Files
openclaw/src/plugin-sdk/approval-native-helpers.test.ts
Peter Steinberger 0b8aabe864 docs: document auth profile failure policy contract (#89613)
* docs: document markdown marker renderer

* docs: document rendered markdown chunking

* docs: document markdown text chunking

* docs: document shared text chunking

* docs: document plugin text chunking exports

* docs: document avatar policy constants

* docs: document node match candidates

* docs: document scoped expiring id cache

* docs: document runtime import normalization

* docs: document string sample summaries

* docs: document session usage timeseries types

* docs: document session usage response types

* docs: document manifest frontmatter shapes

* docs: document channel route input metadata

* docs: document pair loop guard settings

* docs: document migration config patch helpers

* docs: document api provider registry

* docs: document tool call repair payloads

* docs: document plugin tool payload helpers

* docs: document lazy promise loader

* docs: document store writer queue state

* docs: document thread binding lifecycle

* docs: document concurrency helper contract

* docs: document gateway client info contract

* docs: document delivery context contracts

* docs: document secret ref defaults contract

* docs: document command gating contract

* docs: document avatar policy contract

* docs: document node match policy

* docs: document message channel normalization

* docs: document boolean parsing contract

* docs: document zod parse helpers

* docs: document direct dm guard policy

* docs: document fixed window limiter contract

* docs: document node presence event contract

* docs: document secret normalization contract

* docs: document progress draft line removal

* docs: document usage formatting contracts

* docs: document agent run status contract

* docs: document runtime import helpers

* docs: document provider utility ownership

* docs: document invalid config helpers

* docs: document json compat parser

* docs: document channel config metadata ownership

* docs: document channel logging helpers

* docs: document sender identity validation ownership

* docs: document string sampling helper

* docs: document global singleton helpers

* docs: document transcript tool helpers

* docs: document exec safe-bin normalization

* docs: document reaction level resolver

* docs: document account snapshot redaction boundary

* docs: document messaging target helpers

* docs: document thread binding messages

* docs: document conversation binding context

* docs: document conversation resolution helper

* docs: document owner display secret retention

* docs: document provider request config types

* docs: document skills config types

* docs: document memory config types

* docs: document imessage config types

* docs: document crestodian config types

* docs: document tools config policies

* docs: document shared config base types

* docs: document channel config contracts

* docs: document openclaw config state types

* docs: document model config contracts

* docs: document shared agent config types

* docs: document agent defaults config types

* docs: document secret input contracts

* docs: document auth config contracts

* docs: document gateway config contracts

* docs: document tool call stream repair contracts

* docs: document memory host facades

* docs: document llm core contracts

* docs: document markdown core contracts

* docs: document gateway connect error contracts

* docs: document gateway protocol primitives

* docs: document gateway frame schemas

* docs: document gateway device schemas

* docs: document gateway environment schemas

* docs: document gateway push schemas

* docs: document gateway plugin schemas

* docs: document gateway artifact schemas

* docs: document gateway command schemas

* docs: document gateway task schemas

* docs: document gateway exec approval schemas

* docs: document gateway secret schemas

* docs: document gateway config schemas

* docs: document gateway snapshot schemas

* docs: document gateway chat schemas

* docs: document gateway wizard schemas

* docs: document gateway node schemas

* docs: document gateway plugin approval schemas

* docs: document gateway talk schemas

* docs: document gateway agent schemas

