npm - flowent - Versions diffs - 0.1.4 → 0.1.5 - Mend

flowent 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (67) hide show

package/backend/tests/test_permissions.py CHANGED Viewed

@@ -3,8 +3,9 @@ from pathlib import Path
 import pytest
 from fastapi.testclient import TestClient
+from flowent.approval import ApprovalReviewDecision, ApprovalReviewRequest
 from flowent.main import create_app
-from flowent.permissions import WritablePathDecision, run_tool_with_path_permissions
+from flowent.permissions import run_tool_with_path_permissions
 from flowent.sandbox import CommandResult, SandboxRunner
 from flowent.storage import StateStore
 from flowent.tools import ToolContext
@@ -63,11 +64,12 @@ def test_writable_paths_are_saved_as_normalized_absolute_paths(
 @pytest.mark.anyio
-async def test_allow_once_runs_tool_with_declared_write_path(
+async def test_approved_declared_write_path_runs_command_with_extra_permission(
     tmp_path, monkeypatch
 ) -> None:
     cache_dir = tmp_path / "cache"
     calls: list[list[Path]] = []
+    reviews: list[ApprovalReviewRequest] = []
     async def fake_run_async(self, command, **kwargs):
         calls.append(self.writable_roots)
@@ -78,10 +80,11 @@ async def test_allow_once_runs_tool_with_declared_write_path(
             stdout="created",
         )
-    async def approve(path: Path, reason: str) -> WritablePathDecision:
-        assert path == cache_dir
-        assert "shell command" in reason
-        return WritablePathDecision(decision="allow_once", path=path)
+    async def approve(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        reviews.append(request)
+        return ApprovalReviewDecision(
+            decision="approved", reason="Needed for cache writes."
+        )
     monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
@@ -93,7 +96,7 @@ async def test_allow_once_runs_tool_with_declared_write_path(
             "sandbox_permissions": "with_additional_permissions",
         },
         ToolContext(cwd=tmp_path / "work"),
-        request_writable_path=approve,
+        review_approval=approve,
         writable_paths=[],
     )
@@ -101,10 +104,21 @@ async def test_allow_once_runs_tool_with_declared_write_path(
     assert result.content == "created"
     assert len(calls) == 1
     assert cache_dir in calls[0]
+    assert reviews[0].tool_name == "shell_command"
+    assert reviews[0].action == "additional_permissions"
+    assert reviews[0].write_paths == [cache_dir]
+    assert result.data["approval"] == {
+        "action": "additional_permissions",
+        "decision": "approved",
+        "reason": "Needed for cache writes.",
+        "tool_name": "shell_command",
+        "tool_result": "",
+        "write_paths": [str(cache_dir)],
+    }
 @pytest.mark.anyio
-async def test_always_allow_runs_tool_and_persists_declared_path(
+async def test_approved_declared_write_path_does_not_persist_runtime_permission(
     tmp_path, monkeypatch
 ) -> None:
     monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path / "data"))
@@ -120,9 +134,10 @@ async def test_always_allow_runs_tool_and_persists_declared_path(
             stdout="created",
         )
-    async def approve(path: Path, reason: str) -> WritablePathDecision:
-        saved = store.save_writable_path(path)
-        return WritablePathDecision(decision="always_allow", path=Path(saved.path))
+    async def approve(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        return ApprovalReviewDecision(
+            decision="approved", reason="Needed for cache writes."
+        )
     monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
@@ -134,16 +149,16 @@ async def test_always_allow_runs_tool_and_persists_declared_path(
             "sandbox_permissions": "with_additional_permissions",
         },
         ToolContext(cwd=tmp_path / "work"),
-        request_writable_path=approve,
+        review_approval=approve,
         writable_paths=[],
     )
     assert result.ok
-    assert [path.path for path in store.read_writable_paths()] == [str(cache_dir)]
+    assert store.read_writable_paths() == []
 @pytest.mark.anyio
-async def test_deny_returns_failed_tool_result_before_running_command(
+async def test_denied_declared_write_path_returns_failed_result_before_running_command(
     tmp_path, monkeypatch
 ) -> None:
     cache_dir = tmp_path / "cache"
@@ -159,8 +174,10 @@ async def test_deny_returns_failed_tool_result_before_running_command(
             stdout="created",
         )
-    async def deny(path: Path, reason: str) -> WritablePathDecision:
-        return WritablePathDecision(decision="deny", path=path)
+    async def deny(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        return ApprovalReviewDecision(
+            decision="denied", reason="Outside the task scope."
