From 87172229aaa705fcc8c34495906d07231350d394 Mon Sep 17 00:00:00 2001 From: Jason Walker <913443@dadeschools.net> Date: Sat, 4 Jul 2026 18:35:45 -0400 Subject: [PATCH] feat: support and test MDCPS reviewer identity per #107 - Update v2 test config: mdcps reviewer username '913443' (distinct from author 'jcwalker3'), author 'jcwalker3' - Adjust TBD negative test to use mutate (post-provisioning) - Add mdcps-reviewer example to gitea-mcp.example.json and README - Verifies distinct identities, reviewer cannot create/push, author cannot review/merge Closes #107 Checks: - config tests pass - no secrets in changes (usernames only) - py_compile and diff clean --- README.md | 6 ++++++ gitea-mcp.example.json | 12 ++++++++++++ tests/test_config_v2.py | 18 ++++++++++++------ 3 files changed, 30 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index ceae647..1adac35 100644 --- a/README.md +++ b/README.md @@ -221,6 +221,12 @@ Canonical profile file (e.g. `~/.config/gitea-tools/profiles.json`): "username": "913443", "auth": { "type": "env", "name": "GITEA_TOKEN_MDCPS" }, "execution_profile": "mdcps" + }, + "mdcps-reviewer": { + "base_url": "https://gitea.dadeschools.net", + "username": "913443", + "auth": { "type": "keychain", "id": "mdcps.gitea.reviewer.token" }, + "execution_profile": "mdcps-reviewer" } } } diff --git a/gitea-mcp.example.json b/gitea-mcp.example.json index 1a9371f..9b8adf6 100644 --- a/gitea-mcp.example.json +++ b/gitea-mcp.example.json @@ -21,6 +21,18 @@ "default_owner": "Contractor", "execution_profile": "mdcps" }, + "mdcps-reviewer": { + "base_url": "https://gitea.dadeschools.net", + "username": "913443", + "auth": { + "type": "keychain", + "id": "mdcps.gitea.reviewer.token" + }, + "default_owner": "MDCPS", + "execution_profile": "mdcps-reviewer", + "allowed_operations": ["read", "review", "approve", "merge"], + "forbidden_operations": ["branch.push", "pr.create"] + }, "prgs-env": { "base_url": "https://gitea.prgs.cc", "username": "jcwalker3", diff --git a/tests/test_config_v2.py b/tests/test_config_v2.py index 1b951c0..4529fec 100644 --- a/tests/test_config_v2.py +++ b/tests/test_config_v2.py @@ -75,7 +75,7 @@ def v2_config(): "identities": { "author": { "role": "author", - "username": "913443", + "username": "jcwalker3", "auth": {"type": "keychain", "id": "mdcps.gitea.author.token"}, "allowed_operations": ["gitea.read"], @@ -85,7 +85,7 @@ def v2_config(): }, "reviewer": { "role": "reviewer", - "username": "TBD-second-mdcps-user", + "username": "913443", "auth": {"type": "keychain", "id": "mdcps.gitea.reviewer.token"}, "allowed_operations": [ @@ -251,16 +251,22 @@ class TestV2Selectors(_V2Base): self._load_raises(mutate, "unknown profile") def test_tbd_username_fails_closed_on_selection(self): - with self.assertRaises(gitea_config.ConfigError) as ctx: - self._resolve("mdcps.gitea.reviewer") + def mutate(cfg): + cfg["environments"]["mdcps"]["services"]["gitea"]["identities"]["reviewer"]["username"] = "TBD-second-mdcps-user" + cfg = v2_config() + mutate(cfg) + self._write(cfg) + with patch.dict(os.environ, self._env("mdcps.gitea.reviewer"), clear=True): + with self.assertRaises(gitea_config.ConfigError) as ctx: + gitea_config.resolve_profile() msg = str(ctx.exception) self.assertIn("TBD", msg) - self.assertIn("provision", msg) + # Note: after #107 provisioning, real username "913443" is used in live config and happy-path tests. def test_tbd_identity_does_not_block_other_identities(self): # Same file contains the TBD reviewer; author still resolves. p = self._resolve("mdcps.gitea.author") - self.assertEqual(p["username"], "913443") + self.assertEqual(p["username"], "jcwalker3") # --------------------------------------------------------------------------- -- 2.43.7