refactor(weld): rename policy_enforced_http to http and fix clippy warnings

Mossaka · Mossaka · commit b7312892a1c6 · 2025-07-25T08:52:26.000-07:00
Signed-off-by: Jiaxiao Zhou &lt;duibao55328@gmail.com&gt;
diff --git a/crates/component2json/src/lib.rs b/crates/component2json/src/lib.rs
@@ -695,7 +695,7 @@ mod tests {
     #[test]
     fn test_vals_to_json_single() {
         let val = Val::Bool(true);
-        let json_val = vals_to_json(&[val.clone()]);
+        let json_val = vals_to_json(std::slice::from_ref(&val));
         assert_eq!(json_val, val_to_json(&val));
     }
 
diff --git a/crates/weld/src/http.rs b/crates/weld/src/http.rs
diff --git a/crates/weld/src/lib.rs b/crates/weld/src/lib.rs
@@ -25,8 +25,8 @@ use wasmtime_wasi_http::{WasiHttpCtx, WasiHttpView};
 mod wasistate;
 pub use wasistate::{create_wasi_state_template_from_policy, WasiStateTemplate};
 
-mod policy_enforced_http;
-pub use policy_enforced_http::WeldWasiState;
+mod http;
+pub use http::WeldWasiState;
 
 const DOWNLOADS_DIR: &str = "downloads";
 
@@ -1556,22 +1556,6 @@ permissions: {}
         Ok(())
     }
 
-    #[test(tokio::test)]
-    async fn test_get_wasi_state_for_component_default_policy() -> Result<()> {
-        let manager = create_test_manager().await?;
-
-        // Test getting WASI state for component without attached policy (should use default)
-        let _wasi_state = manager
-            .get_wasi_state_for_component("test-component")
-            .await?;
-
-        // Should not fail and return a valid WasiState
-        // We can't directly inspect the WasiState, but we can verify it was created successfully
-        assert!(true); // If we get here without error, the test passes
-
-        Ok(())
-    }
-
     #[test(tokio::test)]
     async fn test_get_wasi_state_for_component_with_policy() -> Result<()> {
         let manager = create_test_manager().await?;
@@ -1599,9 +1583,6 @@ permissions:
             .get_wasi_state_for_component(TEST_COMPONENT_ID)
             .await?;
 
-        // Should not fail and return a valid WasiState with the policy applied
-        assert!(true); // If we get here without error, the test passes
-
         Ok(())
     }
 
diff --git a/tests/fetch_integration_test.rs b/tests/fetch_integration_test.rs
@@ -22,10 +22,7 @@ async fn test_fetch_with_network_policy_enforcement() -> Result<()> {
 
     let target_url = "https://example.com/";
 
-    println!(
-        "Attempting to fetch {} without network permissions...",
-        target_url
-    );
+    println!("Attempting to fetch {target_url} without network permissions...");
 
     let result = manager
         .execute_component_call(
@@ -37,23 +34,19 @@ async fn test_fetch_with_network_policy_enforcement() -> Result<()> {
 
     match result {
         Ok(response) => {
-            println!("Component response: {}", response);
+            println!("Component response: {response}");
 
             // Check if the response contains an error indicating the request was blocked
             if response.contains("HttpRequestDenied") {
                 println!("✅ Network request properly blocked by policy!");
             } else {
                 panic!(
-                    "Expected network request to be blocked, but got successful response: {}",
-                    response
+                    "Expected network request to be blocked, but got successful response: {response}"
                 );
             }
         }
         Err(e) => {
-            panic!(
-                "Expected network request to be blocked, but got successful response: {}",
-                e
-            );
+            panic!("Expected network request to be blocked, but got successful response: {e}");
         }
     }
 
@@ -70,10 +63,7 @@ async fn test_fetch_with_network_policy_enforcement() -> Result<()> {
     assert!(grant_result.is_ok(), "Failed to grant network permission");
 
