fix(auth): close shared-context isolation edge cases

This commit is contained in:
Tam Nhu Tran
2026-02-25 04:09:46 +07:00
parent 7d5e604e53
commit 0b070a3f34
14 changed files with 767 additions and 123 deletions
+144 -81
View File
@@ -15,6 +15,7 @@ import {
policyToAccountContextMetadata,
formatAccountContextPolicy,
isValidAccountProfileName,
resolveAccountContextPolicy,
} from '../account-context';
import { exitWithError } from '../../errors';
import { ExitCode } from '../../errors/exit-codes';
@@ -24,6 +25,47 @@ function sanitizeProfileNameForInstance(name: string): string {
return name.replace(/[^a-zA-Z0-9_-]/g, '-').toLowerCase();
}
const AMBIENT_PROVIDER_PREFIXES = [
'ANTHROPIC_',
'OPENAI_',
'GOOGLE_',
'GEMINI_',
'MINIMAX_',
'QWEN_',
'DEEPSEEK_',
'KIMI_',
'AZURE_',
'OLLAMA_',
];
const AMBIENT_PROVIDER_EXACT_KEYS = new Set([
'OPENROUTER_API_KEY',
'OPENROUTER_KEY',
'XAI_API_KEY',
'MISTRAL_API_KEY',
'COHERE_API_KEY',
]);
const AMBIENT_PROVIDER_SUFFIXES = ['_API_KEY', '_AUTH_TOKEN', '_ACCESS_TOKEN', '_SECRET_KEY'];
function stripAmbientProviderCredentials(env: NodeJS.ProcessEnv): NodeJS.ProcessEnv {
const sanitized: NodeJS.ProcessEnv = { ...env };
for (const envKey of Object.keys(sanitized)) {
if (envKey === 'CLAUDE_CONFIG_DIR') {
continue;
}
if (
AMBIENT_PROVIDER_PREFIXES.some((prefix) => envKey.startsWith(prefix)) ||
AMBIENT_PROVIDER_EXACT_KEYS.has(envKey) ||
AMBIENT_PROVIDER_SUFFIXES.some((suffix) => envKey.endsWith(suffix))
) {
delete sanitized[envKey];
}
}
return sanitized;
}
/**
* Handle the create command
*/
@@ -31,6 +73,13 @@ export async function handleCreate(ctx: CommandContext, args: string[]): Promise
await initUI();
const { profileName, force, shareContext, contextGroup, unknownFlags } = parseArgs(args);
if (unknownFlags && unknownFlags.length > 0) {
const unknownList = unknownFlags.join(', ');
console.log(fail(`Unknown option(s): ${unknownList}`));
console.log('');
exitWithError(`Unknown option(s): ${unknownList}`, ExitCode.PROFILE_ERROR);
}
if (!profileName) {
console.log(fail('Profile name is required'));
console.log('');
@@ -43,13 +92,6 @@ export async function handleCreate(ctx: CommandContext, args: string[]): Promise
exitWithError('Profile name is required', ExitCode.PROFILE_ERROR);
}
if (unknownFlags && unknownFlags.length > 0) {
const unknownList = unknownFlags.join(', ');
console.log(fail(`Unknown option(s): ${unknownList}`));
console.log('');
exitWithError(`Unknown option(s): ${unknownList}`, ExitCode.PROFILE_ERROR);
}
if (!isValidAccountProfileName(profileName)) {
const error =
'Invalid profile name. Use letters/numbers/dash/underscore and start with a letter.';
@@ -100,33 +142,73 @@ export async function handleCreate(ctx: CommandContext, args: string[]): Promise
useUnifiedConfig && existsUnified
? ctx.registry.getAllAccountsUnified()[profileName]
: undefined;
const previousContextPolicy =
!createdProfile && (previousUnifiedProfile || previousLegacyProfile)
? resolveAccountContextPolicy(previousUnifiedProfile || previousLegacyProfile)
: undefined;
const claudeInfo = getClaudeCliInfo();
if (!claudeInfo) {
console.log(fail('Claude CLI not found'));
console.log('');
console.log('Please install Claude CLI first:');
console.log(` ${color('https://claude.ai/download', 'path')}`);
exitWithError('Claude CLI not found', ExitCode.BINARY_ERROR);
}
let rollbackCompleted = false;
const rollbackMetadata = (): void => {
try {
if (useUnifiedConfig) {
if (createdProfile) {
if (ctx.registry.hasAccountUnified(profileName)) {
ctx.registry.removeAccountUnified(profileName);
}
} else if (previousUnifiedProfile) {
ctx.registry.updateAccountUnified(profileName, previousUnifiedProfile);
}
return;
}
if (createdProfile) {
if (ctx.registry.hasProfile(profileName)) {
ctx.registry.deleteProfile(profileName);
}
} else if (previousLegacyProfile) {
ctx.registry.updateProfile(profileName, previousLegacyProfile);
}
} catch {
// Best-effort rollback to avoid leaving stale accounts after failed login.
