@openclaw-cloud/agent-controller 0.2.6 → 0.2.8

package/__tests__/connection.test.ts

@@ -1,289 +0,0 @@
-import { Centrifuge } from 'centrifuge';
-import type { AgentApi } from '../src/api';
-
-jest.mock('centrifuge');
-jest.mock('ws', () => jest.fn());
-
-const MockCentrifuge = Centrifuge as jest.MockedClass<typeof Centrifuge>;
-
-const BACKEND_URL = 'http://backend:3000';
-const AGENT_TOKEN = 'agent-token';
-const AGENT_ID = 'test-1';
-const JWT = 'centrifugo.jwt.token';
-
-// Mock subscription instance
-function createMockSubscription(channel: string) {
-  const handlers: Record<string, Function> = {};
-  return {
-    on: jest.fn((event: string, cb: Function) => { handlers[event] = cb; }),
-    subscribe: jest.fn(),
-    channel,
-    _handlers: handlers,
-  };
-}
-
-function createMockClient(mockSubs: ReturnType<typeof createMockSubscription>[]) {
-  let subIndex = 0;
-  const clientHandlers: Record<string, Function> = {};
-  return {
-    on: jest.fn((event: string, cb: Function) => { clientHandlers[event] = cb; }),
-    newSubscription: jest.fn(() => mockSubs[subIndex++]),
-    connect: jest.fn(),
-    disconnect: jest.fn(),
-    publish: jest.fn().mockResolvedValue(undefined),
-    _handlers: clientHandlers,
-  };
-}
-
-function makeApi(): AgentApi & { publishResponse: jest.Mock } {
-  return {
-    get: jest.fn(),
-    post: jest.fn(),
-    publishResponse: jest.fn().mockResolvedValue(undefined),
-    publishHeartbeat: jest.fn().mockResolvedValue(undefined),
-  } as unknown as AgentApi & { publishResponse: jest.Mock };
-}
-
-function mockFetchOk(token = JWT) {
-  global.fetch = jest.fn().mockResolvedValue({
-    ok: true,
-    json: () => Promise.resolve({ token }),
-  } as unknown as Response);
-}
-
-beforeEach(() => {
-  jest.clearAllMocks();
-  mockFetchOk();
-});
-
-describe('createConnection', () => {
-  it('passes getToken (not raw token) to Centrifuge when backendUrl is provided', async () => {
-    const commandSub = createMockSubscription(`agent:${AGENT_ID}`);
-    const mockClient = createMockClient([commandSub]);
-    MockCentrifuge.mockImplementation(() => mockClient as any);
-
-    const { createConnection } = await import('../src/connection');
-
-    createConnection({
-      url: 'ws://localhost:8000/connection/websocket',
-      token: AGENT_TOKEN,
-      agentId: AGENT_ID,
-      backendUrl: BACKEND_URL,
-      api: makeApi(),
-    });
-
-    expect(MockCentrifuge).toHaveBeenCalledWith(
-      'ws://localhost:8000/connection/websocket',
-      expect.objectContaining({ getToken: expect.any(Function) })
-    );
-    // Must NOT pass raw token as a field
-    const [[, opts]] = MockCentrifuge.mock.calls;
-    expect(opts).not.toHaveProperty('token');
-
-    expect(mockClient.newSubscription).toHaveBeenCalledWith(`agent:${AGENT_ID}`);
-    expect(mockClient.newSubscription).toHaveBeenCalledTimes(1);
-    expect(commandSub.subscribe).toHaveBeenCalled();
-    expect(mockClient.connect).toHaveBeenCalled();
-    expect(commandSub.on).toHaveBeenCalledWith('publication', expect.any(Function));
-  });
-
-  it('getToken fetches JWT from backend with correct headers', async () => {
-    const commandSub = createMockSubscription(`agent:${AGENT_ID}`);
-    const mockClient = createMockClient([commandSub]);
-    let capturedGetToken: (() => Promise<string>) | undefined;
-    MockCentrifuge.mockImplementation((_url, opts: any) => {
-      capturedGetToken = opts.getToken;
-      return mockClient as any;
-    });
-
-    const { createConnection } = await import('../src/connection');
-    createConnection({
-      url: 'ws://localhost:8000/connection/websocket',
-      token: AGENT_TOKEN,
-      agentId: AGENT_ID,
-      backendUrl: BACKEND_URL,
-      api: makeApi(),
-    });
-
-    expect(capturedGetToken).toBeDefined();
-    const result = await capturedGetToken!();
-
-    expect(result).toBe(JWT);
-    expect(global.fetch).toHaveBeenCalledWith(
-      `${BACKEND_URL}/api/internal/centrifugo-token`,
-      expect.objectContaining({
-        method: 'POST',
-        headers: expect.objectContaining({
-          'Authorization': `Bearer ${AGENT_TOKEN}`,
-          'Content-Type': 'application/json',
-        }),
-        body: JSON.stringify({ agentId: AGENT_ID }),
-      })
-    );
-  });
-
-  it('getToken retries once and succeeds on second attempt', async () => {
-    const commandSub = createMockSubscription(`agent:${AGENT_ID}`);
