npm - flowent - Versions diffs - 0.1.2 → 0.1.4 - Mend

flowent 0.1.2 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

package/backend/tests/test_mcp.py CHANGED Viewed

@@ -411,7 +411,10 @@ def test_disabled_mcp_server_does_not_connect_or_expose_tools(
     assert response.json()["status"] == "disabled"
-def test_enabled_mcp_server_connects_and_lists_tools(tmp_path, monkeypatch) -> None:
+@pytest.mark.anyio
+async def test_enabled_mcp_server_save_returns_starting_and_connects_in_background(
+    tmp_path, monkeypatch
+) -> None:
     monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
     transport = FakeMcpTransport()
     transport.tools_by_server["mcp-files"] = [
@@ -426,11 +429,20 @@ def test_enabled_mcp_server_connects_and_lists_tools(tmp_path, monkeypatch) -> N
     response = client.put("/api/mcp/servers", json=command_server_payload())
     assert response.status_code == 200
-    assert response.json()["status"] == "ready"
-    assert response.json()["tools"][0]["name"] == "read_file"
+    assert response.json()["status"] == "starting"
+    assert response.json()["tools"] == []
+    manager = client.app.state.mcp_manager
+    connected = await wait_for_status(
+        manager,
+        StoredMcpServer.model_validate(response.json()),
+        "ready",
+    )
+    assert connected.status == "ready"
+    assert connected.tools[0].name == "read_file"
-def test_mcp_connection_error_is_reported_in_state(tmp_path, monkeypatch) -> None:
+@pytest.mark.anyio
+async def test_mcp_connection_error_is_reported_in_state(tmp_path, monkeypatch) -> None:
     monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
     transport = FakeMcpTransport()
     transport.errors["mcp-files"] = "Command failed"
@@ -439,11 +451,19 @@ def test_mcp_connection_error_is_reported_in_state(tmp_path, monkeypatch) -> Non
     response = client.put("/api/mcp/servers", json=command_server_payload())
     assert response.status_code == 200
-    assert response.json()["status"] == "error"
-    assert response.json()["error"] == "Command failed"
+    assert response.json()["status"] == "starting"
+    manager = client.app.state.mcp_manager
+    errored = await wait_for_status(
+        manager,
+        StoredMcpServer.model_validate(response.json()),
+        "error",
+    )
+    assert errored.status == "error"
+    assert errored.error == "Command failed"
-def test_mcp_server_can_be_reconnected(tmp_path, monkeypatch) -> None:
+@pytest.mark.anyio
+async def test_mcp_server_can_be_reconnected(tmp_path, monkeypatch) -> None:
     monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
     transport = FakeMcpTransport()
     transport.tools_by_server["mcp-files"] = [
@@ -451,6 +471,13 @@ def test_mcp_server_can_be_reconnected(tmp_path, monkeypatch) -> None:
     ]
     client = TestClient(create_app(serve_frontend=False, mcp_transport=transport))
     client.put("/api/mcp/servers", json=command_server_payload())
+    connected = await wait_for_status(
+        client.app.state.mcp_manager,
+        StoredMcpServer.model_validate(command_server_payload()),
+        "ready",
+    )
+    assert connected.status == "ready"
     transport.tools_by_server["mcp-files"] = [
         {"inputSchema": {"type": "object"}, "name": "read_file"},
         {"inputSchema": {"type": "object"}, "name": "write_file"},
@@ -552,7 +579,8 @@ def test_mcp_server_delete_removes_saved_server_when_disconnect_fails(
     assert transport.disconnect_calls == ["mcp-files"]
-def test_ready_mcp_tools_are_included_in_workspace_request(
+@pytest.mark.anyio
+async def test_ready_mcp_tools_are_included_in_workspace_request(
     tmp_path, monkeypatch
 ) -> None:
     monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path / "data"))
@@ -583,6 +611,12 @@ def test_ready_mcp_tools_are_included_in_workspace_request(
     )
     configure_provider(client)
     client.put("/api/mcp/servers", json=command_server_payload())
+    connected = await wait_for_status(
+        client.app.state.mcp_manager,
+        StoredMcpServer.model_validate(command_server_payload()),
+        "ready",
+    )
+    assert connected.status == "ready"
     response = client.post("/api/workspace/respond", json={"content": "Read file"})
@@ -595,7 +629,8 @@ def test_ready_mcp_tools_are_included_in_workspace_request(
