn().mockReturnValue(null),
-    checkPermission: vi.fn().mockReturnValue(makePermissionResult("allow")),
-    getToolPermission: vi.fn().mockReturnValue("allow"),
-    getSessionRuleset: vi.fn().mockReturnValue([]),
-    recordSessionApproval: vi.fn(),
-    getActiveSkillEntries: vi.fn().mockReturnValue([]),
-    getInfrastructureDirs: vi
-      .fn()
-      .mockReturnValue(["/test/agent", "/test/agent/git"]),
-    getInfrastructureReadPaths: vi.fn().mockReturnValue([]),
-    config: DEFAULT_EXTENSION_CONFIG,
-    canPrompt: vi.fn().mockReturnValue(true),
-    prompt: vi.fn().mockResolvedValue({ approved: true, state: "approved" }),
-    ...overrides,
-  } as unknown as PermissionSession;
-}
-function makeEvents() {
-  return {
-    emit: vi.fn(),
-    on: vi.fn().mockReturnValue(() => undefined),
-  };
-}
-function makeToolRegistry(overrides: Partial<ToolRegistry> = {}): ToolRegistry {
-  return {
-    getAll: vi.fn().mockReturnValue([{ name: "read" }, { name: "bash" }]),
-    setActive: vi.fn(),
-    ...overrides,
-  };
-}
-function makeHandler(overrides?: {
-  session?: Partial<Record<keyof PermissionSession, unknown>>;
-  toolRegistry?: Partial<ToolRegistry>;
-}): {
-  handler: PermissionGateHandler;
-  session: PermissionSession;
-  toolRegistry: ToolRegistry;
-} {
-  const session = makeSession(overrides?.session);
-  const events = makeEvents();
-  const toolRegistry = makeToolRegistry(overrides?.toolRegistry);
-  const handler = new PermissionGateHandler(session, events, toolRegistry);
-  return { handler, session, toolRegistry };
-}
 // ── getEventInput ──────────────────────────────────────────────────────────
 describe("getEventInput", () => {
@@ -184,7 +89,9 @@ describe("handleToolCall", () => {
   it("blocks when tool is denied by policy", async () => {
     const { handler } = makeHandler({
       session: {
-        checkPermission: vi.fn().mockReturnValue(makePermissionResult("deny")),
+        checkPermission: vi
+          .fn()
+          .mockReturnValue(makeCheckResult({ state: "deny" })),
       },
     });
     const result = await handler.handleToolCall(
@@ -259,7 +166,9 @@ describe("handleToolCall — external-directory gate", () => {
   it("blocks a read of a path outside cwd when policy is deny", async () => {
     const { handler } = makeHandler({
       session: {
-        checkPermission: vi.fn().mockReturnValue(makePermissionResult("deny")),
+        checkPermission: vi
+          .fn()
+          .mockReturnValue(makeCheckResult({ state: "deny" })),
       },
       toolRegistry: {
         getAll: vi.fn().mockReturnValue([{ name: "read" }]),
@@ -282,7 +191,9 @@ describe("handleToolCall — bash external-directory gate", () => {
   it("blocks a bash command referencing an external path when policy is deny", async () => {
     const { handler } = makeHandler({
       session: {
-        checkPermission: vi.fn().mockReturnValue(makePermissionResult("deny")),
+        checkPermission: vi
+          .fn()
+          .mockReturnValue(makeCheckResult({ state: "deny" })),
       },
       toolRegistry: {
         getAll: vi.fn().mockReturnValue([{ name: "bash" }]),
@@ -308,9 +219,9 @@ describe("handleToolCall — path gate (tools)", () => {
       .mockImplementation(
         (surface: string, _input: unknown, _agentName?: string) => {
           if (surface === "path") {
-            return { ...makePermissionResult("deny"), matchedPattern: "*.env" };
+            return makeCheckResult({ state: "deny", matchedPattern: "*.env" });
           }
-          return makePermissionResult("allow");
+          return makeCheckResult();
         },
       );
     const { handler } = makeHandler({
@@ -355,9 +266,9 @@ describe("handleToolCall — bash path gate", () => {
       .mockImplementation(
         (surface: string, _input: unknown, _agentName?: string) => {
           if (surface === "path") {
-            return { ...makePermissionResult("deny"), matchedPattern: "*.env" };
+            return makeCheckResult({ state: "deny", matchedPattern: "*.env" });
           }
-          return makePermissionResult("allow");
+          return makeCheckResult();
         },
       );
     const { handler } = makeHandler({

