@happy-creative/iroder 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.qwen/settings.json +8 -0
- package/.qwen/settings.json.orig +7 -0
- package/AGENTS.md +69 -0
- package/BUN_SHELL_MIGRATION_PLAN.md +136 -0
- package/Dockerfile +20 -0
- package/README.md +15 -0
- package/bin/iroder +182 -0
- package/docker-compose.iroder.yml +18 -0
- package/drizzle.config.ts +10 -0
- package/git +0 -0
- package/migration/20260127222353_familiar_lady_ursula/migration.sql +90 -0
- package/migration/20260127222353_familiar_lady_ursula/snapshot.json +796 -0
- package/migration/20260211171708_add_project_commands/migration.sql +1 -0
- package/migration/20260211171708_add_project_commands/snapshot.json +806 -0
- package/migration/20260213144116_wakeful_the_professor/migration.sql +11 -0
- package/migration/20260213144116_wakeful_the_professor/snapshot.json +897 -0
- package/migration/20260225215848_workspace/migration.sql +7 -0
- package/migration/20260225215848_workspace/snapshot.json +959 -0
- package/migration/20260227213759_add_session_workspace_id/migration.sql +2 -0
- package/migration/20260227213759_add_session_workspace_id/snapshot.json +983 -0
- package/migration/20260228203230_blue_harpoon/migration.sql +17 -0
- package/migration/20260228203230_blue_harpoon/snapshot.json +1102 -0
- package/migration/20260303231226_add_workspace_fields/migration.sql +5 -0
- package/migration/20260303231226_add_workspace_fields/snapshot.json +1013 -0
- package/migration/20260309230000_move_org_to_state/migration.sql +3 -0
- package/migration/20260309230000_move_org_to_state/snapshot.json +1156 -0
- package/migration/20260312043431_session_message_cursor/migration.sql +4 -0
- package/migration/20260312043431_session_message_cursor/snapshot.json +1168 -0
- package/migration/20260323234822_events/migration.sql +13 -0
- package/migration/20260323234822_events/snapshot.json +1271 -0
- package/package.json +180 -0
- package/parsers-config.ts +290 -0
- package/script/build-node.ts +60 -0
- package/script/build.ts +281 -0
- package/script/check-migrations.ts +16 -0
- package/script/e2e-local-real-key.ts +197 -0
- package/script/fix-node-pty.ts +28 -0
- package/script/postinstall.mjs +131 -0
- package/script/publish-all.sh +68 -0
- package/script/publish.ts +181 -0
- package/script/schema.ts +63 -0
- package/script/seed-e2e.ts +60 -0
- package/script/upgrade-opentui.ts +64 -0
- package/specs/effect-migration.md +310 -0
- package/specs/tui-plugins.md +436 -0
- package/specs/v2/keymappings.md +10 -0
- package/specs/v2/message-shape.md +136 -0
- package/src/account/account.sql.ts +39 -0
- package/src/account/index.ts +488 -0
- package/src/account/repo.ts +166 -0
- package/src/account/schema.ts +119 -0
- package/src/account/url.ts +8 -0
- package/src/acp/README.md +174 -0
- package/src/acp/agent.ts +1847 -0
- package/src/acp/session.ts +116 -0
- package/src/acp/types.ts +24 -0
- package/src/agent/agent.ts +422 -0
- package/src/agent/generate.txt +75 -0
- package/src/agent/prompt/compaction.txt +15 -0
- package/src/agent/prompt/explore.txt +18 -0
- package/src/agent/prompt/summary.txt +11 -0
- package/src/agent/prompt/title.txt +44 -0
- package/src/auth/index.ts +110 -0
- package/src/bus/bus-event.ts +40 -0
- package/src/bus/global.ts +10 -0
- package/src/bus/index.ts +185 -0
- package/src/cli/bootstrap.ts +17 -0
- package/src/cli/cmd/account.ts +257 -0
- package/src/cli/cmd/acp.ts +72 -0
- package/src/cli/cmd/agent.ts +245 -0
- package/src/cli/cmd/cmd.ts +7 -0
- package/src/cli/cmd/db.ts +120 -0
- package/src/cli/cmd/debug/agent.ts +170 -0
- package/src/cli/cmd/debug/config.ts +16 -0
- package/src/cli/cmd/debug/file.ts +97 -0
- package/src/cli/cmd/debug/index.ts +48 -0
- package/src/cli/cmd/debug/lsp.ts +53 -0
- package/src/cli/cmd/debug/ripgrep.ts +87 -0
- package/src/cli/cmd/debug/scrap.ts +16 -0
- package/src/cli/cmd/debug/skill.ts +16 -0
- package/src/cli/cmd/debug/snapshot.ts +52 -0
- package/src/cli/cmd/export.ts +89 -0
- package/src/cli/cmd/generate.ts +38 -0
- package/src/cli/cmd/github.ts +1647 -0
- package/src/cli/cmd/import.ts +207 -0
- package/src/cli/cmd/mcp.ts +754 -0
- package/src/cli/cmd/models.ts +78 -0
- package/src/cli/cmd/plug.ts +233 -0
- package/src/cli/cmd/pr.ts +127 -0
- package/src/cli/cmd/providers.ts +480 -0
- package/src/cli/cmd/run.ts +692 -0
- package/src/cli/cmd/serve.ts +23 -0
- package/src/cli/cmd/session.ts +159 -0
- package/src/cli/cmd/stats.ts +410 -0
- package/src/cli/cmd/tui/app.tsx +940 -0
- package/src/cli/cmd/tui/attach.ts +88 -0
- package/src/cli/cmd/tui/component/border.tsx +21 -0
- package/src/cli/cmd/tui/component/dialog-agent.tsx +31 -0
- package/src/cli/cmd/tui/component/dialog-command.tsx +171 -0
- package/src/cli/cmd/tui/component/dialog-console-org.tsx +103 -0
- package/src/cli/cmd/tui/component/dialog-go-upsell.tsx +100 -0
- package/src/cli/cmd/tui/component/dialog-mcp.tsx +86 -0
- package/src/cli/cmd/tui/component/dialog-model.tsx +183 -0
- package/src/cli/cmd/tui/component/dialog-provider.tsx +360 -0
- package/src/cli/cmd/tui/component/dialog-session-list.tsx +108 -0
- package/src/cli/cmd/tui/component/dialog-session-rename.tsx +31 -0
- package/src/cli/cmd/tui/component/dialog-skill.tsx +36 -0
- package/src/cli/cmd/tui/component/dialog-stash.tsx +87 -0
- package/src/cli/cmd/tui/component/dialog-status.tsx +168 -0
- package/src/cli/cmd/tui/component/dialog-tag.tsx +44 -0
- package/src/cli/cmd/tui/component/dialog-theme-list.tsx +50 -0
- package/src/cli/cmd/tui/component/dialog-variant.tsx +39 -0
- package/src/cli/cmd/tui/component/dialog-workspace-list.tsx +320 -0
- package/src/cli/cmd/tui/component/error-component.tsx +93 -0
- package/src/cli/cmd/tui/component/logo.tsx +85 -0
- package/src/cli/cmd/tui/component/plugin-route-missing.tsx +14 -0
- package/src/cli/cmd/tui/component/prompt/autocomplete.tsx +672 -0
- package/src/cli/cmd/tui/component/prompt/frecency.tsx +90 -0
- package/src/cli/cmd/tui/component/prompt/history.tsx +108 -0
- package/src/cli/cmd/tui/component/prompt/index.tsx +1261 -0
- package/src/cli/cmd/tui/component/prompt/part.ts +16 -0
- package/src/cli/cmd/tui/component/prompt/stash.tsx +101 -0
- package/src/cli/cmd/tui/component/spinner.tsx +24 -0
- package/src/cli/cmd/tui/component/startup-loading.tsx +63 -0
- package/src/cli/cmd/tui/component/textarea-keybindings.ts +73 -0
- package/src/cli/cmd/tui/component/todo-item.tsx +32 -0
- package/src/cli/cmd/tui/component/workspace/dialog-session-list.tsx +151 -0
- package/src/cli/cmd/tui/context/args.tsx +15 -0
- package/src/cli/cmd/tui/context/directory.ts +13 -0
- package/src/cli/cmd/tui/context/exit.tsx +60 -0
- package/src/cli/cmd/tui/context/helper.tsx +25 -0
- package/src/cli/cmd/tui/context/keybind.tsx +105 -0
- package/src/cli/cmd/tui/context/kv.tsx +52 -0
- package/src/cli/cmd/tui/context/local.tsx +412 -0
- package/src/cli/cmd/tui/context/plugin-keybinds.ts +41 -0
- package/src/cli/cmd/tui/context/prompt.tsx +18 -0
- package/src/cli/cmd/tui/context/route.tsx +52 -0
- package/src/cli/cmd/tui/context/sdk.tsx +115 -0
- package/src/cli/cmd/tui/context/sync.tsx +516 -0
- package/src/cli/cmd/tui/context/theme/aura.json +69 -0
- package/src/cli/cmd/tui/context/theme/ayu.json +80 -0
- package/src/cli/cmd/tui/context/theme/carbonfox.json +248 -0
- package/src/cli/cmd/tui/context/theme/catppuccin-frappe.json +233 -0
- package/src/cli/cmd/tui/context/theme/catppuccin-macchiato.json +233 -0
- package/src/cli/cmd/tui/context/theme/catppuccin.json +112 -0
- package/src/cli/cmd/tui/context/theme/cobalt2.json +228 -0
- package/src/cli/cmd/tui/context/theme/cursor.json +249 -0
- package/src/cli/cmd/tui/context/theme/dracula.json +219 -0
- package/src/cli/cmd/tui/context/theme/everforest.json +241 -0
- package/src/cli/cmd/tui/context/theme/flexoki.json +237 -0
- package/src/cli/cmd/tui/context/theme/github.json +233 -0
- package/src/cli/cmd/tui/context/theme/gruvbox.json +242 -0
- package/src/cli/cmd/tui/context/theme/iroder.json +245 -0
- package/src/cli/cmd/tui/context/theme/kanagawa.json +77 -0
- package/src/cli/cmd/tui/context/theme/lucent-orng.json +237 -0
- package/src/cli/cmd/tui/context/theme/material.json +235 -0
- package/src/cli/cmd/tui/context/theme/matrix.json +77 -0
- package/src/cli/cmd/tui/context/theme/mercury.json +252 -0
- package/src/cli/cmd/tui/context/theme/monokai.json +221 -0
- package/src/cli/cmd/tui/context/theme/nightowl.json +221 -0
- package/src/cli/cmd/tui/context/theme/nord.json +223 -0
- package/src/cli/cmd/tui/context/theme/one-dark.json +84 -0
- package/src/cli/cmd/tui/context/theme/opencode.json +245 -0
- package/src/cli/cmd/tui/context/theme/orng.json +249 -0
- package/src/cli/cmd/tui/context/theme/osaka-jade.json +93 -0
- package/src/cli/cmd/tui/context/theme/palenight.json +222 -0
- package/src/cli/cmd/tui/context/theme/rosepine.json +234 -0
- package/src/cli/cmd/tui/context/theme/solarized.json +223 -0
- package/src/cli/cmd/tui/context/theme/synthwave84.json +226 -0
- package/src/cli/cmd/tui/context/theme/tokyonight.json +243 -0
- package/src/cli/cmd/tui/context/theme/vercel.json +245 -0
- package/src/cli/cmd/tui/context/theme/vesper.json +218 -0
- package/src/cli/cmd/tui/context/theme/zenburn.json +223 -0
- package/src/cli/cmd/tui/context/theme.tsx +1236 -0
- package/src/cli/cmd/tui/context/tui-config.tsx +9 -0
- package/src/cli/cmd/tui/event.ts +49 -0
- package/src/cli/cmd/tui/feature-plugins/home/footer.tsx +93 -0
- package/src/cli/cmd/tui/feature-plugins/home/tips-view.tsx +155 -0
- package/src/cli/cmd/tui/feature-plugins/home/tips.tsx +50 -0
- package/src/cli/cmd/tui/feature-plugins/sidebar/context.tsx +63 -0
- package/src/cli/cmd/tui/feature-plugins/sidebar/files.tsx +62 -0
- package/src/cli/cmd/tui/feature-plugins/sidebar/footer.tsx +93 -0
- package/src/cli/cmd/tui/feature-plugins/sidebar/lsp.tsx +66 -0
