mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-07-13 23:47:24 +02:00
37 lines
1.2 KiB
Go
37 lines
1.2 KiB
Go
package mcp
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"testing"
|
|
|
|
"cyberstrike-ai/internal/authctx"
|
|
|
|
"go.uber.org/zap"
|
|
)
|
|
|
|
func TestToolAuthorizerIsUniversalAndExecutionKeepsOwner(t *testing.T) {
|
|
server := NewServer(zap.NewNop())
|
|
server.RegisterTool(Tool{Name: "echo", InputSchema: map[string]interface{}{"type": "object"}}, func(ctx context.Context, args map[string]interface{}) (*ToolResult, error) {
|
|
return &ToolResult{Content: []Content{{Type: "text", Text: "ok"}}}, nil
|
|
})
|
|
server.SetToolAuthorizer(func(ctx context.Context, toolName string, args map[string]interface{}) error {
|
|
if _, ok := authctx.PrincipalFromContext(ctx); !ok {
|
|
return errors.New("principal required")
|
|
}
|
|
return nil
|
|
})
|
|
if _, _, err := server.CallTool(context.Background(), "echo", nil); err == nil {
|
|
t.Fatal("tool call without principal was allowed")
|
|
}
|
|
ctx := authctx.WithPrincipal(context.Background(), authctx.NewPrincipal("u1", "user", "assigned", map[string]bool{"mcp:execute": true}))
|
|
_, executionID, err := server.CallTool(ctx, "echo", nil)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
execution, ok := server.GetExecution(executionID)
|
|
if !ok || execution.OwnerUserID != "u1" {
|
|
t.Fatalf("execution owner = %#v, want u1", execution)
|
|
}
|
|
}
|