AskaEth/Cyrene
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
24f827fe02ade7a385f19685c9c96e992d9cfea8
Cyrene/backend/ai-core/internal/host/sandbox_test.go
T
AskaEth 63a8f95de1 test: Phase 6 全功能测试 — 19个测试全部通过 + 开发路线文档 
- host: 沙箱执行/命令拦截/超时/文件读写/系统信息/路径验证 (6 tests)
- rag: 文本分块/余弦相似度/关键词匹配/文档索引+搜索 (4 tests)
- tools: host_exec/host_file/host_system/knowledge_search/knowledge_ingest (5 tests)
- vision: 图片编码/错误处理/定义验证/执行流程 (4 tests)
- Embedder 重构为接口,支持 API 和 Simple 两种实现
- 添加 ROADMAP.md 未来开发路线

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-24 07:51:07 +08:00

134 lines
3.4 KiB
Go
Raw Blame History

package host
import (
"context"
"os"
"path/filepath"
"testing"
"time"
)
func TestSandboxExec(t *testing.T) {
cfg := DefaultSandboxConfig()
cfg.AllowedDirs = []string{os.TempDir()}
sandbox := NewSandbox(cfg)
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
result, err := sandbox.Exec(ctx, "echo hello cyrene", os.TempDir(), 5*time.Second)
if err != nil {
t.Fatalf("exec failed: %v", err)
}
if result.ExitCode != 0 {
t.Fatalf("unexpected exit code: %d, stderr=%s", result.ExitCode, result.Stderr)
}
if result.Stdout == "" {
t.Fatal("expected output, got empty")
}
t.Logf("exec OK: stdout=%q, duration=%s", result.Stdout, result.Duration)
}
func TestSandboxBlockedCommand(t *testing.T) {
cfg := DefaultSandboxConfig()
sandbox := NewSandbox(cfg)
ctx := context.Background()
_, err := sandbox.Exec(ctx, "rm -rf /", os.TempDir(), 5*time.Second)
if err == nil {
t.Fatal("expected 'rm' to be blocked")
}
t.Logf("blocked command OK: %v", err)
}
func TestSandboxTimeout(t *testing.T) {
cfg := DefaultSandboxConfig()
cfg.AllowedCommands = append(cfg.AllowedCommands, "sleep")
sandbox := NewSandbox(cfg)
ctx := context.Background()
result, err := sandbox.Exec(ctx, "sleep 10", os.TempDir(), 1*time.Second)
if err == nil {
t.Fatal("expected timeout error")
}
if !result.TimedOut {
t.Fatal("expected TimedOut=true")
}
t.Logf("timeout OK: exit=%d, timed_out=%v", result.ExitCode, result.TimedOut)
}
func TestManagerFileOps(t *testing.T) {
cfg := DefaultSandboxConfig()
tmpDir := os.TempDir()
cfg.AllowedDirs = []string{tmpDir}
sandbox := NewSandbox(cfg)
mgr := NewManager(sandbox)
mgr.SetAllowedDirs([]string{tmpDir})
testPath := filepath.Join(tmpDir, "cyrene-test-file.txt")
err := mgr.WriteFile(testPath, "Hello from Cyrene host manager!", 1024*1024)
if err != nil {
t.Fatalf("write failed: %v", err)
}
defer os.Remove(testPath)
content, err := mgr.ReadFile(testPath, 1024*1024)
if err != nil {
t.Fatalf("read failed: %v", err)
}
if content != "Hello from Cyrene host manager!" {
t.Fatalf("content mismatch: %q", content)
}
t.Logf("file read/write OK: %q", content)
entries, err := mgr.ListDir(tmpDir)
if err != nil {
t.Fatalf("listdir failed: %v", err)
}
found := false
for _, e := range entries {
if e.Name == "cyrene-test-file.txt" {
found = true
break
}
}
if !found {
t.Fatal("expected test file in directory listing")
}
t.Logf("listdir OK: %d entries", len(entries))
}
func TestManagerSystemInfo(t *testing.T) {
cfg := DefaultSandboxConfig()
sandbox := NewSandbox(cfg)
mgr := NewManager(sandbox)
info := mgr.SystemInfo()
if info["hostname"] == nil || info["hostname"] == "" {
t.Fatal("expected hostname in system info")
}
if info["os"] == nil || info["os"] == "" {
t.Fatal("expected os in system info")
}
if info["arch"] == nil || info["arch"] == "" {
t.Fatal("expected arch in system info")
}
t.Logf("system info OK: os=%v arch=%v num_cpu=%v", info["os"], info["arch"], info["num_cpu"])
}
func TestPathValidation(t *testing.T) {
cfg := DefaultSandboxConfig()
cfg.AllowedDirs = []string{os.TempDir()}
sandbox := NewSandbox(cfg)
mgr := NewManager(sandbox)
mgr.SetAllowedDirs([]string{os.TempDir()})
// Should fail: access outside allowed dirs
_, err := mgr.ReadFile("/etc/passwd", 1024)
if err == nil {
t.Fatal("expected path validation to block /etc/passwd")
}
t.Logf("path validation OK: blocked access to /etc/passwd")
}
Reference in New Issue View Git Blame Copy Permalink