@trops/dash-core 0.1.499 → 0.1.501

package/dist/index.js

@@ -49187,6 +49187,27 @@ var EnforcementToggles = function EnforcementToggles() {
     _useState10 = _slicedToArray(_useState1, 2),
     pendingDisable = _useState10[0],
     setPendingDisable = _useState10[1];
+
+  // lastTestResult: feedback for the "Test prompt" button. Tells the
+  // user whether their JIT response was actually persisted, so they
+  // don't have to interpret the post-grant "server not connected"
+  // error as failure.
+  var _useState11 = React.useState(null),
+    _useState12 = _slicedToArray(_useState11, 2),
+    lastTestResult = _useState12[0],
+    setLastTestResult = _useState12[1];
+
+  // Auto-clear the test result after 30 seconds so it doesn't linger
+  // forever after a successful test.
+  React.useEffect(function () {
+    if (!lastTestResult) return;
+    var timer = setTimeout(function () {
+      return setLastTestResult(null);
+    }, 30000);
+    return function () {
+      return clearTimeout(timer);
+    };
+  }, [lastTestResult]);
   var writeSecurity = function writeSecurity(updates) {
     if (!(appContext !== null && appContext !== void 0 && appContext.changeSettings)) return;
     var next = _objectSpread$g(_objectSpread$g({}, settings), {}, {
@@ -49229,6 +49250,87 @@ var EnforcementToggles = function EnforcementToggles() {
     }
     setPendingDisable(null);
   };
+
+  // One-click JIT trigger for testing. Calls the gate via a fake widget
+  // identity that has no grant — the gate denies, JIT escalates, the
+  // modal pops. We classify the outcome so the user knows whether their
+  // JIT response was actually persisted (vs whether the test ran at all).
+  //
+  // Outcome classification:
+  //   message includes "Server not connected" → granted
+  //     (gate passed, post-gate server lookup expectedly failed because
+  //     "test-server" doesn't exist — the goal is the consent flow, not
+  //     the server response)
+  //   message includes "user declined" → denied
+  //   message includes "JIT consent timed out" → timeout
+  //   anything else → unknown error
+  var triggerTestJitPrompt = /*#__PURE__*/function () {
+    var _ref6 = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee5() {
+      var _window$mainApi3, _window$mainApi3$call, result, msg, _t5;
+      return _regeneratorRuntime.wrap(function (_context5) {
+        while (1) switch (_context5.prev = _context5.next) {
+          case 0:
+            setLastTestResult({
+              status: "pending",
+              message: "Waiting for response…"
+            });
+            _context5.prev = 1;
+            _context5.next = 2;
+            return (_window$mainApi3 = window.mainApi) === null || _window$mainApi3 === void 0 || (_window$mainApi3 = _window$mainApi3.mcp) === null || _window$mainApi3 === void 0 || (_window$mainApi3$call = _window$mainApi3.callTool) === null || _window$mainApi3$call === void 0 ? void 0 : _window$mainApi3$call.call(_window$mainApi3, "test-server", "test_tool", {
+              path: "/tmp/jit-probe.txt"
+            }, null, "@test/jit-probe");
+          case 2:
+            result = _context5.sent;
+            // callTool resolves to { error, message } on the main side; classify.
+            msg = (result === null || result === void 0 ? void 0 : result.message) || JSON.stringify(result || {});
+            if (/server not connected/i.test(msg)) {
+              setLastTestResult({
+                status: "granted",
+                message: "Granted — your response was saved as a 'live' grant for @test/jit-probe."
+              });
+            } else if (/user declined/i.test(msg)) {
+              setLastTestResult({
+                status: "denied",
+                message: "Denied — no grant written."
+              });
+            } else if (/timed out/i.test(msg)) {
+              setLastTestResult({
+                status: "timeout",
+                message: "Timed out — no response within 60s."
+              });
+            } else {
+              setLastTestResult({
+                status: "unknown",
+                message: "Unexpected: " + msg
+              });
+            }
+            _context5.next = 4;
+            break;
+          case 3:
+            _context5.prev = 3;
+            _t5 = _context5["catch"](1);
+            setLastTestResult({
+              status: "error",
+              message: "Test threw: " + ((_t5 === null || _t5 === void 0 ? void 0 : _t5.message) || String(_t5))
+            });
+          case 4:
+          case "end":
+            return _context5.stop();
+        }
+      }, _callee5, null, [[1, 3]]);
+    }));
+    return function triggerTestJitPrompt() {
+      return _ref6.apply(this, arguments);
+    };
+  }();
+  var TEST_RESULT_STYLE = {
+    pending: "text-gray-400",
+    granted: "text-green-400",
+    denied: "text-amber-400",
+    timeout: "text-amber-400",
+    unknown: "text-red-400",
+    error: "text-red-400"
+  };
   return /*#__PURE__*/jsxRuntime.jsxs("div", {
     className: "flex flex-col space-y-4 border border-gray-700 rounded p-4",
     children: [/*#__PURE__*/jsxRuntime.jsxs("div", {
@@ -49268,6 +49370,31 @@ var EnforcementToggles = function EnforcementToggles() {
         return setPendingDisable(null);
       },
       onConfirm: confirmDisable
+    }), enforceEnabled && jitEnabled && /*#__PURE__*/jsxRuntime.jsxs("div", {
+      className: "flex flex-col gap-2 border-t border-gray-800 pt-4",
+      children: [/*#__PURE__*/jsxRuntime.jsxs("div", {
+        className: "flex flex-row items-center justify-between gap-4",
+        children: [/*#__PURE__*/jsxRuntime.jsxs("div", {
+          className: "flex flex-col",
+          children: [/*#__PURE__*/jsxRuntime.jsx("span", {
+            className: "text-sm font-medium text-gray-200",
+            children: "Test JIT consent prompt"
+          }), /*#__PURE__*/jsxRuntime.jsxs("span", {
+            className: "text-xs text-gray-400 mt-1",
+            children: ["Fires a fake tool call from ", /*#__PURE__*/jsxRuntime.jsx("code", {
+              children: "@test/jit-probe"
+            }), " to", " ", /*#__PURE__*/jsxRuntime.jsx("code", {
+              children: "test-server"
+            }), ". The gate runs first (no real server needed), so you'll see the JIT modal exactly as it appears in production. The post-gate server lookup expectedly fails \u2014 that's fine; the goal here is to exercise the consent flow."]