- package/src/cli/cmd/tui/feature-plugins/sidebar/mcp.tsx +96 -0
- package/src/cli/cmd/tui/feature-plugins/sidebar/todo.tsx +48 -0
- package/src/cli/cmd/tui/feature-plugins/system/plugins.tsx +270 -0
- package/src/cli/cmd/tui/plugin/api.tsx +397 -0
- package/src/cli/cmd/tui/plugin/index.ts +3 -0
- package/src/cli/cmd/tui/plugin/internal.ts +27 -0
- package/src/cli/cmd/tui/plugin/runtime.ts +1031 -0
- package/src/cli/cmd/tui/plugin/slots.tsx +60 -0
- package/src/cli/cmd/tui/routes/home.tsx +84 -0
- package/src/cli/cmd/tui/routes/session/dialog-fork-from-timeline.tsx +65 -0
- package/src/cli/cmd/tui/routes/session/dialog-message.tsx +110 -0
- package/src/cli/cmd/tui/routes/session/dialog-subagent.tsx +26 -0
- package/src/cli/cmd/tui/routes/session/dialog-timeline.tsx +47 -0
- package/src/cli/cmd/tui/routes/session/footer.tsx +91 -0
- package/src/cli/cmd/tui/routes/session/index.tsx +2281 -0
- package/src/cli/cmd/tui/routes/session/permission.tsx +691 -0
- package/src/cli/cmd/tui/routes/session/question.tsx +468 -0
- package/src/cli/cmd/tui/routes/session/sidebar.tsx +74 -0
- package/src/cli/cmd/tui/routes/session/subagent-footer.tsx +131 -0
- package/src/cli/cmd/tui/thread.ts +241 -0
- package/src/cli/cmd/tui/ui/dialog-alert.tsx +59 -0
- package/src/cli/cmd/tui/ui/dialog-confirm.tsx +89 -0
- package/src/cli/cmd/tui/ui/dialog-export-options.tsx +211 -0
- package/src/cli/cmd/tui/ui/dialog-help.tsx +40 -0
- package/src/cli/cmd/tui/ui/dialog-prompt.tsx +115 -0
- package/src/cli/cmd/tui/ui/dialog-select.tsx +417 -0
- package/src/cli/cmd/tui/ui/dialog.tsx +192 -0
- package/src/cli/cmd/tui/ui/link.tsx +28 -0
- package/src/cli/cmd/tui/ui/spinner.ts +368 -0
- package/src/cli/cmd/tui/ui/toast.tsx +100 -0
- package/src/cli/cmd/tui/util/clipboard.ts +192 -0
- package/src/cli/cmd/tui/util/editor.ts +37 -0
- package/src/cli/cmd/tui/util/model.ts +23 -0
- package/src/cli/cmd/tui/util/provider-origin.ts +7 -0
- package/src/cli/cmd/tui/util/scroll.ts +23 -0
- package/src/cli/cmd/tui/util/selection.ts +25 -0
- package/src/cli/cmd/tui/util/signal.ts +7 -0
- package/src/cli/cmd/tui/util/terminal.ts +114 -0
- package/src/cli/cmd/tui/util/transcript.ts +112 -0
- package/src/cli/cmd/tui/win32.ts +129 -0
- package/src/cli/cmd/tui/worker.ts +195 -0
- package/src/cli/cmd/uninstall.ts +353 -0
- package/src/cli/cmd/upgrade.ts +73 -0
- package/src/cli/cmd/web.ts +83 -0
- package/src/cli/commands.ts +58 -0
- package/src/cli/effect/prompt.ts +25 -0
- package/src/cli/error.ts +50 -0
- package/src/cli/heap.ts +59 -0
- package/src/cli/llm-ready.ts +22 -0
- package/src/cli/logo.ts +8 -0
- package/src/cli/network.ts +60 -0
- package/src/cli/ui.ts +132 -0
- package/src/cli/upgrade.ts +31 -0
- package/src/command/index.ts +195 -0
- package/src/command/template/initialize.txt +66 -0
- package/src/command/template/review.txt +101 -0
- package/src/config/config.ts +1659 -0
- package/src/config/console-state.ts +15 -0
- package/src/config/markdown.ts +99 -0
- package/src/config/paths.ts +167 -0
- package/src/config/tui-migrate.ts +156 -0
- package/src/config/tui-schema.ts +37 -0
- package/src/config/tui.ts +179 -0
- package/src/control-plane/adaptors/index.ts +23 -0
- package/src/control-plane/adaptors/remote-acp.ts +35 -0
- package/src/control-plane/adaptors/remote-http.ts +35 -0
- package/src/control-plane/adaptors/worktree.ts +42 -0
- package/src/control-plane/schema.ts +17 -0
- package/src/control-plane/sse.ts +66 -0
- package/src/control-plane/types.ts +32 -0
- package/src/control-plane/workspace.sql.ts +17 -0
- package/src/control-plane/workspace.ts +169 -0
- package/src/effect/cross-spawn-spawner.ts +502 -0
- package/src/effect/instance-ref.ts +6 -0
- package/src/effect/instance-registry.ts +12 -0
- package/src/effect/instance-state.ts +82 -0
- package/src/effect/oltp.ts +34 -0
- package/src/effect/run-service.ts +34 -0
- package/src/effect/runner.ts +216 -0
- package/src/env/index.ts +28 -0
- package/src/file/ignore.ts +82 -0
- package/src/file/index.ts +686 -0
- package/src/file/protected.ts +59 -0
- package/src/file/ripgrep.ts +376 -0
- package/src/file/time.ts +133 -0
- package/src/file/watcher.ts +171 -0
- package/src/filesystem/index.ts +236 -0
- package/src/flag/flag.ts +171 -0
- package/src/format/formatter.ts +413 -0
- package/src/format/index.ts +203 -0
- package/src/git/index.ts +303 -0
- package/src/global/index.ts +54 -0
- package/src/id/id.ts +85 -0
- package/src/ide/index.ts +74 -0
- package/src/index.ts +202 -0
- package/src/installation/index.ts +356 -0
- package/src/installation/meta.ts +7 -0
- package/src/lsp/client.ts +252 -0
- package/src/lsp/index.ts +558 -0
- package/src/lsp/language.ts +120 -0
- package/src/lsp/launch.ts +21 -0
- package/src/lsp/server.ts +1968 -0
- package/src/mcp/auth.ts +173 -0
- package/src/mcp/index.ts +921 -0
- package/src/mcp/oauth-callback.ts +216 -0
- package/src/mcp/oauth-provider.ts +186 -0
- package/src/node.ts +6 -0
- package/src/npm/index.ts +188 -0
- package/src/patch/index.ts +680 -0
- package/src/permission/arity.ts +163 -0
- package/src/permission/evaluate.ts +15 -0
- package/src/permission/index.ts +325 -0
- package/src/permission/schema.ts +17 -0
- package/src/plugin/cloudflare.ts +67 -0
- package/src/plugin/codex.ts +608 -0
- package/src/plugin/github-copilot/copilot.ts +361 -0
- package/src/plugin/github-copilot/models.ts +144 -0
- package/src/plugin/index.ts +293 -0
- package/src/plugin/install.ts +439 -0
- package/src/plugin/loader.ts +174 -0
- package/src/plugin/meta.ts +188 -0
- package/src/plugin/shared.ts +323 -0
- package/src/project/bootstrap.ts +31 -0
- package/src/project/instance.ts +175 -0
- package/src/project/project.sql.ts +16 -0
- package/src/project/project.ts +519 -0
- package/src/project/schema.ts +16 -0
- package/src/project/state.ts +70 -0
- package/src/project/vcs.ts +254 -0
- package/src/provider/auth.ts +253 -0
- package/src/provider/error.ts +197 -0
- package/src/provider/models.ts +159 -0
- package/src/provider/provider.ts +1748 -0
- package/src/provider/schema.ts +38 -0
- package/src/provider/sdk/copilot/README.md +5 -0
- package/src/provider/sdk/copilot/chat/convert-to-openai-compatible-chat-messages.ts +170 -0
- package/src/provider/sdk/copilot/chat/get-response-metadata.ts +15 -0
- package/src/provider/sdk/copilot/chat/map-openai-compatible-finish-reason.ts +19 -0
- package/src/provider/sdk/copilot/chat/openai-compatible-api-types.ts +64 -0
- package/src/provider/sdk/copilot/chat/openai-compatible-chat-language-model.ts +815 -0
- package/src/provider/sdk/copilot/chat/openai-compatible-chat-options.ts +28 -0
- package/src/provider/sdk/copilot/chat/openai-compatible-metadata-extractor.ts +44 -0
- package/src/provider/sdk/copilot/chat/openai-compatible-prepare-tools.ts +83 -0
- package/src/provider/sdk/copilot/copilot-provider.ts +100 -0
- package/src/provider/sdk/copilot/index.ts +2 -0
- package/src/provider/sdk/copilot/openai-compatible-error.ts +27 -0
- package/src/provider/sdk/copilot/responses/convert-to-openai-responses-input.ts +335 -0
- package/src/provider/sdk/copilot/responses/map-openai-responses-finish-reason.ts +22 -0
- package/src/provider/sdk/copilot/responses/openai-config.ts +18 -0
- package/src/provider/sdk/copilot/responses/openai-error.ts +22 -0
- package/src/provider/sdk/copilot/responses/openai-responses-api-types.ts +214 -0
- package/src/provider/sdk/copilot/responses/openai-responses-language-model.ts +1769 -0
- package/src/provider/sdk/copilot/responses/openai-responses-prepare-tools.ts +173 -0
- package/src/provider/sdk/copilot/responses/openai-responses-settings.ts +1 -0
- package/src/provider/sdk/copilot/responses/tool/code-interpreter.ts +87 -0
- package/src/provider/sdk/copilot/responses/tool/file-search.ts +127 -0
- package/src/provider/sdk/copilot/responses/tool/image-generation.ts +114 -0
- package/src/provider/sdk/copilot/responses/tool/local-shell.ts +64 -0
- package/src/provider/sdk/copilot/responses/tool/web-search-preview.ts +103 -0
- package/src/provider/sdk/copilot/responses/tool/web-search.ts +102 -0
- package/src/provider/transform.ts +1051 -0
- package/src/pty/index.ts +397 -0
- package/src/pty/pty.bun.ts +26 -0
- package/src/pty/pty.node.ts +27 -0
- package/src/pty/pty.ts +25 -0
- package/src/pty/schema.ts +17 -0
- package/src/question/index.ts +224 -0
- package/src/question/schema.ts +17 -0
- package/src/runtime/adapters/acp/index.ts +127 -0
- package/src/runtime/adapters/local/index.ts +6 -0
- package/src/runtime/core/agent.ts +13 -0
- package/src/runtime/core/mcp.ts +10 -0
- package/src/runtime/core/ports.ts +16 -0
- package/src/runtime/core/service.ts +19 -0
- package/src/runtime/core/session-summarize.ts +52 -0
- package/src/runtime/core/session.ts +110 -0
- package/src/runtime/core/skill.ts +10 -0
- package/src/runtime/core/transport.ts +10 -0
- package/src/runtime/factory.ts +20 -0
- package/src/runtime/ports.ts +74 -0
- package/src/server/error.ts +36 -0
- package/src/server/event.ts +7 -0
- package/src/server/instance.ts +322 -0
- package/src/server/mdns.ts +60 -0
- package/src/server/middleware.ts +33 -0
- package/src/server/projectors.ts +28 -0
- package/src/server/proxy.ts +134 -0
- package/src/server/router.ts +161 -0
- package/src/server/routes/config.ts +92 -0
- package/src/server/routes/event.ts +83 -0
- package/src/server/routes/experimental.ts +379 -0
- package/src/server/routes/file.ts +197 -0
- package/src/server/routes/global.ts +312 -0
- package/src/server/routes/mcp.ts +226 -0
- package/src/server/routes/permission.ts +69 -0
- package/src/server/routes/project.ts +118 -0
- package/src/server/routes/provider.ts +171 -0
- package/src/server/routes/pty.ts +210 -0
- package/src/server/routes/question.ts +99 -0
- package/src/server/routes/session.ts +1011 -0
- package/src/server/routes/tui.ts +379 -0
