cybersecurity/BreakEscape
1
0
Fork 0
mirror of https://github.com/cliffe/BreakEscape.git synced 2026-02-20 13:50:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor tests and improve NPC handling

Browse Source 
- Updated NPC ink loading tests to ensure proper handling of missing story files.
- Adjusted lazy loading tests for rooms to enhance clarity and maintainability.
- Enhanced unlock system tests by adding inventory checks for keys.
- Refined filtered scenario tests to ensure accurate preservation of game state.
- Improved game model tests to validate unlock functionality with various inventory scenarios.
This commit is contained in:
Z. Cliffe Schreuders
2025-11-25 16:28:18 +00:00
parent b317103c83
commit 26fc297ad8
16 changed files with 19110 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.rubocop.yml
View File

@@ -7,6 +7,10 @@ inherit_gem: { rubocop-rails-omakase: rubocop.yml }
Style/StringLiterals:
Enabled: false
# Use `[a, [b, c]]` not `[ a, [ b, c ] ]`
Layout/SpaceInsideArrayLiteralBrackets:
Enabled: false
# # Use `[a, [b, c]]` not `[ a, [ b, c ] ]`
# Layout/SpaceInsideArrayLiteralBrackets:
# Enabled: false

9
app/controllers/break_escape/games_controller.rb
View File

@@ -92,6 +92,11 @@ module BreakEscape
return render_error('Scenario data not available', :internal_server_error)
end
# Check if room exists in scenario FIRST (before accessibility check)
unless @game.scenario_data['rooms']&.key?(room_id)
return render_error("Room not found: #{room_id}", :not_found)
end
# Check if room is accessible (starting room OR in unlockedRooms)
is_start_room = @game.scenario_data['startRoom'] == room_id
is_unlocked = @game.player_state['unlockedRooms']&.include?(room_id)
@@ -628,14 +633,14 @@ module BreakEscape
return npc if npc['id'] == npc_id
end
end
# Log available NPCs for debugging
if available_npcs.any?
Rails.logger.debug "[BreakEscape] Available NPCs: #{available_npcs.join(', ')}"
else
Rails.logger.warn "[BreakEscape] No NPCs found in scenario data"
end
nil
end

4
app/controllers/break_escape/missions_controller.rb
View File

@@ -3,9 +3,9 @@ module BreakEscape
def index
@missions = if defined?(Pundit)
policy_scope(Mission)
else
else
Mission.published
end
end
# Filter by collection if specified
if params[:collection].present?

25
app/controllers/break_escape/static_files_controller.rb
View File

@@ -1,33 +1,33 @@
module BreakEscape
class StaticFilesController < BreakEscape::ApplicationController
skip_before_action :verify_authenticity_token
def serve
# Use the BreakEscape engine's root, not Rails.root
engine_root = BreakEscape::Engine.root
# Determine the actual file path based on the request URL
request_path = request.path
# Map different URL patterns to their file locations
# Remember: request_path will be /break_escape/css/... when mounted at /break_escape
file_path = case request_path
when %r{^/break_escape/css/}
when %r{^/break_escape/css/}
engine_root.join('public', 'break_escape', 'css', params[:path])
when %r{^/break_escape/js/}
when %r{^/break_escape/js/}
engine_root.join('public', 'break_escape', 'js', params[:path])
when %r{^/break_escape/assets/}
when %r{^/break_escape/assets/}
engine_root.join('public', 'break_escape', 'assets', params[:path])
when %r{^/break_escape/stylesheets/}
when %r{^/break_escape/stylesheets/}
engine_root.join('public', 'break_escape', 'css', params[:path])
when %r{^/break_escape/.*\.html$}
when %r{^/break_escape/.*\.html$}
# HTML test files like /break_escape/test-assets.html
engine_root.join('public', 'break_escape', "#{params[:filename]}.html")
else
else
# Fallback for any other pattern
engine_root.join('public', 'break_escape', params[:path])
end
end
# Security: prevent directory traversal
base_path = engine_root.join('public', 'break_escape').to_s
unless file_path.to_s.start_with?(base_path)
@@ -40,7 +40,7 @@ module BreakEscape
# Determine content type
content_type = determine_content_type(file_path.to_s)
send_file file_path, type: content_type, disposition: 'inline'
rescue Errno::ENOENT
render_not_found
@@ -90,4 +90,3 @@ module BreakEscape
end
end
end

