iflow-mcp_democratize-technology-chronos-mcp 2.0.0__py3-none-any.whl

tests/unit/test_accounts.py

@@ -0,0 +1,380 @@
+"""
+Unit tests for account management
+"""
+
+import time
+from unittest.mock import Mock, patch
+
+import pytest
+from caldav.lib.error import AuthorizationError
+
+from chronos_mcp.accounts import AccountManager, CircuitBreaker, CircuitBreakerState
+from chronos_mcp.exceptions import (
+    AccountAuthenticationError,
+    AccountConnectionError,
+    AccountNotFoundError,
+)
+from chronos_mcp.models import AccountStatus
+
+
+class TestAccountManager:
+    def test_init(self, mock_config_manager):
+        """Test AccountManager initialization"""
+        mgr = AccountManager(mock_config_manager)
+        assert mgr.config == mock_config_manager
+        assert mgr.connections == {}
+        assert mgr.principals == {}
+
+    def test_connect_account_not_found(self, mock_config_manager):
+        """Test connecting to non-existent account"""
+        # Use real config manager - account doesn't exist
+        mgr = AccountManager(mock_config_manager)
+
+        # Should raise AccountNotFoundError
+        with pytest.raises(AccountNotFoundError) as exc_info:
+            mgr.connect_account("nonexistent")
+
+        assert "nonexistent" in str(exc_info.value)
+        assert exc_info.value.details["alias"] == "nonexistent"
+
+    @patch("chronos_mcp.accounts.DAVClient")
+    def test_connect_account_success(
+        self, mock_dav_client, mock_config_manager, sample_account
+    ):
+        """Test successful connection to an account"""
+        # Add account to config manager first
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+
+        # Mock successful connection
+        mock_client = Mock()
+        mock_dav_client.return_value = mock_client
+        mock_principal = Mock()
+        mock_client.principal.return_value = mock_principal
+
+        result = mgr.connect_account("test_account")
+        assert result is True
+        assert "test_account" in mgr.connections
+        assert "test_account" in mgr.principals
+        assert sample_account.status == AccountStatus.CONNECTED
+
+    @patch("chronos_mcp.accounts.DAVClient")
+    def test_connect_account_failure(
+        self, mock_dav_client, mock_config_manager, sample_account
+    ):
+        """Test connection failure"""
+        # Add account to config manager first
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+
+        # Mock connection failure
+        mock_dav_client.side_effect = AuthorizationError("Invalid credentials")
+
+        # Should raise AccountAuthenticationError
+        with pytest.raises(AccountAuthenticationError) as exc_info:
+            mgr.connect_account("test_account")
+
+        assert exc_info.value.details["alias"] == "test_account"
+        assert sample_account.status == AccountStatus.ERROR
+
+    def test_disconnect_account(self, mock_config_manager, sample_account):
+        """Test disconnecting an account"""
+        # Add account to config manager first
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+
+        # Simulate connected account
+        mgr.connections["test_account"] = Mock()
+        mgr.principals["test_account"] = Mock()
+
+        mgr.disconnect_account("test_account")
+        assert "test_account" not in mgr.connections
+        assert "test_account" not in mgr.principals
+        assert sample_account.status == AccountStatus.DISCONNECTED
+
+    def test_get_connection_not_connected(self, mock_config_manager, sample_account):
+        """Test getting connection when not connected - should auto-connect"""
+        mock_config_manager.config.default_account = None
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+
+        # Mock connect_account to fail
+        with patch.object(mgr, "connect_account", return_value=False):
+            connection = mgr.get_connection("test_account")
+            assert connection is None
+
+    @patch("chronos_mcp.accounts.DAVClient")
+    def test_test_account(self, mock_dav_client, mock_config_manager, sample_account):
+        """Test testing account connectivity"""
+        # Add account to config manager first
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+
+        # Mock successful connection
+        mock_client = Mock()
+        mock_dav_client.return_value = mock_client
+        mock_principal = Mock()
+        mock_client.principal.return_value = mock_principal
+        mock_calendars = [Mock(), Mock()]
+        mock_principal.calendars.return_value = mock_calendars
+
+        result = mgr.test_account("test_account")
+        assert result["alias"] == "test_account"
+        assert result["connected"] is True
+        assert result["calendars"] == 2
+        assert result["error"] is None
+
+    def test_get_principal(self, mock_config_manager):
+        """Test getting principal for an account"""
+        mgr = AccountManager(mock_config_manager)
+
+        # No principal when not connected
+        principal = mgr.get_principal("nonexistent")
+        assert principal is None
+
+        # Should return principal when connected
+        mock_principal = Mock()
+        mgr.principals["test_account"] = mock_principal
+        # Add timestamp to prevent stale connection check
+        mgr._connection_timestamps["test_account"] = time.time()
+
+        principal = mgr.get_principal("test_account")
+        assert principal == mock_principal
+
+    @patch("chronos_mcp.accounts.DAVClient")
+    def test_get_connection_with_default(
+        self, mock_dav_client, mock_config_manager, sample_account
+    ):
+        """Test getting connection uses default account when no alias provided"""
+        # Set up default account
