From 3c398b5e528f79231fa55f91225f9e79be1d43f5 Mon Sep 17 00:00:00 2001 From: DanConwayDev Date: Mon, 1 Dec 2025 21:38:10 +0000 Subject: better fixtures: MaintainerStateDataPushed --- .../src/specs/grasp01/push_authorization.rs | 228 ++------------------- 1 file changed, 19 insertions(+), 209 deletions(-) (limited to 'grasp-audit/src/specs/grasp01/push_authorization.rs') diff --git a/grasp-audit/src/specs/grasp01/push_authorization.rs b/grasp-audit/src/specs/grasp01/push_authorization.rs index f6a2314..2e14953 100644 --- a/grasp-audit/src/specs/grasp01/push_authorization.rs +++ b/grasp-audit/src/specs/grasp01/push_authorization.rs @@ -35,7 +35,7 @@ use crate::{ clone_repo, create_commit, create_deterministic_commit, create_deterministic_commit_with_variant, try_push, try_push_to_ref, AuditClient, CommitVariant, FixtureKind, TestContext, TestResult, DETERMINISTIC_COMMIT_HASH, - MAINTAINER_DETERMINISTIC_COMMIT_HASH, RECURSIVE_MAINTAINER_DETERMINISTIC_COMMIT_HASH, + MAINTAINER_DETERMINISTIC_COMMIT_HASH, }; use nostr_sdk::prelude::*; use std::fs; @@ -814,234 +814,44 @@ impl PushAuthorizationTests { /// Test push authorized by recursive maintainer state event /// /// GRASP-01: "respecting the recursive maintainer set" - /// This tests recursive maintainer chains: Owner -> MaintainerA -> MaintainerB + /// This tests recursive maintainer chains: Owner -> Maintainer -> RecursiveMaintainer /// - /// ## Fixture-First Pattern - /// - /// 1. **Generate**: Create TestContext and get fixture chain: - /// - RepoState (owner's repo announcement + state event) - /// - MaintainerAnnouncement (maintainer lists recursive-maintainer) - /// - MaintainerState (maintainer's state event) - /// - RecursiveMaintainerRepoAndState (recursive maintainer's announcement + state) - /// 2. **Send**: Clone repo, create recursive maintainer deterministic commit, push - /// 3. **Verify**: Push should succeed because recursive maintainer's state event authorizes it + /// This test uses the RecursiveMaintainerStateDataPushed fixture which handles all 4 stages: + /// 1. **Generated**: Creates MaintainerStateDataPushed (owner's + maintainer's data pushed) + /// + MaintainerAnnouncement (maintainer lists recursive maintainer) + /// + RecursiveMaintainerState (recursive maintainer's state event) + /// 2. **Sent**: Sends events to relay + /// 3. **Verified**: Confirms events accepted by relay + /// 4. **DataPushed**: Clones repo, creates recursive maintainer deterministic commit, pushes to relay /// - /// The fixture chain establishes: Owner -> Maintainer -> RecursiveMaintainer - /// Each level publishes announcements that authorize the next level. + /// The test wraps the fixture result in pass/fail using the error message. + #[allow(unused_variables)] // relay_domain is now handled by fixture pub async fn test_push_authorized_by_recursive_maintainer_state( client: &AuditClient, relay_domain: &str, ) -> TestResult { - use std::process::Command; - let test_name = "test_push_authorized_by_recursive_maintainer_state"; - - // ============================================================ - // Step 1: GENERATE - Create TestContext and get fixture chain - // ============================================================ let ctx = TestContext::new(client); - // Get RepoState fixture (owner's repo announcement + state event) - let state_event = match ctx.get_fixture(FixtureKind::RepoState).await { - Ok(e) => e, - Err(e) => { - return TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .fail(format!("Failed to create RepoState fixture: {}", e)); - } - }; - - // Get MaintainerAnnouncement fixture (maintainer's repo announcement listing recursive maintainer) - match ctx.get_fixture(FixtureKind::MaintainerAnnouncement).await { - Ok(_) => {} - Err(e) => { - return TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .fail(format!( - "Failed to create MaintainerAnnouncement fixture: {}", - e - )); - } - }; - - // Get MaintainerState fixture (maintainer's state event) - match ctx.get_fixture(FixtureKind::MaintainerState).await { - Ok(_) => {} - Err(e) => { - return TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .fail(format!