     assert mcp_tool_name("mcp-files", "read_file") in tool_names
-def test_mcp_tool_call_is_forwarded_and_result_returns_to_agent(
+@pytest.mark.anyio
+async def test_mcp_tool_call_is_forwarded_and_result_returns_to_agent(
     tmp_path, monkeypatch
 ) -> None:
     monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path / "data"))
@@ -632,6 +667,12 @@ def test_mcp_tool_call_is_forwarded_and_result_returns_to_agent(
     )
     configure_provider(client)
     client.put("/api/mcp/servers", json=command_server_payload())
+    connected = await wait_for_status(
+        client.app.state.mcp_manager,
+        StoredMcpServer.model_validate(command_server_payload()),
+        "ready",
+    )
+    assert connected.status == "ready"
     response = client.post("/api/workspace/respond", json={"content": "Use MCP"})
@@ -651,7 +692,10 @@ def test_mcp_tool_call_is_forwarded_and_result_returns_to_agent(
     assert events[3]["data"]["data"]["tool"] == "read_file"
-def test_mcp_tool_call_failure_is_reported_in_workspace(tmp_path, monkeypatch) -> None:
+@pytest.mark.anyio
+async def test_mcp_tool_call_failure_is_reported_in_workspace(
+    tmp_path, monkeypatch
+) -> None:
     monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path / "data"))
     captured_requests: list[dict[str, object]] = []
     transport = FakeMcpTransport()
@@ -686,6 +730,12 @@ def test_mcp_tool_call_failure_is_reported_in_workspace(tmp_path, monkeypatch) -
     )
     configure_provider(client)
     client.put("/api/mcp/servers", json=command_server_payload())
+    connected = await wait_for_status(
+        client.app.state.mcp_manager,
+        StoredMcpServer.model_validate(command_server_payload()),
+        "ready",
+    )
+    assert connected.status == "ready"
     response = client.post("/api/workspace/respond", json={"content": "Use MCP"})
@@ -720,3 +770,19 @@ async def test_mcp_server_reload_reconnects_saved_enabled_servers(
     assert connected.status == "ready"
     assert connected.tools[0].name == "read_file"
     assert transport.connect_calls[0].id == "mcp-files"
+@pytest.mark.anyio
+async def test_enabled_mcp_server_save_does_not_block_response(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
+    transport = FakeMcpTransport()
+    transport.sleep_on_connect.add("mcp-files")
+    client = TestClient(create_app(serve_frontend=False, mcp_transport=transport))
+    response = client.put("/api/mcp/servers", json=command_server_payload())
+    assert response.status_code == 200
+    assert response.json()["status"] == "starting"
+    assert response.json()["tools"] == []

package/backend/tests/test_permissions.py ADDED Viewed

@@ -0,0 +1,443 @@
+from pathlib import Path
+import pytest
+from fastapi.testclient import TestClient
+from flowent.main import create_app
+from flowent.permissions import WritablePathDecision, run_tool_with_path_permissions
+from flowent.sandbox import CommandResult, SandboxRunner
+from flowent.storage import StateStore
+from flowent.tools import ToolContext
+def test_app_state_persists_writable_paths_across_app_instances(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path / "data"))
+    monkeypatch.chdir(tmp_path)
+    client = TestClient(create_app(serve_frontend=False))
+    response = client.post(
+        "/api/permissions/writable-paths",
+        json={"path": "cache"},
+    )
+    assert response.status_code == 200
+    restarted_client = TestClient(create_app(serve_frontend=False))
+    state_response = restarted_client.get("/api/state")
+    assert state_response.status_code == 200
+    assert state_response.json()["writable_paths"][0]["path"] == str(tmp_path / "cache")
+    assert isinstance(state_response.json()["writable_paths"][0]["created_at"], int)
+def test_delete_writable_path_removes_permission(tmp_path, monkeypatch) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path / "data"))
+    monkeypatch.chdir(tmp_path)
+    client = TestClient(create_app(serve_frontend=False))
+    client.post("/api/permissions/writable-paths", json={"path": "cache"})
+    response = client.request(
+        "DELETE",
+        "/api/permissions/writable-paths",
+        json={"path": str(tmp_path / "cache")},
+    )
+    assert response.status_code == 200
+    assert response.json() == {"writable_paths": []}
