diff --git a/packages/opencode/src/session/prompt.ts b/packages/opencode/src/session/prompt.ts index c29733999214..baec781ed7c1 100644 --- a/packages/opencode/src/session/prompt.ts +++ b/packages/opencode/src/session/prompt.ts @@ -1311,13 +1311,15 @@ NOTE: At any point in time through this workflow you should feel free to ask the const message = yield* createUserMessage(input) yield* sessions.touch(input.sessionID) + const sessionPerms = session.permission ?? [] const permissions: Permission.Ruleset = [] for (const [t, enabled] of Object.entries(input.tools ?? {})) { permissions.push({ permission: t, action: enabled ? "allow" : "deny", pattern: "*" }) } - if (permissions.length > 0) { - session.permission = permissions - yield* sessions.setPermission({ sessionID: session.id, permission: permissions }) + const merged = Permission.merge(sessionPerms, permissions) + if (merged.length > 0) { + session.permission = merged + yield* sessions.setPermission({ sessionID: session.id, permission: merged }) } if (input.noReply === true) return message diff --git a/packages/opencode/src/tool/task.ts b/packages/opencode/src/tool/task.ts index 07e779f5bd56..fdb281b64480 100644 --- a/packages/opencode/src/tool/task.ts +++ b/packages/opencode/src/tool/task.ts @@ -56,6 +56,9 @@ export const TaskTool = Tool.define("task", async () => { const hasTaskPermission = agent.permission.some((rule) => rule.permission === "task") const hasTodoWritePermission = agent.permission.some((rule) => rule.permission === "todowrite") + const parent = await Session.get(ctx.sessionID).catch(() => {}) + const parentPerms = parent?.permission ?? [] + const session = await iife(async () => { if (params.task_id) { const found = await Session.get(SessionID.make(params.task_id)).catch(() => {}) @@ -66,6 +69,7 @@ export const TaskTool = Tool.define("task", async () => { parentID: ctx.sessionID, title: params.description + ` (@${agent.name} subagent)`, permission: [ + ...parentPerms, ...(hasTodoWritePermission ? [] : [