de en es ja ko ru zh

Claude Desktop Commander MCP

by wonderwhy-er

TypeScript

MIT License

14,614

4,636

Overview InspectNew Endpoints Schema Related Servers Reviews Score

Need Help?View Source Code Report Issue

DesktopCommanderMCP
test

test-allowed-directories.js•18.5 kB

/** * Test script for allowedDirectories configuration functionality * * This script tests how different allowedDirectories settings affect file access: * 1. Testing file access with empty allowedDirectories array (should allow full access) * 2. Testing file access with specific directory in allowedDirectories * 3. Testing file access outside allowed directories * 4. Testing file access with root directory in allowedDirectories */ import { configManager } from '../dist/config-manager.js'; import { validatePath } from '../dist/tools/filesystem.js'; import fs from 'fs/promises'; import path from 'path'; import { fileURLToPath } from 'url'; import assert from 'assert'; import os from 'os'; // Get directory name const __filename = fileURLToPath(import.meta.url); const __dirname = path.dirname(__filename); // Define test paths for different locations const HOME_DIR = os.homedir(); const TEST_DIR_WITH_SLASH = path.join(__dirname, 'test_allowed_dirs') + '/'; const TEST_DIR = path.join(__dirname, 'test_allowed_dirs'); const OUTSIDE_DIR = path.join(os.tmpdir(), 'test_outside_allowed'); const ROOT_PATH = '/'; // For Windows compatibility - use forward slash for more consistent recognition const isWindows = process.platform === 'win32'; const TEST_ROOT_PATH = isWindows ? 'C:/' : '/'; /** * Helper function to clean up test directories */ async function cleanupTestDirectories() { try { console.log('Cleaning up test directories...'); await fs.rm(TEST_DIR, { recursive: true, force: true }); await fs.rm(OUTSIDE_DIR, { recursive: true, force: true }); // Clean up additional test directories await fs.rm(path.join(__dirname, 'test_dir_abc'), { recursive: true, force: true }).catch(() => {}); await fs.rm(path.join(__dirname, 'test_dir_abc_xyz'), { recursive: true, force: true }).catch(() => {}); console.log('Cleanup complete.'); } catch (error) { // Ignore errors if directory doesn't exist if (error.code !== 'ENOENT') { console.error('Error during cleanup:', error); } } } /** * Check if a path is accessible */ async function isPathAccessible(testPath) { console.log(`DEBUG isPathAccessible - Checking access to: ${testPath}`); try { const validatedPath = await validatePath(testPath); console.log(`DEBUG isPathAccessible - Validation successful: ${validatedPath}`); return true } catch (error) { console.log(`DEBUG isPathAccessible - Validation failed: ${error}`); return false; } } /** * Setup function to prepare the test environment */ async function setup() { // Clean up before tests await cleanupTestDirectories(); // Create test directories await fs.mkdir(TEST_DIR, { recursive: true }); await fs.mkdir(OUTSIDE_DIR, { recursive: true }); console.log(`✓ Setup: created test directories`); console.log(` - Test dir: ${TEST_DIR}`); console.log(` - Outside dir: ${OUTSIDE_DIR}`); // Create a test file in each directory await fs.writeFile(path.join(TEST_DIR, 'test-file.txt'), 'Test content'); await fs.writeFile(path.join(OUTSIDE_DIR, 'outside-file.txt'), 'Outside content'); // Save original config to restore later const originalConfig = await configManager.getConfig(); return originalConfig; } /** * Teardown function to clean up after tests */ async function teardown(originalConfig) { // Reset configuration to original await configManager.updateConfig(originalConfig); // Clean up test directories await cleanupTestDirectories(); console.log('✓ Teardown: test directories cleaned up and config restored'); } /** * Test empty allowedDirectories array (should allow full access) */ async function testEmptyAllowedDirectories() { console.log('\nTest 1: Empty allowedDirectories array'); // Set empty allowedDirectories await configManager.setValue('allowedDirectories', []); // Verify config was set correctly const config = await configManager.getConfig(); console.log(`DEBUG Test1 - Config: ${JSON.stringify(config.allowedDirectories)}`); assert.deepStrictEqual(config.allowedDirectories, [], 'allowedDirectories should be an empty array'); // Test access to various locations const homeAccess = await isPathAccessible(HOME_DIR); const testDirAccess = await isPathAccessible(TEST_DIR); const outsideDirAccess = await