+def test_writable_paths_are_saved_as_normalized_absolute_paths(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path / "data"))
+    monkeypatch.chdir(tmp_path)
+    store = StateStore()
+    store.save_writable_path(Path("cache") / ".." / "cache")
+    store.save_writable_path(tmp_path / "cache")
+    writable_paths = store.read_writable_paths()
+    assert [path.path for path in writable_paths] == [str(tmp_path / "cache")]
+@pytest.mark.anyio
+async def test_allow_once_runs_tool_with_declared_write_path(
+    tmp_path, monkeypatch
+) -> None:
+    cache_dir = tmp_path / "cache"
+    calls: list[list[Path]] = []
+    async def fake_run_async(self, command, **kwargs):
+        calls.append(self.writable_roots)
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=0,
+            stderr="",
+            stdout="created",
+        )
+    async def approve(path: Path, reason: str) -> WritablePathDecision:
+        assert path == cache_dir
+        assert "shell command" in reason
+        return WritablePathDecision(decision="allow_once", path=path)
+    monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
+    result = await run_tool_with_path_permissions(
+        "shell_command",
+        {
+            "additional_permissions": {"file_system": {"write": [str(cache_dir)]}},
+            "command": f"echo created > {cache_dir / 'file.txt'}",
+            "sandbox_permissions": "with_additional_permissions",
+        },
+        ToolContext(cwd=tmp_path / "work"),
+        request_writable_path=approve,
+        writable_paths=[],
+    )
+    assert result.ok
+    assert result.content == "created"
+    assert len(calls) == 1
+    assert cache_dir in calls[0]
+@pytest.mark.anyio
+async def test_always_allow_runs_tool_and_persists_declared_path(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path / "data"))
+    store = StateStore()
+    cache_dir = tmp_path / "cache"
+    async def fake_run_async(self, command, **kwargs):
+        assert cache_dir in self.writable_roots
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=0,
+            stderr="",
+            stdout="created",
+        )
+    async def approve(path: Path, reason: str) -> WritablePathDecision:
+        saved = store.save_writable_path(path)
+        return WritablePathDecision(decision="always_allow", path=Path(saved.path))
+    monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
+    result = await run_tool_with_path_permissions(
+        "shell_command",
+        {
+            "additional_permissions": {"file_system": {"write": [str(cache_dir)]}},
+            "command": f"mkdir -p {cache_dir}",
+            "sandbox_permissions": "with_additional_permissions",
+        },
+        ToolContext(cwd=tmp_path / "work"),
+        request_writable_path=approve,
+        writable_paths=[],
+    )
+    assert result.ok
+    assert [path.path for path in store.read_writable_paths()] == [str(cache_dir)]
+@pytest.mark.anyio
+async def test_deny_returns_failed_tool_result_before_running_command(
+    tmp_path, monkeypatch
+) -> None:
+    cache_dir = tmp_path / "cache"
+    calls = 0
+    async def fake_run_async(self, command, **kwargs):
+        nonlocal calls
+        calls += 1
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=0,
+            stderr="",
+            stdout="created",
+        )
+    async def deny(path: Path, reason: str) -> WritablePathDecision:
+        return WritablePathDecision(decision="deny", path=path)
+    monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
+    result = await run_tool_with_path_permissions(
+        "shell_command",
+        {
+            "additional_permissions": {"file_system": {"write": [str(cache_dir)]}},
+            "command": f"echo created > {cache_dir / 'file.txt'}",
+            "sandbox_permissions": "with_additional_permissions",
+        },
+        ToolContext(cwd=tmp_path / "work"),
+        request_writable_path=deny,
+        writable_paths=[],
+    )
+    assert not result.ok
+    assert "Permission denied for" in result.content
+    assert calls == 0
+@pytest.mark.anyio
+async def test_existing_writable_path_covers_declared_permission_request(
+    tmp_path, monkeypatch
+) -> None:
+    cache_dir = tmp_path / "cache"
+    requests = 0
