@gotgenes/pi-permission-system 9.2.0 → 10.1.0

package/test/permission-forwarder.test.ts

@@ -0,0 +1,295 @@
+import { mkdirSync, mkdtempSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
+import { afterEach, describe, expect, test, vi } from "vitest";
+
+import {
+  PermissionForwarder,
+  type PermissionForwarderDeps,
+} from "#src/forwarded-permissions/permission-forwarder";
+import { createPermissionForwardingLocation } from "#src/permission-forwarding";
+
+// ── Helpers ───────────────────────────────────────────────────────────────
+
+function makeDeps(
+  overrides: Partial<PermissionForwarderDeps> = {},
+): PermissionForwarderDeps {
+  return {
+    forwardingDir: "/tmp/forwarding",
+    subagentSessionsDir: "/tmp/subagents",
+    logger: { writeReviewLog: vi.fn(), writeDebugLog: vi.fn() },
+    writeReviewLog: vi.fn(),
+    requestPermissionDecisionFromUi: vi
+      .fn()
+      .mockResolvedValue({ approved: true, state: "approved" as const }),
+    shouldAutoApprove: () => false,
+    ...overrides,
+  };
+}
+
+afterEach(() => {
+  vi.unstubAllEnvs();
+});
+
+// ── requestApproval ───────────────────────────────────────────────────────
+
+describe("requestApproval — UI fast path", () => {
+  test("calls requestPermissionDecisionFromUi but does not emit a UI prompt event (the prompter does)", async () => {
+    const events = {
+      emit: vi.fn(),
+      on: vi.fn().mockReturnValue(() => undefined),
+    };
+    const requestPermissionDecisionFromUi = vi
+      .fn()
+      .mockResolvedValue({ approved: true, state: "approved" as const });
+
+    const forwarder = new PermissionForwarder(
+      makeDeps({ events, requestPermissionDecisionFromUi }),
+    );
+
+    await forwarder.requestApproval(
+      {
+        hasUI: true,
+        ui: { select: vi.fn(), input: vi.fn() },
+      } as unknown as ExtensionContext,
+      "Allow git push?",
+    );
+
+    expect(requestPermissionDecisionFromUi).toHaveBeenCalled();
+    expect(events.emit).not.toHaveBeenCalledWith(
+      "permissions:ui_prompt",
+      expect.anything(),
+    );
+  });
+});
+
+describe("requestApproval — non-UI, non-subagent path", () => {
+  test("returns denied without showing a dialog or emitting when there is no active UI", async () => {
+    const events = {
+      emit: vi.fn(),
+      on: vi.fn().mockReturnValue(() => undefined),
+    };
+    const requestPermissionDecisionFromUi = vi.fn();
+
+    const forwarder = new PermissionForwarder(
+      makeDeps({ events, requestPermissionDecisionFromUi }),
+    );
+
+    const result = await forwarder.requestApproval(
+      {
+        hasUI: false,
+        sessionManager: {
+          getSessionDir: vi.fn().mockReturnValue(null),
+        },
+      } as unknown as ExtensionContext,
+      "Allow git push?",
+    );
+
+    expect(result).toEqual({ approved: false, state: "denied" });
+    expect(events.emit).not.toHaveBeenCalledWith(
+      "permissions:ui_prompt",
+      expect.anything(),
+    );
+    expect(requestPermissionDecisionFromUi).not.toHaveBeenCalled();
+  });
+});
+
+// ── processInbox ──────────────────────────────────────────────────────────
+
+describe("processInbox", () => {
+  test("emits a UI prompt event before showing a forwarded permission dialog", async () => {
+    const root = mkdtempSync(join(tmpdir(), "permission-forwarding-"));
+    try {
+      const forwardingDir = join(root, "forwarding");
+      const location = createPermissionForwardingLocation(
+        forwardingDir,
+        "parent-session",
+      );
+      mkdirSync(location.requestsDir, { recursive: true });
+      mkdirSync(location.responsesDir, { recursive: true });
+      writeFileSync(
+        join(location.requestsDir, "req-forwarded.json"),
+        JSON.stringify({
+          id: "req-forwarded",
+          createdAt: Date.now(),
+          requesterSessionId: "child-session",
+          targetSessionId: "parent-session",
+          requesterAgentName: "Explore",
+          message: "Allow git push?",
+        }),
+        "utf-8",
+      );
+
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
+      const requestPermissionDecisionFromUi = vi
+        .fn()
+        .mockResolvedValue({ approved: true, state: "approved" as const });
+
+      const forwarder = new PermissionForwarder(
+        makeDeps({
+          forwardingDir,
+          events,
+          requestPermissionDecisionFromUi,
+        }),
+      );
+
+      await forwarder.processInbox({
+        hasUI: true,
+        ui: { select: vi.fn(), input: vi.fn() },
+        sessionManager: {
+          getSessionId: vi.fn().mockReturnValue("parent-session"),
+        },
+      } as unknown as ExtensionContext);