+        mock_config_manager.add_account(sample_account)
+        mock_config_manager.config.default_account = "test_account"
+
+        mgr = AccountManager(mock_config_manager)
+
+        # Mock successful connection
+        mock_client = Mock()
+        mock_dav_client.return_value = mock_client
+        mock_principal = Mock()
+        mock_client.principal.return_value = mock_principal
+
+        # Get connection without specifying alias
+        mgr.get_connection()
+
+        # Should have connected to default account
+        assert "test_account" in mgr.connections
+
+    def test_circuit_breaker_functionality(self, mock_config_manager, sample_account):
+        """Test circuit breaker opens after repeated failures"""
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+
+        # Trigger multiple failures to open circuit breaker
+        with patch("chronos_mcp.accounts.DAVClient") as mock_dav_client:
+            mock_dav_client.side_effect = Exception("Connection failed")
+
+            # Try to connect multiple times to trigger circuit breaker
+            for _ in range(6):  # Exceeds failure threshold of 5
+                try:
+                    mgr.connect_account("test_account")
+                except AccountConnectionError:
+                    pass
+
+            # Circuit breaker should be OPEN
+            breaker_state = mgr.get_circuit_breaker_status("test_account")
+            assert breaker_state == CircuitBreakerState.OPEN
+
+            # Next connection attempt should be rejected immediately
+            with pytest.raises(AccountConnectionError) as exc_info:
+                mgr.connect_account("test_account")
+            # Check that the error details contain the circuit breaker message
+            assert "Circuit breaker is OPEN" in exc_info.value.details.get(
+                "original_error", ""
+            )
+
+    def test_connection_health_tracking(self, mock_config_manager, sample_account):
+        """Test connection health metrics are tracked"""
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+
+        # Test successful connection updates health
+        with patch("chronos_mcp.accounts.DAVClient") as mock_dav_client:
+            mock_client = Mock()
+            mock_dav_client.return_value = mock_client
+            mock_principal = Mock()
+            mock_client.principal.return_value = mock_principal
+
+            mgr.connect_account("test_account")
+
+            health = mgr.get_connection_health("test_account")
+            assert health is not None
+            assert health.total_attempts == 1
+            assert health.successful_connections == 1
+            assert health.failed_connections == 0
+            assert health.success_rate == 1.0
+
+    def test_connection_retry_logic(self, mock_config_manager, sample_account):
+        """Test connection retry with exponential backoff"""
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+        mgr._max_retries = 3
+
+        call_count = 0
+
+        def mock_dav_client_side_effect(*args, **kwargs):
+            nonlocal call_count
+            call_count += 1
+            if call_count < 3:  # Fail first 2 attempts
+                raise Exception("Temporary failure")
+            # Succeed on 3rd attempt
+            mock_client = Mock()
+            mock_client.principal.return_value = Mock()
+            return mock_client
+
+        with patch(
+            "chronos_mcp.accounts.DAVClient", side_effect=mock_dav_client_side_effect
+        ):
+            with patch("time.sleep") as mock_sleep:  # Mock sleep for testing
+                result = mgr.connect_account("test_account")
+
+                assert result is True
+                assert call_count == 3  # Should have retried
+                assert mock_sleep.call_count == 2  # 2 sleeps before success
+
+    def test_connection_timeout_configuration(
+        self, mock_config_manager, sample_account
+    ):
+        """Test connection timeout is properly configured"""
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+
+        with patch("chronos_mcp.accounts.DAVClient") as mock_dav_client:
+            mock_client = Mock()
+            mock_dav_client.return_value = mock_client
+            mock_principal = Mock()
+            mock_client.principal.return_value = mock_principal
+
+            mgr.connect_account("test_account")
+
+            # Verify DAVClient was called with timeout
+            mock_dav_client.assert_called_with(
+                url=str(sample_account.url),
+                username=sample_account.username,
+                password=sample_account.password,
+                timeout=30,  # Default timeout
+            )
+
+    def test_password_validation_in_add_account(self):
+        """Test that password is validated when adding an account"""
+        from chronos_mcp.validation import InputValidator
+        from chronos_mcp.exceptions import ValidationError
+
+        # Test with control characters in password - should be rejected
+        with pytest.raises(ValidationError) as exc_info:
+            InputValidator.validate_text_field("pass\x00word", "password", required=True)
+        assert "potentially dangerous content" in str(exc_info.value).lower()
+
+        # Test with excessively long password - should be rejected
+        with pytest.raises(ValidationError) as exc_info:
+            InputValidator.validate_text_field("a" * 11000, "password", required=True)
+        assert "maximum" in str(exc_info.value).lower()
+
+        # Test with valid password - should pass
+        result = InputValidator.validate_text_field("ValidP@ssw0rd!", "password", required=True)
+        assert result == "ValidP@ssw0rd!"
