chainlesschain 0.37.9 → 0.37.11

package/src/lib/permission-engine.js

@@ -0,0 +1,374 @@
+/**
+ * Permission Engine — RBAC (Role-Based Access Control) for CLI.
+ * Manages roles, permissions, grants, and checks.
+ */
+
+import crypto from "crypto";
+
+function generateId() {
+  return crypto.randomUUID();
+}
+
+/**
+ * Built-in roles.
+ */
+export const BUILT_IN_ROLES = {
+  admin: {
+    name: "admin",
+    description: "Full system access",
+    permissions: ["*"],
+  },
+  editor: {
+    name: "editor",
+    description: "Read and write access to content",
+    permissions: [
+      "note:read",
+      "note:write",
+      "note:delete",
+      "search:read",
+      "memory:read",
+      "memory:write",
+      "session:read",
+      "session:write",
+      "export:read",
+      "import:write",
+    ],
+  },
+  viewer: {
+    name: "viewer",
+    description: "Read-only access",
+    permissions: [
+      "note:read",
+      "search:read",
+      "memory:read",
+      "session:read",
+      "export:read",
+    ],
+  },
+  agent: {
+    name: "agent",
+    description: "AI agent access",
+    permissions: [
+      "note:read",
+      "note:write",
+      "search:read",
+      "memory:read",
+      "memory:write",
+      "llm:read",
+      "llm:write",
+      "skill:execute",
+    ],
+  },
+};
+
+/**
+ * All known permission scopes.
+ */
+export const PERMISSION_SCOPES = [
+  "note:read",
+  "note:write",
+  "note:delete",
+  "search:read",
+  "memory:read",
+  "memory:write",
+  "session:read",
+  "session:write",
+  "export:read",
+  "import:write",
+  "llm:read",
+  "llm:write",
+  "skill:execute",
+  "did:read",
+  "did:write",
+  "did:delete",
+  "encrypt:read",
+  "encrypt:write",
+  "auth:read",
+  "auth:write",
+  "auth:admin",
+  "audit:read",
+  "audit:write",
+  "config:read",
+  "config:write",
+  "system:admin",
+];
+
+/**
+ * Ensure permission tables exist.
+ */
+export function ensurePermissionTables(db) {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS rbac_roles (
+      name TEXT PRIMARY KEY,
+      description TEXT,
+      permissions TEXT NOT NULL,
+      is_builtin INTEGER DEFAULT 0,
+      created_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS rbac_grants (
+      id TEXT PRIMARY KEY,
+      user_did TEXT NOT NULL,
+      role_name TEXT NOT NULL,
+      granted_by TEXT,
+      expires_at TEXT,
+      created_at TEXT DEFAULT (datetime('now')),
+      UNIQUE(user_did, role_name)
+    )
+  `);
+
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS rbac_direct_permissions (
+      id TEXT PRIMARY KEY,
+      user_did TEXT NOT NULL,
+      permission TEXT NOT NULL,
+      granted_by TEXT,
+      expires_at TEXT,
+      created_at TEXT DEFAULT (datetime('now')),
+      UNIQUE(user_did, permission)
+    )
+  `);
+
+  // Seed built-in roles
+  const existing = db
+    .prepare("SELECT COUNT(*) as c FROM rbac_roles WHERE is_builtin = 1")
+    .get();
+  if (existing.c === 0) {
+    const stmt = db.prepare(
+      "INSERT OR IGNORE INTO rbac_roles (name, description, permissions, is_builtin) VALUES (?, ?, ?, ?)",
+    );
+    for (const role of Object.values(BUILT_IN_ROLES)) {
+      stmt.run(
+        role.name,
+        role.description,
+        JSON.stringify(role.permissions),
+        1,
+      );
+    }
+  }
+}
+
+/**
+ * Get all roles.
+ */
+export function getRoles(db) {
+  ensurePermissionTables(db);
+  const rows = db
+    .prepare("SELECT * FROM rbac_roles ORDER BY is_builtin DESC, name ASC")
+    .all();
+  return rows.map((r) => ({
+    ...r,
+    permissions: JSON.parse(r.permissions || "[]"),
+    isBuiltin: r.is_builtin === 1,
+  }));
+}
+
+/**
+ * Create a custom role.
