@oneworks/cli 0.1.0-alpha.0

package/src/commands/run/permission-recovery.ts

@@ -0,0 +1,194 @@
+import type {
+  AdapterErrorData,
+  AskUserQuestionParams,
+  ChatMessage,
+  PermissionInteractionContext,
+  PermissionInteractionDecision,
+  SessionPermissionMode
+} from '@oneworks/types'
+import { normalizePermissionToolName } from '@oneworks/utils'
+import type { PermissionToolSubject } from '@oneworks/utils'
+
+import type { CliSessionPermissionRecoveryRecord } from '#~/session-permission-cache.js'
+
+const PERMISSION_PROJECT_CONFIG_PATH = '.oo.config.json'
+export const PERMISSION_DECISION_CANCEL = 'cancel'
+export const PERMISSION_RECOVERY_CONTINUE_PROMPT = '权限规则已更新。请继续刚才被权限拦截的工作，并重试被阻止的操作。'
+
+const uniqueStrings = (values: string[]) => [...new Set(values)]
+
+const buildPermissionOption = (
+  label: string,
+  value: PermissionInteractionDecision,
+  description: string
+) => ({ label, value, description })
+
+const resolvePermissionToolSubject = (value: string): PermissionToolSubject | undefined => (
+  normalizePermissionToolName(value)
+)
+
+export interface CliPermissionErrorContext {
+  subjectKeys: string[]
+  deniedTools: string[]
+  reasons: string[]
+}
+
+export const rememberPermissionToolUses = (cache: Map<string, string>, message: ChatMessage) => {
+  if (!Array.isArray(message.content)) return
+
+  for (const item of message.content) {
+    if (
+      item == null ||
+      typeof item !== 'object' ||
+      item.type !== 'tool_use' ||
+      typeof item.id !== 'string' ||
+      item.id.trim() === ''
+    ) {
+      continue
+    }
+
+    const rawName = typeof item.name === 'string' && item.name.trim() !== ''
+      ? item.name.trim()
+      : undefined
+    const normalizedToolName = rawName?.startsWith('adapter:')
+      ? rawName.split(':').at(-1)?.trim() ?? rawName
+      : rawName
+    const subject = normalizePermissionToolName(normalizedToolName ?? rawName)
+    if (subject == null) continue
+
+    cache.set(item.id.trim(), subject.key)
+  }
+
+  while (cache.size > 128) {
+    const firstKey = cache.keys().next().value as string | undefined
+    if (firstKey == null) break
+    cache.delete(firstKey)
+  }
+}
+
+export const extractPermissionErrorContext = (
+  error: AdapterErrorData,
+  input: { toolUseSubjects?: Map<string, string> } = {}
+): CliPermissionErrorContext => {
+  const details = error.details != null && typeof error.details === 'object'
+    ? error.details as Record<string, unknown>
+    : {}
+  const rawDeniedTools = new Set<string>()
+  const reasons = new Set<string>()
+
+  const permissionDenials = Array.isArray(details.permissionDenials) ? details.permissionDenials : []
+  for (const denial of permissionDenials) {
+    if (denial == null || typeof denial !== 'object') continue
+    const record = denial as Record<string, unknown>
+    if (typeof record.message === 'string' && record.message.trim() !== '') reasons.add(record.message.trim())
+    if (Array.isArray(record.deniedTools)) {
+      for (const tool of record.deniedTools) {
+        if (typeof tool === 'string' && tool.trim() !== '') rawDeniedTools.add(tool.trim())
+      }
+    }
+  }
+
+  if (Array.isArray(details.deniedTools)) {
+    for (const tool of details.deniedTools) {
+      if (typeof tool === 'string' && tool.trim() !== '') rawDeniedTools.add(tool.trim())
+    }
+  }
+  if (typeof details.toolName === 'string' && details.toolName.trim() !== '') {
+    rawDeniedTools.add(details.toolName.trim())
+  }
