453 lines
17 KiB
JavaScript
453 lines
17 KiB
JavaScript
import test from "node:test";
|
|
import assert from "node:assert/strict";
|
|
import { readFileSync } from "node:fs";
|
|
|
|
import {
|
|
buildBossAgentStatus,
|
|
mergeBossAgentAppTccPermissions,
|
|
mergeBossComputerUseHelperScreenRecordingPermission,
|
|
mergeBossAgentStoredNativePermissions,
|
|
mergeBossAgentNativePermissionOverrides,
|
|
renderBossAgentHtml,
|
|
renderBossAgentHtmlWithQr,
|
|
} from "../local-agent/boss-agent-status.mjs";
|
|
|
|
test("boss-agent status exposes unbound QR binding and local permission states", () => {
|
|
const status = buildBossAgentStatus(
|
|
{
|
|
deviceId: "macbook-air",
|
|
name: "MacBook Air",
|
|
avatar: "A",
|
|
account: "",
|
|
controlPlaneUrl: "https://boss.hyzq.net",
|
|
pairingCode: "482913",
|
|
token: "",
|
|
primaryApiLabel: "DeepSeek V4",
|
|
backupApiLabel: "未启用",
|
|
codexAppServerEnabled: true,
|
|
codexComputerUseEnabled: true,
|
|
codexRemoteControlEnabled: true,
|
|
bossAgentVersion: "20260501000000",
|
|
bossAgentOtaEnabled: true,
|
|
licenseExpiresAt: "2027-05-12T00:00:00.000Z",
|
|
},
|
|
{
|
|
lastHeartbeatOk: true,
|
|
lastHeartbeatStatus: 200,
|
|
lastHeartbeatAt: "2026-05-12T05:00:00.000Z",
|
|
lastSkills: [
|
|
{ name: "bb-browser", category: "MacBook Air", path: "/Users/jas/.codex/skills/bb-browser/SKILL.md" },
|
|
{ name: "skill-installer", category: ".system", path: "/Users/jas/.codex/skills/.system/skill-installer/SKILL.md" },
|
|
],
|
|
lastSkillSyncOk: true,
|
|
lastSkillSyncAt: "2026-05-12T05:30:00.000Z",
|
|
lastBossAgentOtaStatus: {
|
|
hasUpdate: true,
|
|
latest: {
|
|
version: "20260516194026",
|
|
fileName: "boss-agent-mac-latest.zip",
|
|
},
|
|
},
|
|
},
|
|
{
|
|
permissions: {
|
|
accessibility: "granted",
|
|
screenRecording: "missing",
|
|
automation: "unknown",
|
|
},
|
|
now: "2026-05-12T06:00:00.000Z",
|
|
},
|
|
);
|
|
|
|
assert.equal(status.appName, "boss-agent");
|
|
assert.equal(status.binding.bound, false);
|
|
assert.equal(status.binding.qrPayload.includes("pairingCode=482913"), true);
|
|
assert.equal(status.server.ok, true);
|
|
assert.equal(status.api.primary, "DeepSeek V4");
|
|
assert.equal(status.api.backup, "未启用");
|
|
assert.equal(status.license.status, "pending_binding");
|
|
assert.equal(status.skills.total, 2);
|
|
assert.equal(status.codex.bindingStatus, "connected");
|
|
assert.equal(status.codex.defaultDesktopProvider, "codex-computer-use");
|
|
assert.equal(status.codex.remoteControl.enabled, true);
|
|
assert.equal(status.codex.remoteControl.mode, "managed_daemon");
|
|
assert.equal(status.codex.remoteControl.startCommandLabel, "codex remote-control start --json");
|
|
assert.match(status.codex.remoteControl.summary, /App Server daemon/);
|
|
assert.equal(status.agentOta.enabled, true);
|
|
assert.equal(status.agentOta.currentVersion, "20260501000000");
|
|
assert.equal(status.agentOta.hasUpdate, true);
|
|
assert.equal(status.agentOta.latestVersion, "20260516194026");
|
|
assert.equal(status.skills.syncOk, true);
|
|
assert.equal(status.permissionReadiness.coreReady, false);
|
|
assert.equal(status.permissionReadiness.fullControlReady, false);
|
|
assert.match(status.permissionReadiness.summary, /基础桌面控制/);
|
|
assert.equal(status.permissionSetup.mode, "minimal_computer_use");
|
|
assert.equal(status.permissionSetup.silentUseReady, false);
|
|
assert.deepEqual(
|
|