+
+      expect(events.emit).toHaveBeenCalledWith(
+        "permissions:ui_prompt",
+        expect.objectContaining({
+          requestId: "req-forwarded",
+          source: "tool_call",
+          surface: null,
+          value: null,
+          agentName: "Explore",
+          message: expect.stringContaining("Allow git push?"),
+          forwarding: {
+            requesterAgentName: "Explore",
+            requesterSessionId: "child-session",
+          },
+        }),
+      );
+      expect(requestPermissionDecisionFromUi).toHaveBeenCalled();
+    } finally {
+      rmSync(root, { recursive: true, force: true });
+    }
+  });
+
+  test("emits a non-degraded UI prompt event when the request carries display fields", async () => {
+    const root = mkdtempSync(join(tmpdir(), "permission-forwarding-"));
+    try {
+      const forwardingDir = join(root, "forwarding");
+      const location = createPermissionForwardingLocation(
+        forwardingDir,
+        "parent-session",
+      );
+      mkdirSync(location.requestsDir, { recursive: true });
+      mkdirSync(location.responsesDir, { recursive: true });
+      writeFileSync(
+        join(location.requestsDir, "req-forwarded-rich.json"),
+        JSON.stringify({
+          id: "req-forwarded-rich",
+          createdAt: Date.now(),
+          requesterSessionId: "child-session",
+          targetSessionId: "parent-session",
+          requesterAgentName: "Explore",
+          message: "Allow git push?",
+          source: "tool_call",
+          surface: "bash",
+          value: "git push",
+        }),
+        "utf-8",
+      );
+
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
+      const requestPermissionDecisionFromUi = vi
+        .fn()
+        .mockResolvedValue({ approved: true, state: "approved" as const });
+
+      const forwarder = new PermissionForwarder(
+        makeDeps({
+          forwardingDir,
+          events,
+          requestPermissionDecisionFromUi,
+        }),
+      );
+
+      await forwarder.processInbox({
+        hasUI: true,
+        ui: { select: vi.fn(), input: vi.fn() },
+        sessionManager: {
+          getSessionId: vi.fn().mockReturnValue("parent-session"),
+        },
+      } as unknown as ExtensionContext);
+
+      expect(events.emit).toHaveBeenCalledWith(
+        "permissions:ui_prompt",
+        expect.objectContaining({
+          requestId: "req-forwarded-rich",
+          source: "tool_call",
+          surface: "bash",
+          value: "git push",
+          agentName: "Explore",
+          message: expect.stringContaining("Allow git push?"),
+          forwarding: {
+            requesterAgentName: "Explore",
+            requesterSessionId: "child-session",
+          },
+        }),
+      );
+      expect(requestPermissionDecisionFromUi).toHaveBeenCalled();
+    } finally {
+      rmSync(root, { recursive: true, force: true });
+    }
+  });
+
+  test("does not emit a UI prompt event when forwarded permission auto-approves", async () => {
+    const root = mkdtempSync(join(tmpdir(), "permission-forwarding-"));
+    try {
+      const forwardingDir = join(root, "forwarding");
+      const location = createPermissionForwardingLocation(
+        forwardingDir,
+        "parent-session",
+      );
+      mkdirSync(location.requestsDir, { recursive: true });
+      mkdirSync(location.responsesDir, { recursive: true });
+      writeFileSync(
+        join(location.requestsDir, "req-forwarded-auto.json"),
+        JSON.stringify({
+          id: "req-forwarded-auto",
+          createdAt: Date.now(),
+          requesterSessionId: "child-session",
+          targetSessionId: "parent-session",
+          requesterAgentName: "Explore",
+          message: "Allow git push?",
+        }),
+        "utf-8",
+      );
+
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
+      const requestPermissionDecisionFromUi = vi.fn();
+
+      const forwarder = new PermissionForwarder(
+        makeDeps({
+          forwardingDir,
+          events,
+          requestPermissionDecisionFromUi,
+          shouldAutoApprove: () => true,
+        }),
+      );
+
+      await forwarder.processInbox({
+        hasUI: true,
+        ui: { select: vi.fn(), input: vi.fn() },
+        sessionManager: {
+          getSessionId: vi.fn().mockReturnValue("parent-session"),
+        },
+      } as unknown as ExtensionContext);
+
+      expect(events.emit).not.toHaveBeenCalledWith(
+        "permissions:ui_prompt",
+        expect.anything(),
+      );
+      expect(requestPermissionDecisionFromUi).not.toHaveBeenCalled();
+    } finally {
+      rmSync(root, { recursive: true, force: true });
+    }
+  });
+});

