atlas-chat 0.1.0__py3-none-any.whl

atlas/tests/test_tool_approval_utils.py

@@ -0,0 +1,356 @@
+"""Tests for tool approval utilities in tool_executor.py"""
+
+from unittest.mock import Mock
+
+from atlas.application.chat.utilities.tool_executor import (
+    _filter_args_to_schema,
+    _sanitize_args_for_ui,
+    requires_approval,
+    tool_accepts_username,
+)
+
+
+class MockToolConfig:
+    """Mock tool configuration."""
+    def __init__(self, require_approval, allow_edit):
+        self.require_approval = require_approval
+        self.allow_edit = allow_edit
+
+
+class MockApprovalsConfig:
+    """Mock approvals configuration."""
+    def __init__(self, require_by_default=True, tools=None):
+        self.require_approval_by_default = require_by_default
+        self.tools = tools or {}
+
+
+class TestRequiresApproval:
+    """Test the requires_approval function."""
+
+    def test_requires_approval_no_config_manager(self):
+        """Test requires_approval with no config manager."""
+        needs_approval, allow_edit, admin_required = requires_approval("test_tool", None)
+
+        assert needs_approval is True
+        assert allow_edit is True
+        assert admin_required is False
+
+    def test_requires_approval_tool_specific_config(self):
+        """Test requires_approval with tool-specific configuration."""
+        config_manager = Mock()
+        config_manager.tool_approvals_config = MockApprovalsConfig(
+            require_by_default=False,
+            tools={
+                "dangerous_tool": MockToolConfig(require_approval=True, allow_edit=False)
+            }
+        )
+
+        needs_approval, allow_edit, admin_required = requires_approval("dangerous_tool", config_manager)
+
+        assert needs_approval is True
+        # UI is always editable when approval is required
+        assert allow_edit is True
+        assert admin_required is True
+
+    def test_requires_approval_default_true(self):
+        """Test requires_approval with default set to require approval.
+
+        REQUIRE_TOOL_APPROVAL_BY_DEFAULT=true should be user-level (admin_required=False)
+        so users can toggle auto-approve via the inline UI.
+        """
+        config_manager = Mock()
+        config_manager.tool_approvals_config = MockApprovalsConfig(
+            require_by_default=True,
+            tools={}
+        )
+
+        needs_approval, allow_edit, admin_required = requires_approval("any_tool", config_manager)
+
+        assert needs_approval is True
+        assert allow_edit is True
+        assert admin_required is False  # User CAN toggle auto-approve
+
+    def test_requires_approval_default_false(self):
+        """Test requires_approval with default set to not require approval."""
+        config_manager = Mock()
+        config_manager.tool_approvals_config = MockApprovalsConfig(
+            require_by_default=False,
+            tools={}
+        )
+
+        needs_approval, allow_edit, admin_required = requires_approval("any_tool", config_manager)
+
+        # Default is False but function returns True with user-level approval
+        assert needs_approval is True
+        assert allow_edit is True
+        assert admin_required is False
+
+    def test_requires_approval_exception_handling(self):
+        """Test requires_approval handles exceptions gracefully."""
+        config_manager = Mock()
+        config_manager.tool_approvals_config = None
+
+        # Should not raise, should return default
+        needs_approval, allow_edit, admin_required = requires_approval("test_tool", config_manager)
+
+        assert needs_approval is True
+        assert allow_edit is True
+        assert admin_required is False
+
+    def test_requires_approval_multiple_tools(self):
+        """Test requires_approval with multiple tool configurations."""
