Kezdőlap Felfedezés Súgó
Regisztráció Bejelentkezés
haiany
/
codegraph
tükrözi: https://github.com/colbymchenry/codegraph.git
1
0
Másolás 0
Fájlok Problémák 0 Wiki
Branch: main
Branch-ok Tag-ek
codegraph
/
__tests__
/
mcp-tool-allowlist.test.ts

mcp-tool-allowlist.test.ts 2.6 KB
Állandó hivatkozás Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. /**
    2. 

  2.  * CODEGRAPH_MCP_TOOLS allowlist — lets an operator (or an A/B harness) trim the
    3. 

  3.  * exposed MCP tool surface without touching the client config. Inert when unset.
    4. 

  4.  * Filtering happens in ListTools (getTools) and is enforced again on execute().
    5. 

  5.  */
    6. 

  6. import { describe, it, expect, afterEach } from 'vitest';
    7. 

  7. import { ToolHandler } from '../src/mcp/tools';
    8. 

  8. 

  9. const ENV = 'CODEGRAPH_MCP_TOOLS';
    10. 

  10. 

  11. describe('CODEGRAPH_MCP_TOOLS allowlist', () => {
    12. 

  12.   const original = process.env[ENV];
    13. 

  13.   afterEach(() => {
    14. 

  14.     if (original === undefined) delete process.env[ENV];
    15. 

  15.     else process.env[ENV] = original;
    16. 

  16.   });
    17. 

  17. 

  18.   const listed = () => new ToolHandler(null).getTools().map(t => t.name).sort();
    19. 

  19. 

  20.   it('exposes ONLY codegraph_explore by default when unset', () => {
    21. 

  21.     delete process.env[ENV];
    22. 

  22.     // The default set (see DEFAULT_MCP_TOOLS) is pared to explore alone — the one
    23. 

  23.     // tool that earns its place (verbatim source grouped by file).
    24. 

  24.     // node/search/callers/callees/impact/files/status stay defined and executable
    25. 

  25.     // but unlisted; CODEGRAPH_MCP_TOOLS re-enables them.
    26. 

  26.     expect(listed()).toEqual(['codegraph_explore']);
    27. 

  27.   });
    28. 

  28. 

  29.   it('re-enables an unlisted tool via the allowlist (impact)', () => {
    30. 

  30.     process.env[ENV] = 'explore,impact';
    31. 

  31.     expect(listed()).toEqual(['codegraph_explore', 'codegraph_impact']);
    32. 

  32.   });
    33. 

  33. 

  34.   it('filters ListTools to the allowlisted short names', () => {
    35. 

  35.     process.env[ENV] = 'explore,search,node';
    36. 

  36.     expect(listed()).toEqual(['codegraph_explore', 'codegraph_node', 'codegraph_search']);
    37. 

  37.   });
    38. 

  38. 

  39.   it('accepts fully-qualified codegraph_ names and ignores whitespace', () => {
    40. 

  40.     process.env[ENV] = ' codegraph_explore , search ';
    41. 

  41.     expect(listed()).toEqual(['codegraph_explore', 'codegraph_search']);
    42. 

  42.   });
    43. 

  43. 

  44.   it('treats an empty/whitespace value as unset (default surface)', () => {
    45. 

  45.     process.env[ENV] = '   ';
    46. 

  46.     expect(listed()).toEqual(['codegraph_explore']);
    47. 

  47.   });
    48. 

  48. 

  49.   it('rejects a disabled tool on execute (defense in depth)', async () => {
    50. 

  50.     process.env[ENV] = 'node';
    51. 

  51.     const res = await new ToolHandler(null).execute('codegraph_explore', {});
    52. 

  52.     expect(res.isError).toBe(true);
    53. 

  53.     expect(res.content[0].text).toMatch(/disabled via CODEGRAPH_MCP_TOOLS/);
    54. 

  54.   });
    55. 

  55. 

  56.   it('lets an allowlisted tool past the guard', async () => {
    57. 

  57.     process.env[ENV] = 'search';
    58. 

  58.     // No CodeGraph attached, so it fails *after* the allowlist guard — the
    59. 

  59.     // "disabled" message must NOT appear, proving the guard passed it through.
    60. 

  60.     const res = await new ToolHandler(null).execute('codegraph_search', { query: 'x' });
    61. 

  61.     expect(res.content[0].text).not.toMatch(/disabled via CODEGRAPH_MCP_TOOLS/);
    62. 

  62.   });
    63. 

  63. });
    64.