+    async def fake_run_async(self, command, **kwargs):
+        assert cache_dir in self.writable_roots
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=0,
+            stderr="",
+            stdout="created",
+        )
+    async def approve(path: Path, reason: str) -> WritablePathDecision:
+        nonlocal requests
+        requests += 1
+        return WritablePathDecision(decision="allow_once", path=path)
+    monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
+    result = await run_tool_with_path_permissions(
+        "shell_command",
+        {
+            "additional_permissions": {"file_system": {"write": [str(cache_dir)]}},
+            "command": f"echo created > {cache_dir / 'file.txt'}",
+            "sandbox_permissions": "with_additional_permissions",
+        },
+        ToolContext(cwd=tmp_path / "work"),
+        request_writable_path=approve,
+        writable_paths=[cache_dir],
+    )
+    assert result.ok
+    assert requests == 0
+@pytest.mark.anyio
+async def test_multiple_declared_write_paths_request_each_missing_path(
+    tmp_path, monkeypatch
+) -> None:
+    first = tmp_path / "cache"
+    second = tmp_path / "downloads"
+    requested: list[Path] = []
+    async def fake_run_async(self, command, **kwargs):
+        assert first in self.writable_roots
+        assert second in self.writable_roots
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=0,
+            stderr="",
+            stdout="created",
+        )
+    async def approve(path: Path, reason: str) -> WritablePathDecision:
+        requested.append(path)
+        return WritablePathDecision(decision="allow_once", path=path)
+    monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
+    result = await run_tool_with_path_permissions(
+        "shell_command",
+        {
+            "additional_permissions": {
+                "file_system": {"write": [str(first), str(second)]}
+            },
+            "command": "touch done",
+            "sandbox_permissions": "with_additional_permissions",
+        },
+        ToolContext(cwd=tmp_path / "work"),
+        request_writable_path=approve,
+        writable_paths=[],
+    )
+    assert result.ok
+    assert requested == [first, second]
+@pytest.mark.anyio
+async def test_command_text_is_not_used_to_guess_permissions(
+    tmp_path, monkeypatch
+) -> None:
+    outside = tmp_path / "outside"
+    requests = 0
+    async def fake_run_async(self, command, **kwargs):
+        assert outside not in self.writable_roots
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=1,
+            stderr=f"rm: cannot remove '{outside / 'file.txt'}': Read-only file system\n",
+            stdout="",
+        )
+    async def approve(path: Path, reason: str) -> WritablePathDecision:
+        nonlocal requests
+        requests += 1
+        return WritablePathDecision(decision="allow_once", path=path)
+    monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
+    result = await run_tool_with_path_permissions(
+        "shell_command",
+        {"command": f"rm -f {outside / 'file.txt'}"},
+        ToolContext(cwd=tmp_path / "work"),
+        request_writable_path=approve,
+        writable_paths=[],
+    )
+    assert not result.ok
+    assert requests == 0
+@pytest.mark.anyio
+async def test_additional_permissions_require_matching_sandbox_permissions(
+    tmp_path, monkeypatch
+) -> None:
+    cache_dir = tmp_path / "cache"
+    calls = 0
+    async def fake_run_async(self, command, **kwargs):
+        nonlocal calls
+        calls += 1
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=0,
+            stderr="",
+            stdout="created",
+        )
+    async def approve(path: Path, reason: str) -> WritablePathDecision:
+        return WritablePathDecision(decision="allow_once", path=path)
+    monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
+    result = await run_tool_with_path_permissions(
+        "shell_command",
+        {
+            "additional_permissions": {"file_system": {"write": [str(cache_dir)]}},
+            "command": f"touch {cache_dir / 'file.txt'}",
+        },
+        ToolContext(cwd=tmp_path / "work"),
+        request_writable_path=approve,
+        writable_paths=[],
+    )
+    assert not result.ok
+    assert "with_additional_permissions" in result.content
