feat: register work-issue task routing for role-aware MCP (#139)

- Map work_issue/work-issue to author role and gitea.pr.create in resolver
- Route work-issue sessions through role_session_router before mutations
- Expose work_issue in runtime context task capabilities
- Add work-issue workflow source verifier and canonical routing docs
- Tests for resolver, router, and final-report verifier

Closes #139

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
This commit is contained in:
2026-07-07 09:30:38 -04:00
co-authored by Claude Opus 4.8
parent 7b71113b4d
commit c260ef15fb
9 changed files with 258 additions and 0 deletions
+26
View File
@@ -121,6 +121,32 @@ class TestResolveTaskCapability(unittest.TestCase):
self.assertTrue(res["allowed_in_current_session"])
self.assertFalse(res["different_mcp_namespace_required"])
@patch("mcp_server.api_request", return_value={"login": "author-user"})
@patch("mcp_server.get_auth_header", return_value="token author-pass")
def test_resolve_work_issue_author_profile_allowed(self, _auth, _api):
with patch.dict(os.environ, self._env("author-profile")):
for task in ("work_issue", "work-issue"):
res = mcp_server.gitea_resolve_task_capability(
task=task, remote="prgs"
)
self.assertEqual(res["requested_task"], task)
self.assertEqual(
res["required_operation_permission"], "gitea.pr.create"
)
self.assertEqual(res["required_role_kind"], "author")
self.assertTrue(res["allowed_in_current_session"])
@patch("mcp_server.api_request", return_value={"login": "author-user"})
@patch("mcp_server.get_auth_header", return_value="token author-pass")
def test_resolve_work_issue_reviewer_profile_blocked(self, _auth, _api):
with patch.dict(os.environ, self._env("reviewer-profile")):
res = mcp_server.gitea_resolve_task_capability(
task="work_issue", remote="prgs"
)
self.assertFalse(res["allowed_in_current_session"])
self.assertEqual(res["required_role_kind"], "author")
self.assertTrue(res["different_mcp_namespace_required"])
@patch("mcp_server.api_request", return_value={"login": "author-user"})
@patch("mcp_server.get_auth_header", return_value="token author-pass")
def test_resolve_issue_comment_task(self, _auth, _api):