feat(cursor): implement permission approval for interaction_query#848
feat(cursor): implement permission approval for interaction_query#848chenhg5 wants to merge 1 commit into
Conversation
Cursor Agent in default mode was auto-rejecting all tool calls because cc-connect wasn't responding to interaction_query requests. The RespondPermission method was a no-op. Changes: - Added stdin pipe to cursorSession for writing responses - Modified handleInteractionQuery to emit EventPermissionRequest - Implemented RespondPermission to write interaction_query/response - Auto-approve for yolo/force mode, request user approval for default Now users can approve/deny tool calls through the messaging platform when using Cursor Agent in default mode. Closes #785 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
chenhg5
left a comment
chenhg5
left a comment
There was a problem hiding this comment.
Review Summary
Solid implementation of the two-way permission flow for Cursor Agent. This fixes a real and reproducible bug: Cursor's default mode was auto-rejecting all tool calls because RespondPermission was a no-op. CI is green across all 5 checks.
As an owner PR, I can't formally approve — but sharing detailed notes for the record.
🟡 Protocol: query_type in response may not match Cursor's expected value
File: agent/cursor/session.go, writeJSON call in RespondPermission
Why: The outgoing response hardcodes "query_type": "permission" regardless of the actual incoming query type (shellRequestQuery, webFetchRequestQuery, etc.). If Cursor Agent key-dispatches responses on query_type, it may not route the response back to the correct handler.
Fix: Consider passing queryType through to RespondPermission via core.PermissionResult or a separate field, then echoing the original value in the response.
🟡 response.response.id type mismatch
File: agent/cursor/session.go line ~545
Why: requestID is parsed as float64 from JSON and converted to string via fmt.Sprintf("%d", int(requestID)). If Cursor expects a numeric id in the response payload, sending it as a string may cause a routing failure.
Fix: Confirm Cursor's expected type for id in the response; send as int if needed.
✅ Good: stdin mutex (stdinMu) prevents concurrent write races correctly.
✅ Good: Auto-approve path in yolo/force mode still emits EventToolUse for visibility — clean separation of concerns.
✅ Good: Failure path in RespondPermission checks cs.alive before writing — avoids write-on-closed-pipe panics.
If the query_type echo and id type are confirmed correct by manual testing (or by inspecting Cursor's source), this is ready to merge.
2 participants
Summary
interaction_queryeventshandleInteractionQueryto emitEventPermissionRequestfor user approvalRespondPermissionto writeinteraction_query/responsevia stdinRoot Cause
Cursor Agent in default mode was auto-rejecting all tool calls because:
RespondPermissionwas a no-op (empty implementation)handleInteractionQueryonly emittedEventToolUse, notEventPermissionRequestTest plan
go build ./...passesgo vet ./...passesgo test ./...passesCloses #785
🤖 Generated with Claude Code