viktor/claude-memory-mcp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: sharing tests, property tests, tag-share UI, inline errors, route fix

Browse source 
- Add 10 sharing endpoint tests (share/unshare memory, tag shares, shared-with-me,
  my-shares, recall with shared, update permission checks)
- Add hypothesis property-based tests for model validation (roundtrip, bounds,
  enum, sort_by, limit)
- Tighten model validation: sort_by Literal, limit ge=1/le=500, tags/keywords max_length
- Fix dashboard shared_with_me stat to include tag-based shares
- Add tag-sharing management UI (share/remove tags, user typeahead)
- Replace alert() with inline error messages
- Fix route ordering bug: share-tag routes before {memory_id} parameterized routes
This commit is contained in:
Viktor Barzin 2026-03-22 23:36:13 +02:00
parent 688be268b9
commit c130bcff33
No known key found for this signature in database
GPG key ID: 0EB088298288D958
9 changed files with 503 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

217
tests/test_api.py
View file

@ -454,3 +454,220 @@ async def test_delete_excludes_already_deleted(client):
call_args = conn.fetchrow.call_args
query = call_args[0][0]
assert "deleted_at IS NULL" in query
# ─── Sharing endpoint tests ──────────────────────────────────────────────────
@pytest.mark.asyncio
async def test_share_memory_creates_record(client):
"""POST /api/memories/{id}/share creates a sharing record."""
ac, conn, app_mod = client
conn.fetchrow.return_value = _make_memory_row(id=10, user_id="testuser")
conn.execute.return_value = None
async with ac:
resp = await ac.post(
"/api/memories/10/share",
json={"shared_with": "otheruser", "permission": "read"},
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 200
data = resp.json()
assert data["shared"] == 10
assert data["with"] == "otheruser"
assert data["permission"] == "read"
@pytest.mark.asyncio
async def test_share_memory_nonexistent_returns_404(client):
"""POST /api/memories/{id}/share returns 404 for non-existent memory."""
ac, conn, app_mod = client
conn.fetchrow.return_value = None
async with ac:
resp = await ac.post(
"/api/memories/999/share",
json={"shared_with": "otheruser", "permission": "read"},
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 404
@pytest.mark.asyncio
async def test_unshare_memory(client):
"""DELETE /api/memories/{id}/share/{user} removes sharing."""
ac, conn, app_mod = client
conn.fetchrow.return_value = _make_memory_row(id=10, user_id="testuser")
conn.execute.return_value = None
async with ac:
resp = await ac.delete(
"/api/memories/10/share/otheruser",
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 200
@pytest.mark.asyncio
async def test_share_tag_creates_record(client):
"""POST /api/memories/share-tag creates a tag sharing record."""
ac, conn, app_mod = client
conn.execute.return_value = None
async with ac:
resp = await ac.post(
"/api/memories/share-tag",
json={"tag": "python", "shared_with": "otheruser", "permission": "read"},
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 200
data = resp.json()
assert data["shared_tag"] == "python"
assert data["with"] == "otheruser"
assert data["permission"] == "read"
@pytest.mark.asyncio
async def test_unshare_tag(client):
"""DELETE /api/memories/share-tag removes tag sharing."""
ac, conn, app_mod = client
conn.execute.return_value = None
async with ac:
resp = await ac.request(
"DELETE",
"/api/memories/share-tag",
json={"tag": "python", "shared_with": "otheruser"},
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 200
data = resp.json()
assert data["unshared_tag"] == "python"
@pytest.mark.asyncio
async def test_shared_with_me_returns_shared_memories(client):
"""GET /api/memories/shared-with-me returns individually and tag-shared memories."""
ac, conn, app_mod = client
# Mock conn.fetch called twice: individual shares, then tag shares
# Need to include permission field for the sharing queries
conn.fetch.side_effect = [
[_make_memory_row(id=1, content="shared memory", user_id="owner1", shared_by="owner1", permission="read")], # individual
[_make_memory_row(id=2, content="tag shared", user_id="owner2", shared_by="owner2", permission="write")], # tag-shared
]
async with ac:
resp = await ac.get(
"/api/memories/shared-with-me",
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 200
data = resp.json()
assert len(data["memories"]) == 2
assert data["memories"][0]["id"] == 1
assert data["memories"][1]["id"] == 2
@pytest.mark.asyncio
async def test_my_shares_returns_outgoing_shares(client):
"""GET /api/memories/my-shares returns outgoing memory and tag shares."""
ac, conn, app_mod = client
now = datetime.now(timezone.utc)
# Mock conn.fetch called twice: memory_shares, then tag_shares
conn.fetch.side_effect = [
[MockRow({"memory_id": 1, "shared_with": "user1", "permission": "read", "preview": "memory preview", "created_at": now})], # memory_shares
[MockRow({"tag": "python", "shared_with": "user2", "permission": "write", "created_at": now})], # tag_shares
]
async with ac:
resp = await ac.get(
"/api/memories/my-shares",
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 200
data = resp.json()
assert len(data["memory_shares"]) == 1
assert len(data["tag_shares"]) == 1
assert data["memory_shares"][0]["memory_id"] == 1
assert data["tag_shares"][0]["tag"] == "python"
@pytest.mark.asyncio
async def test_recall_includes_shared_memories(client):
"""POST /api/memories/recall includes shared memories with shared_by field."""
ac, conn, app_mod = client
# recall calls fetch multiple times: own, shared, tag-shared, OR-fallback
conn.fetch.side_effect = [
[_make_memory_row(id=1, content="own memory", user_id="testuser", shared_by=None)], # own
[_make_memory_row(id=2, content="shared memory", user_id="owner1", shared_by="owner1")], # shared
[_make_memory_row(id=3, content="tag shared", user_id="owner2", shared_by="owner2")], # tag-shared
[], # OR-fallback
]
async with ac:
resp = await ac.post(
"/api/memories/recall",
json={"context": "test query"},
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 200
data = resp.json()
results = data["memories"]
assert len(results) == 3
# Check that shared_by field appears in shared memories
assert results[0]["shared_by"] is None
assert results[1]["shared_by"] == "owner1"
assert results[2]["shared_by"] == "owner2"
@pytest.mark.asyncio
async def test_update_shared_memory_with_write_permission(client):
"""PUT /api/memories/{id} succeeds when user has write permission."""
ac, conn, app_mod = client
# Mock check_memory_permission to return (True, "owner")
async def mock_check_permission(conn, memory_id, user_id, perm):
return (True, "owner")
with patch("claude_memory.api.app.check_memory_permission", side_effect=mock_check_permission):
conn.execute.return_value = None
async with ac:
resp = await ac.put(
"/api/memories/10",
json={"content": "updated content"},
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 200
data = resp.json()
assert data["updated"] == 10
@pytest.mark.asyncio
async def test_update_shared_memory_without_write_fails(client):
"""PUT /api/memories/{id} returns 403 when user lacks write permission."""
ac, conn, app_mod = client
# Mock check_memory_permission to return (False, "owner")
async def mock_check_permission(conn, memory_id, user_id, perm):
return (False, "owner")
with patch("claude_memory.api.app.check_memory_permission", side_effect=mock_check_permission):
async with ac:
resp = await ac.put(
"/api/memories/10",
json={"content": "updated content"},
headers={"Authorization": "Bearer test-key"},
)
assert resp.status_code == 403

