import { validateBackendResult, BackendResultSchema, emptyBackendResult } from "../backends/types.js"; describe("BackendResult Zod Validation", () => { it("accepts valid BackendResult", () => { const valid = { success: true, output: "Task completed", artifacts: [{ path: "src/app.ts", content: "export const x = 1;", operation: "create" as const }], decisions: [], escalations: [], usage: { input_tokens: 100, output_tokens: 50, total_tokens: 150, estimated_cost_usd: 0.01 }, }; const result = validateBackendResult(valid); expect(result.result).not.toBeNull(); expect(result.errors).toHaveLength(0); expect(result.result?.success).toBe(true); }); it("rejects BackendResult missing success field", () => { const invalid = { output: "Task completed", artifacts: [], decisions: [], escalations: [], usage: { input_tokens: 100, output_tokens: 50, total_tokens: 150, estimated_cost_usd: 0.01 }, }; const result = validateBackendResult(invalid); expect(result.result).toBeNull(); expect(result.errors.length).toBeGreaterThan(0); }); it("rejects artifact with path traversal", () => { const malicious = { success: true, output: "ok", artifacts: [{ path: "../../etc/shadow", content: "pwned", operation: "create" as const }], decisions: [], escalations: [], usage: { input_tokens: 0, output_tokens: 0, total_tokens: 0, estimated_cost_usd: 0 }, }; const result = validateBackendResult(malicious); expect(result.result).toBeNull(); expect(result.errors.some((e) => e.includes("path traversal"))).toBe(true); }); it("rejects artifact with absolute path", () => { const malicious = { success: true, output: "ok", artifacts: [{ path: "/etc/passwd", content: "", operation: "create" as const }], decisions: [], escalations: [], usage: { input_tokens: 0, output_tokens: 0, total_tokens: 0, estimated_cost_usd: 0 }, }; const result = validateBackendResult(malicious); expect(result.result).toBeNull(); expect(result.errors.some((e) => e.includes("absolute"))).toBe(true); }); it("rejects success=true with error message", () => { const contradictory = { success: true, output: "ok", artifacts: [], decisions: [], escalations: [], usage: { input_tokens: 0, output_tokens: 0, total_tokens: 0, estimated_cost_usd: 0 }, error: "Something went wrong", }; const result = validateBackendResult(contradictory); expect(result.result).toBeNull(); expect(result.errors.some((e) => e.includes("success") && e.includes("error"))).toBe(true); }); it("rejects invalid artifact operation", () => { const invalid = { success: true, output: "ok", artifacts: [{ path: "a.ts", content: "", operation: "explode" }], decisions: [], escalations: [], usage: { input_tokens: 0, output_tokens: 0, total_tokens: 0, estimated_cost_usd: 0 }, }; const result = validateBackendResult(invalid); expect(result.result).toBeNull(); }); it("rejects negative token usage", () => { const invalid = { success: true, output: "ok", artifacts: [], decisions: [], escalations: [], usage: { input_tokens: -10, output_tokens: 0, total_tokens: 0, estimated_cost_usd: 0 }, }; const result = validateBackendResult(invalid); expect(result.result).toBeNull(); }); it("accepts empty success=false with error", () => { const fail = { success: false, output: "", artifacts: [], decisions: [], escalations: [], usage: { input_tokens: 0, output_tokens: 0, total_tokens: 0, estimated_cost_usd: 0 }, error: "Connection refused", }; const result = validateBackendResult(fail); expect(result.result).not.toBeNull(); expect(result.result?.success).toBe(false); }); it("emptyBackendResult returns success=false", () => { const result = emptyBackendResult("test error"); expect(result.success).toBe(false); expect(result.error).toBe("test error"); }); });