- package/src/server/routes/workspace.ts +94 -0
- package/src/server/server.ts +367 -0
- package/src/session/compaction.ts +425 -0
- package/src/session/index.ts +887 -0
- package/src/session/instruction.ts +258 -0
- package/src/session/llm.ts +412 -0
- package/src/session/message-v2.ts +1038 -0
- package/src/session/message.ts +191 -0
- package/src/session/overflow.ts +22 -0
- package/src/session/processor.ts +515 -0
- package/src/session/projectors.ts +135 -0
- package/src/session/prompt/anthropic.txt +105 -0
- package/src/session/prompt/beast.txt +147 -0
- package/src/session/prompt/build-switch.txt +5 -0
- package/src/session/prompt/codex.txt +79 -0
- package/src/session/prompt/copilot-gpt-5.txt +143 -0
- package/src/session/prompt/default.txt +105 -0
- package/src/session/prompt/gemini.txt +155 -0
- package/src/session/prompt/gpt.txt +107 -0
- package/src/session/prompt/kimi.txt +95 -0
- package/src/session/prompt/max-steps.txt +16 -0
- package/src/session/prompt/plan-reminder-anthropic.txt +67 -0
- package/src/session/prompt/plan.txt +26 -0
- package/src/session/prompt/trinity.txt +97 -0
- package/src/session/prompt.ts +1908 -0
- package/src/session/retry.ts +123 -0
- package/src/session/revert.ts +176 -0
- package/src/session/schema.ts +38 -0
- package/src/session/session.sql.ts +103 -0
- package/src/session/status.ts +102 -0
- package/src/session/summary.ts +177 -0
- package/src/session/system.ts +76 -0
- package/src/session/todo.ts +95 -0
- package/src/share/share-next.ts +370 -0
- package/src/share/share.sql.ts +13 -0
- package/src/shell/shell.ts +110 -0
- package/src/skill/discovery.ts +116 -0
- package/src/skill/index.ts +289 -0
- package/src/snapshot/index.ts +723 -0
- package/src/sql.d.ts +4 -0
- package/src/storage/db.bun.ts +8 -0
- package/src/storage/db.node.ts +8 -0
- package/src/storage/db.ts +174 -0
- package/src/storage/json-migration.ts +425 -0
- package/src/storage/schema.sql.ts +10 -0
- package/src/storage/schema.ts +5 -0
- package/src/storage/storage.ts +353 -0
- package/src/sync/README.md +179 -0
- package/src/sync/event.sql.ts +16 -0
- package/src/sync/index.ts +263 -0
- package/src/sync/schema.ts +14 -0
- package/src/testing/llm-server.ts +2 -0
- package/src/tool/apply_patch.ts +279 -0
- package/src/tool/apply_patch.txt +33 -0
- package/src/tool/bash.ts +498 -0
- package/src/tool/bash.txt +117 -0
- package/src/tool/codesearch.ts +133 -0
- package/src/tool/codesearch.txt +12 -0
- package/src/tool/edit.ts +666 -0
- package/src/tool/edit.txt +10 -0
- package/src/tool/external-directory.ts +46 -0
- package/src/tool/glob.ts +78 -0
- package/src/tool/glob.txt +6 -0
- package/src/tool/grep.ts +156 -0
- package/src/tool/grep.txt +8 -0
- package/src/tool/invalid.ts +17 -0
- package/src/tool/ls.ts +121 -0
- package/src/tool/ls.txt +1 -0
- package/src/tool/lsp.ts +97 -0
- package/src/tool/lsp.txt +19 -0
- package/src/tool/multiedit.ts +46 -0
- package/src/tool/multiedit.txt +41 -0
- package/src/tool/plan-enter.txt +14 -0
- package/src/tool/plan-exit.txt +13 -0
- package/src/tool/plan.ts +131 -0
- package/src/tool/question.ts +46 -0
- package/src/tool/question.txt +10 -0
- package/src/tool/read.ts +330 -0
- package/src/tool/read.txt +14 -0
- package/src/tool/registry.ts +303 -0
- package/src/tool/schema.ts +17 -0
- package/src/tool/skill.ts +120 -0
- package/src/tool/task.ts +192 -0
- package/src/tool/task.txt +57 -0
- package/src/tool/todo.ts +48 -0
- package/src/tool/todowrite.txt +167 -0
- package/src/tool/tool.ts +137 -0
- package/src/tool/truncate.ts +144 -0
- package/src/tool/truncation-dir.ts +4 -0
- package/src/tool/webfetch.ts +210 -0
- package/src/tool/webfetch.txt +13 -0
- package/src/tool/websearch.ts +151 -0
- package/src/tool/websearch.txt +14 -0
- package/src/tool/write.ts +84 -0
- package/src/tool/write.txt +8 -0
- package/src/url/site.ts +118 -0
- package/src/util/abort.ts +35 -0
- package/src/util/archive.ts +17 -0
- package/src/util/color.ts +19 -0
- package/src/util/context.ts +25 -0
- package/src/util/data-url.ts +9 -0
- package/src/util/defer.ts +12 -0
- package/src/util/effect-http-client.ts +11 -0
- package/src/util/effect-zod.ts +98 -0
- package/src/util/error.ts +77 -0
- package/src/util/filesystem.ts +245 -0
- package/src/util/flock.ts +333 -0
- package/src/util/fn.ts +21 -0
- package/src/util/format.ts +20 -0
- package/src/util/glob.ts +34 -0
- package/src/util/hash.ts +7 -0
- package/src/util/iife.ts +3 -0
- package/src/util/keybind.ts +103 -0
- package/src/util/lazy.ts +23 -0
- package/src/util/locale.ts +81 -0
- package/src/util/lock.ts +98 -0
- package/src/util/log.ts +182 -0
- package/src/util/network.ts +9 -0
- package/src/util/process.ts +176 -0
- package/src/util/queue.ts +32 -0
- package/src/util/record.ts +3 -0
- package/src/util/rpc.ts +66 -0
- package/src/util/schema.ts +53 -0
- package/src/util/scrap.ts +10 -0
- package/src/util/signal.ts +12 -0
- package/src/util/timeout.ts +14 -0
- package/src/util/token.ts +7 -0
- package/src/util/update-schema.ts +13 -0
- package/src/util/which.ts +14 -0
- package/src/util/wildcard.ts +59 -0
- package/src/worktree/index.ts +612 -0
- package/sst-env.d.ts +10 -0
- package/test/AGENTS.md +81 -0
- package/test/account/repo.test.ts +352 -0
- package/test/account/service.test.ts +456 -0
- package/test/acp/agent-interface.test.ts +51 -0
- package/test/acp/event-subscription.test.ts +685 -0
- package/test/agent/agent.test.ts +717 -0
- package/test/auth/auth.test.ts +58 -0
- package/test/bus/bus-effect.test.ts +164 -0
- package/test/bus/bus-integration.test.ts +87 -0
- package/test/bus/bus.test.ts +219 -0
- package/test/cli/account.test.ts +26 -0
- package/test/cli/cmd/tui/prompt-part.test.ts +47 -0
- package/test/cli/commands.test.ts +49 -0
- package/test/cli/error.test.ts +18 -0
- package/test/cli/github-action.test.ts +198 -0
- package/test/cli/github-remote.test.ts +80 -0
- package/test/cli/import.test.ts +54 -0
- package/test/cli/llm-ready.test.ts +49 -0
- package/test/cli/plugin-auth-picker.test.ts +120 -0
- package/test/cli/tui/keybind-plugin.test.ts +90 -0
- package/test/cli/tui/plugin-add.test.ts +107 -0
- package/test/cli/tui/plugin-install.test.ts +89 -0
- package/test/cli/tui/plugin-lifecycle.test.ts +225 -0
- package/test/cli/tui/plugin-loader-entrypoint.test.ts +492 -0
- package/test/cli/tui/plugin-loader-pure.test.ts +72 -0
- package/test/cli/tui/plugin-loader.test.ts +752 -0
- package/test/cli/tui/plugin-toggle.test.ts +159 -0
- package/test/cli/tui/slot-replace.test.tsx +47 -0
- package/test/cli/tui/theme-store.test.ts +51 -0
- package/test/cli/tui/thread.test.ts +128 -0
- package/test/cli/tui/transcript.test.ts +426 -0
- package/test/config/agent-color.test.ts +71 -0
- package/test/config/config.test.ts +2364 -0
- package/test/config/fixtures/empty-frontmatter.md +4 -0
- package/test/config/fixtures/frontmatter.md +28 -0
- package/test/config/fixtures/markdown-header.md +11 -0
- package/test/config/fixtures/no-frontmatter.md +1 -0
- package/test/config/fixtures/weird-model-id.md +13 -0
- package/test/config/markdown.test.ts +228 -0
- package/test/config/tui.test.ts +800 -0
- package/test/control-plane/sse.test.ts +56 -0
- package/test/effect/cross-spawn-spawner.test.ts +412 -0
- package/test/effect/instance-state.test.ts +482 -0
- package/test/effect/run-service.test.ts +46 -0
- package/test/effect/runner.test.ts +523 -0
- package/test/fake/provider.ts +81 -0
- package/test/file/fsmonitor.test.ts +62 -0
- package/test/file/ignore.test.ts +10 -0
- package/test/file/index.test.ts +946 -0
- package/test/file/path-traversal.test.ts +198 -0
- package/test/file/ripgrep.test.ts +54 -0
- package/test/file/time.test.ts +445 -0
- package/test/file/watcher.test.ts +247 -0
- package/test/filesystem/filesystem.test.ts +319 -0
- package/test/fixture/db.ts +11 -0
- package/test/fixture/fixture.test.ts +26 -0
- package/test/fixture/fixture.ts +174 -0
- package/test/fixture/flock-worker.ts +72 -0
- package/test/fixture/lsp/fake-lsp-server.js +77 -0
- package/test/fixture/plug-worker.ts +93 -0
- package/test/fixture/plugin-meta-worker.ts +26 -0
- package/test/fixture/skills/agents-sdk/SKILL.md +152 -0
- package/test/fixture/skills/agents-sdk/references/callable.md +92 -0
- package/test/fixture/skills/cloudflare/SKILL.md +211 -0
- package/test/fixture/skills/index.json +6 -0
- package/test/fixture/tui-plugin.ts +328 -0
- package/test/fixture/tui-runtime.ts +27 -0
- package/test/format/format.test.ts +171 -0
- package/test/git/git.test.ts +128 -0
- package/test/ide/ide.test.ts +82 -0
- package/test/installation/installation.test.ts +151 -0
- package/test/keybind.test.ts +421 -0
- package/test/lib/effect.ts +53 -0
- package/test/lib/filesystem.ts +10 -0
- package/test/lib/llm-server.ts +795 -0
- package/test/lsp/client.test.ts +95 -0
- package/test/lsp/index.test.ts +138 -0
- package/test/lsp/launch.test.ts +22 -0
- package/test/lsp/lifecycle.test.ts +147 -0
- package/test/mcp/headers.test.ts +153 -0
- package/test/mcp/lifecycle.test.ts +750 -0
- package/test/mcp/oauth-auto-connect.test.ts +199 -0
- package/test/mcp/oauth-browser.test.ts +249 -0
- package/test/memory/abort-leak.test.ts +151 -0
- package/test/npm.test.ts +18 -0
- package/test/patch/patch.test.ts +348 -0
- package/test/permission/arity.test.ts +33 -0
- package/test/permission/next.test.ts +1148 -0
- package/test/permission-task.test.ts +323 -0
- package/test/plugin/auth-override.test.ts +74 -0
- package/test/plugin/codex.test.ts +123 -0
- package/test/plugin/github-copilot-models.test.ts +117 -0
- package/test/plugin/install-concurrency.test.ts +140 -0
- package/test/plugin/install.test.ts +570 -0
- package/test/plugin/loader-shared.test.ts +1136 -0
- package/test/plugin/meta.test.ts +137 -0
- package/test/plugin/shared.test.ts +88 -0
- package/test/plugin/trigger.test.ts +111 -0