+
+    @patch("chronos_mcp.tools.accounts._managers")
+    def test_add_account_validates_password(self, mock_managers_dict, mock_config_manager):
+        """Test that add_account tool validates password input"""
+        import asyncio
+        from chronos_mcp.tools.accounts import add_account
+
+        # Setup managers
+        mock_managers_dict.__getitem__.return_value = mock_config_manager
+        mock_account_manager = Mock()
+        mock_account_manager.test_account.return_value = {
+            "alias": "test",
+            "connected": True,
+            "calendars": 2,
+            "error": None
+        }
+
+        def manager_getter(key):
+            if key == "config_manager":
+                return mock_config_manager
+            elif key == "account_manager":
+                return mock_account_manager
+            raise KeyError(key)
+
+        mock_managers_dict.__getitem__.side_effect = manager_getter
+
+        # Test with invalid password (control character)
+        # The decorator catches exceptions and returns error dict
+        result = asyncio.run(add_account(
+            alias="test",
+            url="https://example.com",
+            username="user",
+            password="pass\x00word",  # Null byte
+            allow_local=True
+        ))
+
+        # Should return error response
+        assert result["success"] is False
+        assert "error_code" in result
+        assert result["error_code"] == "ValidationError"
+        assert "dangerous content" in result["error"].lower()
+
+    def test_circuit_breaker_recovery(self, mock_config_manager, sample_account):
+        """Test circuit breaker transitions to HALF_OPEN after recovery timeout"""
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+
+        # Manually create and configure circuit breaker for testing
+        breaker = CircuitBreaker(failure_threshold=2, recovery_timeout=1)
+        mgr._circuit_breakers["test_account"] = breaker
+
+        # Trigger failures to open circuit breaker
+        breaker.record_failure()
+        breaker.record_failure()
+        assert breaker.state == CircuitBreakerState.OPEN
+
+        # Initially should not allow requests
+        assert not breaker.should_allow_request()
+
+        # Fast-forward time past recovery timeout
+        breaker.last_failure_time = time.time() - 2  # 2 seconds ago
+
+        # Should now allow request (HALF_OPEN)
+        assert breaker.should_allow_request()
+        assert breaker.state == CircuitBreakerState.HALF_OPEN
+
+        # Successful operation should close circuit
+        breaker.record_success()
+        assert breaker.state == CircuitBreakerState.CLOSED
+
+    @patch("chronos_mcp.accounts.DAVClient")
+    def test_cleanup_stale_connection(
+        self, mock_dav_client, mock_config_manager, sample_account
+    ):
+        """Test cleanup of stale connections"""
+        mock_config_manager.add_account(sample_account)
+        mgr = AccountManager(mock_config_manager)
+        mgr._connection_ttl_minutes = 0.01  # Very short TTL for testing
+
+        # Mock successful connection
+        mock_client = Mock()
+        mock_dav_client.return_value = mock_client
+        mock_principal = Mock()
+        mock_client.principal.return_value = mock_principal
+
+        # Connect and then wait for it to become stale
+        mgr.connect_account("test_account")
+        assert "test_account" in mgr.connections
+
+        # Make connection timestamp old
+        mgr._connection_timestamps["test_account"] = time.time() - 60  # 1 minute ago
+
+        # Cleanup should remove stale connection
+        result = mgr._cleanup_stale_connection("test_account")
+        assert result is True
+        assert "test_account" not in mgr.connections

tests/unit/test_accounts_ssrf.py

@@ -0,0 +1,134 @@
+"""
+Test SSRF protection in accounts module
+"""
+
+import pytest
+from unittest.mock import MagicMock, patch
+
+from chronos_mcp.exceptions import ValidationError
+from chronos_mcp.tools import accounts
+
+
+class TestAccountsSSRFProtection:
+    """Test that the accounts module properly uses SSRF protection"""
+
+    @pytest.mark.asyncio
+    async def test_add_account_blocks_private_ips_by_default(self):
+        """Test that add_account blocks private IPs by default"""
+
+        # Directly set managers in the accounts module
+        accounts._managers["config_manager"] = MagicMock()
+        accounts._managers["account_manager"] = MagicMock()
+
+        # Try to add account with localhost URL
+        result = await accounts.add_account(
+            alias="local-test",
+            url="https://localhost:8443/caldav",
+            username="user",
+            password="pass",
+        )
+