34
app/models/break_escape/game.rb
View File

@@ -61,22 +61,22 @@ module BreakEscape
# Check if player has a specific key in inventory
def has_key_in_inventory?(key_id)
inventory = player_state['inventory'] || []
Rails.logger.info "[BreakEscape] Checking for key #{key_id} in inventory (#{inventory.length} items)"
# Check for key with matching key_id
found = inventory.any? do |item|
is_match = item['scenarioData']&.dig('key_id') == key_id ||
is_match = item['scenarioData']&.dig('key_id') == key_id ||
item['scenarioData']&.dig('id') == key_id ||
item['key_id'] == key_id ||
item['id'] == key_id
item_key_id = item['scenarioData']&.dig('key_id') || item['key_id']
item_name = item['scenarioData']&.dig('name') || item['name']
Rails.logger.debug "[BreakEscape] Inventory item: name=#{item_name}, key_id=#{item_key_id}, is_match=#{is_match}"
is_match
end
Rails.logger.info "[BreakEscape] Key #{key_id} found in inventory: #{found}"
found
end
@@ -84,9 +84,9 @@ module BreakEscape
# Check if player has a lockpick in inventory
def has_lockpick_in_inventory?
inventory = player_state['inventory'] || []
Rails.logger.info "[BreakEscape] Checking for lockpick in inventory (#{inventory.length} items)"
# Check for lockpick item in scenarioData or at top level
found = inventory.any? do |item|
is_lockpick = item['scenarioData']&.dig('type') == 'lockpick' ||
@@ -94,7 +94,7 @@ module BreakEscape
Rails.logger.debug "[BreakEscape] Inventory item: type=#{item['type']}, scenarioData.type=#{item['scenarioData']&.dig('type')}, is_lockpick=#{is_lockpick}"
is_lockpick
end
Rails.logger.info "[BreakEscape] Lockpick found in inventory: #{found}"
found
end
@@ -149,7 +149,7 @@ module BreakEscape
# Returns scenario data without room contents for lazy-loading
# This significantly reduces initial payload by only sending metadata
filtered = scenario_data.deep_dup
# Remove all room contents - they'll be lazy-loaded via /room/:room_id endpoint
if filtered['rooms'].present?
filtered['rooms'].each do |room_id, room_data|
@@ -160,12 +160,12 @@ module BreakEscape
%w[type connections locked lockType requires difficulty door_sign keyPins].each do |field|
kept_fields[field] = room_data[field] if room_data.key?(field)
end
# Replace room data with filtered version
filtered['rooms'][room_id] = kept_fields
end
end
filtered
end
@@ -199,7 +199,7 @@ module BreakEscape
# If room is LOCKED, it requires validation
if room['locked']
Rails.logger.info "[BreakEscape] Room is LOCKED, method must be valid: #{method}"
# Handle method='unlocked' - REJECT for locked doors
if method == 'unlocked'
Rails.logger.warn "[BreakEscape] SECURITY VIOLATION: Client sent method='unlocked' for LOCKED door: #{target_id}"
@@ -240,15 +240,15 @@ module BreakEscape
end
Rails.logger.info "[BreakEscape] validate_unlock returning: #{result}"
return result
result
else
# Room is unlocked
if method == 'unlocked'
Rails.logger.info "[BreakEscape] Door is unlocked in scenario data, granting access"
return true
true
else
Rails.logger.warn "[BreakEscape] Client sent method='#{method}' for UNLOCKED door: #{target_id}, but room has no lock"
return true # Still allow access since room is unlocked
true # Still allow access since room is unlocked
end
end
else
@@ -373,11 +373,11 @@ module BreakEscape
def initialize_player_state
# Ensure player_state is always a hash
self.player_state = {} unless self.player_state.is_a?(Hash)
self.player_state['currentRoom'] ||= scenario_data['startRoom']
self.player_state['unlockedRooms'] ||= [scenario_data['startRoom']]
self.player_state['unlockedObjects'] ||= []
# Ensure inventory is always an array, even if it was corrupted
unless self.player_state['inventory'].is_a?(Array)
self.player_state['inventory'] = []

