npm - create-workframe - Versions diffs - 0.1.0 → 0.1.2 - Mend

create-workframe 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (198) hide show

package/workframe-api/tests/test_device_oauth.py DELETED Viewed

@@ -1,108 +0,0 @@
-from __future__ import annotations
-import importlib.util
-import json
-from pathlib import Path
-import pytest
-SERVER_PATH = Path(__file__).resolve().parents[1] / "server.py"
-spec = importlib.util.spec_from_file_location("workframe_server", SERVER_PATH)
-server = importlib.util.module_from_spec(spec)
-assert spec.loader is not None
-spec.loader.exec_module(server)
-@pytest.fixture()
-def user_env(tmp_path: Path, monkeypatch: pytest.MonkeyPatch) -> str:
-    monkeypatch.setattr(server, "HERMES_DATA", tmp_path)
-    user_id = "user-oauth-1"
-    return user_id
-def test_parse_device_oauth_log_extracts_uri_and_code() -> None:
-    sample = (
-        "To continue, follow these steps:\n\n"
-        "  1. Open this URL in your browser:\n"
-        "     \x1b[94mhttps://auth.openai.com/codex/device\x1b[0m\n\n"
-        "  2. Enter this code:\n"
-        "     \x1b[94mABCD-1234\x1b[0m\n\n"
-        "Waiting for sign-in...\n"
-    )
-    parsed = server._parse_device_oauth_log(sample)
-    assert parsed["verification_uri"] == "https://auth.openai.com/codex/device"
-    assert parsed["user_code"] == "ABCD-1234"
-def test_hermes_oauth_tokens_present_reads_providers_block(user_env: str) -> None:
-    auth_path = server._user_hermes_auth_path(user_env)
-    auth_path.parent.mkdir(parents=True, exist_ok=True)
-    auth_path.write_text(
-        json.dumps(
-            {
-                "providers": {
-                    "openai-codex": {
-                        "tokens": {"access_token": "tok", "refresh_token": "ref"},
-                    }
-                }
-            }
-        ),
-        encoding="utf-8",
-    )
-    assert server._hermes_oauth_tokens_present(user_env, "openai-codex") is True
-def test_list_user_providers_marks_codex_connected_from_auth_json(user_env: str) -> None:
-    auth_path = server._user_hermes_auth_path(user_env)
-    auth_path.parent.mkdir(parents=True, exist_ok=True)
-    auth_path.write_text(
-        json.dumps(
-            {
-                "providers": {
-                    "openai-codex": {
-                        "tokens": {"access_token": "tok"},
-                    }
-                }
-            }
-        ),
-        encoding="utf-8",
-    )
-    payload = server.list_user_providers(user_env)
-    codex = next(row for row in payload["providers"] if row["id"] == "codex")
-    assert codex["connected"] is True
-def test_load_user_hermes_auth_reads_gateway_fallback(user_env: str, monkeypatch: pytest.MonkeyPatch) -> None:
-    monkeypatch.setattr(server, "_read_gateway_data_file", lambda rel: json.dumps({
-        "providers": {"openai-codex": {"tokens": {"access_token": "tok"}}},
-    }))
-    loaded = server._load_user_hermes_auth(user_env)
-    assert isinstance(loaded, dict)
-    assert server._hermes_oauth_tokens_present(user_env, "openai-codex") is True
-def test_spawn_hermes_device_oauth_uses_detached_exec(user_env: str, monkeypatch: pytest.MonkeyPatch) -> None:
-    calls: list[list[str]] = []
-    def fake_detached(cmd: list[str]) -> tuple[int, str]:
-        calls.append(cmd)
-        return 0, ""
-    monkeypatch.setattr(server, "_gateway_container_exec_detached", fake_detached)
-    rc, _ = server._spawn_hermes_device_oauth(user_env, "openai-codex", "/opt/data/profiles/x/.oauth.log")
-    assert rc == 0
-    assert calls
-    joined = " ".join(calls[0])
-    assert "auth add openai-codex" in joined
-    assert "su -s /bin/sh hermes" in joined
-def test_list_user_providers_marks_deepseek_connected_from_env(user_env: str) -> None:
-    env_path = server._user_hermes_env_path(user_env)
-    env_path.parent.mkdir(parents=True, exist_ok=True)
-    env_path.write_text("DEEPSEEK_API_KEY=sk-deep\n", encoding="utf-8")
-    payload = server.list_user_providers(user_env)
-    deepseek = next(row for row in payload["providers"] if row["id"] == "deepseek")
-    assert deepseek["connected"] is True

