mirror of
https://github.com/google-gemini/gemini-cli.git
synced 2026-04-17 00:31:44 -07:00
73 lines
2.2 KiB
TypeScript
73 lines
2.2 KiB
TypeScript
/**
|
|
* @license
|
|
* Copyright 2026 Google LLC
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*/
|
|
|
|
import { describe, it, expect, beforeEach, afterEach } from 'vitest';
|
|
import { SandboxPolicyManager } from './sandboxPolicyManager.js';
|
|
import fs from 'node:fs';
|
|
import os from 'node:os';
|
|
import path from 'node:path';
|
|
|
|
describe('SandboxPolicyManager', () => {
|
|
const tempDir = path.join(os.tmpdir(), 'gemini-test-sandbox-policy');
|
|
const configPath = path.join(tempDir, 'sandbox.toml');
|
|
|
|
beforeEach(() => {
|
|
if (!fs.existsSync(tempDir)) {
|
|
fs.mkdirSync(tempDir, { recursive: true });
|
|
}
|
|
});
|
|
|
|
afterEach(() => {
|
|
if (fs.existsSync(tempDir)) {
|
|
fs.rmSync(tempDir, { recursive: true, force: true });
|
|
}
|
|
});
|
|
|
|
it('should add and retrieve session approvals', () => {
|
|
const manager = new SandboxPolicyManager(configPath);
|
|
manager.addSessionApproval('ls', {
|
|
fileSystem: { read: ['/tmp'], write: [] },
|
|
network: false,
|
|
});
|
|
|
|
const perms = manager.getCommandPermissions('ls');
|
|
expect(perms.fileSystem?.read).toContain('/tmp');
|
|
});
|
|
|
|
it('should protect against prototype pollution (session)', () => {
|
|
const manager = new SandboxPolicyManager(configPath);
|
|
manager.addSessionApproval('__proto__', {
|
|
fileSystem: { read: ['/POLLUTED'], write: [] },
|
|
network: true,
|
|
});
|
|
|
|
const perms = manager.getCommandPermissions('any-command');
|
|
expect(perms.fileSystem?.read).not.toContain('/POLLUTED');
|
|
});
|
|
|
|
it('should protect against prototype pollution (persistent)', () => {
|
|
const manager = new SandboxPolicyManager(configPath);
|
|
manager.addPersistentApproval('constructor', {
|
|
fileSystem: { read: ['/POLLUTED_PERSISTENT'], write: [] },
|
|
network: true,
|
|
});
|
|
|
|
const perms = manager.getCommandPermissions('constructor');
|
|
expect(perms.fileSystem?.read).not.toContain('/POLLUTED_PERSISTENT');
|
|
});
|
|
|
|
it('should lowercase command names for normalization', () => {
|
|
const manager = new SandboxPolicyManager(configPath);
|
|
manager.addSessionApproval('NPM', {
|
|
fileSystem: { read: ['/node_modules'], write: [] },
|
|
network: true,
|
|
});
|
|
|
|
const perms = manager.getCommandPermissions('npm');
|
|
expect(perms.fileSystem?.read).toContain('/node_modules');
|
|
});
|
|
});
|