g4borg
168aefd415
Realign fermata around redaction (PostToolUse) as the primary security layer, with access control (PreToolUse) as supplementary write/bash protection. Remove botignore.toml — policy rules now live in .botsecrets [policy] section. Add fermata.toml as an alias for .botsecrets. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
36 lines
1002 B
Rust
36 lines
1002 B
Rust
use dirigent_fermata::core::toml_config::{OpRules, BashRules};
|
|
|
|
#[test]
|
|
fn op_rules_deserialize() {
|
|
let src = r#"patterns = [".env*", "secrets/**"]"#;
|
|
let rules: OpRules = toml::from_str(src).unwrap();
|
|
assert_eq!(rules.patterns, vec![".env*", "secrets/**"]);
|
|
}
|
|
|
|
#[test]
|
|
fn op_rules_default_is_empty() {
|
|
let rules = OpRules::default();
|
|
assert!(rules.patterns.is_empty());
|
|
}
|
|
|
|
#[test]
|
|
fn bash_rules_deserialize() {
|
|
let src = r#"
|
|
deny = ["rm -rf /", "git push --force*"]
|
|
ask = ["rm:*"]
|
|
allow_prefixes = ["make test", "git checkout:*"]
|
|
"#;
|
|
let rules: BashRules = toml::from_str(src).unwrap();
|
|
assert_eq!(rules.deny, vec!["rm -rf /", "git push --force*"]);
|
|
assert_eq!(rules.ask, vec!["rm:*"]);
|
|
assert_eq!(rules.allow_prefixes, vec!["make test", "git checkout:*"]);
|
|
}
|
|
|
|
#[test]
|
|
fn bash_rules_default_is_empty() {
|
|
let rules = BashRules::default();
|
|
assert!(rules.deny.is_empty());
|
|
assert!(rules.ask.is_empty());
|
|
assert!(rules.allow_prefixes.is_empty());
|
|
}
|