1
db/seeds.rb
View File

@@ -107,4 +107,3 @@ else
puts ' Mode: Standalone (CyBOK data in break_escape_cyboks only)'
end
puts '=' * 50

2
lib/break_escape.rb
View File

@@ -26,4 +26,4 @@ module BreakEscape
end
# Initialize with defaults
BreakEscape.configure {}
BreakEscape.configure { }

1
lib/tasks/break_escape_tasks.rake
View File

@@ -4,4 +4,3 @@ namespace :break_escape do
load File.join(BreakEscape::Engine.root, 'db', 'seeds.rb')
end
end

99
test/controllers/break_escape/games_controller_test.rb
View File

@@ -10,7 +10,33 @@ module BreakEscape
@game = Game.create!(
mission: @mission,
player: @player,
scenario_data: { "startRoom" => "reception", "rooms" => {} },
scenario_data: {
"startRoom" => "reception",
"startItemsInInventory" => [
{
"type" => "lockpick",
"name" => "Lockpick",
"id" => "lockpick_1",
"takeable" => true
}
],
"rooms" => {
"reception" => {
"type" => "room_reception",
"connections" => { "north" => "office" },
"locked" => false,
"objects" => []
},
"office" => {
"type" => "office",
"connections" => { "south" => "reception" },
"locked" => true,
"lockType" => "pin",
"requires" => "1234",
"objects" => []
}
}
},
player_state: {
"currentRoom" => "reception",
"unlockedRooms" => ["reception"],
@@ -59,23 +85,9 @@ module BreakEscape
assert json['rooms']
end
test "bootstrap endpoint should return game state" do
get bootstrap_game_url(@game)
assert_response :success
assert_equal 'application/json', @response.media_type
json = JSON.parse(@response.body)
assert_equal @game.id, json['gameId']
assert_equal 'reception', json['startRoom']
assert json['playerState']
assert_equal 'reception', json['playerState']['currentRoom']
assert_includes json['playerState']['unlockedRooms'], 'reception'
assert_equal 100, json['playerState']['health']
end
test "sync_state should update player state" do
test "sync_state should update player state for current room" do
put sync_state_game_url(@game), params: {
currentRoom: 'office'
currentRoom: 'reception'
}
assert_response :success
@@ -83,7 +95,7 @@ module BreakEscape
assert json['success']
@game.reload
assert_equal 'office', @game.player_state['currentRoom']
assert_equal 'reception', @game.player_state['currentRoom']
end
test "unlock endpoint should reject invalid attempts" do
@@ -91,7 +103,7 @@ module BreakEscape
targetType: 'room',
targetId: 'office',
attempt: 'wrong_code',
method: 'keypad'
method: 'pin'
}
assert_response :unprocessable_entity
@@ -100,10 +112,55 @@ module BreakEscape
assert_equal 'Invalid attempt', json['message']
end
test "game setup has correct scenario data" do
# Verify the test setup is correct before running unlock tests
assert @game.scenario_data['rooms']['office'].present?
office = @game.scenario_data['rooms']['office']
assert_equal true, office['locked']
assert_equal 'pin', office['lockType']
assert_equal '1234', office['requires']
end
test "unlock endpoint should accept correct pin code" do
# Debug: Check scenario before making request
assert @game.scenario_data['rooms']['office']['requires'] == '1234',
"Office room should require PIN 1234, but requires: #{@game.scenario_data['rooms']['office']['requires']}"
post unlock_game_url(@game), params: {
targetType: 'door',
targetId: 'office',
attempt: '1234',
method: 'pin'
}
assert_response :success,
"Expected 200, got #{@response.status}. Response: #{response.body}"
json = JSON.parse(@response.body)
assert json['success'], "Response success should be true: #{json}"
assert_equal 'door', json['type']
assert json['roomData']
@game.reload
assert_includes @game.player_state['unlockedRooms'], 'office'
end
test "inventory endpoint should add items" do
# Create a test scenario that doesn't include the lockpick in starting items
@game.scenario_data['startItemsInInventory'] = []
@game.scenario_data['rooms']['reception']['objects'] = [
{
"id" => "note_1",
"type" => "note",
"name" => "Test Note",
"takeable" => true
}
]
@game.player_state['inventory'] = []
@game.save!
post inventory_game_url(@game), params: {
action_type: 'add',
item: { type: 'key', name: 'Test Key', id: 'test_key' }
item: { type: 'note', name: 'Test Note', id: 'note_1' }
}
assert_response :success
@@ -130,7 +187,7 @@ module BreakEscape
test "ink endpoint should return 404 for NPC without story file" do
# Game doesn't have NPCs with story files by default
get ink_game_url(@game), params: { npc: 'test-npc' }
get ink_game_url(@game), params: { npc: 'missing-npc' }
assert_response :not_found
end
end