+ */
+export function createRole(db, name, description, permissions) {
+  ensurePermissionTables(db);
+
+  if (BUILT_IN_ROLES[name]) {
+    throw new Error(`Cannot override built-in role: ${name}`);
+  }
+
+  const existing = db
+    .prepare("SELECT name FROM rbac_roles WHERE name = ?")
+    .get(name);
+  if (existing) {
+    throw new Error(`Role already exists: ${name}`);
+  }
+
+  db.prepare(
+    "INSERT INTO rbac_roles (name, description, permissions, is_builtin) VALUES (?, ?, ?, ?)",
+  ).run(name, description || "", JSON.stringify(permissions || []), 0);
+
+  return {
+    name,
+    description,
+    permissions: permissions || [],
+    isBuiltin: false,
+  };
+}
+
+/**
+ * Delete a custom role.
+ */
+export function deleteRole(db, name) {
+  ensurePermissionTables(db);
+
+  if (BUILT_IN_ROLES[name]) {
+    throw new Error(`Cannot delete built-in role: ${name}`);
+  }
+
+  const result = db
+    .prepare("DELETE FROM rbac_roles WHERE name = ? AND is_builtin = 0")
+    .run(name);
+  if (result.changes > 0) {
+    // Remove grants referencing this role
+    db.prepare("DELETE FROM rbac_grants WHERE role_name = ?").run(name);
+  }
+  return result.changes > 0;
+}
+
+/**
+ * Grant a role to a user (by DID).
+ */
+export function grantRole(db, userDid, roleName, grantedBy, expiresAt) {
+  ensurePermissionTables(db);
+
+  // Verify role exists
+  const role = db
+    .prepare("SELECT name FROM rbac_roles WHERE name = ?")
+    .get(roleName);
+  if (!role) {
+    throw new Error(`Role not found: ${roleName}`);
+  }
+
+  const id = generateId();
+  db.prepare(
+    "INSERT OR REPLACE INTO rbac_grants (id, user_did, role_name, granted_by, expires_at) VALUES (?, ?, ?, ?, ?)",
+  ).run(id, userDid, roleName, grantedBy || null, expiresAt || null);
+
+  return { id, userDid, roleName, grantedBy, expiresAt };
+}
+
+/**
+ * Revoke a role from a user.
+ */
+export function revokeRole(db, userDid, roleName) {
+  ensurePermissionTables(db);
+  const result = db
+    .prepare("DELETE FROM rbac_grants WHERE user_did = ? AND role_name = ?")
+    .run(userDid, roleName);
+  return result.changes > 0;
+}
+
+/**
+ * Grant a direct permission to a user.
+ */
+export function grantPermission(db, userDid, permission, grantedBy) {
+  ensurePermissionTables(db);
+  const id = generateId();
+  db.prepare(
+    "INSERT OR REPLACE INTO rbac_direct_permissions (id, user_did, permission, granted_by) VALUES (?, ?, ?, ?)",
+  ).run(id, userDid, permission, grantedBy || null);
+  return { id, userDid, permission };
+}
+
+/**
+ * Revoke a direct permission from a user.
+ */
+export function revokePermission(db, userDid, permission) {
+  ensurePermissionTables(db);
+  const result = db
+    .prepare(
+      "DELETE FROM rbac_direct_permissions WHERE user_did = ? AND permission = ?",
+    )
+    .run(userDid, permission);
+  return result.changes > 0;
+}
+
+/**
+ * Get all roles and direct permissions for a user.
+ */
+export function getUserPermissions(db, userDid) {
+  ensurePermissionTables(db);
+
+  // Get active role grants
+  const allGrants = db
+    .prepare("SELECT * FROM rbac_grants WHERE user_did = ?")