+    assert calls == 0
+@pytest.mark.anyio
+async def test_apply_patch_requests_permission_for_outside_workdir_file(
+    tmp_path, monkeypatch
+) -> None:
+    work_dir = tmp_path / "work"
+    work_dir.mkdir()
+    outside_dir = tmp_path / "outside"
+    outside_dir.mkdir()
+    target = outside_dir / "notes.txt"
+    target.write_text("alpha\n")
+    requested: list[Path] = []
+    async def approve(path: Path, reason: str) -> WritablePathDecision:
+        requested.append(path)
+        return WritablePathDecision(decision="allow_once", path=path)
+    patch = f"""*** Begin Patch
+*** Update File: {target}
+@@
+-alpha
++beta
+*** End Patch
+"""
+    result = await run_tool_with_path_permissions(
+        "apply_patch",
+        {"patch": patch},
+        ToolContext(cwd=work_dir),
+        request_writable_path=approve,
+        writable_paths=[],
+    )
+    assert result.ok
+    assert requested == [outside_dir]
+    assert target.read_text() == "beta\n"
+@pytest.mark.anyio
+async def test_apply_patch_uses_existing_writable_path_without_request(
+    tmp_path, monkeypatch
+) -> None:
+    work_dir = tmp_path / "work"
+    work_dir.mkdir()
+    outside_dir = tmp_path / "outside"
+    outside_dir.mkdir()
+    target = outside_dir / "notes.txt"
+    target.write_text("alpha\n")
+    requests = 0
+    async def approve(path: Path, reason: str) -> WritablePathDecision:
+        nonlocal requests
+        requests += 1
+        return WritablePathDecision(decision="allow_once", path=path)
+    patch = f"""*** Begin Patch
+*** Update File: {target}
+@@
+-alpha
++beta
+*** End Patch
+"""
+    result = await run_tool_with_path_permissions(
+        "apply_patch",
+        {"patch": patch},
+        ToolContext(cwd=work_dir),
+        request_writable_path=approve,
+        writable_paths=[outside_dir],
+    )
+    assert result.ok
+    assert requests == 0
+    assert target.read_text() == "beta\n"
+@pytest.mark.anyio
+async def test_denied_apply_patch_does_not_modify_file(tmp_path) -> None:
+    work_dir = tmp_path / "work"
+    work_dir.mkdir()
+    outside_dir = tmp_path / "outside"
+    outside_dir.mkdir()
+    target = outside_dir / "notes.txt"
+    target.write_text("alpha\n")
+    async def deny(path: Path, reason: str) -> WritablePathDecision:
+        return WritablePathDecision(decision="deny", path=path)
+    patch = f"""*** Begin Patch
+*** Update File: {target}
+@@
+-alpha
++beta
+*** End Patch
+"""
+    result = await run_tool_with_path_permissions(
+        "apply_patch",
+        {"patch": patch},
+        ToolContext(cwd=work_dir),
+        request_writable_path=deny,
+        writable_paths=[],
+    )
+    assert not result.ok
+    assert "Permission denied for" in result.content
+    assert target.read_text() == "alpha\n"

package/backend/tests/test_startup_requirements.py CHANGED Viewed

@@ -1,3 +1,7 @@
+import os
+import sys
+from types import SimpleNamespace
 import pytest
 from flowent.cli import main
@@ -46,3 +50,41 @@ def test_doctor_reports_available_sandbox(monkeypatch, capsys) -> None:
     assert error.value.code == 0
     assert "Sandbox: /usr/bin/bwrap" in capsys.readouterr().out
+def test_main_sets_workdir_for_server_start(tmp_path, monkeypatch) -> None:
+    env_workdir = tmp_path / "env-workspace"
+    workdir = tmp_path / "workspace"
+    env_workdir.mkdir()
+    workdir.mkdir()
+    calls: list[tuple[str, dict[str, object]]] = []
+    def fake_run(app: str, **kwargs: object) -> None:
+        calls.append((app, kwargs))
+    monkeypatch.setenv("FLOWENT_WORKDIR", str(env_workdir))
+    monkeypatch.setitem(sys.modules, "uvicorn", SimpleNamespace(run=fake_run))
+    main(
+        [
+            "--workdir",
+            str(workdir),
+            "--host",
+            "127.0.0.1",
+            "--port",
+            "6899",
+        ]
+    )
+    assert os.environ["FLOWENT_WORKDIR"] == str(workdir.resolve(strict=False))
+    assert calls == [("flowent.main:app", {"host": "127.0.0.1", "port": 6899})]
+def test_main_rejects_missing_workdir(tmp_path, capsys) -> None:
+    missing = tmp_path / "missing"
+    with pytest.raises(SystemExit) as error:
+        main(["--workdir", str(missing)])
+    assert error.value.code == 2
+    assert f"Workdir does not exist: {missing}" in capsys.readouterr().err