- package/test/preload.ts +90 -0
- package/test/project/migrate-global.test.ts +141 -0
- package/test/project/project.test.ts +459 -0
- package/test/project/state.test.ts +115 -0
- package/test/project/vcs.test.ts +228 -0
- package/test/project/worktree-remove.test.ts +96 -0
- package/test/project/worktree.test.ts +173 -0
- package/test/provider/amazon-bedrock.test.ts +447 -0
- package/test/provider/copilot/convert-to-copilot-messages.test.ts +523 -0
- package/test/provider/copilot/copilot-chat-model.test.ts +592 -0
- package/test/provider/gitlab-duo.test.ts +412 -0
- package/test/provider/provider.test.ts +2494 -0
- package/test/provider/transform.test.ts +2839 -0
- package/test/pty/pty-output-isolation.test.ts +141 -0
- package/test/pty/pty-session.test.ts +92 -0
- package/test/pty/pty-shell.test.ts +59 -0
- package/test/question/question.test.ts +453 -0
- package/test/runtime/acp-adapter.test.ts +84 -0
- package/test/runtime/core-service.test.ts +16 -0
- package/test/runtime/session-summarize.test.ts +104 -0
- package/test/server/global-session-list.test.ts +89 -0
- package/test/server/project-init-git.test.ts +121 -0
- package/test/server/router.test.ts +52 -0
- package/test/server/session-actions.test.ts +83 -0
- package/test/server/session-list.test.ts +98 -0
- package/test/server/session-messages.test.ts +159 -0
- package/test/server/session-select.test.ts +84 -0
- package/test/session/compaction.test.ts +1239 -0
- package/test/session/instruction.test.ts +286 -0
- package/test/session/llm.test.ts +1093 -0
- package/test/session/message-v2.test.ts +957 -0
- package/test/session/messages-pagination.test.ts +885 -0
- package/test/session/processor-effect.test.ts +741 -0
- package/test/session/prompt-effect.test.ts +1339 -0
- package/test/session/prompt.test.ts +533 -0
- package/test/session/retry.test.ts +251 -0
- package/test/session/revert-compact.test.ts +621 -0
- package/test/session/session.test.ts +142 -0
- package/test/session/snapshot-tool-race.test.ts +242 -0
- package/test/session/structured-output-integration.test.ts +233 -0
- package/test/session/structured-output.test.ts +391 -0
- package/test/session/system.test.ts +59 -0
- package/test/share/share-next.test.ts +332 -0
- package/test/shell/shell.test.ts +73 -0
- package/test/skill/discovery.test.ts +116 -0
- package/test/skill/skill.test.ts +428 -0
- package/test/snapshot/snapshot.test.ts +1397 -0
- package/test/storage/db.test.ts +14 -0
- package/test/storage/json-migration.test.ts +832 -0
- package/test/storage/storage.test.ts +295 -0
- package/test/sync/index.test.ts +191 -0
- package/test/tool/apply_patch.test.ts +565 -0
- package/test/tool/bash.test.ts +1099 -0
- package/test/tool/edit.test.ts +681 -0
- package/test/tool/external-directory.test.ts +198 -0
- package/test/tool/fixtures/large-image.png +0 -0
- package/test/tool/fixtures/models-api.json +65179 -0
- package/test/tool/grep.test.ts +111 -0
- package/test/tool/question.test.ts +126 -0
- package/test/tool/read.test.ts +468 -0
- package/test/tool/registry.test.ts +157 -0
- package/test/tool/skill.test.ts +170 -0
- package/test/tool/task.test.ts +412 -0
- package/test/tool/tool-define.test.ts +49 -0
- package/test/tool/truncation.test.ts +161 -0
- package/test/tool/webfetch.test.ts +96 -0
- package/test/tool/write.test.ts +353 -0
- package/test/util/data-url.test.ts +14 -0
- package/test/util/effect-zod.test.ts +61 -0
- package/test/util/error.test.ts +38 -0
- package/test/util/filesystem.test.ts +656 -0
- package/test/util/flock.test.ts +383 -0
- package/test/util/format.test.ts +59 -0
- package/test/util/glob.test.ts +164 -0
- package/test/util/iife.test.ts +36 -0
- package/test/util/lazy.test.ts +50 -0
- package/test/util/lock.test.ts +72 -0
- package/test/util/module.test.ts +59 -0
- package/test/util/process.test.ts +128 -0
- package/test/util/timeout.test.ts +21 -0
- package/test/util/which.test.ts +100 -0
- package/test/util/wildcard.test.ts +90 -0
- package/tsconfig.json +23 -0
|
@@ -0,0 +1,1148 @@
|
|
|
1
|
+
import { afterEach, test, expect } from "bun:test"
|
|
2
|
+
import os from "os"
|
|
3
|
+
import { Bus } from "../../src/bus"
|
|
4
|
+
import { Permission } from "../../src/permission"
|
|
5
|
+
import { PermissionID } from "../../src/permission/schema"
|
|
6
|
+
import { Instance } from "../../src/project/instance"
|
|
7
|
+
import { tmpdir } from "../fixture/fixture"
|
|
8
|
+
import { MessageID, SessionID } from "../../src/session/schema"
|
|
9
|
+
|
|
10
|
+
afterEach(async () => {
|
|
11
|
+
await Instance.disposeAll()
|
|
12
|
+
})
|
|
13
|
+
|
|
14
|
+
async function rejectAll(message?: string) {
|
|
15
|
+
for (const req of await Permission.list()) {
|
|
16
|
+
await Permission.reply({
|
|
17
|
+
requestID: req.id,
|
|
18
|
+
reply: "reject",
|
|
19
|
+
message,
|
|
20
|
+
})
|
|
21
|
+
}
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
async function waitForPending(count: number) {
|
|
25
|
+
for (let i = 0; i < 20; i++) {
|
|
26
|
+
const list = await Permission.list()
|
|
27
|
+
if (list.length === count) return list
|
|
28
|
+
await Bun.sleep(0)
|
|
29
|
+
}
|
|
30
|
+
return Permission.list()
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
// fromConfig tests
|
|
34
|
+
|
|
35
|
+
test("fromConfig - string value becomes wildcard rule", () => {
|
|
36
|
+
const result = Permission.fromConfig({ bash: "allow" })
|
|
37
|
+
expect(result).toEqual([{ permission: "bash", pattern: "*", action: "allow" }])
|
|
38
|
+
})
|
|
39
|
+
|
|
40
|
+
test("fromConfig - object value converts to rules array", () => {
|
|
41
|
+
const result = Permission.fromConfig({ bash: { "*": "allow", rm: "deny" } })
|
|
42
|
+
expect(result).toEqual([
|
|
43
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
44
|
+
{ permission: "bash", pattern: "rm", action: "deny" },
|
|
45
|
+
])
|
|
46
|
+
})
|
|
47
|
+
|
|
48
|
+
test("fromConfig - mixed string and object values", () => {
|
|
49
|
+
const result = Permission.fromConfig({
|
|
50
|
+
bash: { "*": "allow", rm: "deny" },
|
|
51
|
+
edit: "allow",
|
|
52
|
+
webfetch: "ask",
|
|
53
|
+
})
|
|
54
|
+
expect(result).toEqual([
|
|
55
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
56
|
+
{ permission: "bash", pattern: "rm", action: "deny" },
|
|
57
|
+
{ permission: "edit", pattern: "*", action: "allow" },
|
|
58
|
+
{ permission: "webfetch", pattern: "*", action: "ask" },
|
|
59
|
+
])
|
|
60
|
+
})
|
|
61
|
+
|
|
62
|
+
test("fromConfig - empty object", () => {
|
|
63
|
+
const result = Permission.fromConfig({})
|
|
64
|
+
expect(result).toEqual([])
|
|
65
|
+
})
|
|
66
|
+
|
|
67
|
+
test("fromConfig - expands tilde to home directory", () => {
|
|
68
|
+
const result = Permission.fromConfig({ external_directory: { "~/projects/*": "allow" } })
|
|
69
|
+
expect(result).toEqual([{ permission: "external_directory", pattern: `${os.homedir()}/projects/*`, action: "allow" }])
|
|
70
|
+
})
|
|
71
|
+
|
|
72
|
+
test("fromConfig - expands $HOME to home directory", () => {
|
|
73
|
+
const result = Permission.fromConfig({ external_directory: { "$HOME/projects/*": "allow" } })
|
|
74
|
+
expect(result).toEqual([{ permission: "external_directory", pattern: `${os.homedir()}/projects/*`, action: "allow" }])
|
|
75
|
+
})
|
|
76
|
+
|
|
77
|
+
test("fromConfig - expands $HOME without trailing slash", () => {
|
|
78
|
+
const result = Permission.fromConfig({ external_directory: { $HOME: "allow" } })
|
|
79
|
+
expect(result).toEqual([{ permission: "external_directory", pattern: os.homedir(), action: "allow" }])
|
|
80
|
+
})
|
|
81
|
+
|
|
82
|
+
test("fromConfig - does not expand tilde in middle of path", () => {
|
|
83
|
+
const result = Permission.fromConfig({ external_directory: { "/some/~/path": "allow" } })
|
|
84
|
+
expect(result).toEqual([{ permission: "external_directory", pattern: "/some/~/path", action: "allow" }])
|
|
85
|
+
})
|
|
86
|
+
|
|
87
|
+
test("fromConfig - expands exact tilde to home directory", () => {
|
|
88
|
+
const result = Permission.fromConfig({ external_directory: { "~": "allow" } })
|
|
89
|
+
expect(result).toEqual([{ permission: "external_directory", pattern: os.homedir(), action: "allow" }])
|
|
90
|
+
})
|
|
91
|
+
|
|
92
|
+
test("evaluate - matches expanded tilde pattern", () => {
|
|
93
|
+
const ruleset = Permission.fromConfig({ external_directory: { "~/projects/*": "allow" } })
|
|
94
|
+
const result = Permission.evaluate("external_directory", `${os.homedir()}/projects/file.txt`, ruleset)
|
|
95
|
+
expect(result.action).toBe("allow")
|
|
96
|
+
})
|
|
97
|
+
|
|
98
|
+
test("evaluate - matches expanded $HOME pattern", () => {
|
|
99
|
+
const ruleset = Permission.fromConfig({ external_directory: { "$HOME/projects/*": "allow" } })
|
|
100
|
+
const result = Permission.evaluate("external_directory", `${os.homedir()}/projects/file.txt`, ruleset)
|
|
101
|
+
expect(result.action).toBe("allow")
|
|
102
|
+
})
|
|
103
|
+
|
|
104
|
+
// merge tests
|
|
105
|
+
|
|
106
|
+
test("merge - simple concatenation", () => {
|
|
107
|
+
const result = Permission.merge(
|
|
108
|
+
[{ permission: "bash", pattern: "*", action: "allow" }],
|
|
109
|
+
[{ permission: "bash", pattern: "*", action: "deny" }],
|
|
110
|
+
)
|
|
111
|
+
expect(result).toEqual([
|
|
112
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
113
|
+
{ permission: "bash", pattern: "*", action: "deny" },
|
|
114
|
+
])
|
|
115
|
+
})
|
|
116
|
+
|
|
117
|
+
test("merge - adds new permission", () => {
|
|
118
|
+
const result = Permission.merge(
|
|
119
|
+
[{ permission: "bash", pattern: "*", action: "allow" }],
|
|
120
|
+
[{ permission: "edit", pattern: "*", action: "deny" }],
|
|
121
|
+
)
|
|
122
|
+
expect(result).toEqual([
|
|
123
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
124
|
+
{ permission: "edit", pattern: "*", action: "deny" },
