Yi1dZddlmZddlZddlmcmZddl Z ddl Z ddl Z ddl Z ddl m Z mZmZddlmZddlZedZedz dz Zd Zed d z d z Zefdd ZddZddZddZ d ddZddZdddZdZdZdZ y) utests/taskctl/test_admin_override.py Admin Override audit log + cap 검증 (task-2467) 벨레스(개발6팀 테스터) 작성. 스바로그의 구현 완료 전 선작성(TDD). 케이스: 1. test_admin_override_records_audit_log — chairman email로 --admin → audit log 1줄 2. test_admin_override_non_chairman_blocked — 다른 사용자 --admin → FAIL 3. test_admin_override_hard_cap — 90일 내 5건 채운 후 6번째 → HARD_CAP_EXCEEDED ) annotationsN)datetime timedeltatimezone)Pathz-/home/jay/workspace/.worktrees/task-2467-dev6scriptsz taskctl.pyzjonghyuk.jeon@gmail.commemoryorchestration-auditzadmin-override.jsonlcxitj}t||d<||d<||d<t|dz |d<|dz dz jdd |dz d z jdd |d z d z jdd |d z d z jdd |dz }|j d|d|S)u3격리된 workspace + git config user.email 설정.WORKSPACE_ROOTGIT_AUTHOR_EMAILGIT_COMMITTER_EMAILz .gitconfigGIT_CONFIG_GLOBAL.tasksstateTparentsexist_okevidencer eventsr z[user] email = z name = Test Chairman )osenvironstrmkdir write_text)tmp_pathchairman_emailenv gitconfigs 8/home/jay/workspace/tests/taskctl/test_admin_override.py_isolated_workspacer!s RZZ.CMC,C!/C"8l#:;C 7"))$)F :%,,TD,I 8#**4$*G 0077t7T<'I  ^,,FG JcZtjdttg|zdd|dS)Npython3T)capture_outputtextrtimeout) subprocessrunrTASKCTL)argsrs r _runr-5s- >> CL!D($C r"c|dz dz |dz }|j}|}|stjd|dzdtjvstj |rtj |ndtj |tj |dz}ttj|dx}}tj|jS)Nrr.jsonustate 파일 없음: zC >assert %(py4)s {%(py4)s = %(py2)s {%(py2)s = %(py0)s.exists }() }p)py0py2py4) exists @pytest_ar_format_assertmsg @py_builtinslocals_should_repr_global_name _safereprAssertionError_format_explanationjsonloads read_text)rtask_idr0 @py_assert1 @py_assert3 @py_format5s r _staterD<s8g%7)5(99A 8828:2:22.qc2222222122212228222:222222 ::akkm $$r"c|dz dz |dz }tj|j}||d<|jdd|j Dcic]\}}|dk7s ||}}}tj |ddd }t j|jd j} | |d<|jtj |dd ycc}}w)u<테스트 전용: state 강제 설정 + 체크섬 재계산.rrr/ current_state _checksumNFT,: ensure_ascii sort_keys separatorsutf-8rLindent) r=r>r?popitemsdumpshashlibsha256encode hexdigestr) rr@ target_stater0rkvpayloadcanonchecksums r _force_state_with_checksumr`Bs8g%7)5(99A JJq{{} %E)E/ IIk4 % B1k1Aq!tBGB JJwUdz ZE~~ell734>>@H!E+LLEa@A Cs  C**C*c d|gd|gd|gd|gd|dt|gfD]}t||jdk7syt||d |d z d z |d z }t j |j }d |d<|jdd|jDcic]\}}|dk7s ||} }}t j| dd d} tj| jdj|d<|jt j|ddt||dd k(Scc}}w)u*HUMAN_APPROVED 상태까지 강제 