permissions: align compress gating with opencode rules

Author: Tarquinen

index.ts

@@ -1,5 +1,10 @@
 import type { Plugin } from "@opencode-ai/plugin"
 import { getConfig } from "./lib/config"
+import {
+    compressDisabledByOpencode,
+    hasExplicitToolPermission,
+    type HostPermissionSnapshot,
+} from "./lib/host-permissions"
 import { Logger } from "./lib/logger"
 import { createSessionState } from "./lib/state"
 import { createCompressTool } from "./lib/tools"
@@ -22,6 +27,10 @@ const plugin: Plugin = (async (ctx) => {
     const logger = new Logger(config.debug)
     const state = createSessionState()
     const prompts = new PromptStore(logger, ctx.directory, config.experimental.customPrompts)
+    const hostPermissions: HostPermissionSnapshot = {
+        global: undefined,
+        agents: {},
+    }
 
     if (isSecureMode()) {
         configureClientAuth(ctx.client)
@@ -46,6 +55,7 @@ const plugin: Plugin = (async (ctx) => {
             logger,
             config,
             prompts,
+            hostPermissions,
         ) as any,
         "chat.message": async (
             input: {
@@ -57,8 +67,6 @@ const plugin: Plugin = (async (ctx) => {
             },
             _output: any,
         ) => {
-            // Cache variant from real user messages (not synthetic)
-            // This avoids scanning all messages to find variant
             state.variant = input.variant
             logger.debug("Cached variant from chat.message hook", { variant: input.variant })
         },
@@ -69,6 +77,7 @@ const plugin: Plugin = (async (ctx) => {
             logger,
             config,
             ctx.directory,
+            hostPermissions,
         ),
         tool: {
             ...(config.compress.permission !== "deny" && {
@@ -91,6 +100,13 @@ const plugin: Plugin = (async (ctx) => {
                 }
             }
 
+            if (
+                config.compress.permission !== "deny" &&
+                compressDisabledByOpencode(opencodeConfig.permission)
+            ) {
+                config.compress.permission = "deny"
+            }
+
             const toolsToAdd: string[] = []
             if (config.compress.permission !== "deny" && !config.experimental.allowSubAgents) {
                 toolsToAdd.push("compress")
@@ -104,12 +120,21 @@ const plugin: Plugin = (async (ctx) => {
                 }
             }
 
-            // Set tool permissions from DCP config
-            const permission = opencodeConfig.permission ?? {}
-            opencodeConfig.permission = {
-                ...permission,
-                compress: config.compress.permission,
-            } as typeof permission
+            if (!hasExplicitToolPermission(opencodeConfig.permission, "compress")) {
+                const permission = opencodeConfig.permission ?? {}
+                opencodeConfig.permission = {
+                    ...permission,
+                    compress: config.compress.permission,
+                } as typeof permission
+            }
+
+            hostPermissions.global = opencodeConfig.permission
+            hostPermissions.agents = Object.fromEntries(
+                Object.entries(opencodeConfig.agent ?? {}).map(([name, agent]) => [
+                    name,
+                    agent?.permission,
+                ]),
+            )
         },
     }
 }) satisfies Plugin

lib/commands/help.ts

@@ -6,6 +6,7 @@
 import type { Logger } from "../logger"
 import type { PluginConfig } from "../config"
 import type { SessionState, WithParts } from "../state"
+import { compressPermission } from "../shared-utils"
 import { sendIgnoredMessage } from "../ui/notification"
 import { getCurrentParams } from "../strategies/utils"
 
@@ -31,10 +32,10 @@ const TOOL_COMMANDS: Record<string, [string, string]> = {
     recompress: ["/dcp recompress <n>", "Re-apply a user-decompressed compression"],
 }
 
-function getVisibleCommands(config: PluginConfig): [string, string][] {
+function getVisibleCommands(state: SessionState, config: PluginConfig): [string, string][] {
     const commands = [...BASE_COMMANDS]
 
-    if (config.compress.permission !== "deny") {
+    if (compressPermission(state, config) !== "deny") {
         commands.push(TOOL_COMMANDS.compress)
         commands.push(TOOL_COMMANDS.decompress)
         commands.push(TOOL_COMMANDS.recompress)
@@ -43,16 +44,16 @@ function getVisibleCommands(config: PluginConfig): [string, string][] {
     return commands
 }
 
