Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

chore(repo): checkpoint current capakraken implementation state

Browse Source
This commit is contained in:
Hartmut Nörenberg
2026-03-29 12:47:12 +02:00
parent beae1a5d6e
commit 47e4d701ff
94 changed files with 4283 additions and 1710 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/api/src/__tests__/assistant-router.test.ts
+107 -3
View File
@@ -1,5 +1,5 @@
import { beforeEach, describe, expect, it, vi } from "vitest";
import { PermissionKey, type PermissionKey as PermissionKeyValue } from "@capakraken/shared";
import { PermissionKey, SystemRole, type PermissionKey as PermissionKeyValue } from "@capakraken/shared";
import {
ASSISTANT_CONFIRMATION_PREFIX,
canExecuteMutationTool,
@@ -12,8 +12,11 @@ import {
} from "../router/assistant.js";
import { TOOL_DEFINITIONS } from "../router/assistant-tools.js";
function getToolNames(permissions: PermissionKeyValue[]) {
return getAvailableAssistantTools(new Set(permissions)).map((tool) => tool.function.name);
function getToolNames(
permissions: PermissionKeyValue[],
userRole: SystemRole = SystemRole.ADMIN,
) {
return getAvailableAssistantTools(new Set(permissions), userRole).map((tool) => tool.function.name);
}
const TEST_USER_ID = "assistant-test-user";
@@ -187,6 +190,9 @@ describe("assistant router tool gating", () => {
expect(withoutAdvanced).not.toContain("find_best_project_resource");
expect(withAdvanced).toContain("find_best_project_resource");
expect(withAdvanced).toContain("get_chargeability_report");
expect(withAdvanced).toContain("get_resource_computation_graph");
expect(withAdvanced).toContain("get_project_computation_graph");
});
it("keeps user administration tools behind manageUsers", () => {
@@ -201,6 +207,93 @@ describe("assistant router tool gating", () => {
const names = getToolNames([PermissionKey.USE_ASSISTANT_ADVANCED_TOOLS]);
expect(names).not.toContain("find_best_project_resource");
expect(names).not.toContain("get_chargeability_report");
expect(names).not.toContain("get_resource_computation_graph");
expect(names).not.toContain("get_project_computation_graph");
});
it("keeps controller-grade readmodels hidden from plain users while allowing controller roles", () => {
const controllerNames = getToolNames([
PermissionKey.VIEW_COSTS,
PermissionKey.USE_ASSISTANT_ADVANCED_TOOLS,
], SystemRole.CONTROLLER);
const userNames = getToolNames([
PermissionKey.VIEW_COSTS,
PermissionKey.USE_ASSISTANT_ADVANCED_TOOLS,
], SystemRole.USER);
expect(controllerNames).toContain("get_chargeability_report");
expect(controllerNames).toContain("get_resource_computation_graph");
expect(controllerNames).toContain("get_project_computation_graph");
expect(userNames).not.toContain("get_chargeability_report");
expect(userNames).not.toContain("get_resource_computation_graph");
expect(userNames).not.toContain("get_project_computation_graph");
});
it("keeps timeline write parity tools behind manager/admin role, manageAllocations, and advanced assistant access", () => {
const managerNames = getToolNames([
PermissionKey.MANAGE_ALLOCATIONS,
PermissionKey.USE_ASSISTANT_ADVANCED_TOOLS,
], SystemRole.MANAGER);
const userNames = getToolNames([
PermissionKey.MANAGE_ALLOCATIONS,
PermissionKey.USE_ASSISTANT_ADVANCED_TOOLS,
], SystemRole.USER);
const missingAdvancedNames = getToolNames([
PermissionKey.MANAGE_ALLOCATIONS,
], SystemRole.MANAGER);
expect(managerNames).toContain("update_timeline_allocation_inline");
expect(managerNames).toContain("apply_timeline_project_shift");
expect(managerNames).toContain("quick_assign_timeline_resource");
expect(managerNames).toContain("batch_quick_assign_timeline_resources");
expect(managerNames).toContain("batch_shift_timeline_allocations");
expect(userNames).not.toContain("update_timeline_allocation_inline");