}
};
const rollbackFailedCreate = async (): Promise<void> => {
if (rollbackCompleted) {
return;
}
rollbackCompleted = true;
rollbackMetadata();
if (createdProfile) {
try {
ctx.instanceMgr.deleteInstance(profileName);
} catch {
// Best-effort cleanup.
}
return;
}
if (previousContextPolicy) {
try {
await ctx.instanceMgr.ensureInstance(profileName, previousContextPolicy);
} catch {
// Best-effort rollback for context mode/group.
}
}
};
try {
const rollbackMetadata = (): void => {
try {
if (useUnifiedConfig) {
if (createdProfile) {
if (ctx.registry.hasAccountUnified(profileName)) {
ctx.registry.removeAccountUnified(profileName);
}
} else if (previousUnifiedProfile) {
ctx.registry.updateAccountUnified(profileName, previousUnifiedProfile);
}
return;
}
if (createdProfile) {
if (ctx.registry.hasProfile(profileName)) {
ctx.registry.deleteProfile(profileName);
}
} else if (previousLegacyProfile) {
ctx.registry.updateProfile(profileName, previousLegacyProfile);
}
} catch {
// Best-effort rollback to avoid leaving stale accounts after failed login.
}
};
// Create instance directory
console.log(info(`Creating profile: ${profileName}`));
const instancePath = await ctx.instanceMgr.ensureInstance(profileName, contextPolicy);
@@ -170,53 +252,39 @@ export async function handleCreate(ctx: CommandContext, args: string[]): Promise
console.log(warn('You will be prompted to login with your account.'));
console.log('');
// Detect Claude CLI
const claudeInfo = getClaudeCliInfo();
if (!claudeInfo) {
console.log(fail('Claude CLI not found'));
console.log('');
console.log('Please install Claude CLI first:');
console.log(` ${color('https://claude.ai/download', 'path')}`);
exitWithError('Claude CLI not found', ExitCode.BINARY_ERROR);
}
const { path: claudeCli, needsShell } = claudeInfo;
const childEnv = stripClaudeCodeEnv({ ...process.env, CLAUDE_CONFIG_DIR: instancePath });
// Avoid ambient provider credentials influencing account-login bootstrap behavior.
const ambientProviderPrefixes = ['ANTHROPIC_', 'OPENAI_', 'GOOGLE_', 'GEMINI_', 'MINIMAX_'];
for (const envKey of Object.keys(childEnv)) {
if (envKey === 'CLAUDE_CONFIG_DIR') {
continue;
}
if (
ambientProviderPrefixes.some((prefix) => envKey.startsWith(prefix)) ||
envKey === 'OPENROUTER_API_KEY'
) {
delete childEnv[envKey];
}
}
const childEnv = stripAmbientProviderCredentials(
stripClaudeCodeEnv({ ...process.env, CLAUDE_CONFIG_DIR: instancePath })
);
// Execute Claude in isolated instance (will auto-prompt for login if no credentials)
// On Windows, .cmd/.bat/.ps1 files need shell: true to execute properly
let child: ChildProcess;
if (needsShell) {
const cmdString = escapeShellArg(claudeCli);
child = spawn(cmdString, {
stdio: 'inherit',
windowsHide: true,
shell: true,
env: childEnv,
});
} else {
child = spawn(claudeCli, [], {
stdio: 'inherit',
windowsHide: true,
env: childEnv,
});
try {
if (needsShell) {
const cmdString = escapeShellArg(claudeCli);
child = spawn(cmdString, {
stdio: 'inherit',
windowsHide: true,
shell: true,
env: childEnv,
});
} else {
child = spawn(claudeCli, [], {
stdio: 'inherit',
windowsHide: true,
env: childEnv,
});
}
} catch (error) {
await rollbackFailedCreate();
exitWithError(
`Failed to execute Claude CLI: ${(error as Error).message}`,
ExitCode.BINARY_ERROR
);
}
child.on('exit', (code: number | null) => {
child.on('exit', async (code: number | null) => {
if (code === 0) {
console.log('');
console.log(
@@ -246,10 +314,7 @@ export async function handleCreate(ctx: CommandContext, args: string[]): Promise
console.log('');
process.exit(0);
} else {
rollbackMetadata();
if (createdProfile) {
ctx.instanceMgr.deleteInstance(profileName);
}
await rollbackFailedCreate();
console.log('');
console.log(fail('Login failed or cancelled'));
@@ -261,14 +326,12 @@ export async function handleCreate(ctx: CommandContext, args: string[]): Promise
}
});
child.on('error', (err: Error) => {
rollbackMetadata();
if (createdProfile) {
ctx.instanceMgr.deleteInstance(profileName);
}
child.on('error', async (err: Error) => {
await rollbackFailedCreate();