+        config_manager = Mock()
+        config_manager.tool_approvals_config = MockApprovalsConfig(
+            require_by_default=False,
+            tools={
+                "tool_a": MockToolConfig(require_approval=True, allow_edit=True),
+                "tool_b": MockToolConfig(require_approval=True, allow_edit=False),
+                "tool_c": MockToolConfig(require_approval=False, allow_edit=True)
+            }
+        )
+
+        # Tool A
+        needs_approval, allow_edit, admin_required = requires_approval("tool_a", config_manager)
+        assert needs_approval is True
+        assert allow_edit is True
+        assert admin_required is True
+
+        # Tool B (allow_edit False in config is ignored for UI gating)
+        needs_approval, allow_edit, admin_required = requires_approval("tool_b", config_manager)
+        assert needs_approval is True
+        assert allow_edit is True
+        assert admin_required is True
+
+        # Tool C: with Option B, entries with require_approval=False are not
+        # considered explicit; fall back to default (which is False here),
+        # resulting in user-level approval required by design.
+        config_manager2 = Mock()
+        config_manager2.tool_approvals_config = MockApprovalsConfig(
+            require_by_default=False,
+            tools={
+                "tool_a": MockToolConfig(require_approval=True, allow_edit=True),
+                "tool_b": MockToolConfig(require_approval=True, allow_edit=False),
+                # tool_c omitted to simulate Option B config building
+            }
+        )
+        needs_approval, allow_edit, admin_required = requires_approval("tool_c", config_manager2)
+        assert needs_approval is True
+        assert allow_edit is True
+        assert admin_required is False
+
+
+class TestToolAcceptsUsername:
+    """Test the tool_accepts_username function."""
+
+    def test_tool_accepts_username_true(self):
+        """Test tool that accepts username parameter."""
+        tool_manager = Mock()
+        tool_manager.get_tools_schema.return_value = [
+            {
+                "function": {
+                    "name": "test_tool",
+                    "parameters": {
+                        "properties": {
+                            "username": {"type": "string"},
+                            "other_param": {"type": "string"}
+                        }
+                    }
+                }
+            }
+        ]
+
+        result = tool_accepts_username("test_tool", tool_manager)
+        assert result is True
+
+    def test_tool_accepts_username_false(self):
+        """Test tool that does not accept username parameter."""
+        tool_manager = Mock()
+        tool_manager.get_tools_schema.return_value = [
+            {
+                "function": {
+                    "name": "test_tool",
+                    "parameters": {
+                        "properties": {
+                            "other_param": {"type": "string"}
+                        }
+                    }
+                }
+            }
+        ]
+
+        result = tool_accepts_username("test_tool", tool_manager)
+        assert result is False
+
+    def test_tool_accepts_username_no_tool_manager(self):
+        """Test with no tool manager."""
+        result = tool_accepts_username("test_tool", None)
+        assert result is False
+
+    def test_tool_accepts_username_no_schema(self):
+        """Test when tool schema is not found."""
+        tool_manager = Mock()
+        tool_manager.get_tools_schema.return_value = []
+
+        result = tool_accepts_username("test_tool", tool_manager)
+        assert result is False
+
+    def test_tool_accepts_username_exception(self):
+        """Test exception handling."""
+        tool_manager = Mock()
+        tool_manager.get_tools_schema.side_effect = Exception("Schema error")
+
+        result = tool_accepts_username("test_tool", tool_manager)
+        assert result is False
+
+
+class TestSanitizeArgsForUI:
+    """Test the _sanitize_args_for_ui function."""
+
+    def test_sanitize_simple_args(self):
+        """Test sanitizing simple arguments."""
+        args = {"param1": "value1", "param2": "value2"}
+        result = _sanitize_args_for_ui(args)
+
+        assert result == args
+
+    def test_sanitize_filename(self):
+        """Test sanitizing filename with URL."""
+        args = {"filename": "http://example.com/path/file.txt?token=secret"}
+        result = _sanitize_args_for_ui(args)
+
+        # Should extract just the filename
+        assert "token" not in result["filename"]
+        assert "file.txt" in result["filename"]
+
+    def test_sanitize_file_names_list(self):
+        """Test sanitizing list of filenames."""