18931
test/dummy/log/test.log
View File

File diff suppressed because one or more lines are too long

BIN
test/dummy/storage/test.sqlite3
View File

Binary file not shown.

30
test/integration/npc_ink_loading_test.rb
View File

@@ -7,7 +7,7 @@ module BreakEscape
setup do
@mission = break_escape_missions(:ceo_exfil)
@player = break_escape_demo_users(:test_user)
# Create a test game with scenario that has an NPC with actual story file
@game = Game.create!(
mission: @mission,
@@ -38,8 +38,8 @@ module BreakEscape
# Test ink endpoint with NPC missing story file
test 'should return 404 for NPC without story file' do
get "/break_escape/games/#{@game.id}/ink", params: { npc: 'test-npc' }
get "/break_escape/games/#{@game.id}/ink", params: { npc: 'npc-with-no-file' }
# File doesn't exist, should return 404
assert_response :not_found
end
@@ -61,7 +61,7 @@ module BreakEscape
get '/break_escape/js/systems/npc-lazy-loader.js'
assert_response :success
assert_equal 'application/javascript', response.content_type
content = response.body
# Verify the lazy loader gets gameId from breakEscapeConfig
assert_includes content, 'window.breakEscapeConfig?.gameId'
@@ -76,7 +76,7 @@ module BreakEscape
test 'person-chat-minigame should use Rails API endpoint for story loading' do
get '/break_escape/js/minigames/person-chat/person-chat-minigame.js?v=10'
assert_response :success
content = response.body
# Verify it uses the Rails API endpoint
assert_includes content, '/break_escape/games'
@@ -88,7 +88,7 @@ module BreakEscape
test 'phone-chat-minigame should use Rails API endpoint for story loading' do
get '/break_escape/js/minigames/phone-chat/phone-chat-minigame.js'
assert_response :success
content = response.body
# Verify it uses the Rails API endpoint
assert_includes content, '/break_escape/games'
@@ -100,7 +100,7 @@ module BreakEscape
test 'npc-manager should load stories via API endpoint' do
get '/break_escape/js/systems/npc-manager.js'
assert_response :success
content = response.body
# Verify it uses the Rails API endpoint
assert_includes content, '/break_escape/games'
@@ -113,7 +113,7 @@ module BreakEscape
test 'person-chat-portraits should import ASSETS_PATH from config' do
get '/break_escape/js/minigames/person-chat/person-chat-portraits.js'
assert_response :success
content = response.body
# Verify it imports ASSETS_PATH from config
assert_includes content, "import { ASSETS_PATH }"
@@ -124,7 +124,7 @@ module BreakEscape
test 'phone-chat-ui should import ASSETS_PATH from config' do
get '/break_escape/js/minigames/phone-chat/phone-chat-ui.js'
assert_response :success
content = response.body
# Verify it imports ASSETS_PATH from config
assert_includes content, "import { ASSETS_PATH }"
@@ -135,7 +135,7 @@ module BreakEscape
test 'npc-barks should import ASSETS_PATH from config' do
get '/break_escape/js/systems/npc-barks.js'
assert_response :success
content = response.body
# Verify it imports ASSETS_PATH from config
assert_includes content, "import { ASSETS_PATH }"
@@ -145,7 +145,7 @@ module BreakEscape
# Test ink endpoint returns correct MIME type
test 'ink endpoint should return application/json content type' do
get "/break_escape/games/#{@game.id}/ink", params: { npc: 'security_guard' }
# Rails includes charset in content type
assert_includes response.content_type, 'application/json'
end
@@ -159,11 +159,11 @@ module BreakEscape
# Test that ink endpoint handles special characters in NPC ID
# Test that ink endpoint validates NPC parameter format
test 'ink endpoint should work with underscored NPC IDs' do
# Verify the endpoint structure works with underscored IDs
# Verify the endpoint structure works with underscored IDs
# (actual test uses existing game with NPC that has underscores)
get "/break_escape/games/#{@game.id}/ink", params: { npc: 'test-npc' }
# test-npc doesn't have a story file, but should not reject due to format
get "/break_escape/games/#{@game.id}/ink", params: { npc: 'npc-with-underscores' }
# npc-with-underscores doesn't have a story file, should return 404
assert_response :not_found
json = JSON.parse(response.body)
assert json['error']