+  if (typeof error.message === 'string' && error.message.trim() !== '') reasons.add(error.message.trim())
+
+  const toolUseId = typeof details.toolUseId === 'string' && details.toolUseId.trim() !== ''
+    ? details.toolUseId.trim()
+    : undefined
+  const cachedSubjectKey = toolUseId == null ? undefined : input.toolUseSubjects?.get(toolUseId)
+  if (cachedSubjectKey != null && cachedSubjectKey.trim() !== '') rawDeniedTools.add(cachedSubjectKey)
+
+  const deniedTools = [...rawDeniedTools]
+  const subjectKeys = uniqueStrings(
+    deniedTools
+      .map(tool => resolvePermissionToolSubject(tool)?.key)
+      .filter((key): key is string => key != null && key.trim() !== '')
+  )
+
+  return {
+    subjectKeys,
+    deniedTools,
+    reasons: [...reasons]
+  }
+}
+
+export const resolvePermissionInteractionDecision = (
+  answer: string | string[]
+): PermissionInteractionDecision | typeof PERMISSION_DECISION_CANCEL | undefined => {
+  const normalizedAnswer = Array.isArray(answer) ? answer[0] : answer
+  if (typeof normalizedAnswer !== 'string') return undefined
+  const raw = normalizedAnswer.trim()
+  if (raw === '') return undefined
+  if (raw === PERMISSION_DECISION_CANCEL) return PERMISSION_DECISION_CANCEL
+
+  return raw === 'allow_once' || raw === 'allow_session' || raw === 'allow_project' ||
+      raw === 'deny_once' || raw === 'deny_session' || raw === 'deny_project'
+    ? raw
+    : undefined
+}
+
+export const buildPermissionRecoveryRecord = (params: {
+  sessionId: string
+  adapter?: string
+  currentMode?: SessionPermissionMode
+  context: CliPermissionErrorContext
+}): CliSessionPermissionRecoveryRecord | undefined => {
+  const subjectKeys = uniqueStrings(
+    params.context.subjectKeys.map((value) => resolvePermissionToolSubject(value)?.key ?? value)
+  )
+    .filter(value => value.trim() !== '')
+  if (subjectKeys.length === 0) return undefined
+
+  const primarySubjectKey = subjectKeys[0] ?? 'UnknownTool'
+  const subjectLabel = subjectKeys.length <= 1 ? primarySubjectKey : `${subjectKeys[0]} 等 ${subjectKeys.length} 项工具`
+  const deniedTools = uniqueStrings([...params.context.deniedTools, ...subjectKeys])
+  const permissionContext: PermissionInteractionContext = {
+    adapter: params.adapter,
+    currentMode: params.currentMode,
+    deniedTools,
+    reasons: uniqueStrings(params.context.reasons),
+    subjectKey: primarySubjectKey,
+    subjectLabel,
+    scope: 'tool',
+    projectConfigPath: PERMISSION_PROJECT_CONFIG_PATH
+  }
+  const payload: AskUserQuestionParams = {
+    sessionId: params.sessionId,
+    kind: 'permission',
+    question: subjectKeys.length <= 1
+      ? `当前任务需要使用 ${subjectLabel} 才能继续，请选择处理方式。`
+      : `当前任务涉及 ${subjectKeys.join('、')} 等工具，请选择处理方式。`,
+    options: [
+      buildPermissionOption('同意本次', 'allow_once', '仅继续这次被拦截的操作。'),
+      buildPermissionOption('同意并在当前会话忽略类似调用', 'allow_session', '本会话内同类工具不再重复询问。'),
+      buildPermissionOption(
+        '同意并在当前项目忽略类似调用',
+        'allow_project',
+        `写入 ${PERMISSION_PROJECT_CONFIG_PATH}，后续新会话仍生效。`
+      ),
+      buildPermissionOption('拒绝本次', 'deny_once', '拒绝当前这次操作。'),
+      buildPermissionOption('拒绝并在当前会话阻止类似调用', 'deny_session', '本会话内同类工具直接拒绝。'),
+      buildPermissionOption(
+        '拒绝并在当前项目阻止类似调用',
+        'deny_project',
+        `写入 ${PERMISSION_PROJECT_CONFIG_PATH}，后续新会话仍生效。`
+      )
+    ],
+    permissionContext
+  }
+
+  return {
+    version: 1,
+    sessionId: params.sessionId,
+    adapter: params.adapter,
+    permissionMode: params.currentMode,