+        args = {
+            "file_names": [
+                "http://example.com/file1.txt?token=abc",
+                "http://example.com/file2.txt?token=def"
+            ]
+        }
+        result = _sanitize_args_for_ui(args)
+
+        assert len(result["file_names"]) == 2
+        for filename in result["file_names"]:
+            assert "token" not in filename
+
+    def test_sanitize_file_url(self):
+        """Test sanitizing file_url field."""
+        args = {"file_url": "http://example.com/path/file.txt?token=secret"}
+        result = _sanitize_args_for_ui(args)
+
+        assert "token" not in result["file_url"]
+
+    def test_sanitize_file_urls_list(self):
+        """Test sanitizing file_urls list."""
+        args = {
+            "file_urls": [
+                "http://example.com/file1.txt?token=abc",
+                "http://example.com/file2.txt?token=def"
+            ]
+        }
+        result = _sanitize_args_for_ui(args)
+
+        assert len(result["file_urls"]) == 2
+        for url in result["file_urls"]:
+            assert "token" not in url
+
+    def test_sanitize_mixed_args(self):
+        """Test sanitizing mixed arguments."""
+        args = {
+            "filename": "http://example.com/file.txt?token=secret",
+            "other_param": "normal_value",
+            "file_names": ["file1.txt", "file2.txt"]
+        }
+        result = _sanitize_args_for_ui(args)
+
+        assert "token" not in result["filename"]
+        assert result["other_param"] == "normal_value"
+        assert len(result["file_names"]) == 2
+
+
+class TestFilterArgsToSchema:
+    """Test the _filter_args_to_schema function."""
+
+    def test_filter_with_schema(self):
+        """Test filtering arguments with available schema."""
+        tool_manager = Mock()
+        tool_manager.get_tools_schema.return_value = [
+            {
+                "function": {
+                    "name": "test_tool",
+                    "parameters": {
+                        "properties": {
+                            "allowed_param": {"type": "string"},
+                            "another_param": {"type": "number"}
+                        }
+                    }
+                }
+            }
+        ]
+
+        args = {
+            "allowed_param": "value",
+            "another_param": 42,
+            "original_filename": "old.txt",
+            "file_url": "http://example.com/file.txt",
+            "extra_param": "should_be_removed"
+        }
+
+        result = _filter_args_to_schema(args, "test_tool", tool_manager)
+
+        assert "allowed_param" in result
+        assert "another_param" in result
+        assert "original_filename" not in result
+        assert "file_url" not in result
+        assert "extra_param" not in result
+
+    def test_filter_without_schema(self):
+        """Test filtering when schema is unavailable."""
+        tool_manager = Mock()
+        tool_manager.get_tools_schema.return_value = []
+
+        args = {
+            "param": "value",
+            "original_filename": "old.txt",
+            "file_url": "http://example.com/file.txt"
+        }
+
+        result = _filter_args_to_schema(args, "test_tool", tool_manager)
+
+        # Should keep param but drop original_* and file_url(s)
+        assert "param" in result
+        assert "original_filename" not in result
+        assert "file_url" not in result
+
+    def test_filter_no_tool_manager(self):
+        """Test filtering with no tool manager."""
+        args = {
+            "param": "value",
+            "original_something": "should_be_removed",
+            "file_urls": ["url1", "url2"]
+        }
+
+        result = _filter_args_to_schema(args, "test_tool", None)
+
+        assert "param" in result
+        assert "original_something" not in result
+        assert "file_urls" not in result
+
+    def test_filter_exception_handling(self):
+        """Test filtering handles exceptions gracefully."""
+        tool_manager = Mock()
+        tool_manager.get_tools_schema.side_effect = Exception("Schema error")
+
+        args = {
+            "param": "value",
+            "original_param": "remove_me"
+        }
+
+        result = _filter_args_to_schema(args, "test_tool", tool_manager)
+
+        # Should fall back to conservative filtering
+        assert "param" in result
+        assert "original_param" not in result

atlas/tests/test_tool_authorization_group_filtering.py

@@ -0,0 +1,223 @@
+"""Test ToolAuthorizationService group filtering.
