test: add send audit idempotency diagnostics
This commit is contained in:
@@ -5,6 +5,7 @@ import (
|
||||
"crypto/sha256"
|
||||
"encoding/hex"
|
||||
"encoding/json"
|
||||
"os"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
@@ -315,6 +316,46 @@ func TestISphereSendMessageRejectsContentHashMismatch(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestISphereSendMessageAuditRedactionIsStable(t *testing.T) {
|
||||
auditPath := t.TempDir() + "\\send-audit.jsonl"
|
||||
audit := fileSendMessageAuditSink{path: auditPath}
|
||||
session, cleanup := connectToolsTestSession(t, func(server *mcp.Server) {
|
||||
RegisterISphereSendMessageToolWithState(server, audit, newFakeSendMessageIdempotencyStore())
|
||||
})
|
||||
defer cleanup()
|
||||
|
||||
content := "raw body must not be stored in audit"
|
||||
idempotencyKey := "raw-idempotency-key-must-not-be-stored"
|
||||
contentHash := sha256HexForSendMessageTest(content)
|
||||
callResult, err := session.CallTool(context.Background(), &mcp.CallToolParams{
|
||||
Name: ToolNameSendMessage,
|
||||
Arguments: map[string]any{
|
||||
"target_type": "direct",
|
||||
"target_id": "alice@imopenfire1-lanzhou",
|
||||
"content_text": content,
|
||||
"content_sha256": contentHash,
|
||||
"idempotency_key": idempotencyKey,
|
||||
"execution_mode": "preview",
|
||||
},
|
||||
})
|
||||
if err != nil {
|
||||
t.Fatalf("call %s: %v", ToolNameSendMessage, err)
|
||||
}
|
||||
if callResult.IsError {
|
||||
t.Fatalf("preview should not return error: %+v", callResult)
|
||||
}
|
||||
payload, err := os.ReadFile(auditPath)
|
||||
if err != nil {
|
||||
t.Fatalf("read audit file: %v", err)
|
||||
}
|
||||
if strings.Contains(string(payload), content) || strings.Contains(string(payload), idempotencyKey) {
|
||||
t.Fatalf("audit file leaked raw content or idempotency key: %s", payload)
|
||||
}
|
||||
if !strings.Contains(string(payload), contentHash) {
|
||||
t.Fatalf("audit file missing content hash: %s", payload)
|
||||
}
|
||||
}
|
||||
|
||||
func TestISphereSendMessageDetectsDuplicateIdempotencyKey(t *testing.T) {
|
||||
audit := &fakeSendMessageAuditSink{}
|
||||
idempotency := newFakeSendMessageIdempotencyStore()
|
||||
|
||||
Reference in New Issue
Block a user