package/workframe-api/tests/test_doctor_repair.py DELETED Viewed

@@ -1,103 +0,0 @@
-"""Explicit doctor repair — opt-in runtime provisioning for agent DM rooms."""
-import os
-import tempfile
-import unittest
-from pathlib import Path
-from unittest import mock
-import server
-from db_setup import ensure_workframe_schemas
-class DoctorRepairTests(unittest.TestCase):
-    def setUp(self) -> None:
-        self.tmp = tempfile.TemporaryDirectory()
-        self.addCleanup(self.tmp.cleanup)
-        data = Path(self.tmp.name) / "data"
-        data.mkdir()
-        self.patches = [
-            mock.patch.object(server, "DATA_DIR", data),
-            mock.patch.object(server, "AUTH_DB_PATH", data / "auth.db"),
-            mock.patch.object(server, "_workframe_db_path", return_value=data / "workframe.db"),
-            mock.patch.dict(os.environ, {"WORKFRAME_PROJECT": "Workframe"}, clear=False),
-        ]
-        for patch in self.patches:
-            patch.start()
-            self.addCleanup(patch.stop)
-        ensure_workframe_schemas()
-        self.workspace_id = "ws-1"
-        self.user_id = "user-1"
-        self.agent_id = "a0000000-0000-4000-8000-000000000001"
-        self.agent_slug = "workframe-agent"
-        self.room_id = "room-1"
-        conn = server._workframe_db()
-        try:
-            now = "1"
-            conn.execute(
-                "INSERT INTO workspaces (id, slug, display_name, owner_id, status, created_at, updated_at) VALUES (?,?,?,?,?,?,?)",
-                (self.workspace_id, "default", "Workframe", self.user_id, "active", now, now),
-            )
-            conn.execute(
-                """
-                INSERT INTO agent_profiles (id, workspace_id, slug, display_name, status, created_at, updated_at)
-                VALUES (?, ?, ?, ?, 'available', ?, ?)
-                """,
-                (self.agent_id, self.workspace_id, self.agent_slug, "Agent", now, now),
-            )
-            conn.execute(
-                """
-                INSERT INTO rooms (
-                    id, workspace_id, agent_profile_id, name, slug, room_type, status, created_at, updated_at
-                ) VALUES (?, ?, ?, 'Agent', 'dm-agent', 'direct', 'active', ?, ?)
-                """,
-                (self.room_id, self.workspace_id, self.agent_id, now, now),
-            )
-            conn.execute(
-                """
-                INSERT INTO room_memberships (id, room_id, user_id, role, status, joined_at, updated_at)
-                VALUES ('rm-1', ?, ?, 'member', 'active', ?, ?)
-                """,
-                (self.room_id, self.user_id, now, now),
-            )
-            conn.commit()
-        finally:
-            conn.close()
-    @mock.patch.object(server, "_runtime_profile_on_disk", return_value=False)
-    def test_audit_reports_missing(self, _on_disk) -> None:
-        out = server.doctor_audit_agent_dm_runtimes()
-        self.assertTrue(out["ok"])
-        self.assertEqual(out["total"], 1)
-        self.assertEqual(out["present"], 0)
-        self.assertEqual(len(out["missing"]), 1)
-        self.assertEqual(out["missing"][0]["runtime"], "u-user-1-workframe-agent")
-    def test_resolved_session_title_falls_back_to_room_sessions(self) -> None:
-        with mock.patch.object(server, "_session_info", return_value={"title": ""}):
-            title = server._resolved_session_title(
-                "u-user-1-workframe-agent",
-                "sid-1",
-                "Session with Workframe Agent (9)",
-            )
-        self.assertEqual(title, "Session with Workframe Agent (9)")
-    @mock.patch.object(server, "_runtime_profile_on_disk")
-    @mock.patch.object(server, "ensure_runtime_profile")
-    def test_repair_provisions_missing(self, ensure_runtime, on_disk) -> None:
-        on_disk.side_effect = [False, True, True]
-        out = server.doctor_repair_agent_dm_runtimes(repair=True)
-        self.assertTrue(out["ok"])
-        self.assertEqual(out["missing_before"], 1)
-        self.assertEqual(len(out["repaired"]), 1)
-        ensure_runtime.assert_called_once_with(
-            "u-user-1-workframe-agent",
-            self.agent_slug,
-            self.user_id,
-            self.workspace_id,
-        )
-if __name__ == "__main__":
-    unittest.main()

