aaronrene / knowtation public

model-runtime-lane-integration.test.mjs file-level

at sha256:0 · View file ↗ · Intel ↗

History
1 files
1 commits
0 hotspots
0 🧊 dead
0 💥 blast risk
sha256:9 feat(calendar): hosted bridge/gateway route parity and timeline noteRec… · aaronrene · Jun 19, 2026
1 /**
2 * Tier 2 — INTEGRATION: model-runtime-lane pipeline
3 *
4 * Tests that selectLane and enforceConsentPolicy compose correctly into the
5 * full "pick lane → check policy" pipeline that a concrete adapter will execute.
6 * Tests realistic end-to-end scenarios (individual user, org, delegate, fallback chains)
7 * without any network I/O.
8 *
9 * Reference: docs/COMPANION-APP-PHASE-1-ADAPTER-SEAM.md §1, §3
10 */
11 import { describe, it } from 'node:test';
12 import assert from 'node:assert/strict';
13 import {
14 selectLane,
15 isManagedLane,
16 enforceConsentPolicy,
17 } from '../lib/model-runtime-lane.mjs';
18
19 /**
20 * Simulates the pipeline a concrete KnowtationModelRuntimeAdapter will run:
21 * 1. selectLane → determines the runtime lane
22 * 2. isManagedLane → determines billing responsibility
23 * 3. enforceConsentPolicy → determines whether to proceed
24 *
25 * @param {{ capabilities: object, preferences: object, containsPrivateData: boolean, consentId?: string }} params
26 * @returns {{ lane: string, metered: boolean, decision: string }}
27 */
28 function runPipeline({ capabilities, preferences, containsPrivateData, consentId }) {
29 const lane = selectLane(capabilities, preferences);
30 const metered = isManagedLane(lane);
31 const decision = enforceConsentPolicy({
32 lane,
33 containsPrivateData,
34 consentId,
35 isDelegate: preferences.isDelegate ?? false,
36 delegatedManagedAllowed: preferences.delegatedManagedAllowed ?? false,
37 });
38 return { lane, metered, decision };
39 }
40
41 describe('Integration — individual user with on-device compute', () => {
42 it('in-browser: allow, not metered', () => {
43 const result = runPipeline({
44 capabilities: { inBrowserAvailable: true, managedKeyAvailable: true },
45 preferences: {},
46 containsPrivateData: true,
47 });
48 assert.equal(result.lane, 'local');
49 assert.equal(result.metered, false);
50 assert.equal(result.decision, 'allow');
51 });
52
53 it('companion: allow, not metered, even with private data and no consent', () => {
54 const result = runPipeline({
55 capabilities: { companionAvailable: true, managedKeyAvailable: true },
56 preferences: {},
57 containsPrivateData: true,
58 });
59 assert.equal(result.lane, 'local');
60 assert.equal(result.metered, false);
61 assert.equal(result.decision, 'allow');
62 });
63 });
64
65 describe('Integration — individual user, no on-device compute, non-private data', () => {
66 it('falls to managed: allow, metered', () => {
67 const result = runPipeline({
68 capabilities: { managedKeyAvailable: true },
69 preferences: {},
70 containsPrivateData: false,
71 });
72 assert.equal(result.lane, 'direct_provider');
73 assert.equal(result.metered, true);
74 assert.equal(result.decision, 'allow');
75 });
76 });
77
78 describe('Integration — individual user, managed lane, private data without consent', () => {
79 it('consent required: metered but policy blocks', () => {
80 const result = runPipeline({
81 capabilities: { managedKeyAvailable: true },
82 preferences: {},
83 containsPrivateData: true,
84 consentId: undefined,
85 });
86 assert.equal(result.lane, 'direct_provider');
87 assert.equal(result.metered, true);
88 assert.equal(result.decision, 'cloud_consent_required');
89 });
90
91 it('allow after consent provided', () => {
92 const result = runPipeline({
93 capabilities: { managedKeyAvailable: true },
94 preferences: {},
95 containsPrivateData: true,
96 consentId: 'cid-abc',
97 });
98 assert.equal(result.lane, 'direct_provider');
99 assert.equal(result.metered, true);
100 assert.equal(result.decision, 'allow');
101 });
102 });
103
104 describe('Integration — org privacy mode', () => {