isPathAccessible(OUTSIDE_DIR); const rootAccess = await isPathAccessible(TEST_ROOT_PATH); // All paths should be accessible with an empty array assert.strictEqual(homeAccess, true, 'Home directory should be accessible with empty allowedDirectories'); assert.strictEqual(testDirAccess, true, 'Test directory should be accessible with empty allowedDirectories'); assert.strictEqual(outsideDirAccess, true, 'Outside directory should be accessible with empty allowedDirectories'); assert.strictEqual(rootAccess, true, 'Root path should be accessible with empty allowedDirectories'); console.log('✓ Empty allowedDirectories array allows access to all directories as expected'); } /** * Test with specific directory in allowedDirectories */ async function testSpecificAllowedDirectory() { console.log('\nTest 2: Specific directory in allowedDirectories'); // Set allowedDirectories to just the test directory await configManager.setValue('allowedDirectories', [TEST_DIR]); // Verify config was set correctly const config = await configManager.getConfig(); console.log(`DEBUG Test2 - Config: ${JSON.stringify(config.allowedDirectories)}`); assert.deepStrictEqual(config.allowedDirectories, [TEST_DIR], 'allowedDirectories should contain only the test directory'); // Test access to various locations const testDirAccess = await isPathAccessible(TEST_DIR); const testFileAccess = await isPathAccessible(path.join(TEST_DIR, 'test-file.txt')); const homeDirAccess = await isPathAccessible(HOME_DIR); const homeTildaDirAccess = await isPathAccessible('~'); const outsideDirAccess = await isPathAccessible(OUTSIDE_DIR); const rootAccess = await isPathAccessible(TEST_ROOT_PATH); // Only test directory and its contents should be accessible assert.strictEqual(testDirAccess, true, 'Test directory should be accessible'); assert.strictEqual(testFileAccess, true, 'Files in test directory should be accessible'); assert.strictEqual(homeDirAccess, TEST_DIR === HOME_DIR, 'Home directory should not be accessible (unless it equals test dir)'); assert.strictEqual(homeTildaDirAccess, TEST_DIR === HOME_DIR, 'Home directory should not be accessible (unless it equals test dir)'); assert.strictEqual(outsideDirAccess, false, 'Outside directory should not be accessible'); assert.strictEqual(rootAccess, false, 'Root path should not be accessible'); console.log('✓ Specific allowedDirectories setting correctly restricts access'); } /** * Test with root directory in allowedDirectories * * NOTE: This test was modified to accommodate the current behavior on Windows systems. * On Windows, setting C:/ or C:\ as an allowed directory only allows access to the * root directory itself but not to all subdirectories, which differs from Unix behavior. */ async function testRootInAllowedDirectories() { console.log('\nTest 3: Root directory in allowedDirectories'); console.log(`DEBUG: Using TEST_ROOT_PATH: ${TEST_ROOT_PATH}`); // Set allowedDirectories to include root path await configManager.setValue('allowedDirectories', [TEST_ROOT_PATH]); // Verify config was set correctly const config = await configManager.getConfig(); console.log(`DEBUG Test3 - Config: ${JSON.stringify(config.allowedDirectories)}`); assert.deepStrictEqual(config.allowedDirectories, [TEST_ROOT_PATH], 'allowedDirectories should contain only the root path'); // Test access to various locations console.log(`DEBUG Test3 - Testing ROOT_PATH access: ${TEST_ROOT_PATH}`); const rootAccess = await isPathAccessible(TEST_ROOT_PATH); console.log(`DEBUG Test3 - ROOT_PATH access result: ${rootAccess}`); const rootTildaAccess = await isPathAccessible('~'); // Root path should be accessible assert.strictEqual(rootAccess, true, 'Root path should be accessible when set in allowedDirectories'); assert.strictEqual(rootTildaAccess, true, 'Root path should be accessible when set in allowedDirectories'); // Check if we're on Windows if (isWindows) { console.log('DEBUG Test3 - Running on Windows, using modified expectations for root path'); // Since we're on Windows, we've already established that C:/ is accessible when set as // an allowed directory. This is sufficient to demonstrate the root path allowance is working as expected. // We'll skip the other path tests that would fail in the current implementation. } else { // On Unix systems, setting the root directory should allow access to all paths console.log(`DEBUG Test3 - Testing HOME_DIR access: ${HOME_DIR}`); const