ed/manual_slop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(ai): Harden tool access exclusion across all providers

Browse Source
This commit is contained in:
Edward R. Gonzalez
2026-05-02 13:23:00 -04:00
parent f8cd125c8a
commit 2666a3390d
4 changed files with 75 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/test_tool_access_exclusion.py
+66
View File
@@ -0,0 +1,66 @@
import pytest
from src import ai_client
from src import mcp_client
def test_set_agent_tools_clears_caches():
ai_client._CACHED_ANTHROPIC_TOOLS = [{"dummy": "data"}]
ai_client._CACHED_DEEPSEEK_TOOLS = [{"dummy": "data"}]
ai_client.set_agent_tools({"read_file": True})
assert ai_client._CACHED_ANTHROPIC_TOOLS is None
assert ai_client._CACHED_DEEPSEEK_TOOLS is None
def test_gemini_tool_declaration_excludes_disabled():
# Test explicit disable
ai_client.set_agent_tools({"read_file": False})
tool = ai_client._gemini_tool_declaration()
names = [f.name for f in tool.function_declarations] if tool else []
assert "read_file" not in names
# Test enable only one
all_tools = {name: False for name in mcp_client.TOOL_NAMES}
all_tools[ai_client.TOOL_NAME] = False
all_tools["read_file"] = True
ai_client.set_agent_tools(all_tools)
tool = ai_client._gemini_tool_declaration()
names = [f.name for f in tool.function_declarations] if tool else []
assert "read_file" in names
assert "write_file" not in names
assert ai_client.TOOL_NAME not in names
def test_build_anthropic_tools_excludes_disabled():
# Test explicit disable
ai_client.set_agent_tools({"read_file": False})
tools = ai_client._build_anthropic_tools()
names = [t["name"] for t in tools]
assert "read_file" not in names
# Test enable only one
all_tools = {name: False for name in mcp_client.TOOL_NAMES}
all_tools[ai_client.TOOL_NAME] = False
all_tools["read_file"] = True
ai_client.set_agent_tools(all_tools)
tools = ai_client._build_anthropic_tools()
names = [t["name"] for t in tools]
assert "read_file" in names
assert "write_file" not in names
assert ai_client.TOOL_NAME not in names
def test_build_deepseek_tools_excludes_disabled():
# Test explicit disable
ai_client.set_agent_tools({"read_file": False})
tools = ai_client._build_deepseek_tools()
names = [t["function"]["name"] for t in tools]
assert "read_file" not in names
# Test enable only one
all_tools = {name: False for name in mcp_client.TOOL_NAMES}
all_tools[ai_client.TOOL_NAME] = False
all_tools["read_file"] = True
ai_client.set_agent_tools(all_tools)
tools = ai_client._build_deepseek_tools()
names = [t["function"]["name"] for t in tools]
assert "read_file" in names
assert "write_file" not in names
assert ai_client.TOOL_NAME not in names