ironclaw 0.22.0

Secure personal AI assistant that protects your data and expands its capabilities on the fly
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237

//! Integration test for module-owned initialization factories.
//!
//! Verifies that the refactored factory functions in `db`, `secrets`,
//! `orchestrator`, and `extensions` modules wire up correctly end-to-end,
//! ensuring nothing was lost when initialization logic was moved out of
//! `main.rs` and `app.rs` into owning modules.

use std::sync::Arc;

use ironclaw::db::DatabaseHandles;
use ironclaw::secrets::{CreateSecretParams, SecretsCrypto, SecretsStore};

// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------

/// Build a libsql DatabaseConfig pointing at a temp file.
#[cfg(feature = "libsql")]
fn libsql_config(path: &std::path::Path) -> ironclaw::config::DatabaseConfig {
    ironclaw::config::DatabaseConfig {
        backend: ironclaw::config::DatabaseBackend::LibSql,
        url: secrecy::SecretString::from(String::new()),
        pool_size: 1,
        ssl_mode: ironclaw::config::SslMode::Prefer,
        libsql_path: Some(path.to_path_buf()),
        libsql_url: None,
        libsql_auth_token: None,
    }
}

/// Build a master-key crypto instance for tests.
fn test_crypto() -> Arc<SecretsCrypto> {
    let key = secrecy::SecretString::from(ironclaw::secrets::keychain::generate_master_key_hex());
    Arc::new(SecretsCrypto::new(key).expect("test crypto"))
}

// ---------------------------------------------------------------------------
// connect_with_handles: returns Database + populated handles
// ---------------------------------------------------------------------------

#[cfg(feature = "libsql")]
#[tokio::test]
async fn connect_with_handles_returns_db_and_libsql_handle() {
    let dir = tempfile::tempdir().expect("tempdir");
    let db_path = dir.path().join("test.db");
    let config = libsql_config(&db_path);

    let (db, handles) = ironclaw::db::connect_with_handles(&config)
        .await
        .expect("connect_with_handles");

    // Database trait object works — run a trivial operation.
    db.run_migrations().await.expect("migrations");

    // Handle is populated.
    assert!(
        handles.libsql_db.is_some(),
        "libsql handle should be Some after connect_with_handles"
    );
}

// ---------------------------------------------------------------------------
// connect_from_config delegates to connect_with_handles
// ---------------------------------------------------------------------------

#[cfg(feature = "libsql")]
#[tokio::test]
async fn connect_from_config_produces_working_db() {
    let dir = tempfile::tempdir().expect("tempdir");
    let db_path = dir.path().join("test.db");
    let config = libsql_config(&db_path);

    // connect_from_config delegates to connect_with_handles internally.
    let db = ironclaw::db::connect_from_config(&config)
        .await
        .expect("connect_from_config");

    // Verify usable — migrations should be idempotent.
    db.run_migrations().await.expect("migrations");
}

// ---------------------------------------------------------------------------
// secrets::create_secrets_store from DatabaseHandles
// ---------------------------------------------------------------------------

#[cfg(feature = "libsql")]
#[tokio::test]
async fn secrets_store_from_handles_round_trips() {
    let dir = tempfile::tempdir().expect("tempdir");
    let db_path = dir.path().join("test.db");
    let config = libsql_config(&db_path);

    let (_db, handles) = ironclaw::db::connect_with_handles(&config)
        .await
        .expect("connect");

    let crypto = test_crypto();
    let store = ironclaw::secrets::create_secrets_store(crypto, &handles)
        .expect("create_secrets_store should return Some for libsql");

    // Round-trip a secret to prove the store works.
    store
        .create("test", CreateSecretParams::new("test_key", "test_value"))
        .await
        .expect("create secret");

    let decrypted = store
        .get_decrypted("test", "test_key")
        .await
        .expect("get_decrypted");
    assert_eq!(decrypted.expose(), "test_value");
}

