import { describe, it, expect } from "vitest";
import { validateHostForSsh } from "./ssh.js";
import { HostConfig } from "../types.js";
import { HostSecurityError } from "../utils/path-security.js";
describe("validateHostForSsh", () => {
const baseHost: HostConfig = {
name: "test",
host: "192.168.1.100",
protocol: "http"
};
it("should accept valid hostname", () => {
expect(() => validateHostForSsh({ ...baseHost, host: "my-host.local" })).not.toThrow();
});
it("should accept valid IPv4 address", () => {
expect(() => validateHostForSsh({ ...baseHost, host: "192.168.1.100" })).not.toThrow();
});
it("should reject invalid host format with dangerous characters", () => {
expect(() => validateHostForSsh({ ...baseHost, host: "test;rm -rf" })).toThrow(HostSecurityError);
});
it("should accept valid SSH user", () => {
expect(() => validateHostForSsh({ ...baseHost, sshUser: "root" })).not.toThrow();
expect(() => validateHostForSsh({ ...baseHost, sshUser: "admin_user" })).not.toThrow();
expect(() => validateHostForSsh({ ...baseHost, sshUser: "user-name" })).not.toThrow();
});
it("should reject invalid SSH user", () => {
expect(() => validateHostForSsh({ ...baseHost, sshUser: "user;hack" })).toThrow(
/SSH user.*Invalid characters/
);
expect(() => validateHostForSsh({ ...baseHost, sshUser: "user name" })).toThrow(
/SSH user.*Invalid characters/
);
});
it("should accept valid SSH key path", () => {
expect(() =>
validateHostForSsh({ ...baseHost, sshKeyPath: "/home/user/.ssh/id_rsa" })
).not.toThrow();
expect(() =>
validateHostForSsh({ ...baseHost, sshKeyPath: "~/.ssh/id_ed25519" })
).not.toThrow();
});
it("should reject invalid SSH key path", () => {
expect(() => validateHostForSsh({ ...baseHost, sshKeyPath: "/path/with spaces/key" })).toThrow(
/SSH key path.*Invalid characters/
);
expect(() => validateHostForSsh({ ...baseHost, sshKeyPath: "key;rm" })).toThrow(
/SSH key path.*Invalid characters/
);
});
});