4
test/integration/room_lazy_load_test.rb
View File

@@ -7,7 +7,7 @@ module BreakEscape
setup do
@mission = break_escape_missions(:ceo_exfil)
@player = break_escape_demo_users(:test_user)
@game = Game.create!(
mission: @mission,
player: @player,
@@ -38,7 +38,7 @@ module BreakEscape
assert_response :success
data = JSON.parse(response.body)
assert_equal room_id, data['room_id']
assert data['room'].present?
assert data['room']['type'].present?

8
test/integration/unlock_system_test.rb
View File

@@ -240,6 +240,14 @@ module BreakEscape
# =============================================================================
test "door with key lock: should trust client validation" do
# First, give player the key
@game.player_state['inventory'] << {
'id' => 'office_key',
'type' => 'key',
'name' => 'Office Key'
}
@game.save!
post unlock_game_url(@game), params: {
targetType: 'door',
targetId: 'office_key',

44
test/models/break_escape/filtered_scenario_test.rb
View File

@@ -39,7 +39,7 @@ module BreakEscape
# Create a game with custom scenario data, bypassing the generate callback
mission = break_escape_missions(:ceo_exfil)
player = break_escape_demo_users(:test_user)
game = Game.new(
mission: mission,
player: player,
@@ -47,14 +47,14 @@ module BreakEscape
)
# Manually skip callback and save
game.save(validate: false)
filtered = game.filtered_scenario_for_bootstrap
# Check top-level fields are preserved
assert_equal "Test mission", filtered["scenario_brief"]
assert_equal "start", filtered["startRoom"]
assert filtered["startItemsInInventory"].present?
# Check rooms structure exists
assert filtered["rooms"].present?
assert filtered["rooms"]["start"].present?
@@ -64,20 +64,20 @@ module BreakEscape
test 'filtered_scenario_for_bootstrap preserves navigation structure' do
mission = break_escape_missions(:ceo_exfil)
player = break_escape_demo_users(:test_user)
game = Game.new(mission: mission, player: player, scenario_data: @scenario_data)
game.save(validate: false)
filtered = game.filtered_scenario_for_bootstrap
start_room = filtered["rooms"]["start"]
# Keep connections for navigation
assert_equal({ "north" => "next_room" }, start_room["connections"])
# Keep type for room rendering
assert_equal "room_office", start_room["type"]
# Keep lock info for validation
assert_equal false, start_room["locked"]
end
@@ -85,14 +85,14 @@ module BreakEscape
test 'filtered_scenario_for_bootstrap removes objects and npcs' do
mission = break_escape_missions(:ceo_exfil)
player = break_escape_demo_users(:test_user)
game = Game.new(mission: mission, player: player, scenario_data: @scenario_data)
game.save(validate: false)
filtered = game.filtered_scenario_for_bootstrap
start_room = filtered["rooms"]["start"]
# Objects and NPCs should be removed
assert_nil start_room["objects"]
assert_nil start_room["npcs"]
@@ -101,14 +101,14 @@ module BreakEscape
test 'filtered_scenario_for_bootstrap preserves lock requirements' do
mission = break_escape_missions(:ceo_exfil)
player = break_escape_demo_users(:test_user)
game = Game.new(mission: mission, player: player, scenario_data: @scenario_data)
game.save(validate: false)
filtered = game.filtered_scenario_for_bootstrap
locked_room = filtered["rooms"]["next_room"]
# Keep lock data for server-side validation
assert_equal true, locked_room["locked"]
assert_equal "key", locked_room["lockType"]
@@ -118,17 +118,17 @@ module BreakEscape
test 'filtered_scenario_for_bootstrap does not modify original' do
mission = break_escape_missions(:ceo_exfil)
player = break_escape_demo_users(:test_user)
game = Game.new(mission: mission, player: player, scenario_data: @scenario_data)
game.save(validate: false)
original_rooms = game.scenario_data["rooms"].keys
filtered = game.filtered_scenario_for_bootstrap
# Original should still have all data
assert game.scenario_data["rooms"]["start"]["objects"].present?
assert game.scenario_data["rooms"]["start"]["npcs"].present?
# Filtered should not
assert_nil filtered["rooms"]["start"]["objects"]
assert_nil filtered["rooms"]["start"]["npcs"]

22
test/models/break_escape/game_test.rb
View File

@@ -68,7 +68,7 @@ module BreakEscape
@game.player_state['inventory'] = [
{ 'type' => 'key', 'key_id' => 'office1_key', 'name' => 'Office Key' }
]
result = @game.validate_unlock('door', 'office1', '', 'key')
assert result, "Should unlock door with correct key in inventory"
end
@@ -86,7 +86,7 @@ module BreakEscape
@game.player_state['inventory'] = [
{ 'type' => 'key', 'key_id' => 'wrong_key', 'name' => 'Wrong Key' }
]
result = @game.validate_unlock('door', 'office1', '', 'key')
assert_not result, "Should reject unlock without required key"
end
@@ -102,7 +102,7 @@ module BreakEscape
}
}
@game.player_state['inventory'] = []
result = @game.validate_unlock('door', 'office1', '', nil)
assert_not result, "Should reject locked door without unlock method"
end
@@ -121,7 +121,7 @@ module BreakEscape
@game.player_state['inventory'] = [
{ 'type' => 'lockpick', 'name' => 'Lock Pick Kit' }
]
result = @game.validate_unlock('door', 'office1', '', 'lockpick')
assert result, "Should unlock door with lockpick"
end
@@ -139,7 +139,7 @@ module BreakEscape
@game.player_state['inventory'] = [
{ 'type' => 'key', 'key_id' => 'office1_key', 'name' => 'Office Key' }
]
result = @game.validate_unlock('door', 'office1', '', 'lockpick')
assert_not result, "Should reject lockpick unlock without lockpick in inventory"
end
@@ -158,7 +158,7 @@ module BreakEscape
@game.player_state['inventory'] = [
{ 'type' => 'lockpick', 'name' => 'Lock Pick Kit' }
]
# Should succeed with lockpick even without the master key
result = @game.validate_unlock('door', 'secure_vault', '', 'lockpick')
assert result, "Lockpick should bypass specific key requirement"
@@ -178,7 +178,7 @@ module BreakEscape
{ 'type' => 'key', 'key_id' => 'office1_key', 'name' => 'Office Key' },
{ 'type' => 'lockpick', 'name' => 'Lock Pick Kit' }
]
# Key unlock should succeed
result = @game.validate_unlock('door', 'office1', '', 'key')
assert result, "Key unlock should succeed"
@@ -193,7 +193,7 @@ module BreakEscape
}
}
@game.player_state['inventory'] = []
result = @game.validate_unlock('door', 'reception', '', 'unlocked')
assert result, "Should allow access to unlocked doors"
end
@@ -202,7 +202,7 @@ module BreakEscape
@game.player_state['inventory'] = [
{ 'type' => 'key', 'key_id' => 'office1_key', 'name' => 'Office Key' }
]
assert @game.has_key_in_inventory?('office1_key'), "Should find key by key_id"
assert_not @game.has_key_in_inventory?('wrong_key'), "Should not find missing key"
end
@@ -211,7 +211,7 @@ module BreakEscape
@game.player_state['inventory'] = [
{ 'type' => 'lockpick', 'name' => 'Lock Pick Kit' }
]
assert @game.has_lockpick_in_inventory?, "Should find lockpick in inventory"
end
@@ -219,7 +219,7 @@ module BreakEscape
@game.player_state['inventory'] = [
{ 'type' => 'key', 'key_id' => 'office1_key', 'name' => 'Office Key' }
]
assert_not @game.has_lockpick_in_inventory?, "Should not find non-lockpick items as lockpick"
end
end