-    const mockClient = createMockClient([commandSub]);
-    let capturedGetToken: (() => Promise<string>) | undefined;
-    MockCentrifuge.mockImplementation((_url, opts: any) => {
-      capturedGetToken = opts.getToken;
-      return mockClient as any;
-    });
-
-    // First call fails, second succeeds
-    global.fetch = jest.fn()
-      .mockRejectedValueOnce(new Error('network error'))
-      .mockResolvedValueOnce({
-        ok: true,
-        json: () => Promise.resolve({ token: JWT }),
-      } as unknown as Response);
-
-    const consoleSpy = jest.spyOn(console, 'error').mockImplementation(() => {});
-
-    const { createConnection } = await import('../src/connection');
-    createConnection({
-      url: 'ws://localhost:8000/connection/websocket',
-      token: AGENT_TOKEN,
-      agentId: AGENT_ID,
-      backendUrl: BACKEND_URL,
-      api: makeApi(),
-    });
-
-    const result = await capturedGetToken!();
-    expect(result).toBe(JWT);
-    expect(global.fetch).toHaveBeenCalledTimes(2);
-    expect(consoleSpy).toHaveBeenCalledWith(
-      expect.stringContaining('Failed to fetch Centrifugo JWT'),
-      expect.anything()
-    );
-    consoleSpy.mockRestore();
-  });
-
-  it('getToken throws after both attempts fail', async () => {
-    const commandSub = createMockSubscription(`agent:${AGENT_ID}`);
-    const mockClient = createMockClient([commandSub]);
-    let capturedGetToken: (() => Promise<string>) | undefined;
-    MockCentrifuge.mockImplementation((_url, opts: any) => {
-      capturedGetToken = opts.getToken;
-      return mockClient as any;
-    });
-
-    const fetchError = new Error('network down');
-    global.fetch = jest.fn().mockRejectedValue(fetchError);
-
-    const consoleSpy = jest.spyOn(console, 'error').mockImplementation(() => {});
-
-    const { createConnection } = await import('../src/connection');
-    createConnection({
-      url: 'ws://localhost:8000/connection/websocket',
-      token: AGENT_TOKEN,
-      agentId: AGENT_ID,
-      backendUrl: BACKEND_URL,
-      api: makeApi(),
-    });
-
-    await expect(capturedGetToken!()).rejects.toThrow('network down');
-    expect(global.fetch).toHaveBeenCalledTimes(2);
-    consoleSpy.mockRestore();
-  });
-
-  it('getToken throws when backend returns non-ok HTTP status', async () => {
-    const commandSub = createMockSubscription(`agent:${AGENT_ID}`);
-    const mockClient = createMockClient([commandSub]);
-    let capturedGetToken: (() => Promise<string>) | undefined;
-    MockCentrifuge.mockImplementation((_url, opts: any) => {
-      capturedGetToken = opts.getToken;
-      return mockClient as any;
-    });
-
-    global.fetch = jest.fn().mockResolvedValue({
-      ok: false,
-      status: 401,
-      text: () => Promise.resolve('Unauthorized'),
-    } as unknown as Response);
-
-    const consoleSpy = jest.spyOn(console, 'error').mockImplementation(() => {});
-
-    const { createConnection } = await import('../src/connection');
-    createConnection({
-      url: 'ws://localhost:8000/connection/websocket',
-      token: AGENT_TOKEN,
-      agentId: AGENT_ID,
-      backendUrl: BACKEND_URL,
-      api: makeApi(),
-    });
-
-    await expect(capturedGetToken!()).rejects.toThrow('HTTP 401');
-    // Both attempts return 401 → called twice
-    expect(global.fetch).toHaveBeenCalledTimes(2);
-    consoleSpy.mockRestore();
-  });
-
-  it('routes exec command to handler and publishes via api.publishResponse', async () => {
-    const commandSub = createMockSubscription(`agent:${AGENT_ID}`);
-    const mockClient = createMockClient([commandSub]);
-    MockCentrifuge.mockImplementation(() => mockClient as any);
-
-    jest.mock('node:child_process', () => ({
-      exec: jest.fn((_cmd: string, _opts: unknown, cb: Function) => {
-        cb(null, Buffer.from('output'), Buffer.from(''));
-      }),
-    }));
-
-    const api = makeApi();
-    const { createConnection } = await import('../src/connection');
-    createConnection({
-      url: 'ws://localhost:8000/connection/websocket',
-      token: AGENT_TOKEN,
-      agentId: AGENT_ID,
-      backendUrl: BACKEND_URL,
-      api,
-    });
-
-    // Simulate a publication on the command channel
-    const publicationHandler = commandSub._handlers['publication'];
-    expect(publicationHandler).toBeDefined();
-
-    await publicationHandler({
-      data: { id: 'cmd-1', type: 'exec', payload: { command: 'echo hi' } },
-      channel: `agent:${AGENT_ID}`,
