fix: Docker path translation for review_changes and code deduplication

- Fixed review_changes tool to properly translate host paths to container paths in Docker - Prevents "No such file or directory" errors when running in Docker containers - Added proper error handling with clear messages when paths are inaccessible refactor: Centralized token limit validation across all tools - Added _validate_token_limit method to BaseTool to eliminate code duplication - Reduced ~25 lines of duplicated code across 5 tools (analyze, chat, debug_issue, review_code, think_deeper) - Maintains exact same error messages and behavior feat: Enhanced large prompt handling - Added support for prompts >50K chars by requesting file-based input - Preserves MCP's ~25K token capacity for responses - All tools now check prompt size before processing test: Added comprehensive Docker path integration tests - Tests for path translation, security validation, and error handling - Tests for review_changes tool specifically with Docker paths - Fixed failing think_deeper test (updated default from "max" to "high") chore: Code quality improvements - Applied black formatting across all files - Fixed import sorting with isort - All tests passing (96 tests) - Standardized error handling follows MCP TextContent format The changes ensure consistent behavior across all environments while reducing code duplication and improving maintainability. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-10 07:20:24 +04:00
parent ab007fb4b2
commit 7ea790ef88
36 changed files with 1540 additions and 176 deletions
--- a/tests/test_docker_path_integration.py
+++ b/tests/test_docker_path_integration.py
@@ -0,0 +1,251 @@
+"""
+Integration tests for Docker path translation
+
+These tests verify the actual behavior when running in a Docker-like environment
+by creating temporary directories and testing the path translation logic.
+"""
+
+import importlib
+import os
+import tempfile
+from pathlib import Path
+
+import pytest
+
+# We'll reload the module to test different environment configurations
+import utils.file_utils
+
+
+def test_docker_path_translation_integration():
+    """Test path translation in a simulated Docker environment"""
+
+    with tempfile.TemporaryDirectory() as tmpdir:
+        # Set up directories
+        host_workspace = Path(tmpdir) / "host_workspace"
+        host_workspace.mkdir()
+        container_workspace = Path(tmpdir) / "container_workspace"
+        container_workspace.mkdir()
+
+        # Create a test file structure
+        (host_workspace / "src").mkdir()
+        test_file = host_workspace / "src" / "test.py"
+        test_file.write_text("# test file")
+
+        # Set environment variables and reload the module
+        original_env = os.environ.copy()
+        try:
+            os.environ["WORKSPACE_ROOT"] = str(host_workspace)
+            os.environ["MCP_PROJECT_ROOT"] = str(container_workspace)
+
+            # Reload the module to pick up new environment variables
+            importlib.reload(utils.file_utils)
+
+            # Mock the CONTAINER_WORKSPACE to point to our test directory
+            utils.file_utils.CONTAINER_WORKSPACE = container_workspace
+
+            # Test the translation
+            from utils.file_utils import _get_secure_container_path
+
+            # This should translate the host path to container path
+            host_path = str(test_file)
+            result = _get_secure_container_path(host_path)
+
+            # Verify the translation worked
+            expected = str(container_workspace / "src" / "test.py")
+            assert result == expected
+
+        finally:
+            # Restore original environment
+            os.environ.clear()
+            os.environ.update(original_env)
+            importlib.reload(utils.file_utils)
+
+
+def test_docker_security_validation():
+    """Test that path traversal attempts are properly blocked"""
+
+    with tempfile.TemporaryDirectory() as tmpdir:
+        # Set up directories
+        host_workspace = Path(tmpdir) / "workspace"
+        host_workspace.mkdir()
+        secret_dir = Path(tmpdir) / "secret"
+        secret_dir.mkdir()
+        secret_file = secret_dir / "password.txt"
+        secret_file.write_text("secret")
+
+        # Create a symlink inside workspace pointing to secret
+        symlink = host_workspace / "link_to_secret"
+        symlink.symlink_to(secret_file)
+
+        original_env = os.environ.copy()
+        try:
+            os.environ["WORKSPACE_ROOT"] = str(host_workspace)
+            os.environ["MCP_PROJECT_ROOT"] = str(host_workspace)
+
+            # Reload the module
+            importlib.reload(utils.file_utils)
+            utils.file_utils.CONTAINER_WORKSPACE = Path("/workspace")
+
+            from utils.file_utils import resolve_and_validate_path
+
+            # Trying to access the symlink should fail
+            with pytest.raises(PermissionError):
+                resolve_and_validate_path(str(symlink))
+
+        finally:
+            os.environ.clear()
+            os.environ.update(original_env)
+            importlib.reload(utils.file_utils)
+
+
+def test_no_docker_environment():
+    """Test that paths are unchanged when Docker environment is not set"""
+
+    original_env = os.environ.copy()