exitWithError(`Failed to execute Claude CLI: ${err.message}`, ExitCode.BINARY_ERROR);
});
} catch (error) {
await rollbackFailedCreate();
exitWithError(`Failed to create profile: ${(error as Error).message}`, ExitCode.GENERAL_ERROR);
}
}
+11 -3
View File
@@ -159,7 +159,7 @@ export class ProfileRegistry {
throw new Error(`Profile not found: ${name}`);
}
return data.profiles[name];
return this.normalizeLegacyProfileMetadata(data.profiles[name]);
}
/**
@@ -215,7 +215,11 @@ export class ProfileRegistry {
*/
getAllProfiles(): Record<string, ProfileMetadata> {
const data = this._read();
return data.profiles;
const normalized: Record<string, ProfileMetadata> = {};
for (const [name, profile] of Object.entries(data.profiles)) {
normalized[name] = this.normalizeLegacyProfileMetadata(profile);
}
return normalized;
}
/**
@@ -357,7 +361,11 @@ export class ProfileRegistry {
getAllAccountsUnified(): Record<string, AccountConfig> {
if (!isUnifiedMode()) return {};
const config = loadOrCreateUnifiedConfig();
return config.accounts;
const normalized: Record<string, AccountConfig> = {};
for (const [name, account] of Object.entries(config.accounts)) {
normalized[name] = this.normalizeUnifiedAccountConfig(account);
}
return normalized;
}
/**
+12 -4
View File
@@ -21,6 +21,7 @@ import type { ProfileConfig, AccountConfig, CLIProxyVariantConfig } from './unif
import { createEmptyUnifiedConfig } from './unified-config-types';
import { CLIPROXY_PROVIDER_IDS } from '../cliproxy/provider-capabilities';
import { saveUnifiedConfig, hasUnifiedConfig, loadUnifiedConfig } from './unified-config-loader';
import { isValidContextGroupName, normalizeContextGroupName } from '../auth/account-context';
import { infoBox, warn } from '../utils/ui';
const BACKUP_DIR_PREFIX = 'backup-v1-';
@@ -151,10 +152,17 @@ export async function migrate(dryRun = false): Promise<MigrationResult> {
const rawContextMode = metadata.context_mode;
const rawContextGroup = metadata.context_group;
const contextMode = rawContextMode === 'shared' ? 'shared' : 'isolated';
const contextGroup =
typeof rawContextGroup === 'string' && rawContextGroup.trim().length > 0
? rawContextGroup
: undefined;
let contextGroup: string | undefined;
if (typeof rawContextGroup === 'string' && rawContextGroup.trim().length > 0) {
const normalizedGroup = normalizeContextGroupName(rawContextGroup);
if (isValidContextGroupName(normalizedGroup)) {
contextGroup = normalizedGroup;
} else {
warnings.push(
`Skipped invalid context group for account "${name}": "${rawContextGroup}" (fallback to default shared group)`
);
}
}
const account: AccountConfig = {
created: (metadata.created as string) || new Date().toISOString(),
last_used: (metadata.last_used as string) || null,
+39 -2
View File
@@ -8,6 +8,7 @@
import * as fs from 'fs';
import * as path from 'path';
import { createHash } from 'crypto';
import SharedManager from './shared-manager';
import { AccountContextPolicy, DEFAULT_ACCOUNT_CONTEXT_MODE } from '../auth/account-context';
import { getCcsDir } from '../utils/config-manager';
@@ -203,7 +204,39 @@ class InstanceManager {
private getContextSyncLockPath(profileName: string): string {
const safeName = this.sanitizeName(profileName);
return path.join(this.locksDir, `${safeName}.lock`);
// Keep lock filenames deterministic while preventing normalized-name collisions.
const profileHash = createHash('sha1').update(profileName).digest('hex').slice(0, 8);
return path.join(this.locksDir, `${safeName}-${profileHash}.lock`);
}
private isProcessAlive(pid: number): boolean {
if (!Number.isInteger(pid) || pid <= 0) {
return false;
}
try {
process.kill(pid, 0);
return true;
} catch (error) {
if ((error as NodeJS.ErrnoException).code === 'EPERM') {
return true;
}
return false;
}
}
private tryRemoveDeadOwnerLock(lockPath: string): boolean {
try {
const lockContent = fs.readFileSync(lockPath, 'utf8').trim();
const lockPid = Number.parseInt(lockContent, 10);
if (!this.isProcessAlive(lockPid)) {
fs.unlinkSync(lockPath);
return true;
}
} catch {
// Best-effort stale lock cleanup.
