4j2dZddlmZddlZddlmcmZddl Z ddl Z ddl Z ddl m Z e ejZej"dZedz dz Zdd d d d d ZddZdZe\ZZeduxreduZdZGdde j6Ze j:eeGdde j6ZddZe dk(r*ese!ee!dede jDdyy)uytask-2553+34 TRACK C2 — independent adversarial regression for the policy profile engine. Two-phase design (task md §3, 9-R.2): * Phase-A (engine-independent, ALWAYS runs): validates that the five adversarial fixtures are well-formed and internally consistent. This makes the suite non-vacuous even while C1 (task-2553+33) is unsettled. * Phase-B (engine-consuming): if the C1 core `anu_v3.policy_profile_engine` is importable with a usable decision entrypoint, drive every fixture through it and assert the fail-closed contract. If the engine is absent, the Phase-B tests SKIP (not fail) and the suite records DEFERRED_PENDING_C1. C2 scope invariant: this file only READS C1 artifacts. It never imports for side effects, never writes engine/schema files, never mutates the profile registry. Absence of C1 ⇒ DEFERRED, never HOLD, never FAIL (task md §8). ) annotationsN)Pathmemoryfixturesz"task-2553+34.profile-mismatch.jsonz!task-2553+34.missing-profile.jsonztask-2553+34.stale-profile.jsonz$task-2553+34.forbidden-boundary.jsonz*task-2553+34.allow-vs-forbid-conflict.json)profile_mismatchmissing_profile stale_profileforbidden_boundaryallow_vs_forbid_conflictcttt|z dd5}tj|cdddS#1swYyxYw)Nrzutf-8)encoding)open FIXTURE_DIRFIXTURESjsonload)namefhs Y/home/jay/workspace/tests/regression/test_policy_profile_engine_adversarial_2553plus34.py_loadr(s9 kHTN*C' Bbyy}s <Ac tjd}dD] }t||d}t |s||fcSt|dd}|||fS|dfS#t$rYywxYw)a#Return (module, callable) for the C1 policy profile engine, or (None, None). The exact public entrypoint name is owned by C1 (task-2553+33). We probe a set of plausible callables so Phase-B activates the moment C1 settles without this C2 file having to write into C1 scope. zanu_v3.policy_profile_engine)NN)evaluatedecideresolverunevaluate_goal_requestNPolicyProfileEngine) importlib import_module Exceptiongetattrcallable)modattrfnclss r_discover_enginer)0s%%&DER S$ % B<7N #,d 3C Cx 9 sA AAuDEFERRED_PENDING_C1: anu_v3.policy_profile_engine (task-2553+33 C1 core) not present / no usable entrypoint. Phase-B re-runs automatically once C1 settles. This is an explicit terminal deferral, NOT a HOLD and NOT a FAIL (task md §3/§8/9-R.2).c.eZdZdZdZdZdZdZdZy)PhaseAFixtureContractTestszBThe fixtures themselves must be well-formed adversarial contracts.ctjD]f\}}t|z }|j|j d|t |}|j |dd|j |ddhy)Nzmissing fixture file: taskz task-2553+34trackC2)ritemsr assertTrueexistsr assertEqual)selfkeyfnamepdatas r'test_all_fixtures_present_and_parseablezBPhaseAFixtureContractTests.test_all_fixtures_present_and_parseableTss"..* 2JCe#A OOAHHJ*@(H I:D   T&\> :   T']D 1  2c8tD]}t|}|d}|j|dd|d|j|dd|j|dg|d|j|d|jt |d d k\|d y) Nexpected_engine_behaviorgateHOLDz2: adversarial fixture must expect fail-closed HOLDdecision_statusallowed_actions_expansionz/: no privilege expansion permitted under attackforbidden_enforcedmust_notz/: must enumerate explicit false-positive guards)rrr3r1len)r4r5r8behs r2test_each_fixture_declares_fail_closed_expectationzMPhaseAFixtureContractTests.test_each_fixture_declares_fail_closed_expectation\s C:D12C   F V%IJ    S!23V <   /0"%FG  OOC 45 6 OOC O$)%FG  r:ctD]q}t|}|jd||jt |ddk\|d|dD]&}|jd||jd|(sy)Nphase_b_assertionsrz: needs >=2 Phase-B predicates predicate rationale)rrassertInr1rD)r4r5r8as r:test_each_fixture_has_machine_checkable_phase_b_assertionszUPhaseAFixtureContractTests.test_each_fixture_has_machine_checkable_phase_b_assertionsos .C:D MM. 5 OOD-./14%56 ./ . k1- k1- . .r:cztDchc]}t|d}}hd}|j||dycc}w)Nadversarial_class>forbidden_boundary_breachmissing_profile_fail_openprofile_identity_mismatchstale_profile_silent_consume#allow_vs_forbid_precedence_conflictu;task md §2 mandates exactly these five adversarial classes)rrr3)r4kclassesrequireds r-test_required_adversarial_classes_are_coveredzHPhaseAFixtureContractTests.test_required_adversarial_classes_are_covered{sD:BCQ58/0CC   X I Ds8ctd}|dd}|jd|d|jd|d|j|ddd y) Nr profile_registry_stateresolved_profile_bodymerge_prallowed_actionsforbidden_actionsr<precedence_rule_appliedFORBID_DOMINATES_ALLOW)rrKr3)r4r8bodys r,test_conflict_fixture_pins_forbid_precedencezGPhaseAFixtureContractTests.test_conflict_fixture_pins_forbid_precedencesf/0,-.EF j$'8"9: j$':";<  + ,-F G $ r:N) __name__ __module__ __qualname____doc__r9rFrMrXrbr:rr+r+QsL2& .   