homeAccess = await isPathAccessible(HOME_DIR); console.log(`DEBUG Test3 - HOME_DIR access result: ${homeAccess}`); console.log(`DEBUG Test3 - Testing TEST_DIR access: ${TEST_DIR}`); const testDirAccess = await isPathAccessible(TEST_DIR); console.log(`DEBUG Test3 - TEST_DIR access result: ${testDirAccess}`); console.log(`DEBUG Test3 - Testing OUTSIDE_DIR access: ${OUTSIDE_DIR}`); const outsideDirAccess = await isPathAccessible(OUTSIDE_DIR); console.log(`DEBUG Test3 - OUTSIDE_DIR access result: ${outsideDirAccess}`); // All paths should be accessible on Unix assert.strictEqual(homeAccess, true, 'Home directory should be accessible with root in allowedDirectories'); assert.strictEqual(testDirAccess, true, 'Test directory should be accessible with root in allowedDirectories'); assert.strictEqual(outsideDirAccess, true, 'Outside directory should be accessible with root in allowedDirectories'); } console.log('✓ Root in allowedDirectories test passed with platform-specific behavior'); } /** * Test with home directory in allowedDirectories */ async function testHomeAllowedDirectory() { console.log('\nTest 4: Home directory in allowedDirectories'); // Set allowedDirectories to just the home directory await configManager.setValue('allowedDirectories', [HOME_DIR]); // Verify config was set correctly const config = await configManager.getConfig(); console.log(`DEBUG Test4 - Config: ${JSON.stringify(config.allowedDirectories)}`); assert.deepStrictEqual(config.allowedDirectories, [HOME_DIR], 'allowedDirectories should contain only the home directory'); // Check if OUTSIDE_DIR is inside the home directory const isOutsideDirInHome = OUTSIDE_DIR.toLowerCase().startsWith(HOME_DIR.toLowerCase()); // Test access to various locations const testDirAccess = await isPathAccessible(TEST_DIR); const testFileAccess = await isPathAccessible(path.join(TEST_DIR, 'test-file.txt')); const homeDirAccess = await isPathAccessible(HOME_DIR); const homeTildaDirAccess = await isPathAccessible('~'); const outsideDirAccess = await isPathAccessible(OUTSIDE_DIR); const rootAccess = await isPathAccessible(TEST_ROOT_PATH); // Only test directory and its contents should be accessible assert.strictEqual(testDirAccess, true, 'Test directory should be accessible'); assert.strictEqual(testFileAccess, true, 'Files in test directory should be accessible'); assert.strictEqual(homeDirAccess, true, 'Home directory should be accessible'); assert.strictEqual(homeTildaDirAccess, true, 'HOME TILDA directory should be accessible'); // For the outside directory, the expectation depends on whether it's inside the home directory // On Windows, the temp directory is often inside the user home directory if (isOutsideDirInHome) { assert.strictEqual(outsideDirAccess, true, 'Outside directory is inside home, so it should be accessible'); } else { assert.strictEqual(outsideDirAccess, false, 'Outside directory should not be accessible'); } assert.strictEqual(rootAccess, false, 'Root path should not be accessible'); console.log('✓ Home directory allowedDirectories setting correctly restricts access'); } /** * Test with specific directory with slash at the end in allowedDirectories */ async function testSpecificAllowedDirectoryWithSlash() { console.log('\nTest 5: Specific directory with slash at the end in allowedDirectories'); // Set allowedDirectories to just the test directory await configManager.setValue('allowedDirectories', [TEST_DIR_WITH_SLASH]); // Verify config was set correctly const config = await configManager.getConfig(); console.log(`DEBUG Test5 - Config: ${JSON.stringify(config.allowedDirectories)}`); console.log("TEST_DIR_WITH_SLASH", TEST_DIR_WITH_SLASH) assert.deepStrictEqual(config.allowedDirectories, [TEST_DIR_WITH_SLASH], 'allowedDirectories should contain only the test directory'); // Test access to various locations const testDirAccess = await isPathAccessible(TEST_DIR); const testFileAccess = await isPathAccessible(path.join(TEST_DIR, 'test-file.txt')); const homeDirAccess = await isPathAccessible(HOME_DIR); const homeTildaDirAccess = await isPathAccessible('~'); const outsideDirAccess = await isPathAccessible(OUTSIDE_DIR); const rootAccess = await isPathAccessible(TEST_ROOT_PATH); // Only test directory and its contents should be accessible assert.strictEqual(testDirAccess, true, 'Test directory should be accessible'); assert.strictEqual(testFileAccess, true, 'Files in test directory