}
return false;
}
private async withContextSyncLock<T>(
@@ -212,8 +245,8 @@ class InstanceManager {
): Promise<T> {
const lockPath = this.getContextSyncLockPath(profileName);
const retryDelayMs = 50;
const timeoutMs = 5000;
const staleLockMs = 30000;
const timeoutMs = staleLockMs + 5000;
const start = Date.now();
fs.mkdirSync(this.locksDir, { recursive: true, mode: 0o700 });
@@ -236,6 +269,10 @@ class InstanceManager {
fs.unlinkSync(lockPath);
continue;
}
if (this.tryRemoveDeadOwnerLock(lockPath)) {
continue;
}
} catch {
// Best-effort stale lock cleanup.
}
+28
View File
@@ -240,6 +240,7 @@ class SharedManager {
if (
currentTarget &&
path.resolve(currentTarget) !== path.resolve(sharedProjectsPath) &&
this.isSafeProjectsMergeSource(currentTarget, instanceName) &&
(await this.pathExists(currentTarget))
) {
await this.mergeDirectoryWithConflictCopies(
@@ -247,6 +248,10 @@ class SharedManager {
sharedProjectsPath,
instanceName
);
} else if (currentTarget && !this.isSafeProjectsMergeSource(currentTarget, instanceName)) {
console.log(
warn(`Skipping unsafe project merge source outside CCS roots: ${currentTarget}`)
);
}
await fs.promises.unlink(projectsPath);
@@ -286,9 +291,14 @@ class SharedManager {
if (
currentTarget &&
path.resolve(currentTarget) !== path.resolve(projectsPath) &&
this.isSafeProjectsMergeSource(currentTarget, instanceName) &&
(await this.pathExists(currentTarget))
) {
await this.mergeDirectoryWithConflictCopies(currentTarget, projectsPath, instanceName);
} else if (currentTarget && !this.isSafeProjectsMergeSource(currentTarget, instanceName)) {
console.log(
warn(`Skipping unsafe project merge source outside CCS roots: ${currentTarget}`)
);
}
return;
@@ -678,6 +688,24 @@ class SharedManager {
}
}
/**
* Guard project merge operations to known CCS-managed roots only.
*/
private isSafeProjectsMergeSource(sourcePath: string, instanceName: string): boolean {
const resolvedSource = path.resolve(sourcePath);
const sharedContextRoot = path.resolve(path.join(this.sharedDir, 'context-groups'));
const instanceProjectsRoot = path.resolve(
path.join(this.instancesDir, instanceName, 'projects')
);
const isWithin = (child: string, root: string): boolean =>
child === root || child.startsWith(`${root}${path.sep}`);
return (
isWithin(resolvedSource, sharedContextRoot) || isWithin(resolvedSource, instanceProjectsRoot)
);
}
/**
* Link directory with Windows fallback to recursive copy.
*/
@@ -0,0 +1,45 @@
import type { CLIProxyProvider } from '../../cliproxy/types';
import { isCLIProxyProvider } from '../../cliproxy/provider-capabilities';
export interface MergedAccountEntry {
type: string;
created: string;
last_used: string | null;
context_mode?: 'isolated' | 'shared';
context_group?: string;
provider?: string;
displayName?: string;
}
/** Parse CLIProxy account key format: "provider:accountId" */
export function parseCliproxyKey(
key: string
): { provider: CLIProxyProvider; accountId: string } | null {
let normalizedKey = key;
if (key.startsWith('cliproxy:')) {
normalizedKey = key.slice('cliproxy:'.length);
} else if (key.startsWith('cliproxy+')) {
normalizedKey = key.slice('cliproxy+'.length);
}
const colonIndex = normalizedKey.indexOf(':');
if (colonIndex === -1) return null;
const provider = normalizedKey.slice(0, colonIndex);
const accountId = normalizedKey.slice(colonIndex + 1);
if (!isCLIProxyProvider(provider) || !accountId) return null;
return { provider, accountId };
}
export function buildCliproxyAccountKey(
rawKey: string,
merged: Record<string, MergedAccountEntry>
): string | null {
const candidateKeys = [rawKey, `cliproxy:${rawKey}`, `cliproxy+${rawKey}`];
for (const key of candidateKeys) {
if (!merged[key]) {
return key;
}
}
return null;
}
+26 -31
View File
@@ -12,31 +12,24 @@ import { isUnifiedMode } from '../../config/unified-config-loader';
import {
getAllAccountsSummary,
setDefaultAccount as setCliproxyDefault,
getDefaultAccount as getCliproxyDefaultAccount,
removeAccount as removeCliproxyAccount,
bulkPauseAccounts,
bulkResumeAccounts,
soloAccount,
} from '../../cliproxy/account-manager';
import type { CLIProxyProvider } from '../../cliproxy/types';
import { isCLIProxyProvider } from '../../cliproxy/provider-capabilities';
import { resolveAccountContextPolicy } from '../../auth/account-context';
import {
buildCliproxyAccountKey,
parseCliproxyKey,
type MergedAccountEntry,
} from './account-route-helpers';
