π File detail
utils/permissions/permissionRuleParser.ts
𧩠.tsπ 199 linesπΎ 7,274 bytesπ text
β Back to All Filesπ― Use case
This file lives under βutils/β, which covers cross-cutting helpers (shell, tempfiles, settings, messages, process input, β¦). On the API surface it exposes normalizeLegacyToolName, getLegacyToolNames, escapeRuleContent, unescapeRuleContent, and permissionRuleValueFromString (and more) β mainly functions, hooks, or classes. Dependencies touch bun:bundle. It composes internal code from tools and PermissionRule (relative imports). What the file header says: Dead code elimination: ant-only tool names are conditionally required so their strings don't leak into external builds. Static imports always bundle.
Generated from folder role, exports, dependency roots, and inline comments β not hand-reviewed for every path.
π§ Inline summary
Dead code elimination: ant-only tool names are conditionally required so their strings don't leak into external builds. Static imports always bundle.
π€ Exports (heuristic)
normalizeLegacyToolNamegetLegacyToolNamesescapeRuleContentunescapeRuleContentpermissionRuleValueFromStringpermissionRuleValueToString
π External import roots
Package roots from from "β¦" (relative paths omitted).
bun:bundle
π₯οΈ Source preview
import { feature } from 'bun:bundle'
import { AGENT_TOOL_NAME } from '../../tools/AgentTool/constants.js'
import { TASK_OUTPUT_TOOL_NAME } from '../../tools/TaskOutputTool/constants.js'
import { TASK_STOP_TOOL_NAME } from '../../tools/TaskStopTool/prompt.js'
import type { PermissionRuleValue } from './PermissionRule.js'
// Dead code elimination: ant-only tool names are conditionally required so
// their strings don't leak into external builds. Static imports always bundle.
/* eslint-disable @typescript-eslint/no-require-imports */
const BRIEF_TOOL_NAME: string | null =
feature('KAIROS') || feature('KAIROS_BRIEF')
? (
require('../../tools/BriefTool/prompt.js') as typeof import('../../tools/BriefTool/prompt.js')
).BRIEF_TOOL_NAME
: null
/* eslint-enable @typescript-eslint/no-require-imports */
// Maps legacy tool names to their current canonical names.
// When a tool is renamed, add old β new here so permission rules,
// hooks, and persisted wire names resolve to the canonical name.
const LEGACY_TOOL_NAME_ALIASES: Record<string, string> = {
Task: AGENT_TOOL_NAME,
KillShell: TASK_STOP_TOOL_NAME,
AgentOutputTool: TASK_OUTPUT_TOOL_NAME,
BashOutputTool: TASK_OUTPUT_TOOL_NAME,
...((feature('KAIROS') || feature('KAIROS_BRIEF')) && BRIEF_TOOL_NAME
? { Brief: BRIEF_TOOL_NAME }
: {}),
}
export function normalizeLegacyToolName(name: string): string {
return LEGACY_TOOL_NAME_ALIASES[name] ?? name
}
export function getLegacyToolNames(canonicalName: string): string[] {
const result: string[] = []
for (const [legacy, canonical] of Object.entries(LEGACY_TOOL_NAME_ALIASES)) {
if (canonical === canonicalName) result.push(legacy)
}
return result
}
/**
* Escapes special characters in rule content for safe storage in permission rules.
* Permission rules use the format "Tool(content)", so parentheses in content must be escaped.
*
* Escaping order matters:
* 1. Escape existing backslashes first (\ -> \\)
* 2. Then escape parentheses (( -> \(, ) -> \))
*
* @example
* escapeRuleContent('psycopg2.connect()') // => 'psycopg2.connect\\(\\)'
* escapeRuleContent('echo "test\\nvalue"') // => 'echo "test\\\\nvalue"'
*/
export function escapeRuleContent(content: string): string {
return content
.replace(/\\/g, '\\\\') // Escape backslashes first
.replace(/\(/g, '\\(') // Escape opening parentheses
.replace(/\)/g, '\\)') // Escape closing parentheses
}
/**
* Unescapes special characters in rule content after parsing from permission rules.
* This reverses the escaping done by escapeRuleContent.