* docs: document gateway session schemas

* docs: document gateway cron schemas

* docs: document gateway agent model skill schemas

* docs: document gateway skill proposal tool schemas

* docs: document gateway protocol registry

* docs: document gateway channel status schemas

* docs: document gateway schema regression tests

* docs: document gateway schema barrel

* docs: document gateway validator tests

* docs: document gateway primitive push tests

* docs: document gateway contract tests

* docs: document native protocol guard

* docs: document channel schema tests

* docs: document gateway protocol smoke tests

* docs: document gateway protocol entrypoint

* docs: document gateway protocol type exports

* docs: document gateway error codes

* docs: document protocol schema registry

* docs: document talk audio codec

* docs: document talk activation names

* docs: document talk consult questions

* docs: document talk consult tool

* docs: document talk run control contracts

* docs: document talk run control adapter

* docs: document talkback consult queue

* docs: document talk consult transcript guard

* docs: document talk fast context runtime

* docs: document forced talk consult coordinator

* docs: document talk output activity tracker

* docs: document talk event metrics

* docs: document talk diagnostics

* docs: document talk observability hook

* docs: document talk provider resolver

* docs: document talk provider registry

* docs: document talk runtime primitives

* docs: document talk consult controller logs

* docs: document channel identity helpers

* docs: document channel account allowlist helpers

* docs: document channel metadata draft controls

* docs: document channel ingress policy

* docs: document channel sender access gates

* docs: document channel catalog message contracts

* docs: document channel account plugin helpers

* docs: document configured binding helpers

* docs: document channel acp approval config helpers

* docs: document channel bundled config write helpers

* docs: document channel plugin utility contracts

* docs: document channel config access helpers

* docs: document channel message action helpers

* docs: document channel outbound runtime helpers

* docs: document channel pairing promotion helpers

* docs: document channel registry helpers

* docs: document channel setup wizard helpers

* docs: document channel lifecycle status helpers

* docs: document channel target thread helpers

* docs: document channel session binding helpers

* docs: document channel package module probes

* docs: document channel setup wizard contracts

* docs: document channel plugin API barrels

* docs: document channel contract test helpers

* docs: document channel core helpers

* docs: document small core facades

* docs: document provider runtime helpers

* docs: document persistence and realtime helpers

* docs: document mcp and state helpers

* docs: document tool planner contracts

* docs: document music generation runtime

* docs: document crestodian command flow

* docs: document utility helpers

* docs: document node host helpers

* docs: document transcript contracts

* docs: document trajectory export contracts

* docs: document image generation contracts

* docs: document routing helper contracts

* docs: document session helper contracts

* docs: document video generation contracts

* docs: document model catalog contracts

* docs: document proxy capture contracts

* docs: document status rendering contracts

* docs: document test helper contracts

* docs: document wizard setup contracts

* docs: document process contracts

* docs: document memory host sdk contracts

* docs: document tts contracts

* docs: document secrets runtime contracts

* docs: document shared helper contracts

* docs: document hook runtime contracts

* docs: document security audit contracts

* docs: document flow contracts

* docs: document media understanding contracts

* docs: document tui contracts

* docs: document logging contracts

* docs: document llm contracts

* docs: document cron contracts

* docs: document daemon contracts

* docs: document task contracts

* docs: document acp contracts

* docs: document test utility contracts

* docs: document skill contracts

* docs: document config contracts