+          })]
+        }), /*#__PURE__*/jsxRuntime.jsx(DashReact.Button, {
+          title: "Test prompt",
+          onClick: triggerTestJitPrompt
+        })]
+      }), lastTestResult && /*#__PURE__*/jsxRuntime.jsxs("div", {
+        className: "text-xs font-medium ".concat(TEST_RESULT_STYLE[lastTestResult.status] || "text-gray-400"),
+        children: ["Last test (", lastTestResult.status, "): ", lastTestResult.message]
+      })]
     })]
   });
 };
@@ -49294,10 +49421,10 @@ var DISABLE_COPY = {
  * nesting entirely; the user keeps context and the warning is
  * impossible to miss right where the toggle lives.
  */
-var ConfirmDisableInline = function ConfirmDisableInline(_ref6) {
-  var pending = _ref6.pending,
-    onCancel = _ref6.onCancel,
-    onConfirm = _ref6.onConfirm;
+var ConfirmDisableInline = function ConfirmDisableInline(_ref7) {
+  var pending = _ref7.pending,
+    onCancel = _ref7.onCancel,
+    onConfirm = _ref7.onConfirm;
   if (!pending) return null;
   var copy = DISABLE_COPY[pending.flag];
   if (!copy) return null;
@@ -49327,15 +49454,15 @@ var ConfirmDisableInline = function ConfirmDisableInline(_ref6) {
     })]
   });
 };
-var WidgetGrantRow = function WidgetGrantRow(_ref7) {
-  var widgetId = _ref7.widgetId,
-    declared = _ref7.declared,
-    granted = _ref7.granted,
-    hasManifest = _ref7.hasManifest,
-    grantOrigin = _ref7.grantOrigin,
-    onRevokeWidget = _ref7.onRevokeWidget,
-    onRevokeServer = _ref7.onRevokeServer,
-    onGrantManually = _ref7.onGrantManually;
+var WidgetGrantRow = function WidgetGrantRow(_ref8) {
+  var widgetId = _ref8.widgetId,
+    declared = _ref8.declared,
+    granted = _ref8.granted,
+    hasManifest = _ref8.hasManifest,
+    grantOrigin = _ref8.grantOrigin,
+    onRevokeWidget = _ref8.onRevokeWidget,
+    onRevokeServer = _ref8.onRevokeServer,
+    onGrantManually = _ref8.onGrantManually;
   var declaredServers = declared && declared.servers || {};
   var grantedServers = granted && granted.servers || {};
   var allServerNames = Array.from(new Set([].concat(_toConsumableArray(Object.keys(declaredServers)), _toConsumableArray(Object.keys(grantedServers)))));
@@ -49407,10 +49534,10 @@ var WidgetGrantRow = function WidgetGrantRow(_ref7) {
     })]
   });
 };
-var PermsList = function PermsList(_ref8) {
-  var label = _ref8.label,
-    declaredItems = _ref8.declaredItems,
-    grantedItems = _ref8.grantedItems;
+var PermsList = function PermsList(_ref9) {
+  var label = _ref9.label,
+    declaredItems = _ref9.declaredItems,
+    grantedItems = _ref9.grantedItems;
   if (declaredItems.length === 0 && grantedItems.length === 0) return null;
   var grantedSet = new Set(grantedItems);
   var declaredSet = new Set(declaredItems);
@@ -49466,8 +49593,8 @@ function isServerEntirelyStale(decl, grant) {
  * the user audit grants that were approved against a scanner guess
  * rather than the developer's explicit declaration.
  */
-var GrantOriginBadge = function GrantOriginBadge(_ref9) {
-  var origin = _ref9.origin;
+var GrantOriginBadge = function GrantOriginBadge(_ref0) {
+  var origin = _ref0.origin;
   var styles = {
     declared: {
       label: "declared",
@@ -49620,10 +49747,10 @@ var noop = function noop() {};
  * users who don't want the wall of text collapse manually.
  */
 var HowThisWorksPanel = function HowThisWorksPanel() {
-  var _useState11 = React.useState(true),
-    _useState12 = _slicedToArray(_useState11, 2),
-    open = _useState12[0],
-    setOpen = _useState12[1];
+  var _useState13 = React.useState(true),
+    _useState14 = _slicedToArray(_useState13, 2),
+    open = _useState14[0],
+    setOpen = _useState14[1];
   return /*#__PURE__*/jsxRuntime.jsxs("div", {
     className: "border border-gray-700 rounded",
     children: [/*#__PURE__*/jsxRuntime.jsxs("button", {