package/workframe-api/tests/test_ensure_profile_api.py DELETED Viewed

@@ -1,77 +0,0 @@
-import importlib.util
-import unittest
-from pathlib import Path
-from unittest.mock import patch
-ROOT = Path(__file__).resolve().parents[2]
-API = ROOT / "workframe-api" / "server.py"
-def _load_api():
-    spec = importlib.util.spec_from_file_location("workframe_api", API)
-    mod = importlib.util.module_from_spec(spec)
-    assert spec and spec.loader
-    spec.loader.exec_module(mod)
-    return mod
-class EnsureProfileApiTest(unittest.TestCase):
-    def test_healthy_profile_skips_gateway_reload(self) -> None:
-        api = _load_api()
-        with patch.object(api, "resolve_validated_profile", return_value="architect"), patch.object(
-            api, "_primary_profile", return_value="workframe-agent"
-        ), patch.object(api, "_bootstrap_profile_providers") as bootstrap, patch.object(
-            api, "_profile_api_healthy", return_value=True
-        ), patch.object(api, "_gateway_exec") as gateway_exec:
-            out = api.ensure_profile_api("architect", "user-1", "ws-1")
-            bootstrap.assert_not_called()
-            gateway_exec.assert_not_called()
-            self.assertFalse(out.get("started"))
-    def test_cold_start_waits_for_health(self) -> None:
-        api = _load_api()
-        with patch.object(api, "resolve_validated_profile", return_value="architect"), patch.object(
-            api, "_primary_profile", return_value="workframe-agent"
-        ), patch.object(api, "_bootstrap_profile_providers", return_value=False), patch.object(
-            api, "_profile_api_healthy", side_effect=[False, False, True]
-        ), patch.object(
-            api, "profile_gateway_lifecycle", return_value={"ok": True, "action": "start"}
-        ) as start, patch.object(api, "_wait_profile_api_healthy", return_value=True) as wait:
-            out = api.ensure_profile_api("architect", "user-1", "ws-1")
-            start.assert_called_once_with("architect", "start", bootstrap_providers=True)
-            wait.assert_called_once()
-            self.assertTrue(out.get("started"))
-    def test_cold_start_skips_bootstrap_when_already_seeded(self) -> None:
-        api = _load_api()
-        with patch.object(api, "resolve_validated_profile", return_value="architect"), patch.object(
-            api, "_primary_profile", return_value="workframe-agent"
-        ), patch.object(api, "_bootstrap_profile_providers") as bootstrap, patch.object(
-            api, "_profile_api_healthy", side_effect=[False, False, True]
-        ), patch.object(
-            api, "profile_gateway_lifecycle", return_value={"ok": True, "action": "start"}
-        ) as start, patch.object(api, "_wait_profile_api_healthy", return_value=True):
-            api.ensure_profile_api("architect", "user-1", "ws-1", bootstrap_providers=False)
-            bootstrap.assert_not_called()
-            start.assert_called_once_with("architect", "start", bootstrap_providers=False)
-    def test_primary_cold_start_configures_and_restarts_gateway(self) -> None:
-        api = _load_api()
-        with patch.object(api, "resolve_hermes_profile", return_value="workframe-agent"), patch.object(
-            api, "_primary_profile", return_value="workframe-agent"
-        ), patch.object(api, "_profile_api_port", return_value=8642), patch.object(
-            api, "_profile_api_healthy", return_value=False
-        ), patch.object(
-            api, "_configure_profile_api", return_value=(True, "ok", 8642)
-        ) as configure, patch.object(api, "_restart_stack_gateway", return_value={"ok": True}) as restart, patch.object(
-            api, "_wait_profile_api_healthy", return_value=True
-        ) as wait:
-            out = api.ensure_profile_api("workframe-agent", "user-1", "ws-1")
-            configure.assert_called_once_with("workframe-agent")
-            restart.assert_called_once()
-            wait.assert_called_once_with("workframe-agent")
-            self.assertTrue(out.get("started"))
-if __name__ == "__main__":
-    unittest.main()