+    .all(userDid);
+
+  // Filter out expired grants
+  const now = new Date().toISOString();
+  const grants = allGrants.filter((g) => !g.expires_at || g.expires_at > now);
+
+  // Get direct permissions (not expired)
+  const allDirectPerms = db
+    .prepare("SELECT * FROM rbac_direct_permissions WHERE user_did = ?")
+    .all(userDid);
+  const directPerms = allDirectPerms.filter(
+    (d) => !d.expires_at || d.expires_at > now,
+  );
+
+  // Collect all permissions by looking up each role
+  const allPerms = new Set();
+  const roles = [];
+
+  for (const grant of grants) {
+    roles.push(grant.role_name);
+    const role = db
+      .prepare("SELECT permissions FROM rbac_roles WHERE name = ?")
+      .get(grant.role_name);
+    if (role) {
+      const perms = JSON.parse(role.permissions || "[]");
+      for (const p of perms) allPerms.add(p);
+    }
+  }
+
+  for (const dp of directPerms) {
+    allPerms.add(dp.permission);
+  }
+
+  return {
+    userDid,
+    roles,
+    directPermissions: directPerms.map((d) => d.permission),
+    effectivePermissions: [...allPerms],
+    isAdmin: allPerms.has("*"),
+  };
+}
+
+/**
+ * Check if a user has a specific permission.
+ */
+export function checkPermission(db, userDid, permission) {
+  const userPerms = getUserPermissions(db, userDid);
+
+  // Admin wildcard
+  if (userPerms.isAdmin) return true;
+
+  // Exact match
+  if (userPerms.effectivePermissions.includes(permission)) return true;
+
+  // Wildcard match (e.g., "note:*" matches "note:read")
+  const [scope] = permission.split(":");
+  if (userPerms.effectivePermissions.includes(`${scope}:*`)) return true;
+
+  return false;
+}
+
+/**
+ * Get all grants for a specific role.
+ */
+export function getRoleGrants(db, roleName) {
+  ensurePermissionTables(db);
+  return db
+    .prepare("SELECT * FROM rbac_grants WHERE role_name = ?")
+    .all(roleName);
+}
+
+/**
+ * List all users with their roles.
+ */
+export function listUserRoles(db) {
+  ensurePermissionTables(db);
+  const grants = db
+    .prepare("SELECT * FROM rbac_grants ORDER BY user_did")
+    .all();
+
+  // Group by user_did in JS to avoid GROUP_CONCAT
+  const userMap = new Map();
+  for (const g of grants) {
+    if (!userMap.has(g.user_did)) {
+      userMap.set(g.user_did, []);
+    }
+    userMap.get(g.user_did).push(g.role_name);
+  }
+
+  return [...userMap.entries()].map(([userDid, roles]) => ({ userDid, roles }));
+}

package/src/lib/plan-mode.js

@@ -0,0 +1,333 @@
+/**
+ * Plan Mode for CLI Agent REPL
+ *
+ * During plan mode, the AI can only use read-only tools (read_file, search_files, list_dir, list_skills).
+ * Write/execute tools (write_file, edit_file, run_shell, run_skill) are blocked until the plan is approved.
