astrid-kernel 0.7.0

Astrid micro-kernel, the core of the Astrid OS
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153

//! `admin.agent.modify` handler tests (F-B).
//!
//! Lives in a sibling file rather than next to the rest of the agent
//! lifecycle tests in `state_tests.rs` because the latter is close to
//! the per-file CI line cap. The split is purely mechanical — the
//! shared fixture and assertion helpers are re-defined locally so each
//! test is self-contained.

use std::sync::Arc;

use astrid_core::dirs::AstridHome;
use astrid_core::groups::{BUILTIN_AGENT, BUILTIN_RESTRICTED};
use astrid_core::principal::PrincipalId;
use astrid_core::profile::PrincipalProfile;
use astrid_events::kernel_api::{AdminRequestKind, AdminResponseBody};
use tempfile::TempDir;

use super::handlers;
use crate::Kernel;

async fn fixture() -> (TempDir, Arc<Kernel>) {
    let dir = tempfile::tempdir().expect("tempdir");
    let home = AstridHome::from_path(dir.path());
    let kernel = crate::test_kernel_with_home(home).await;
    (dir, kernel)
}

fn pid(name: &str) -> PrincipalId {
    PrincipalId::new(name).unwrap()
}

fn assert_success(res: &AdminResponseBody) {
    match res {
        AdminResponseBody::Success(_)
        | AdminResponseBody::Quotas(_)
        | AdminResponseBody::AgentList(_)
        | AdminResponseBody::GroupList(_) => {},
        AdminResponseBody::Error(msg) => panic!("expected success, got Error: {msg}"),
    }
}

fn assert_error_contains(res: &AdminResponseBody, needle: &str) {
    match res {
        AdminResponseBody::Error(msg) => {
            assert!(
                msg.contains(needle),
                "expected error to contain {needle:?}, got: {msg}"
            );
        },
        other => panic!("expected Error, got: {other:?}"),
    }
}

#[tokio::test(flavor = "multi_thread")]
async fn agent_modify_adds_and_removes_groups_idempotently() {
    // F-B: agent.modify should partial-update group membership and
    // be idempotent — re-applying the same change is a no-op.
    let (_dir, kernel) = fixture().await;
    handlers::dispatch(
        &kernel,
        AdminRequestKind::AgentCreate {
            name: "mia".into(),
            groups: vec![BUILTIN_AGENT.into()],
            grants: Vec::new(),
        },
    )
    .await;

    // Add `restricted`, no change to existing `agent`.
    let res = handlers::dispatch(
        &kernel,
        AdminRequestKind::AgentModify {
            principal: pid("mia"),
            add_groups: vec![BUILTIN_RESTRICTED.into()],
            remove_groups: Vec::new(),
        },
    )
    .await;
    assert_success(&res);
    let path = PrincipalProfile::path_for(&kernel.astrid_home, &pid("mia"));
    let profile = PrincipalProfile::load_from_path(&path).unwrap();
    assert_eq!(
        profile.groups,
        vec![BUILTIN_AGENT.to_string(), BUILTIN_RESTRICTED.to_string()]
    );

    // Re-applying the same add is a no-op (changed = false) but still
    // succeeds so scripts can be re-run safely.
    let res = handlers::dispatch(
        &kernel,
        AdminRequestKind::AgentModify {
            principal: pid("mia"),
            add_groups: vec![BUILTIN_RESTRICTED.into()],
            remove_groups: Vec::new(),
        },
    )
    .await;
    assert_success(&res);

    // Remove `agent`. Now mia is only in `restricted`.
    let res = handlers::dispatch(
        &kernel,
        AdminRequestKind::AgentModify {
            principal: pid("mia"),
            add_groups: Vec::new(),
            remove_groups: vec![BUILTIN_AGENT.into()],
        },
    )
    .await;
    assert_success(&res);
    let profile = PrincipalProfile::load_from_path(&path).unwrap();
    assert_eq!(profile.groups, vec![BUILTIN_RESTRICTED.to_string()]);
}

#[tokio::test(flavor = "multi_thread")]
async fn agent_modify_rejects_empty_changes() {
    let (_dir, kernel) = fixture().await;
    handlers::dispatch(
        &kernel,
        AdminRequestKind::AgentCreate {
            name: "nina".into(),
            groups: Vec::new(),
            grants: Vec::new(),
        },
    )
    .await;
    let res = handlers::dispatch(
        &kernel,
        AdminRequestKind::AgentModify {
            principal: pid("nina"),
            add_groups: Vec::new(),
            remove_groups: Vec::new(),
        },
    )
    .await;
    assert_error_contains(&res, "must be non-empty");
}

#[tokio::test(flavor = "multi_thread")]
async fn agent_modify_rejects_unknown_principal() {
    let (_dir, kernel) = fixture().await;
    let res = handlers::dispatch(
        &kernel,
        AdminRequestKind::AgentModify {
            principal: pid("ghost"),
            add_groups: vec![BUILTIN_RESTRICTED.into()],
            remove_groups: Vec::new(),
        },
    )
    .await;
    // require_principal_exists's phantom-principal guard.
    assert_error_contains(&res, "ghost");
}