+        )
     monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
@@ -172,17 +189,21 @@ async def test_deny_returns_failed_tool_result_before_running_command(
             "sandbox_permissions": "with_additional_permissions",
         },
         ToolContext(cwd=tmp_path / "work"),
-        request_writable_path=deny,
+        review_approval=deny,
         writable_paths=[],
     )
     assert not result.ok
-    assert "Permission denied for" in result.content
+    assert "Automatic approval review denied this action" in result.content
+    assert "Outside the task scope." in result.content
+    assert "must not work around" in result.content
+    assert result.data["approval"]["decision"] == "denied"
+    assert result.data["approval"]["reason"] == "Outside the task scope."
     assert calls == 0
 @pytest.mark.anyio
-async def test_existing_writable_path_covers_declared_permission_request(
+async def test_existing_writable_path_covers_declared_review(
     tmp_path, monkeypatch
 ) -> None:
     cache_dir = tmp_path / "cache"
@@ -197,10 +218,10 @@ async def test_existing_writable_path_covers_declared_permission_request(
             stdout="created",
         )
-    async def approve(path: Path, reason: str) -> WritablePathDecision:
+    async def approve(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
         nonlocal requests
         requests += 1
-        return WritablePathDecision(decision="allow_once", path=path)
+        return ApprovalReviewDecision(decision="approved", reason="Already allowed.")
     monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
@@ -212,7 +233,7 @@ async def test_existing_writable_path_covers_declared_permission_request(
             "sandbox_permissions": "with_additional_permissions",
         },
         ToolContext(cwd=tmp_path / "work"),
-        request_writable_path=approve,
+        review_approval=approve,
         writable_paths=[cache_dir],
     )
@@ -226,7 +247,7 @@ async def test_multiple_declared_write_paths_request_each_missing_path(
 ) -> None:
     first = tmp_path / "cache"
     second = tmp_path / "downloads"
-    requested: list[Path] = []
+    reviews: list[ApprovalReviewRequest] = []
     async def fake_run_async(self, command, **kwargs):
         assert first in self.writable_roots
@@ -238,9 +259,11 @@ async def test_multiple_declared_write_paths_request_each_missing_path(
             stdout="created",
         )
-    async def approve(path: Path, reason: str) -> WritablePathDecision:
-        requested.append(path)
-        return WritablePathDecision(decision="allow_once", path=path)
+    async def approve(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        reviews.append(request)
+        return ApprovalReviewDecision(
+            decision="approved", reason="Needed for generated files."
+        )
     monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
@@ -254,20 +277,126 @@ async def test_multiple_declared_write_paths_request_each_missing_path(
             "sandbox_permissions": "with_additional_permissions",
         },
         ToolContext(cwd=tmp_path / "work"),
-        request_writable_path=approve,
+        review_approval=approve,
+        writable_paths=[],
+    )
+    assert result.ok
+    assert len(reviews) == 1
+    assert reviews[0].write_paths == [first, second]
+@pytest.mark.anyio
+async def test_sandbox_denied_shell_command_is_reviewed_and_retried_without_sandbox(
+    tmp_path, monkeypatch
+) -> None:
+    calls: list[str] = []
+    reviews: list[ApprovalReviewRequest] = []
+    async def fake_run_async(self, command, **kwargs):
+        calls.append("sandbox")
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=1,
+            stderr="failed to write file: Read-only file system\n",
+            stdout="",
+        )
+    async def fake_run_unsandboxed_async(self, command, **kwargs):
+        calls.append("unsandboxed")
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=0,
+            stderr="",
+            stdout="created",
+        )
+    async def approve(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        reviews.append(request)
+        return ApprovalReviewDecision(
+            decision="approved", reason="Retry is consistent with the task."
+        )
+    monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
+    monkeypatch.setattr(
+        SandboxRunner,
+        "run_unsandboxed_async",
+        fake_run_unsandboxed_async,
+        raising=False,
+    )
+    result = await run_tool_with_path_permissions(
+        "shell_command",
+        {"command": "touch output.txt"},
+        ToolContext(cwd=tmp_path / "work"),
+        review_approval=approve,
         writable_paths=[],
     )
     assert result.ok
-    assert requested == [first, second]
+    assert result.content == "created"
+    assert calls == ["sandbox", "unsandboxed"]
+    assert reviews[0].action == "sandbox_failure"
+    assert "Read-only file system" in reviews[0].tool_result
+    assert result.data["approval"]["action"] == "sandbox_failure"
+    assert result.data["approval"]["decision"] == "approved"
 @pytest.mark.anyio
-async def test_command_text_is_not_used_to_guess_permissions(
+async def test_sandbox_denied_shell_command_is_not_retried_when_reviewer_denies(
+    tmp_path, monkeypatch
+) -> None:
+    calls: list[str] = []
+    async def fake_run_async(self, command, **kwargs):
+        calls.append("sandbox")
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=1,
+            stderr="failed to write file: Read-only file system\n",
+            stdout="",
+        )
+    async def fake_run_unsandboxed_async(self, command, **kwargs):
+        calls.append("unsandboxed")
+        return CommandResult(
+            command=" ".join(command),
+            exit_code=0,
+            stderr="",
+            stdout="created",
+        )
+    async def deny(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        return ApprovalReviewDecision(decision="denied", reason="Too broad.")