("Failed to create MaintainerState fixture: {}", e)); - } - }; - - // Get RecursiveMaintainerRepoAndState fixture (completes 3-level delegation chain) - match ctx - .get_fixture(FixtureKind::RecursiveMaintainerRepoAndState) - .await - { - Ok(_) => {} - Err(e) => { - return TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .fail(format!( - "Failed to create RecursiveMaintainerRepoAndState fixture: {}", - e - )); - } - }; - - tokio::time::sleep(std::time::Duration::from_millis(200)).await; - - // Extract repo_id and npub from owner's state event - let repo_id = match state_event - .tags - .iter() - .find(|t| t.kind() == TagKind::d()) - .and_then(|t| t.content()) - { - Some(id) => id.to_string(), - None => { - return TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .fail("Missing repo_id in state event"); - } - }; - - let npub = match state_event.pubkey.to_bech32() { - Ok(n) => n, - Err(e) => { - return TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .fail(format!("Failed to convert pubkey to bech32: {}", e)); - } - }; - - // ============================================================ - // Step 2: SEND - Clone, create recursive maintainer commit, push - // ============================================================ - let clone_path = match clone_repo(relay_domain, &npub, &repo_id) { - Ok(p) => p, - Err(e) => { - return TestResult::new( + // The RecursiveMaintainerStateDataPushed fixture handles all stages: + // Generate → Send → Verify → DataPush + match ctx.get_fixture(FixtureKind::RecursiveMaintainerStateDataPushed).await { + Ok(_recursive_maintainer_state_event) => { + TestResult::new( test_name, "GRASP-01", "Push authorized by recursive maintainer state event", ) - .fail(&e); + .pass() } - }; - let cleanup = || { - let _ = fs::remove_dir_all(&clone_path); - }; - - // Reset to orphan state and create deterministic root commit - // Step 1: Create orphan branch (removes all history) - let _ = Command::new("git") - .args(["checkout", "--orphan", "main-new"]) - .current_dir(&clone_path) - .output(); - - // Step 2: Clear staged files (orphan keeps files staged from previous branch) - let _ = Command::new("git") - .args(["rm", "-rf", "--cached", "."]) - .current_dir(&clone_path) - .output(); - - // Step 3: Create recursive maintainer deterministic commit - let commit_hash = match create_deterministic_commit_with_variant( - &clone_path, - CommitVariant::RecursiveMaintainer, - ) { - Ok(h) => h, Err(e) => { - cleanup(); - return TestResult::new( + TestResult::new( test_name, "GRASP-01", "Push authorized by recursive maintainer state event", ) - .fail(format!( - "Failed to create recursive maintainer commit: {}", - e - )); + .fail(format!("{}", e)) } - }; - - // Step 4: Replace main branch with our new orphan branch - let _ = Command::new("git") - .args(["branch", "-D", "main"]) - .current_dir(&clone_path) - .output(); - - let _ = Command::new("git") - .args(["branch", "-m", "main"]) - .current_dir(&clone_path) - .output(); - - // Verify commit hash matches expected - if commit_hash != RECURSIVE_MAINTAINER_DETERMINISTIC_COMMIT_HASH { - cleanup(); - return TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .fail(format!( - "Recursive maintainer commit hash mismatch: got {}, expected {}", - commit_hash, RECURSIVE_MAINTAINER_DETERMINISTIC_COMMIT_HASH - )); - } - - // ============================================================ - // Step 3: VERIFY - Push should succeed because recursive - // maintainer's state event authorizes this commit - // ============================================================ - let push_result = try_push(&clone_path); - cleanup(); - - match push_result { - Ok(true) => TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .pass(), - Ok(false) => TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .fail(format!( - "Push was rejected but should have been accepted. \ - The recursive maintainer published a state event with commit {}, \ - and the relay should authorize pushes matching this state event \ - through recursive maintainer traversal (Owner -> Maintainer -> RecursiveMaintainer).", - RECURSIVE_MAINTAINER_DETERMINISTIC_COMMIT_HASH - )), - Err(e) => TestResult::new( - test_name, - "GRASP-01", - "Push authorized by recursive maintainer state event", - ) - .fail(format!("Push error: {}", e)), } } -- cgit v1.2.3