package/test/helpers/gate-fixtures.ts ADDED Viewed

@@ -0,0 +1,105 @@
+/**
+ * Shared gate-level test fixtures for gate descriptor and runner tests.
+ */
+import { vi } from "vitest";
+import type {
+  GateDescriptor,
+  GateRunnerDeps,
+} from "#src/handlers/gates/descriptor";
+import type { ToolCallContext } from "#src/handlers/gates/types";
+import type { PermissionCheckResult } from "#src/types";
+import { makeCheckResult } from "#test/helpers/handler-fixtures";
+/**
+ * Gate descriptor factory with runner-test defaults.
+ *
+ * Uses deny as the default `denialContext` check result so tests that
+ * verify block paths don't need to override the surface check.
+ */
+export function makeDescriptor(
+  overrides: Partial<GateDescriptor> = {},
+): GateDescriptor {
+  return {
+    surface: "read",
+    input: {},
+    denialContext: {
+      kind: "tool",
+      check: makeCheckResult({ state: "deny", matchedPattern: "*" }),
+    },
+    promptDetails: {
+      source: "tool_call",
+      agentName: null,
+      message: "Allow tool 'read'?",
+      toolCallId: "tc-1",
+      toolName: "read",
+    },
+    logContext: {
+      source: "tool_call",
+      toolCallId: "tc-1",
+      toolName: "read",
+    },
+    decision: {
+      surface: "read",
+      value: "read",
+    },
+    ...overrides,
+  };
+}
+export function makeRunnerDeps(
+  overrides: Partial<GateRunnerDeps> = {},
+): GateRunnerDeps {
+  return {
+    checkPermission: vi
+      .fn()
+      .mockReturnValue(makeCheckResult({ matchedPattern: "*" })),
+    getSessionRuleset: vi.fn().mockReturnValue([]),
+    recordSessionApproval: vi.fn(),
+    writeReviewLog: vi.fn(),
+    emitDecision: vi.fn(),
+    canConfirm: vi.fn().mockReturnValue(true),
+    promptPermission: vi
+      .fn()
+      .mockResolvedValue({ approved: true, state: "approved" }),
+    ...overrides,
+  };
+}
+/**
+ * Tool-call context factory with bash defaults.
+ *
+ * path.test.ts uses different defaults (toolName "read", path input) and
+ * keeps a local wrapper; bash-path.test.ts uses this factory directly.
+ */
+export function makeTcc(
+  overrides: Partial<ToolCallContext> = {},
+): ToolCallContext {
+  return {
+    toolName: "bash",
+    agentName: null,
+    input: { command: "cat .env" },
+    toolCallId: "tc-1",
+    cwd: "/test/project",
+    ...overrides,
+  };
+}
+/**
+ * Path-surface check result factory.
+ *
+ * Shared between bash-path.test.ts and path.test.ts; both use
+ * toolName "path", source "special", origin "global" as defaults.
+ */
+export function makeGateCheckResult(
+  overrides: Partial<PermissionCheckResult> = {},
+): PermissionCheckResult {
+  return {
+    toolName: "path",
+    state: "allow",
+    source: "special",
+    origin: "global",
+    ...overrides,
+  };
+}

