from __future__ import annotations import asyncio import sys import tempfile import time import unittest from pathlib import Path import httpx sys.path.insert(0, str(Path(__file__).resolve().parents[3])) from backend.app.dependencies import get_file_ops_service from backend.app.fs.filesystem_adapter import FilesystemAdapter from backend.app.main import app from backend.app.security.path_guard import PathGuard from backend.app.services.file_ops_service import FileOpsService class FailingWriteFilesystemAdapter(FilesystemAdapter): def write_text_file(self, path: Path, content: str, encoding: str = "utf-8") -> dict: raise OSError("forced write failure") class EditApiGoldenTest(unittest.TestCase): def setUp(self) -> None: self.temp_dir = tempfile.TemporaryDirectory() self.root = Path(self.temp_dir.name) / "root" self.root.mkdir(parents=True, exist_ok=True) self.path_guard = PathGuard({"storage1": str(self.root)}) self._set_service(FilesystemAdapter()) def tearDown(self) -> None: app.dependency_overrides.clear() self.temp_dir.cleanup() def _set_service(self, filesystem: FilesystemAdapter) -> None: service = FileOpsService(path_guard=self.path_guard, filesystem=filesystem) async def _override_file_ops_service() -> FileOpsService: return service app.dependency_overrides[get_file_ops_service] = _override_file_ops_service def _request(self, method: str, url: str, params: dict | None = None, payload: dict | None = None) -> httpx.Response: async def _run() -> httpx.Response: transport = httpx.ASGITransport(app=app) async with httpx.AsyncClient(transport=transport, base_url="http://testserver") as client: if method == "GET": return await client.get(url, params=params) return await client.post(url, json=payload) return asyncio.run(_run()) def test_edit_view_success(self) -> None: file_path = self.root / "notes.txt" file_path.write_text("hello", encoding="utf-8") response = self._request("GET", "/api/files/view", params={"path": "storage1/notes.txt", "for_edit": "true"}) self.assertEqual(response.status_code, 200) body = response.json() self.assertEqual(body["path"], "storage1/notes.txt") self.assertEqual(body["name"], "notes.txt") self.assertEqual(body["content"], "hello") self.assertFalse(body["truncated"]) self.assertIn("modified", body) def test_save_success(self) -> None: file_path = self.root / "notes.txt" file_path.write_text("hello", encoding="utf-8") initial = self._request("GET", "/api/files/view", params={"path": "storage1/notes.txt", "for_edit": "true"}).json() response = self._request( "POST", "/api/files/save", payload={ "path": "storage1/notes.txt", "content": "changed", "expected_modified": initial["modified"], }, ) self.assertEqual(response.status_code, 200) self.assertEqual(file_path.read_text(encoding="utf-8"), "changed") self.assertEqual(response.json()["path"], "storage1/notes.txt") self.assertEqual(response.json()["size"], len("changed".encode("utf-8"))) def test_unsupported_type(self) -> None: (self.root / "report.pdf").write_bytes(b"%PDF-1.4") response = self._request("GET", "/api/files/view", params={"path": "storage1/report.pdf", "for_edit": "true"}) self.assertEqual(response.status_code, 409) self.assertEqual(response.json()["error"]["code"], "unsupported_type") def test_directory_type_conflict(self) -> None: (self.root / "docs").mkdir() response = self._request("GET", "/api/files/view", params={"path": "storage1/docs", "for_edit": "true"}) self.assertEqual(response.status_code, 409) self.assertEqual(response.json()["error"]["code"], "type_conflict") def test_path_not_found(self) -> None: response = self._request("POST", "/api/files/save", payload={"path": "storage1/missing.txt", "content": "x", "expected_modified": "2026-01-01T00:00:00Z"}) self.assertEqual(response.status_code, 404) self.assertEqual(response.json()["error"]["code"], "path_not_found") def test_traversal_attempt(self) -> None: response = self._request("POST", "/api/files/save", payload={"path": "storage1/../etc/passwd", "content": "x", "expected_modified": "2026-01-01T00:00:00Z"}) self.assertEqual(response.status_code, 403) self.assertEqual(response.json()["error"]["code"], "path_traversal_detected") def test_conflict_when_file_changed(self) -> None: file_path = self.root / "notes.txt" file_path.write_text("hello", encoding="utf-8") initial = self._request("GET", "/api/files/view", params={"path": "storage1/notes.txt", "for_edit": "true"}).json() time.sleep(0.02) file_path.write_text("changed elsewhere", encoding="utf-8") response = self._request( "POST", "/api/files/save", payload={ "path": "storage1/notes.txt", "content": "local edit", "expected_modified": initial["modified"], }, ) self.assertEqual(response.status_code, 409) self.assertEqual(response.json()["error"]["code"], "conflict") def test_io_error_on_save_failure(self) -> None: file_path = self.root / "notes.txt" file_path.write_text("hello", encoding="utf-8") initial = self._request("GET", "/api/files/view", params={"path": "storage1/notes.txt", "for_edit": "true"}).json() self._set_service(FailingWriteFilesystemAdapter()) response = self._request( "POST", "/api/files/save", payload={ "path": "storage1/notes.txt", "content": "local edit", "expected_modified": initial["modified"], }, ) self.assertEqual(response.status_code, 500) self.assertEqual(response.json()["error"]["code"], "io_error") def test_file_too_large_for_edit(self) -> None: content = "x" * (300 * 1024) (self.root / "big.txt").write_text(content, encoding="utf-8") response = self._request("GET", "/api/files/view", params={"path": "storage1/big.txt", "for_edit": "true"}) self.assertEqual(response.status_code, 409) self.assertEqual(response.json()["error"]["code"], "file_too_large") if __name__ == "__main__": unittest.main()