|
|
125
|
+
])
|
|
126
|
+
})
|
|
127
|
+
|
|
128
|
+
test("merge - concatenates rules for same permission", () => {
|
|
129
|
+
const result = Permission.merge(
|
|
130
|
+
[{ permission: "bash", pattern: "foo", action: "ask" }],
|
|
131
|
+
[{ permission: "bash", pattern: "*", action: "deny" }],
|
|
132
|
+
)
|
|
133
|
+
expect(result).toEqual([
|
|
134
|
+
{ permission: "bash", pattern: "foo", action: "ask" },
|
|
135
|
+
{ permission: "bash", pattern: "*", action: "deny" },
|
|
136
|
+
])
|
|
137
|
+
})
|
|
138
|
+
|
|
139
|
+
test("merge - multiple rulesets", () => {
|
|
140
|
+
const result = Permission.merge(
|
|
141
|
+
[{ permission: "bash", pattern: "*", action: "allow" }],
|
|
142
|
+
[{ permission: "bash", pattern: "rm", action: "ask" }],
|
|
143
|
+
[{ permission: "edit", pattern: "*", action: "allow" }],
|
|
144
|
+
)
|
|
145
|
+
expect(result).toEqual([
|
|
146
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
147
|
+
{ permission: "bash", pattern: "rm", action: "ask" },
|
|
148
|
+
{ permission: "edit", pattern: "*", action: "allow" },
|
|
149
|
+
])
|
|
150
|
+
})
|
|
151
|
+
|
|
152
|
+
test("merge - empty ruleset does nothing", () => {
|
|
153
|
+
const result = Permission.merge([{ permission: "bash", pattern: "*", action: "allow" }], [])
|
|
154
|
+
expect(result).toEqual([{ permission: "bash", pattern: "*", action: "allow" }])
|
|
155
|
+
})
|
|
156
|
+
|
|
157
|
+
test("merge - preserves rule order", () => {
|
|
158
|
+
const result = Permission.merge(
|
|
159
|
+
[
|
|
160
|
+
{ permission: "edit", pattern: "src/*", action: "allow" },
|
|
161
|
+
{ permission: "edit", pattern: "src/secret/*", action: "deny" },
|
|
162
|
+
],
|
|
163
|
+
[{ permission: "edit", pattern: "src/secret/ok.ts", action: "allow" }],
|
|
164
|
+
)
|
|
165
|
+
expect(result).toEqual([
|
|
166
|
+
{ permission: "edit", pattern: "src/*", action: "allow" },
|
|
167
|
+
{ permission: "edit", pattern: "src/secret/*", action: "deny" },
|
|
168
|
+
{ permission: "edit", pattern: "src/secret/ok.ts", action: "allow" },
|
|
169
|
+
])
|
|
170
|
+
})
|
|
171
|
+
|
|
172
|
+
test("merge - config permission overrides default ask", () => {
|
|
173
|
+
// Simulates: defaults have "*": "ask", config sets bash: "allow"
|
|
174
|
+
const defaults: Permission.Ruleset = [{ permission: "*", pattern: "*", action: "ask" }]
|
|
175
|
+
const config: Permission.Ruleset = [{ permission: "bash", pattern: "*", action: "allow" }]
|
|
176
|
+
const merged = Permission.merge(defaults, config)
|
|
177
|
+
|
|
178
|
+
// Config's bash allow should override default ask
|
|
179
|
+
expect(Permission.evaluate("bash", "ls", merged).action).toBe("allow")
|
|
180
|
+
// Other permissions should still be ask (from defaults)
|
|
181
|
+
expect(Permission.evaluate("edit", "foo.ts", merged).action).toBe("ask")
|
|
182
|
+
})
|
|
183
|
+
|
|
184
|
+
test("merge - config ask overrides default allow", () => {
|
|
185
|
+
// Simulates: defaults have bash: "allow", config sets bash: "ask"
|
|
186
|
+
const defaults: Permission.Ruleset = [{ permission: "bash", pattern: "*", action: "allow" }]
|
|
187
|
+
const config: Permission.Ruleset = [{ permission: "bash", pattern: "*", action: "ask" }]
|
|
188
|
+
const merged = Permission.merge(defaults, config)
|
|
189
|
+
|
|
190
|
+
// Config's ask should override default allow
|
|
191
|
+
expect(Permission.evaluate("bash", "ls", merged).action).toBe("ask")
|
|
192
|
+
})
|
|
193
|
+
|
|
194
|
+
// evaluate tests
|
|
195
|
+
|
|
196
|
+
test("evaluate - exact pattern match", () => {
|
|
197
|
+
const result = Permission.evaluate("bash", "rm", [{ permission: "bash", pattern: "rm", action: "deny" }])
|
|
198
|
+
expect(result.action).toBe("deny")
|
|
199
|
+
})
|
|
200
|
+
|
|
201
|
+
test("evaluate - wildcard pattern match", () => {
|
|
202
|
+
const result = Permission.evaluate("bash", "rm", [{ permission: "bash", pattern: "*", action: "allow" }])
|
|
203
|
+
expect(result.action).toBe("allow")
|
|
204
|
+
})
|
|
205
|
+
|
|
206
|
+
test("evaluate - last matching rule wins", () => {
|
|
207
|
+
const result = Permission.evaluate("bash", "rm", [
|
|
208
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
209
|
+
{ permission: "bash", pattern: "rm", action: "deny" },
|
|
210
|
+
])
|
|
211
|
+
expect(result.action).toBe("deny")
|
|
212
|
+
})
|
|
213
|
+
|
|
214
|
+
test("evaluate - last matching rule wins (wildcard after specific)", () => {
|
|
215
|
+
const result = Permission.evaluate("bash", "rm", [
|
|
216
|
+
{ permission: "bash", pattern: "rm", action: "deny" },
|
|
217
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
218
|
+
])
|
|
219
|
+
expect(result.action).toBe("allow")
|
|
220
|
+
})
|
|
221
|
+
|
|
222
|
+
test("evaluate - glob pattern match", () => {
|
|
223
|
+
const result = Permission.evaluate("edit", "src/foo.ts", [{ permission: "edit", pattern: "src/*", action: "allow" }])
|
|
224
|
+
expect(result.action).toBe("allow")
|
|
225
|
+
})
|
|
226
|
+
|
|
227
|
+
test("evaluate - last matching glob wins", () => {
|
|
228
|
+
const result = Permission.evaluate("edit", "src/components/Button.tsx", [
|
|
229
|
+
{ permission: "edit", pattern: "src/*", action: "deny" },
|
|
230
|
+
{ permission: "edit", pattern: "src/components/*", action: "allow" },
|
|
231
|
+
])
|
|
232
|
+
expect(result.action).toBe("allow")
|
|
233
|
+
})
|
|
234
|
+
|
|
235
|
+
test("evaluate - order matters for specificity", () => {
|
|
236
|
+
// If more specific rule comes first, later wildcard overrides it
|
|
237
|
+
const result = Permission.evaluate("edit", "src/components/Button.tsx", [
|
|
238
|
+
{ permission: "edit", pattern: "src/components/*", action: "allow" },
|
|
239
|
+
{ permission: "edit", pattern: "src/*", action: "deny" },
|
|
240
|
+
])
|
|
241
|
+
expect(result.action).toBe("deny")
|
|
242
|
+
})
|
|
243
|
+
|
|
244
|
+
test("evaluate - unknown permission returns ask", () => {
|
|
245
|
+
const result = Permission.evaluate("unknown_tool", "anything", [
|
|
246
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
247
|
+
])
|
|
248
|
+
expect(result.action).toBe("ask")
|
|
249
|
+
})
|
|
250
|
+
|
|
251
|
+
test("evaluate - empty ruleset returns ask", () => {
|
|
252
|
+
const result = Permission.evaluate("bash", "rm", [])
|
|
253
|
+
expect(result.action).toBe("ask")
|
|
254
|
+
})
|
|
255
|
+
|
|
256
|
+
test("evaluate - no matching pattern returns ask", () => {
|
|
257
|
+
const result = Permission.evaluate("edit", "etc/passwd", [{ permission: "edit", pattern: "src/*", action: "allow" }])
|
|
258
|
+
expect(result.action).toBe("ask")
|
|
259
|
+
})
|
|
260
|
+
|
|
261
|
+
test("evaluate - empty rules array returns ask", () => {
|
|
262
|
+
const result = Permission.evaluate("bash", "rm", [])
|
|
263
|
+
expect(result.action).toBe("ask")
|
|
264
|
+
})
|
|
265
|
+
|
|
266
|
+
test("evaluate - multiple matching patterns, last wins", () => {
|
|
267
|
+
const result = Permission.evaluate("edit", "src/secret.ts", [
|
|
268
|
+
{ permission: "edit", pattern: "*", action: "ask" },
|
|
269
|
+
{ permission: "edit", pattern: "src/*", action: "allow" },
|
|
270
|
+
{ permission: "edit", pattern: "src/secret.ts", action: "deny" },
|
|
271
|
+
])
|
|
272
|
+
expect(result.action).toBe("deny")
|
|
273
|
+
})
|
|
274
|
+
|
|
275
|
+
test("evaluate - non-matching patterns are skipped", () => {
|
|
276
|
+
const result = Permission.evaluate("edit", "src/foo.ts", [
|
|
277
|
+
{ permission: "edit", pattern: "*", action: "ask" },
|
|
278
|
+
{ permission: "edit", pattern: "test/*", action: "deny" },
|
|
279
|
+
{ permission: "edit", pattern: "src/*", action: "allow" },
|
|
280
|
+
])
|
|
281
|
+
expect(result.action).toBe("allow")
|
|
282
|
+
})
|
|
283
|
+
|
|
284
|
+
test("evaluate - exact match at end wins over earlier wildcard", () => {
|
|
285
|
+
const result = Permission.evaluate("bash", "/bin/rm", [
|
|
286
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
287
|
+
{ permission: "bash", pattern: "/bin/rm", action: "deny" },
|
|
288
|
+
])
|
|
289
|
+
expect(result.action).toBe("deny")
|
|
290
|
+
})
|
|
291
|
+
|
|
292
|
+
test("evaluate - wildcard at end overrides earlier exact match", () => {
|
|
293
|
+
const result = Permission.evaluate("bash", "/bin/rm", [
|
|
294
|
+
{ permission: "bash", pattern: "/bin/rm", action: "deny" },
|
|
295
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
296
|
+
])
|
|
297
|
+
expect(result.action).toBe("allow")
|
|
298
|
+
})
|
|
299
|
+
|
|
300
|
+
// wildcard permission tests
|
|
301
|
+
|
|
302
|
+
test("evaluate - wildcard permission matches any permission", () => {
|
|
303
|
+
const result = Permission.evaluate("bash", "rm", [{ permission: "*", pattern: "*", action: "deny" }])
|
|
304
|
+
expect(result.action).toBe("deny")
|
|
305
|
+
})
|
|
306
|
+
|
|
307
|
+
test("evaluate - wildcard permission with specific pattern", () => {
|
|
308
|
+
const result = Permission.evaluate("bash", "rm", [{ permission: "*", pattern: "rm", action: "deny" }])
|
|
309
|
+
expect(result.action).toBe("deny")
|
|
310
|
+
})
|
|
311
|
+
|
|
312
|
+
test("evaluate - glob permission pattern", () => {
|
|
313
|
+
const result = Permission.evaluate("mcp_server_tool", "anything", [
|
|
314
|
+
{ permission: "mcp_*", pattern: "*", action: "allow" },
|
|
315
|
+
])
|
|
316
|
+
expect(result.action).toBe("allow")
|
|
317
|
+
})
|
|
318
|
+
|
|
319
|
+
test("evaluate - specific permission and wildcard permission combined", () => {
|
|
320
|
+
const result = Permission.evaluate("bash", "rm", [
|
|
321
|
+
{ permission: "*", pattern: "*", action: "deny" },
|
|
322
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
323
|
+
])
|
|
324
|
+
expect(result.action).toBe("allow")
|
|
325
|
+
})
|
|
326
|
+
|
|
327
|
+
test("evaluate - wildcard permission does not match when specific exists", () => {