+    subjectKeys,
+    payload
+  }
+}

package/src/commands/run/permission-state.ts

@@ -0,0 +1,177 @@
+import { mkdir, readFile, writeFile } from 'node:fs/promises'
+import { dirname } from 'node:path'
+import process from 'node:process'
+
+import { buildConfigJsonVariables, buildConfigSections, loadConfigState, updateConfigFile } from '@oneworks/config'
+import type { Config, PermissionInteractionDecision } from '@oneworks/types'
+import {
+  createEmptySessionPermissionState,
+  migrateProjectHomeSegment,
+  normalizePermissionToolName,
+  normalizeSessionPermissionState,
+  resolvePermissionMirrorPath
+} from '@oneworks/utils'
+import type { SessionPermissionState } from '@oneworks/utils'
+
+const uniqueStrings = (values: string[]) => [...new Set(values)]
+
+const normalizeKeys = (values: string[]) =>
+  uniqueStrings(
+    values
+      .map((value) => normalizePermissionToolName(value)?.key ?? value.trim())
+      .filter((value): value is string => value.trim() !== '')
+  )
+
+const removeKeys = (values: string[], keys: Set<string>) => (
+  values.filter((value) => {
+    const normalized = normalizePermissionToolName(value)?.key ?? value.trim()
+    return !keys.has(normalized)
+  })
+)
+
+const buildGeneralSectionValue = (config: Config | undefined, permissions: Config['permissions']) => (
+  buildConfigSections({
+    ...(config ?? {}),
+    permissions
+  }).general
+)
+
+const mutateSessionPermissionState = (
+  state: SessionPermissionState,
+  keys: string[],
+  action: PermissionInteractionDecision
+) => {
+  const targetKeys = normalizeKeys(keys)
+  const keySet = new Set(targetKeys)
+  const next = normalizeSessionPermissionState(state)
+
+  if (action === 'allow_once') {
+    next.onceAllow = uniqueStrings([...removeKeys(next.onceAllow, keySet), ...targetKeys])
+    next.onceDeny = removeKeys(next.onceDeny, keySet)
+    return next
+  }
+  if (action === 'allow_session' || action === 'allow_project') {
+    next.allow = uniqueStrings([...removeKeys(next.allow, keySet), ...targetKeys])
+    next.deny = removeKeys(next.deny, keySet)
+    next.onceAllow = removeKeys(next.onceAllow, keySet)
+    next.onceDeny = removeKeys(next.onceDeny, keySet)
+    return next
+  }
+  if (action === 'deny_session' || action === 'deny_project') {
+    next.deny = uniqueStrings([...removeKeys(next.deny, keySet), ...targetKeys])
+    next.allow = removeKeys(next.allow, keySet)
+    next.onceAllow = removeKeys(next.onceAllow, keySet)
+    next.onceDeny = removeKeys(next.onceDeny, keySet)
+    return next
+  }
+  return next
+}
+
+const loadTaskConfigState = async (cwd: string) =>
+  await loadConfigState({
+    cwd,
+    jsonVariables: buildConfigJsonVariables(cwd, process.env)
+  })
+
+const readSessionPermissionState = async (cwd: string, adapter: string | undefined, sessionId: string) => {
+  if (adapter !== 'claude-code' && adapter !== 'opencode') return createEmptySessionPermissionState()
+  await migrateProjectHomeSegment(cwd, process.env, '.mock').catch(() => undefined)
+
+  try {
+    const raw = await readFile(resolvePermissionMirrorPath(cwd, adapter, sessionId), 'utf8')
+    const parsed = JSON.parse(raw) as { permissionState?: SessionPermissionState }
+    return normalizeSessionPermissionState(parsed.permissionState)
+  } catch {
+    return createEmptySessionPermissionState()
+  }
+}
+
+const buildMergedProjectPermissions = async (cwd: string) => {
+  const { effectiveProjectConfig, projectConfig, userConfig } = await loadTaskConfigState(cwd)
