init: push source

2025-06-19 19:24:01 +05:30
commit 8e76d016d4
136 changed files with 38177 additions and 0 deletions
--- a/src-tauri/tests/sandbox/e2e/claude_sandbox.rs
+++ b/src-tauri/tests/sandbox/e2e/claude_sandbox.rs
@@ -0,0 +1,196 @@
+//! End-to-end tests for Claude command execution with sandbox profiles
+use crate::sandbox::common::*;
+use crate::skip_if_unsupported;
+use serial_test::serial;
+
+/// Test Claude Code execution with default sandbox profile
+#[test]
+#[serial]
+fn test_claude_with_default_sandbox() {
+    skip_if_unsupported!();
+    
+    // Create test environment
+    let test_fs = TestFileSystem::new().expect("Failed to create test filesystem");
+    let test_db = TEST_DB.lock();
+    test_db.reset().expect("Failed to reset database");
+    
+    // Create default sandbox profile
+    let rules = profiles::standard(&test_fs.project_path.to_string_lossy());
+    let profile_id = test_db.create_test_profile("claude_default", rules)
+        .expect("Failed to create test profile");
+    
+    // Set as default and active
+    test_db.conn.execute(
+        "UPDATE sandbox_profiles SET is_default = 1, is_active = 1 WHERE id = ?1",
+        rusqlite::params![profile_id],
+    ).expect("Failed to set default profile");
+    
+    // Execute real Claude command with default sandbox profile
+    let result = execute_claude_task(
+        &test_fs.project_path,
+        &tasks::multi_operation(),
+        Some("You are Claude. Only perform the requested task."),
+        Some("sonnet"),
+        Some(profile_id),
+        20, // 20 second timeout
+    ).expect("Failed to execute Claude command");
+    
+    // Debug output
+    eprintln!("=== Claude Output (Default Sandbox) ===");
+    eprintln!("Exit code: {}", result.exit_code);
+    eprintln!("STDOUT:\n{}", result.stdout);
+    eprintln!("STDERR:\n{}", result.stderr);
+    eprintln!("===================");
+    
+    // Basic verification
+    assert!(result.exit_code == 0 || result.exit_code == 124,
+            "Claude should execute with default sandbox (exit code: {})", result.exit_code);
+}
+
+/// Test Claude Code with sandboxing disabled
+#[test]
+#[serial]
+fn test_claude_sandbox_disabled() {
+    skip_if_unsupported!();
+    
+    // Create test environment
+    let test_fs = TestFileSystem::new().expect("Failed to create test filesystem");
+    let test_db = TEST_DB.lock();
+    test_db.reset().expect("Failed to reset database");
+    
+    // Create profile but mark as inactive
+    let rules = profiles::standard(&test_fs.project_path.to_string_lossy());
+    let profile_id = test_db.create_test_profile("claude_inactive", rules)
+        .expect("Failed to create test profile");
+    
+    // Set as default but inactive
+    test_db.conn.execute(
+        "UPDATE sandbox_profiles SET is_default = 1, is_active = 0 WHERE id = ?1",
+        rusqlite::params![profile_id],
+    ).expect("Failed to set inactive profile");
+    
+    // Execute real Claude command without active sandbox
+    let result = execute_claude_task(
+        &test_fs.project_path,
+        &tasks::multi_operation(),
+        Some("You are Claude. Only perform the requested task."),
+        Some("sonnet"),
+        None, // No sandbox since profile is inactive
+        20, // 20 second timeout
+    ).expect("Failed to execute Claude command");
+    
+    // Debug output
+    eprintln!("=== Claude Output (Inactive Sandbox) ===");
+    eprintln!("Exit code: {}", result.exit_code);
+    eprintln!("STDOUT:\n{}", result.stdout);
+    eprintln!("STDERR:\n{}", result.stderr);
+    eprintln!("===================");
+    
+    // Basic verification
+    assert!(result.exit_code == 0 || result.exit_code == 124,
+            "Claude should execute without active sandbox (exit code: {})", result.exit_code);
+}
+
+/// Test Claude Code session operations
+#[test]
+#[serial]
+fn test_claude_session_operations() {