+        # The decorator catches ValidationError and returns error response
+        assert result["success"] is False
+        assert "not allowed for security reasons" in result["error"]
+
+        # Try with private IP
+        result = await accounts.add_account(
+            alias="private-test",
+            url="https://192.168.1.100/caldav",
+            username="user",
+            password="pass",
+        )
+
+        assert result["success"] is False
+        assert "not allowed for security reasons" in result["error"]
+
+    @pytest.mark.asyncio
+    async def test_add_account_allows_private_ips_with_flag(self):
+        """Test that add_account allows private IPs when explicitly enabled"""
+
+        # Mock the managers
+        mock_config_manager = MagicMock()
+        mock_account_manager = MagicMock()
+        mock_account_manager.test_account.return_value = {
+            "connected": True,
+            "calendars": [],
+        }
+
+        accounts._managers["config_manager"] = mock_config_manager
+        accounts._managers["account_manager"] = mock_account_manager
+
+        # Should work with allow_local=True
+        result = await accounts.add_account(
+            alias="local-dev",
+            url="https://localhost:8443/caldav",
+            username="user",
+            password="pass",
+            allow_local=True,  # Explicitly allow local IPs
+        )
+
+        assert result["success"] is True
+        assert "local-dev" in result["message"]
+
+        # Verify the account was added
+        assert mock_config_manager.add_account.called
+
+    @pytest.mark.asyncio
+    async def test_add_account_allows_public_urls(self):
+        """Test that add_account allows public URLs by default"""
+
+        # Mock the managers
+        mock_config_manager = MagicMock()
+        mock_account_manager = MagicMock()
+        mock_account_manager.test_account.return_value = {
+            "connected": True,
+            "calendars": ["Calendar1"],
+        }
+
+        accounts._managers["config_manager"] = mock_config_manager
+        accounts._managers["account_manager"] = mock_account_manager
+
+        # Mock DNS resolution to return public IP
+        with patch("socket.getaddrinfo") as mock_getaddrinfo:
+            # Mock public IP resolution
+            mock_getaddrinfo.return_value = [(2, 1, 6, "", ("93.184.216.34", 443))]
+
+            result = await accounts.add_account(
+                alias="public-caldav",
+                url="https://caldav.example.com/dav",
+                username="user",
+                password="pass",
+            )
+
+            assert result["success"] is True
+            assert "public-caldav" in result["message"]
+            assert mock_config_manager.add_account.called
+
+    @pytest.mark.asyncio
+    async def test_add_account_validates_url_format(self):
+        """Test that add_account validates URL format"""
+
+        accounts._managers["config_manager"] = MagicMock()
+        accounts._managers["account_manager"] = MagicMock()
+
+        # Invalid URL format
+        result = await accounts.add_account(
+            alias="bad-url", url="not-a-url", username="user", password="pass"
+        )
+
+        assert result["success"] is False
+        assert "Invalid URL format" in result["error"]
+
+        # HTTP instead of HTTPS
+        result = await accounts.add_account(
+            alias="http-url",
+            url="http://example.com/caldav",
+            username="user",
+            password="pass",
+        )
+
+        assert result["success"] is False
+        assert (
+            "Invalid URL format" in result["error"]
+            or "Must be a valid HTTPS URL" in result["error"]
+        )

tests/unit/test_base.py

@@ -0,0 +1,135 @@
+"""
+Unit tests for base tool utilities
+"""
+
+import pytest
+
+from chronos_mcp.exceptions import ChronosError
+from chronos_mcp.tools.base import handle_tool_errors
+
+
+class TestHandleToolErrors:
+    """Test error handling decorator"""
+
+    @pytest.mark.asyncio
+    async def test_chronos_error_sanitization(self):
+        """Test that ChronosError exceptions are properly sanitized"""
+
+        @handle_tool_errors
+        async def tool_with_chronos_error(**kwargs):
+            raise ChronosError("Error with password=secret123 in message")
+
+        result = await tool_with_chronos_error()
+
+        assert result["success"] is False
+        assert "password=secret123" not in result["error"]
+        assert "password=***" in result["error"]
+        assert result["error_code"] == "ChronosError"
+        assert "request_id" in result
+
+    @pytest.mark.asyncio
+    async def test_generic_exception_sanitization(self):
+        """
+        Test that generic exceptions are properly sanitized.
