nai1dZddlmZddlZddlZddlZddlZddlmZmZm Z ddl m Z ddl Z e dZ e dz dz Zd Ze d d z d z Zefdd ZddZddZddZ d ddZddZdddZdZdZdZy) utests/taskctl/test_admin_override.py Admin Override audit log + cap 검증 (task-2467) 벨레스(개발6팀 테스터) 작성. 스바로그의 구현 완료 전 선작성(TDD). 케이스: 1. test_admin_override_records_audit_log — chairman email로 --admin → audit log 1줄 2. test_admin_override_non_chairman_blocked — 다른 사용자 --admin → FAIL 3. test_admin_override_hard_cap — 90일 내 5건 채운 후 6번째 → HARD_CAP_EXCEEDED ) annotationsN)datetime timedeltatimezone)Pathz-/home/jay/workspace/.worktrees/task-2467-dev6scriptsz taskctl.pyzjonghyuk.jeon@gmail.commemoryorchestration-auditzadmin-override.jsonlcxitj}t||d<||d<||d<t|dz |d<|dz dz jdd |dz d z jdd |d z d z jdd |d z d z jdd |dz }|j d|d|S)u3격리된 workspace + git config user.email 설정.WORKSPACE_ROOTGIT_AUTHOR_EMAILGIT_COMMITTER_EMAILz .gitconfigGIT_CONFIG_GLOBAL.tasksstateTparentsexist_okevidencer eventsr z[user] email = z name = Test Chairman )osenvironstrmkdir write_text)tmp_pathchairman_emailenv gitconfigs R/home/jay/workspace/.worktrees/task-2516-dev3/tests/taskctl/test_admin_override.py_isolated_workspacer!s RZZ.CMC,C!/C"8l#:;C 7"))$)F :%,,TD,I 8#**4$*G 0077t7T<'I  ^,,FG JcZtjdttg|zdd|dS)Npython3T)capture_outputtextrtimeout) subprocessrunrTASKCTL)argsrs r _runr-5s- >> CL!D($C r"c|dz dz |dz }|js Jd|tj|jS)Nrr.jsonustate 파일 없음: )existsjsonloads read_text)rtask_idps r _stater6<sM8g%7)5(99A 88:2.qc22: ::akkm $$r"c|dz dz |dz }tj|j}||d<|jdd|j Dcic]\}}|dk7s ||}}}tj |ddd }t j|jd j} | |d<|jtj |dd ycc}}w)u<테스트 전용: state 강제 설정 + 체크섬 재계산.rrr/ current_state _checksumNFT,: ensure_ascii sort_keys separatorsutf-8r>indent) r1r2r3popitemsdumpshashlibsha256encode hexdigestr) rr4 target_stater5rkvpayloadcanonchecksums r _force_state_with_checksumrRBs8g%7)5(99A JJq{{} %E)E/ IIk4 % B1k1Aq!tBGB JJwUdz ZE~~ell734>>@H!E+LLEa@A Cs  C**C*c d|gd|gd|gd|gd|dt|gfD]}t||jdk7syt||d |d z d z |d z }t j |j }d |d<|jdd|jDcic]\}}|dk7s ||} }}t j| dd d} tj| jdj|d<|jt j|ddt||dd k(Scc}}w)u*HUMAN_APPROVED 상태까지 강제 진입.initdispatchackr*zpr-openz--prrFHUMAN_APPROVEDrrr/Thuman_approvedr9Nr:r=rArBrCr8)rr- returncoderRr1r2r3rErFrGrHrIrJrKrr6) rrr4 pr_numbercmdr5rrMrNrOrPs r _setup_to_human_approvedr\OsK!J#8 5'"2GVS^<> S> $ $ ) x2BC8g%7)5(99A JJq{{} %E"E  IIk4 % B1k1Aq!tBGB JJwUdz ZE  W(=>HHJE+LLEa@A (G $_ 59I II Cs % E3Ech|tz }|jsgS|jjDcgc]#}|j s|j %}}g}|D]'} |j t j|)|Scc}w#t j$rYFwxYw)uaudit log JSONL 읽기.) AUDIT_LOG_RELATIVEr0r3 splitlinesstripappendr1r2JSONDecodeError)r audit_loglnlinesresults r _read_audit_logrggs--I     "+"5"5"7"B"B"D SB RXXZ SE S F  MM$**R. ) M T ##   sBB.