+  const config = effectiveProjectConfig ?? projectConfig
+  return {
+    allow: [...(config?.permissions?.allow ?? []), ...(userConfig?.permissions?.allow ?? [])],
+    deny: [...(config?.permissions?.deny ?? []), ...(userConfig?.permissions?.deny ?? [])],
+    ask: [...(config?.permissions?.ask ?? []), ...(userConfig?.permissions?.ask ?? [])]
+  }
+}
+
+const updateProjectPermissionLists = async (cwd: string, keys: string[], target: 'allow' | 'deny') => {
+  const targetKeys = normalizeKeys(keys)
+  const keySet = new Set(targetKeys)
+  const configState = await loadTaskConfigState(cwd)
+  const projectConfig = configState.projectSource?.rawConfig
+  const existingPermissions = projectConfig?.permissions ?? {}
+  const nextPermissions: Config['permissions'] = {
+    ...existingPermissions,
+    allow: removeKeys(existingPermissions.allow ?? [], keySet),
+    deny: removeKeys(existingPermissions.deny ?? [], keySet),
+    ask: removeKeys(existingPermissions.ask ?? [], keySet)
+  }
+  nextPermissions[target] = uniqueStrings([...(nextPermissions[target] ?? []), ...targetKeys])
+
+  await updateConfigFile({
+    workspaceFolder: cwd,
+    source: 'project',
+    section: 'general',
+    value: buildGeneralSectionValue(projectConfig, nextPermissions)
+  })
+}
+
+const syncPermissionStateMirror = async (params: {
+  cwd: string
+  adapter?: string
+  sessionId: string
+  permissionState: SessionPermissionState
+}) => {
+  if (params.adapter !== 'claude-code' && params.adapter !== 'opencode') return
+  await migrateProjectHomeSegment(params.cwd, process.env, '.mock').catch(() => undefined)
+
+  const mirrorPath = resolvePermissionMirrorPath(params.cwd, params.adapter, params.sessionId)
+  const projectPermissions = await buildMergedProjectPermissions(params.cwd)
+  await mkdir(dirname(mirrorPath), { recursive: true })
+  await writeFile(
+    mirrorPath,
+    `${
+      JSON.stringify(
+        {
+          sessionId: params.sessionId,
+          adapter: params.adapter,
+          permissionState: normalizeSessionPermissionState(params.permissionState),
+          projectPermissions,
+          updatedAt: Date.now()
+        },
+        null,
+        2
+      )
+    }\n`,
+    'utf8'
+  )
+}
+
+export const applyCliPermissionDecision = async (params: {
+  cwd: string
+  sessionId: string
+  adapter?: string
+  subjectKeys: string[]
+  action: PermissionInteractionDecision
+}) => {
+  const subjectKeys = normalizeKeys(params.subjectKeys)
+  if (subjectKeys.length === 0) return createEmptySessionPermissionState()
+
+  if (params.action === 'allow_project') await updateProjectPermissionLists(params.cwd, subjectKeys, 'allow')
+  if (params.action === 'deny_project') await updateProjectPermissionLists(params.cwd, subjectKeys, 'deny')
+
+  const nextState = mutateSessionPermissionState(
+    await readSessionPermissionState(params.cwd, params.adapter, params.sessionId),
+    subjectKeys,
+    params.action
+  )
+  await syncPermissionStateMirror({
+    cwd: params.cwd,
+    adapter: params.adapter,
+    sessionId: params.sessionId,
+    permissionState: nextState
+  })
+  return nextState
+}

package/src/commands/run/print-idle-timeout.ts

@@ -0,0 +1,47 @@
+import { InvalidArgumentError } from 'commander'
+
+export const parsePrintIdleTimeoutSeconds = (value: string) => {
+  const seconds = Number(value)
+  if (!Number.isFinite(seconds) || seconds <= 0) {
+    throw new InvalidArgumentError('--print-idle-timeout must be a positive number of seconds.')