+    monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
+    monkeypatch.setattr(
+        SandboxRunner,
+        "run_unsandboxed_async",
+        fake_run_unsandboxed_async,
+        raising=False,
+    )
+    result = await run_tool_with_path_permissions(
+        "shell_command",
+        {"command": "touch output.txt"},
+        ToolContext(cwd=tmp_path / "work"),
+        review_approval=deny,
+        writable_paths=[],
+    )
+    assert not result.ok
+    assert calls == ["sandbox"]
+    assert "Too broad." in result.content
+    assert result.data["approval"]["decision"] == "denied"
+@pytest.mark.anyio
+async def test_command_text_is_not_used_to_guess_write_paths(
     tmp_path, monkeypatch
 ) -> None:
     outside = tmp_path / "outside"
-    requests = 0
+    reviews: list[ApprovalReviewRequest] = []
     async def fake_run_async(self, command, **kwargs):
         assert outside not in self.writable_roots
@@ -278,10 +407,11 @@ async def test_command_text_is_not_used_to_guess_permissions(
             stdout="",
         )
-    async def approve(path: Path, reason: str) -> WritablePathDecision:
-        nonlocal requests
-        requests += 1
-        return WritablePathDecision(decision="allow_once", path=path)
+    async def deny(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        reviews.append(request)
+        return ApprovalReviewDecision(
+            decision="denied", reason="No extra write paths were declared."
+        )
     monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
@@ -289,12 +419,13 @@ async def test_command_text_is_not_used_to_guess_permissions(
         "shell_command",
         {"command": f"rm -f {outside / 'file.txt'}"},
         ToolContext(cwd=tmp_path / "work"),
-        request_writable_path=approve,
+        review_approval=deny,
         writable_paths=[],
     )
     assert not result.ok
-    assert requests == 0
+    assert reviews[0].action == "sandbox_failure"
+    assert reviews[0].write_paths == []
 @pytest.mark.anyio
@@ -303,6 +434,7 @@ async def test_additional_permissions_require_matching_sandbox_permissions(
 ) -> None:
     cache_dir = tmp_path / "cache"
     calls = 0
+    reviews = 0
     async def fake_run_async(self, command, **kwargs):
         nonlocal calls
@@ -314,8 +446,10 @@ async def test_additional_permissions_require_matching_sandbox_permissions(
             stdout="created",
         )
-    async def approve(path: Path, reason: str) -> WritablePathDecision:
-        return WritablePathDecision(decision="allow_once", path=path)
+    async def approve(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        nonlocal reviews
+        reviews += 1
+        return ApprovalReviewDecision(decision="approved", reason="Allowed.")
     monkeypatch.setattr(SandboxRunner, "run_async", fake_run_async)
@@ -326,17 +460,18 @@ async def test_additional_permissions_require_matching_sandbox_permissions(
             "command": f"touch {cache_dir / 'file.txt'}",
         },
         ToolContext(cwd=tmp_path / "work"),
-        request_writable_path=approve,
+        review_approval=approve,
         writable_paths=[],
     )
     assert not result.ok
     assert "with_additional_permissions" in result.content
     assert calls == 0
+    assert reviews == 0
 @pytest.mark.anyio
-async def test_apply_patch_requests_permission_for_outside_workdir_file(
+async def test_apply_patch_uses_reviewer_before_writing_outside_workdir_file(
     tmp_path, monkeypatch
 ) -> None:
     work_dir = tmp_path / "work"
@@ -345,11 +480,13 @@ async def test_apply_patch_requests_permission_for_outside_workdir_file(
     outside_dir.mkdir()
     target = outside_dir / "notes.txt"
     target.write_text("alpha\n")
-    requested: list[Path] = []
+    reviews: list[ApprovalReviewRequest] = []
-    async def approve(path: Path, reason: str) -> WritablePathDecision:
-        requested.append(path)
-        return WritablePathDecision(decision="allow_once", path=path)
+    async def approve(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        reviews.append(request)
+        return ApprovalReviewDecision(
+            decision="approved", reason="The edit matches the request."