105 it('self-hosted: allow, not metered, private data no consent needed', () => {
106 const result = runPipeline({
107 capabilities: { selfHostedAvailable: true, managedKeyAvailable: true },
108 preferences: { orgPrivacyMode: true },
109 containsPrivateData: true,
110 });
111 assert.equal(result.lane, 'self_hosted');
112 assert.equal(result.metered, false);
113 assert.equal(result.decision, 'allow');
114 });
115
116 it('disabled when org privacy mode and nothing available', () => {
117 const result = runPipeline({
118 capabilities: { managedKeyAvailable: true },
119 preferences: { orgPrivacyMode: true },
120 containsPrivateData: false,
121 });
122 assert.equal(result.lane, 'disabled');
123 assert.equal(result.metered, false);
124 assert.equal(result.decision, 'allow');
125 });
126 });
127
128 describe('Integration — BYO key (openrouter)', () => {
129 it('openrouter: allow, not metered, even with private data', () => {
130 const result = runPipeline({
131 capabilities: { openrouterKeyAvailable: true, managedKeyAvailable: true },
132 preferences: {},
133 containsPrivateData: true,
134 });
135 assert.equal(result.lane, 'openrouter');
136 assert.equal(result.metered, false);
137 assert.equal(result.decision, 'allow');
138 });
139 });
140
141 describe('Integration — delegate scenarios (D1.4)', () => {
142 it('delegate without owner opt-in: lane_policy_denied even with consentId', () => {
143 const result = runPipeline({
144 capabilities: { managedKeyAvailable: true },
145 preferences: { isDelegate: true, delegatedManagedAllowed: false },
146 containsPrivateData: false,
147 consentId: 'cid-999',
148 });
149 assert.equal(result.lane, 'direct_provider');
150 assert.equal(result.metered, true);
151 assert.equal(result.decision, 'lane_policy_denied');
152 });
153
154 it('delegate with owner opt-in, non-private: allow', () => {
155 const result = runPipeline({
156 capabilities: { managedKeyAvailable: true },
157 preferences: { isDelegate: true, delegatedManagedAllowed: true },
158 containsPrivateData: false,
159 });
160 assert.equal(result.lane, 'direct_provider');
161 assert.equal(result.decision, 'allow');
162 });
163
164 it('delegate with owner opt-in, private data, no consent: cloud_consent_required', () => {
165 const result = runPipeline({
166 capabilities: { managedKeyAvailable: true },
167 preferences: { isDelegate: true, delegatedManagedAllowed: true },
168 containsPrivateData: true,
169 consentId: undefined,
170 });
171 assert.equal(result.lane, 'direct_provider');
172 assert.equal(result.decision, 'cloud_consent_required');
173 });
174
175 it('delegate routing to local: policy does not apply, always allow', () => {
176 const result = runPipeline({
177 capabilities: { companionAvailable: true },
178 preferences: { isDelegate: true, delegatedManagedAllowed: false },
179 containsPrivateData: true,
180 });
181 assert.equal(result.lane, 'local');
182 assert.equal(result.metered, false);
183 assert.equal(result.decision, 'allow');
184 });
185 });
186
187 describe('Integration — D2.2 fallback chain (keepOnDevice + no local compute)', () => {
188 it('managed lane selected but consent required for private data', () => {
189 // Scenario: user toggled "keep on device" but has no WebGPU/companion.
190 // D2.2: fall through to managed-with-explicit-consent.
191 const result = runPipeline({
192 capabilities: { managedKeyAvailable: true },
193 preferences: { keepOnDevice: true },
194 containsPrivateData: true,
195 });
196 assert.equal(result.lane, 'direct_provider');
197 assert.equal(result.decision, 'cloud_consent_required');
198 });
199
200 it('managed lane + keepOnDevice + non-private: no consent barrier', () => {
201 const result = runPipeline({
202 capabilities: { managedKeyAvailable: true },
203 preferences: { keepOnDevice: true },
204 containsPrivateData: false,
205 });
206 assert.equal(result.lane, 'direct_provider');
207 assert.equal(result.decision, 'allow');
208 });
209 });