diff options
| author | Adam Malczewski <[email protected]> | 2026-06-03 08:24:40 +0900 |
|---|---|---|
| committer | Adam Malczewski <[email protected]> | 2026-06-03 08:24:40 +0900 |
| commit | bc3ecbe7b72f6da6ed36d0cea5a66de1c440269a (patch) | |
| tree | 17e84ebf8d83c51a7a50312c256372a86e38b92a /packages/api/tests | |
| parent | b26821ead97b986f886065b20d3dbde8283daa64 (diff) | |
| parent | ae672fd4f5542a2c217cf97657bf81eeebdaabbd (diff) | |
| download | dispatch-bc3ecbe7b72f6da6ed36d0cea5a66de1c440269a.tar.gz dispatch-bc3ecbe7b72f6da6ed36d0cea5a66de1c440269a.zip | |
Merge branch 'dev' into cmp7/compaction-tool
# Conflicts:
# packages/frontend/src/lib/components/ChatInput.svelte
Diffstat (limited to 'packages/api/tests')
| -rw-r--r-- | packages/api/tests/agent-manager.test.ts | 30 | ||||
| -rw-r--r-- | packages/api/tests/routes.test.ts | 63 |
2 files changed, 93 insertions, 0 deletions
diff --git a/packages/api/tests/agent-manager.test.ts b/packages/api/tests/agent-manager.test.ts index 0915d9b..80a8ae5 100644 --- a/packages/api/tests/agent-manager.test.ts +++ b/packages/api/tests/agent-manager.test.ts @@ -537,6 +537,14 @@ vi.mock("@dispatch/core", () => ({ execute: async () => "mock", }; }, + createKeyUsageTool(_callbacks: unknown) { + return { + name: "key_usage", + description: "key usage", + parameters: { _type: "z.ZodObject", shape: {} }, + execute: async () => "mock", + }; + }, createSearchCodeTool(_wd: string) { return { name: "search_code", @@ -1634,6 +1642,28 @@ describe("AgentManager", () => { }); }); + describe("key_usage permission gate", () => { + // The key_usage tool is conditionally useful, so it must be COMPLETELY + // absent from the toolset (and thus the model's context) unless + // perm_key_usage is explicitly allowed. + async function toolsForPerms(tabId: string, perms: Record<string, string>): Promise<string[]> { + for (const [k, v] of Object.entries(perms)) setFakeSetting(k, v); + const manager = new AgentManager(); + await manager.processMessage(tabId, "go"); + return constructedAgents.at(-1)?.toolNames ?? []; + } + + it("registers key_usage when perm_key_usage is allowed", async () => { + const tools = await toolsForPerms("tab-key-usage-on", { perm_key_usage: "allow" }); + expect(tools).toContain("key_usage"); + }); + + it("omits key_usage when perm_key_usage is not allowed", async () => { + const tools = await toolsForPerms("tab-key-usage-off", {}); + expect(tools).not.toContain("key_usage"); + }); + }); + // Regression: granted tab-messaging tools must also be ADVERTISED in the // agent's system prompt. The tools were registered in the API tool payload // but `buildSystemPrompt` filtered its "You have access to the following diff --git a/packages/api/tests/routes.test.ts b/packages/api/tests/routes.test.ts index d6f6087..06dfa13 100644 --- a/packages/api/tests/routes.test.ts +++ b/packages/api/tests/routes.test.ts @@ -219,6 +219,16 @@ vi.mock("@dispatch/core", () => ({ typeof value === "string" && ["none", "low", "medium", "high", "xhigh", "max"].includes(value) ); }, + // Lightweight stand-in for the real validator: accept the supported media + // types, reject everything else. Enough to exercise the /chat attachment + // validation branch (the real validator is unit-tested in core). + validateUserContent(content: Array<{ type: string; mediaType?: string }>) { + const accepted = ["image/png", "image/jpeg", "image/webp", "image/gif", "application/pdf"]; + const errors = content + .filter((p) => p.type === "attachment" && !accepted.includes(p.mediaType ?? "")) + .map((p) => ({ code: "unsupported-type", mediaType: p.mediaType })); + return { ok: errors.length === 0, errors }; + }, listOpenTabs() { return [...fakeOpenTabs]; }, @@ -451,6 +461,59 @@ describe("POST /chat", () => { expect(await res.json()).toEqual({ status: "ok" }); }); + it("accepts a valid image attachment and starts a turn", async () => { + const res = await app.request("/chat", { + method: "POST", + headers: { "Content-Type": "application/json" }, + body: JSON.stringify({ + tabId: "tab-img-ok", + message: "look: [image]", + content: [ + { type: "text", text: "look: " }, + { type: "attachment", mediaType: "image/png", data: "QQ==" }, + ], + }), + }); + expect(res.status).toBe(200); + expect(await res.json()).toEqual({ status: "ok" }); + }); + + it("returns 400 for an unsupported attachment media type", async () => { + const res = await app.request("/chat", { + method: "POST", + headers: { "Content-Type": "application/json" }, + body: JSON.stringify({ + tabId: "tab-img-bad", + message: "look: [image]", + content: [{ type: "attachment", mediaType: "image/svg+xml", data: "QQ==" }], + }), + }); + expect(res.status).toBe(400); + const body = await res.json(); + expect(body.error).toBe("invalid attachments"); + }); + + it("returns 409 when attaching while the agent is generating", async () => { + // Kick off a turn so the tab is running. + await app.request("/chat", { + method: "POST", + headers: { "Content-Type": "application/json" }, + body: JSON.stringify({ tabId: "tab-img-busy", message: "first" }), + }); + await new Promise<void>((r) => setTimeout(r, 20)); + + const res = await app.request("/chat", { + method: "POST", + headers: { "Content-Type": "application/json" }, + body: JSON.stringify({ + tabId: "tab-img-busy", + message: "second [image]", + content: [{ type: "attachment", mediaType: "image/png", data: "QQ==" }], + }), + }); + expect(res.status).toBe(409); + }); + it("returns 400 with empty message", async () => { const res = await app.request("/chat", { method: "POST", |