status.permissionSetup.actions.map((action) => action.key),
|
|
["accessibility", "screenRecording"],
|
|
);
|
|
assert.equal(
|
|
status.permissionSetup.actions.every((action) => action.settingsUrl.startsWith("x-apple.systempreferences:")),
|
|
true,
|
|
);
|
|
assert.equal(
|
|
status.permissionSetup.actions.find((action) => action.key === "screenRecording")?.settingsUrl,
|
|
"x-apple.systempreferences:com.apple.settings.PrivacySecurity.extension?Privacy_ScreenCapture",
|
|
);
|
|
assert.deepEqual(
|
|
status.permissions.items.map((item) => [item.key, item.status]),
|
|
[
|
|
["accessibility", "granted"],
|
|
["screenRecording", "missing"],
|
|
],
|
|
);
|
|
assert.deepEqual(status.permissions.extendedItems, []);
|
|
});
|
|
|
|
test("boss-agent status treats token-backed devices as bound and renders enterprise UI", () => {
|
|
const status = buildBossAgentStatus(
|
|
{
|
|
deviceId: "mac-studio",
|
|
name: "Mac Studio",
|
|
avatar: "M",
|
|
account: "krisolo",
|
|
controlPlaneUrl: "https://boss.hyzq.net",
|
|
token: "boss-secret-token",
|
|
primaryApiLabel: "DeepSeek V4",
|
|
backupApiLabel: "OpenAI 备用",
|
|
codexAppServerEnabled: true,
|
|
codexComputerUseEnabled: true,
|
|
codexRemoteControlEnabled: true,
|
|
license: {
|
|
enterpriseName: "默认公司",
|
|
status: "valid",
|
|
expiresAt: "2027-05-12T00:00:00.000Z",
|
|
},
|
|
},
|
|
{
|
|
lastHeartbeatOk: true,
|
|
lastHeartbeatStatus: 200,
|
|
lastHeartbeatAt: "2026-05-12T05:00:00.000Z",
|
|
lastSkills: [
|
|
{ name: "bb-browser", category: "MacBook Air", path: "/Users/jas/.codex/skills/bb-browser/SKILL.md" },
|
|
{ name: "skill-installer", category: ".system", path: "/Users/jas/.codex/skills/.system/skill-installer/SKILL.md" },
|
|
],
|
|
lastSkillSyncOk: true,
|
|
},
|
|
{
|
|
permissions: {
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
automation: "granted",
|
|
fullDiskAccess: "missing",
|
|
inputMonitoring: "unknown",
|
|
},
|
|
now: "2026-05-12T06:00:00.000Z",
|
|
},
|
|
);
|
|
|
|
assert.equal(status.binding.bound, true);
|
|
assert.equal(status.binding.account, "krisolo");
|
|
assert.equal(status.license.status, "valid");
|
|
assert.equal(status.license.enterpriseName, "默认公司");
|
|
|
|
const html = renderBossAgentHtml(status);
|
|
assert.match(html, /boss-agent/);
|
|
assert.match(html, /企业电脑接入端/);
|
|
assert.match(html, /本机权限获取/);
|
|
assert.match(html, /href="\/boss-agent\?tab=permissions"><span>本机权限获取<\/span>/);
|
|
assert.match(html, /href="\/boss-agent\?tab=skills"><span>Skill<\/span>/);
|
|
assert.match(html, /class="active" href="\/boss-agent\?tab=overview"/);
|
|
assert.doesNotMatch(html, /<section class="sidebar-card">/);
|
|
assert.doesNotMatch(html, /<div class="sidebar-title">本机权限获取<\/div>/);
|
|
assert.match(html, /Skill/);
|
|
assert.match(html, /DeepSeek V4/);
|
|
assert.match(html, /Codex 默认接管/);
|
|
assert.match(html, /Codex Computer Use/);
|
|
assert.match(html, /Codex Remote Control/);
|
|
assert.match(html, /remote-control start --json/);
|
|
assert.match(html, /action="\/api\/v1\/boss-agent\/codex-remote-control\/start"/);
|
|
assert.match(html, /action="\/api\/v1\/boss-agent\/codex-remote-control\/stop"/);
|
|
assert.match(html, /boss-agent OTA/);
|
|
assert.match(html, /发现新版本/);
|
|
assert.match(html, /默认公司/);
|
|
assert.doesNotMatch(html, /boss-secret-token/);
|
|
assert.doesNotMatch(html, /<h2>本机电脑权限状态<\/h2>/);
|
|
});
|
|
|
|
