use crate::tui::app::App;
use crate::utils::sanitize::redact_command;
use serde_json::json;
#[test]
fn redact_command_hides_bearer_token() {
let cmd = r#"curl -s --max-time 15 https://dialagram.me/router/v1/chat/completions -H "Content-Type: application/json" -H "Authorization: Bearer dgr_live_txDsdsDDv7zpSECRETKEY" -d '{"model":"x"}'"#;
let out = redact_command(cmd);
assert!(
!out.contains("dgr_live_txDsdsDDv7zpSECRETKEY"),
"the bearer token must be redacted, got: {out}"
);
assert!(
out.contains("[REDACTED]"),
"should mark the redaction: {out}"
);
assert!(out.contains("curl"));
assert!(out.contains("dialagram.me"));
}
#[test]
fn redact_command_hides_api_key_param_and_url_password() {
assert!(
!redact_command("curl https://api.example.com?api_key=sk-abc123def")
.contains("sk-abc123def")
);
assert!(
!redact_command("curl https://user:hunter2@host/path").contains("hunter2"),
"URL-embedded password must be redacted"
);
}
#[test]
fn redact_command_leaves_innocuous_commands_intact() {
let cmd = "grep -A2 'dialagram' ~/.opencrabs/keys.toml 2>/dev/null | head";
assert_eq!(redact_command(cmd), cmd);
let cmd2 = "cargo test --all-features";
assert_eq!(redact_command(cmd2), cmd2);
}
#[test]
fn tui_bash_summary_redacts_bearer_token() {
let input = json!({
"command": r#"curl -H "Authorization: Bearer dgr_live_SUPERSECRET" https://x.com"#
});
let desc = App::format_tool_description("bash", &input);
assert!(
!desc.contains("dgr_live_SUPERSECRET"),
"TUI bash summary leaked the token: {desc}"
);
assert!(desc.starts_with("bash: "), "shape preserved: {desc}");
assert!(desc.contains("[REDACTED]"));
}
#[test]
fn tui_http_request_summary_redacts_url_password() {
let input = json!({
"method": "GET",
"url": "https://admin:topsecret@internal.example.com/health"
});
let desc = App::format_tool_description("http_request", &input);
assert!(
!desc.contains("topsecret"),
"http_request summary leaked the URL password: {desc}"
);
}
#[test]
fn tui_normal_bash_summary_unchanged() {
let input = json!({ "command": "ls -la ~/srv" });
let desc = App::format_tool_description("bash", &input);
assert_eq!(desc, "bash: ls -la ~/srv");
}