fabi/PiCloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test(v1.1.3-modules): resolver, cache, validator, kind-rejection coverage

Browse Source 
Adds ~46 new tests across the v1.1.3 surface:

executor-core/tests/modules.rs (NEW, 23 tests):
- resolver_loads_simple_module / endpoint_can_import_module /
  module_can_import_module — end-to-end through Engine::execute.
- resolver_cross_app_blocked / resolver_cross_app_module_not_found /
  module_cache_keyed_by_app — same-name modules in different apps
  resolve independently; cross-app lookup returns ModuleNotFound.
- resolver_self_import_detected / resolver_circular_detected —
  cycle detector reports the chain.
- resolver_depth_limit_enforced / resolver_depth_limit_just_under_succeeds.
- resolver_module_not_found / resolver_backend_error_surfaces.
- resolver_runtime_validation_rejects_top_level_expr — defense-in-
  depth: a module with a top-level expression that bypassed the
  admin gate is rejected at resolve time.
- module_cache_hit_reuses_compiled_module /
  module_cache_stale_invalidated_on_updated_at_change /
  module_cache_lru_evicts_when_capacity_exceeded.
- validate_module_{accepts_fn_const_import_only,
  rejects_top_level_let, rejects_top_level_expr,
  rejects_top_level_while}.
- validate_endpoint_{extracts_literal_imports,
  top_level_expr_still_allowed,
  skips_dynamic_imports_in_imports_list}.

orchestrator-core/src/client.rs cache_tests (6 tests):
- cache_hit_when_identity_matches / cache_invalidated_when_updated_at_changes
  / distinct_script_ids_cache_independently / lru_eviction_caps_cache_size
  / script_identity_is_copy / compile_error_does_not_poison_cache.

shared/src/script.rs kind_tests (3 tests):
- default_is_endpoint / round_trips_through_serde_lowercase
  / parse_str_round_trip.

manager-core/src/triggers_api.rs v1.1.3 tests (6 tests):
- kv_trigger_rejects_module_target / docs_trigger_rejects_module_target
  / dl_trigger_rejects_module_target — modules cannot be trigger
  targets.
- kv_trigger_rejects_missing_script / kv_trigger_rejects_cross_app_script
  — closes the latent v1.1.1/v1.1.2 isolation gap.
- kv_trigger_accepts_endpoint_target — happy path through the
  validate_trigger_target check.

picloud/tests/api.rs (8 #[ignore]'d Postgres-gated integration tests):
- create_script_default_kind_is_endpoint / create_module_kind_persists.
- create_module_with_top_level_expr_rejected /
  create_module_with_reserved_name_rejected.
- route_bind_rejects_module.
- endpoint_imports_module_end_to_end /
  module_edit_visible_on_next_invocation / cross_app_import_blocked.

Lint cleanup along the way:
- `ScriptKind::from_str` renamed to `parse_str` to dodge the
  `should_implement_trait` lint (FromStr's `Result<…,Err>` shape
  doesn't fit a 0-info lookup).
- `derive(Default)` on `ScriptKind` (Endpoint marked `#[default]`).
- Match-arm collapse in `check_module_shape` for Import + Noop.
- `#[allow(clippy::too_many_lines)]` on `resolve()` (the bridge
  logic is genuinely cohesive and would lose clarity if split).
- Elided `'r` lifetime on `StackGuard`.

Three gates clean on this commit's HEAD:
- cargo fmt --all -- --check: clean
- cargo clippy --all-targets --all-features -- -D warnings: clean
- cargo test --workspace: 358 passed, 140 ignored (Postgres-gated)
- npm run check: 0 errors, 0 warnings

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
MechaCat02
2026-06-03 07:18:18 +02:00
parent 10f76d29ca
commit 3dbead426f
9 changed files with 1249 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