test("boss-agent permission and skill menu entries render as separate tab pages", () => {
|
|
const status = buildBossAgentStatus(
|
|
{
|
|
deviceId: "mac-studio",
|
|
name: "Mac Studio",
|
|
avatar: "M",
|
|
account: "krisolo",
|
|
controlPlaneUrl: "https://boss.hyzq.net",
|
|
token: "boss-secret-token",
|
|
primaryApiLabel: "DeepSeek V4",
|
|
license: {
|
|
enterpriseName: "默认公司",
|
|
status: "valid",
|
|
},
|
|
},
|
|
{
|
|
lastHeartbeatOk: true,
|
|
lastSkills: [
|
|
{ name: "bb-browser", category: "MacBook Air", path: "/Users/jas/.codex/skills/bb-browser/SKILL.md" },
|
|
],
|
|
lastSkillSyncOk: true,
|
|
},
|
|
{
|
|
permissions: {
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
automation: "granted",
|
|
fullDiskAccess: "missing",
|
|
},
|
|
},
|
|
);
|
|
|
|
const permissionsHtml = renderBossAgentHtml(status, { activeTab: "permissions" });
|
|
assert.match(permissionsHtml, /class="active" href="\/boss-agent\?tab=permissions"/);
|
|
assert.match(permissionsHtml, /<h2>基础桌面控制授权<\/h2>/);
|
|
assert.match(permissionsHtml, /基础桌面控制已可用/);
|
|
assert.match(permissionsHtml, /后续静默使用/);
|
|
assert.match(permissionsHtml, /api\/v1\/boss-agent\/permissions\/open\?target=core&returnTab=permissions/);
|
|
assert.doesNotMatch(permissionsHtml, /fullDiskAccess|inputMonitoring|automation|microphone|camera|localNetwork|notifications/);
|
|
assert.doesNotMatch(permissionsHtml, /<h2>Skill 部署情况<\/h2>/);
|
|
|
|
const skillsHtml = renderBossAgentHtml(status, { activeTab: "skills" });
|
|
assert.match(skillsHtml, /class="active" href="\/boss-agent\?tab=skills"/);
|
|
assert.match(skillsHtml, /<h2>Skill 部署情况<\/h2>/);
|
|
assert.match(skillsHtml, /bb-browser/);
|
|
assert.doesNotMatch(skillsHtml, /<h2>基础桌面控制授权<\/h2>/);
|
|
});
|
|
|
|
test("boss-agent only exposes accessibility and screen recording permission requests", () => {
|
|
const status = buildBossAgentStatus(
|
|
{
|
|
deviceId: "macbook-air",
|
|
name: "MacBook Air",
|
|
account: "krisolo",
|
|
token: "boss-secret-token",
|
|
},
|
|
{
|
|
lastHeartbeatOk: true,
|
|
},
|
|
{
|
|
permissions: {
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
automation: "missing",
|
|
fullDiskAccess: "missing",
|
|
inputMonitoring: "missing",
|
|
microphone: "missing",
|
|
camera: "missing",
|
|
localNetwork: "missing",
|
|
},
|
|
},
|
|
);
|
|
|
|
assert.equal(status.permissionReadiness.coreReady, true);
|
|
assert.equal(status.permissionSetup.silentUseReady, true);
|
|
assert.equal(status.permissionSetup.primaryAction.href, "/api/v1/boss-agent/permissions/open?target=core&returnTab=permissions");
|
|
assert.match(status.permissionReadiness.summary, /基础桌面控制已可用/);
|
|
assert.deepEqual(status.permissionSetup.missingRequiredKeys, []);
|
|
assert.deepEqual(
|
|
status.permissions.items.map((item) => item.key),
|
|
["accessibility", "screenRecording"],
|
|
);
|
|
assert.deepEqual(status.permissions.extendedItems, []);
|
|
assert.deepEqual(
|
|
status.permissionSetup.actions.map((action) => action.key),
|
|
["accessibility", "screenRecording"],
|
|
);
|
|
assert.deepEqual(status.permissionSetup.optionalMissingKeys, []);
|
|
});
|
|
|
|
test("boss-agent native permission overrides only update core desktop-control permissions", () => {
|
|
const merged = mergeBossAgentNativePermissionOverrides(
|
|
{
|
|
accessibility: "missing",
|
|
screenRecording: "missing",
|
|
automation: "granted",
|
|
camera: "unknown",
|
|
microphone: "unknown",
|
|
},
|
|
