-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest-security-level-presets.sh
More file actions
211 lines (196 loc) · 7.28 KB
/
test-security-level-presets.sh
File metadata and controls
211 lines (196 loc) · 7.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
#!/bin/bash
# Manual Verification Script: Security Level Presets
# Tests security level preset functionality through the UI
#
# Usage: ./test-security-level-presets.sh
#
# This script provides automated checks and a manual testing checklist
set -e
echo "========================================"
echo "Security Level Presets Verification"
echo "========================================"
echo ""
# Colors
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
RED='\033[0;31m'
NC='\033[0m' # No Color
# Check if we're in the right directory
if [ ! -f "apps/frontend/package.json" ]; then
echo -e "${RED}Error: Must run from worktree root${NC}"
exit 1
fi
# Change to frontend directory for tests
cd apps/frontend
echo -e "${BLUE}1. Automated Implementation Checks${NC}"
echo "--------------------------------------"
# Check for SecurityLevelSelector component
if [ -f "src/renderer/components/settings/security/SecurityLevelSelector.tsx" ]; then
echo -e "${GREEN}✓${NC} SecurityLevelSelector component exists"
else
echo -e "${RED}✗${NC} SecurityLevelSelector component missing"
exit 1
fi
# Check for preset definitions in SecuritySettings
if grep -q "SECURITY_LEVEL_PRESETS" src/renderer/components/settings/SecuritySettings.tsx; then
echo -e "${GREEN}✓${NC} Preset definitions found in SecuritySettings"
else
echo -e "${RED}✗${NC} Preset definitions missing"
exit 1
fi
# Check for preset apply logic
if grep -q "applySecurityLevel" src/renderer/components/settings/SecuritySettings.tsx; then
echo -e "${GREEN}✓${NC} Preset apply logic found"
else
echo -e "${RED}✗${NC} Preset apply logic missing"
exit 1
fi
# Check for detection logic
if grep -q "detectSecurityLevel" src/renderer/components/settings/SecuritySettings.tsx; then
echo -e "${GREEN}✓${NC} Security level detection logic found"
else
echo -e "${RED}✗${NC} Detection logic missing"
exit 1
fi
echo ""
echo -e "${GREEN}All automated checks passed!${NC}"
echo ""
echo -e "${BLUE}2. Run Automated Unit Tests${NC}"
echo "--------------------------------------"
echo "Running security level presets test suite..."
npm test -- security-level-presets-e2e.spec.ts --run
if [ $? -eq 0 ]; then
echo -e "${GREEN}✓${NC} All unit tests passed"
else
echo -e "${RED}✗${NC} Unit tests failed"
exit 1
fi
echo ""
echo -e "${YELLOW}3. Manual UI Testing Checklist${NC}"
echo "--------------------------------------"
echo "The automated tests verify the logic, but you should manually test the UI."
echo ""
echo "Prerequisites:"
echo " 1. Build and start the app: npm start (or npm run dev)"
echo " 2. Navigate to Settings → Security"
echo ""
echo "Test Cases:"
echo ""
echo -e "${YELLOW}Test 1: Paranoid Preset${NC}"
echo " Steps:"
echo " 1. Note current command count in 'Security Profile' section"
echo " 2. Click on 'Paranoid' preset card"
echo " 3. Verify command count reduced to ≤10"
echo " 4. Verify 'Filesystem Access' shows 'Restricted'"
echo " 5. Verify 'API Access' shows 'Restricted'"
echo " 6. Verify 'Paranoid' card shows 'Active' badge"
echo ""
echo -e "${YELLOW}Test 2: Standard Preset${NC}"
echo " Steps:"
echo " 1. Click on 'Standard' preset card"
echo " 2. Verify command count ≤50"
echo " 3. Verify 'Filesystem Access' shows 'Full Access'"
echo " 4. Verify 'API Access' shows 'Full Access'"
echo " 5. Verify 'Standard' card shows 'Active' badge"
echo ""
echo -e "${YELLOW}Test 3: Permissive Preset${NC}"
echo " Steps:"
echo " 1. Click on 'Permissive' preset card"
echo " 2. Verify warning dialog appears"
echo " 3. Click 'I understand the risks' to confirm"
