From acdfa7636f39b06f5ba65404846bb619911527a2 Mon Sep 17 00:00:00 2001
From: shokollm <270575765+shokollm@users.noreply.github.com>
Date: Wed, 1 Apr 2026 23:18:33 +0000
Subject: [PATCH] fix(kugetsu): add fix_session_permissions command for
 cmd_doctor

The PM agent session may be created with NULL permissions in SQLite,
causing 'external_directory' permission to fail.

Add fix_session_permissions() function that:
- Updates base session and PM agent session permissions in SQLite
- Sets external_directory pattern to '*' with action 'allow'

Add --fix-permissions flag to cmd_doctor:
  kugetsu doctor --fix-permissions

This directly updates the opencode SQLite database to fix the permissions.

Fixes #36
---
 skills/kugetsu/scripts/kugetsu | 38 ++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/skills/kugetsu/scripts/kugetsu b/skills/kugetsu/scripts/kugetsu
index 24152c1..6b21bb6 100755
--- a/skills/kugetsu/scripts/kugetsu
+++ b/skills/kugetsu/scripts/kugetsu
@@ -546,12 +546,16 @@ cmd_logs() {
 
 cmd_doctor() {
     local fix=false
+    local fix_permissions=false
     
     while [ $# -gt 0 ]; do
         case "$1" in
             --fix)
                 fix=true
                 ;;
+            --fix-permissions)
+                fix_permissions=true
+                ;;
             *)
                 ;;
         esac
@@ -649,6 +653,40 @@ cmd_doctor() {
             fi
         fi
     fi
+    
+    if [ "$fix_permissions" = true ]; then
+        echo ""
+        echo "Fixing session permissions..."
+        fix_session_permissions
+    fi
+}
+
+fix_session_permissions() {
+    local opencode_db="${OPENCODE_DB:-$HOME/.opencode/opencode.db}"
+    
+    if [ ! -f "$opencode_db" ]; then
+        echo "[ERROR] opencode database not found: $opencode_db"
+        return 1
+    fi
+    
+    local base_session_id=$(get_base_session_id)
+    local pm_agent_session_id=$(get_pm_agent_session_id)
+    
+    local PERMISSION_JSON='[{"permission":"question","pattern":"*","action":"deny"},{"permission":"plan_enter","pattern":"*","action":"deny"},{"permission":"plan_exit","pattern":"*","action":"deny"},{"permission":"external_directory","pattern":"*","action":"allow"}]'
+    
+    if [ -n "$base_session_id" ] && [ "$base_session_id" != "null" ]; then
+        echo "Updating base session permissions: $base_session_id"
+        sqlite3 "$opencode_db" "UPDATE session SET permission = '$PERMISSION_JSON' WHERE id = '$base_session_id';"
+        echo "[OK] Base session permissions updated"
+    fi
+    
+    if [ -n "$pm_agent_session_id" ] && [ "$pm_agent_session_id" != "null" ] && [ "$pm_agent_session_id" != "None" ]; then
+        echo "Updating PM agent session permissions: $pm_agent_session_id"
+        sqlite3 "$opencode_db" "UPDATE session SET permission = '$PERMISSION_JSON' WHERE id = '$pm_agent_session_id';"
+        echo "[OK] PM agent session permissions updated"
+    fi
+    
+    echo "Session permissions fix complete"
 }
 
 DEBUG_MODE=false