package/workframe-api/tests/test_gateway_compose_security.py DELETED Viewed

@@ -1,136 +0,0 @@
-"""Compose and deployment-mode guards for gateway control-plane isolation."""
-from __future__ import annotations
-import re
-import unittest
-from pathlib import Path
-COMPOSE_PATH = (
-    Path(__file__).resolve().parents[3] / "infra" / "compose" / "workframe" / "docker-compose.yml"
-)
-PUBLIC_COMPOSE_PATH = COMPOSE_PATH.parent / "docker-compose.public.yml"
-# ponytail: substring match — catches ZK_AUTH_HMAC_KEY, WORKFRAME_SUPERVISOR_TOKEN, etc.
-FORBIDDEN_GATEWAY_ENV_MARKERS = (
-    "WORKFRAME_SUPERVISOR_TOKEN",
-    "WORKFRAME_API_TOKEN",
-    "ZK_AUTH_",
-    "SMTP_PASS",
-    "WORKFRAME_GITHUB_OAUTH_CLIENT_SECRET",
-)
-def _service_block(compose_text: str, service: str) -> str:
-    match = re.search(rf"^  {re.escape(service)}:\n", compose_text, re.MULTILINE)
-    if not match:
-        raise AssertionError(f"service {service!r} not found in compose")
-    start = match.start()
-    tail = compose_text[start + 1 :]
-    next_svc = re.search(r"^  [a-z0-9-]+:\n", tail, re.MULTILINE)
-    end = start + 1 + (next_svc.start() if next_svc else len(tail))
-    return compose_text[start:end]
-class GatewayComposeSecurityTests(unittest.TestCase):
-    @classmethod
-    def setUpClass(cls) -> None:
-        cls.compose_text = COMPOSE_PATH.read_text(encoding="utf-8")
-        cls.gateway_block = _service_block(cls.compose_text, "gateway")
-        cls.api_block = _service_block(cls.compose_text, "workframe-api")
-        cls.supervisor_block = _service_block(cls.compose_text, "workframe-supervisor")
-    def test_gateway_has_no_env_file(self) -> None:
-        self.assertNotIn("env_file:", self.gateway_block)
-    def test_gateway_not_on_control_net(self) -> None:
-        self.assertIn("workframe-net", self.gateway_block)
-        self.assertNotIn("control-net", self.gateway_block)
-    def test_supervisor_only_on_control_net(self) -> None:
-        self.assertIn("control-net", self.supervisor_block)
-        self.assertNotIn("workframe-net", self.supervisor_block)
-    def test_api_on_both_networks(self) -> None:
-        self.assertIn("workframe-net", self.api_block)
-        self.assertIn("control-net", self.api_block)
-    def test_gateway_environment_has_no_control_secrets(self) -> None:
-        env_section = re.search(r"environment:\n((?:      - .+\n)+)", self.gateway_block)
-        self.assertIsNotNone(env_section, "gateway environment block missing")
-        env_lines = env_section.group(1) if env_section else ""
-        for marker in FORBIDDEN_GATEWAY_ENV_MARKERS:
-            self.assertNotIn(marker, env_lines, f"gateway env must not reference {marker}")
-    def test_gateway_mounts_proxy_token_volume_not_api_data(self) -> None:
-        self.assertIn("workframe-proxy-token:/run/workframe-proxy", self.gateway_block)
-        self.assertNotIn("workframe-api-data", self.gateway_block)
-    def test_public_overlay_api_has_no_docker_sock(self) -> None:
-        public_text = PUBLIC_COMPOSE_PATH.read_text(encoding="utf-8")
-        api_block = _service_block(public_text, "workframe-api")
-        self.assertNotIn("/var/run/docker.sock", api_block)
-        self.assertNotIn(":/project", api_block)
-class HermesDashboardGateTests(unittest.TestCase):
-    def test_public_mode_denies_member(self) -> None:
-        import server
-        from unittest.mock import patch
-        handler = type("H", (), {"auth_user": "u1", "auth_role": "member"})()
-        with patch.object(server, "DEPLOYMENT_MODE", "public_multi_user"), patch.object(
-            server, "DEV_LOCAL_UNSAFE", False
-        ):
-            self.assertEqual(server._hermes_dashboard_gate_status(handler), 403)
-    def test_public_mode_allows_admin(self) -> None:
-        import server
-        from unittest.mock import patch
-        handler = type("H", (), {"auth_user": "u1", "auth_role": "admin"})()
-        with patch.object(server, "DEPLOYMENT_MODE", "public_multi_user"), patch.object(
-            server, "DEV_LOCAL_UNSAFE", False
-        ):
-            self.assertEqual(server._hermes_dashboard_gate_status(handler), 204)
-    def test_single_user_local_allows_anonymous(self) -> None:
-        import server
-        from unittest.mock import patch
-        handler = type("H", (), {"auth_user": "", "auth_role": ""})()
-        with patch.object(server, "DEPLOYMENT_MODE", "single_user_local"):
-            self.assertEqual(server._hermes_dashboard_gate_status(handler), 204)
-class PublicDeploymentValidationTests(unittest.TestCase):
-    def test_public_mode_requires_https_and_smtp(self) -> None:
-        import server
-        from unittest.mock import patch
-        with patch.object(server, "DEPLOYMENT_MODE", "public_multi_user"), patch.object(
-            server, "DEV_LOCAL_UNSAFE", False
-        ), patch.object(server, "SECURE_MODE", True), patch.object(
-            server, "_supervisor_ready", return_value=True
-        ), patch.object(server, "_install_window_open", return_value=False), patch.object(
-            server, "APP_BASE_URL", "http://insecure.example"
-        ), patch.dict(
-            "os.environ",
-            {
-                "ZK_AUTH_HMAC_KEY": "a",
-                "ZK_AUTH_ENCRYPTION_KEY": "b",
-                "ZK_AUTH_SESSION_SECRET": "c",
-                "WORKFRAME_API_TOKEN": "d",
-                "SMTP_HOST": "",
-            },
-            clear=False,
-        ):
-            errors = server._deployment_security_errors()
-        self.assertTrue(any("APP_BASE_URL" in e for e in errors))
-        self.assertTrue(any("SMTP_HOST" in e for e in errors))
-        self.assertTrue(any("WORKFRAME_PROXY_TOKEN" in e for e in errors))
-if __name__ == "__main__":
-    unittest.main()