expect(userNames).not.toContain("apply_timeline_project_shift");
expect(userNames).not.toContain("quick_assign_timeline_resource");
expect(userNames).not.toContain("batch_quick_assign_timeline_resources");
expect(userNames).not.toContain("batch_shift_timeline_allocations");
expect(missingAdvancedNames).not.toContain("update_timeline_allocation_inline");
expect(missingAdvancedNames).not.toContain("quick_assign_timeline_resource");
});
it("keeps holiday calendar mutation tools admin-only while leaving read tools available", () => {
const adminNames = getToolNames([], SystemRole.ADMIN);
const managerNames = getToolNames([], SystemRole.MANAGER);
expect(adminNames).toContain("list_holiday_calendars");
expect(adminNames).toContain("get_holiday_calendar");
expect(adminNames).toContain("preview_resolved_holiday_calendar");
expect(adminNames).toContain("create_holiday_calendar");
expect(managerNames).toContain("list_holiday_calendars");
expect(managerNames).toContain("get_holiday_calendar");
expect(managerNames).toContain("preview_resolved_holiday_calendar");
expect(managerNames).not.toContain("create_holiday_calendar");
expect(managerNames).not.toContain("update_holiday_calendar");
expect(managerNames).not.toContain("delete_holiday_calendar");
expect(managerNames).not.toContain("create_holiday_calendar_entry");
expect(managerNames).not.toContain("update_holiday_calendar_entry");
expect(managerNames).not.toContain("delete_holiday_calendar_entry");
});
it("keeps country and metro-city mutation tools admin-only while leaving read tools available", () => {
const adminNames = getToolNames([], SystemRole.ADMIN);
const managerNames = getToolNames([], SystemRole.MANAGER);
expect(adminNames).toContain("list_countries");
expect(adminNames).toContain("get_country");
expect(adminNames).toContain("create_country");
expect(adminNames).toContain("update_country");
expect(adminNames).toContain("create_metro_city");
expect(adminNames).toContain("update_metro_city");
expect(adminNames).toContain("delete_metro_city");
expect(managerNames).toContain("list_countries");
expect(managerNames).toContain("get_country");
expect(managerNames).not.toContain("create_country");
expect(managerNames).not.toContain("update_country");
expect(managerNames).not.toContain("create_metro_city");
expect(managerNames).not.toContain("update_metro_city");
expect(managerNames).not.toContain("delete_metro_city");
});
it("blocks mutation tools until the user confirms a prior assistant summary", () => {
@@ -397,5 +490,16 @@ describe("assistant router tool gating", () => {
expect(toolDescriptions.get("list_users")).toContain("manageUsers");
expect(toolDescriptions.get("create_task_for_user")).toContain("manageProjects");
expect(toolDescriptions.get("send_broadcast")).toContain("manageProjects");
expect(toolDescriptions.get("create_holiday_calendar")).toContain("Admin role");
expect(toolDescriptions.get("create_holiday_calendar_entry")).toContain("Admin role");
expect(toolDescriptions.get("get_chargeability_report")).toContain("controller/manager/admin");
expect(toolDescriptions.get("get_chargeability_report")).toContain("viewCosts");
expect(toolDescriptions.get("get_resource_computation_graph")).toContain("useAssistantAdvancedTools");
expect(toolDescriptions.get("get_project_computation_graph")).toContain("controller/manager/admin");
expect(toolDescriptions.get("update_timeline_allocation_inline")).toContain("manager/admin");
expect(toolDescriptions.get("apply_timeline_project_shift")).toContain("manageAllocations");
expect(toolDescriptions.get("quick_assign_timeline_resource")).toContain("useAssistantAdvancedTools");
expect(toolDescriptions.get("batch_quick_assign_timeline_resources")).toContain("manageAllocations");
expect(toolDescriptions.get("batch_shift_timeline_allocations")).toContain("manager/admin");
});
});