* docs: document outbound infra contracts

* docs: document command analysis contracts

* docs: document provider usage infra contracts

* docs: document file safety infra contracts

* docs: document exec approval infra contracts

* docs: document gateway runtime infra contracts

* docs: document infra utility contracts

* docs: document infra queue storage contracts

* docs: document heartbeat infra contracts

* docs: document remaining infra contracts

* docs: document gateway auth contracts

* docs: document gateway display helpers

* docs: document gateway http helpers

* docs: document gateway node helpers

* docs: document gateway mcp helpers

* docs: document gateway support helpers

* docs: document gateway server runtime helpers

* docs: document gateway runtime bootstrap helpers

* docs: document gateway session events

* docs: document gateway utility helpers

* docs: document gateway talk helpers

* docs: document gateway helper contracts

* docs: document gateway server method helpers

* docs: document gateway server auth helpers

* docs: document gateway server tests

* docs: document gateway test helpers

* docs: document gateway node tests

* docs: document gateway channel tests

* docs: document gateway session tests

* docs: document gateway server startup tests

* docs: document gateway tool test helpers

* docs: document gateway server test helpers

* docs: document gateway server method tests

* docs: document remaining gateway tests

* docs: document plugin sdk public subpaths

* docs: document plugin sdk runtime helpers

* docs: document plugin sdk memory provider helpers

* docs: document plugin sdk runtime facades

* docs: document plugin sdk command approval helpers

* docs: document plugin sdk runtime types

* docs: document plugin sdk browser account helpers

* docs: document plugin sdk media memory helpers

* docs: document plugin sdk core tests

* docs: document plugin sdk contract helpers

* docs: document plugin sdk test helpers

* docs: document remaining plugin sdk tests

* docs: document cli utility helpers

* docs: document cli runtime helpers

* docs: document cli command registration helpers

* docs: document node cli helpers

* docs: document cli program registration

* docs: document message cli registration

* docs: document daemon cli helpers

* docs: document cli route parsers
2026-06-03 15:20:39 -07:00

660 lines
18 KiB
TypeScript

/**
* Tests native approval routing helpers and target matching logic.
*/
import { describe, expect, it } from "vitest";
import {
createChannelApproverDmTargetResolver,
createChannelNativeOriginTargetResolver,
createNativeApprovalChannelRouteGates,
createNativeApprovalForwardingFallbackSuppressor,
type NativeApprovalTarget,
nativeApprovalTargetsMatch,
shouldSuppressLocalNativeExecApprovalPrompt,
} from "./approval-native-helpers.js";
import type { OpenClawConfig } from "./config-runtime.js";
const EMPTY_SESSION_CFG = {
session: {
store: ".artifacts/test/approval-native-helpers-empty-sessions.json",
},
} satisfies OpenClawConfig;
function createMatrixRouteGates(options?: {
enabledAccounts?: readonly string[];
accountIds?: readonly string[];
defaultAccountId?: string;
}) {
const enabledAccounts = new Set(options?.enabledAccounts ?? ["default"]);
return createNativeApprovalChannelRouteGates<NativeApprovalTarget>({
channel: "matrix",
defaultForwardingMode: "session",
isTransportEnabled: ({ accountId }) => enabledAccounts.has(accountId ?? "default"),
listAccountIds: () => options?.accountIds ?? ["default"],
resolveDefaultAccountId: () => options?.defaultAccountId ?? "default",
normalizeForwardTarget: (target) =>
target.channel === "matrix"
? {
to: target.to,
accountId: target.accountId ?? undefined,
threadId: target.threadId ?? undefined,
}
: null,
resolveTurnSourceTarget: (request) =>
request.request.turnSourceChannel === "matrix" && request.request.turnSourceTo
? {
to: request.request.turnSourceTo,
accountId: request.request.turnSourceAccountId ?? undefined,
threadId: request.request.turnSourceThreadId ?? undefined,
}
: null,
});
}
const matrixExecRequest = {
id: "req-1",
request: {
agentId: "agent-a",
command: "echo hi",
sessionKey: "agent:agent-a:matrix:room-1",
turnSourceAccountId: "default",
turnSourceChannel: "matrix",
turnSourceTo: "room-1",
},
createdAtMs: 0,
