DBT/clawgo
1
0
Fork 0
mirror of https://github.com/YspCoder/clawgo.git synced 2026-04-28 08:47:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix shell allowlist initialization and add guard tests

Browse Source
This commit is contained in:
野生派Coder~
2026-02-14 09:49:48 +08:00
parent c58c4cf11a
commit 4bdc25c127
2 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/tools/shell_test.go
View File

@@ -43,3 +43,21 @@ func TestAssessCommandRisk_GitCleanIsDestructive(t *testing.T) {
t.Fatalf("expected git clean to be destructive, got %s", assessment.Level)
}
}
func TestNewExecTool_LoadsAllowedCmdsIntoAllowPatterns(t *testing.T) {
tool := NewExecTool(config.ShellConfig{AllowedCmds: []string{"echo"}}, ".")
if len(tool.allowPatterns) != 1 {
t.Fatalf("expected one allow pattern, got %d", len(tool.allowPatterns))
}
}
func TestGuardCommand_BlocksCommandNotInAllowlist(t *testing.T) {
tool := NewExecTool(config.ShellConfig{AllowedCmds: []string{"echo"}}, ".")
if msg := tool.guardCommand("ls -la", "."); msg == "" {
t.Fatal("expected allowlist to block command not in allowed_cmds")
}
if msg := tool.guardCommand("echo hi", "."); msg != "" {
t.Fatalf("expected allowed command to pass guard, got %q", msg)
}
}