const router = Router();
const registry = new ProfileRegistry();
const instanceMgr = new InstanceManager();
/** Parse CLIProxy account key format: "provider:accountId" */
function parseCliproxyKey(key: string): { provider: CLIProxyProvider; accountId: string } | null {
const normalizedKey = key.startsWith('cliproxy:') ? key.slice('cliproxy:'.length) : key;
const colonIndex = normalizedKey.indexOf(':');
if (colonIndex === -1) return null;
const provider = normalizedKey.slice(0, colonIndex);
const accountId = normalizedKey.slice(colonIndex + 1);
if (!isCLIProxyProvider(provider) || !accountId) return null;
return { provider, accountId };
}
function hasAuthAccount(name: string): boolean {
return registry.hasAccountUnified(name) || registry.hasProfile(name);
}
@@ -54,38 +47,29 @@ router.get('/', (_req: Request, res: Response): void => {
const cliproxyAccounts = getAllAccountsSummary();
// Merge profiles: unified config takes precedence
const merged: Record<
string,
{
type: string;
created: string;
last_used: string | null;
context_mode?: 'isolated' | 'shared';
context_group?: string;
provider?: string;
displayName?: string;
}
> = {};
const merged: Record<string, MergedAccountEntry> = {};
// Add legacy profiles first
for (const [name, meta] of Object.entries(legacyProfiles)) {
const contextPolicy = resolveAccountContextPolicy(meta);
merged[name] = {
type: meta.type || 'account',
created: meta.created,
last_used: meta.last_used || null,
context_mode: meta.context_mode,
context_group: meta.context_group,
context_mode: contextPolicy.mode,
context_group: contextPolicy.group,
};
}
// Override with unified config accounts (takes precedence)
for (const [name, account] of Object.entries(unifiedAccounts)) {
const contextPolicy = resolveAccountContextPolicy(account);
merged[name] = {
type: 'account',
created: account.created,
last_used: account.last_used,
context_mode: account.context_mode,
context_group: account.context_group,
context_mode: contextPolicy.mode,
context_group: contextPolicy.group,
};
}
@@ -99,7 +83,10 @@ router.get('/', (_req: Request, res: Response): void => {
// Use unique ID for key to prevent collisions between accounts with same nickname/email
const displayName = acct.nickname || acct.email || acct.id;
const rawKey = `${provider}:${acct.id}`;
const key = merged[rawKey] ? `cliproxy:${rawKey}` : rawKey;
const key = buildCliproxyAccountKey(rawKey, merged);
if (!key) {
continue;
}
merged[key] = {
type: 'cliproxy',
provider,
@@ -202,6 +189,14 @@ router.delete('/:name', (req: Request, res: Response): void => {
// Check if this is a CLIProxy account (format: "provider:accountId")
const cliproxyKey = !hasAuthAccount(name) ? parseCliproxyKey(name) : null;
if (cliproxyKey) {
const defaultCliproxyAccount = getCliproxyDefaultAccount(cliproxyKey.provider);
if (defaultCliproxyAccount?.id === cliproxyKey.accountId) {
res.status(400).json({
error: `Cannot delete default CLIProxy account: ${name}. Set another default first.`,
});
return;
}
const success = removeCliproxyAccount(cliproxyKey.provider, cliproxyKey.accountId);
if (!success) {
res.status(404).json({ error: `CLIProxy account not found: ${name}` });
+54
View File
@@ -18,9 +18,57 @@ import {
getBackupDirectories,
} from '../../config/migration-manager';
import { isUnifiedConfig } from '../../config/unified-config-types';
import { isValidContextGroupName, normalizeContextGroupName } from '../../auth/account-context';
const router = Router();
function validateAccountContextMetadata(config: unknown): string | null {
if (typeof config !== 'object' || config === null) {
return 'Invalid config payload';
}
const candidate = config as Record<string, unknown>;
const accounts = candidate.accounts;
if (accounts === undefined) {
return null;
}
if (typeof accounts !== 'object' || accounts === null || Array.isArray(accounts)) {
return 'Invalid config.accounts: expected object';
}
for (const [accountName, accountValue] of Object.entries(accounts as Record<string, unknown>)) {
if (typeof accountValue !== 'object' || accountValue === null || Array.isArray(accountValue)) {
return `Invalid config.accounts.${accountName}: expected object`;
}
const account = accountValue as Record<string, unknown>;
const mode = account.context_mode;
const group = account.context_group;
if (mode !== undefined && mode !== 'isolated' && mode !== 'shared') {
return `Invalid config.accounts.${accountName}.context_mode: expected isolated|shared`;
