mirror of https://github.com/openclaw/openclaw.git
91 lines
3.6 KiB
Swift
91 lines
3.6 KiB
Swift
import Foundation
|
|
import Testing
|
|
@testable import OpenClaw
|
|
|
|
struct ExecSkillBinTrustTests {
|
|
@Test func `build trust index resolves skill bin paths`() throws {
|
|
let fixture = try Self.makeExecutable(named: "jq")
|
|
defer { try? FileManager.default.removeItem(at: fixture.root) }
|
|
|
|
let trust = SkillBinsCache._testBuildTrustIndex(
|
|
report: Self.makeReport(bins: ["jq"]),
|
|
searchPaths: [fixture.root.path])
|
|
|
|
#expect(trust.names == ["jq"])
|
|
#expect(trust.pathsByName["jq"] == [fixture.path])
|
|
}
|
|
|
|
@Test func `skill auto allow accepts trusted resolved skill bin path`() throws {
|
|
let fixture = try Self.makeExecutable(named: "jq")
|
|
defer { try? FileManager.default.removeItem(at: fixture.root) }
|
|
|
|
let trust = SkillBinsCache._testBuildTrustIndex(
|
|
report: Self.makeReport(bins: ["jq"]),
|
|
searchPaths: [fixture.root.path])
|
|
let resolution = ExecCommandResolution(
|
|
rawExecutable: "jq",
|
|
resolvedPath: fixture.path,
|
|
executableName: "jq",
|
|
cwd: nil)
|
|
|
|
#expect(ExecApprovalEvaluator._testIsSkillAutoAllowed([resolution], trustedBinsByName: trust.pathsByName))
|
|
}
|
|
|
|
@Test func `skill auto allow rejects same basename at different path`() throws {
|
|
let trusted = try Self.makeExecutable(named: "jq")
|
|
let untrusted = try Self.makeExecutable(named: "jq")
|
|
defer {
|
|
try? FileManager.default.removeItem(at: trusted.root)
|
|
try? FileManager.default.removeItem(at: untrusted.root)
|
|
}
|
|
|
|
let trust = SkillBinsCache._testBuildTrustIndex(
|
|
report: Self.makeReport(bins: ["jq"]),
|
|
searchPaths: [trusted.root.path])
|
|
let resolution = ExecCommandResolution(
|
|
rawExecutable: "jq",
|
|
resolvedPath: untrusted.path,
|
|
executableName: "jq",
|
|
cwd: nil)
|
|
|
|
#expect(!ExecApprovalEvaluator._testIsSkillAutoAllowed([resolution], trustedBinsByName: trust.pathsByName))
|
|
}
|
|
|
|
private static func makeExecutable(named name: String) throws -> (root: URL, path: String) {
|
|
let root = FileManager.default.temporaryDirectory
|
|
.appendingPathComponent("openclaw-skill-bin-\(UUID().uuidString)", isDirectory: true)
|
|
try FileManager.default.createDirectory(at: root, withIntermediateDirectories: true)
|
|
let file = root.appendingPathComponent(name)
|
|
try "#!/bin/sh\nexit 0\n".write(to: file, atomically: true, encoding: .utf8)
|
|
try FileManager.default.setAttributes(
|
|
[.posixPermissions: NSNumber(value: Int16(0o755))],
|
|
ofItemAtPath: file.path)
|
|
return (root, file.path)
|
|
}
|
|
|
|
private static func makeReport(bins: [String]) -> SkillsStatusReport {
|
|
SkillsStatusReport(
|
|
workspaceDir: "/tmp/workspace",
|
|
managedSkillsDir: "/tmp/skills",
|
|
skills: [
|
|
SkillStatus(
|
|
name: "test-skill",
|
|
description: "test",
|
|
source: "local",
|
|
filePath: "/tmp/skills/test-skill/SKILL.md",
|
|
baseDir: "/tmp/skills/test-skill",
|
|
skillKey: "test-skill",
|
|
primaryEnv: nil,
|
|
emoji: nil,
|
|
homepage: nil,
|
|
always: false,
|
|
disabled: false,
|
|
eligible: true,
|
|
requirements: SkillRequirements(bins: bins, env: [], config: []),
|
|
missing: SkillMissing(bins: [], env: [], config: []),
|
|
configChecks: [],
|
|
install: [])
|
|
])
|
|
}
|
|
}
|