-    });
-
-    // Should have published a response via api, not client.publish
-    expect(mockClient.publish).not.toHaveBeenCalled();
-    expect(api.publishResponse).toHaveBeenCalledWith(
-      AGENT_ID,
-      expect.objectContaining({ id: 'cmd-1', type: 'exec' })
-    );
-  });
-
-  it('handles unknown command types gracefully', async () => {
-    const commandSub = createMockSubscription(`agent:${AGENT_ID}`);
-    const mockClient = createMockClient([commandSub]);
-    MockCentrifuge.mockImplementation(() => mockClient as any);
-
-    const consoleSpy = jest.spyOn(console, 'error').mockImplementation(() => {});
-
-    const api = makeApi();
-    const { createConnection } = await import('../src/connection');
-    createConnection({
-      url: 'ws://localhost:8000/connection/websocket',
-      token: AGENT_TOKEN,
-      agentId: AGENT_ID,
-      backendUrl: BACKEND_URL,
-      api,
-    });
-
-    const publicationHandler = commandSub._handlers['publication'];
-    await publicationHandler({
-      data: { id: 'cmd-2', type: 'unknown_cmd', payload: {} },
-      channel: `agent:${AGENT_ID}`,
-    });
-
-    expect(consoleSpy).toHaveBeenCalledWith(expect.stringContaining('Unknown command type'));
-    expect(mockClient.publish).not.toHaveBeenCalled();
-    expect(api.publishResponse).not.toHaveBeenCalled();
-    consoleSpy.mockRestore();
-  });
-});

package/__tests__/file-delete.test.ts

@@ -1,90 +0,0 @@
-import { handleFileDelete } from '../src/handlers/file-delete';
-import type { AgentCommand } from '../src/types';
-import fs from 'node:fs/promises';
-
-jest.mock('node:fs/promises');
-
-const mockUnlink = fs.unlink as jest.Mock;
-
-const baseCmd: AgentCommand = { id: '1', type: 'file_delete', payload: {} };
-
-describe('handleFileDelete', () => {
-  beforeEach(() => {
-    jest.clearAllMocks();
-    mockUnlink.mockResolvedValue(undefined);
-  });
-
-  it('deletes file and returns success', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'config/agent.yml' } };
-    const res = await handleFileDelete(cmd);
-    expect(res.success).toBe(true);
-    expect(mockUnlink).toHaveBeenCalledWith(expect.stringContaining('agent.yml'));
-  });
-
-  it('returns resolved path in data on success', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'some/file.txt' } };
-    const res = await handleFileDelete(cmd);
-    expect(res.success).toBe(true);
-    expect(res.data?.path).toEqual(expect.stringContaining('file.txt'));
-  });
-
-  it('rejects path traversal with ".."', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: '../etc/passwd' } };
-    const res = await handleFileDelete(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('Invalid path');
-    expect(mockUnlink).not.toHaveBeenCalled();
-  });
-
-  it('rejects nested path traversal (foo/../bar)', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'foo/../bar/secret' } };
-    const res = await handleFileDelete(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('Invalid path');
-    expect(mockUnlink).not.toHaveBeenCalled();
-  });
-
-  it('rejects absolute path starting with "/"', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: '/etc/passwd' } };
-    const res = await handleFileDelete(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('Invalid path');
-    expect(mockUnlink).not.toHaveBeenCalled();
-  });
-
-  it('returns error when path is missing', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: {} };
-    const res = await handleFileDelete(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('Missing');
-    expect(mockUnlink).not.toHaveBeenCalled();
-  });
-
-  it('returns error when unlink fails (file not found)', async () => {
-    mockUnlink.mockRejectedValue(new Error('ENOENT: no such file or directory'));
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'missing.txt' } };
-    const res = await handleFileDelete(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('ENOENT');
-  });
-
-  it('returns error when unlink fails (permission denied)', async () => {
-    mockUnlink.mockRejectedValue(new Error('EACCES: permission denied'));
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'protected.txt' } };
-    const res = await handleFileDelete(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('EACCES');
-  });
-
-  it('response type is file_delete', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'file.txt' } };
-    const res = await handleFileDelete(cmd);