|
|
328
|
+
const result = Permission.evaluate("edit", "src/foo.ts", [
|
|
329
|
+
{ permission: "*", pattern: "*", action: "deny" },
|
|
330
|
+
{ permission: "edit", pattern: "src/*", action: "allow" },
|
|
331
|
+
])
|
|
332
|
+
expect(result.action).toBe("allow")
|
|
333
|
+
})
|
|
334
|
+
|
|
335
|
+
test("evaluate - multiple matching permission patterns combine rules", () => {
|
|
336
|
+
const result = Permission.evaluate("mcp_dangerous", "anything", [
|
|
337
|
+
{ permission: "*", pattern: "*", action: "ask" },
|
|
338
|
+
{ permission: "mcp_*", pattern: "*", action: "allow" },
|
|
339
|
+
{ permission: "mcp_dangerous", pattern: "*", action: "deny" },
|
|
340
|
+
])
|
|
341
|
+
expect(result.action).toBe("deny")
|
|
342
|
+
})
|
|
343
|
+
|
|
344
|
+
test("evaluate - wildcard permission fallback for unknown tool", () => {
|
|
345
|
+
const result = Permission.evaluate("unknown_tool", "anything", [
|
|
346
|
+
{ permission: "*", pattern: "*", action: "ask" },
|
|
347
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
348
|
+
])
|
|
349
|
+
expect(result.action).toBe("ask")
|
|
350
|
+
})
|
|
351
|
+
|
|
352
|
+
test("evaluate - permission patterns sorted by length regardless of object order", () => {
|
|
353
|
+
// specific permission listed before wildcard, but specific should still win
|
|
354
|
+
const result = Permission.evaluate("bash", "rm", [
|
|
355
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
356
|
+
{ permission: "*", pattern: "*", action: "deny" },
|
|
357
|
+
])
|
|
358
|
+
// With flat list, last matching rule wins - so "*" matches bash and wins
|
|
359
|
+
expect(result.action).toBe("deny")
|
|
360
|
+
})
|
|
361
|
+
|
|
362
|
+
test("evaluate - merges multiple rulesets", () => {
|
|
363
|
+
const config: Permission.Ruleset = [{ permission: "bash", pattern: "*", action: "allow" }]
|
|
364
|
+
const approved: Permission.Ruleset = [{ permission: "bash", pattern: "rm", action: "deny" }]
|
|
365
|
+
// approved comes after config, so rm should be denied
|
|
366
|
+
const result = Permission.evaluate("bash", "rm", config, approved)
|
|
367
|
+
expect(result.action).toBe("deny")
|
|
368
|
+
})
|
|
369
|
+
|
|
370
|
+
// disabled tests
|
|
371
|
+
|
|
372
|
+
test("disabled - returns empty set when all tools allowed", () => {
|
|
373
|
+
const result = Permission.disabled(["bash", "edit", "read"], [{ permission: "*", pattern: "*", action: "allow" }])
|
|
374
|
+
expect(result.size).toBe(0)
|
|
375
|
+
})
|
|
376
|
+
|
|
377
|
+
test("disabled - disables tool when denied", () => {
|
|
378
|
+
const result = Permission.disabled(
|
|
379
|
+
["bash", "edit", "read"],
|
|
380
|
+
[
|
|
381
|
+
{ permission: "*", pattern: "*", action: "allow" },
|
|
382
|
+
{ permission: "bash", pattern: "*", action: "deny" },
|
|
383
|
+
],
|
|
384
|
+
)
|
|
385
|
+
expect(result.has("bash")).toBe(true)
|
|
386
|
+
expect(result.has("edit")).toBe(false)
|
|
387
|
+
expect(result.has("read")).toBe(false)
|
|
388
|
+
})
|
|
389
|
+
|
|
390
|
+
test("disabled - disables edit/write/apply_patch/multiedit when edit denied", () => {
|
|
391
|
+
const result = Permission.disabled(
|
|
392
|
+
["edit", "write", "apply_patch", "multiedit", "bash"],
|
|
393
|
+
[
|
|
394
|
+
{ permission: "*", pattern: "*", action: "allow" },
|
|
395
|
+
{ permission: "edit", pattern: "*", action: "deny" },
|
|
396
|
+
],
|
|
397
|
+
)
|
|
398
|
+
expect(result.has("edit")).toBe(true)
|
|
399
|
+
expect(result.has("write")).toBe(true)
|
|
400
|
+
expect(result.has("apply_patch")).toBe(true)
|
|
401
|
+
expect(result.has("multiedit")).toBe(true)
|
|
402
|
+
expect(result.has("bash")).toBe(false)
|
|
403
|
+
})
|
|
404
|
+
|
|
405
|
+
test("disabled - does not disable when partially denied", () => {
|
|
406
|
+
const result = Permission.disabled(
|
|
407
|
+
["bash"],
|
|
408
|
+
[
|
|
409
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
410
|
+
{ permission: "bash", pattern: "rm *", action: "deny" },
|
|
411
|
+
],
|
|
412
|
+
)
|
|
413
|
+
expect(result.has("bash")).toBe(false)
|
|
414
|
+
})
|
|
415
|
+
|
|
416
|
+
test("disabled - does not disable when action is ask", () => {
|
|
417
|
+
const result = Permission.disabled(["bash", "edit"], [{ permission: "*", pattern: "*", action: "ask" }])
|
|
418
|
+
expect(result.size).toBe(0)
|
|
419
|
+
})
|
|
420
|
+
|
|
421
|
+
test("disabled - does not disable when specific allow after wildcard deny", () => {
|
|
422
|
+
// Tool is NOT disabled because a specific allow after wildcard deny means
|
|
423
|
+
// there's at least some usage allowed
|
|
424
|
+
const result = Permission.disabled(
|
|
425
|
+
["bash"],
|
|
426
|
+
[
|
|
427
|
+
{ permission: "bash", pattern: "*", action: "deny" },
|
|
428
|
+
{ permission: "bash", pattern: "echo *", action: "allow" },
|
|
429
|
+
],
|
|
430
|
+
)
|
|
431
|
+
expect(result.has("bash")).toBe(false)
|
|
432
|
+
})
|
|
433
|
+
|
|
434
|
+
test("disabled - does not disable when wildcard allow after deny", () => {
|
|
435
|
+
const result = Permission.disabled(
|
|
436
|
+
["bash"],
|
|
437
|
+
[
|
|
438
|
+
{ permission: "bash", pattern: "rm *", action: "deny" },
|
|
439
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
440
|
+
],
|
|
441
|
+
)
|
|
442
|
+
expect(result.has("bash")).toBe(false)
|
|
443
|
+
})
|
|
444
|
+
|
|
445
|
+
test("disabled - disables multiple tools", () => {
|
|
446
|
+
const result = Permission.disabled(
|
|
447
|
+
["bash", "edit", "webfetch"],
|
|
448
|
+
[
|
|
449
|
+
{ permission: "bash", pattern: "*", action: "deny" },
|
|
450
|
+
{ permission: "edit", pattern: "*", action: "deny" },
|
|
451
|
+
{ permission: "webfetch", pattern: "*", action: "deny" },
|
|
452
|
+
],
|
|
453
|
+
)
|
|
454
|
+
expect(result.has("bash")).toBe(true)
|
|
455
|
+
expect(result.has("edit")).toBe(true)
|
|
456
|
+
expect(result.has("webfetch")).toBe(true)
|
|
457
|
+
})
|
|
458
|
+
|
|
459
|
+
test("disabled - wildcard permission denies all tools", () => {
|
|
460
|
+
const result = Permission.disabled(["bash", "edit", "read"], [{ permission: "*", pattern: "*", action: "deny" }])
|
|
461
|
+
expect(result.has("bash")).toBe(true)
|
|
462
|
+
expect(result.has("edit")).toBe(true)
|
|
463
|
+
expect(result.has("read")).toBe(true)
|
|
464
|
+
})
|
|
465
|
+
|
|
466
|
+
test("disabled - specific allow overrides wildcard deny", () => {
|
|
467
|
+
const result = Permission.disabled(
|
|
468
|
+
["bash", "edit", "read"],
|
|
469
|
+
[
|
|
470
|
+
{ permission: "*", pattern: "*", action: "deny" },
|
|
471
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
472
|
+
],
|
|
473
|
+
)
|
|
474
|
+
expect(result.has("bash")).toBe(false)
|
|
475
|
+
expect(result.has("edit")).toBe(true)
|
|
476
|
+
expect(result.has("read")).toBe(true)
|
|
477
|
+
})
|
|
478
|
+
|
|
479
|
+
// ask tests
|
|
480
|
+
|
|
481
|
+
test("ask - resolves immediately when action is allow", async () => {
|
|
482
|
+
await using tmp = await tmpdir({ git: true })
|
|
483
|
+
await Instance.provide({
|
|
484
|
+
directory: tmp.path,
|
|
485
|
+
fn: async () => {
|
|
486
|
+
const result = await Permission.ask({
|
|
487
|
+
sessionID: SessionID.make("session_test"),
|
|
488
|
+
permission: "bash",
|
|
489
|
+
patterns: ["ls"],
|
|
490
|
+
metadata: {},
|
|
491
|
+
always: [],
|
|
492
|
+
ruleset: [{ permission: "bash", pattern: "*", action: "allow" }],
|
|
493
|
+
})
|
|
494
|
+
expect(result).toBeUndefined()
|
|
495
|
+
},
|
|
496
|
+
})
|
|
497
|
+
})
|
|
498
|
+
|
|
499
|
+
test("ask - throws RejectedError when action is deny", async () => {
|
|
500
|
+
await using tmp = await tmpdir({ git: true })
|
|
501
|
+
await Instance.provide({
|
|
502
|
+
directory: tmp.path,
|
|
503
|
+
fn: async () => {
|
|
504
|
+
await expect(
|
|
505
|
+
Permission.ask({
|
|
506
|
+
sessionID: SessionID.make("session_test"),
|
|
507
|
+
permission: "bash",
|
|
508
|
+
patterns: ["rm -rf /"],
|
|
509
|
+
metadata: {},
|
|
510
|
+
always: [],
|
|
511
|
+
ruleset: [{ permission: "bash", pattern: "*", action: "deny" }],
|
|
512
|
+
}),
|
|
513
|
+
).rejects.toBeInstanceOf(Permission.DeniedError)
|
|
514
|
+
},
|
|
515
|
+
})
|
|
516
|
+
})
|
|
517
|
+
|
|
518
|
+
test("ask - returns pending promise when action is ask", async () => {
|
|
519
|
+
await using tmp = await tmpdir({ git: true })
|
|
520
|
+
await Instance.provide({
|
|
521
|
+
directory: tmp.path,
|
|
522
|
+
fn: async () => {
|
|
523
|
+
const promise = Permission.ask({
|
|
524
|
+
sessionID: SessionID.make("session_test"),
|
|
525
|
+
permission: "bash",
|
|
526
|
+
patterns: ["ls"],
|
|
527
|
+
metadata: {},
|
|
528
|
+
always: [],
|
|
529
|
+
ruleset: [{ permission: "bash", pattern: "*", action: "ask" }],
|
|
530
|
+
})
|
|
531
|
+
// Promise should be pending, not resolved
|
|
532
|
+
expect(promise).toBeInstanceOf(Promise)
|
|
533
|
+
// Don't await - just verify it returns a promise
|
|
534
|
+
await rejectAll()
|
|
535
|
+
await promise.catch(() => {})
|
|
536
|
+
},
|
|
537
|
+
})
|
|
538
|
+
})
|
|
539
|
+
|
|
540
|
+
test("ask - adds request to pending list", async () => {
|
|
541
|
+
await using tmp = await tmpdir({ git: true })
|
|
542
|
+
await Instance.provide({
|
|
543
|
+
directory: tmp.path,
|
|
544
|
+
fn: async () => {
|
|
545
|
+
const ask = Permission.ask({
|
|
546
|
+
sessionID: SessionID.make("session_test"),
|
|
547
|
+
permission: "bash",
|
|
548
|
+
patterns: ["ls"],
|
|
549
|
+
metadata: { cmd: "ls" },
|
|
550
|
+
always: ["ls"],
|
|
551
|
+
tool: {
|
|
552
|
+
messageID: MessageID.make("msg_test"),
|
|
553
|
+
callID: "call_test",
|
|
554
|
+
},
|
|
555
|
+
ruleset: [],
|
|
556
|
+
})
|
|
557
|
+
|
|
558
|
+
const list = await Permission.list()
|
|
559
|
+
expect(list).toHaveLength(1)
|
|
560
|
+
expect(list[0]).toMatchObject({
|
|
561
|
+
sessionID: SessionID.make("session_test"),
|
|
562
|
+
permission: "bash",