package/workframe-api/tests/test_install_secure_host.py DELETED Viewed

@@ -1,39 +0,0 @@
-"""Install-window host/origin gate — setup must not require ALLOWED_HOSTS to match yet."""
-from __future__ import annotations
-import unittest
-from unittest import mock
-import server
-class InstallSecureHostTests(unittest.TestCase):
-    def setUp(self) -> None:
-        self._old_hosts = server.ALLOWED_HOSTS
-        self._old_dev = server.DEV_LOCAL_UNSAFE
-        server.DEV_LOCAL_UNSAFE = False
-        server.ALLOWED_HOSTS = ["dev.example.com"]
-    def tearDown(self) -> None:
-        server.ALLOWED_HOSTS = self._old_hosts
-        server.DEV_LOCAL_UNSAFE = self._old_dev
-    def test_allowed_hosts_unions_loopback_when_configured(self) -> None:
-        hosts = server._allowed_hosts()
-        self.assertIn("dev.example.com", hosts)
-        self.assertIn("127.0.0.1", hosts)
-    def test_install_stack_patch_ok_during_install_window_via_tunnel(self) -> None:
-        headers = {"Host": "127.0.0.1:28644", "Origin": "http://127.0.0.1:28644"}
-        with mock.patch.object(server, "_install_window_open", return_value=True):
-            self.assertTrue(server._secure_host_origin_ok("PATCH", "/api/install/stack", headers))
-    def test_install_stack_patch_denied_after_install_window(self) -> None:
-        headers = {"Host": "evil.test", "Origin": "http://evil.test"}
-        with mock.patch.object(server, "_install_window_open", return_value=False):
-            self.assertFalse(server._secure_host_origin_ok("PATCH", "/api/install/stack", headers))
-if __name__ == "__main__":
-    unittest.main()