진입.initdispatchackr*zpr-openz--prrFHUMAN_APPROVEDrrr/Thuman_approvedrGNrHrKrOrPrQrF)rr- returncoder`r=r>r?rSrTrUrVrWrXrYrrD) rrr@ pr_numbercmdr0rr[r\r]r^s r _setup_to_human_approvedrjOsK!J#8 5'"2GVS^<> S> $ $ ) x2BC8g%7)5(99A JJq{{} %E"E  IIk4 % B1k1Aq!tBGB JJwUdz ZE  W(=>HHJE+LLEa@A (G $_ 59I II Cs % E3Ech|tz }|jsgS|jjDcgc]#}|j s|j %}}g}|D]'} |j t j|)|Scc}w#t j$rYFwxYw)uaudit log JSONL 읽기.) AUDIT_LOG_RELATIVEr4r? splitlinesstripappendr=r>JSONDecodeError)r audit_loglnlinesresults r _read_audit_logrugs--I     "+"5"5"7"B"B"D SB RXXZ SE S F  MM$**R. ) M T ##   sBB.$BB10B1c |tz }|jjddtjt j }t|dd5}t|D]p}|t||zdzz }|jdd |d d |zd d |d|ddg|dz|dzd }|jtj|ddzr dddy#1swYyxYw)u9audit log에 count건 미리 기록 (rolling window 내).TrarO)encoding)daysz%Y-%m-%dT%H:%M:%SZz task-prepop-03dichairmanzprepopulated test record #abc04dtest) tsr@rhactorreasonhead_shabypassed_checkssoft_count_this_monthhard_count_this_quarterF)rL N)rlparentrrnowrutcopenrangerstrftimewriter=rU) rcount days_ago_maxrqrfirrecords r _prepopulate_audit_logrvs--I 4$7 ,,x|| $C iw /C1u CAya,&6&:;;Bkk"67)!C1!AX#6qc:!!CM$*8)*Q+,q5 F GGDJJvE:TA B CCCCs A?C!!C*c : t|t}d}d}t||||}|stjdt d|ddg|}|j dk(rt|}t|dk(r&tjd t||d d |d }d D]}||v} | stjd| fd||fdtjvstj|rtj |nddtjvstj|rtj |nddz} tj"d|dt%|j'dzd| iz} t)tj*| d} |j,} d} | | } | |k(}|s*tjd|fd| |fdtjvstj|rtj |ndtj | tj | tj | dtjvstj|rtj |nddz}tj"d|j-ddzd|iz}t)tj*|dx} x} x} }|j,} d} | | } d td!h}| |v}|stjd|fd"| |fdtjvstj|rtj |ndtj | tj | tj | tj |d#z}tj"d$|j-dd%zd&|iz}t)tj*|dx} x} x} x}}t||}|d }hd'}||v} | stjd| fd(||fd)tjvstj|rtj |nd)tj |d*z}tj"d+|d,zd-|iz}t)tj*|dx} }ytjd.|j.dd/y)0uchairman email로 taskctl merge --admin → audit log 1줄 + ADMIN_OVERRIDE_USED. 신규 구현 필요. MVP에서는 --admin 플래그 미구현 시 xfail. rztask-adminoverride-01i#HUMAN_APPROVED 상태 진입 실패merge--admin --dry-runru~--admin 플래그 인식되나 audit log 미구현 (스바로그 대기): merge 성공했지만 audit log 비어있음 (state=rF))rr@rrr)in)z%(py0)s in %(py2)sfieldlast)r1r2uaudit log에 'u ' 누락: z >assert %(py4)sr3Nr@==)zI%(py6)s {%(py6)s = %(py2)s {%(py2)s = %(py0)s.get }(%(py4)s) } == %(py8)s)r1r2r3py6py8uaudit log task_id 불일치: z >assert %(py10)spy10rr|z"chairman (jonghyuk.jeon@gmail.com))zI%(py6)s {%(py6)s = %(py2)s {%(py2)s = %(py0)s.get }(%(py4)s) } in %(py9)s)r1r2r3rpy9uaudit log actor 이상: z >assert %(py11)spy11>DONEMERGEDADMIN_OVERRIDE_USED)z%(py0)s in %(py3)scurrent)r1py3u&admin override 후 예상 외 상태: z >assert %(py5)spy5uQ--admin 플래그 미구현 또는 chairman 검증 실패 (스바로그 대기): )r!CHAIRMAN_EMAILrjpytestskipr-rgrulenxfailrDr5_call_reprcomparer7r8r9r:r6listkeysr;r<getstderr)rrr@rhokprocentriesrrrA @py_format3rCrB @py_assert5 @py_assert7 @py_format9 @py_format11 @py_assert8 @py_format10 @py_format12rr @py_assert2 @py_format4 @py_format6s r %test_admin_override_records_audit_logrsy h~ FC%GI !