new URLSearchParams({
|
|
nativeAccessibility: "granted",
|
|
nativeCamera: "granted",
|
|
nativeMicrophone: "missing",
|
|
nativeScreenRecording: "granted",
|
|
nativeInputMonitoring: "granted",
|
|
}),
|
|
);
|
|
|
|
assert.deepEqual(merged, {
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
});
|
|
});
|
|
|
|
test("boss-agent native missing values do not downgrade confirmed app grants", () => {
|
|
const merged = mergeBossAgentNativePermissionOverrides(
|
|
{
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
},
|
|
new URLSearchParams({
|
|
nativeAccessibility: "missing",
|
|
nativeScreenRecording: "missing",
|
|
}),
|
|
);
|
|
|
|
assert.deepEqual(merged, {
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
});
|
|
});
|
|
|
|
test("boss-agent permission detection trusts app bundle TCC grants over node process checks", () => {
|
|
const merged = mergeBossAgentAppTccPermissions(
|
|
{
|
|
accessibility: "missing",
|
|
screenRecording: "missing",
|
|
},
|
|
"kTCCServiceAccessibility|2\nkTCCServiceScreenCapture|2",
|
|
);
|
|
|
|
assert.deepEqual(merged, {
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
});
|
|
});
|
|
|
|
test("boss-agent permission detection accepts computer-use helper screen capture grants", () => {
|
|
const merged = mergeBossAgentAppTccPermissions(
|
|
{
|
|
accessibility: "granted",
|
|
screenRecording: "missing",
|
|
},
|
|
"kTCCServiceScreenCapture|site.hyzq.boss.computer-use-helper|2",
|
|
);
|
|
|
|
assert.deepEqual(merged, {
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
});
|
|
});
|
|
|
|
test("boss-agent permission detection promotes successful computer-use helper capture", () => {
|
|
const merged = mergeBossComputerUseHelperScreenRecordingPermission(
|
|
{
|
|
accessibility: "granted",
|
|
screenRecording: "missing",
|
|
},
|
|
"granted",
|
|
);
|
|
|
|
assert.deepEqual(merged, {
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
});
|
|
});
|
|
|
|
test("boss-agent permission detection trusts stored native app permission grants", () => {
|
|
const merged = mergeBossAgentStoredNativePermissions(
|
|
{
|
|
accessibility: "missing",
|
|
screenRecording: "missing",
|
|
},
|
|
{
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
},
|
|
);
|
|
|
|
assert.deepEqual(merged, {
|
|
accessibility: "granted",
|
|
screenRecording: "granted",
|
|
});
|
|
});
|
|
|
|
test("boss-agent unbound HTML renders a real scannable QR image when qrcode is available", async () => {
|
|
const status = buildBossAgentStatus(
|
|
{
|
|
deviceId: "macbook-air",
|
|
name: "MacBook Air",
|
|
controlPlaneUrl: "https://boss.hyzq.net",
|
|
pairingCode: "482913",
|
|
},
|
|
{
|
|
lastHeartbeatOk: true,
|
|
lastHeartbeatStatus: 200,
|
|
},
|
|
{
|
|
permissions: {},
|
|
},
|
|
);
|
|
|
|
const html = await renderBossAgentHtmlWithQr(status);
|
|
assert.match(html, /data:image\/png;base64/);
|
|
assert.match(html, /Boss APP 绑定二维码/);
|
|
});
|
|
|
|
test("boss-agent mac app intercepts permission links and triggers native app permission requests", () => {
|
|
const swiftSource = readFileSync("apps/boss-agent-mac/Sources/BossAgentApp.swift", "utf8");
|
|
const buildScript = readFileSync("scripts/build-boss-agent-mac-app.sh", "utf8");
|
|
|
|
assert.match(swiftSource, /decidePolicyFor navigationAction/);
|
|
assert.match(swiftSource, /api\/v1\/boss-agent\/permissions\/open/);
|
|
assert.match(swiftSource, /NSApp\.activate\(ignoringOtherApps: true\)/);