}
if (group !== undefined && typeof group !== 'string') {
return `Invalid config.accounts.${accountName}.context_group: expected string`;
}
if (mode !== 'shared' && group !== undefined) {
return `Invalid config.accounts.${accountName}: context_group requires context_mode=shared`;
}
if (mode === 'shared' && typeof group === 'string' && group.trim().length > 0) {
const normalizedGroup = normalizeContextGroupName(group);
if (!isValidContextGroupName(normalizedGroup)) {
return `Invalid config.accounts.${accountName}.context_group`;
}
}
}
return null;
}
/**
* GET /api/config/format - Return current config format and migration status
*/
@@ -82,6 +130,12 @@ router.put('/', (req: Request, res: Response): void => {
return;
}
const accountContextError = validateAccountContextMetadata(config);
if (accountContextError) {
res.status(400).json({ error: accountContextError });
return;
}
try {
saveUnifiedConfig(config);
res.json({ success: true });
+12
View File
@@ -2,6 +2,7 @@ import { describe, expect, it } from 'bun:test';
import {
MAX_CONTEXT_GROUP_LENGTH,
isValidAccountProfileName,
policyToAccountContextMetadata,
resolveAccountContextPolicy,
resolveCreateAccountContext,
} from '../../src/auth/account-context';
@@ -28,4 +29,15 @@ describe('account context helpers', () => {
expect(resolved.mode).toBe('shared');
expect(resolved.group).toBe('default');
});
it('round-trips shared policy metadata with normalized context group', () => {
const metadata = policyToAccountContextMetadata({
mode: 'shared',
group: 'Sprint-A',
});
const resolved = resolveAccountContextPolicy(metadata);
expect(resolved.mode).toBe('shared');
expect(resolved.group).toBe('sprint-a');
});
});
+74
View File
@@ -85,4 +85,78 @@ describe('auth list context metadata', () => {
expect(work?.context_mode).toBe('shared');
expect(work?.context_group).toBe('sprint-a');
});
it('prefers unified context metadata over legacy when profile names overlap', async () => {
const ccsDir = path.join(tempRoot, '.ccs');
fs.mkdirSync(ccsDir, { recursive: true });
fs.writeFileSync(
path.join(ccsDir, 'profiles.json'),
JSON.stringify(
{
version: '2.0.0',
profiles: {
work: {
type: 'account',
created: '2026-01-01T00:00:00.000Z',
last_used: null,
context_mode: 'isolated',
},
},
default: null,
},
null,
2
)
);
fs.writeFileSync(
path.join(ccsDir, 'config.yaml'),
[
'version: 8',
'accounts:',
' work:',
' created: "2026-02-01T00:00:00.000Z"',
' last_used: null',
' context_mode: shared',
' context_group: sprint-a',
'profiles: {}',
'cliproxy:',
' oauth_accounts: {}',
' providers: {}',
' variants: {}',
].join('\n'),
'utf8'
);
const registry = new ProfileRegistry();
const instanceMgr = new InstanceManager();
const lines: string[] = [];
const originalLog = console.log;
console.log = (...args: unknown[]) => {
lines.push(args.map(String).join(' '));
};
try {
await handleList(
{
registry,
instanceMgr,
version: 'test',
},
['--json']
);
} finally {
console.log = originalLog;
}
const payload = JSON.parse(lines.join('\n')) as {
profiles: Array<{ name: string; context_mode?: string; context_group?: string | null }>;
};
const work = payload.profiles.find((profile) => profile.name === 'work');
expect(work).toBeTruthy();
expect(work?.context_mode).toBe('shared');
expect(work?.context_group).toBe('sprint-a');
});
});
@@ -169,4 +169,46 @@ describe('migration-manager legacy kimi compatibility', () => {
expect(unified?.accounts.personal.context_mode).toBe('isolated');
expect(unified?.accounts.personal.context_group).toBeUndefined();
});
it('normalizes valid legacy shared groups and drops invalid ones during migration', async () => {
fs.writeFileSync(
path.join(ccsDir, 'profiles.json'),
JSON.stringify(
{
default: 'work',
profiles: {
work: {
type: 'account',
created: '2026-02-01T00:00:00.000Z',
last_used: null,
context_mode: 'shared',
context_group: 'Sprint-A',
},
broken: {
type: 'account',
created: '2026-02-02T00:00:00.000Z',
last_used: null,
context_mode: 'shared',
context_group: '###',
},
},
},
null,
2
)
);
const result = await migrate(false);
expect(result.success).toBe(true);
expect(
result.warnings.some((warning) =>
warning.includes('Skipped invalid context group for account "broken"')
)
).toBe(true);
const unified = loadUnifiedConfig();
expect(unified?.accounts.work.context_group).toBe('sprint-a');
expect(unified?.accounts.broken.context_mode).toBe('shared');