expiresAtMs: 1000,
} as const;
const matrixPluginRequest = {
id: "plugin:req-1",
request: {
agentId: "agent-a",
description: "Allow access",
sessionKey: "agent:agent-a:matrix:room-1",
title: "Plugin approval",
turnSourceAccountId: "default",
turnSourceChannel: "matrix",
turnSourceTo: "room-1",
},
createdAtMs: 0,
expiresAtMs: 1000,
} as const;
describe("createNativeApprovalChannelRouteGates", () => {
it("separates session-native and explicit target routing by approval family", () => {
const gates = createMatrixRouteGates();
const cfg = {
approvals: {
exec: {
enabled: true,
mode: "targets",
targets: [{ channel: "matrix", to: "room-1" }],
},
plugin: {
enabled: true,
mode: "session",
},
},
} satisfies OpenClawConfig;
expect(
gates.canApprovalPotentiallyRouteToChannel({
cfg,
approvalKind: "exec",
}),
).toBe(true);
expect(
gates.canApprovalPotentiallyRouteToChannel({
cfg,
approvalKind: "exec",
nativeSessionOnly: true,
}),
).toBe(false);
expect(
gates.canApprovalPotentiallyRouteToChannel({
cfg,
approvalKind: "plugin",
nativeSessionOnly: true,
}),
).toBe(true);
expect(gates.isNativeApprovalHandlerConfigured({ cfg })).toBe(true);
expect(
gates.shouldHandleApprovalRequest({
cfg,
request: matrixExecRequest,
}),
).toBe(false);
expect(
gates.shouldHandleApprovalRequest({
cfg,
request: matrixPluginRequest,
}),
).toBe(true);
expect(
gates.isExplicitTargetEligible({
cfg,
approvalKind: "exec",
request: matrixExecRequest,
target: { channel: "matrix", to: "room-1", source: "target" },
}),
).toBe(true);
});
it("applies forwarding filters before accepting a session route", () => {
const gates = createMatrixRouteGates();
const cfg = {
approvals: {
exec: {
enabled: true,
agentFilter: ["agent-a"],
sessionFilter: ["matrix:room"],
},
},
} satisfies OpenClawConfig;
expect(
gates.isSessionApprovalEligible({
cfg,
approvalKind: "exec",
request: matrixExecRequest,
}),
).toBe(true);
expect(
gates.isSessionApprovalEligible({
cfg,
approvalKind: "exec",
request: {
...matrixExecRequest,
request: {
...matrixExecRequest.request,
agentId: "agent-b",
sessionKey: "agent:agent-b:matrix:room-1",
},
},
}),
).toBe(false);
});
it("uses default and single-enabled account fallback for unscoped targets", () => {
const cfg = {
approvals: {
exec: {
enabled: true,
mode: "targets",
targets: [{ channel: "matrix", to: "room-1" }],
},
},
} satisfies OpenClawConfig;
const target = { channel: "matrix", to: "room-1", source: "target" } as const;
expect(
createMatrixRouteGates({
accountIds: ["default", "work"],
enabledAccounts: ["default", "work"],
}).isExplicitTargetEligible({
cfg,
accountId: "default",
approvalKind: "exec",
request: matrixExecRequest,
target,
}),
).toBe(true);
expect(
createMatrixRouteGates({
accountIds: ["default", "work"],
enabledAccounts: ["work"],
}).isExplicitTargetEligible({
cfg,
accountId: "work",
approvalKind: "exec",
request: matrixExecRequest,
target,
}),
).toBe(true);
expect(
createMatrixRouteGates({
accountIds: ["default", "work"],
enabledAccounts: ["default", "work"],
}).isExplicitTargetEligible({
cfg,
accountId: "work",
approvalKind: "exec",
request: matrixExecRequest,
target,
}),
).toBe(false);
});
});
describe("createChannelNativeOriginTargetResolver", () => {
it("reuses shared turn-source routing and respects shouldHandle gating", () => {
const resolveOriginTarget = createChannelNativeOriginTargetResolver<NativeApprovalTarget>({
channel: "matrix",
shouldHandleRequest: ({ accountId }) => accountId === "ops",
resolveTurnSourceTarget: (request) => ({
to: String(request.request.turnSourceTo),
threadId: request.request.turnSourceThreadId ?? undefined,
}),
resolveSessionTarget: (sessionTarget) => ({
to: sessionTarget.to,
threadId: sessionTarget.threadId,
}),
});
expect(
resolveOriginTarget({
cfg: EMPTY_SESSION_CFG,
accountId: "ops",
request: {
id: "plugin:req-1",
request: {
title: "Plugin approval",
description: "Allow access",
turnSourceChannel: "matrix",
turnSourceTo: "room:!room:example.org",
turnSourceThreadId: "t1",
turnSourceAccountId: "ops",
},
createdAtMs: 0,
expiresAtMs: 1000,
},
}),
).toEqual({
to: "room:!room:example.org",
threadId: "t1",
});
expect(
resolveOriginTarget({
cfg: EMPTY_SESSION_CFG,
accountId: "other",
request: {
id: "plugin:req-1",
request: {
title: "Plugin approval",
description: "Allow access",
turnSourceChannel: "matrix",
