"""TDD — Phase 2: mpack content validation. Validation invariants (issue #49) live in wire_push_unpack_mpack (the synchronous push path), not in the background indexing job. The background job (process_mpack_index_job) trusts the mpack_key integrity proof and does no per-object or decompression validation. Phase 2 invariants tested here: 2a. Decompression size guard (zip bomb) — wire_push_unpack_mpack returns 422 when cumulative decompressed bytes exceeds settings.mpack_max_decompressed_bytes. 2b. Hash integrity gate — unpack-mpack returns 422 when the stored bytes do not hash to the claimed mpack_key. 2c. Quarantine state — on zip bomb: backend.quarantine_mpack removes the mpack from normal storage. 2d. No commits written on validation failure — zip bomb fires before any DB writes. 2e. quarantine_job — standalone utility that marks a background job as quarantined. 2f. Valid mpack — process_mpack_index_job completes normally for a well-formed mpack. """ from __future__ import annotations import copy import datetime import hashlib import pathlib import msgpack import pytest import pytest_asyncio from httpx import AsyncClient, ASGITransport from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession from unittest.mock import patch from musehub.auth.request_signing import MSignContext, require_signed_request, optional_signed_request from musehub.db.musehub_jobs_models import MusehubBackgroundJob from musehub.db.musehub_repo_models import MusehubCommit, MusehubRepo from musehub.db.database import get_db from musehub.main import app from muse.core.object_store import write_object from muse.core.mpack import build_mpack, build_wire_mpack from muse.core.paths import muse_dir from muse.core.snapshot import compute_commit_id, compute_snapshot_id from muse.core.commits import CommitRecord, write_commit from muse.core.refs import write_branch_ref from muse.core.snapshots import SnapshotRecord, write_snapshot from muse.core.types import blob_id from musehub.types.json_types import JSONObject _AUTH_CTX = MSignContext( handle="gabriel", identity_id="sha256:" + "0" * 64, is_agent=False, is_admin=True, ) _N_FILES = 8 _N_COMMITS = 4 _FILES_CHANGED = 2 _BLOB_SIZE = 128 # ── fixtures ──────────────────────────────────────────────────────────────── @pytest_asyncio.fixture() async def client(db_session: AsyncSession) -> None: async def _override_get_db() -> None: yield db_session app.dependency_overrides[get_db] = _override_get_db app.dependency_overrides[require_signed_request] = lambda: _AUTH_CTX app.dependency_overrides[optional_signed_request] = lambda: _AUTH_CTX async with AsyncClient( transport=ASGITransport(app=app), base_url="https://localhost:1337", ) as c: yield c app.dependency_overrides.clear() @pytest_asyncio.fixture() async def repo(client: AsyncClient) -> None: resp = await client.post( "/api/repos", json={"owner": "gabriel", "name": "phase2-validation-test", "visibility": "public", "initialize": False}, ) assert resp.status_code in (200, 201), resp.text data = resp.json() yield data["slug"] await client.delete(f"/api/repos/{data['repoId']}") def _make_repo(tmp: pathlib.Path) -> tuple[pathlib.Path, str, dict]: tmp.mkdir(parents=True, exist_ok=True) dot = muse_dir(tmp) dot.mkdir() (dot / "repo.json").write_text('{"repo_id":"phase2-test","owner":"gabriel"}') for d in ("commits", "snapshots", "objects"): (dot / d).mkdir() (dot / "refs" / "heads").mkdir(parents=True) (dot / "HEAD").write_text("ref: refs/heads/main\n") (dot / "config.toml").write_text("") blob_ids: list[str] = [] for i in range(_N_FILES): data = f"base-{i:04d}".encode() + b"x" * _BLOB_SIZE oid = blob_id(data) write_object(tmp, oid, data) blob_ids.append(oid) base_manifest = {f"src/file_{i:04d}.py": blob_ids[i] for i in range(_N_FILES)} parent = None tip = "" ts = datetime.datetime(2026, 1, 1, tzinfo=datetime.timezone.utc) for i in range(_N_COMMITS): manifest = dict(base_manifest) for j in range(_FILES_CHANGED): idx = (i * _FILES_CHANGED + j) % _N_FILES raw = f"c{i:04d}-f{j}".encode() + b"y" * _BLOB_SIZE oid = blob_id(raw) write_object(tmp, oid, raw) manifest[f"src/file_{idx:04d}.py"] = oid sid = compute_snapshot_id(manifest) write_snapshot(tmp, SnapshotRecord(snapshot_id=sid, manifest=manifest)) msg = f"commit-{i:05d}" cid = compute_commit_id( parent_ids=[parent] if parent else [], snapshot_id=sid, message=msg, committed_at_iso=ts.isoformat(), author="gabriel", ) write_commit(tmp, CommitRecord( commit_id=cid, branch="main", snapshot_id=sid, message=msg, committed_at=ts, parent_commit_id=parent, parent2_commit_id=None, author="gabriel", metadata={}, structured_delta=None, sem_ver_bump="none", breaking_changes=[], agent_id="", model_id="", toolchain_id="", prompt_hash="", signature="", signer_key_id="", )) parent = cid tip = cid ts += datetime.timedelta(seconds=60) write_branch_ref(tmp, "main", tip) mpack = build_mpack(tmp, [tip], have=[]) return tmp, tip, mpack async def _store_mpack_for_index_job( repo_slug: str, mpack: dict, head: str, db_session: AsyncSession, ) -> str: """Store raw msgpack in MemoryBackend and create a mpack.index job row. Returns job_id.""" import musehub.storage.backends as _backends_mod from datetime import datetime, timezone from musehub.core.genesis import compute_job_id as _compute_job_id repo_row = (await db_session.execute( select(MusehubRepo).where(MusehubRepo.slug == repo_slug) )).scalar_one() repo_id = repo_row.repo_id wire_bytes = msgpack.packb(mpack, use_bin_type=True) mpack_key = "sha256:" + hashlib.sha256(wire_bytes).hexdigest() n_objects = len(mpack.get("blobs") or []) backend = _backends_mod.get_backend() await backend.put_mpack(mpack_key, wire_bytes) now = datetime.now(tz=timezone.utc) job_id = _compute_job_id(repo_id, "mpack.index", now.isoformat()) db_session.add(MusehubBackgroundJob( job_id=job_id, repo_id=repo_id, job_type="mpack.index", payload={ "mpack_key": mpack_key, "pusher_id": "sha256:" + "0" * 64, "branch": "main", "head": head, "force": False, "declared_objects_count": n_objects, }, status="pending", created_at=now, attempt=0, )) await db_session.flush() return job_id async def _store_wire_mpack_for_http( wire_bytes: bytes, ) -> str: """Store MUSE binary mpack in MemoryBackend. Returns mpack_key (blob_id). For tests that call the unpack-mpack HTTP endpoint — the route's integrity check uses blob_id (sha256("blob \\0")), so the key must match. """ import musehub.storage.backends as _backends_mod mpack_key = blob_id(wire_bytes) backend = _backends_mod.get_backend() await backend.put_mpack(mpack_key, wire_bytes) return mpack_key async def _call_unpack_mpack( client: AsyncClient, repo_slug: str, mpack_key: str, head: str, ) -> dict: """Call the unpack-mpack HTTP endpoint and return the parsed response.""" resp = await client.post( f"/gabriel/{repo_slug}/push/unpack-mpack", content=msgpack.packb( {"mpack_key": mpack_key, "branch": "main", "head": head}, use_bin_type=True, ), headers={"Content-Type": "application/x-msgpack"}, ) return resp # ── Phase 2 tests ─────────────────────────────────────────────────────────── @pytest.mark.asyncio async def test_hash_mismatch_caught_at_unpack_mpack( client: AsyncClient, repo: str, tmp_path: pathlib.Path, db_session: AsyncSession, ) -> None: """Mpack-level integrity gate: bytes that don't hash to mpack_key → 422. The per-mpack blob_id check lives in wire_push_unpack_mpack. If the stored bytes hash to Y but the client claims key X, unpack-mpack rejects with 422. Per-object hash checking was intentionally removed: blob_id(wire_bytes) == mpack_key already authenticates every byte in the mpack. """ _, head, raw_mpack = _make_repo(tmp_path / "repo") wire_bytes = build_wire_mpack(raw_mpack) # PUT real bytes under a deliberately wrong key (all aaaa...). wrong_key = "sha256:" + "a" * 64 import musehub.storage.backends as _backends_mod backend = _backends_mod.get_backend() await backend.put_mpack(wrong_key, wire_bytes) resp = await _call_unpack_mpack(client, repo, wrong_key, head) assert resp.status_code == 422, resp.text assert "integrity" in resp.text.lower() or "sha256" in resp.text.lower() or "mismatch" in resp.text.lower() @pytest.mark.asyncio async def test_zip_bomb_rejected_at_unpack_mpack( client: AsyncClient, repo: str, tmp_path: pathlib.Path, db_session: AsyncSession, ) -> None: """Zip bomb guard triggers in wire_push_unpack_mpack → 422. Patching mpack_max_decompressed_bytes to 1 forces the guard on the first blob. The check fires before any DB or storage writes. """ _, head, raw_mpack = _make_repo(tmp_path / "repo") wire_bytes = build_wire_mpack(raw_mpack) mpack_key = await _store_wire_mpack_for_http(wire_bytes) from musehub.config import settings as _real_settings class _TinyLimitSettings: mpack_max_decompressed_bytes = 1 def __getattr__(self, name: str): return getattr(_real_settings, name) with patch("musehub.services.musehub_wire_push.settings", _TinyLimitSettings()): resp = await _call_unpack_mpack(client, repo, mpack_key, head) assert resp.status_code == 422, ( f"expected 422 on zip bomb, got {resp.status_code}: {resp.text[:200]}" ) assert "decompressed" in resp.text.lower() or "zip" in resp.text.lower() or "limit" in resp.text.lower(), ( f"422 body does not mention decompression limit: {resp.text[:200]}" ) @pytest.mark.asyncio async