expect(unified?.accounts.broken.context_group).toBeUndefined();
});
});
@@ -0,0 +1,133 @@
import { afterAll, afterEach, beforeAll, beforeEach, describe, expect, it } from 'bun:test';
import express from 'express';
import * as fs from 'fs';
import * as os from 'os';
import * as path from 'path';
import type { Server } from 'http';
import accountRoutes from '../../../src/web-server/routes/account-routes';
async function getJson<T>(baseUrl: string, routePath: string): Promise<T> {
const response = await fetch(`${baseUrl}${routePath}`);
expect(response.status).toBe(200);
return (await response.json()) as T;
}
describe('web-server account-routes context normalization', () => {
let server: Server;
let baseUrl = '';
let tempHome = '';
let originalCcsHome: string | undefined;
let originalCcsUnified: string | undefined;
beforeAll(async () => {
const app = express();
app.use('/api/accounts', accountRoutes);
await new Promise<void>((resolve, reject) => {
server = app.listen(0, '127.0.0.1');
const handleError = (error: Error) => reject(error);
server.once('error', handleError);
server.once('listening', () => {
server.off('error', handleError);
resolve();
});
});
const address = server.address();
if (!address || typeof address === 'string') {
throw new Error('Unable to resolve test server port');
}
baseUrl = `http://127.0.0.1:${address.port}`;
});
afterAll(async () => {
await new Promise<void>((resolve) => server.close(() => resolve()));
});
beforeEach(() => {
tempHome = fs.mkdtempSync(path.join(os.tmpdir(), 'ccs-account-routes-context-'));
originalCcsHome = process.env.CCS_HOME;
originalCcsUnified = process.env.CCS_UNIFIED_CONFIG;
process.env.CCS_HOME = tempHome;
process.env.CCS_UNIFIED_CONFIG = '1';
});
afterEach(() => {
if (originalCcsHome !== undefined) process.env.CCS_HOME = originalCcsHome;
else delete process.env.CCS_HOME;
if (originalCcsUnified !== undefined) process.env.CCS_UNIFIED_CONFIG = originalCcsUnified;
else delete process.env.CCS_UNIFIED_CONFIG;
if (tempHome && fs.existsSync(tempHome)) {
fs.rmSync(tempHome, { recursive: true, force: true });
}
});
it('normalizes invalid persisted account context metadata in API response', async () => {
const ccsDir = path.join(tempHome, '.ccs');
fs.mkdirSync(ccsDir, { recursive: true });
fs.writeFileSync(
path.join(ccsDir, 'config.yaml'),
[
'version: 8',
'accounts:',
' work:',
' created: "2026-02-01T00:00:00.000Z"',
' last_used: null',
' context_mode: weird',
' context_group: "###"',
'profiles: {}',
'cliproxy:',
' oauth_accounts: {}',
' providers: {}',
' variants: {}',
].join('\n'),
'utf8'
);
const payload = await getJson<{
accounts: Array<{ name: string; context_mode?: string; context_group?: string }>;
}>(baseUrl, '/api/accounts');
const work = payload.accounts.find((account) => account.name === 'work');
expect(work).toBeTruthy();
expect(work?.context_mode).toBe('isolated');
expect(work && 'context_group' in work).toBe(false);
});
it('falls back shared accounts with invalid groups to default shared group', async () => {
const ccsDir = path.join(tempHome, '.ccs');
fs.mkdirSync(ccsDir, { recursive: true });
fs.writeFileSync(
path.join(ccsDir, 'config.yaml'),
[
'version: 8',
'accounts:',
' work:',
' created: "2026-02-01T00:00:00.000Z"',
' last_used: null',
' context_mode: shared',
' context_group: "###"',
'profiles: {}',
'cliproxy:',
' oauth_accounts: {}',
' providers: {}',
' variants: {}',
].join('\n'),
'utf8'
);
const payload = await getJson<{
accounts: Array<{ name: string; context_mode?: string; context_group?: string }>;
}>(baseUrl, '/api/accounts');
const work = payload.accounts.find((account) => account.name === 'work');
expect(work).toBeTruthy();
expect(work?.context_mode).toBe('shared');
expect(work?.context_group).toBe('default');
});
});
@@ -0,0 +1,141 @@
import { afterAll, afterEach, beforeAll, beforeEach, describe, expect, it } from 'bun:test';
import express from 'express';
import * as fs from 'fs';
import * as os from 'os';
import * as path from 'path';
import type { Server } from 'http';
import configRoutes from '../../../src/web-server/routes/config-routes';
import { createEmptyUnifiedConfig } from '../../../src/config/unified-config-types';
async function putJson(baseUrl: string, routePath: string, body: unknown): Promise<Response> {
return fetch(`${baseUrl}${routePath}`, {
method: 'PUT',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify(body),
});
}
