Files
2026-07-13 13:39:12 +08:00

64 lines
2.0 KiB
TypeScript

import { describe, it } from "node:test";
import assert from "node:assert/strict";
import {
PermissionSchema,
safeValidateManifest,
} from "../../src/lib/plugins/manifest.ts";
describe("Plugin permission enforcement", () => {
describe("PermissionSchema", () => {
it("accepts valid permission values", () => {
const valid = ["network", "file-read", "file-write", "env", "exec"];
for (const perm of valid) {
const result = PermissionSchema.safeParse(perm);
assert.ok(result.success, `should accept "${perm}"`);
}
});
it("rejects invalid permission values", () => {
const invalid = ["admin", "root", "shell", "database", ""];
for (const perm of invalid) {
const result = PermissionSchema.safeParse(perm);
assert.ok(!result.success, `should reject "${perm}"`);
}
});
it("rejects non-string permission values", () => {
const invalid = [123, true, null, undefined, {}];
for (const perm of invalid) {
const result = PermissionSchema.safeParse(perm);
assert.ok(!result.success, `should reject ${JSON.stringify(perm)}`);
}
});
});
describe("Manifest permission validation", () => {
it("accepts manifest with valid permissions", () => {
const result = safeValidateManifest({
name: "test-plugin",
version: "1.0.0",
requires: { permissions: ["network", "env"] },
});
assert.ok(result.success, "should accept valid permissions");
});
it("accepts manifest with empty permissions", () => {
const result = safeValidateManifest({
name: "test-plugin",
version: "1.0.0",
requires: { permissions: [] },
});
assert.ok(result.success, "should accept empty permissions");
});
it("accepts manifest without requires field", () => {
const result = safeValidateManifest({
name: "test-plugin",
version: "1.0.0",
});
assert.ok(result.success, "should accept manifest without requires");
});
});
});