|
| 1 | +#!/usr/bin/env bash |
| 2 | +# Regression tests for the CockroachDB safety hooks. |
| 3 | +# |
| 4 | +# Runs the actual commands from hooks/hooks.json (with ${CLAUDE_PLUGIN_ROOT} |
| 5 | +# substituted) and asserts the contract: |
| 6 | +# |
| 7 | +# - dangerous SQL is blocked (PreToolUse permissionDecision: deny) |
| 8 | +# - anti-patterns emit a warning (systemMessage) |
| 9 | +# - safe SQL and non-SQL file edits produce no user-visible block |
| 10 | +# - a missing or UNSUBSTITUTED plugin root fails open: exit 0, no block |
| 11 | +# |
| 12 | +# The last case is the regression for issue #20 (path exceeds MAX_PATH) and |
| 13 | +# issue #23 (${CLAUDE_PLUGIN_ROOT} not substituted by the host). In both, the |
| 14 | +# interpreter cannot open the script; the hook must still exit 0 so the editor |
| 15 | +# is never interrupted. |
| 16 | +set -uo pipefail |
| 17 | + |
| 18 | +ROOT="$(cd "$(dirname "$0")/.." && pwd)" |
| 19 | +HOOKS="$ROOT/hooks/hooks.json" |
| 20 | +TMP="$(mktemp -d)" |
| 21 | +trap 'rm -rf "$TMP"' EXIT |
| 22 | +fails=0 |
| 23 | + |
| 24 | +# Extract a hook command from hooks.json and substitute the plugin root token. |
| 25 | +hook_cmd() { # $1=event $2=root |
| 26 | + python3 -c 'import json,sys; print(json.load(open(sys.argv[1]))["hooks"][sys.argv[2]][0]["hooks"][0]["command"].replace("${CLAUDE_PLUGIN_ROOT}", sys.argv[3]))' "$HOOKS" "$1" "$2" |
| 27 | +} |
| 28 | + |
| 29 | +# check: desc, event, root, stdin, expected_rc, mode(empty|contains), substr |
| 30 | +check() { |
| 31 | + local desc="$1" event="$2" root="$3" stdin="$4" want_rc="$5" mode="$6" substr="${7:-}" |
| 32 | + local cmd out rc ok=1 |
| 33 | + cmd="$(hook_cmd "$event" "$root")" |
| 34 | + out="$(printf '%s' "$stdin" | sh -c "$cmd" 2>/dev/null)"; rc=$? |
| 35 | + [ "$rc" = "$want_rc" ] || ok=0 |
| 36 | + case "$mode" in |
| 37 | + empty) [ -z "$out" ] || ok=0 ;; |
| 38 | + contains) printf '%s' "$out" | grep -q "$substr" || ok=0 ;; |
| 39 | + esac |
| 40 | + if [ "$ok" = 1 ]; then |
| 41 | + echo "ok - $desc" |
| 42 | + else |
| 43 | + echo "FAIL - $desc (rc=$rc, out=${out:-<empty>})" |
| 44 | + fails=$((fails + 1)) |
| 45 | + fi |
| 46 | +} |
| 47 | + |
| 48 | +printf 'CREATE TABLE t (id SERIAL PRIMARY KEY);\n' > "$TMP/a.sql" |
| 49 | +printf '# just markdown, not sql\n' > "$TMP/a.md" |
| 50 | + |
| 51 | +# --- PreToolUse (validate-sql.py), plugin root resolved --- |
| 52 | +check "blocks DROP DATABASE" PreToolUse "$ROOT" '{"tool_input":{"sql":"DROP DATABASE x"}}' 0 contains '"permissionDecision": "deny"' |
| 53 | +check "blocks TRUNCATE" PreToolUse "$ROOT" '{"tool_input":{"sql":"TRUNCATE TABLE t"}}' 0 contains '"permissionDecision": "deny"' |
| 54 | +check "warns on SERIAL" PreToolUse "$ROOT" '{"tool_input":{"sql":"CREATE TABLE t (id SERIAL)"}}' 0 contains 'systemMessage' |
| 55 | +check "safe SQL produces no block" PreToolUse "$ROOT" '{"tool_input":{"sql":"SELECT 1"}}' 0 empty |
| 56 | + |
| 57 | +# --- PostToolUse (check-sql-files.py), plugin root resolved --- |
| 58 | +check "lints SERIAL in a .sql file" PostToolUse "$ROOT" "{\"tool_input\":{\"file_path\":\"$TMP/a.sql\"}}" 0 contains 'CockroachDB lint' |
| 59 | +check "non-SQL edit produces no block" PostToolUse "$ROOT" "{\"tool_input\":{\"file_path\":\"$TMP/a.md\"}}" 0 empty |
| 60 | + |
| 61 | +# --- regression: plugin root NOT substituted / missing (issues #20, #23) --- |
| 62 | +# Pass the literal token as the "root" so the substitution is a no-op, exactly |
| 63 | +# reproducing a host that does not expand ${CLAUDE_PLUGIN_ROOT}. |
| 64 | +check "PreToolUse fails open on unsubstituted root" PreToolUse '${CLAUDE_PLUGIN_ROOT}' '{"tool_input":{"sql":"DROP DATABASE x"}}' 0 empty |
| 65 | +check "PostToolUse fails open on unsubstituted root" PostToolUse '${CLAUDE_PLUGIN_ROOT}' "{\"tool_input\":{\"file_path\":\"$TMP/a.sql\"}}" 0 empty |
| 66 | + |
| 67 | +echo |
| 68 | +if [ "$fails" -eq 0 ]; then |
| 69 | + echo "All hook regression tests passed." |
| 70 | +else |
| 71 | + echo "$fails test(s) failed." |
| 72 | + exit 1 |
| 73 | +fi |
0 commit comments