import { Disposable, IDisposable } from "@codingame/monaco-vscode-api/vscode/vs/base/common/lifecycle"; import { IObservable } from "@codingame/monaco-vscode-api/vscode/vs/base/common/observable"; import { URI } from "@codingame/monaco-vscode-api/vscode/vs/base/common/uri"; import { IConfigurationService } from "@codingame/monaco-vscode-api/vscode/vs/platform/configuration/common/configuration.service"; import { IFileService } from "@codingame/monaco-vscode-api/vscode/vs/platform/files/common/files.service"; import { AgentHostPermissionMode, IPendingResourceRequest } from "../../../../platform/agentHost/common/agentHostPermissionService.js"; import { IAgentHostPermissionService } from "@codingame/monaco-vscode-api/vscode/vs/platform/agentHost/common/agentHostPermissionService.service"; import { ResourceRequestParams } from "@codingame/monaco-vscode-api/vscode/vs/platform/agentHost/common/state/protocol/commands"; import { ILogService } from "@codingame/monaco-vscode-api/vscode/vs/platform/log/common/log.service"; /** * Default implementation of {@link IAgentHostPermissionService}. * * Permission storage shape (in user settings): * * ```jsonc * "chat.agentHost.localFilePermissions": { * "localhost:3000": { * "file:///Users/me/.gitconfig": "r", * "file:///Users/me/.agentConfig": "rw" * } * } * ``` * * - Keys are addresses normalized via {@link normalizeRemoteAgentHostAddress}. * - Values are URI strings → `r` | `rw`. Descendant URIs are covered by a * parent grant (e.g. a grant for `.config/` covers `.config/foo.json`). */ export declare class AgentHostPermissionService extends Disposable implements IAgentHostPermissionService { private readonly _configurationService; private readonly _fileService; private readonly _logService; readonly _serviceBrand: undefined; /** * In-memory grants. Two kinds, both stored here so they share the * `connectionClosed` cleanup pass: * * - **Implicit reads** added by `grantImplicitRead` (read-only, kept alive * by an explicit disposable revocation handle from the caller). * - **Session grants** from the user clicking "Allow" in the prompt * (read or write, cleared when the connection closes or the window * reloads). These have no caller-held disposable. * * Keyed by an opaque handle so callers can revoke independently. */ private readonly _inMemoryGrants; /** All pending requests across every connection. */ private readonly _pending; readonly allPending: IObservable; constructor(_configurationService: IConfigurationService, _fileService: IFileService, _logService: ILogService); check(address: string, uri: URI, mode: AgentHostPermissionMode): Promise; request(address: string, params: ResourceRequestParams): Promise; pendingFor(address: string): IObservable; findPending(id: string): IPendingResourceRequest | undefined; grantImplicitRead(address: string, uri: URI): IDisposable; connectionClosed(address: string): void; /** * Resolve {@link uri} against the local filesystem, collapsing `..` * segments and following symlinks so the policy check sees the same * path the OS will actually open. For URIs that don't exist (e.g. a * `resourceWrite` for a new file), realpath the deepest existing * ancestor and re-append the leaf. */ private _canonicalize; /** * Policy check against in-memory + persisted grants. Asynchronous * because in-memory grants from {@link grantImplicitRead} carry an * unresolved realpath promise — see {@link IInMemoryGrant.realpath}. */ private _isCovered; private _enqueue; private _resolve; private _dropPending; private _readPersistedGrants; private _persistGrant; /** * Inspect the setting and pick the scope to write back to. The setting * is registered with `ConfigurationScope.APPLICATION`, so APPLICATION is * the canonical home; we still honour pre-existing values in the * user-* scopes so a hand-edited entry isn't silently relocated, but * fresh writes default to APPLICATION. */ private _inspectScopedSetting; }