package/test/permission-prompter.test.ts

@@ -1,17 +1,10 @@
 import { beforeEach, describe, expect, it, vi } from "vitest";
 
-// ── Module mocks ────────────────────────────────────────────────────────────
+// ── Injected mock ───────────────────────────────────────────────────────────
 
-const { mockConfirmPermission } = vi.hoisted(() => ({
-  mockConfirmPermission: vi.fn(),
-}));
+const mockRequestApproval = vi.fn();
 
-vi.mock("../src/forwarded-permissions/polling", () => ({
-  confirmPermission: mockConfirmPermission,
-  processForwardedPermissionRequests: vi.fn().mockResolvedValue(undefined),
-}));
-
-// ── Imports (after mocks) ───────────────────────────────────────────────────
+// ── Imports ─────────────────────────────────────────────────────────────────
 
 import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
 import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
@@ -51,11 +44,8 @@ function makeDeps(
   return {
     getConfig: () => ({ ...DEFAULT_EXTENSION_CONFIG, yoloMode: false }),
     writeReviewLog: vi.fn(),
-    subagentSessionsDir: "/sessions/subagents",
-    forwardingDir: "/sessions/permission-forwarding",
-    requestPermissionDecisionFromUi: vi
-      .fn()
-      .mockResolvedValue({ approved: true, state: "approved" }),
+    events: { emit: vi.fn(), on: vi.fn().mockReturnValue(() => undefined) },
+    forwarder: { requestApproval: mockRequestApproval },
     ...overrides,
   };
 }
@@ -64,15 +54,24 @@ function makeDeps(
 
 describe("PermissionPrompter", () => {
   beforeEach(() => {
-    mockConfirmPermission.mockReset();
+    mockRequestApproval.mockReset();
+    mockRequestApproval.mockResolvedValue({
+      approved: true,
+      state: "approved",
+    });
   });
 
   // ── Yolo-mode auto-approve ───────────────────────────────────────────────
 
   describe("yolo-mode auto-approve", () => {
     it("returns approved without calling confirmPermission when yoloMode is true", async () => {
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
       const deps = makeDeps({
         getConfig: () => ({ ...DEFAULT_EXTENSION_CONFIG, yoloMode: true }),
+        events,
       });
       const prompter = new PermissionPrompter(deps);
 
@@ -83,7 +82,11 @@ describe("PermissionPrompter", () => {
         state: "approved",
         autoApproved: true,
       });
-      expect(mockConfirmPermission).not.toHaveBeenCalled();
+      expect(mockRequestApproval).not.toHaveBeenCalled();
+      expect(events.emit).not.toHaveBeenCalledWith(
+        "permissions:ui_prompt",
+        expect.anything(),
+      );
     });
 
     it("logs permission_request.auto_approved in yolo mode", async () => {
@@ -126,7 +129,7 @@ describe("PermissionPrompter", () => {
 
       await prompter.prompt(makeCtx(true), makeDetails());
 
-      expect(mockConfirmPermission).not.toHaveBeenCalled();
+      expect(mockRequestApproval).not.toHaveBeenCalled();
     });
   });
 
