From d4a4892ee36cfeb44b39abf638fc53e411ecfabd Mon Sep 17 00:00:00 2001 From: Zhiping <2716057626@qq.com> Date: Mon, 11 May 2026 02:01:01 +0800 Subject: [PATCH] fix: deny of one tool call permanently blocks all future same-tool calls (#1377) When a user denies a tool call (e.g. edit_file), the tool_name was inserted into approval_session_denied alongside the per-call approval_key. Every subsequent invocation of the same tool type was then auto-denied for the rest of the session without prompting. Fix: only store the approval_key (per-call unique). This still prevents the model's retry loop from re-prompting the exact same command (#360), but allows the user to approve a fresh invocation of the same tool type. --- crates/tui/src/tui/ui.rs | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/crates/tui/src/tui/ui.rs b/crates/tui/src/tui/ui.rs index 4e333b3f..00b40c56 100644 --- a/crates/tui/src/tui/ui.rs +++ b/crates/tui/src/tui/ui.rs @@ -5825,12 +5825,11 @@ async fn handle_view_events( } ReviewDecision::Denied | ReviewDecision::Abort => { // Cache the denial so the model retry-loop doesn't - // re-prompt for the same command (#360). Only when - // the user actively denied (not when the timeout - // fired) — a timeout might mean the user stepped - // away rather than refused. + // re-prompt for the exact same approval_key (#360). + // Only the key (per-call unique) is stored — NOT + // the tool_name, which would block all future + // invocations of the same tool type (#1377). if !timed_out { - app.approval_session_denied.insert(tool_name.clone()); app.approval_session_denied.insert(approval_key); } let _ = engine_handle.deny_tool_call(tool_id).await;