package/workframe-api/tests/test_internal_proxy_auth.py DELETED Viewed

@@ -1,125 +0,0 @@
-"""Internal proxy auth + Google OIDC verification."""
-from __future__ import annotations
-import json
-import os
-import tempfile
-import unittest
-from pathlib import Path
-from unittest.mock import patch
-import google_auth
-import internal_proxy_auth
-import llm_proxy
-import oidc_jwt
-class InternalProxyAuthTests(unittest.TestCase):
-    def setUp(self) -> None:
-        internal_proxy_auth.reset_proxy_token_for_tests()
-        os.environ.pop("WORKFRAME_PROXY_TOKEN", None)
-    def tearDown(self) -> None:
-        internal_proxy_auth.reset_proxy_token_for_tests()
-        os.environ.pop("WORKFRAME_PROXY_TOKEN", None)
-    def test_private_ip_allows_without_token_when_unconfigured(self) -> None:
-        self.assertTrue(internal_proxy_auth.is_internal_client("172.19.0.2"))
-        self.assertFalse(internal_proxy_auth.is_internal_client("8.8.8.8"))
-        class _H:
-            client_address = ("172.19.0.2", 1)
-            headers = {}
-        ok, err = internal_proxy_auth.authorize_internal_proxy(_H())  # type: ignore[arg-type]
-        self.assertTrue(ok)
-        self.assertEqual(err, "")
-    def test_configured_token_requires_header(self) -> None:
-        os.environ["WORKFRAME_PROXY_TOKEN"] = "secret-proxy"
-        class _H:
-            client_address = ("172.19.0.2", 1)
-            headers = {"X-Workframe-Proxy-Token": "secret-proxy"}
-        ok, err = internal_proxy_auth.authorize_internal_proxy(_H())  # type: ignore[arg-type]
-        self.assertTrue(ok)
-        _H.headers = {}
-        ok, err = internal_proxy_auth.authorize_internal_proxy(_H())  # type: ignore[arg-type]
-        self.assertFalse(ok)
-        self.assertEqual(err, "proxy token required")
-    def test_llm_proxy_rejects_missing_token(self) -> None:
-        os.environ["WORKFRAME_PROXY_TOKEN"] = "secret-proxy"
-        class FakeWriter:
-            def __init__(self) -> None:
-                self.data = b""
-            def write(self, chunk: bytes) -> None:
-                self.data += chunk
-            def flush(self) -> None:
-                pass
-        class FakeHandler:
-            client_address = ("172.19.0.2", 1)
-            headers = {"Authorization": "Bearer wf_rt_test"}
-            def __init__(self) -> None:
-                self.wfile = FakeWriter()
-                self.status = 0
-            def send_response(self, status: int) -> None:
-                self.status = status
-            def send_header(self, _key: str, _value: str) -> None:
-                pass
-            def end_headers(self) -> None:
-                pass
-        handler = FakeHandler()
-        handled = llm_proxy.handle_proxy_request(
-            handler,
-            "/internal/llm/openrouter/v1/chat/completions",
-            "POST",
-            b"{}",
-            resolve_secret=lambda *_args: ("OPENROUTER_API_KEY", "sk-test"),
-        )
-        self.assertTrue(handled)
-        self.assertEqual(handler.status, 403)
-        self.assertIn(b"proxy token required", handler.wfile.data)
-    def test_bootstrap_writes_shared_and_data_files(self) -> None:
-        with tempfile.TemporaryDirectory() as tmp:
-            os.environ["WORKFRAME_API_DATA_DIR"] = tmp
-            internal_proxy_auth.reset_proxy_token_for_tests()
-            token = internal_proxy_auth.bootstrap_proxy_token(allow_generate_file=True)
-            self.assertTrue(token)
-            self.assertTrue((Path(tmp) / ".proxy_token").is_file())
-class GoogleOidcTests(unittest.TestCase):
-    def test_verify_google_id_token_checks_signature(self) -> None:
-        with patch.object(oidc_jwt, "verify_rs256_id_token") as verify:
-            verify.return_value = {
-                "email": "user@example.com",
-                "name": "User",
-                "email_verified": True,
-            }
-            with patch.object(google_auth, "_google_creds", return_value=("client-id", "secret")):
-                google_auth._PENDING["state-1"] = {"invite_email": "", "invite_token": ""}
-                with patch.object(google_auth.urllib.request, "urlopen") as urlopen:
-                    urlopen.return_value.__enter__.return_value.read.return_value = json.dumps(
-                        {"id_token": "header.payload.sig"}
-                    ).encode()
-                    profile = google_auth.exchange_google_code("code", "state-1")
-            verify.assert_called_once()
-            self.assertEqual(profile["email"], "user@example.com")
-if __name__ == "__main__":
-    unittest.main()