(C) DB  9: '9k:C @D !!(+ w<1  LLGGMhX_G`apGqFrrsu  r{U XED= W W W5D W W W W W W5 W W W5 W W W W W WD W W WD W W W WN5'DDUCV"W W W W W W W Xxx  x " "g-   "g   6        "  #   6  '.  '.  ,DHHY,?+@ A      xx  x  ZAe$f  $ff   $f   6           !  %g  'txx'8&9 :      x)(C wCC  wC   6      D  5WI >      _{{4C ! # r"cd}t||}d}d}t||||}|stjdt d|ddg|}|j d k(r0tj d |jd |jy|j|jz}d |jvxs:d |jvxs&d|jvxsd|jv}d|jvxs&d|jvxsd|jv} | r|stjd|j } d } | | k7} | stjd| fd| | fdtjvstj|rtj |ndtj | tj | dz} dd| iz}t#tj$|dx} x} } y)uy다른 사용자가 --admin 시도 → FAIL ("chairman only"). git config user.email을 다른 email로 설정. znon-chairman@example.comrztask-adminoverride-02irrrrru5non-chairman이 --admin 성공: returncode=0 stdout: stderr: r| unauthorized permissiononlyunknown unrecognized1--admin 플래그 미구현 (스바로그 대기)!=z2%(py2)s {%(py2)s = %(py0)s.returncode } != %(py5)srr1r2rassert %(py7)spy7N)r!rjrrr-rgfailstdoutrlowerrr5rr7r8r9r:r;r<)rnon_chairman_emailrr@rhrrcombinedis_chairman_blockedis_not_implementedrA @py_assert4rBr @py_format8s r (test_admin_override_non_chairman_blockedrs 4 h7I JC%GI !(C) DB  9: '9k:C @D ! {{m:dkk] < ;;, (..* * *!11 *x~~// *))  ) ) 2HNN,, 2!11  &9 LLL M#!#!####!######t###t######!#######r"c t|t}d}d}t||||}|stjdt |ddt |}t|}d}||k(}|stjd|fd ||fd tjvstjtrtjtnd d tjvstj|rtj|nd tj|tj|d z} tjd t|ddzd| iz} ttj | dx}x}}t#d|ddg|} | j$dk(rkt |} t| dkDr= 5 → "HARD_CAP_EXCEEDED". rztask-adminoverride-03irY)rrr)z0%(py3)s {%(py3)s = %(py0)s(%(py1)s) } == %(py6)srentries_before)r1py1rruprepopulate 실패: u건z >assert %(py8)srNrrrru7hard cap 초과에도 admin override 성공: audit log u 건 stdout: ru/hard cap 검사 미구현 (스바로그 대기)HARD_CAPcapexceededlimit5rrruEhard cap 관련 메시지 없음 (chairman 검증 실패 가능성): i,rrrrrr)<=)z0%(py3)s {%(py3)s = %(py0)s(%(py1)s) } <= %(py6)s entries_afteru2hard cap 초과 후에도 audit log에 기록됨: )r!rrjrrrrurr5rr7r8r9r:r6r;r<r-rgrrrrupperr)rrr@rhrrrrr @py_format7rrrris_cap_exceededrrArBrrs r test_admin_override_hard_caprs h~ FC%GI !(C) DB  9:812>$X.N ~ T!T ! #TTT !TTTTTT3TTT3TTTTTT~TTT~TTT TTT!TTT';Crs # 22 @ A i , .+(^&;;>TT?M.% B01J),J59J0 C44 v)$`A r"