-    expect(res.type).toBe('file_delete');
-  });
-
-  it('response id matches command id', async () => {
-    const cmd: AgentCommand = { ...baseCmd, id: 'unique-cmd-id', payload: { path: 'file.txt' } };
-    const res = await handleFileDelete(cmd);
-    expect(res.id).toBe('unique-cmd-id');
-  });
-});

package/__tests__/file-write.test.ts

@@ -1,119 +0,0 @@
-import { handleFileWrite } from '../src/handlers/file-write';
-import type { AgentCommand } from '../src/types';
-import fs from 'node:fs/promises';
-
-jest.mock('node:fs/promises');
-
-const mockMkdir = fs.mkdir as jest.Mock;
-const mockWriteFile = fs.writeFile as jest.Mock;
-const mockAccess = fs.access as jest.Mock;
-
-const baseCmd: AgentCommand = { id: '1', type: 'file_write', payload: {} };
-
-describe('handleFileWrite', () => {
-  beforeEach(() => {
-    jest.clearAllMocks();
-    mockMkdir.mockResolvedValue(undefined);
-    mockWriteFile.mockResolvedValue(undefined);
-  });
-
-  it('writes file and returns written:true', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'config/agent.yml', content: 'key: val' } };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(true);
-    expect(res.data?.written).toBe(true);
-    expect(mockWriteFile).toHaveBeenCalledWith(
-      expect.stringContaining('agent.yml'),
-      'key: val',
-      'utf-8',
-    );
-  });
-
-  it('skips write when overwrite=false and file already exists', async () => {
-    mockAccess.mockResolvedValue(undefined); // file exists
-    const cmd: AgentCommand = {
-      ...baseCmd,
-      payload: { path: 'config/agent.yml', content: 'key: val', overwrite: false },
-    };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(true);
-    expect(res.data?.written).toBe(false);
-    expect(res.data?.skipped).toBe(true);
-    expect(mockWriteFile).not.toHaveBeenCalled();
-  });
-
-  it('writes when overwrite=false and file does not exist', async () => {
-    mockAccess.mockRejectedValue(new Error('ENOENT'));
-    const cmd: AgentCommand = {
-      ...baseCmd,
-      payload: { path: 'config/new.yml', content: 'data', overwrite: false },
-    };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(true);
-    expect(res.data?.written).toBe(true);
-    expect(mockWriteFile).toHaveBeenCalled();
-  });
-
-  it('rejects path traversal with ".."', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: '../etc/passwd', content: 'root' } };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('Invalid path');
-    expect(mockWriteFile).not.toHaveBeenCalled();
-  });
-
-  it('rejects nested path traversal (foo/../bar)', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'foo/../bar/secret', content: 'x' } };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('Invalid path');
-    expect(mockWriteFile).not.toHaveBeenCalled();
-  });
-
-  it('rejects absolute path starting with "/"', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: '/etc/passwd', content: 'root' } };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('Invalid path');
-    expect(mockWriteFile).not.toHaveBeenCalled();
-  });
-
-  it('creates parent directories before writing', async () => {
-    const cmd: AgentCommand = {
-      ...baseCmd,
-      payload: { path: 'deep/nested/dir/file.txt', content: 'hello' },
-    };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(true);
-    expect(mockMkdir).toHaveBeenCalledWith(expect.any(String), { recursive: true });
-  });
-
-  it('returns error when path is missing', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { content: 'data' } };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('Missing');
-  });
-
-  it('returns error when content is missing', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'file.txt' } };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('Missing');
-  });
-
-  it('allows empty string content', async () => {
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'empty.txt', content: '' } };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(true);
-    expect(mockWriteFile).toHaveBeenCalledWith(expect.any(String), '', 'utf-8');
-  });
-
-  it('returns error when writeFile fails', async () => {
-    mockWriteFile.mockRejectedValue(new Error('EACCES: permission denied'));
-    const cmd: AgentCommand = { ...baseCmd, payload: { path: 'file.txt', content: 'data' } };
-    const res = await handleFileWrite(cmd);
-    expect(res.success).toBe(false);
-    expect(res.error).toContain('EACCES');
-  });
-});