package/workframe-api/tests/test_invite_runtime_bootstrap.py DELETED Viewed

@@ -1,72 +0,0 @@
-import tempfile
-import unittest
-from pathlib import Path
-from unittest.mock import patch
-import server
-from db_setup import ensure_workframe_schemas
-class InviteRuntimeBootstrapTests(unittest.TestCase):
-    def setUp(self) -> None:
-        self._tmp = tempfile.TemporaryDirectory()
-        self.addCleanup(self._tmp.cleanup)
-        self._old_data_dir = server.DATA_DIR
-        self._old_auth_db_path = server.AUTH_DB_PATH
-        self._old_hermes_data = server.HERMES_DATA
-        server.DATA_DIR = Path(self._tmp.name)
-        server.AUTH_DB_PATH = Path(self._tmp.name) / "auth.db"
-        server.HERMES_DATA = Path(self._tmp.name) / "hermes"
-        (server.HERMES_DATA / "profiles").mkdir(parents=True)
-        ensure_workframe_schemas()
-        self.workspace_id = "ws-invite"
-        self.user_id = "user-invited"
-        self.agent_one_id = "a1111111-1111-4111-8111-111111111111"
-        self.agent_two_id = "b2222222-2222-4222-8222-222222222222"
-        conn = server._workframe_db()
-        try:
-            now = "1"
-            conn.execute(
-                "INSERT INTO workspaces (id, slug, display_name, owner_id, status, created_at, updated_at) VALUES (?,?,?,?,?,?,?)",
-                (self.workspace_id, "invite", "Invite", "owner-1", "active", now, now),
-            )
-            conn.execute(
-                "INSERT INTO users (id, display_name, role, status, created_at, updated_at) VALUES (?,?,?,?,?,?)",
-                (self.user_id, "Invited", "member", "active", now, now),
-            )
-            for ap_id, slug in (
-                (self.agent_one_id, "agent-one"),
-                (self.agent_two_id, "agent-two"),
-            ):
-                conn.execute(
-                    """
-                    INSERT INTO agent_profiles (
-                        id, workspace_id, slug, display_name, is_native, status, created_at, updated_at
-                    ) VALUES (?, ?, ?, ?, 0, 'available', ?, ?)
-                    """,
-                    (ap_id, self.workspace_id, slug, slug, now, now),
-                )
-            conn.commit()
-        finally:
-            conn.close()
-    def tearDown(self) -> None:
-        server.DATA_DIR = self._old_data_dir
-        server.AUTH_DB_PATH = self._old_auth_db_path
-        server.HERMES_DATA = self._old_hermes_data
-    @patch.object(server, "resolve_validated_profile", side_effect=lambda slug: slug)
-    @patch.object(server, "_runtime_profile_on_disk", return_value=False)
-    @patch.object(server, "ensure_runtime_profile")
-    def test_provision_invited_member_agent_runtimes(
-        self,
-        mock_ensure,
-        _on_disk,
-        _validate,
-    ) -> None:
-        server._provision_invited_member_agent_runtimes(self.workspace_id, self.user_id)
-        self.assertEqual(mock_ensure.call_count, 2)
-if __name__ == "__main__":
-    unittest.main()