MCPcopy Create free account
hub / github.com/AI45Lab/Code / test_realistic_dev_policy

Function test_realistic_dev_policy

core/src/permissions/tests.rs:408–440  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

406
407#[test]
408fn test_realistic_dev_policy() {
409 let policy = PermissionPolicy::new()
410 // Allow common dev commands
411 .allow_all(&[
412 "Bash(cargo:*)",
413 "Bash(npm:*)",
414 "Bash(pnpm:*)",
415 "Bash(just:*)",
416 "Bash(git status:*)",
417 "Bash(git diff:*)",
418 "Bash(echo:*)",
419 "Grep(*)",
420 "Glob(*)",
421 "Ls(*)",
422 ])
423 // Deny dangerous commands
424 .deny_all(&["Bash(rm -rf:*)", "Bash(sudo:*)", "Bash(curl | sh:*)"])
425 // Always ask for writes
426 .ask_all(&["Write(*)", "Edit(*)"]);
427
428 // Allowed
429 assert!(policy.is_allowed("Bash", &json!({"command": "cargo build"})));
430 assert!(policy.is_allowed("Bash", &json!({"command": "npm run test"})));
431 assert!(policy.is_allowed("Grep", &json!({"pattern": "TODO"})));
432
433 // Denied
434 assert!(policy.is_denied("Bash", &json!({"command": "rm -rf /"})));
435 assert!(policy.is_denied("Bash", &json!({"command": "sudo apt install"})));
436
437 // Ask
438 assert!(policy.requires_confirmation("Write", &json!({"file_path": "/tmp/test.rs"})));
439 assert!(policy.requires_confirmation("Edit", &json!({"file_path": "src/main.rs"})));
440}
441
442#[test]
443fn test_mcp_tool_permissions() {

Callers

nothing calls this directly

Calls 3

ask_allMethod · 0.80
deny_allMethod · 0.80
allow_allMethod · 0.80

Tested by

no test coverage detected