From cb97bf6068b473a4360d71b879bc4d42e96232ea Mon Sep 17 00:00:00 2001
From: LaZzyMan <zeusdream7@gmail.com>
Date: Fri, 27 Mar 2026 10:37:20 +0800
Subject: [PATCH] fix(acp): add missing await for async isToolEnabled in
 Session.runTool
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PermissionManager.isToolEnabled was changed to async in this PR but the
call site in Session.runTool was not updated, causing the Promise to be
evaluated as a truthy value and the L1 tool-enablement check to always
pass — effectively disabling permission denial in the ACP session path.
---
 packages/cli/src/acp-integration/session/Session.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/cli/src/acp-integration/session/Session.ts b/packages/cli/src/acp-integration/session/Session.ts
index b89044be4..fd009dddf 100644
--- a/packages/cli/src/acp-integration/session/Session.ts
+++ b/packages/cli/src/acp-integration/session/Session.ts
@@ -590,7 +590,7 @@ export class Session implements SessionContext {
 
     // ---- L1: Tool enablement check ----
     const pm = this.config.getPermissionManager?.();
-    if (pm && !pm.isToolEnabled(fc.name as string)) {
+    if (pm && !(await pm.isToolEnabled(fc.name as string))) {
       return earlyErrorResponse(
         new Error(
           `Qwen Code requires permission to use "${fc.name}", but that permission was declined.`,