turnSourceTo: "room:!room:example.org",
turnSourceThreadId: "t1",
turnSourceAccountId: "ops",
},
createdAtMs: 0,
expiresAtMs: 1000,
},
}),
).toBeNull();
});
it("uses shared route semantics for the default target matcher", () => {
expect(
nativeApprovalTargetsMatch({
channel: "telegram",
left: { to: "-100123", threadId: 42.9 },
right: { to: "-100123", threadId: "42" },
}),
).toBe(true);
expect(
nativeApprovalTargetsMatch({
channel: "telegram",
left: { to: "-100123", accountId: "work" },
right: { to: "-100123" },
}),
).toBe(false);
const resolveOriginTarget = createChannelNativeOriginTargetResolver<NativeApprovalTarget>({
channel: "telegram",
resolveTurnSourceTarget: () => ({ to: "-100123", threadId: 42.9 }),
resolveSessionTarget: () => ({ to: "-100123", threadId: "42" }),
});
expect(
resolveOriginTarget({
cfg: EMPTY_SESSION_CFG,
request: {
id: "req-1",
request: {
command: "echo hi",
turnSourceChannel: "telegram",
turnSourceTo: "-100123",
turnSourceThreadId: 42.9,
turnSourceAccountId: "default",
},
createdAtMs: 0,
expiresAtMs: 1000,
},
}),
).toEqual({ to: "-100123", threadId: 42.9 });
});
it("normalizes resolved targets before matching origin candidates", () => {
const resolveOriginTarget = createChannelNativeOriginTargetResolver<NativeApprovalTarget>({
channel: "slack",
resolveTurnSourceTarget: () => ({ to: "CHANNEL:C1", threadId: "171234.567890" }),
resolveSessionTarget: () => ({ to: "channel:c1", threadId: "171234.567890" }),
normalizeTarget: (target) => ({
...target,
to: target.to.toLowerCase(),
}),
});
expect(
resolveOriginTarget({
cfg: EMPTY_SESSION_CFG,
request: {
id: "req-1",
request: {
command: "echo hi",
turnSourceChannel: "slack",
turnSourceTo: "CHANNEL:C1",
turnSourceThreadId: "171234.567890",
},
createdAtMs: 0,
expiresAtMs: 1000,
},
}),
).toEqual({ to: "channel:c1", threadId: "171234.567890" });
});
it("normalizes custom target shapes before invoking a custom matcher", () => {
type ProviderTarget = { id: string; shard?: string };
const resolveOriginTarget = createChannelNativeOriginTargetResolver<ProviderTarget>({
channel: "custom",
resolveTurnSourceTarget: () => ({ id: "ROOM-1", shard: "a" }),
resolveSessionTarget: () => ({ id: "room-1", shard: "b" }),
normalizeTarget: (target) => ({ ...target, id: target.id.toLowerCase() }),
targetsMatch: (left, right) => left.id === right.id,
});
expect(
resolveOriginTarget({
cfg: EMPTY_SESSION_CFG,
request: {
id: "req-1",
request: {
command: "echo hi",
sessionKey: "agent:main:custom:room-1",
turnSourceChannel: "custom",
turnSourceTo: "ROOM-1",
},
createdAtMs: 0,
expiresAtMs: 1000,
},
}),
).toEqual({ id: "room-1", shard: "a" });
});
it("normalizes only match inputs when delivery targets must stay provider-native", () => {
const resolveOriginTarget = createChannelNativeOriginTargetResolver<NativeApprovalTarget>({
channel: "slack",
resolveTurnSourceTarget: () => ({ to: "channel:C1", threadId: "171234.567890" }),
resolveSessionTarget: () => ({ to: "channel:c1", threadId: "171234.567890" }),
normalizeTargetForMatch: (target) => ({
...target,
to: target.to.toLowerCase(),
}),
});
expect(
resolveOriginTarget({
cfg: EMPTY_SESSION_CFG,
request: {
id: "req-1",
request: {
command: "echo hi",
turnSourceChannel: "slack",
turnSourceTo: "channel:C1",
turnSourceThreadId: "171234.567890",
},
createdAtMs: 0,
expiresAtMs: 1000,
},
}),
).toEqual({ to: "channel:C1", threadId: "171234.567890" });
});
it("keeps custom target matchers generic", () => {
type ProviderTarget = { id: string; shard?: string };
const resolveOriginTarget = createChannelNativeOriginTargetResolver<ProviderTarget>({
channel: "custom",
resolveTurnSourceTarget: () => ({ id: "room-1", shard: "a" }),
resolveSessionTarget: () => ({ id: "room-1", shard: "b" }),
targetsMatch: (left, right) => left.id === right.id,
});
expect(
resolveOriginTarget({
cfg: EMPTY_SESSION_CFG,
request: {
id: "req-1",
request: {
command: "echo hi",
sessionKey: "agent:main:custom:room-1",
turnSourceChannel: "custom",
turnSourceTo: "room-1",
},
createdAtMs: 0,
expiresAtMs: 1000,
},
}),
).toEqual({ id: "room-1", shard: "a" });
});
});
describe("createChannelApproverDmTargetResolver", () => {
it("filters null targets and skips delivery when shouldHandle rejects the request", () => {
const resolveApproverDmTargets = createChannelApproverDmTargetResolver({
shouldHandleRequest: ({ approvalKind }) => approvalKind === "exec",