+  }
+  return seconds
+}
+
+export const createPrintIdleTimeoutController = (params: {
+  timeoutSeconds: number
+  onTimeout: () => void
+  setTimer?: typeof setTimeout
+  clearTimer?: typeof clearTimeout
+}) => {
+  const timeoutMs = Math.ceil(params.timeoutSeconds * 1000)
+  const setTimer = params.setTimer ?? setTimeout
+  const clearTimer = params.clearTimer ?? clearTimeout
+  let timer: ReturnType<typeof setTimeout> | undefined
+  let stopped = false
+
+  const clear = () => {
+    if (timer == null) return
+    clearTimer(timer)
+    timer = undefined
+  }
+
+  const arm = () => {
+    if (stopped) return
+    clear()
+    timer = setTimer(() => {
+      timer = undefined
+      if (stopped) return
+      params.onTimeout()
+    }, timeoutMs)
+  }
+
+  return {
+    start: arm,
+    recordEvent: arm,
+    stop: () => {
+      stopped = true
+      clear()
+    }
+  }
+}

package/src/commands/run/protocol-envelope.ts

@@ -0,0 +1,111 @@
+import { randomUUID } from 'node:crypto'
+
+import {
+  DEFAULT_SUPPORTED_PROTOCOL_RANGE,
+  RuntimeSessionCommandEnvelopeSchema,
+  assertProtocolCompatible,
+  getCurrentProtocolVersion
+} from '@oneworks/runtime-protocol'
+import type { RuntimeSessionCommandEnvelope, RuntimeSessionResultEnvelope } from '@oneworks/runtime-protocol'
+
+const runtimeSessionCommandTypes = [
+  'session.start',
+  'session.message',
+  'session.resume',
+  'session.stop',
+  'session.submit',
+  'session.status',
+  'session.events'
+] as const satisfies readonly RuntimeSessionCommandEnvelope['type'][]
+
+const isRecord = (value: unknown): value is Record<string, unknown> => (
+  value != null && typeof value === 'object' && !Array.isArray(value)
+)
+
+const defaultProtocolFields = (input: unknown) => {
+  if (input == null || typeof input !== 'object' || Array.isArray(input)) return input
+  const record = input as Record<string, unknown>
+  const payload = isRecord(record.payload) ? record.payload : {}
+  return {
+    protocolVersion: getCurrentProtocolVersion(),
+    supportedProtocolRange: DEFAULT_SUPPORTED_PROTOCOL_RANGE,
+    commandId: `cmdreq_${randomUUID()}`,
+    source: 'cli',
+    ...payload,
+    ...record
+  }
+}
+
+const isRuntimeSessionCommandType = (value: unknown): value is RuntimeSessionCommandEnvelope['type'] =>
+  typeof value === 'string' &&
+  runtimeSessionCommandTypes.includes(value as RuntimeSessionCommandEnvelope['type'])
+
+const readStringField = (input: unknown, field: string) => {
+  if (input == null || typeof input !== 'object' || Array.isArray(input)) return undefined
+  const value = (input as Record<string, unknown>)[field]
+  return typeof value === 'string' && value.trim() !== '' ? value : undefined
+}
+
+export const fallbackProtocolCommand = (input: unknown): RuntimeSessionCommandEnvelope => {
+  const type = readStringField(input, 'type')
+  return {
+    protocolVersion: getCurrentProtocolVersion(),
+    supportedProtocolRange: DEFAULT_SUPPORTED_PROTOCOL_RANGE,
+    commandId: readStringField(input, 'commandId') ?? `cmdreq_${randomUUID()}`,
+    type: isRuntimeSessionCommandType(type) ? type : 'session.status',
+    sessionId: readStringField(input, 'sessionId')
+  }
+}
+
+export const parseRuntimeProtocolCommand = (input: unknown) => {
+  const command = RuntimeSessionCommandEnvelopeSchema.parse(
+    defaultProtocolFields(input)
+  ) as RuntimeSessionCommandEnvelope
+  assertProtocolCompatible(command.protocolVersion, DEFAULT_SUPPORTED_PROTOCOL_RANGE)
+  if (command.supportedProtocolRange != null) {
+    assertProtocolCompatible(getCurrentProtocolVersion(), command.supportedProtocolRange)
+  }
+  return command
+}
+
+const resultType = (type: RuntimeSessionCommandEnvelope['type']) =>
+  `${type}.result` as RuntimeSessionResultEnvelope['type']
+
+export const toSuccessResult = (