@@ -139,7 +142,7 @@ describe("PermissionPrompter", () => {
         approved: true,
         state: "approved",
       };
-      mockConfirmPermission.mockResolvedValue(approved);
+      mockRequestApproval.mockResolvedValue(approved);
       const deps = makeDeps({ writeReviewLog });
       const prompter = new PermissionPrompter(deps);
 
@@ -154,9 +157,93 @@ describe("PermissionPrompter", () => {
       );
     });
 
+    it("emits a UI prompt event with normalized surface and value when the session has UI", async () => {
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
+      mockRequestApproval.mockResolvedValue({
+        approved: true,
+        state: "approved",
+      });
+      const deps = makeDeps({ events });
+      const prompter = new PermissionPrompter(deps);
+
+      await prompter.prompt(
+        makeCtx(true),
+        makeDetails({
+          toolName: "bash",
+          command: "git push",
+          toolInputPreview: "git push",
+        }),
+      );
+
+      expect(events.emit).toHaveBeenCalledWith("permissions:ui_prompt", {
+        requestId: "req-123",
+        source: "tool_call",
+        surface: "bash",
+        value: "git push",
+        agentName: "test-agent",
+        message: "Allow read?",
+        forwarding: null,
+      });
+    });
+
+    it("normalizes skill UI prompt events to the skill surface", async () => {
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
+      mockRequestApproval.mockResolvedValue({
+        approved: true,
+        state: "approved",
+      });
+      const deps = makeDeps({ events });
+      const prompter = new PermissionPrompter(deps);
+
+      await prompter.prompt(
+        makeCtx(true),
+        makeDetails({
+          source: "skill_input",
+          toolName: undefined,
+          skillName: "deploy-helper",
+        }),
+      );
+
+      expect(events.emit).toHaveBeenCalledWith("permissions:ui_prompt", {
+        requestId: "req-123",
+        source: "skill_input",
+        surface: "skill",
+        value: "deploy-helper",
+        agentName: "test-agent",
+        message: "Allow read?",
+        forwarding: null,
+      });
+    });
+
+    it("does not emit a UI prompt event when the session has no UI", async () => {
+      const events = {
+        emit: vi.fn(),
+        on: vi.fn().mockReturnValue(() => undefined),
+      };
+      mockRequestApproval.mockResolvedValue({
+        approved: true,
+        state: "approved",
+      });
+      const deps = makeDeps({ events });
+      const prompter = new PermissionPrompter(deps);
+
+      await prompter.prompt(makeCtx(false), makeDetails());
+
+      expect(events.emit).not.toHaveBeenCalledWith(
+        "permissions:ui_prompt",
+        expect.anything(),
+      );
+    });
+
     it("logs permission_request.approved when confirmPermission returns approved", async () => {
       const writeReviewLog = vi.fn();
-      mockConfirmPermission.mockResolvedValue({
+      mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
@@ -176,7 +263,7 @@ describe("PermissionPrompter", () => {
 
     it("logs permission_request.denied when confirmPermission returns denied", async () => {
       const writeReviewLog = vi.fn();
-      mockConfirmPermission.mockResolvedValue({
+      mockRequestApproval.mockResolvedValue({
         approved: false,
         state: "denied",
       });
@@ -196,7 +283,7 @@ describe("PermissionPrompter", () => {
 
     it("logs permission_request.denied with denialReason when present", async () => {
       const writeReviewLog = vi.fn();
-      mockConfirmPermission.mockResolvedValue({
+      mockRequestApproval.mockResolvedValue({
         approved: false,
         state: "denied_with_reason",
         denialReason: "too sensitive",
@@ -220,7 +307,7 @@ describe("PermissionPrompter", () => {
         state: "denied_with_reason",
         denialReason: "sensitive",
       };
-      mockConfirmPermission.mockResolvedValue(decision);
+      mockRequestApproval.mockResolvedValue(decision);
       const deps = makeDeps();
       const prompter = new PermissionPrompter(deps);
 
@@ -230,7 +317,7 @@ describe("PermissionPrompter", () => {
     });
 
     it("passes sessionLabel option to confirmPermission when present", async () => {
-      mockConfirmPermission.mockResolvedValue({
+      mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
@@ -240,16 +327,38 @@ describe("PermissionPrompter", () => {
 
       await prompter.prompt(makeCtx(true), details);
 