|
|
assert.match(swiftSource, /NSAppleEventManager\.shared\(\)\.setEventHandler/);
|
|
assert.match(swiftSource, /kAEGetURL/);
|
|
assert.match(swiftSource, /handleGetUrlEvent/);
|
|
assert.match(swiftSource, /--request-permission/);
|
|
assert.match(swiftSource, /--return-tab/);
|
|
assert.match(swiftSource, /target == "core"/);
|
|
assert.match(swiftSource, /lastPermissionRequestTarget/);
|
|
assert.match(swiftSource, /AXIsProcessTrustedWithOptions/);
|
|
assert.match(swiftSource, /CGRequestScreenCaptureAccess/);
|
|
assert.match(swiftSource, /tccPermissionStatus/);
|
|
assert.match(swiftSource, /kTCCServiceScreenCapture/);
|
|
assert.match(swiftSource, /site\.hyzq\.boss\.computer-use-helper/);
|
|
assert.doesNotMatch(swiftSource, /AVCaptureDevice\.requestAccess|UNUserNotificationCenter|import IOKit\.hid|CGRequestListenEventAccess|IOHIDRequestAccess|CGEvent\.tapCreate|NWBrowser/);
|
|
assert.match(swiftSource, /NSWorkspace\.shared\.open/);
|
|
assert.match(swiftSource, /deadline: \.now\(\) \+ 0\.45/);
|
|
assert.match(swiftSource, /loadAgentPanel\(tab:/);
|
|
assert.match(swiftSource, /returnTab/);
|
|
assert.match(swiftSource, /nativePermissionQueryItems/);
|
|
assert.doesNotMatch(swiftSource, /nativeCamera|nativeMicrophone|nativeInputMonitoring|privacy-localnetwork|Privacy_ListenEvent/);
|
|
assert.doesNotMatch(swiftSource, /com\.apple\.preference\.security\?Privacy_ListenEvent/);
|
|
assert.match(swiftSource, /func application\(_ application: NSApplication, open urls: \[URL\]\)/);
|
|
assert.match(swiftSource, /isBossAgentDeepLink/);
|
|
assert.match(swiftSource, /NSApplication\.didBecomeActiveNotification/);
|
|
assert.doesNotMatch(buildScript, /NSMicrophoneUsageDescription|NSCameraUsageDescription|NSAppleEventsUsageDescription|NSLocalNetworkUsageDescription|NSInputMonitoringUsageDescription|framework IOKit|framework Network|framework UserNotifications|framework AVFoundation/);
|
|
assert.match(buildScript, /CFBundleURLTypes/);
|
|
assert.match(buildScript, /boss-agent/);
|
|
assert.match(buildScript, /CFBundleIconFile/);
|
|
assert.match(buildScript, /BossAgent\.icns/);
|
|
assert.match(buildScript, /iconutil -c icns/);
|
|
assert.match(buildScript, /BOSS_AGENT_CODESIGN_IDENTITY/);
|
|
assert.match(buildScript, /BOSS_AGENT_NOTARIZE/);
|
|
assert.match(buildScript, /BOSS_AGENT_NOTARY_PROFILE/);
|
|
assert.match(buildScript, /security find-identity -v -p codesigning/);
|
|
assert.match(buildScript, /falling back to ad-hoc signing/);
|
|
assert.match(buildScript, /codesign --force --deep --timestamp=none --sign "\$SIGNING_IDENTITY" "\$APP_DIR"/);
|
|
assert.match(buildScript, /xcrun notarytool submit/);
|
|
assert.match(buildScript, /xcrun stapler staple "\$APP_DIR"/);
|
|
|
|
const statusSource = readFileSync("local-agent/boss-agent-status.mjs", "utf8");
|
|
assert.match(statusSource, /boss-agent:\/\/permissions\/open/);
|
|
assert.match(statusSource, /com\.hyzq\.boss\.agent/);
|
|
assert.match(statusSource, /site\.hyzq\.boss\.computer-use-helper/);
|
|
assert.match(statusSource, /BossComputerUseHelper\.app/);
|
|
assert.match(statusSource, /screenshot/);
|
|
assert.match(statusSource, /--path/);
|
|
assert.match(statusSource, /"-na"/);
|
|
assert.match(statusSource, /--request-permission/);
|
|
assert.match(statusSource, /\/Applications\/boss-agent\.app/);
|
|
assert.match(statusSource, /nativeRequest/);
|
|
});
|