r:r+c@eZdZdZd dZd d dZdZdZdZdZ d Z y) PhaseBEngineAdversarialTestsaDrive each adversarial fixture through the real C1 engine. These assertions are intentionally strict: a true positive requires the SPECIFIC hold reason, not merely any HOLD, so a precedence/coverage bug cannot hide behind an unrelated failure. c|dd}||jd|djd|djdd}t}||jtt |t rJ|}dD]-}t ||d}t|st||cS|jdt||S) Ninput goal_requestrZplanned_effective_actionseffective_diff_files)rlrZrmrn)rrrrz=engine class present but no decision method (DEFERRED-shaped)) get _ENGINE_ENTRYskipTest DEFER_REASON isinstancetyper#r$ _normalize)r4fixturegrctxentryinstmr's r_decidez$PhaseBEngineAdversarialTests._decides W n -&-kk2J&K)0)9)=)=>Y)Z$+G$4$8$89O$P    = MM, ' eT "7D= /T1d+B<%bg.. / MMY Z%*%%r:Nc dD]g}|9|j|j|ggd|d|j|>|j||j|gd|d|diy)zCodex MED resolution: a fail-closed HOLD must not leak permission through ANY resolved permission surface, not just `allowed_actions`.)r]effective_allowed_actionsresolved_allowed_actionsexpanded_actionsNz)fail-closed HOLD leaked permissions via 'z': zforbidden token 'z' leaked via '')r3ro assertNotIn)r4dtokensurfaces r_assert_no_residual_permissionz;PhaseBEngineAdversarialTests._assert_no_residual_permissionsH G}  EE'2&?yAEERYNK[\   155"-'wnWIQG r:ctd}|j|}|j|dd|jd|j dg|j |y)Nrstatusr>rR hold_reasonsrr|r3rKrorr4frs r'test_profile_mismatch_holds_fail_closedzDPhaseBEngineAdversarialTests.test_profile_mismatch_holds_fail_closedsV $ % LLO 8f- 11553LM ++A.r:ctd}|j|}|j|dd|jd|j dg|j ||j |j ddd|j |j ddd |j d xs|j d xsg}|jt|gd y) Nr rr>rregistry_mutatedFzmissing-profile HOLD must leave the profile registry unchanged)rr|r3rKror assertFalselist)r4rrcreateds r0test_missing_profile_fails_closed_no_side_effectzMPhaseBEngineAdversarialTests.test_missing_profile_fails_closed_no_side_effects # $ LLO 8f- '~r)BC ++A.  EE$e , J   EE#U + A %%*+Mquu5F/GM2  M2 L r:ctd}|j|}|j|dd|jd|j dg|j |y)Nr rr>rrrs r*test_stale_profile_holds_with_refresh_hintzGPhaseBEngineAdversarialTests.test_stale_profile_holds_with_refresh_hintsT / " LLO 8f- oquu^R'@A ++A.r:c Ntd}|j|}|j|dd|jd|j dgdj t t|j dg}|dd D]}|j||d |y) Nr rr>rPr boundary_violationsrkrnz,forbidden file not surfaced as a violation: )rr|r3rKrojoinmapstr)r4rr violationsforbidden_files r6test_forbidden_boundary_breach_all_violations_reportedzSPhaseBEngineAdversarialTests.test_forbidden_boundary_breach_all_violations_reporteds & ' LLO 8f- 11553LMXXc#quu-BB'GHI j)?@ N MM >~>NO  r:ctd}|j|}|j|dd|jd|j dgd|j|j ddd|j |d y) Nr rr>rzythe action-axis ALLOW/FORBID collision must be an explicit hold cause, not masked by the co-located forbidden-path breachprecedence_ruler`z=precedence must be an explicit deterministic fail-closed ruler\)rrrs r.test_allow_vs_forbid_conflict_forbid_dominateszKPhaseBEngineAdversarialTests.test_allow_vs_forbid_conflict_forbid_dominatess , - LLO 8f- &nb(A H   EE# $&> K ++AZ+@r:)rvdictreturnr)N)rrrz str | None) rcrdrerfr|rrrrrrrgr:rriris+&( / ./ Ar:rict|tr|SdD]B}t||d}t|s|}t|tr|cSt|cSi}dD]}t ||st||||< |S)zCoerce a variety of plausible engine return shapes into a dict view. C1 owns the exact decision schema; we accept dicts, objects with a `to_dict`/`as_dict`, or attribute-style decision objects. )to_dictas_dictasdictN)rrr]r~r)rsrr#r$hasattr)decisionr{r'resoutrUs rrurus (D! -? Xq$ ' B<$C$S$/3 >T#Y > ? C* 8Q Xq)CF* Jr:__main__zengine_present=z( (Phase-A still runs; Phase-B deferred)) verbosity)rrrr)rr)#rf __future__rbuiltins @py_builtins_pytest.assertion.rewrite assertionrewrite @pytest_arr runittestpathlibr__file__r_THISparentsWS_ROOTrrrr) _ENGINE_MODrpENGINE_PRESENTrrTestCaser+ skipUnlessrirurcprintmainrgr:rrs-$#  X  --  :- =:6@ L  *./ ]D(F]$-F` @ !2!2@ L^\2sA8#4#4sA3sAl4 z  l //WXYHMMA r: