php-mcp/tests/Pest.php

<?php

declare(strict_types=1);

/*
|--------------------------------------------------------------------------
| Pest Configuration
|--------------------------------------------------------------------------
|
| Configure Pest testing framework for the core-mcp package.
| This file binds test traits to test cases and provides helper functions.
|
*/

use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;

/*
|--------------------------------------------------------------------------
| Test Case
|--------------------------------------------------------------------------
|
| The closure passed to the "uses()" method binds an abstract test case
| to all Feature and Unit tests. The TestCase class provides a bridge
| between Laravel's testing utilities and Pest's expressive syntax.
|
*/

uses(TestCase::class)->in('Feature', 'Unit', '../src/Mcp/Tests/Unit');

/*
|--------------------------------------------------------------------------
| Database Refresh
|--------------------------------------------------------------------------
|
| Apply RefreshDatabase to Feature tests that need a clean database state.
| Unit tests typically don't require database access.
|
*/

uses(RefreshDatabase::class)->in('Feature', '../src/Mcp/Tests/Unit');
test(mcp): add comprehensive SQL Query Validator tests (P2-013) Add Pest tests for SqlQueryValidator covering: - Allowed SELECT statements with WHERE, ORDER BY, LIMIT - Blocked data modification (INSERT, UPDATE, DELETE, TRUNCATE) - Blocked schema changes (DROP, ALTER, CREATE, RENAME) - Blocked permissions/admin (GRANT, REVOKE, FLUSH, KILL, SET) - Blocked execution (EXECUTE, PREPARE, CALL, DEALLOCATE) - Blocked file operations (INTO OUTFILE/DUMPFILE, LOAD_FILE/DATA) - SQL injection prevention: UNION attacks, stacked queries, time-based (SLEEP/BENCHMARK), encoding (hex/CHAR), subqueries, system table access, comment obfuscation - Query structure validation and whitelist configuration - Exception details and edge cases Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-29 19:38:40 +00:00			`<?php`

			`declare(strict_types=1);`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Pest Configuration`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| Configure Pest testing framework for the core-mcp package.`
			`\| This file binds test traits to test cases and provides helper functions.`
			`\|`
			`*/`

			`use Illuminate\Foundation\Testing\RefreshDatabase;`
			`use Tests\TestCase;`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Test Case`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| The closure passed to the "uses()" method binds an abstract test case`
			`\| to all Feature and Unit tests. The TestCase class provides a bridge`
			`\| between Laravel's testing utilities and Pest's expressive syntax.`
			`\|`
			`*/`

test(mcp): add comprehensive Workspace Context tests (P2-014) Add extensive Pest tests for workspace context security covering: - WorkspaceContext resolution from headers and authentication - Automatic workspace scoping for queries - MissingWorkspaceContextException handling - Workspace boundary enforcement - Cross-workspace data isolation and query prevention - Context injection via middleware - Edge cases including concurrent contexts and request isolation Also update Pest.php to include src/Mcp/Tests/Unit directory. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-29 19:39:24 +00:00			`uses(TestCase::class)->in('Feature', 'Unit', '../src/Mcp/Tests/Unit');`
test(mcp): add comprehensive SQL Query Validator tests (P2-013) Add Pest tests for SqlQueryValidator covering: - Allowed SELECT statements with WHERE, ORDER BY, LIMIT - Blocked data modification (INSERT, UPDATE, DELETE, TRUNCATE) - Blocked schema changes (DROP, ALTER, CREATE, RENAME) - Blocked permissions/admin (GRANT, REVOKE, FLUSH, KILL, SET) - Blocked execution (EXECUTE, PREPARE, CALL, DEALLOCATE) - Blocked file operations (INTO OUTFILE/DUMPFILE, LOAD_FILE/DATA) - SQL injection prevention: UNION attacks, stacked queries, time-based (SLEEP/BENCHMARK), encoding (hex/CHAR), subqueries, system table access, comment obfuscation - Query structure validation and whitelist configuration - Exception details and edge cases Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-29 19:38:40 +00:00
			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Database Refresh`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| Apply RefreshDatabase to Feature tests that need a clean database state.`
			`\| Unit tests typically don't require database access.`
			`\|`
			`*/`

test(mcp): add comprehensive Workspace Context tests (P2-014) Add extensive Pest tests for workspace context security covering: - WorkspaceContext resolution from headers and authentication - Automatic workspace scoping for queries - MissingWorkspaceContextException handling - Workspace boundary enforcement - Cross-workspace data isolation and query prevention - Context injection via middleware - Edge cases including concurrent contexts and request isolation Also update Pest.php to include src/Mcp/Tests/Unit directory. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-29 19:39:24 +00:00			`uses(RefreshDatabase::class)->in('Feature', '../src/Mcp/Tests/Unit');`