-function formatHelpMessage(manualMode: boolean, config: PluginConfig): string {
-    const commands = getVisibleCommands(config)
+function formatHelpMessage(state: SessionState, config: PluginConfig): string {
+    const commands = getVisibleCommands(state, config)
     const colWidth = Math.max(...commands.map(([cmd]) => cmd.length)) + 4
     const lines: string[] = []
 
     lines.push("╭─────────────────────────────────────────────────────────────────────────╮")
     lines.push("│                              DCP Commands                               │")
     lines.push("╰─────────────────────────────────────────────────────────────────────────╯")
     lines.push("")
-    lines.push(`  ${"Manual mode:".padEnd(colWidth)}${manualMode ? "ON" : "OFF"}`)
+    lines.push(`  ${"Manual mode:".padEnd(colWidth)}${state.manualMode ? "ON" : "OFF"}`)
     lines.push("")
     for (const [cmd, desc] of commands) {
         lines.push(`  ${cmd.padEnd(colWidth)}${desc}`)
@@ -66,7 +67,7 @@ export async function handleHelpCommand(ctx: HelpCommandContext): Promise<void>
     const { client, state, logger, sessionId, messages } = ctx
 
     const { config } = ctx
-    const message = formatHelpMessage(!!state.manualMode, config)
+    const message = formatHelpMessage(state, config)
 
     const params = getCurrentParams(state, messages, logger)
     await sendIgnoredMessage(client, sessionId, message, params, logger)

lib/hooks.ts

@@ -21,6 +21,8 @@ import { handleSweepCommand } from "./commands/sweep"
 import { handleManualToggleCommand, handleManualTriggerCommand } from "./commands/manual"
 import { handleDecompressCommand } from "./commands/decompress"
 import { handleRecompressCommand } from "./commands/recompress"
+import { type HostPermissionSnapshot } from "./host-permissions"
+import { compressPermission, syncCompressPermissionState } from "./shared-utils"
 import { ensureSessionInitialized } from "./state/state"
 import { cacheSystemPromptTokens } from "./ui/utils"
 import type { PromptStore } from "./prompts/store"
@@ -91,7 +93,12 @@ export function createSystemPromptHandler(
             return
         }
 
-        if (config.compress.permission === "deny") {
+        const effectivePermission =
+            input.sessionID && state.sessionId === input.sessionID
+                ? compressPermission(state, config)
+                : config.compress.permission
+
+        if (effectivePermission === "deny") {
             return
         }
 
@@ -116,10 +123,13 @@ export function createChatMessageTransformHandler(
     logger: Logger,
     config: PluginConfig,
     prompts: PromptStore,
+    hostPermissions: HostPermissionSnapshot,
 ) {
     return async (input: {}, output: { messages: WithParts[] }) => {
         await checkSession(client, state, logger, output.messages, config.manualMode.enabled)
 
+        syncCompressPermissionState(state, config, hostPermissions, output.messages)
+
         if (state.isSubAgent && !config.experimental.allowSubAgents) {
             return
         }
@@ -156,6 +166,7 @@ export function createCommandExecuteHandler(
     logger: Logger,
     config: PluginConfig,
     workingDirectory: string,
+    hostPermissions: HostPermissionSnapshot,
 ) {
     return async (
         input: { command: string; sessionID: string; arguments: string },
@@ -180,6 +191,10 @@ export function createCommandExecuteHandler(
                 config.manualMode.enabled,
             )
 
+            syncCompressPermissionState(state, config, hostPermissions, messages)
+
+            const effectivePermission = compressPermission(state, config)
+
             const args = (input.arguments || "").trim().split(/\s+/).filter(Boolean)
             const subcommand = args[0]?.toLowerCase() || ""
             const subArgs = args.slice(1)
@@ -217,7 +232,7 @@ export function createCommandExecuteHandler(
                 throw new Error("__DCP_MANUAL_HANDLED__")
             }
 
-            if (subcommand === "compress" && config.compress.permission !== "deny") {
+            if (subcommand === "compress" && effectivePermission !== "deny") {
                 const userFocus = subArgs.join(" ").trim()
                 const prompt = await handleManualTriggerCommand(commandCtx, "compress", userFocus)
                 if (!prompt) {
@@ -238,15 +253,15 @@ export function createCommandExecuteHandler(
                 return
             }
 
-            if (subcommand === "decompress" && config.compress.permission !== "deny") {
+            if (subcommand === "decompress" && effectivePermission !== "deny") {
                 await handleDecompressCommand({
                     ...commandCtx,
                     args: subArgs,
                 })
                 throw new Error("__DCP_DECOMPRESS_HANDLED__")
             }
 
-            if (subcommand === "recompress" && config.compress.permission !== "deny") {
+            if (subcommand === "recompress" && effectivePermission !== "deny") {
                 await handleRecompressCommand({
                     ...commandCtx,
                     args: subArgs,