echo " 4. Verify command count ≤100"
echo " 5. Verify 'Filesystem Access' shows 'Full Access'"
echo " 6. Verify 'API Access' shows 'Full Access'"
echo " 7. Verify 'Permissive' card shows 'Active' badge"
echo " 8. Verify warning banner appears at top of Security section"
echo ""
echo -e "${YELLOW}Test 4: Preset Persistence${NC}"
echo " Steps:"
echo " 1. Select 'Paranoid' preset"
echo " 2. Close and reopen the app"
echo " 3. Navigate back to Settings → Security"
echo " 4. Verify 'Paranoid' is still selected as active"
echo " 5. Verify command count is still ≤10"
echo ""
echo -e "${YELLOW}Test 5: Preset Switching${NC}"
echo " Steps:"
echo " 1. Select 'Paranoid' preset"
echo " 2. Wait for save to complete (spinner disappears)"
echo " 3. Immediately select 'Permissive' preset"
echo " 4. Confirm warning dialog"
echo " 5. Verify command count increases"
echo " 6. Verify restrictions are removed"
echo ""
echo -e "${YELLOW}Test 6: Disabled State During Save${NC}"
echo " Steps:"
echo " 1. Select any preset"
echo " 2. Verify spinner appears on that preset card"
echo " 3. Verify clicking other presets does nothing during save"
echo " 4. Wait for save to complete"
echo " 5. Verify other presets become clickable again"
echo ""
echo -e "${YELLOW}Test 7: Permissive Warning Dialog${NC}"
echo " Steps:"
echo " 1. Select 'Permissive' preset"
echo " 2. Verify dialog appears with warning icon"
echo " 3. Verify warning message is clear"
echo " 4. Click 'Cancel' button"
echo " 5. Verify dialog closes without applying permissive"
echo " 6. Verify previous preset remains active"
echo " 7. Click 'Permissive' again"
echo " 8. Click 'I understand the risks'"
echo " 9. Verify permissive is applied"
echo ""
echo -e "${YELLOW}Test 8: Profile Summary Updates${NC}"
echo " Steps:"
echo " 1. Find 'Security Profile' section below presets"
echo " 2. Note current values"
echo " 3. Switch to different preset"
echo " 4. Verify profile summary updates immediately:"
echo " - Total Commands count changes"
echo " - Filesystem Access status changes"
echo " - API Access status changes"
echo ""
echo -e "${YELLOW}Test 9: Audit Log Recording${NC}"
echo " Steps:"
echo " 1. Scroll to 'Audit Log' section"
echo " 2. Note current event count"
echo " 3. Switch to a different preset"
echo " 4. Click refresh button in audit log section"
echo " 5. Verify new security event appears (permission change)"
echo ""
echo -e "${YELLOW}Test 10: Visual Indicators${NC}"
echo " Steps:"
echo " 1. Verify each preset has correct icon (ShieldAlert, ShieldCheck, Shield)"
echo " 2. Verify active preset has highlighted border"
echo " 3. Verify active preset shows checkmark icon"
echo " 4. Verify risk level badges have correct colors:"
echo " - Paranoid: green/low risk"
echo " - Standard: yellow/medium risk"
echo " - Permissive: red/high risk"
echo ""
echo -e "${BLUE}4. Verification Summary${NC}"
echo "--------------------------------------"
echo ""
echo "Automated checks:"
echo -e " ${GREEN}✓${NC} Implementation files present"
echo -e " ${GREEN}✓${NC} Unit tests passing"
echo ""
echo "Manual verification:"
echo " Complete the 10 test cases above"
echo " Check each step carefully"
echo " Report any issues found"
echo ""
echo -e "${BLUE}Expected Results:${NC}"
echo " - Paranoid: ≤10 commands, both restrictions enabled"
echo " - Standard: ≤50 commands, no restrictions"
echo " - Permissive: ≤100 commands, no restrictions"
echo " - All presets persist across app restarts"
echo " - Warning dialog shows for permissive mode"
echo " - Profile summary updates in real-time"
echo " - Audit log records preset changes"
echo ""
echo -e "${GREEN}Verification complete!${NC}"
echo ""
echo "If all tests pass, the security level preset feature is working correctly."