tui: fix permission tests for new evaluate function signature

packages/opencode/test/agent/agent.test.ts

@@ -7,7 +7,7 @@ import { PermissionNext } from "../../src/permission/next"
 // Helper to evaluate permission for a tool with wildcard pattern
 function evalPerm(agent: Agent.Info | undefined, permission: string): PermissionNext.Action | undefined {
   if (!agent) return undefined
-  return PermissionNext.evaluate(permission, "*", agent.permission)
+  return PermissionNext.evaluate(permission, "*", agent.permission).action
 }
 
 test("returns default native agents when no config", async () => {
@@ -53,7 +53,7 @@ test("plan agent denies edits except .opencode/plan/*", async () => {
       // Wildcard is denied
       expect(evalPerm(plan, "edit")).toBe("deny")
       // But specific path is allowed
-      expect(PermissionNext.evaluate("edit", ".opencode/plan/foo.md", plan!.permission)).toBe("allow")
+      expect(PermissionNext.evaluate("edit", ".opencode/plan/foo.md", plan!.permission).action).toBe("allow")
     },
   })
 })
@@ -201,7 +201,7 @@ test("agent permission config merges with defaults", async () => {
       const build = await Agent.get("build")
       expect(build).toBeDefined()
       // Specific pattern is denied
-      expect(PermissionNext.evaluate("bash", "rm -rf *", build!.permission)).toBe("deny")
+      expect(PermissionNext.evaluate("bash", "rm -rf *", build!.permission).action).toBe("deny")
       // Edit still allowed
       expect(evalPerm(build, "edit")).toBe("allow")
     },

packages/opencode/test/permission/next.test.ts

@@ -113,9 +113,9 @@ test("merge - config permission overrides default ask", () => {
   const merged = PermissionNext.merge(defaults, config)
 
   // Config's bash allow should override default ask
-  expect(PermissionNext.evaluate("bash", "ls", merged)).toBe("allow")
+  expect(PermissionNext.evaluate("bash", "ls", merged).action).toBe("allow")
   // Other permissions should still be ask (from defaults)
-  expect(PermissionNext.evaluate("edit", "foo.ts", merged)).toBe("ask")
+  expect(PermissionNext.evaluate("edit", "foo.ts", merged).action).toBe("ask")
 })
 
 test("merge - config ask overrides default allow", () => {
@@ -125,19 +125,19 @@ test("merge - config ask overrides default allow", () => {
   const merged = PermissionNext.merge(defaults, config)
 
   // Config's ask should override default allow
-  expect(PermissionNext.evaluate("bash", "ls", merged)).toBe("ask")
+  expect(PermissionNext.evaluate("bash", "ls", merged).action).toBe("ask")
 })
 
 // evaluate tests
 
 test("evaluate - exact pattern match", () => {
   const result = PermissionNext.evaluate("bash", "rm", [{ permission: "bash", pattern: "rm", action: "deny" }])
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 test("evaluate - wildcard pattern match", () => {
   const result = PermissionNext.evaluate("bash", "rm", [{ permission: "bash", pattern: "*", action: "allow" }])
-  expect(result).toBe("allow")
+  expect(result.action).toBe("allow")
 })
 
 test("evaluate - last matching rule wins", () => {
@@ -145,7 +145,7 @@ test("evaluate - last matching rule wins", () => {
     { permission: "bash", pattern: "*", action: "allow" },
     { permission: "bash", pattern: "rm", action: "deny" },
   ])
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 test("evaluate - last matching rule wins (wildcard after specific)", () => {
@@ -153,14 +153,14 @@ test("evaluate - last matching rule wins (wildcard after specific)", () => {
     { permission: "bash", pattern: "rm", action: "deny" },
     { permission: "bash", pattern: "*", action: "allow" },
   ])
-  expect(result).toBe("allow")
+  expect(result.action).toBe("allow")
 })
 
 test("evaluate - glob pattern match", () => {
   const result = PermissionNext.evaluate("edit", "src/foo.ts", [
     { permission: "edit", pattern: "src/*", action: "allow" },
   ])
-  expect(result).toBe("allow")
+  expect(result.action).toBe("allow")
 })
 
 test("evaluate - last matching glob wins", () => {
@@ -168,7 +168,7 @@ test("evaluate - last matching glob wins", () => {
     { permission: "edit", pattern: "src/*", action: "deny" },
     { permission: "edit", pattern: "src/components/*", action: "allow" },
   ])
-  expect(result).toBe("allow")
+  expect(result.action).toBe("allow")
 })
 
 test("evaluate - order matters for specificity", () => {
@@ -177,31 +177,31 @@ test("evaluate - order matters for specificity", () => {
     { permission: "edit", pattern: "src/components/*", action: "allow" },
     { permission: "edit", pattern: "src/*", action: "deny" },
   ])
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 test("evaluate - unknown permission returns ask", () => {
   const result = PermissionNext.evaluate("unknown_tool", "anything", [
     { permission: "bash", pattern: "*", action: "allow" },
   ])
-  expect(result).toBe("ask")
+  expect(result.action).toBe("ask")
 })
 