$BB10B1c |tz }|jjddtjt j }t|dd5}t|D]p}|t||zdzz }|jdd |d d |zd d |d|ddg|dz|dzd }|jtj|ddzr dddy#1swYyxYw)u9audit log에 count건 미리 기록 (rolling window 내).TrarA)encoding)daysz%Y-%m-%dT%H:%M:%SZz task-prepop-03dichairmanzprepopulated test record #abc04dtest) tsr4rZactorreasonhead_shabypassed_checkssoft_count_this_monthhard_count_this_quarterF)r> N)r^parentrrnowrutcopenrangerstrftimewriter1rG) rcount days_ago_maxrcr{firrrecords r _prepopulate_audit_logrvs--I 4$7 ,,x|| $C iw /C1u CAya,&6&:;;Bkk"67)!C1!AX#6qc:!!CM$*8)*Q+,q5 F GGDJJvE:TA B CCCCs A?C!!C*c t|t}d}d}t||||}|stjdt d|ddg|}|j dk(rt|}t|dk(r&tjd t||d d |d }d D]*}||vrJd|dt|j|jd|k(sJd|jd|jddtdhvsJd|jdt||} | d } | dvs Jd| ytjd|jddy)uchairman email로 taskctl merge --admin → audit log 1줄 + ADMIN_OVERRIDE_USED. 신규 구현 필요. MVP에서는 --admin 플래그 미구현 시 xfail. rztask-adminoverride-01i#HUMAN_APPROVED 상태 진입 실패merge--admin --dry-runru~--admin 플래그 인식되나 audit log 미구현 (스바로그 대기): merge 성공했지만 audit log 비어있음 (state=r8))rrr4rsrtrxuaudit log에 'u ' 누락: r4uaudit log task_id 불일치: rsrnz"chairman (jonghyuk.jeon@gmail.com)uaudit log actor 이상: >DONEMERGEDADMIN_OVERRIDE_USEDu&admin override 후 예상 외 상태: uQ--admin 플래그 미구현 또는 chairman 검증 실패 (스바로그 대기): N)r!CHAIRMAN_EMAILr\pytestskipr-rYrglenxfailr6listkeysgetstderr) rrr4rZokprocentrieslastfieldrcurrents r %test_admin_override_records_audit_logrs h~ FC%GI !(C) DB  9: '9k:C @D !!(+ w<1  LLGGMhX_G`apGqFrrsu  r{U XED= WN5'DDUCV"W W= Xxx "g- +DHHY,?+@ A -xx ZAe$ff &txx'8&9 : f x)(CC 4WI > C  _{{4C ! # r"cd}t||}d}d}t||||}|stjdt d|ddg|}|j d k(r0tj d |jd |jy|j|jz}d |jvxs:d |jvxs&d|jvxsd|jv}d|jvxs&d|jvxsd|jv} | r|stjd|j d k7sJy)uy다른 사용자가 --admin 시도 → FAIL ("chairman only"). git config user.email을 다른 email로 설정. znon-chairman@example.comrztask-adminoverride-02irrrrru5non-chairman이 --admin 성공: returncode=0 stdout: stderr: rn unauthorized permissiononlyunknown unrecognized1--admin 플래그 미구현 (스바로그 대기)N) r!r\rrr-rYfailstdoutrlowerr) rnon_chairman_emailrr4rZrrcombinedis_chairman_blockedis_not_implementeds r (test_admin_override_non_chairman_blockedrsX 4 h7I JC%GI !(C) DB  9: '9k:C @D ! {{m:dkk] < ;;, (..* * *!11 *x~~// *))  ) ) 2HNN,, 2!11  &9 LLL M!###r"c<t|t}d}d}t||||}|stjdt |ddt |}t|dk(sJdt|d td |d d g|}|jd k(rkt |}t|dkDr= 5 → "HARD_CAP_EXCEEDED". rztask-adminoverride-03irY)rruprepopulate 실패: u건rrrru7hard cap 초과에도 admin override 성공: audit log u 건 stdout: ru/hard cap 검사 미구현 (스바로그 대기)HARD_CAPcapexceededlimit5rrruEhard cap 관련 메시지 없음 (chairman 검증 실패 가능성): Ni,u2hard cap 초과 후에도 audit log에 기록됨: )r!rr\rrrrgrr-rYrrrrupperr) rrr4rZrentries_beforer entries_afterris_cap_exceededrs r test_admin_override_hard_caprs8 h~ FC%GI !(C) DB  9:812>$X.N ~ ! #T';Crs # 22 @ A i , .+(^&;;>TT?M.% B01J),J59J0 C44 v)$`A r"