// ---------------------------------------------------------------------------
// db::create_secrets_store (standalone CLI factory)
// ---------------------------------------------------------------------------

#[cfg(feature = "libsql")]
#[tokio::test]
async fn db_create_secrets_store_standalone_round_trips() {
    let dir = tempfile::tempdir().expect("tempdir");
    let db_path = dir.path().join("test.db");
    let config = libsql_config(&db_path);
    let crypto = test_crypto();

    let store = ironclaw::db::create_secrets_store(&config, crypto)
        .await
        .expect("db::create_secrets_store");

    store
        .create(
            "test",
            CreateSecretParams::new("standalone_key", "standalone_value"),
        )
        .await
        .expect("create secret");

    let decrypted = store
        .get_decrypted("test", "standalone_key")
        .await
        .expect("get_decrypted");
    assert_eq!(decrypted.expose(), "standalone_value");
}

// ---------------------------------------------------------------------------
// Both secrets factories produce equivalent stores
// ---------------------------------------------------------------------------

#[cfg(feature = "libsql")]
#[tokio::test]
async fn both_secrets_factories_produce_compatible_stores() {
    let dir = tempfile::tempdir().expect("tempdir");
    let db_path = dir.path().join("test.db");
    let config = libsql_config(&db_path);
    let crypto = test_crypto();

    // Factory 1: connect_with_handles + secrets::create_secrets_store
    let (_db, handles) = ironclaw::db::connect_with_handles(&config)
        .await
        .expect("connect");
    let store_a = ironclaw::secrets::create_secrets_store(Arc::clone(&crypto), &handles)
        .expect("store from handles");

    // Factory 2: db::create_secrets_store (standalone)
    let store_b = ironclaw::db::create_secrets_store(&config, crypto)
        .await
        .expect("standalone store");

    // Write with factory 1, read with factory 2.
    store_a
        .create(
            "test",
            CreateSecretParams::new("cross_factory", "shared_secret"),
        )
        .await
        .expect("create via store_a");

    let decrypted = store_b
        .get_decrypted("test", "cross_factory")
        .await
        .expect("read via store_b");
    assert_eq!(decrypted.expose(), "shared_secret");
}

// ---------------------------------------------------------------------------
// ExtensionManager constructs with McpProcessManager
// ---------------------------------------------------------------------------

#[tokio::test]
async fn extension_manager_with_process_manager_constructs() {
    use ironclaw::extensions::ExtensionManager;
    use ironclaw::secrets::InMemorySecretsStore;
    use ironclaw::tools::ToolRegistry;
    use ironclaw::tools::mcp::McpProcessManager;
    use ironclaw::tools::mcp::McpSessionManager;

    let crypto = test_crypto();
    let secrets: Arc<dyn SecretsStore + Send + Sync> = Arc::new(InMemorySecretsStore::new(crypto));
    let tools = Arc::new(ToolRegistry::new());
    let tools_dir = tempfile::tempdir().expect("tools_dir");
    let channels_dir = tempfile::tempdir().expect("channels_dir");

    let manager = ExtensionManager::new(
        Arc::new(McpSessionManager::new()),
        Arc::new(McpProcessManager::new()),
        secrets,
        tools,
        None,
        None,
        tools_dir.path().to_path_buf(),
        channels_dir.path().to_path_buf(),
        None,
        "test".to_string(),
        None,
        Vec::new(),
    );

    // Verify the manager is functional — list returns Ok.
    let result = manager.list(None, false, "test").await;
    assert!(result.is_ok(), "list should succeed on empty manager");
    assert!(result.unwrap().is_empty());
}

// ---------------------------------------------------------------------------
// DatabaseHandles: default is empty
// ---------------------------------------------------------------------------

#[test]
fn database_handles_default_is_empty() {
    let handles = DatabaseHandles::default();

    #[cfg(feature = "postgres")]
    assert!(handles.pg_pool.is_none());

    #[cfg(feature = "libsql")]
    assert!(handles.libsql_db.is_none());
}