package/test/helpers/handler-fixtures.ts ADDED Viewed

@@ -0,0 +1,141 @@
+/**
+ * Shared handler-level test fixtures for PermissionGateHandler tests.
+ *
+ * All factories use override bags so callers can specialize any field
+ * without constructing the full object from scratch.
+ */
+import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
+import { vi } from "vitest";
+import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
+import { PermissionGateHandler } from "#src/handlers/permission-gate-handler";
+import type { PermissionDecisionEvent } from "#src/permission-events";
+import { PERMISSIONS_DECISION_CHANNEL } from "#src/permission-events";
+import type { PermissionSession } from "#src/permission-session";
+import type { ToolRegistry } from "#src/tool-registry";
+import type { PermissionCheckResult } from "#src/types";
+export function makeEvents() {
+  return {
+    emit: vi.fn(),
+    on: vi.fn().mockReturnValue(() => undefined),
+  };
+}
+export function makeCtx(
+  overrides: Partial<ExtensionContext> = {},
+): ExtensionContext {
+  return {
+    cwd: "/test/project",
+    hasUI: true,
+    ui: {
+      setStatus: vi.fn(),
+      notify: vi.fn(),
+      select: vi.fn(),
+      input: vi.fn(),
+    },
+    sessionManager: {
+      getEntries: vi.fn().mockReturnValue([]),
+      getSessionDir: vi.fn().mockReturnValue("/sessions/test"),
+      addEntry: vi.fn(),
+    },
+    ...overrides,
+  } as unknown as ExtensionContext;
+}
+export function makeToolCallEvent(
+  toolName: string,
+  extraFields: Record<string, unknown> = {},
+) {
+  return {
+    type: "tool_call",
+    toolCallId: "tc-1",
+    name: toolName,
+    input: {},
+    ...extraFields,
+  };
+}
+/**
+ * Neutral-default check-result builder.
+ *
+ * Pass exactly the fields the original fixture hard-coded so divergent
+ * defaults across test files are preserved at their call sites.
+ */
+export function makeCheckResult(
+  overrides: Partial<PermissionCheckResult> = {},
+): PermissionCheckResult {
+  return {
+    state: "allow",
+    toolName: "read",
+    source: "tool",
+    origin: "builtin",
+    ...overrides,
+  };
+}
+/**
+ * Full-union session stub.
+ *
+ * Includes every method mocked across handler test files so each file
+ * only needs to override the fields that differ from the defaults.
+ */
+export function makeSession(
+  overrides: Partial<Record<keyof PermissionSession, unknown>> = {},
+): PermissionSession {
+  return {
+    logger: { debug: vi.fn(), review: vi.fn(), warn: vi.fn() },
+    activate: vi.fn(),
+    resolveAgentName: vi.fn().mockReturnValue(null),
+    checkPermission: vi.fn().mockReturnValue(makeCheckResult()),
+    getToolPermission: vi.fn().mockReturnValue("allow"),
+    getSessionRuleset: vi.fn().mockReturnValue([]),
+    recordSessionApproval: vi.fn(),
+    getActiveSkillEntries: vi.fn().mockReturnValue([]),
+    getInfrastructureDirs: vi
+      .fn()
+      .mockReturnValue(["/test/agent", "/test/agent/git"]),
+    getInfrastructureReadPaths: vi.fn().mockReturnValue([]),
+    config: DEFAULT_EXTENSION_CONFIG,
+    canPrompt: vi.fn().mockReturnValue(true),
+    prompt: vi.fn().mockResolvedValue({ approved: true, state: "approved" }),
+    createPermissionRequestId: vi.fn().mockReturnValue("req-id"),
+    ...overrides,
+  } as unknown as PermissionSession;
+}
+export function makeToolRegistry(
+  overrides: Partial<ToolRegistry> = {},
+): ToolRegistry {
+  return {
+    getAll: vi.fn().mockReturnValue([{ name: "read" }, { name: "bash" }]),
+    setActive: vi.fn(),
+    ...overrides,
+  };
+}
+/**
+ * Constructs a PermissionGateHandler with mocked collaborators.
+ *
+ * Returns all collaborators so each test file can destructure only what
+ * it needs — handler, events, session, and toolRegistry are all available.
+ */
+export function makeHandler(overrides?: {
+  session?: Partial<Record<keyof PermissionSession, unknown>>;
+  toolRegistry?: Partial<ToolRegistry>;
+}) {
+  const session = makeSession(overrides?.session);
+  const events = makeEvents();
+  const toolRegistry = makeToolRegistry(overrides?.toolRegistry);
+  const handler = new PermissionGateHandler(session, events, toolRegistry);
+  return { handler, events, session, toolRegistry };
+}
+/** Extract all permissions:decision payloads from the events.emit mock. */
+export function getDecisionEvents(
+  events: ReturnType<typeof makeEvents>,
+): PermissionDecisionEvent[] {
+  return events.emit.mock.calls
+    .filter(([channel]) => channel === PERMISSIONS_DECISION_CHANNEL)
+    .map(([, payload]) => payload as PermissionDecisionEvent);
+}