+
+This test verifies that MCP server group restrictions are properly enforced
+during tool authorization in chat execution.
+"""
+
+from unittest.mock import patch
+
+import pytest
+
+from atlas.application.chat.policies.tool_authorization import ToolAuthorizationService
+
+
+class MockToolManager:
+    """Mock tool manager with configurable server configs."""
+
+    def __init__(self, servers_config: dict):
+        self.servers_config = servers_config
+
+    async def get_authorized_servers(self, user_email: str, auth_check_func) -> list:
+        """Get list of servers the user is authorized to use."""
+        if auth_check_func is None:
+            raise TypeError("auth_check_func cannot be None")
+
+        authorized_servers = []
+        for server_name, server_config in self.servers_config.items():
+            if not server_config.get("enabled", True):
+                continue
+
+            required_groups = server_config.get("groups", [])
+            if not required_groups:
+                authorized_servers.append(server_name)
+                continue
+
+            # Check if user is in any of the required groups
+            group_checks = [await auth_check_func(user_email, group) for group in required_groups]
+            if any(group_checks):
+                authorized_servers.append(server_name)
+        return authorized_servers
+
+
+@pytest.mark.asyncio
+async def test_tool_authorization_enforces_group_restrictions():
+    """
+    Test that ToolAuthorizationService properly enforces group restrictions.
+
+    This test verifies that:
+    1. Tools from servers requiring specific groups are filtered out for unauthorized users
+    2. The authorization service does NOT fail open (return all tools) when group check fails
+
+    Bug context: Previously, ToolAuthorizationService passed None as the auth_check_func
+    to get_authorized_servers(), causing a TypeError that was caught and resulted in
+    returning all originally selected tools (fail-open behavior).
+    """
+    # Setup: Create servers with group restrictions
+    servers_config = {
+        "public_server": {
+            "enabled": True,
+            "groups": []  # No group restriction - available to all
+        },
+        "admin_server": {
+            "enabled": True,
+            "groups": ["admin"]  # Only admin group can access
+        },
+        "users_server": {
+            "enabled": True,
+            "groups": ["users"]  # Only users group can access
+        }
+    }
+
+    tool_manager = MockToolManager(servers_config)
+    auth_service = ToolAuthorizationService(tool_manager)
+
+    # User selects tools from all servers
+    selected_tools = [
+        "public_server_tool1",
+        "admin_server_tool1",
+        "users_server_tool1",
+        "canvas_canvas"
+    ]
+
+    # Mock is_user_in_group: user is in "users" group but not "admin"
+    async def mock_auth_check(user: str, group: str) -> bool:
+        return group == "users"
+
+    with patch("atlas.application.chat.policies.tool_authorization.is_user_in_group", mock_auth_check):
+        filtered_tools = await auth_service.filter_authorized_tools(
+            selected_tools=selected_tools,
+            user_email="regular@example.com"
+        )
+
+    # Assert: User should NOT have access to admin_server tools
+    assert "admin_server_tool1" not in filtered_tools, \
+        "Admin tools should be filtered out for non-admin users"
+
+    # canvas_canvas should always be allowed
+    assert "canvas_canvas" in filtered_tools, \
+        "canvas_canvas should always be allowed"
+
+    # public_server tools should be allowed (no group restriction)
+    assert "public_server_tool1" in filtered_tools, \
+        "Public server tools should be allowed for all users"
+
+    # users_server tools should be allowed (user is in users group)
+    assert "users_server_tool1" in filtered_tools, \
+        "Users server tools should be allowed for users in the group"
+
+
+@pytest.mark.asyncio
+async def test_tool_authorization_does_not_fail_open():
+    """
+    Test that tool authorization does not return all tools when auth check fails.
