test: cover self-approve block and unknown-mergeability fail-closed (#14)
Add two explicit eligibility tests requested in review of PR #24: - self-author blocked from 'approve' (eligible=false, reason "authenticated user is PR author"). - 'merge' fails closed when Gitea reports mergeable=None (eligible=false, reason "PR mergeability unknown"). Tests only; no implementation change. Behavior already enforced by gitea_check_pr_eligibility. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -694,6 +694,33 @@ class TestPrEligibility(unittest.TestCase):
|
||||
self.assertFalse(r["eligible"])
|
||||
self.assertIn("authenticated user is PR author", r["reasons"])
|
||||
|
||||
@patch("mcp_server.api_request")
|
||||
@patch("mcp_server.get_auth_header", return_value=FAKE_AUTH)
|
||||
def test_self_author_cannot_approve(self, _auth, mock_api):
|
||||
mock_api.side_effect = [{"login": "jcwalker3"}, self._pr("jcwalker3")]
|
||||
env = {"GITEA_PROFILE_NAME": "gitea-reviewer",
|
||||
"GITEA_ALLOWED_OPERATIONS": "read,review,approve"}
|
||||
with patch.dict(os.environ, env, clear=True):
|
||||
r = gitea_check_pr_eligibility(pr_number=8, action="approve", remote="prgs")
|
||||
self.assertFalse(r["eligible"])
|
||||
self.assertIn("authenticated user is PR author", r["reasons"])
|
||||
|
||||
@patch("mcp_server.api_request")
|
||||
@patch("mcp_server.get_auth_header", return_value=FAKE_AUTH)
|
||||
def test_merge_fails_closed_when_mergeability_unknown(self, _auth, mock_api):
|
||||
# Gitea reports mergeable as None/null (not yet computed).
|
||||
mock_api.side_effect = [
|
||||
{"login": "merger-bot"},
|
||||
self._pr("author-bot", mergeable=None),
|
||||
]
|
||||
env = {"GITEA_PROFILE_NAME": "gitea-merger",
|
||||
"GITEA_ALLOWED_OPERATIONS": "read,merge"}
|
||||
with patch.dict(os.environ, env, clear=True):
|
||||
r = gitea_check_pr_eligibility(pr_number=8, action="merge", remote="prgs")
|
||||
self.assertFalse(r["eligible"])
|
||||
self.assertIsNone(r["mergeable"])
|
||||
self.assertIn("PR mergeability unknown", r["reasons"])
|
||||
|
||||
@patch("mcp_server.api_request")
|
||||
@patch("mcp_server.get_auth_header", return_value=FAKE_AUTH)
|
||||
def test_profile_not_allowed_to_merge(self, _auth, mock_api):
|
||||
|
||||
Reference in New Issue
Block a user