christian/matrix-ai-agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f4bdae7a1e07eced16cd7509403257a993d837d3
matrix-ai-agent/tests/test_device_trust.py
Christian Gick 7b5c157b12
Some checks failed
Build & Deploy / test (push) Failing after 1m9s
Details
Build & Deploy / build-and-deploy (push) Has been skipped
Details
Tests / test (push) Failing after 8s
Details
fix(MAT-258): blacklist unverified E2EE devices + add CI tests 
Unverified devices (lacking cross-signing) caused OlmUnverifiedDeviceError
in _send_text(), silently breaking all message delivery. Now on_sync()
blacklists non-cross-signed devices instead of skipping them, and
_send_text() catches E2EE errors gracefully.

Adds 12 unit tests for device trust policy and send error handling.
CI test job now gates deployment in deploy.yml.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 08:32:48 +03:00

53 lines
1.9 KiB
Python
Raw Blame History

from unittest.mock import Mock
from device_trust import CrossSignedOnlyPolicy
class TestCrossSignedOnlyPolicy:
def setup_method(self):
self.policy = CrossSignedOnlyPolicy()
def _make_device(self, device_id, user_id, extra_sig_keys=None):
device = Mock()
device.device_id = device_id
sigs = {f"ed25519:{device_id}": "self_sig"}
if extra_sig_keys:
for k, v in extra_sig_keys.items():
sigs[k] = v
device.signatures = {user_id: sigs}
return device
def test_should_trust_cross_signed(self):
device = self._make_device(
"DEV1", "@alice:example.com",
extra_sig_keys={"ed25519:MASTER_KEY": "cross_sig"},
)
assert self.policy.should_trust("@alice:example.com", device) is True
def test_should_not_trust_self_signed_only(self):
device = self._make_device("DEV1", "@alice:example.com")
assert self.policy.should_trust("@alice:example.com", device) is False
def test_should_not_trust_no_signatures(self):
device = Mock()
device.device_id = "DEV1"
device.signatures = None
assert self.policy.should_trust("@alice:example.com", device) is False
def test_should_not_trust_empty_user_sigs(self):
device = Mock()
device.device_id = "DEV1"
device.signatures = {"@alice:example.com": {}}
assert self.policy.should_trust("@alice:example.com", device) is False
def test_should_not_trust_missing_user_in_sigs(self):
device = Mock()
device.device_id = "DEV1"
device.signatures = {"@bob:example.com": {"ed25519:OTHER": "sig"}}
assert self.policy.should_trust("@alice:example.com", device) is False
def test_should_not_trust_no_signatures_attr(self):
device = Mock(spec=[])
device.device_id = "DEV1"
assert self.policy.should_trust("@alice:example.com", device) is False
Reference in New Issue View Git Blame Copy Permalink