-      expect(mockConfirmPermission).toHaveBeenCalledWith(
+      expect(mockRequestApproval).toHaveBeenCalledWith(
         expect.anything(),
         expect.any(String),
-        expect.anything(),
         { sessionLabel: "Yes, for 'read' tool" },
+        { source: "tool_call", surface: "read", value: "read" },
+      );
+    });
+
+    it("passes the display fields (source/surface/value) to confirmPermission", async () => {
+      mockRequestApproval.mockResolvedValue({
+        approved: true,
+        state: "approved",
+      });
+      const deps = makeDeps();
+      const prompter = new PermissionPrompter(deps);
+      const details = makeDetails({
+        toolName: "bash",
+        command: "git push",
+      });
+
+      await prompter.prompt(makeCtx(false), details);
+
+      expect(mockRequestApproval).toHaveBeenCalledWith(
+        expect.anything(),
+        expect.any(String),
+        undefined,
+        { source: "tool_call", surface: "bash", value: "git push" },
       );
     });
 
     it("passes undefined options to confirmPermission when sessionLabel is absent", async () => {
-      mockConfirmPermission.mockResolvedValue({
+      mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
@@ -258,16 +367,16 @@ describe("PermissionPrompter", () => {
 
       await prompter.prompt(makeCtx(true), makeDetails());
 
-      expect(mockConfirmPermission).toHaveBeenCalledWith(
+      expect(mockRequestApproval).toHaveBeenCalledWith(
         expect.anything(),
         expect.any(String),
-        expect.anything(),
         undefined,
+        { source: "tool_call", surface: "read", value: "read" },
       );
     });
 
     it("passes the message from details to confirmPermission", async () => {
-      mockConfirmPermission.mockResolvedValue({
+      mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
@@ -277,11 +386,11 @@ describe("PermissionPrompter", () => {
 
       await prompter.prompt(makeCtx(true), details);
 
-      expect(mockConfirmPermission).toHaveBeenCalledWith(
+      expect(mockRequestApproval).toHaveBeenCalledWith(
         expect.anything(),
         "Allow bash: git status?",
-        expect.anything(),
         undefined,
+        { source: "tool_call", surface: "read", value: "read" },
       );
     });
   });
@@ -291,7 +400,7 @@ describe("PermissionPrompter", () => {
   describe("review log fields", () => {
     it("includes all standard fields in the waiting log entry", async () => {
       const writeReviewLog = vi.fn();
-      mockConfirmPermission.mockResolvedValue({
+      mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
@@ -328,7 +437,7 @@ describe("PermissionPrompter", () => {
 
     it("uses null for optional fields not present in details", async () => {
       const writeReviewLog = vi.fn();
-      mockConfirmPermission.mockResolvedValue({
+      mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });
@@ -359,13 +468,13 @@ describe("PermissionPrompter", () => {
         approved: true,
         state: "approved",
       };
-      mockConfirmPermission.mockResolvedValue(forwarded);
+      mockRequestApproval.mockResolvedValue(forwarded);
       const deps = makeDeps();
       const prompter = new PermissionPrompter(deps);
 
       await prompter.prompt(makeCtx(false), makeDetails());
 
-      expect(mockConfirmPermission).toHaveBeenCalled();
+      expect(mockRequestApproval).toHaveBeenCalled();
     });
 
     it("returns the decision from confirmPermission in the subagent path", async () => {
@@ -373,7 +482,7 @@ describe("PermissionPrompter", () => {
         approved: false,
         state: "denied",
       };
-      mockConfirmPermission.mockResolvedValue(forwarded);
+      mockRequestApproval.mockResolvedValue(forwarded);
       const deps = makeDeps();
       const prompter = new PermissionPrompter(deps);
 
@@ -384,7 +493,7 @@ describe("PermissionPrompter", () => {
 
     it("logs the outcome when confirmPermission resolves via forwarding", async () => {
       const writeReviewLog = vi.fn();
-      mockConfirmPermission.mockResolvedValue({
+      mockRequestApproval.mockResolvedValue({
         approved: true,
         state: "approved",
       });