resolveApprovers: () => ["owner-1", "owner-2", "skip-me"],
mapApprover: (approver) =>
approver === "skip-me"
? null
: {
to: `user:${approver}`,
},
});
expect(
resolveApproverDmTargets({
cfg: {},
accountId: "default",
approvalKind: "exec",
request: {
id: "req-1",
request: { command: "echo hi" },
createdAtMs: 0,
expiresAtMs: 1000,
},
}),
).toEqual([{ to: "user:owner-1" }, { to: "user:owner-2" }]);
expect(
resolveApproverDmTargets({
cfg: {},
accountId: "default",
approvalKind: "plugin",
request: {
id: "plugin:req-1",
request: { title: "Plugin approval", description: "Allow access" },
createdAtMs: 0,
expiresAtMs: 1000,
},
}),
).toStrictEqual([]);
});
});
describe("createNativeApprovalForwardingFallbackSuppressor", () => {
const execRequest = {
id: "req-1",
request: {
command: "echo hi",
turnSourceChannel: "matrix",
turnSourceTo: "room-1",
turnSourceAccountId: "default",
},
createdAtMs: 0,
expiresAtMs: 1000,
};
function createSuppressor(
overrides: Partial<Parameters<typeof createNativeApprovalForwardingFallbackSuppressor>[0]> = {},
) {
return createNativeApprovalForwardingFallbackSuppressor({
channel: "matrix",
normalizeForwardTarget: (target) =>
target.channel === "matrix"
? { to: target.to, accountId: target.accountId ?? undefined }
: null,
resolveForwardingTargetForMatch: ({ forwardingTarget, accountId }) => ({
...forwardingTarget,
accountId,
}),
isSessionRouteEligible: ({ approvalKind }) => approvalKind === "exec",
resolveOriginTarget: () => ({ to: "room-1", accountId: "default" }),
resolveApproverDmTargets: () => [{ to: "user-1", accountId: "default" }],
...overrides,
});
}
it("suppresses session forwarding only when a native origin or approver DM matches", () => {
const shouldSuppress = createSuppressor();
expect(
shouldSuppress({
cfg: {},
approvalKind: "exec",
target: { channel: "matrix", to: "room-1", source: "session" },
request: execRequest,
}),
).toBe(true);
expect(
shouldSuppress({
cfg: {},
approvalKind: "exec",
target: { channel: "matrix", to: "user-1", source: "session" },
request: execRequest,
}),
).toBe(true);
expect(
shouldSuppress({
cfg: {},
approvalKind: "exec",
target: { channel: "matrix", to: "other-room", source: "session" },
request: execRequest,
}),
).toBe(false);
});
it("requires explicit-target eligibility before suppressing target forwarding", () => {
expect(
createSuppressor()({
cfg: {},
approvalKind: "exec",
target: { channel: "matrix", to: "room-1", source: "target" },
request: execRequest,
}),
).toBe(false);
expect(
createSuppressor({
isExplicitTargetEligible: () => true,
})({
cfg: {},
approvalKind: "exec",
target: { channel: "matrix", to: "room-1", source: "target" },
request: execRequest,
}),
).toBe(true);
});
});
describe("shouldSuppressLocalNativeExecApprovalPrompt", () => {
const payload = {
text: "Approval required.",
channelData: {
execApproval: {
approvalId: "12345678-1234-1234-1234-123456789012",
approvalSlug: "12345678",
approvalKind: "exec",
agentId: "main",
sessionKey: "agent:main:discord:direct:123",
},
},
};
const activeExecHint = {
kind: "approval-pending",
approvalKind: "exec",
nativeRouteActive: true,
} as const;
it("supports strict top-level native exec suppression", () => {
expect(
shouldSuppressLocalNativeExecApprovalPrompt({
cfg: {
approvals: {
exec: {
enabled: true,
agentFilter: ["main"],
},
},
},
payload,
hint: activeExecHint,
isTransportEnabled: () => true,
}),
).toBe(true);
expect(
shouldSuppressLocalNativeExecApprovalPrompt({
cfg: {
approvals: {
exec: {
enabled: true,
agentFilter: ["other"],
},
},
},
payload,
hint: activeExecHint,
isTransportEnabled: () => true,
}),
).toBe(false);
});
it("supports channel-specific native exec client gates", () => {
expect(
shouldSuppressLocalNativeExecApprovalPrompt({
cfg: {},
payload,
hint: activeExecHint,
isNativeDeliveryEnabled: () => true,
resolveApprovalConfig: () => ({
enabled: true,
sessionFilter: ["discord:direct"],
}),
enforceForwardingMode: false,
fallbackAgentIdFromSessionKey: false,
}),
).toBe(true);
expect(
shouldSuppressLocalNativeExecApprovalPrompt({
cfg: {},
payload,
hint: activeExecHint,
isNativeDeliveryEnabled: () => false,
resolveApprovalConfig: () => ({
enabled: true,
sessionFilter: ["discord:direct"],
}),
enforceForwardingMode: false,
fallbackAgentIdFromSessionKey: false,
}),
).toBe(false);
});
});