|
|
563
|
+
patterns: ["ls"],
|
|
564
|
+
metadata: { cmd: "ls" },
|
|
565
|
+
always: ["ls"],
|
|
566
|
+
tool: {
|
|
567
|
+
messageID: MessageID.make("msg_test"),
|
|
568
|
+
callID: "call_test",
|
|
569
|
+
},
|
|
570
|
+
})
|
|
571
|
+
|
|
572
|
+
await rejectAll()
|
|
573
|
+
await ask.catch(() => {})
|
|
574
|
+
},
|
|
575
|
+
})
|
|
576
|
+
})
|
|
577
|
+
|
|
578
|
+
test("ask - publishes asked event", async () => {
|
|
579
|
+
await using tmp = await tmpdir({ git: true })
|
|
580
|
+
await Instance.provide({
|
|
581
|
+
directory: tmp.path,
|
|
582
|
+
fn: async () => {
|
|
583
|
+
let seen: Permission.Request | undefined
|
|
584
|
+
const unsub = Bus.subscribe(Permission.Event.Asked, (event) => {
|
|
585
|
+
seen = event.properties
|
|
586
|
+
})
|
|
587
|
+
|
|
588
|
+
const ask = Permission.ask({
|
|
589
|
+
sessionID: SessionID.make("session_test"),
|
|
590
|
+
permission: "bash",
|
|
591
|
+
patterns: ["ls"],
|
|
592
|
+
metadata: { cmd: "ls" },
|
|
593
|
+
always: ["ls"],
|
|
594
|
+
tool: {
|
|
595
|
+
messageID: MessageID.make("msg_test"),
|
|
596
|
+
callID: "call_test",
|
|
597
|
+
},
|
|
598
|
+
ruleset: [],
|
|
599
|
+
})
|
|
600
|
+
|
|
601
|
+
expect(await Permission.list()).toHaveLength(1)
|
|
602
|
+
expect(seen).toBeDefined()
|
|
603
|
+
expect(seen).toMatchObject({
|
|
604
|
+
sessionID: SessionID.make("session_test"),
|
|
605
|
+
permission: "bash",
|
|
606
|
+
patterns: ["ls"],
|
|
607
|
+
})
|
|
608
|
+
|
|
609
|
+
unsub()
|
|
610
|
+
await rejectAll()
|
|
611
|
+
await ask.catch(() => {})
|
|
612
|
+
},
|
|
613
|
+
})
|
|
614
|
+
})
|
|
615
|
+
|
|
616
|
+
// reply tests
|
|
617
|
+
|
|
618
|
+
test("reply - once resolves the pending ask", async () => {
|
|
619
|
+
await using tmp = await tmpdir({ git: true })
|
|
620
|
+
await Instance.provide({
|
|
621
|
+
directory: tmp.path,
|
|
622
|
+
fn: async () => {
|
|
623
|
+
const askPromise = Permission.ask({
|
|
624
|
+
id: PermissionID.make("per_test1"),
|
|
625
|
+
sessionID: SessionID.make("session_test"),
|
|
626
|
+
permission: "bash",
|
|
627
|
+
patterns: ["ls"],
|
|
628
|
+
metadata: {},
|
|
629
|
+
always: [],
|
|
630
|
+
ruleset: [],
|
|
631
|
+
})
|
|
632
|
+
|
|
633
|
+
await waitForPending(1)
|
|
634
|
+
|
|
635
|
+
await Permission.reply({
|
|
636
|
+
requestID: PermissionID.make("per_test1"),
|
|
637
|
+
reply: "once",
|
|
638
|
+
})
|
|
639
|
+
|
|
640
|
+
await expect(askPromise).resolves.toBeUndefined()
|
|
641
|
+
},
|
|
642
|
+
})
|
|
643
|
+
})
|
|
644
|
+
|
|
645
|
+
test("reply - reject throws RejectedError", async () => {
|
|
646
|
+
await using tmp = await tmpdir({ git: true })
|
|
647
|
+
await Instance.provide({
|
|
648
|
+
directory: tmp.path,
|
|
649
|
+
fn: async () => {
|
|
650
|
+
const askPromise = Permission.ask({
|
|
651
|
+
id: PermissionID.make("per_test2"),
|
|
652
|
+
sessionID: SessionID.make("session_test"),
|
|
653
|
+
permission: "bash",
|
|
654
|
+
patterns: ["ls"],
|
|
655
|
+
metadata: {},
|
|
656
|
+
always: [],
|
|
657
|
+
ruleset: [],
|
|
658
|
+
})
|
|
659
|
+
|
|
660
|
+
await waitForPending(1)
|
|
661
|
+
|
|
662
|
+
await Permission.reply({
|
|
663
|
+
requestID: PermissionID.make("per_test2"),
|
|
664
|
+
reply: "reject",
|
|
665
|
+
})
|
|
666
|
+
|
|
667
|
+
await expect(askPromise).rejects.toBeInstanceOf(Permission.RejectedError)
|
|
668
|
+
},
|
|
669
|
+
})
|
|
670
|
+
})
|
|
671
|
+
|
|
672
|
+
test("reply - reject with message throws CorrectedError", async () => {
|
|
673
|
+
await using tmp = await tmpdir({ git: true })
|
|
674
|
+
await Instance.provide({
|
|
675
|
+
directory: tmp.path,
|
|
676
|
+
fn: async () => {
|
|
677
|
+
const ask = Permission.ask({
|
|
678
|
+
id: PermissionID.make("per_test2b"),
|
|
679
|
+
sessionID: SessionID.make("session_test"),
|
|
680
|
+
permission: "bash",
|
|
681
|
+
patterns: ["ls"],
|
|
682
|
+
metadata: {},
|
|
683
|
+
always: [],
|
|
684
|
+
ruleset: [],
|
|
685
|
+
})
|
|
686
|
+
|
|
687
|
+
await waitForPending(1)
|
|
688
|
+
|
|
689
|
+
await Permission.reply({
|
|
690
|
+
requestID: PermissionID.make("per_test2b"),
|
|
691
|
+
reply: "reject",
|
|
692
|
+
message: "Use a safer command",
|
|
693
|
+
})
|
|
694
|
+
|
|
695
|
+
const err = await ask.catch((err) => err)
|
|
696
|
+
expect(err).toBeInstanceOf(Permission.CorrectedError)
|
|
697
|
+
expect(err.message).toContain("Use a safer command")
|
|
698
|
+
},
|
|
699
|
+
})
|
|
700
|
+
})
|
|
701
|
+
|
|
702
|
+
test("reply - always persists approval and resolves", async () => {
|
|
703
|
+
await using tmp = await tmpdir({ git: true })
|
|
704
|
+
await Instance.provide({
|
|
705
|
+
directory: tmp.path,
|
|
706
|
+
fn: async () => {
|
|
707
|
+
const askPromise = Permission.ask({
|
|
708
|
+
id: PermissionID.make("per_test3"),
|
|
709
|
+
sessionID: SessionID.make("session_test"),
|
|
710
|
+
permission: "bash",
|
|
711
|
+
patterns: ["ls"],
|
|
712
|
+
metadata: {},
|
|
713
|
+
always: ["ls"],
|
|
714
|
+
ruleset: [],
|
|
715
|
+
})
|
|
716
|
+
|
|
717
|
+
await waitForPending(1)
|
|
718
|
+
|
|
719
|
+
await Permission.reply({
|
|
720
|
+
requestID: PermissionID.make("per_test3"),
|
|
721
|
+
reply: "always",
|
|
722
|
+
})
|
|
723
|
+
|
|
724
|
+
await expect(askPromise).resolves.toBeUndefined()
|
|
725
|
+
},
|
|
726
|
+
})
|
|
727
|
+
// Re-provide to reload state with stored permissions
|
|
728
|
+
await Instance.provide({
|
|
729
|
+
directory: tmp.path,
|
|
730
|
+
fn: async () => {
|
|
731
|
+
// Stored approval should allow without asking
|
|
732
|
+
const result = await Permission.ask({
|
|
733
|
+
sessionID: SessionID.make("session_test2"),
|
|
734
|
+
permission: "bash",
|
|
735
|
+
patterns: ["ls"],
|
|
736
|
+
metadata: {},
|
|
737
|
+
always: [],
|
|
738
|
+
ruleset: [],
|
|
739
|
+
})
|
|
740
|
+
expect(result).toBeUndefined()
|
|
741
|
+
},
|
|
742
|
+
})
|
|
743
|
+
})
|
|
744
|
+
|
|
745
|
+
test("reply - reject cancels all pending for same session", async () => {
|
|
746
|
+
await using tmp = await tmpdir({ git: true })
|
|
747
|
+
await Instance.provide({
|
|
748
|
+
directory: tmp.path,
|
|
749
|
+
fn: async () => {
|
|
750
|
+
const askPromise1 = Permission.ask({
|
|
751
|
+
id: PermissionID.make("per_test4a"),
|
|
752
|
+
sessionID: SessionID.make("session_same"),
|
|
753
|
+
permission: "bash",
|
|
754
|
+
patterns: ["ls"],
|
|
755
|
+
metadata: {},
|
|
756
|
+
always: [],
|
|
757
|
+
ruleset: [],
|
|
758
|
+
})
|
|
759
|
+
|
|
760
|
+
const askPromise2 = Permission.ask({
|
|
761
|
+
id: PermissionID.make("per_test4b"),
|
|
762
|
+
sessionID: SessionID.make("session_same"),
|
|
763
|
+
permission: "edit",
|
|
764
|
+
patterns: ["foo.ts"],
|
|
765
|
+
metadata: {},
|
|
766
|
+
always: [],
|
|
767
|
+
ruleset: [],
|
|
768
|
+
})
|
|
769
|
+
|
|
770
|
+
await waitForPending(2)
|
|
771
|
+
|
|
772
|
+
// Catch rejections before they become unhandled
|
|
773
|
+
const result1 = askPromise1.catch((e) => e)
|
|
774
|
+
const result2 = askPromise2.catch((e) => e)
|
|
775
|
+
|
|
776
|
+
// Reject the first one
|
|
777
|
+
await Permission.reply({
|
|
778
|
+
requestID: PermissionID.make("per_test4a"),
|
|
779
|
+
reply: "reject",
|
|
780
|
+
})
|
|
781
|
+
|
|
782
|
+
// Both should be rejected
|
|
783
|
+
expect(await result1).toBeInstanceOf(Permission.RejectedError)
|
|
784
|
+
expect(await result2).toBeInstanceOf(Permission.RejectedError)
|
|
785
|
+
},
|
|
786
|
+
})
|
|
787
|
+
})
|
|
788
|
+
|
|
789
|
+
test("reply - always resolves matching pending requests in same session", async () => {
|
|
790
|
+
await using tmp = await tmpdir({ git: true })
|
|
791
|
+
await Instance.provide({
|
|
792
|
+
directory: tmp.path,
|
|
793
|
+
fn: async () => {
|
|
794
|
+
const a = Permission.ask({
|
|
795
|
+
id: PermissionID.make("per_test5a"),
|
|
796
|
+
sessionID: SessionID.make("session_same"),
|
|
797
|
+
permission: "bash",
|
|
798
|
+
patterns: ["ls"],
|
|
799
|
+
metadata: {},
|
|
800
|
+
always: ["ls"],
|
|
801
|
+
ruleset: [],
|
|
802
|
+
})
|
|
803
|
+
|
|
804
|
+
const b = Permission.ask({
|
|
805
|
+
id: PermissionID.make("per_test5b"),
|
|
806
|
+
sessionID: SessionID.make("session_same"),
|
|
807
|
+
permission: "bash",
|
|
808
|
+
patterns: ["ls"],
|
|
809
|
+
metadata: {},
|
|
810
|
+
always: [],
|
|
811
|
+
ruleset: [],
|
|
812
|
+
})
|
|
813
|
+
|
|
814
|
+
await waitForPending(2)
|
|
815
|
+
|
|
816
|
+
await Permission.reply({
|
|
817
|
+
requestID: PermissionID.make("per_test5a"),
|
|
818
|
+
reply: "always",
|
|
819
|
+
})
|
|
820
|
+
|
|
821
|
+
await expect(a).resolves.toBeUndefined()
|
|
822
|
+
await expect(b).resolves.toBeUndefined()
|
|
823
|
+
expect(await Permission.list()).toHaveLength(0)
|
|
824
|
+
},
|
|
825
|
+
})
|
|
826
|
+
})
|
|
827
|
+
|
|
828
|
+
test("reply - always keeps other session pending", async () => {
|
|
829
|
+
await using tmp = await tmpdir({ git: true })
|
|
830
|
+
await Instance.provide({
|
|
831
|
+
directory: tmp.path,
|
|
832
|
+
fn: async () => {
|
|
833
|
+
const a = Permission.ask({
|
|
834
|
+
id: PermissionID.make("per_test6a"),
|
|
835
|
+
sessionID: SessionID.make("session_a"),
|
|
836
|
+
permission: "bash",
|
|
837
|
+
patterns: ["ls"],
|
|
838
|
+
metadata: {},
|
|
839
|
+
always: ["ls"],
|
|
840
|
+
ruleset: [],
|
|
841
|
+
})
|
|
842
|
+
|
|
843
|
+
const b = Permission.ask({
|
|
844
|
+
id: PermissionID.make("per_test6b"),
|
|
845
|
+
sessionID: SessionID.make("session_b"),
|
|
846
|
+
permission: "bash",
|
|
847
|
+
patterns: ["ls"],
|
|
848
|
+
metadata: {},
|
|
849
|
+
always: [],
|
|
850
|
+
ruleset: [],
|
|
851
|
+
})
|
|
852
|
+
|
|
853
|
+
await waitForPending(2)
|
|
854
|
+
|
|
855
|
+
await Permission.reply({
|
|
856
|
+
requestID: PermissionID.make("per_test6a"),
|
|
857
|
+
reply: "always",
|
|
858
|
+
})
|
|
859
|
+
|
|
860
|
+
await expect(a).resolves.toBeUndefined()
|
|
861
|
+