*
* Unescaping order matters (reverse of escaping):
* 1. Unescape parentheses first (\( -> (, \) -> ))
* 2. Then unescape backslashes (\\ -> \)
*
* @example
* unescapeRuleContent('psycopg2.connect\\(\\)') // => 'psycopg2.connect()'
* unescapeRuleContent('echo "test\\\\nvalue"') // => 'echo "test\\nvalue"'
*/
export function unescapeRuleContent(content: string): string {
return content
.replace(/\\\(/g, '(') // Unescape opening parentheses
.replace(/\\\)/g, ')') // Unescape closing parentheses
.replace(/\\\\/g, '\\') // Unescape backslashes last
}
/**
* Parses a permission rule string into its components.
* Handles escaped parentheses in the content portion.
*
* Format: "ToolName" or "ToolName(content)"
* Content may contain escaped parentheses: \( and \)
*
* @example
* permissionRuleValueFromString('Bash') // => { toolName: 'Bash' }
* permissionRuleValueFromString('Bash(npm install)') // => { toolName: 'Bash', ruleContent: 'npm install' }
* permissionRuleValueFromString('Bash(python -c "print\\(1\\)")') // => { toolName: 'Bash', ruleContent: 'python -c "print(1)"' }
*/
export function permissionRuleValueFromString(
ruleString: string,
): PermissionRuleValue {
// Find the first unescaped opening parenthesis
const openParenIndex = findFirstUnescapedChar(ruleString, '(')
if (openParenIndex === -1) {
// No parenthesis found - this is just a tool name
return { toolName: normalizeLegacyToolName(ruleString) }
}
// Find the last unescaped closing parenthesis
const closeParenIndex = findLastUnescapedChar(ruleString, ')')
if (closeParenIndex === -1 || closeParenIndex <= openParenIndex) {
// No matching closing paren or malformed - treat as tool name
return { toolName: normalizeLegacyToolName(ruleString) }
}
// Ensure the closing paren is at the end
if (closeParenIndex !== ruleString.length - 1) {
// Content after closing paren - treat as tool name
return { toolName: normalizeLegacyToolName(ruleString) }
}
const toolName = ruleString.substring(0, openParenIndex)
const rawContent = ruleString.substring(openParenIndex + 1, closeParenIndex)
// Missing toolName (e.g., "(foo)") is malformed - treat whole string as tool name
if (!toolName) {
return { toolName: normalizeLegacyToolName(ruleString) }
}
// Empty content (e.g., "Bash()") or standalone wildcard (e.g., "Bash(*)")
// should be treated as just the tool name (tool-wide rule)
if (rawContent === '' || rawContent === '*') {
return { toolName: normalizeLegacyToolName(toolName) }
}
// Unescape the content
const ruleContent = unescapeRuleContent(rawContent)
return { toolName: normalizeLegacyToolName(toolName), ruleContent }
}
/**
* Converts a permission rule value to its string representation.
* Escapes parentheses in the content to prevent parsing issues.
*
* @example
* permissionRuleValueToString({ toolName: 'Bash' }) // => 'Bash'
* permissionRuleValueToString({ toolName: 'Bash', ruleContent: 'npm install' }) // => 'Bash(npm install)'
* permissionRuleValueToString({ toolName: 'Bash', ruleContent: 'python -c "print(1)"' }) // => 'Bash(python -c "print\\(1\\)")'
*/
export function permissionRuleValueToString(
ruleValue: PermissionRuleValue,
): string {
if (!ruleValue.ruleContent) {
return ruleValue.toolName
}
const escapedContent = escapeRuleContent(ruleValue.ruleContent)
return `${ruleValue.toolName}(${escapedContent})`
}
/**
* Find the index of the first unescaped occurrence of a character.
* A character is escaped if preceded by an odd number of backslashes.
*/
function findFirstUnescapedChar(str: string, char: string): number {
for (let i = 0; i < str.length; i++) {
if (str[i] === char) {
// Count preceding backslashes
let backslashCount = 0
let j = i - 1
while (j >= 0 && str[j] === '\\') {
backslashCount++
j--
}
// If even number of backslashes, the char is unescaped
if (backslashCount % 2 === 0) {
return i
}
}
}
return -1
}
/**
* Find the index of the last unescaped occurrence of a character.
* A character is escaped if preceded by an odd number of backslashes.
*/
function findLastUnescapedChar(str: string, char: string): number {
for (let i = str.length - 1; i >= 0; i--) {
if (str[i] === char) {
// Count preceding backslashes
let backslashCount = 0
let j = i - 1
while (j >= 0 && str[j] === '\\') {
backslashCount++
j--
}
// If even number of backslashes, the char is unescaped
if (backslashCount % 2 === 0) {
return i
}
}
}
return -1
}