feat: add go backend skeleton

2026-05-25 16:04:26 +08:00
parent de20fda424
commit be466ae5fc
8 changed files with 156 additions and 2 deletions
--- a/internal/codexhome/bounds_test.go
+++ b/internal/codexhome/bounds_test.go
@@ -0,0 +1,34 @@
+package codexhome
+
+import (
+	"path/filepath"
+	"testing"
+)
+
+func TestResolveInsideCodexHomeAllowsAgentsToml(t *testing.T) {
+	home := filepath.Join(t.TempDir(), ".codex")
+	got, err := ResolveInside(home, "agents/product-manager.toml")
+	if err != nil {
+		t.Fatalf("ResolveInside returned error: %v", err)
+	}
+	want := filepath.Join(home, "agents", "product-manager.toml")
+	if got != want {
+		t.Fatalf("path mismatch: got %q want %q", got, want)
+	}
+}
+
+func TestResolveInsideCodexHomeRejectsTraversal(t *testing.T) {
+	home := filepath.Join(t.TempDir(), ".codex")
+	_, err := ResolveInside(home, "../auth.json")
+	if err == nil {
+		t.Fatal("expected traversal to be rejected")
+	}
+}
+
+func TestIsForbiddenPathBlocksAuthJSON(t *testing.T) {
+	home := filepath.Join(t.TempDir(), ".codex")
+	path := filepath.Join(home, "auth.json")
+	if !IsForbidden(path, home) {
+		t.Fatal("auth.json must be forbidden")
+	}
+}