111
tests/test_properties.py Normal file
View file

@ -0,0 +1,111 @@
"""Property-based tests for Claude Memory models."""
from hypothesis import given, settings
from hypothesis import strategies as st
from pydantic import ValidationError
from claude_memory.api.models import MemoryStore, MemoryRecall, ShareMemory
# Strategy for valid MemoryStore
valid_memory_store = st.builds(
MemoryStore,
content=st.text(min_size=1, max_size=800),
category=st.text(min_size=1, max_size=50),
tags=st.text(max_size=500),
expanded_keywords=st.text(max_size=500),
importance=st.floats(min_value=0.0, max_value=1.0, allow_nan=False),
)
@given(mem=valid_memory_store)
@settings(max_examples=50)
def test_roundtrip_memory_store(mem):
"""Any valid MemoryStore can be serialized and deserialized identically."""
data = mem.model_dump()
restored = MemoryStore(**data)
assert restored.content == mem.content
assert restored.importance == mem.importance
assert restored.tags == mem.tags
@given(content=st.text(min_size=801, max_size=1000))
@settings(max_examples=20)
def test_content_over_max_rejected(content):
"""Content exceeding 800 chars is rejected."""
try:
MemoryStore(content=content)
assert False, "Should have raised ValidationError"
except ValidationError:
pass
@given(importance=st.floats().filter(lambda x: x < 0.0 or x > 1.0).filter(lambda x: x == x)) # exclude NaN
@settings(max_examples=20)
def test_importance_out_of_bounds_rejected(importance):
"""Importance outside [0.0, 1.0] is rejected."""
try:
MemoryStore(content="test", importance=importance)
assert False, "Should have raised ValidationError"
except ValidationError:
pass
@given(permission=st.text(min_size=1, max_size=20).filter(lambda x: x not in ("read", "write")))
@settings(max_examples=20)
def test_invalid_permission_rejected(permission):
"""Only 'read' or 'write' accepted for ShareMemory.permission."""
try:
ShareMemory(shared_with="user", permission=permission)
assert False, "Should have raised ValidationError"
except ValidationError:
pass
@given(tags=st.text(max_size=200))
@settings(max_examples=50)
def test_tags_splitting_consistency(tags):
"""Tags splitting produces consistent results."""
result1 = [t.strip() for t in tags.split(",") if t.strip()]
result2 = [t.strip() for t in tags.split(",") if t.strip()]
assert result1 == result2
@given(sort_by=st.sampled_from(["importance", "relevance", "recency"]))
def test_valid_sort_by_accepted(sort_by):
"""Valid sort_by values are accepted."""
recall = MemoryRecall(context="test", sort_by=sort_by)
assert recall.sort_by == sort_by
@given(sort_by=st.text(min_size=1, max_size=20).filter(lambda x: x not in ("importance", "relevance", "recency")))
@settings(max_examples=20)
def test_invalid_sort_by_rejected(sort_by):
"""Invalid sort_by values are rejected after model update."""
try:
MemoryRecall(context="test", sort_by=sort_by)
assert False, "Should have raised ValidationError"
except ValidationError:
pass
@given(limit=st.integers(min_value=501, max_value=10000))
@settings(max_examples=10)
def test_limit_too_high_rejected(limit):
"""Limit above 500 is rejected after model update."""
try:
MemoryRecall(context="test", limit=limit)
assert False, "Should have raised ValidationError"
except ValidationError:
pass
@given(limit=st.integers(min_value=-100, max_value=0))
@settings(max_examples=10)
def test_limit_zero_or_negative_rejected(limit):
"""Limit <= 0 is rejected."""
try:
MemoryRecall(context="test", limit=limit)
assert False, "Should have raised ValidationError"
except ValidationError:
pass