test: share slack security audit fixture

2026-05-06 06:40:44 +00:00 · 2026-04-20 17:58:22 +01:00
parent 164f0feddf
commit 1f139c198a
1 changed files with 32 additions and 37 deletions
--- a/extensions/slack/src/security-audit.test.ts
+++ b/extensions/slack/src/security-audit.test.ts
@@ -22,26 +22,37 @@ function createSlackAccount(config: NonNullable<OpenClawConfig["channels"]>["sla
  } as ResolvedSlackAccount;
 }

+function createSlashCommandSlackConfig(
+  options: { useAccessGroups?: boolean } = {},
+): OpenClawConfig {
+  return {
+    ...(options.useAccessGroups === undefined
+      ? {}
+      : { commands: { useAccessGroups: options.useAccessGroups } }),
+    channels: {
+      slack: {
+        enabled: true,
+        botToken: "xoxb-test",
+        appToken: "xapp-test",
+        groupPolicy: "open",
+        slashCommand: { enabled: true },
+      },
+    },
+  };
+}
+
+async function collectSlackFindingsForConfig(cfg: OpenClawConfig) {
+  readChannelAllowFromStoreMock.mockResolvedValue([]);
+  return await collectSlackSecurityAuditFindings({
+    cfg,
+    account: createSlackAccount(cfg.channels!.slack),
+    accountId: "default",
+  });
+}
+
 describe("Slack security audit findings", () => {
  it("flags slash commands without a channel users allowlist", async () => {
-    const cfg: OpenClawConfig = {
-      channels: {
-        slack: {
-          enabled: true,
-          botToken: "xoxb-test",
-          appToken: "xapp-test",
-          groupPolicy: "open",
-          slashCommand: { enabled: true },
-        },
-      },
-    };
-
-    readChannelAllowFromStoreMock.mockResolvedValue([]);
-    const findings = await collectSlackSecurityAuditFindings({
-      cfg,
-      account: createSlackAccount(cfg.channels!.slack),
-      accountId: "default",
-    });
+    const findings = await collectSlackFindingsForConfig(createSlashCommandSlackConfig());

    expect(findings).toEqual(
      expect.arrayContaining([
@@ -54,25 +65,9 @@ describe("Slack security audit findings", () => {
  });

  it("flags slash commands when access-group enforcement is disabled", async () => {
-    const cfg: OpenClawConfig = {
-      commands: { useAccessGroups: false },
-      channels: {
-        slack: {
-          enabled: true,
-          botToken: "xoxb-test",
-          appToken: "xapp-test",
-          groupPolicy: "open",
-          slashCommand: { enabled: true },
-        },
-      },
-    };
-
-    readChannelAllowFromStoreMock.mockResolvedValue([]);
-    const findings = await collectSlackSecurityAuditFindings({
-      cfg,
-      account: createSlackAccount(cfg.channels!.slack),
-      accountId: "default",
-    });
+    const findings = await collectSlackFindingsForConfig(
+      createSlashCommandSlackConfig({ useAccessGroups: false }),
+    );

    expect(findings).toEqual(
      expect.arrayContaining([