npm - wispy-cli - Versions diffs - 0.9.0 → 1.1.0 - Mend

wispy-cli 0.9.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/core/permissions.mjs ADDED Viewed

@@ -0,0 +1,248 @@
+/**
+ * core/permissions.mjs — Permission & Approval System for Wispy
+ *
+ * Policy levels:
+ *   "auto"    — execute silently
+ *   "notify"  — execute but log to audit trail
+ *   "approve" — pause and ask user before executing
+ */
+import path from "node:path";
+import { readFile, writeFile, mkdir } from "node:fs/promises";
+import { createInterface } from "node:readline";
+import { WISPY_DIR } from "./config.mjs";
+// ── Default policies ──────────────────────────────────────────────────────────
+export const DEFAULT_POLICIES = {
+  // Auto: safe read-only or low-impact
+  read_file: "auto",
+  list_directory: "auto",
+  web_search: "auto",
+  web_fetch: "auto",
+  memory_search: "auto",
+  memory_list: "auto",
+  memory_get: "auto",
+  kill_subagent: "auto",
+  list_agents: "auto",
+  list_subagents: "auto",
+  get_agent_result: "auto",
+  get_subagent_result: "auto",
+  // Notify: medium-risk writes
+  write_file: "notify",
+  file_edit: "notify",
+  memory_save: "notify",
+  memory_append: "notify",
+  memory_delete: "notify",
+  clipboard: "notify",
+  spawn_subagent: "notify",
+  spawn_agent: "notify",
+  spawn_async_agent: "notify",
+  // Approve: high-risk operations
+  run_command: "approve",
+  git: "approve",
+  keychain: "approve",
+  delete_file: "approve",
+  pipeline: "notify",
+};
+// ── Scope definitions ─────────────────────────────────────────────────────────
+export const BUILT_IN_SCOPES = {
+  "files:read":        ["read_file", "list_directory"],
+  "files:write":       ["write_file", "file_edit", "delete_file"],
+  "web":               ["web_search", "web_fetch"],
+  "memory:read":       ["memory_search", "memory_list", "memory_get"],
+  "memory:write":      ["memory_save", "memory_append", "memory_delete"],
+  "commands:execute":  ["run_command"],
+  "agents":            ["spawn_subagent", "spawn_agent", "spawn_async_agent", "list_subagents", "list_agents"],
+  "system":            ["git", "keychain", "clipboard"],
+};
+const PERMISSIONS_FILE = path.join(WISPY_DIR, "permissions.json");
+export class PermissionManager {
+  constructor(config = {}) {
+    this.config = config;
+    this._policies = { ...DEFAULT_POLICIES };
+    this._scopes = new Set();
+    this._loaded = false;
+    // For REPL approval prompts — set by REPL
+    this._approvalHandler = null;
+  }
+  /**
+   * Load persisted policy overrides from disk.
+   */
+  async load() {
+    if (this._loaded) return;
+    try {
+      const raw = await readFile(PERMISSIONS_FILE, "utf8");
+      const data = JSON.parse(raw);
+      if (data.policies) Object.assign(this._policies, data.policies);
+      if (data.scopes) this._scopes = new Set(data.scopes);
+    } catch {
+      // First run — no file yet
+    }
+    this._loaded = true;
+  }
+  /**
+   * Persist current policy overrides to disk.