+
+    This specifically tests the fail-open bug where exceptions in authorization
+    cause all originally selected tools to be returned.
+    """
+    servers_config = {
+        "restricted_server": {
+            "enabled": True,
+            "groups": ["special_group"]
+        }
+    }
+
+    tool_manager = MockToolManager(servers_config)
+    auth_service = ToolAuthorizationService(tool_manager)
+
+    selected_tools = ["restricted_server_secret_tool"]
+
+    # Mock is_user_in_group: user is NOT in special_group
+    async def mock_auth_check(user: str, group: str) -> bool:
+        return False
+
+    with patch("atlas.application.chat.policies.tool_authorization.is_user_in_group", mock_auth_check):
+        filtered_tools = await auth_service.filter_authorized_tools(
+            selected_tools=selected_tools,
+            user_email="unauthorized@example.com"
+        )
+
+    # Assert: Restricted tools should NOT be accessible
+    assert "restricted_server_secret_tool" not in filtered_tools, \
+        "Restricted tools should not be accessible to unauthorized users (fail-open bug)"
+
+
+@pytest.mark.asyncio
+async def test_tool_authorization_with_real_mcp_tool_manager():
+    """
+    Integration test using the real MCPToolManager to verify auth function is passed.
+
+    This test ensures the ToolAuthorizationService properly integrates with
+    the real MCPToolManager.get_authorized_servers method.
+    """
+    from atlas.modules.mcp_tools.client import MCPToolManager
+
+    # Create a real MCPToolManager with test config
+    mcp_manager = MCPToolManager(None)
+    mcp_manager.servers_config = {
+        "public_server": {
+            "enabled": True,
+            "groups": []
+        },
+        "admin_server": {
+            "enabled": True,
+            "groups": ["admin"]
+        }
+    }
+
+    auth_service = ToolAuthorizationService(mcp_manager)
+
+    selected_tools = [
+        "public_server_tool1",
+        "admin_server_tool1"
+    ]
+
+    # Mock is_user_in_group: user is NOT in admin group
+    async def mock_auth_check(user: str, group: str) -> bool:
+        return False
+
+    with patch("atlas.application.chat.policies.tool_authorization.is_user_in_group", mock_auth_check):
+        filtered_tools = await auth_service.filter_authorized_tools(
+            selected_tools=selected_tools,
+            user_email="user@example.com"
+        )
+
+    # If we get here without the fix, the exception handler returns all tools
+    # So admin_server_tool1 would incorrectly be included
+    assert "admin_server_tool1" not in filtered_tools, \
+        "Admin tools should be filtered - auth function must be properly passed"
+    assert "public_server_tool1" in filtered_tools, \
+        "Public server tools should be accessible"
+
+
+@pytest.mark.asyncio
+async def test_tool_authorization_passes_auth_function_not_none():
+    """
+    Regression test: Ensure is_user_in_group is passed, not None.
+
+    This test will fail if None is passed to get_authorized_servers.
+    """
+    call_tracker = {"auth_func_received": None}
+
+    class TrackingToolManager:
+        def __init__(self):
+            self.servers_config = {"test_server": {"enabled": True, "groups": []}}
+
+        async def get_authorized_servers(self, user_email: str, auth_check_func):
+            call_tracker["auth_func_received"] = auth_check_func
+            if auth_check_func is None:
+                raise TypeError("auth_check_func cannot be None - security vulnerability!")
+            return ["test_server"]
+
+    tool_manager = TrackingToolManager()
+    auth_service = ToolAuthorizationService(tool_manager)
+
+    await auth_service.filter_authorized_tools(
+        selected_tools=["test_server_tool1"],
+        user_email="test@example.com"
+    )
+
+    # Verify that an actual function was passed, not None
+    assert call_tracker["auth_func_received"] is not None, \
+        "auth_check_func must not be None - this is a security vulnerability"
+    assert callable(call_tracker["auth_func_received"]), \
+        "auth_check_func must be callable"

atlas/tests/test_tool_details_in_config.py

@@ -0,0 +1,108 @@
+"""Test that tool details (description and inputSchema) are included in config API response."""