+        )
     patch = f"""*** Begin Patch
 *** Update File: {target}
@@ -363,12 +500,16 @@ async def test_apply_patch_requests_permission_for_outside_workdir_file(
         "apply_patch",
         {"patch": patch},
         ToolContext(cwd=work_dir),
-        request_writable_path=approve,
+        review_approval=approve,
         writable_paths=[],
     )
     assert result.ok
-    assert requested == [outside_dir]
+    assert reviews[0].tool_name == "apply_patch"
+    assert reviews[0].action == "edit"
+    assert reviews[0].write_paths == [outside_dir]
+    assert result.data["approval"]["action"] == "edit"
+    assert result.data["approval"]["decision"] == "approved"
     assert target.read_text() == "beta\n"
@@ -384,10 +525,10 @@ async def test_apply_patch_uses_existing_writable_path_without_request(
     target.write_text("alpha\n")
     requests = 0
-    async def approve(path: Path, reason: str) -> WritablePathDecision:
+    async def approve(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
         nonlocal requests
         requests += 1
-        return WritablePathDecision(decision="allow_once", path=path)
+        return ApprovalReviewDecision(decision="approved", reason="Already allowed.")
     patch = f"""*** Begin Patch
 *** Update File: {target}
@@ -401,7 +542,7 @@ async def test_apply_patch_uses_existing_writable_path_without_request(
         "apply_patch",
         {"patch": patch},
         ToolContext(cwd=work_dir),
-        request_writable_path=approve,
+        review_approval=approve,
         writable_paths=[outside_dir],
     )
@@ -419,8 +560,10 @@ async def test_denied_apply_patch_does_not_modify_file(tmp_path) -> None:
     target = outside_dir / "notes.txt"
     target.write_text("alpha\n")
-    async def deny(path: Path, reason: str) -> WritablePathDecision:
-        return WritablePathDecision(decision="deny", path=path)
+    async def deny(request: ApprovalReviewRequest) -> ApprovalReviewDecision:
+        return ApprovalReviewDecision(
+            decision="denied", reason="The target is outside the allowed scope."
+        )
     patch = f"""*** Begin Patch
 *** Update File: {target}
@@ -434,10 +577,12 @@ async def test_denied_apply_patch_does_not_modify_file(tmp_path) -> None:
         "apply_patch",
         {"patch": patch},
         ToolContext(cwd=work_dir),
-        request_writable_path=deny,
+        review_approval=deny,
         writable_paths=[],
     )
     assert not result.ok
-    assert "Permission denied for" in result.content
+    assert "outside the allowed scope" in result.content
+    assert result.data["approval"]["action"] == "edit"
+    assert result.data["approval"]["decision"] == "denied"
     assert target.read_text() == "alpha\n"

package/backend/tests/test_persistence.py CHANGED Viewed

@@ -89,6 +89,7 @@ def test_app_state_persists_settings_and_workspace_messages(
     settings_response = client.put(
         "/api/settings",
         json={
+            "agent_prompt": "Respond with careful implementation plans.",
             "reasoning_effort": "xhigh",
             "selected_model": "claude-sonnet-4-5",
             "selected_provider_id": "provider-anthropic",
@@ -123,6 +124,7 @@ def test_app_state_persists_settings_and_workspace_messages(
     state = restarted_client.get("/api/state").json()
     assert state["settings"] == {
+        "agent_prompt": "Respond with careful implementation plans.",
         "reasoning_effort": "xhigh",
         "selected_model": "claude-sonnet-4-5",
         "selected_provider_id": "provider-anthropic",
@@ -148,6 +150,70 @@ def test_app_state_persists_settings_and_workspace_messages(
     ]
+def test_app_state_persists_workspace_error_blocks_across_app_instances(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
+    client = TestClient(create_app(serve_frontend=False))
+    messages_response = client.put(
+        "/api/workspace/messages",
+        json={
+            "messages": [
+                {
+                    "author": "assistant",
+                    "content": "",
+                    "groups": [
+                        {
+                            "id": "message-1-errors",
+                            "items": [
+                                {
+                                    "detail": "HTML response returned.",
+                                    "id": "message-1-error-1",
+                                    "message": "Check the model connection settings and try again.",