+
+        SECURITY TEST: This test verifies that unexpected exceptions containing
+        sensitive information (passwords, tokens, API keys) are sanitized before
+        being returned to the client. This prevents information disclosure via
+        error messages.
+
+        BUG: Currently FAILING - generic exceptions bypass ErrorSanitizer
+        Location: chronos_mcp/tools/base.py:42
+        """
+
+        @handle_tool_errors
+        async def tool_with_generic_error(**kwargs):
+            # Simulate an unexpected exception with sensitive data
+            raise ValueError("Database connection failed: password=mysecret123 token=abc-xyz-789")
+
+        result = await tool_with_generic_error()
+
+        # Verify response structure
+        assert result["success"] is False
+        assert result["error_code"] == "ValueError"
+        assert "request_id" in result
+
+        # CRITICAL SECURITY CHECK: Sensitive data MUST be redacted
+        error_message = result["error"]
+        assert "password=mysecret123" not in error_message, \
+            "SECURITY FAILURE: Password leaked in generic exception"
+        assert "token=abc-xyz-789" not in error_message, \
+            "SECURITY FAILURE: Token leaked in generic exception"
+
+        # Should contain sanitized versions
+        assert "password=***" in error_message or "password" not in error_message.lower()
+        assert "token=***" in error_message or "token" not in error_message.lower()
+
+    @pytest.mark.asyncio
+    async def test_generic_exception_with_url_credentials(self):
+        """Test that URLs with embedded credentials are sanitized in generic exceptions"""
+
+        @handle_tool_errors
+        async def tool_with_url_error(**kwargs):
+            raise ConnectionError("Failed to connect to https://user:pass@example.com/api")
+
+        result = await tool_with_url_error()
+
+        assert result["success"] is False
+        error_message = result["error"]
+
+        # CRITICAL: URL credentials must be redacted
+        assert "user:pass" not in error_message, \
+            "SECURITY FAILURE: URL credentials leaked in generic exception"
+        assert "***:***@" in error_message or "user" not in error_message
+
+    @pytest.mark.asyncio
+    async def test_generic_exception_with_api_key(self):
+        """Test that API keys are sanitized in generic exceptions"""
+
+        @handle_tool_errors
+        async def tool_with_api_key_error(**kwargs):
+            raise RuntimeError("API request failed: api_key=sk_live_abc123xyz789")
+
+        result = await tool_with_api_key_error()
+
+        assert result["success"] is False
+        error_message = result["error"]
+
+        # CRITICAL: API key must be redacted
+        assert "sk_live_abc123xyz789" not in error_message, \
+            "SECURITY FAILURE: API key leaked in generic exception"
+        assert "api_key=***" in error_message or "api_key" not in error_message
+
+    @pytest.mark.asyncio
+    async def test_success_path_no_error(self):
+        """Test that successful tool execution returns normally"""
+
+        @handle_tool_errors
+        async def successful_tool(**kwargs):
+            return {"success": True, "data": "test"}
+
+        result = await successful_tool()
+
+        assert result["success"] is True
+        assert result["data"] == "test"
+        # Note: request_id is only added to error responses, not success responses
+
+    @pytest.mark.asyncio
+    async def test_request_id_propagation(self):
+        """Test that request_id is properly injected as a kwarg to the tool function"""
+
+        @handle_tool_errors
+        async def tool_that_uses_request_id(request_id=None, **kwargs):
+            # Tool should receive the injected request_id
+            assert request_id is not None
+            # Return it so we can verify it was passed
+            return {"success": True, "received_id": request_id}
+
+        result = await tool_that_uses_request_id()
+
+        # Tool function received the request_id
+        assert result["success"] is True
+        assert "received_id" in result
+        # Verify it's a valid UUID string
+        import uuid
+        uuid.UUID(result["received_id"])  # Will raise if invalid