def test_zip_bomb_quarantines_mpack_in_storage( client: AsyncClient, repo: str, tmp_path: pathlib.Path, db_session: AsyncSession, ) -> None: """After a zip bomb rejection, the mpack is quarantined (removed from normal storage). wire_push_unpack_mpack calls backend.quarantine_mpack before raising MPackValidationError, so the mpack bytes are no longer accessible at the original key. """ _, head, raw_mpack = _make_repo(tmp_path / "repo") wire_bytes = build_wire_mpack(raw_mpack) mpack_key = await _store_wire_mpack_for_http(wire_bytes) import musehub.storage.backends as _backends_mod backend = _backends_mod.get_backend() assert await backend.exists_mpack(mpack_key), "mpack must exist before the call" from musehub.config import settings as _real_settings class _TinyLimitSettings: mpack_max_decompressed_bytes = 1 def __getattr__(self, name: str): return getattr(_real_settings, name) with patch("musehub.services.musehub_wire_push.settings", _TinyLimitSettings()): resp = await _call_unpack_mpack(client, repo, mpack_key, head) assert resp.status_code == 422 assert not await backend.exists_mpack(mpack_key), ( "mpack must be quarantined (removed from normal storage) after zip bomb rejection" ) @pytest.mark.asyncio async def test_zip_bomb_leaves_no_commit_rows( client: AsyncClient, repo: str, tmp_path: pathlib.Path, db_session: AsyncSession, ) -> None: """Zip bomb fires before any DB writes — no commits are inserted. The decompression guard runs at step 5 of wire_push_unpack_mpack, before the commit/snapshot/object write phase. A rejected mpack must leave the DB in the same state as before the call. """ _, head, raw_mpack = _make_repo(tmp_path / "repo") wire_bytes = build_wire_mpack(raw_mpack) mpack_key = await _store_wire_mpack_for_http(wire_bytes) raw_commits = raw_mpack.get("commits") or [] all_cids = [c["commit_id"] for c in raw_commits if "commit_id" in c] assert all_cids, "mpack must contain commits for this test to be meaningful" from musehub.config import settings as _real_settings class _TinyLimitSettings: mpack_max_decompressed_bytes = 1 def __getattr__(self, name: str): return getattr(_real_settings, name) with patch("musehub.services.musehub_wire_push.settings", _TinyLimitSettings()): resp = await _call_unpack_mpack(client, repo, mpack_key, head) assert resp.status_code == 422 rows = (await db_session.execute( select(MusehubCommit).where(MusehubCommit.commit_id.in_(all_cids)) )).scalars().all() assert not rows, ( f"{len(rows)} commit rows were inserted despite zip bomb rejection: " f"{[r.commit_id[:16] for r in rows[:3]]}" ) @pytest.mark.asyncio async def test_quarantine_job_sets_status_and_reason( client: AsyncClient, repo: str, tmp_path: pathlib.Path, db_session: AsyncSession, ) -> None: """quarantine_job sets status='quarantined' and stores the reason on a job row. quarantine_job is the worker-level utility that marks a background job as quarantined after any validation or integrity failure. """ _, head, mpack = _make_repo(tmp_path / "repo") job_id = await _store_mpack_for_index_job(repo, mpack, head, db_session) from musehub.services.musehub_jobs import quarantine_job reason = "object sha256:deadbeef content does not match declared id" await quarantine_job(db_session, job_id, reason) await db_session.commit() db_session.expire_all() job_row = (await db_session.execute( select(MusehubBackgroundJob).where(MusehubBackgroundJob.job_id == job_id) )).scalar_one() assert job_row.status == "quarantined", ( f"expected status 'quarantined' after quarantine_job, got '{job_row.status}'" ) assert job_row.quarantine_reason is not None, "quarantine_reason must be set" assert reason[:50] in job_row.quarantine_reason, ( f"quarantine_reason {job_row.quarantine_reason!r} does not contain the error message" ) @pytest.mark.asyncio async def test_valid_mpack_passes_all_validation_checks( client: AsyncClient, repo: str, tmp_path: pathlib.Path, db_session: AsyncSession, ) -> None: """Regression: a well-formed mpack passes all Phase 2 checks and is indexed. All blobs have correct IDs and decompressed size is within limit — process_mpack_index_job must complete normally and return positive counts. """ _, head, mpack = _make_repo(tmp_path / "repo") job_id = await _store_mpack_for_index_job(repo, mpack, head, db_session) from musehub.services.musehub_wire import process_mpack_index_job result = await process_mpack_index_job(db_session, job_id) await db_session.commit() assert result["commit_graph_written"] > 0, f"expected commits indexed for a valid mpack, got {result}" assert result["mpack_index_written"] > 0, f"expected objects indexed for a valid mpack, got {result}"