+    // This test doesn't require actual Claude execution
+    
+    // Create test environment
+    let test_fs = TestFileSystem::new().expect("Failed to create test filesystem");
+    
+    // Create mock session structure
+    let claude_dir = test_fs.root.path().join(".claude");
+    let projects_dir = claude_dir.join("projects");
+    let project_id = test_fs.project_path.to_string_lossy().replace('/', "-");
+    let session_dir = projects_dir.join(&project_id);
+    
+    std::fs::create_dir_all(&session_dir).expect("Failed to create session dir");
+    
+    // Create mock session file
+    let session_id = "test-session-123";
+    let session_file = session_dir.join(format!("{}.jsonl", session_id));
+    
+    let session_data = serde_json::json!({
+        "type": "session_start",
+        "cwd": test_fs.project_path.to_string_lossy(),
+        "timestamp": "2024-01-01T00:00:00Z"
+    });
+    
+    std::fs::write(&session_file, format!("{}\n", session_data))
+        .expect("Failed to write session file");
+    
+    // Verify session file exists
+    assert!(session_file.exists(), "Session file should exist");
+}
+
+/// Test Claude settings with sandbox configuration
+#[test]
+#[serial]
+fn test_claude_settings_sandbox_config() {
+    // Create test environment
+    let test_fs = TestFileSystem::new().expect("Failed to create test filesystem");
+    
+    // Create mock settings
+    let claude_dir = test_fs.root.path().join(".claude");
+    std::fs::create_dir_all(&claude_dir).expect("Failed to create claude dir");
+    
+    let settings_file = claude_dir.join("settings.json");
+    let settings = serde_json::json!({
+        "sandboxEnabled": true,
+        "defaultSandboxProfile": "standard",
+        "theme": "dark",
+        "model": "sonnet"
+    });
+    
+    std::fs::write(&settings_file, serde_json::to_string_pretty(&settings).unwrap())
+        .expect("Failed to write settings");
+    
+    // Read and verify settings
+    let content = std::fs::read_to_string(&settings_file)
+        .expect("Failed to read settings");
+    let parsed: serde_json::Value = serde_json::from_str(&content)
+        .expect("Failed to parse settings");
+    
+    assert_eq!(parsed["sandboxEnabled"], true, "Sandbox should be enabled");
+    assert_eq!(parsed["defaultSandboxProfile"], "standard", "Default profile should be standard");
+}
+
+/// Test profile-based file access restrictions
+#[test]
+#[serial]
+fn test_profile_file_access_simulation() {
+    skip_if_unsupported!();
+    
+    // Create test environment
+    let _test_fs = TestFileSystem::new().expect("Failed to create test filesystem");
+    let test_db = TEST_DB.lock();
+    test_db.reset().expect("Failed to reset database");
+    
+    // Create a custom profile with specific file access
+    let custom_rules = vec![
+        TestRule::file_read("{{PROJECT_PATH}}", true),
+        TestRule::file_read("/usr/local/bin", true),
+        TestRule::file_read("/etc/hosts", false), // Literal file
+    ];
+    
+    let profile_id = test_db.create_test_profile("file_access_test", custom_rules)
+        .expect("Failed to create test profile");
+    
+    // Load the profile rules
+    let loaded_rules: Vec<(String, String, String)> = test_db.conn
+        .prepare("SELECT operation_type, pattern_type, pattern_value FROM sandbox_rules WHERE profile_id = ?1")
+        .expect("Failed to prepare query")
+        .query_map(rusqlite::params![profile_id], |row| {
+            Ok((row.get(0)?, row.get(1)?, row.get(2)?))
+        })
+        .expect("Failed to query rules")
+        .collect::<Result<Vec<_>, _>>()
+        .expect("Failed to collect rules");
+    
+    // Verify rules were created correctly
+    assert_eq!(loaded_rules.len(), 3, "Should have 3 rules");
+    assert!(loaded_rules.iter().any(|(op, _, _)| op == "file_read_all"), 
+            "Should have file_read_all operation");
+}