describe('web-server config-routes account context validation', () => {
let server: Server;
let baseUrl = '';
let tempHome = '';
let originalCcsHome: string | undefined;
beforeAll(async () => {
const app = express();
app.use(express.json());
app.use('/api/config', configRoutes);
await new Promise<void>((resolve, reject) => {
server = app.listen(0, '127.0.0.1');
const handleError = (error: Error) => reject(error);
server.once('error', handleError);
server.once('listening', () => {
server.off('error', handleError);
resolve();
});
});
const address = server.address();
if (!address || typeof address === 'string') {
throw new Error('Unable to resolve test server port');
}
baseUrl = `http://127.0.0.1:${address.port}`;
});
afterAll(async () => {
await new Promise<void>((resolve) => server.close(() => resolve()));
});
beforeEach(() => {
tempHome = fs.mkdtempSync(path.join(os.tmpdir(), 'ccs-config-routes-context-'));
originalCcsHome = process.env.CCS_HOME;
process.env.CCS_HOME = tempHome;
fs.mkdirSync(path.join(tempHome, '.ccs'), { recursive: true });
});
afterEach(() => {
if (originalCcsHome !== undefined) process.env.CCS_HOME = originalCcsHome;
else delete process.env.CCS_HOME;
if (tempHome && fs.existsSync(tempHome)) {
fs.rmSync(tempHome, { recursive: true, force: true });
}
});
it('rejects invalid account context_mode values', async () => {
const response = await putJson(baseUrl, '/api/config', {
version: 8,
accounts: {
work: {
created: '2026-01-01T00:00:00.000Z',
last_used: null,
context_mode: 'weird',
},
},
profiles: {},
cliproxy: { oauth_accounts: {}, providers: [], variants: {} },
});
expect(response.status).toBe(400);
const payload = (await response.json()) as { error: string };
expect(payload.error).toContain('context_mode');
});
it('rejects context_group when mode is not shared', async () => {
const response = await putJson(baseUrl, '/api/config', {
version: 8,
accounts: {
work: {
created: '2026-01-01T00:00:00.000Z',
last_used: null,
context_mode: 'isolated',
context_group: 'sprint-a',
},
},
profiles: {},
cliproxy: { oauth_accounts: {}, providers: [], variants: {} },
});
expect(response.status).toBe(400);
const payload = (await response.json()) as { error: string };
expect(payload.error).toContain('context_group requires context_mode=shared');
});
it('rejects invalid shared context_group names', async () => {
const response = await putJson(baseUrl, '/api/config', {
version: 8,
accounts: {
work: {
created: '2026-01-01T00:00:00.000Z',
last_used: null,
context_mode: 'shared',
context_group: '###',
},
},
profiles: {},
cliproxy: { oauth_accounts: {}, providers: [], variants: {} },
});
expect(response.status).toBe(400);
const payload = (await response.json()) as { error: string };
expect(payload.error).toContain('context_group');
});
it('accepts valid shared context metadata', async () => {
const config = createEmptyUnifiedConfig();
config.accounts.work = {
created: '2026-01-01T00:00:00.000Z',
last_used: null,
context_mode: 'shared',
context_group: 'Sprint-A',
};
const response = await putJson(baseUrl, '/api/config', config);
expect(response.status).toBe(200);
const payload = (await response.json()) as { success: boolean };
expect(payload.success).toBe(true);
});
});
@@ -22,6 +22,8 @@ interface CreateAuthProfileDialogProps {
onClose: () => void;
}
const MAX_CONTEXT_GROUP_LENGTH = 64;
export function CreateAuthProfileDialog({ open, onClose }: CreateAuthProfileDialogProps) {
const [profileName, setProfileName] = useState('');
const [shareContext, setShareContext] = useState(false);
@@ -32,7 +34,9 @@ export function CreateAuthProfileDialog({ open, onClose }: CreateAuthProfileDial
const isValidName = /^[a-zA-Z][a-zA-Z0-9_-]*$/.test(profileName);
const normalizedGroup = contextGroup.trim().toLowerCase();
const isValidContextGroup =
normalizedGroup.length === 0 || /^[a-zA-Z][a-zA-Z0-9_-]*$/.test(normalizedGroup);
normalizedGroup.length === 0 ||
(normalizedGroup.length <= MAX_CONTEXT_GROUP_LENGTH &&
/^[a-zA-Z][a-zA-Z0-9_-]*$/.test(normalizedGroup));
const command =
profileName && isValidName
@@ -119,7 +123,7 @@ export function CreateAuthProfileDialog({ open, onClose }: CreateAuthProfileDial
{contextGroup.trim().length > 0 && !isValidContextGroup && (
<p className="text-xs text-destructive">
Group must start with a letter and use only letters, numbers, dashes, or
underscores.
underscores (max {MAX_CONTEXT_GROUP_LENGTH} chars).
</p>
)}
</div>