+    try:
+        # Clear Docker-related environment variables
+        os.environ.pop("WORKSPACE_ROOT", None)
+        os.environ.pop("MCP_PROJECT_ROOT", None)
+
+        # Reload the module
+        importlib.reload(utils.file_utils)
+
+        from utils.file_utils import _get_secure_container_path
+
+        # Path should remain unchanged
+        test_path = "/some/random/path.py"
+        assert _get_secure_container_path(test_path) == test_path
+
+    finally:
+        os.environ.clear()
+        os.environ.update(original_env)
+        importlib.reload(utils.file_utils)
+
+
+def test_review_changes_docker_path_translation():
+    """Test that review_changes tool properly translates Docker paths"""
+
+    with tempfile.TemporaryDirectory() as tmpdir:
+        # Set up directories to simulate Docker mount
+        host_workspace = Path(tmpdir) / "host_workspace"
+        host_workspace.mkdir()
+        container_workspace = Path(tmpdir) / "container_workspace"
+        container_workspace.mkdir()
+
+        # Create a git repository in the container workspace
+        project_dir = container_workspace / "project"
+        project_dir.mkdir()
+
+        # Initialize git repo
+        import subprocess
+
+        subprocess.run(["git", "init"], cwd=project_dir, capture_output=True)
+
+        # Create a test file
+        test_file = project_dir / "test.py"
+        test_file.write_text("print('hello')")
+
+        # Stage the file
+        subprocess.run(["git", "add", "test.py"], cwd=project_dir, capture_output=True)
+
+        original_env = os.environ.copy()
+        try:
+            # Simulate Docker environment
+            os.environ["WORKSPACE_ROOT"] = str(host_workspace)
+            os.environ["MCP_PROJECT_ROOT"] = str(container_workspace)
+
+            # Reload the module
+            importlib.reload(utils.file_utils)
+            utils.file_utils.CONTAINER_WORKSPACE = container_workspace
+
+            # Import after reloading to get updated environment
+            from tools.review_changes import ReviewChanges
+
+            # Create tool instance
+            tool = ReviewChanges()
+
+            # Test path translation in prepare_prompt
+            request = tool.get_request_model()(
+                path=str(
+                    host_workspace / "project"
+                ),  # Host path that needs translation
+                review_type="quick",
+                severity_filter="all",
+            )
+
+            # This should translate the path and find the git repository
+            import asyncio
+
+            result = asyncio.run(tool.prepare_prompt(request))
+
+            # Should find the repository (not raise an error about inaccessible path)
+            # If we get here without exception, the path was successfully translated
+            assert isinstance(result, str)
+            # The result should contain git diff information or indicate no changes
+            assert (
+                "No git repositories found" not in result or "changes" in result.lower()
+            )
+
+        finally:
+            os.environ.clear()
+            os.environ.update(original_env)
+            importlib.reload(utils.file_utils)
+
+
+def test_review_changes_docker_path_error():
+    """Test that review_changes tool raises error for inaccessible paths"""
+
+    with tempfile.TemporaryDirectory() as tmpdir:
+        # Set up directories to simulate Docker mount
+        host_workspace = Path(tmpdir) / "host_workspace"
+        host_workspace.mkdir()
+        container_workspace = Path(tmpdir) / "container_workspace"
+        container_workspace.mkdir()
+
+        # Create a path outside the mounted workspace
+        outside_path = Path(tmpdir) / "outside_workspace"
+        outside_path.mkdir()
+
+        original_env = os.environ.copy()
+        try:
+            # Simulate Docker environment
+            os.environ["WORKSPACE_ROOT"] = str(host_workspace)
+            os.environ["MCP_PROJECT_ROOT"] = str(container_workspace)
+
+            # Reload the module
+            importlib.reload(utils.file_utils)
+            utils.file_utils.CONTAINER_WORKSPACE = container_workspace
+
+            # Import after reloading to get updated environment
+            from tools.review_changes import ReviewChanges
+
+            # Create tool instance
+            tool = ReviewChanges()
+
+            # Test path translation with an inaccessible path
+            request = tool.get_request_model()(
+                path=str(outside_path),  # Path outside the mounted workspace
+                review_type="quick",
+                severity_filter="all",
+            )
+
+            # This should raise a ValueError
+            import asyncio
+
+            with pytest.raises(ValueError) as exc_info:
+                asyncio.run(tool.prepare_prompt(request))
+
+            # Check the error message
+            assert "not accessible from within the Docker container" in str(
+                exc_info.value
+            )
+            assert "mounted workspace" in str(exc_info.value)
+
+        finally:
+            os.environ.clear()
+            os.environ.update(original_env)
+            importlib.reload(utils.file_utils)
+
+
+if __name__ == "__main__":
+    pytest.main([__file__, "-v"])