test: isolate exec allowlist env
This commit is contained in:
Peter Steinberger
@@ -80,58 +80,49 @@ describe("exec approvals", () => {
|
|||||||
if (process.platform !== "win32") {
|
if (process.platform !== "win32") {
|
||||||
await fs.chmod(exePath, 0o755);
|
await fs.chmod(exePath, 0o755);
|
||||||
}
|
}
|
||||||
const prevPath = process.env.PATH;
|
const execEnv: Record<string, string> = { PATH: binDir };
|
||||||
const prevPathExt = process.env.PATHEXT;
|
|
||||||
process.env.PATH = binDir;
|
|
||||||
if (process.platform === "win32") {
|
if (process.platform === "win32") {
|
||||||
process.env.PATHEXT = ".CMD";
|
execEnv.PATHEXT = ".CMD";
|
||||||
}
|
}
|
||||||
|
const approvalsFile = {
|
||||||
try {
|
version: 1,
|
||||||
const approvalsFile = {
|
defaults: { security: "allowlist", ask: "on-miss", askFallback: "deny" },
|
||||||
version: 1,
|
agents: {
|
||||||
defaults: { security: "allowlist", ask: "on-miss", askFallback: "deny" },
|
main: {
|
||||||
agents: {
|
allowlist: [{ pattern: exePath }],
|
||||||
main: {
|
|
||||||
allowlist: [{ pattern: exePath }],
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
};
|
},
|
||||||
|
};
|
||||||
|
|
||||||
const calls: string[] = [];
|
const calls: string[] = [];
|
||||||
vi.mocked(callGatewayTool).mockImplementation(async (method) => {
|
vi.mocked(callGatewayTool).mockImplementation(async (method) => {
|
||||||
calls.push(method);
|
calls.push(method);
|
||||||
if (method === "exec.approvals.node.get") {
|
if (method === "exec.approvals.node.get") {
|
||||||
return { file: approvalsFile };
|
return { file: approvalsFile };
|
||||||
}
|
|
||||||
if (method === "node.invoke") {
|
|
||||||
return { payload: { success: true, stdout: "ok" } };
|
|
||||||
}
|
|
||||||
if (method === "exec.approval.request") {
|
|
||||||
return { decision: "allow-once" };
|
|
||||||
}
|
|
||||||
return { ok: true };
|
|
||||||
});
|
|
||||||
|
|
||||||
const { createExecTool } = await import("./bash-tools.exec.js");
|
|
||||||
const tool = createExecTool({
|
|
||||||
host: "node",
|
|
||||||
ask: "on-miss",
|
|
||||||
approvalRunningNoticeMs: 0,
|
|
||||||
});
|
|
||||||
|
|
||||||
const result = await tool.execute("call2", { command: `${exeName} --help` });
|
|
||||||
expect(result.details.status).toBe("completed");
|
|
||||||
expect(calls).toContain("exec.approvals.node.get");
|
|
||||||
expect(calls).toContain("node.invoke");
|
|
||||||
expect(calls).not.toContain("exec.approval.request");
|
|
||||||
} finally {
|
|
||||||
process.env.PATH = prevPath;
|
|
||||||
if (prevPathExt === undefined) {
|
|
||||||
delete process.env.PATHEXT;
|
|
||||||
} else {
|
|
||||||
process.env.PATHEXT = prevPathExt;
|
|
||||||
}
|
}
|
||||||
}
|
if (method === "node.invoke") {
|
||||||
|
return { payload: { success: true, stdout: "ok" } };
|
||||||
|
}
|
||||||
|
if (method === "exec.approval.request") {
|
||||||
|
return { decision: "allow-once" };
|
||||||
|
}
|
||||||
|
return { ok: true };
|
||||||
|
});
|
||||||
|
|
||||||
|
const { createExecTool } = await import("./bash-tools.exec.js");
|
||||||
|
const tool = createExecTool({
|
||||||
|
host: "node",
|
||||||
|
ask: "on-miss",
|
||||||
|
approvalRunningNoticeMs: 0,
|
||||||
|
});
|
||||||
|
|
||||||
|
const result = await tool.execute("call2", {
|
||||||
|
command: `${exeName} --help`,
|
||||||
|
env: execEnv,
|
||||||
|
});
|
||||||
|
expect(result.details.status).toBe("completed");
|
||||||
|
expect(calls).toContain("exec.approvals.node.get");
|
||||||
|
expect(calls).toContain("node.invoke");
|
||||||
|
expect(calls).not.toContain("exec.approval.request");
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user