UNPKG

safe-commander-mcp

Version:

A secure MCP server for executing whitelisted development commands with comprehensive security controls and resource limits

81 lines (80 loc) 5.07 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); const command_validator_1 = require("../../src/commands/command-validator"); describe('Command Validator', () => { describe('getBaseCommand', () => { test('should extract command name from simple commands', () => { expect((0, command_validator_1.getBaseCommand)('npm')).toBe('npm'); expect((0, command_validator_1.getBaseCommand)('git')).toBe('git'); expect((0, command_validator_1.getBaseCommand)('ls')).toBe('ls'); }); test('should extract command name from commands with arguments', () => { expect((0, command_validator_1.getBaseCommand)('npm install')).toBe('npm'); expect((0, command_validator_1.getBaseCommand)('git status')).toBe('git'); expect((0, command_validator_1.getBaseCommand)('ls -la')).toBe('ls'); }); test('should handle commands with flags', () => { expect((0, command_validator_1.getBaseCommand)('npm install --save-dev')).toBe('npm'); expect((0, command_validator_1.getBaseCommand)('git commit -m "message"')).toBe('git'); }); test('should handle empty and whitespace commands', () => { expect((0, command_validator_1.getBaseCommand)('')).toBe(''); expect((0, command_validator_1.getBaseCommand)(' ')).toBe(''); expect((0, command_validator_1.getBaseCommand)('\t\n')).toBe(''); }); }); describe('isCommandValid', () => { test('should return valid: true for allowed commands', () => { expect((0, command_validator_1.isCommandValid)('npm')).toEqual({ valid: true }); expect((0, command_validator_1.isCommandValid)('git')).toEqual({ valid: true }); expect((0, command_validator_1.isCommandValid)('ls')).toEqual({ valid: true }); expect((0, command_validator_1.isCommandValid)('cat')).toEqual({ valid: true }); expect((0, command_validator_1.isCommandValid)('pwd')).toEqual({ valid: true }); expect((0, command_validator_1.isCommandValid)('node')).toEqual({ valid: true }); }); test('should return valid: false for disallowed commands', () => { const result1 = (0, command_validator_1.isCommandValid)('rm'); const result2 = (0, command_validator_1.isCommandValid)('sudo'); const result3 = (0, command_validator_1.isCommandValid)('chmod'); expect(result1.valid).toBe(false); expect(result1.error).toBeDefined(); expect(result2.valid).toBe(false); expect(result2.error).toBeDefined(); expect(result3.valid).toBe(false); expect(result3.error).toBeDefined(); }); test('should handle complex commands', () => { expect((0, command_validator_1.isCommandValid)('npm install --save-dev')).toEqual({ valid: true }); expect((0, command_validator_1.isCommandValid)('git status')).toEqual({ valid: true }); }); }); describe('validateCommand', () => { test('should allow valid commands with allowed base commands', () => { expect(() => (0, command_validator_1.validateCommand)('npm install')).not.toThrow(); expect(() => (0, command_validator_1.validateCommand)('git status')).not.toThrow(); expect(() => (0, command_validator_1.validateCommand)('ls -la')).not.toThrow(); }); test('should reject commands with disallowed base commands', () => { expect(() => (0, command_validator_1.validateCommand)('rm -rf /')).toThrow(); expect(() => (0, command_validator_1.validateCommand)('sudo rm')).toThrow(); expect(() => (0, command_validator_1.validateCommand)('chmod +x file')).toThrow(); }); test('should reject empty commands', () => { expect(() => (0, command_validator_1.validateCommand)('')).toThrow(); expect(() => (0, command_validator_1.validateCommand)(' ')).toThrow(); }); test('should handle commands with complex arguments', () => { expect(() => (0, command_validator_1.validateCommand)('npm install --save-dev @types/jest')).not.toThrow(); expect(() => (0, command_validator_1.validateCommand)('git commit -m "Add tests"')).not.toThrow(); }); test('should provide secure error messages', () => { expect(() => (0, command_validator_1.validateCommand)('dangerous_cmd')).toThrow(/not permitted/); expect(() => (0, command_validator_1.validateCommand)('')).toThrow(/non-empty string/); }); test('should handle path validation for path-sensitive commands', () => { expect(() => (0, command_validator_1.validateCommand)('cat file.txt')).not.toThrow(); expect(() => (0, command_validator_1.validateCommand)('ls .')).not.toThrow(); expect(() => (0, command_validator_1.validateCommand)('cat ../../../etc/passwd')).toThrow(); }); }); });