Phase 3B: Site I/O & Observability — Communication, DCL, Script/Alarm actors, Health, Event Logging

Communication Layer (WP-1–5): - 8 message patterns with correlation IDs, per-pattern timeouts - Central/Site communication actors, transport heartbeat config - Connection failure handling (no central buffering, debug streams killed) Data Connection Layer (WP-6–14, WP-34): - Connection actor with Become/Stash lifecycle (Connecting/Connected/Reconnecting) - OPC UA + LmxProxy adapters behind IDataConnection - Auto-reconnect, bad quality propagation, transparent re-subscribe - Write-back, tag path resolution with retry, health reporting - Protocol extensibility via DataConnectionFactory Site Runtime (WP-15–25, WP-32–33): - ScriptActor/ScriptExecutionActor (triggers, concurrent execution, blocking I/O dispatcher) - AlarmActor/AlarmExecutionActor (ValueMatch/RangeViolation/RateOfChange, in-memory state) - SharedScriptLibrary (inline execution), ScriptRuntimeContext (API) - ScriptCompilationService (Roslyn, forbidden API enforcement, execution timeout) - Recursion limit (default 10), call direction enforcement - SiteStreamManager (per-subscriber bounded buffers, fire-and-forget) - Debug view backend (snapshot + stream), concurrency serialization - Local artifact storage (4 SQLite tables) Health Monitoring (WP-26–28): - SiteHealthCollector (thread-safe counters, connection state) - HealthReportSender (30s interval, monotonic sequence numbers) - CentralHealthAggregator (offline detection 60s, online recovery) Site Event Logging (WP-29–31): - SiteEventLogger (SQLite, 6 event categories, ISO 8601 UTC) - EventLogPurgeService (30-day retention, 1GB cap) - EventLogQueryService (filters, keyword search, keyset pagination) 541 tests pass, zero warnings.
2026-03-16 20:57:25 -04:00
parent a3bf0c43f3
commit 389f5a0378
97 changed files with 8308 additions and 127 deletions
--- a/tests/ScadaLink.SiteRuntime.Tests/Scripts/ScriptCompilationServiceTests.cs
+++ b/tests/ScadaLink.SiteRuntime.Tests/Scripts/ScriptCompilationServiceTests.cs
@@ -0,0 +1,111 @@
+using Microsoft.Extensions.Logging.Abstractions;
+using ScadaLink.SiteRuntime.Scripts;
+
+namespace ScadaLink.SiteRuntime.Tests.Scripts;
+
+/// <summary>
+/// WP-19: Script Trust Model tests — validates forbidden API detection and compilation.
+/// </summary>
+public class ScriptCompilationServiceTests
+{
+    private readonly ScriptCompilationService _service;
+
+    public ScriptCompilationServiceTests()
+    {
+        _service = new ScriptCompilationService(NullLogger<ScriptCompilationService>.Instance);
+    }
+
+    [Fact]
+    public void Compile_ValidScript_Succeeds()
+    {
+        var result = _service.Compile("test", "1 + 1");
+        Assert.True(result.IsSuccess);
+        Assert.NotNull(result.CompiledScript);
+        Assert.Empty(result.Errors);
+    }
+
+    [Fact]
+    public void Compile_InvalidSyntax_ReturnsErrors()
+    {
+        var result = _service.Compile("bad", "this is not valid C# {{{");
+        Assert.False(result.IsSuccess);
+        Assert.NotEmpty(result.Errors);
+    }
+
+    [Fact]
+    public void ValidateTrustModel_SystemIO_Forbidden()
+    {
+        var violations = _service.ValidateTrustModel("System.IO.File.ReadAllText(\"test\")");
+        Assert.NotEmpty(violations);
+        Assert.Contains(violations, v => v.Contains("System.IO"));
+    }
+
+    [Fact]
+    public void ValidateTrustModel_Process_Forbidden()
+    {
+        var violations = _service.ValidateTrustModel(
+            "System.Diagnostics.Process.Start(\"cmd\")");
+        Assert.NotEmpty(violations);
+    }
+
+    [Fact]
+    public void ValidateTrustModel_Reflection_Forbidden()
+    {
+        var violations = _service.ValidateTrustModel(
+            "typeof(string).GetType().GetMethods(System.Reflection.BindingFlags.Public)");
+        Assert.NotEmpty(violations);
+    }
+
+    [Fact]
+    public void ValidateTrustModel_Sockets_Forbidden()
+    {
+        var violations = _service.ValidateTrustModel(
+            "new System.Net.Sockets.TcpClient()");
+        Assert.NotEmpty(violations);
+    }
+
+    [Fact]
+    public void ValidateTrustModel_HttpClient_Forbidden()
+    {
+        var violations = _service.ValidateTrustModel(
+            "new System.Net.Http.HttpClient()");
+        Assert.NotEmpty(violations);
+    }
+
+    [Fact]
+    public void ValidateTrustModel_AsyncAwait_Allowed()
+    {
+        // System.Threading.Tasks should be allowed (async/await support)
+        var violations = _service.ValidateTrustModel(
+            "await System.Threading.Tasks.Task.Delay(100)");
+        Assert.Empty(violations);
+    }
+
+    [Fact]
+    public void ValidateTrustModel_CancellationToken_Allowed()
+    {
+        var violations = _service.ValidateTrustModel(
+            "System.Threading.CancellationToken.None");
+        Assert.Empty(violations);
+    }
+
+    [Fact]
+    public void ValidateTrustModel_CleanCode_NoViolations()
+    {
+        var code = @"
+            var x = 1 + 2;
+            var list = new List<int> { 1, 2, 3 };
+            var sum = list.Sum();
+            sum";
+        var violations = _service.ValidateTrustModel(code);
+        Assert.Empty(violations);
+    }
+
+    [Fact]
+    public void Compile_ForbiddenApi_FailsValidation()
+    {
+        var result = _service.Compile("evil", "System.IO.File.Delete(\"/tmp/test\")");
+        Assert.False(result.IsSuccess);
+        Assert.NotEmpty(result.Errors);
+    }
+}