 test("evaluate - empty ruleset returns ask", () => {
   const result = PermissionNext.evaluate("bash", "rm", [])
-  expect(result).toBe("ask")
+  expect(result.action).toBe("ask")
 })
 
 test("evaluate - no matching pattern returns ask", () => {
   const result = PermissionNext.evaluate("edit", "etc/passwd", [
     { permission: "edit", pattern: "src/*", action: "allow" },
   ])
-  expect(result).toBe("ask")
+  expect(result.action).toBe("ask")
 })
 
 test("evaluate - empty rules array returns ask", () => {
   const result = PermissionNext.evaluate("bash", "rm", [])
-  expect(result).toBe("ask")
+  expect(result.action).toBe("ask")
 })
 
 test("evaluate - multiple matching patterns, last wins", () => {
@@ -210,7 +210,7 @@ test("evaluate - multiple matching patterns, last wins", () => {
     { permission: "edit", pattern: "src/*", action: "allow" },
     { permission: "edit", pattern: "src/secret.ts", action: "deny" },
   ])
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 test("evaluate - non-matching patterns are skipped", () => {
@@ -219,7 +219,7 @@ test("evaluate - non-matching patterns are skipped", () => {
     { permission: "edit", pattern: "test/*", action: "deny" },
     { permission: "edit", pattern: "src/*", action: "allow" },
   ])
-  expect(result).toBe("allow")
+  expect(result.action).toBe("allow")
 })
 
 test("evaluate - exact match at end wins over earlier wildcard", () => {
@@ -227,7 +227,7 @@ test("evaluate - exact match at end wins over earlier wildcard", () => {
     { permission: "bash", pattern: "*", action: "allow" },
     { permission: "bash", pattern: "/bin/rm", action: "deny" },
   ])
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 test("evaluate - wildcard at end overrides earlier exact match", () => {
@@ -235,26 +235,26 @@ test("evaluate - wildcard at end overrides earlier exact match", () => {
     { permission: "bash", pattern: "/bin/rm", action: "deny" },
     { permission: "bash", pattern: "*", action: "allow" },
   ])
-  expect(result).toBe("allow")
+  expect(result.action).toBe("allow")
 })
 
 // wildcard permission tests
 
 test("evaluate - wildcard permission matches any permission", () => {
   const result = PermissionNext.evaluate("bash", "rm", [{ permission: "*", pattern: "*", action: "deny" }])
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 test("evaluate - wildcard permission with specific pattern", () => {
   const result = PermissionNext.evaluate("bash", "rm", [{ permission: "*", pattern: "rm", action: "deny" }])
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 test("evaluate - glob permission pattern", () => {
   const result = PermissionNext.evaluate("mcp_server_tool", "anything", [
     { permission: "mcp_*", pattern: "*", action: "allow" },
   ])
-  expect(result).toBe("allow")
+  expect(result.action).toBe("allow")
 })
 
 test("evaluate - specific permission and wildcard permission combined", () => {
@@ -262,7 +262,7 @@ test("evaluate - specific permission and wildcard permission combined", () => {
     { permission: "*", pattern: "*", action: "deny" },
     { permission: "bash", pattern: "*", action: "allow" },
   ])
-  expect(result).toBe("allow")
+  expect(result.action).toBe("allow")
 })
 
 test("evaluate - wildcard permission does not match when specific exists", () => {
@@ -270,7 +270,7 @@ test("evaluate - wildcard permission does not match when specific exists", () =>
     { permission: "*", pattern: "*", action: "deny" },
     { permission: "edit", pattern: "src/*", action: "allow" },
   ])
-  expect(result).toBe("allow")
+  expect(result.action).toBe("allow")
 })
 
 test("evaluate - multiple matching permission patterns combine rules", () => {
@@ -279,7 +279,7 @@ test("evaluate - multiple matching permission patterns combine rules", () => {
     { permission: "mcp_*", pattern: "*", action: "allow" },
     { permission: "mcp_dangerous", pattern: "*", action: "deny" },
   ])
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 test("evaluate - wildcard permission fallback for unknown tool", () => {
@@ -287,7 +287,7 @@ test("evaluate - wildcard permission fallback for unknown tool", () => {
     { permission: "*", pattern: "*", action: "ask" },
     { permission: "bash", pattern: "*", action: "allow" },
   ])
-  expect(result).toBe("ask")
+  expect(result.action).toBe("ask")
 })
 
 test("evaluate - permission patterns sorted by length regardless of object order", () => {
@@ -297,7 +297,7 @@ test("evaluate - permission patterns sorted by length regardless of object order
     { permission: "*", pattern: "*", action: "deny" },
   ])
   // With flat list, last matching rule wins - so "*" matches bash and wins
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 test("evaluate - merges multiple rulesets", () => {
@@ -305,7 +305,7 @@ test("evaluate - merges multiple rulesets", () => {
   const approved: PermissionNext.Ruleset = [{ permission: "bash", pattern: "rm", action: "deny" }]
   // approved comes after config, so rm should be denied
   const result = PermissionNext.evaluate("bash", "rm", config, approved)
-  expect(result).toBe("deny")
+  expect(result.action).toBe("deny")
 })
 
 // disabled tests