expect((await Permission.list()).map((x) => x.id)).toEqual([PermissionID.make("per_test6b")])
|
|
862
|
+
|
|
863
|
+
await rejectAll()
|
|
864
|
+
await b.catch(() => {})
|
|
865
|
+
},
|
|
866
|
+
})
|
|
867
|
+
})
|
|
868
|
+
|
|
869
|
+
test("reply - publishes replied event", async () => {
|
|
870
|
+
await using tmp = await tmpdir({ git: true })
|
|
871
|
+
await Instance.provide({
|
|
872
|
+
directory: tmp.path,
|
|
873
|
+
fn: async () => {
|
|
874
|
+
const ask = Permission.ask({
|
|
875
|
+
id: PermissionID.make("per_test7"),
|
|
876
|
+
sessionID: SessionID.make("session_test"),
|
|
877
|
+
permission: "bash",
|
|
878
|
+
patterns: ["ls"],
|
|
879
|
+
metadata: {},
|
|
880
|
+
always: [],
|
|
881
|
+
ruleset: [],
|
|
882
|
+
})
|
|
883
|
+
|
|
884
|
+
await waitForPending(1)
|
|
885
|
+
|
|
886
|
+
let seen:
|
|
887
|
+
| {
|
|
888
|
+
sessionID: SessionID
|
|
889
|
+
requestID: PermissionID
|
|
890
|
+
reply: Permission.Reply
|
|
891
|
+
}
|
|
892
|
+
| undefined
|
|
893
|
+
const unsub = Bus.subscribe(Permission.Event.Replied, (event) => {
|
|
894
|
+
seen = event.properties
|
|
895
|
+
})
|
|
896
|
+
|
|
897
|
+
await Permission.reply({
|
|
898
|
+
requestID: PermissionID.make("per_test7"),
|
|
899
|
+
reply: "once",
|
|
900
|
+
})
|
|
901
|
+
|
|
902
|
+
await expect(ask).resolves.toBeUndefined()
|
|
903
|
+
expect(seen).toEqual({
|
|
904
|
+
sessionID: SessionID.make("session_test"),
|
|
905
|
+
requestID: PermissionID.make("per_test7"),
|
|
906
|
+
reply: "once",
|
|
907
|
+
})
|
|
908
|
+
unsub()
|
|
909
|
+
},
|
|
910
|
+
})
|
|
911
|
+
})
|
|
912
|
+
|
|
913
|
+
test("permission requests stay isolated by directory", async () => {
|
|
914
|
+
await using one = await tmpdir({ git: true })
|
|
915
|
+
await using two = await tmpdir({ git: true })
|
|
916
|
+
|
|
917
|
+
const a = Instance.provide({
|
|
918
|
+
directory: one.path,
|
|
919
|
+
fn: () =>
|
|
920
|
+
Permission.ask({
|
|
921
|
+
id: PermissionID.make("per_dir_a"),
|
|
922
|
+
sessionID: SessionID.make("session_dir_a"),
|
|
923
|
+
permission: "bash",
|
|
924
|
+
patterns: ["ls"],
|
|
925
|
+
metadata: {},
|
|
926
|
+
always: [],
|
|
927
|
+
ruleset: [],
|
|
928
|
+
}),
|
|
929
|
+
})
|
|
930
|
+
|
|
931
|
+
const b = Instance.provide({
|
|
932
|
+
directory: two.path,
|
|
933
|
+
fn: () =>
|
|
934
|
+
Permission.ask({
|
|
935
|
+
id: PermissionID.make("per_dir_b"),
|
|
936
|
+
sessionID: SessionID.make("session_dir_b"),
|
|
937
|
+
permission: "bash",
|
|
938
|
+
patterns: ["pwd"],
|
|
939
|
+
metadata: {},
|
|
940
|
+
always: [],
|
|
941
|
+
ruleset: [],
|
|
942
|
+
}),
|
|
943
|
+
})
|
|
944
|
+
|
|
945
|
+
const onePending = await Instance.provide({
|
|
946
|
+
directory: one.path,
|
|
947
|
+
fn: () => waitForPending(1),
|
|
948
|
+
})
|
|
949
|
+
const twoPending = await Instance.provide({
|
|
950
|
+
directory: two.path,
|
|
951
|
+
fn: () => waitForPending(1),
|
|
952
|
+
})
|
|
953
|
+
|
|
954
|
+
expect(onePending).toHaveLength(1)
|
|
955
|
+
expect(twoPending).toHaveLength(1)
|
|
956
|
+
expect(onePending[0].id).toBe(PermissionID.make("per_dir_a"))
|
|
957
|
+
expect(twoPending[0].id).toBe(PermissionID.make("per_dir_b"))
|
|
958
|
+
|
|
959
|
+
await Instance.provide({
|
|
960
|
+
directory: one.path,
|
|
961
|
+
fn: () => Permission.reply({ requestID: onePending[0].id, reply: "reject" }),
|
|
962
|
+
})
|
|
963
|
+
await Instance.provide({
|
|
964
|
+
directory: two.path,
|
|
965
|
+
fn: () => Permission.reply({ requestID: twoPending[0].id, reply: "reject" }),
|
|
966
|
+
})
|
|
967
|
+
|
|
968
|
+
await a.catch(() => {})
|
|
969
|
+
await b.catch(() => {})
|
|
970
|
+
})
|
|
971
|
+
|
|
972
|
+
test("pending permission rejects on instance dispose", async () => {
|
|
973
|
+
await using tmp = await tmpdir({ git: true })
|
|
974
|
+
|
|
975
|
+
const ask = Instance.provide({
|
|
976
|
+
directory: tmp.path,
|
|
977
|
+
fn: () =>
|
|
978
|
+
Permission.ask({
|
|
979
|
+
id: PermissionID.make("per_dispose"),
|
|
980
|
+
sessionID: SessionID.make("session_dispose"),
|
|
981
|
+
permission: "bash",
|
|
982
|
+
patterns: ["ls"],
|
|
983
|
+
metadata: {},
|
|
984
|
+
always: [],
|
|
985
|
+
ruleset: [],
|
|
986
|
+
}),
|
|
987
|
+
})
|
|
988
|
+
const result = ask.then(
|
|
989
|
+
() => "resolved" as const,
|
|
990
|
+
(err) => err,
|
|
991
|
+
)
|
|
992
|
+
|
|
993
|
+
await Instance.provide({
|
|
994
|
+
directory: tmp.path,
|
|
995
|
+
fn: async () => {
|
|
996
|
+
const pending = await waitForPending(1)
|
|
997
|
+
expect(pending).toHaveLength(1)
|
|
998
|
+
await Instance.dispose()
|
|
999
|
+
},
|
|
1000
|
+
})
|
|
1001
|
+
|
|
1002
|
+
expect(await result).toBeInstanceOf(Permission.RejectedError)
|
|
1003
|
+
})
|
|
1004
|
+
|
|
1005
|
+
test("pending permission rejects on instance reload", async () => {
|
|
1006
|
+
await using tmp = await tmpdir({ git: true })
|
|
1007
|
+
|
|
1008
|
+
const ask = Instance.provide({
|
|
1009
|
+
directory: tmp.path,
|
|
1010
|
+
fn: () =>
|
|
1011
|
+
Permission.ask({
|
|
1012
|
+
id: PermissionID.make("per_reload"),
|
|
1013
|
+
sessionID: SessionID.make("session_reload"),
|
|
1014
|
+
permission: "bash",
|
|
1015
|
+
patterns: ["ls"],
|
|
1016
|
+
metadata: {},
|
|
1017
|
+
always: [],
|
|
1018
|
+
ruleset: [],
|
|
1019
|
+
}),
|
|
1020
|
+
})
|
|
1021
|
+
const result = ask.then(
|
|
1022
|
+
() => "resolved" as const,
|
|
1023
|
+
(err) => err,
|
|
1024
|
+
)
|
|
1025
|
+
|
|
1026
|
+
await Instance.provide({
|
|
1027
|
+
directory: tmp.path,
|
|
1028
|
+
fn: async () => {
|
|
1029
|
+
const pending = await waitForPending(1)
|
|
1030
|
+
expect(pending).toHaveLength(1)
|
|
1031
|
+
await Instance.reload({ directory: tmp.path })
|
|
1032
|
+
},
|
|
1033
|
+
})
|
|
1034
|
+
|
|
1035
|
+
expect(await result).toBeInstanceOf(Permission.RejectedError)
|
|
1036
|
+
})
|
|
1037
|
+
|
|
1038
|
+
test("reply - does nothing for unknown requestID", async () => {
|
|
1039
|
+
await using tmp = await tmpdir({ git: true })
|
|
1040
|
+
await Instance.provide({
|
|
1041
|
+
directory: tmp.path,
|
|
1042
|
+
fn: async () => {
|
|
1043
|
+
await Permission.reply({
|
|
1044
|
+
requestID: PermissionID.make("per_unknown"),
|
|
1045
|
+
reply: "once",
|
|
1046
|
+
})
|
|
1047
|
+
expect(await Permission.list()).toHaveLength(0)
|
|
1048
|
+
},
|
|
1049
|
+
})
|
|
1050
|
+
})
|
|
1051
|
+
|
|
1052
|
+
test("ask - checks all patterns and stops on first deny", async () => {
|
|
1053
|
+
await using tmp = await tmpdir({ git: true })
|
|
1054
|
+
await Instance.provide({
|
|
1055
|
+
directory: tmp.path,
|
|
1056
|
+
fn: async () => {
|
|
1057
|
+
await expect(
|
|
1058
|
+
Permission.ask({
|
|
1059
|
+
sessionID: SessionID.make("session_test"),
|
|
1060
|
+
permission: "bash",
|
|
1061
|
+
patterns: ["echo hello", "rm -rf /"],
|
|
1062
|
+
metadata: {},
|
|
1063
|
+
always: [],
|
|
1064
|
+
ruleset: [
|
|
1065
|
+
{ permission: "bash", pattern: "*", action: "allow" },
|
|
1066
|
+
{ permission: "bash", pattern: "rm *", action: "deny" },
|
|
1067
|
+
],
|
|
1068
|
+
}),
|
|
1069
|
+
).rejects.toBeInstanceOf(Permission.DeniedError)
|
|
1070
|
+
},
|
|
1071
|
+
})
|
|
1072
|
+
})
|
|
1073
|
+
|
|
1074
|
+
test("ask - allows all patterns when all match allow rules", async () => {
|
|
1075
|
+
await using tmp = await tmpdir({ git: true })
|
|
1076
|
+
await Instance.provide({
|
|
1077
|
+
directory: tmp.path,
|
|
1078
|
+
fn: async () => {
|
|
1079
|
+
const result = await Permission.ask({
|
|
1080
|
+
sessionID: SessionID.make("session_test"),
|
|
1081
|
+
permission: "bash",
|
|
1082
|
+
patterns: ["echo hello", "ls -la", "pwd"],
|
|
1083
|
+
metadata: {},
|
|
1084
|
+
always: [],
|
|
1085
|
+
ruleset: [{ permission: "bash", pattern: "*", action: "allow" }],
|
|
1086
|
+
})
|
|
1087
|
+
expect(result).toBeUndefined()
|
|
1088
|
+
},
|
|
1089
|
+
})
|
|
1090
|
+
})
|
|
1091
|
+
|
|
1092
|
+
test("ask - should deny even when an earlier pattern is ask", async () => {
|
|
1093
|
+
await using tmp = await tmpdir({ git: true })
|
|
1094
|
+
await Instance.provide({
|
|
1095
|
+
directory: tmp.path,
|
|
1096
|
+
fn: async () => {
|
|
1097
|
+
const err = await Permission.ask({
|
|
1098
|
+
sessionID: SessionID.make("session_test"),
|
|
1099
|
+
permission: "bash",
|
|
1100
|
+
patterns: ["echo hello", "rm -rf /"],
|
|
1101
|
+
metadata: {},
|
|
1102
|
+
always: [],
|
|
1103
|
+
ruleset: [
|
|
1104
|
+
{ permission: "bash", pattern: "echo *", action: "ask" },
|
|
1105
|
+
{ permission: "bash", pattern: "rm *", action: "deny" },
|
|
1106
|
+
],
|
|
1107
|
+
}).then(
|
|
1108
|
+
() => undefined,
|
|
1109
|
+
(err) => err,
|
|
1110
|
+
)
|
|
1111
|
+
|
|
1112
|
+
expect(err).toBeInstanceOf(Permission.DeniedError)
|
|
1113
|
+
expect(await Permission.list()).toHaveLength(0)
|
|
1114
|
+
},
|
|
1115
|
+
})
|
|
1116
|
+
})
|
|
1117
|
+
|
|
1118
|
+
test("ask - abort should clear pending request", async () => {
|
|
1119
|
+
await using tmp = await tmpdir({ git: true })
|
|
1120
|
+
await Instance.provide({
|
|
1121
|
+
directory: tmp.path,
|
|
1122
|
+
fn: async () => {
|
|
1123
|
+
const ctl = new AbortController()
|
|
1124
|
+
const ask = Permission.runPromise(
|
|
1125
|
+
(svc) =>
|
|
1126
|
+
svc.ask({
|
|
1127
|
+
sessionID: SessionID.make("session_test"),
|
|
1128
|
+
permission: "bash",
|
|
1129
|
+
patterns: ["ls"],
|
|
1130
|
+
metadata: {},
|
|
1131
|
+
always: [],
|
|
1132
|
+
ruleset: [{ permission: "bash", pattern: "*", action: "ask" }],
|
|
1133
|
+
}),
|
|
1134
|
+
{ signal: ctl.signal },
|
|
1135
|
+
)
|
|
1136
|
+
|
|
1137
|
+
await waitForPending(1)
|
|
1138
|
+
ctl.abort()
|
|
1139
|
+
await ask.catch(() => {})
|
|
1140
|
+
|
|
1141
|
+
try {
|
|
1142
|
+
expect(await Permission.list()).toHaveLength(0)
|
|
1143
|
+
} finally {
|
|
1144
|
+
await rejectAll()
|
|
1145
|
+
}
|
|
1146
|
+
},
|
|
1147
|
+
})
|
|
1148
|
+
})
|