+   */
+  async save() {
+    await mkdir(WISPY_DIR, { recursive: true });
+    const overrides = {};
+    for (const [k, v] of Object.entries(this._policies)) {
+      if (DEFAULT_POLICIES[k] !== v) overrides[k] = v;
+    }
+    await writeFile(PERMISSIONS_FILE, JSON.stringify({
+      policies: overrides,
+      scopes: [...this._scopes],
+    }, null, 2) + "\n", "utf8");
+  }
+  // ── Policy accessors ────────────────────────────────────────────────────────
+  getPolicy(toolName) {
+    return this._policies[toolName] ?? "auto";
+  }
+  setPolicy(toolName, level) {
+    if (!["auto", "notify", "approve"].includes(level)) {
+      throw new Error(`Invalid policy level: ${level}. Must be auto, notify, or approve.`);
+    }
+    this._policies[toolName] = level;
+  }
+  listPolicies() {
+    return { ...this._policies };
+  }
+  // ── Scope management ────────────────────────────────────────────────────────
+  addScope(scope) {
+    this._scopes.add(scope);
+    // Apply the scope's tools
+    if (BUILT_IN_SCOPES[scope]) {
+      for (const tool of BUILT_IN_SCOPES[scope]) {
+        this._policies[tool] = "auto";
+      }
+    }
+  }
+  removeScope(scope) {
+    this._scopes.delete(scope);
+  }
+  listScopes() {
+    return [...this._scopes];
+  }
+  // ── Check ───────────────────────────────────────────────────────────────────
+  /**
+   * Check if a tool call is allowed.
+   * @returns {{ allowed: boolean, level: string, needsApproval?: boolean, reason?: string }}
+   */
+  async check(toolName, args, context = {}) {
+    await this.load();
+    const level = this.getPolicy(toolName);
+    if (level === "auto") {
+      return { allowed: true, level: "auto" };
+    }
+    if (level === "notify") {
+      // Allowed, but should be logged
+      return { allowed: true, level: "notify" };
+    }
+    if (level === "approve") {
+      // Need explicit approval
+      const approved = await this.requestApproval({
+        toolName,
+        args,
+        context,
+        label: this._formatAction(toolName, args),
+      });
+      return {
+        allowed: approved,
+        level: "approve",
+        needsApproval: true,
+        approved,
+        reason: approved ? "User approved" : "User denied",
+      };
+    }
+    return { allowed: true, level };
+  }
+  /**
+   * Request user approval for an action.
+   * @param {{ toolName, args, label, context }} action
+   * @returns {boolean} approved
+   */
+  async requestApproval(action) {
+    if (this._approvalHandler) {
+      return this._approvalHandler(action);
+    }
+    // Default: CLI readline prompt
+    return new Promise((resolve) => {
+      const rl = createInterface({ input: process.stdin, output: process.stdout });
+      const prompt = `\n⚠️  ${action.label ?? `${action.toolName}()`} — Allow? [y/N] `;
+      rl.question(prompt, (answer) => {
+        rl.close();
+        resolve(answer.trim().toLowerCase() === "y" || answer.trim().toLowerCase() === "yes");
+      });
+    });
+  }
+  /**
+   * Set a custom approval handler (for channels, testing, etc.)
+   * @param {Function} fn — async (action) => boolean
+   */
+  setApprovalHandler(fn) {
+    this._approvalHandler = fn;
+  }
+  // ── Helpers ─────────────────────────────────────────────────────────────────
+  _formatAction(toolName, args) {
+    let argsStr = "";
+    try {
+      argsStr = JSON.stringify(args);
+      if (argsStr.length > 80) argsStr = argsStr.slice(0, 77) + "...";
+    } catch {}
+    return `${toolName}(${argsStr})`;
+  }
+  /**
+   * Format policy table for display.
+   */
+  formatTable() {
+    const lines = [];
+    const all = { ...DEFAULT_POLICIES, ...this._policies };
+    const grouped = { approve: [], notify: [], auto: [] };
+    for (const [tool, level] of Object.entries(all)) {
+      grouped[level]?.push(tool);
+    }
+    lines.push("Permission Policies:\n");
+    const icons = { approve: "🔐", notify: "📋", auto: "✅" };
+    for (const level of ["approve", "notify", "auto"]) {
+      if (grouped[level].length > 0) {
+        lines.push(`  ${icons[level]} ${level.toUpperCase()}:`);
+        lines.push(`     ${grouped[level].join(", ")}`);
+        lines.push("");
+      }
+    }
+    return lines.join("\n");
+  }
+}