+  command: RuntimeSessionCommandEnvelope,
+  result: Record<string, unknown>
+): RuntimeSessionResultEnvelope => ({
+  protocolVersion: getCurrentProtocolVersion(),
+  supportedProtocolRange: DEFAULT_SUPPORTED_PROTOCOL_RANGE,
+  commandId: command.commandId,
+  type: resultType(command.type),
+  ok: true,
+  sessionId: typeof result.sessionId === 'string' ? result.sessionId : command.sessionId,
+  status: typeof result.status === 'string' ? result.status : undefined,
+  storePath: typeof result.storePath === 'string' ? result.storePath : undefined,
+  result
+})
+
+export const toErrorResult = (
+  command: RuntimeSessionCommandEnvelope,
+  error: unknown
+): RuntimeSessionResultEnvelope => ({
+  protocolVersion: getCurrentProtocolVersion(),
+  supportedProtocolRange: DEFAULT_SUPPORTED_PROTOCOL_RANGE,
+  commandId: command.commandId,
+  type: resultType(command.type),
+  ok: false,
+  sessionId: command.sessionId,
+  error: error instanceof Error ? error.message : String(error)
+})
+
+export const requiredString = (
+  command: RuntimeSessionCommandEnvelope,
+  field: keyof RuntimeSessionCommandEnvelope
+) => {
+  const value = command[field]
+  if (typeof value !== 'string' || value.trim() === '') {
+    throw new Error(`${String(field)} is required for ${command.type}.`)
+  }
+  return value.trim()
+}

package/src/commands/run/protocol-stdio.ts

@@ -0,0 +1,71 @@
+import { Buffer } from 'node:buffer'
+import type { Readable, Writable } from 'node:stream'
+
+import type { RuntimeSessionResultEnvelope } from '@oneworks/runtime-protocol'
+
+import { executeRuntimeProtocolCommand } from './protocol'
+import type { ExecuteRuntimeProtocolCommandOptions } from './protocol'
+import type { RunInputFormat, RunOutputFormat } from './types'
+
+export interface RuntimeProtocolStdioOptions extends ExecuteRuntimeProtocolCommandOptions {
+  inputFormat: RunInputFormat
+  outputFormat: RunOutputFormat
+  stdin: Readable
+  stdout: Writable
+}
+
+const readStreamText = async (stream: Readable) => {
+  const chunks: Buffer[] = []
+  for await (const chunk of stream) {
+    chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(String(chunk)))
+  }
+  return Buffer.concat(chunks).toString('utf8')
+}
+
+const parseJsonlCommands = (text: string) =>
+  text
+    .split('\n')
+    .filter(line => line.trim() !== '')
+    .map(line => JSON.parse(line) as unknown)
+
+const parseCommands = (text: string, format: RunInputFormat) => {
+  const trimmed = text.trim()
+  if (trimmed === '') return []
+  if (format === 'stream-json') return parseJsonlCommands(trimmed)
+  if (format !== 'json') {
+    throw new Error(`Runtime protocol input does not support --input-format ${format}.`)
+  }
+
+  try {
+    const parsed = JSON.parse(trimmed) as unknown
+    return Array.isArray(parsed) ? parsed : [parsed]
+  } catch (error) {
+    if (trimmed.includes('\n')) return parseJsonlCommands(trimmed)
+    throw error
+  }
+}
+
+const writeResults = (
+  results: RuntimeSessionResultEnvelope[],
+  outputFormat: RunOutputFormat,
+  stdout: Writable
+) => {
+  if (outputFormat === 'stream-json') {
+    for (const result of results) stdout.write(`${JSON.stringify(result)}\n`)
+    return
+  }
+  if (outputFormat !== 'json') {
+    throw new Error('Runtime protocol mode requires --output-format json or stream-json.')
+  }
+
+  stdout.write(`${JSON.stringify(results.length === 1 ? results[0] : results, null, 2)}\n`)
+}
+
+export const runRuntimeProtocolStdio = async (options: RuntimeProtocolStdioOptions) => {
+  const commands = parseCommands(await readStreamText(options.stdin), options.inputFormat)
+  const results = []
+  for (const command of commands) {
+    results.push(await executeRuntimeProtocolCommand(command, options))
+  }
+  writeResults(results, options.outputFormat, options.stdout)
+}