+ *
+ * Lightweight port of desktop-app-vue/src/main/ai-engine/plan-mode/index.js
+ */
+
+import { EventEmitter } from "events";
+
+/**
+ * Plan item status
+ */
+export const PlanStatus = {
+  PENDING: "pending",
+  APPROVED: "approved",
+  REJECTED: "rejected",
+  EXECUTING: "executing",
+  COMPLETED: "completed",
+  FAILED: "failed",
+};
+
+/**
+ * Plan mode states
+ */
+export const PlanState = {
+  INACTIVE: "inactive",
+  ANALYZING: "analyzing",
+  PLAN_READY: "plan_ready",
+  APPROVED: "approved",
+  EXECUTING: "executing",
+  COMPLETED: "completed",
+  REJECTED: "rejected",
+};
+
+/**
+ * Tool categories for permission control
+ */
+const READ_TOOLS = new Set([
+  "read_file",
+  "search_files",
+  "list_dir",
+  "list_skills",
+]);
+
+const WRITE_TOOLS = new Set([
+  "write_file",
+  "edit_file",
+  "run_shell",
+  "run_skill",
+]);
+
+/**
+ * A single item in an execution plan
+ */
+export class PlanItem {
+  constructor(data = {}) {
+    this.id =
+      data.id || `item-${Date.now()}-${Math.random().toString(36).slice(2, 6)}`;
+    this.order = data.order || 0;
+    this.title = data.title || "";
+    this.description = data.description || "";
+    this.tool = data.tool || null;
+    this.params = data.params || {};
+    this.dependencies = data.dependencies || [];
+    this.estimatedImpact = data.estimatedImpact || "low"; // low, medium, high
+    this.status = data.status || PlanStatus.PENDING;
+    this.result = null;
+    this.error = null;
+  }
+}
+
+/**
+ * An execution plan containing multiple items
+ */
+export class ExecutionPlan {
+  constructor(data = {}) {
+    this.id = data.id || `plan-${Date.now()}`;
+    this.title = data.title || "Untitled Plan";
+    this.description = data.description || "";
+    this.goal = data.goal || "";
+    this.items = (data.items || []).map((i) => new PlanItem(i));
+    this.status = data.status || PlanState.ANALYZING;
+    this.createdAt = new Date().toISOString();
+  }
+
+  addItem(item) {
+    const planItem = item instanceof PlanItem ? item : new PlanItem(item);
+    planItem.order = this.items.length;
+    this.items.push(planItem);
+    return planItem;
+  }
+
+  removeItem(itemId) {
+    this.items = this.items.filter((i) => i.id !== itemId);
+    this.items.forEach((item, idx) => {
+      item.order = idx;
+    });
+  }
+
+  getItem(itemId) {
+    return this.items.find((i) => i.id === itemId);
+  }
+}
+
+/**
+ * Plan Mode Manager
+ *
+ * Controls the plan mode lifecycle in the agent REPL.
+ */
+export class PlanModeManager extends EventEmitter {
+  constructor() {
+    super();
+    this.state = PlanState.INACTIVE;
+    this.currentPlan = null;
+    this.history = [];
+    this.blockedToolLog = [];
+  }
+
+  /**
+   * Check if plan mode is active
+   */
+  isActive() {
+    return this.state !== PlanState.INACTIVE;
+  }
+
+  /**
+   * Enter plan mode
+   */
+  enterPlanMode(options = {}) {
+    if (this.isActive()) {
+      return { error: "Already in plan mode" };
+    }
+
+    this.currentPlan = new ExecutionPlan({
+      title: options.title || "New Plan",
+      goal: options.goal || "",
+    });
+    this.state = PlanState.ANALYZING;
+    this.blockedToolLog = [];
+
+    this.emit("enter", { plan: this.currentPlan, state: this.state });
+    return { plan: this.currentPlan };
+  }
+
+  /**
+   * Exit plan mode
+   */
+  exitPlanMode(options = {}) {
+    if (!this.isActive()) {
+      return { error: "Not in plan mode" };
+    }
+
+    if (options.savePlan && this.currentPlan) {
+      this.history.push(this.currentPlan);
+    }
+
+    const plan = this.currentPlan;
+    this.state = PlanState.INACTIVE;
+    this.currentPlan = null;
+    this.blockedToolLog = [];
+
+    this.emit("exit", { plan, reason: options.reason || "manual" });
+    return { plan };
+  }
+
+  /**
+   * Add a plan item
+   */
+  addPlanItem(itemData) {
+    if (!this.currentPlan) {
+      return { error: "No active plan" };
+    }
+