lib/host-permissions.ts

@@ -0,0 +1,87 @@
+export type PermissionAction = "ask" | "allow" | "deny"
+
+export type PermissionValue = PermissionAction | Record<string, PermissionAction>
+
+export type PermissionConfig = Record<string, PermissionValue> | undefined
+
+export interface HostPermissionSnapshot {
+    global: PermissionConfig
+    agents: Record<string, PermissionConfig>
+}
+
+type PermissionRule = {
+    permission: string
+    pattern: string
+    action: PermissionAction
+}
+
+const wildcardMatch = (value: string, pattern: string): boolean => {
+    const normalizedValue = value.replaceAll("\\", "/")
+    let escaped = pattern
+        .replaceAll("\\", "/")
+        .replace(/[.+^${}()|[\]\\]/g, "\\$&")
+        .replace(/\*/g, ".*")
+        .replace(/\?/g, ".")
+
+    if (escaped.endsWith(" .*")) {
+        escaped = escaped.slice(0, -3) + "( .*)?"
+    }
+
+    const flags = process.platform === "win32" ? "si" : "s"
+    return new RegExp(`^${escaped}$`, flags).test(normalizedValue)
+}
+
+const getPermissionRules = (permissionConfigs: PermissionConfig[]): PermissionRule[] => {
+    const rules: PermissionRule[] = []
+    for (const permissionConfig of permissionConfigs) {
+        if (!permissionConfig) {
+            continue
+        }
+
+        for (const [permission, value] of Object.entries(permissionConfig)) {
+            if (value === "ask" || value === "allow" || value === "deny") {
+                rules.push({ permission, pattern: "*", action: value })
+                continue
+            }
+
+            for (const [pattern, action] of Object.entries(value)) {
+                if (action === "ask" || action === "allow" || action === "deny") {
+                    rules.push({ permission, pattern, action })
+                }
+            }
+        }
+    }
+    return rules
+}
+
+export const compressDisabledByOpencode = (...permissionConfigs: PermissionConfig[]): boolean => {
+    const match = getPermissionRules(permissionConfigs).findLast((rule) =>
+        wildcardMatch("compress", rule.permission),
+    )
+
+    return match?.pattern === "*" && match.action === "deny"
+}
+
+export const resolveEffectiveCompressPermission = (
+    basePermission: PermissionAction,
+    hostPermissions: HostPermissionSnapshot,
+    agentName?: string,
+): PermissionAction => {
+    if (basePermission === "deny") {
+        return "deny"
+    }
+
+    return compressDisabledByOpencode(
+        hostPermissions.global,
+        agentName ? hostPermissions.agents[agentName] : undefined,
+    )
+        ? "deny"
+        : basePermission
+}
+
+export const hasExplicitToolPermission = (
+    permissionConfig: PermissionConfig,
+    tool: string,
+): boolean => {
+    return permissionConfig ? Object.hasOwn(permissionConfig, tool) : false
+}

lib/messages/inject/inject.ts

@@ -3,7 +3,7 @@ import type { Logger } from "../../logger"
 import type { PluginConfig } from "../../config"
 import type { RuntimePrompts } from "../../prompts/store"
 import { formatMessageIdTag } from "../../message-ids"
-import { getLastUserMessage } from "../../shared-utils"
+import { compressPermission, getLastUserMessage } from "../../shared-utils"
 import { saveSessionState } from "../../state/persistence"
 import {
     appendIdToTool,
@@ -30,7 +30,7 @@ export const injectCompressNudges = (
     messages: WithParts[],
     prompts: RuntimePrompts,
 ): void => {
-    if (config.compress.permission === "deny") {
+    if (compressPermission(state, config) === "deny") {
         return
     }
 
@@ -139,7 +139,7 @@ export const injectMessageIds = (
     config: PluginConfig,
     messages: WithParts[],
 ): void => {
-    if (config.compress.permission === "deny") {
+    if (compressPermission(state, config) === "deny") {
         return
     }
 

lib/shared-utils.ts

@@ -1,3 +1,5 @@
+import type { PluginConfig } from "./config"
+import { type HostPermissionSnapshot, resolveEffectiveCompressPermission } from "./host-permissions"
 import { SessionState, WithParts } from "./state"
 import { isIgnoredUserMessage } from "./messages/utils"
 
@@ -25,3 +27,24 @@ export const getLastUserMessage = (
     }
     return null
 }
+
+export const compressPermission = (
+    state: SessionState,
+    config: PluginConfig,
+): "ask" | "allow" | "deny" => {
+    return state.compressPermission ?? config.compress.permission
+}
+
+export const syncCompressPermissionState = (
+    state: SessionState,
+    config: PluginConfig,
+    hostPermissions: HostPermissionSnapshot,
+    messages: WithParts[],
+): void => {
+    const activeAgent = getLastUserMessage(messages)?.info.agent
+    state.compressPermission = resolveEffectiveCompressPermission(
+        config.compress.permission,
+        hostPermissions,
+        activeAgent,
+    )
+}

lib/state/state.ts

@@ -66,6 +66,7 @@ export function createSessionState(): SessionState {
         sessionId: null,
         isSubAgent: false,
         manualMode: false,
+        compressPermission: undefined,
         pendingManualTrigger: null,
         prune: {
             tools: new Map<string, number>(),
@@ -100,6 +101,7 @@ export function resetSessionState(state: SessionState): void {
     state.sessionId = null
     state.isSubAgent = false
     state.manualMode = false
+    state.compressPermission = undefined
     state.pendingManualTrigger = null
     state.prune = {
         tools: new Map<string, number>(),

lib/state/types.ts

@@ -84,6 +84,7 @@ export interface SessionState {
     sessionId: string | null
     isSubAgent: boolean
     manualMode: false | "active" | "compress-pending"
+    compressPermission: "ask" | "allow" | "deny" | undefined
     pendingManualTrigger: PendingManualTrigger | null
     prune: Prune
     nudges: Nudges