package/test/helpers/manager-harness.ts ADDED Viewed

@@ -0,0 +1,51 @@
+/**
+ * Filesystem-backed PermissionManager harness for integration tests.
+ *
+ * Writes a real config file and agents directory to a temp directory so
+ * PermissionManager can load them without mocking the file system.
+ */
+import { mkdirSync, mkdtempSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { PermissionManager } from "#src/permission-manager";
+import type { ScopeConfig } from "#src/types";
+export type CreateManagerOptions = {
+  mcpServerNames?: readonly string[];
+};
+export function createManager(
+  config: ScopeConfig,
+  agentFiles: Record<string, string> = {},
+  options: CreateManagerOptions = {},
+) {
+  const baseDir = mkdtempSync(join(tmpdir(), "pi-permission-system-test-"));
+  const globalConfigPath = join(baseDir, "pi-permissions.jsonc");
+  const agentsDir = join(baseDir, "agents");
+  mkdirSync(agentsDir, { recursive: true });
+  writeFileSync(
+    globalConfigPath,
+    `${JSON.stringify(config, null, 2)}\n`,
+    "utf8",
+  );
+  for (const [name, content] of Object.entries(agentFiles)) {
+    writeFileSync(join(agentsDir, `${name}.md`), content, "utf8");
+  }
+  const manager = new PermissionManager({
+    globalConfigPath,
+    agentsDir,
+    mcpServerNames: options.mcpServerNames,
+  });
+  return {
+    manager,
+    globalConfigPath,
+    cleanup: (): void => {
+      rmSync(baseDir, { recursive: true, force: true });
+    },
+  };
+}

package/test/permission-session.test.ts CHANGED Viewed

@@ -39,6 +39,7 @@ import {
 import { SessionApproval } from "#src/session-approval";
 import type { SessionLogger } from "#src/session-logger";
 import type { SkillPromptEntry } from "#src/skill-prompt-sanitizer";
+import { makeCtx } from "#test/helpers/handler-fixtures";
 function makeSkillEntry(
   name: string,
@@ -94,25 +95,6 @@ function makeForwarding(): ForwardingController {
   };
 }
-function makeCtx(overrides: Partial<ExtensionContext> = {}): ExtensionContext {
-  return {
-    cwd: "/test/project",
-    hasUI: true,
-    ui: {
-      setStatus: vi.fn(),
-      notify: vi.fn(),
-      select: vi.fn(),
-      input: vi.fn(),
-    },
-    sessionManager: {
-      getEntries: vi.fn().mockReturnValue([]),
-      getSessionDir: vi.fn().mockReturnValue("/sessions/test"),
-      addEntry: vi.fn(),
-    },
-    ...overrides,
-  } as unknown as ExtensionContext;
-}
 function makePermissionManager(
   overrides: Partial<PermissionManager> = {},
 ): PermissionManager {

package/test/permission-system.test.ts CHANGED Viewed

@@ -9,7 +9,6 @@ import {
 import { homedir, tmpdir } from "node:os";
 import { dirname, join, resolve } from "node:path";
 import { expect, test } from "vitest";
 import {
   createActiveToolsCacheKey,
   createBeforeAgentStartPromptStateKey,
@@ -47,45 +46,10 @@ import {
   canResolveAskPermissionRequest,
   shouldAutoApprovePermissionState,
 } from "#src/yolo-mode";
-type CreateManagerOptions = {
-  mcpServerNames?: readonly string[];
-};
-function createManager(
-  config: ScopeConfig,
-  agentFiles: Record<string, string> = {},
-  options: CreateManagerOptions = {},
-) {
-  const baseDir = mkdtempSync(join(tmpdir(), "pi-permission-system-test-"));
-  const globalConfigPath = join(baseDir, "pi-permissions.jsonc");
-  const agentsDir = join(baseDir, "agents");
-  mkdirSync(agentsDir, { recursive: true });
-  writeFileSync(
-    globalConfigPath,
-    `${JSON.stringify(config, null, 2)}\n`,
-    "utf8",
-  );
-  for (const [name, content] of Object.entries(agentFiles)) {
-    writeFileSync(join(agentsDir, `${name}.md`), content, "utf8");
-  }
-  const manager = new PermissionManager({
-    globalConfigPath,
-    agentsDir,
-    mcpServerNames: options.mcpServerNames,
-  });
-  return {
-    manager,
-    globalConfigPath,
-    cleanup: (): void => {
-      rmSync(baseDir, { recursive: true, force: true });
-    },
-  };
-}
+import {
+  type CreateManagerOptions,
+  createManager,
+} from "#test/helpers/manager-harness";
 type MockHandler = (
   event: Record<string, unknown>,