首页 发现 帮助
登录
AI
/
opencode-ide-plugin
镜像自地址 https://github.com/paviko/opencode-ide-plugin.git
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

test: add more tests to make sure that cwd is locked for read tool

Aiden Cline 1 月之前
父节点
160c8ab7cc
当前提交
664e6bf2d0
共有 1 个文件被更改,包括 131 次插入0 次删除
合并视图 显示文件统计
  1. 131 0
      packages/opencode/test/tool/read.test.ts

+ 131 - 0
packages/opencode/test/tool/read.test.ts
查看文件 

@@ -13,6 +13,137 @@ const ctx = {
 
   metadata: () => {},
 
   metadata: () => {},
 
 }
 
 }
 
 
 
+describe("tool.read external_directory permission", () => {
 
+  test("allows reading absolute path inside project directory", async () => {
 
+    await using tmp = await tmpdir({
 
+      init: async (dir) => {
 
+        await Bun.write(path.join(dir, "test.txt"), "hello world")
 
+        await Bun.write(
 
+          path.join(dir, "opencode.json"),
 
+          JSON.stringify({
 
+            permission: {
 
+              external_directory: "deny",
 
+            },
 
+          }),
 
+        )
 
+      },
 
+    })
 
+    await Instance.provide({
 
+      directory: tmp.path,
 
+      fn: async () => {
 
+        const read = await ReadTool.init()
 
+        const result = await read.execute({ filePath: path.join(tmp.path, "test.txt") }, ctx)
 
+        expect(result.output).toContain("hello world")
 
+      },
 
+    })
 
+  })
 
+
 
+  test("allows reading file in subdirectory inside project directory", async () => {
 
+    await using tmp = await tmpdir({
 
+      init: async (dir) => {
 
+        await Bun.write(path.join(dir, "subdir", "test.txt"), "nested content")
 
+        await Bun.write(
 
+          path.join(dir, "opencode.json"),
 
+          JSON.stringify({
 
+            permission: {
 
+              external_directory: "deny",
 
+            },
 
+          }),
 
+        )
 
+      },
 
+    })
 
+    await Instance.provide({
 
+      directory: tmp.path,
 
+      fn: async () => {
 
+        const read = await ReadTool.init()
 
+        const result = await read.execute({ filePath: path.join(tmp.path, "subdir", "test.txt") }, ctx)
 
+        expect(result.output).toContain("nested content")
 
+      },
 
+    })
 
+  })
 
+
 
+  test("denies reading absolute path outside project directory", async () => {
 
+    await using outerTmp = await tmpdir({
 
+      init: async (dir) => {
 
+        await Bun.write(path.join(dir, "secret.txt"), "secret data")
 
+      },
 
+    })
 
+    await using tmp = await tmpdir({
 
+      init: async (dir) => {
 
+        await Bun.write(
 
+          path.join(dir, "opencode.json"),
 
+          JSON.stringify({
 
+            permission: {
 
+              external_directory: "deny",
 
+            },
 
+          }),
 
+        )
 
+      },
 
+    })
 
+    await Instance.provide({
 
+      directory: tmp.path,
 
+      fn: async () => {
 
+        const read = await ReadTool.init()
 
+        await expect(read.execute({ filePath: path.join(outerTmp.path, "secret.txt") }, ctx)).rejects.toThrow(
 
+          "not in the current working directory",
 
+        )
 
+      },
 
+    })
 
+  })
 
+
 
+  test("denies reading relative path that traverses outside project directory", async () => {
 
+    await using tmp = await tmpdir({
 
+      init: async (dir) => {
 
+        await Bun.write(
 
+          path.join(dir, "opencode.json"),
 
+          JSON.stringify({
 
+            permission: {
 
+              external_directory: "deny",
 
+            },
 
+          }),
 
+        )
 
+      },
 
+    })
 
+    await Instance.provide({
 
+      directory: tmp.path,
 
+      fn: async () => {
 
+        const read = await ReadTool.init()
 
+        await expect(read.execute({ filePath: "../../../etc/passwd" }, ctx)).rejects.toThrow(
 
+          "not in the current working directory",
 
+        )
 
+      },
 
+    })
 
+  })
 
+
 
+  test("allows reading outside project directory when external_directory is allow", async () => {
 
+    await using outerTmp = await tmpdir({
 
+      init: async (dir) => {
 
+        await Bun.write(path.join(dir, "external.txt"), "external content")
 
+      },
 
+    })
 
+    await using tmp = await tmpdir({
 
+      init: async (dir) => {
 
+        await Bun.write(
 
+          path.join(dir, "opencode.json"),
 
+          JSON.stringify({
 
+            permission: {
 
+              external_directory: "allow",
 
+            },
 
+          }),
 
+        )
 
+      },
 
+    })
 
+    await Instance.provide({
 
+      directory: tmp.path,
 
+      fn: async () => {
 
+        const read = await ReadTool.init()
 
+        const result = await read.execute({ filePath: path.join(outerTmp.path, "external.txt") }, ctx)
 
+        expect(result.output).toContain("external content")
 
+      },
 
+    })
 
+  })
 
+})
 
+
 
 describe("tool.read env file blocking", () => {
 
 describe("tool.read env file blocking", () => {
 
   test.each([
 
   test.each([
 
     [".env", true],
 
     [".env", true],