+                                    "title": "Request failed",
+                                    "type": "error",
+                                }
+                            ],
+                        }
+                    ],
+                    "id": "message-1",
+                    "status": "failed",
+                }
+            ]
+        },
+    )
+    assert messages_response.status_code == 200
+    restarted_client = TestClient(create_app(serve_frontend=False))
+    state = restarted_client.get("/api/state").json()
+    assert state["messages"] == [
+        {
+            "author": "assistant",
+            "content": "",
+            "groups": [
+                {
+                    "id": "message-1-errors",
+                    "items": [
+                        {
+                            "detail": "HTML response returned.",
+                            "id": "message-1-error-1",
+                            "message": "Check the model connection settings and try again.",
+                            "title": "Request failed",
+                            "type": "error",
+                        }
+                    ],
+                }
+            ],
+            "id": "message-1",
+            "status": "failed",
+            "tools": [],
+        }
+    ]
 def test_data_directory_uses_flowent_data_dir(tmp_path, monkeypatch) -> None:
     data_dir = tmp_path / "custom-flowent"
     monkeypatch.setenv("FLOWENT_DATA_DIR", str(data_dir))
@@ -169,3 +235,15 @@ def test_app_state_defaults_reasoning_effort_for_existing_settings(
     assert response.status_code == 200
     assert response.json()["settings"]["reasoning_effort"] == "default"
+def test_app_state_defaults_agent_prompt_for_existing_settings(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
+    client = TestClient(create_app(serve_frontend=False))
+    response = client.get("/api/state")
+    assert response.status_code == 200
+    assert response.json()["settings"].get("agent_prompt", "") == ""

package/backend/tests/test_startup_requirements.py CHANGED Viewed

@@ -6,6 +6,7 @@ import pytest
 from flowent.cli import main
 from flowent.main import create_app
+from flowent.paths import WORKDIR_ENV_VAR
 from flowent.sandbox import SandboxError
@@ -80,6 +81,59 @@ def test_main_sets_workdir_for_server_start(tmp_path, monkeypatch) -> None:
     assert calls == [("flowent.main:app", {"host": "127.0.0.1", "port": 6899})]
+def test_main_uses_default_host_when_environment_is_not_set(
+    tmp_path, monkeypatch
+) -> None:
+    workdir = tmp_path / "workspace"
+    workdir.mkdir()
+    calls: list[tuple[str, dict[str, object]]] = []
+    def fake_run(app: str, **kwargs: object) -> None:
+        calls.append((app, kwargs))
+    monkeypatch.delenv("FLOWENT_HOST", raising=False)
+    monkeypatch.setenv(WORKDIR_ENV_VAR, str(workdir))
+    monkeypatch.setitem(sys.modules, "uvicorn", SimpleNamespace(run=fake_run))
+    main(["--workdir", str(workdir), "--port", "6899"])
+    assert calls == [("flowent.main:app", {"host": "127.0.0.1", "port": 6899})]
+def test_main_reads_host_from_environment(tmp_path, monkeypatch) -> None:
+    workdir = tmp_path / "workspace"
+    workdir.mkdir()
+    calls: list[tuple[str, dict[str, object]]] = []
+    def fake_run(app: str, **kwargs: object) -> None:
+        calls.append((app, kwargs))
+    monkeypatch.setenv("FLOWENT_HOST", "0.0.0.0")
+    monkeypatch.setenv(WORKDIR_ENV_VAR, str(workdir))
+    monkeypatch.setitem(sys.modules, "uvicorn", SimpleNamespace(run=fake_run))
+    main(["--workdir", str(workdir), "--port", "6899"])
+    assert calls == [("flowent.main:app", {"host": "0.0.0.0", "port": 6899})]
+def test_main_prefers_host_argument_over_environment(tmp_path, monkeypatch) -> None:
+    workdir = tmp_path / "workspace"
+    workdir.mkdir()
+    calls: list[tuple[str, dict[str, object]]] = []
+    def fake_run(app: str, **kwargs: object) -> None:
+        calls.append((app, kwargs))
+    monkeypatch.setenv("FLOWENT_HOST", "0.0.0.0")
+    monkeypatch.setenv(WORKDIR_ENV_VAR, str(workdir))
+    monkeypatch.setitem(sys.modules, "uvicorn", SimpleNamespace(run=fake_run))
+    main(["--workdir", str(workdir), "--host", "127.0.0.1", "--port", "6899"])
+    assert calls == [("flowent.main:app", {"host": "127.0.0.1", "port": 6899})]
 def test_main_rejects_missing_workdir(tmp_path, capsys) -> None:
     missing = tmp_path / "missing"