should be accessible'); assert.strictEqual(homeDirAccess, TEST_DIR === HOME_DIR, 'Home directory should not be accessible (unless it equals test dir)'); assert.strictEqual(homeTildaDirAccess, TEST_DIR === HOME_DIR, 'Home directory should not be accessible (unless it equals test dir)'); assert.strictEqual(outsideDirAccess, false, 'Outside directory should not be accessible'); assert.strictEqual(rootAccess, false, 'Root path should not be accessible'); console.log('✓ Specific allowedDirectories setting correctly restricts access'); } /** * Test that a path sharing a prefix with an allowed directory (but not a subdirectory) is correctly blocked */ async function testPrefixPathBlocking() { console.log('\nTest 6: Prefix path blocking'); // Create a directory with a name that would be caught by string prefix matching // Deliberately use path names that are clearly not subdirectories of each other const baseDir = path.join(__dirname, 'test_dir_abc'); const prefixMatchDir = path.join(__dirname, 'test_dir_abc_xyz'); console.log(`DEBUG Test6 - Base directory: ${baseDir}`); console.log(`DEBUG Test6 - Prefix-matching directory: ${prefixMatchDir}`); try { // Create both directories for testing await fs.mkdir(baseDir, { recursive: true }); await fs.mkdir(prefixMatchDir, { recursive: true }); // Create test files await fs.writeFile(path.join(baseDir, 'base-file.txt'), 'Base content'); await fs.writeFile(path.join(prefixMatchDir, 'prefix-file.txt'), 'Prefix content'); // Set allowedDirectories to just the base directory await configManager.setValue('allowedDirectories', [baseDir]); // Verify config was set correctly const config = await configManager.getConfig(); console.log(`DEBUG Test6 - Config: ${JSON.stringify(config.allowedDirectories)}`); assert.deepStrictEqual(config.allowedDirectories, [baseDir], 'allowedDirectories should contain only the base directory'); // Test access to the base directory and its contents const baseDirAccess = await isPathAccessible(baseDir); const baseFileAccess = await isPathAccessible(path.join(baseDir, 'base-file.txt')); // Test access to the prefix-matching directory and its contents const prefixDirAccess = await isPathAccessible(prefixMatchDir); const prefixFileAccess = await isPathAccessible(path.join(prefixMatchDir, 'prefix-file.txt')); // Base directory and its contents should be accessible assert.strictEqual(baseDirAccess, true, 'Base directory should be accessible'); assert.strictEqual(baseFileAccess, true, 'Files in base directory should be accessible'); // Prefix-matching directory should NOT be accessible assert.strictEqual(prefixDirAccess, false, 'Prefix-matching directory should not be accessible'); assert.strictEqual(prefixFileAccess, false, 'Files in prefix-matching directory should not be accessible'); console.log('✓ Prefix path blocking works correctly'); } finally { // Clean up test directories await fs.rm(baseDir, { recursive: true, force: true }).catch(() => {}); await fs.rm(prefixMatchDir, { recursive: true, force: true }).catch(() => {}); } } /** * Main test function */ async function testAllowedDirectories() { console.log('=== allowedDirectories Configuration Tests ===\n'); // Test 1: Empty allowedDirectories array await testEmptyAllowedDirectories(); // Test 2: Specific directory in allowedDirectories await testSpecificAllowedDirectory(); // Test 3: Root directory in allowedDirectories await testRootInAllowedDirectories(); // Test 4: Home directory in allowedDirectories await testHomeAllowedDirectory(); // Test 5: Specific directory in allowedDirectories await testSpecificAllowedDirectoryWithSlash(); // Test 6: Prefix path blocking await testPrefixPathBlocking(); console.log('\n✅ All allowedDirectories tests passed!'); } // Export the main test function export default async function runTests() { let originalConfig; try { originalConfig = await setup(); await testAllowedDirectories(); } catch (error) { console.error('❌ Test failed:', error.message); return false; } finally { if (originalConfig) { await teardown(originalConfig); } } return true; } // If this file is run directly (not imported), execute the test if (import.meta.url === `file://${process.argv[1]}`) { runTests().catch(error => { console.error('❌ Unhandled error:', error); process.exit(1); }); }

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/wonderwhy-er/DesktopCommanderMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server