feat(properties): prepare property commands before execution
Build and Push Docker Container / build-and-push (push) Successful in 4m28s

- Create missing note files before running property:set.
- Default date-only datetime values to midnight.
- Keep property names out of path authorization checks.
- Split policy, vault, daily note, and command target helpers.
- Split n8n node args, description, output, and API response helpers.
- Split API tests by auth, command, daily note, and property behavior.
- Bump API and n8n node versions.
This commit is contained in:
2026-06-24 14:29:48 +02:00
parent e8e31add11
commit c34dab2cca
25 changed files with 1099 additions and 1018 deletions
+60
View File
@@ -0,0 +1,60 @@
import json
from conftest import client, use_jwt_auth, use_work_vault
def test_path_restricted_token_allows_daily_command_from_obsidian_config(monkeypatch, tmp_path):
vault = tmp_path / "vault"
config = vault / ".obsidian"
config.mkdir(parents=True)
(config / "daily-notes.json").write_text(json.dumps({"folder": "00. Journal", "format": "YYYY-MM-DD"}))
use_work_vault(monkeypatch, vault)
token = use_jwt_auth(monkeypatch, {"sub": "daily", "commands": ["daily:append"], "vaults": ["work"], "paths": ["00. Journal/"]})
response = client.post(
"/commands",
headers={"Authorization": f"Bearer {token}"},
json={"args": ["vault=work", "daily:append", "content=ok"], "cwd": str(vault)},
)
assert response.status_code == 200
assert response.json()["command"] == ["python", "vault=work", "daily:append", "content=ok"]
def test_path_restricted_token_allows_vault_info_command(monkeypatch):
token = use_jwt_auth(monkeypatch, {"sub": "daily", "commands": ["daily:append", "vault", "vaults"], "vaults": ["*"], "paths": ["00. Journal/"]})
response = client.post(
"/commands",
headers={"Authorization": f"Bearer {token}"},
json={"args": ["vault"]},
)
assert response.status_code == 200
assert response.json()["command"] == ["python", "vault"]
response = client.post(
"/commands",
headers={"Authorization": f"Bearer {token}"},
json={"args": ["vaults"]},
)
assert response.status_code == 200
assert response.json()["command"] == ["python", "vaults"]
def test_path_restricted_token_denies_daily_command_outside_obsidian_config(monkeypatch, tmp_path):
vault = tmp_path / "vault"
config = vault / ".obsidian"
config.mkdir(parents=True)
(config / "daily-notes.json").write_text(json.dumps({"folder": "Journal", "format": "YYYY-MM-DD"}))
use_work_vault(monkeypatch, vault)
token = use_jwt_auth(monkeypatch, {"sub": "daily", "commands": ["daily:append"], "vaults": ["work"], "paths": ["00. Journal/"]})
response = client.post(
"/commands",
headers={"Authorization": f"Bearer {token}"},
json={"args": ["vault=work", "daily:append", "content=ok"], "cwd": str(vault)},
)
assert response.status_code == 403
assert response.json()["detail"].startswith("token is not allowed to access path: Journal/")