208
crates/manager-core/src/triggers_api.rs
View File

@@ -716,7 +716,7 @@ mod tests {
source: String::new(),
kind,
timeout_seconds: 30,
sandbox: Default::default(),
sandbox: picloud_shared::ScriptSandbox::default(),
memory_limit_mb: 256,
created_at: now,
updated_at: now,
@@ -766,10 +766,7 @@ mod tests {
) -> Result<picloud_shared::Script, crate::repo::ScriptRepositoryError> {
unimplemented!()
}
async fn delete(
&self,
_id: ScriptId,
) -> Result<(), crate::repo::ScriptRepositoryError> {
async fn delete(&self, _id: ScriptId) -> Result<(), crate::repo::ScriptRepositoryError> {
unimplemented!()
}
async fn count_routes_for_script(
@@ -1106,4 +1103,205 @@ mod tests {
let err = res.expect_err("cross-app delete should 404");
assert!(matches!(err, TriggersApiError::NotFound(_)));
}
// ----------------------------------------------------------------
// v1.1.3: kind + cross-app target validation on trigger create.
// ----------------------------------------------------------------
#[tokio::test]
async fn kv_trigger_rejects_module_target() {
let app_id = AppId::new();
let script_id = ScriptId::new();
let state = TriggersState {
triggers: Arc::new(InMemoryTriggerRepo::default()),
apps: InMemoryAppRepo::with(app_id),
authz: Arc::new(AlwaysAllowAuthzRepo),
scripts: InMemoryScriptRepo::with_module(app_id, script_id),
config: TriggerConfig::conservative(),
};
let res = create_kv_trigger(
State(state),
Extension(member_principal()),
Path(app_id),
Json(CreateKvTriggerRequest {
script_id,
collection_glob: "widgets".into(),
ops: vec![KvEventOp::Insert],
dispatch_mode: TriggerDispatchMode::Async,
retry_max_attempts: None,
retry_backoff: None,
retry_base_ms: None,
}),
)
.await;
let err = res.expect_err("module script should be rejected as trigger target");
let msg = match err {
TriggersApiError::Invalid(m) => m,
other => panic!("expected Invalid, got {other:?}"),
};
assert!(
msg.to_lowercase().contains("module"),
"expected error to mention 'module', got {msg}"
);
}
#[tokio::test]
async fn docs_trigger_rejects_module_target() {
let app_id = AppId::new();
let script_id = ScriptId::new();
let state = TriggersState {
triggers: Arc::new(InMemoryTriggerRepo::default()),
apps: InMemoryAppRepo::with(app_id),
authz: Arc::new(AlwaysAllowAuthzRepo),
scripts: InMemoryScriptRepo::with_module(app_id, script_id),
config: TriggerConfig::conservative(),
};
let res = create_docs_trigger(
State(state),
Extension(member_principal()),
Path(app_id),
Json(CreateDocsTriggerRequest {
script_id,
collection_glob: "users".into(),
ops: vec![DocsEventOp::Create],
dispatch_mode: TriggerDispatchMode::Async,
retry_max_attempts: None,
retry_backoff: None,
retry_base_ms: None,
}),
)
.await;
let err = res.expect_err("module script should be rejected as docs-trigger target");
let msg = match err {
TriggersApiError::Invalid(m) => m,
other => panic!("expected Invalid, got {other:?}"),
};
assert!(msg.to_lowercase().contains("module"));
}
#[tokio::test]
async fn dl_trigger_rejects_module_target() {
let app_id = AppId::new();
let script_id = ScriptId::new();
let state = TriggersState {
triggers: Arc::new(InMemoryTriggerRepo::default()),
apps: InMemoryAppRepo::with(app_id),
authz: Arc::new(AlwaysAllowAuthzRepo),
scripts: InMemoryScriptRepo::with_module(app_id, script_id),
config: TriggerConfig::conservative(),
};
let res = create_dl_trigger(
State(state),
Extension(member_principal()),
Path(app_id),
Json(CreateDeadLetterTriggerRequest {
script_id,
source_filter: None,
trigger_id_filter: None,
script_id_filter: None,
}),
)
.await;
let err = res.expect_err("module script should be rejected as dead-letter target");
let msg = match err {
TriggersApiError::Invalid(m) => m,
other => panic!("expected Invalid, got {other:?}"),
};
assert!(msg.to_lowercase().contains("module"));
}
#[tokio::test]
async fn kv_trigger_rejects_missing_script() {
let app_id = AppId::new();
// Empty script repo — the requested script_id doesn't exist.
let state = state_with(Arc::new(AlwaysAllowAuthzRepo), app_id);
let res = create_kv_trigger(
State(state),
Extension(member_principal()),
Path(app_id),
Json(CreateKvTriggerRequest {
script_id: ScriptId::new(),
collection_glob: "widgets".into(),
ops: vec![],
dispatch_mode: TriggerDispatchMode::Async,
retry_max_attempts: None,
retry_backoff: None,
retry_base_ms: None,
}),
)
.await;
let err = res.expect_err("missing script should reject");
let msg = match err {
TriggersApiError::Invalid(m) => m,
other => panic!("expected Invalid, got {other:?}"),
};
assert!(msg.to_lowercase().contains("not found"));
}
#[tokio::test]
async fn kv_trigger_rejects_cross_app_script() {
// Latent v1.1.1/v1.1.2 isolation gap closed by v1.1.3: a
// member of app A could previously target a script in app B.
let app_a = AppId::new();
let app_b = AppId::new();
let script_id = ScriptId::new();
// Pre-populate the script repo with the script living in app B,
// but the trigger request targets app A.
let scripts = InMemoryScriptRepo::with_endpoint(app_b, script_id);
let state = TriggersState {
triggers: Arc::new(InMemoryTriggerRepo::default()),
apps: InMemoryAppRepo::with(app_a),
authz: Arc::new(AlwaysAllowAuthzRepo),
scripts,
config: TriggerConfig::conservative(),
};
let res = create_kv_trigger(
State(state),
Extension(member_principal()),
Path(app_a),
Json(CreateKvTriggerRequest {
script_id,
collection_glob: "widgets".into(),
ops: vec![],
dispatch_mode: TriggerDispatchMode::Async,
retry_max_attempts: None,
retry_backoff: None,
retry_base_ms: None,
}),
)
.await;
let err = res.expect_err("cross-app trigger target should reject");
let msg = match err {
TriggersApiError::Invalid(m) => m,
other => panic!("expected Invalid, got {other:?}"),
};
assert!(
msg.to_lowercase().contains("does not belong"),
"expected cross-app rejection message, got {msg}"
);
}
#[tokio::test]
async fn kv_trigger_accepts_endpoint_target() {
let app_id = AppId::new();
let script_id = ScriptId::new();
let state = state_with_endpoint(Arc::new(AlwaysAllowAuthzRepo), app_id, script_id);
let (status, _) = create_kv_trigger(
State(state),
Extension(member_principal()),
Path(app_id),
Json(CreateKvTriggerRequest {
script_id,
collection_glob: "widgets".into(),
ops: vec![KvEventOp::Insert],
dispatch_mode: TriggerDispatchMode::Async,
retry_max_attempts: None,
retry_backoff: None,
retry_base_ms: None,
}),
)
.await
.expect("endpoint target should succeed");
assert_eq!(status, StatusCode::CREATED);
}
}