+    const item = this.currentPlan.addItem(itemData);
+    this.emit("item-added", { planId: this.currentPlan.id, item });
+    return { item };
+  }
+
+  /**
+   * Mark the plan as ready for approval
+   */
+  markPlanReady() {
+    if (this.state !== PlanState.ANALYZING) {
+      return { error: "Plan is not in analyzing state" };
+    }
+
+    this.state = PlanState.PLAN_READY;
+    this.currentPlan.status = PlanState.PLAN_READY;
+    this.emit("plan-ready", { plan: this.currentPlan });
+    return { plan: this.currentPlan };
+  }
+
+  /**
+   * Approve the plan (or specific items)
+   */
+  approvePlan(options = {}) {
+    if (
+      this.state !== PlanState.PLAN_READY &&
+      this.state !== PlanState.ANALYZING
+    ) {
+      return { error: "Plan is not ready for approval" };
+    }
+
+    const approvedItems = options.itemIds
+      ? this.currentPlan.items.filter((i) => options.itemIds.includes(i.id))
+      : this.currentPlan.items;
+
+    for (const item of approvedItems) {
+      item.status = PlanStatus.APPROVED;
+    }
+
+    this.state = PlanState.APPROVED;
+    this.currentPlan.status = PlanState.APPROVED;
+    this.emit("plan-approved", {
+      plan: this.currentPlan,
+      approvedCount: approvedItems.length,
+    });
+    return { plan: this.currentPlan, approvedCount: approvedItems.length };
+  }
+
+  /**
+   * Reject the plan
+   */
+  rejectPlan(reason = "") {
+    if (!this.isActive()) {
+      return { error: "No active plan" };
+    }
+
+    for (const item of this.currentPlan.items) {
+      item.status = PlanStatus.REJECTED;
+    }
+
+    this.state = PlanState.REJECTED;
+    return this.exitPlanMode({ savePlan: true, reason: reason || "rejected" });
+  }
+
+  /**
+   * Check if a tool is allowed in current state
+   */
+  isToolAllowed(toolName) {
+    if (!this.isActive()) return true;
+    if (
+      this.state === PlanState.APPROVED ||
+      this.state === PlanState.EXECUTING
+    ) {
+      return true;
+    }
+
+    // In analyzing/plan_ready state, only read tools are allowed
+    if (READ_TOOLS.has(toolName)) return true;
+
+    // Block write tools and log
+    if (WRITE_TOOLS.has(toolName)) {
+      this.blockedToolLog.push({
+        tool: toolName,
+        timestamp: new Date().toISOString(),
+      });
+      this.emit("tool-blocked", { toolName });
+      return false;
+    }
+
+    // Unknown tools are blocked by default in plan mode
+    return false;
+  }
+
+  /**
+   * Generate a text summary of the current plan
+   */
+  generatePlanSummary() {
+    if (!this.currentPlan) return "No active plan.";
+
+    const plan = this.currentPlan;
+    const lines = [
+      `## Plan: ${plan.title}`,
+      plan.goal ? `**Goal**: ${plan.goal}` : "",
+      `**Status**: ${this.state}`,
+      `**Items**: ${plan.items.length}`,
+      "",
+    ];
+
+    for (const item of plan.items) {
+      const icon =
+        item.status === PlanStatus.COMPLETED
+          ? "✅"
+          : item.status === PlanStatus.FAILED
+            ? "❌"
+            : item.status === PlanStatus.APPROVED
+              ? "✓"
+              : "○";
+      lines.push(
+        `${icon} ${item.order + 1}. ${item.title} [${item.estimatedImpact}]`,
+      );
+      if (item.description) {
+        lines.push(`   ${item.description}`);
+      }
+    }
+
+    if (this.blockedToolLog.length > 0) {
+      lines.push("");
+      lines.push(
+        `**Blocked tools**: ${this.blockedToolLog.map((b) => b.tool).join(", ")}`,
+      );
+    }
+
+    return lines.filter(Boolean).join("\n");
+  }
+
+  /**
+   * Get plans history
+   */
+  getHistory() {
+    return this.history;
+  }
+}
+
+// Singleton
+let _instance = null;
+
+export function getPlanModeManager() {
+  if (!_instance) {
+    _instance = new PlanModeManager();
+  }
+  return _instance;
+}
+
+export function destroyPlanModeManager() {
+  if (_instance) {
+    _instance.removeAllListeners();
+    _instance = null;
+  }
+}