+
+import os
+import sys
+
+import pytest
+
+# Ensure backend is on path
+sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), "..")))
+
+from atlas.modules.mcp_tools.client import MCPToolManager
+
+
+class FakeTool:
+    """Mock tool object for testing."""
+    def __init__(self, name, description="", inputSchema=None):
+        self.name = name
+        self.description = description
+        self.inputSchema = inputSchema or {"type": "object", "properties": {}}
+
+
+@pytest.fixture
+def mock_mcp_manager(monkeypatch):
+    """Create a mock MCP manager with test data."""
+    manager = MCPToolManager()
+
+    # Mock available_tools with detailed tool information
+    manager.available_tools = {
+        "test_server": {
+            "tools": [
+                FakeTool(
+                    "test_tool",
+                    "This is a test tool description",
+                    {
+                        "type": "object",
+                        "properties": {
+                            "arg1": {
+                                "type": "string",
+                                "description": "First argument"
+                            },
+                            "arg2": {
+                                "type": "number",
+                                "description": "Second argument"
+                            }
+                        },
+                        "required": ["arg1"]
+                    }
+                )
+            ],
+            "config": {
+                "description": "Test server",
+                "author": "Test Author"
+            }
+        }
+    }
+
+    manager.available_prompts = {}
+    return manager
+
+
+def test_tools_detailed_includes_description_and_schema(mock_mcp_manager):
+    """Test that tools_detailed field contains description and inputSchema."""
+    server_tools = mock_mcp_manager.available_tools["test_server"]["tools"]
+    # Simulate what the config endpoint does
+    tools_detailed = []
+    for tool in server_tools:
+        tool_detail = {
+            'name': tool.name,
+            'description': tool.description or '',
+            'inputSchema': getattr(tool, 'inputSchema', {}) or {}
+        }
+        tools_detailed.append(tool_detail)
+
+    # Verify the structure
+    assert len(tools_detailed) == 1
+    assert tools_detailed[0]['name'] == 'test_tool'
+    assert tools_detailed[0]['description'] == 'This is a test tool description'
+    assert 'inputSchema' in tools_detailed[0]
+    assert 'properties' in tools_detailed[0]['inputSchema']
+    assert 'arg1' in tools_detailed[0]['inputSchema']['properties']
+    assert tools_detailed[0]['inputSchema']['properties']['arg1']['type'] == 'string'
+    assert tools_detailed[0]['inputSchema']['properties']['arg1']['description'] == 'First argument'
+
+
+def test_canvas_tool_has_detailed_info():
+    """Test that canvas pseudo-tool has detailed information."""
+    canvas_tools_detailed = [{
+        'name': 'canvas',
+        'description': 'Display final rendered content in a visual canvas panel. Use this for: 1) Complete code (not code discussions), 2) Final reports/documents (not report discussions), 3) Data visualizations, 4) Any polished content that should be viewed separately from the conversation.',
+        'inputSchema': {
+            'type': 'object',
+            'properties': {
+                'content': {
+                    'type': 'string',
+                    'description': 'The content to display in the canvas. Can be markdown, code, or plain text.'
+                }
+            },
+            'required': ['content']
+        }
+    }]
+
+    # Verify canvas tool structure
+    assert len(canvas_tools_detailed) == 1
+    assert canvas_tools_detailed[0]['name'] == 'canvas'
+    assert 'description' in canvas_tools_detailed[0]
+    assert len(canvas_tools_detailed[0]['description']) > 0
+    assert 'inputSchema' in canvas_tools_detailed[0]
+    assert 'content' in canvas_tools_detailed[0]['inputSchema']['properties']