fix(exec): derive agentId from sessionKey for allowlist lookup

When creating exec tools via chat/Discord, agentId was not passed, causing allowlist lookup to use 'default' key instead of 'main'. User's allowlist entries in agents.main were never matched. Now derives agentId from sessionKey if not explicitly provided, ensuring correct allowlist lookup for all exec paths.
2026-05-08 11:01:24 +00:00 · 2026-01-21 18:55:32 -08:00
parent 51cd9c7ff4
commit 0c55b1e9ce
3 changed files with 90 additions and 14 deletions
--- a/src/infra/exec-approvals.test.ts
+++ b/src/infra/exec-approvals.test.ts
@@ -14,6 +14,7 @@ import {
  normalizeSafeBins,
  resolveCommandResolution,
  resolveExecApprovals,
+  resolveExecApprovalsFromFile,
  type ExecAllowlistEntry,
 } from "./exec-approvals.js";

@@ -227,3 +228,35 @@ describe("exec approvals wildcard agent", () => {
    }
  });
 });
+
+describe("exec approvals default agent migration", () => {
+  it("migrates legacy default agent entries to main", () => {
+    const file = {
+      version: 1,
+      agents: {
+        default: { allowlist: [{ pattern: "/bin/legacy" }] },
+      },
+    };
+    const resolved = resolveExecApprovalsFromFile({ file });
+    expect(resolved.allowlist.map((entry) => entry.pattern)).toEqual(["/bin/legacy"]);
+    expect(resolved.file.agents?.default).toBeUndefined();
+    expect(resolved.file.agents?.main?.allowlist?.[0]?.pattern).toBe("/bin/legacy");
+  });
+
+  it("prefers main agent settings when both main and default exist", () => {
+    const file = {
+      version: 1,
+      agents: {
+        main: { ask: "always", allowlist: [{ pattern: "/bin/main" }] },
+        default: { ask: "off", allowlist: [{ pattern: "/bin/legacy" }] },
+      },
+    };
+    const resolved = resolveExecApprovalsFromFile({ file });
+    expect(resolved.agent.ask).toBe("always");
+    expect(resolved.allowlist.map((entry) => entry.pattern)).toEqual([
+      "/bin/main",
+      "/bin/legacy",
+    ]);
+    expect(resolved.file.agents?.default).toBeUndefined();
+  });
+});