     // Then try to fetch with network permissions - should succeed
-    println!(
-        "Attempting to fetch {} with network permissions...",
-        target_url
-    );
+    println!("Attempting to fetch {target_url} with network permissions...");
 
     let result = manager
         .execute_component_call(
@@ -85,27 +75,20 @@ async fn test_fetch_with_network_policy_enforcement() -> Result<()> {
 
     match result {
         Ok(response) => {
-            println!("Fetch response after granting permission: {}", response);
+            println!("Fetch response after granting permission: {response}");
 
             if response.contains("HttpRequestDenied") {
-                panic!(
-                    "Network request still being blocked after granting permission: {}",
-                    response
-                );
+                panic!("Network request still being blocked after granting permission: {response}");
             } else {
                 assert!(
                     response.contains("Example Domain") || response.contains("example"),
-                    "Expected response to contain example.com content, got: {}",
-                    response
+                    "Expected response to contain example.com content, got: {response}"
                 );
                 println!("✅ Network request succeeded after granting permission!");
             }
         }
         Err(e) => {
-            panic!(
-                "Expected network request to be blocked, but got successful response: {}",
-                e
-            );
+            panic!("Expected network request to be blocked, but got successful response: {e}");
         }
     }
 
@@ -142,13 +125,13 @@ async fn test_fetch_with_different_host_still_denied() -> Result<()> {
 
     match result {
         Err(e) => {
-            panic!("Expected request to httpbin.org to be denied when only example.com is allowed, got: {}", e);
+            panic!("Expected request to httpbin.org to be denied when only example.com is allowed, got: {e}");
         }
         Ok(response) => {
             if response.contains("HttpRequestDenied") {
                 println!("✅ Request to unauthorized host properly blocked!");
             } else {
-                panic!("Expected request to httpbin.org to be denied when only example.com is allowed, got: {}", response);
+                panic!("Expected request to httpbin.org to be denied when only example.com is allowed, got: {response}");
             }
         }
     }
@@ -186,13 +169,10 @@ async fn test_fetch_with_scheme_specific_permissions() -> Result<()> {
     // HTTPS should succeed or fail for non-policy reasons
     match https_result {
         Ok(response) => {
-            println!("HTTPS fetch response: {}", response);
+            println!("HTTPS fetch response: {response}");
 
             if response.contains("HttpRequestDenied") {
-                panic!(
-                    "HTTPS request should not be blocked by policy, got: {}",
-                    response
-                );
+                panic!("HTTPS request should not be blocked by policy, got: {response}");
             } else {
                 println!("✅ HTTPS request allowed as expected");
             }
@@ -203,8 +183,7 @@ async fn test_fetch_with_scheme_specific_permissions() -> Result<()> {
                 !error_msg.contains("denied")
                     && !error_msg.contains("HttpRequestUriInvalid")
                     && !error_msg.contains("HttpRequestDenied"),
-                "HTTPS request should not be denied by policy: {}",
-                error_msg
+                "HTTPS request should not be denied by policy: {error_msg}"
             );
         }
     }
@@ -221,21 +200,19 @@ async fn test_fetch_with_scheme_specific_permissions() -> Result<()> {
     match http_result {
         Err(e) => {
             let error_msg = e.to_string();
-            println!("Expected HTTP denial: {}", error_msg);
+            println!("Expected HTTP denial: {error_msg}");
 
             assert!(
                 error_msg.contains("HttpRequestDenied"),
-                "Expected HTTP request to be denied when only HTTPS is allowed: {}",
-                error_msg
+                "Expected HTTP request to be denied when only HTTPS is allowed: {error_msg}"
             );
         }
         Ok(response) => {
             if response.contains("HttpRequestDenied") {
                 println!("✅ HTTP request properly blocked when only HTTPS allowed!");
             } else {
                 panic!(
-                    "Expected HTTP request to be denied when only HTTPS is allowed, got: {}",
-                    response
+                    "Expected HTTP request to be denied when only HTTPS is allowed, got: {response}"
                 );
             }
         }
diff --git a/tests/file_integration_test.rs b/tests/file_integration_test.rs
@@ -206,9 +206,8 @@ async fn test_filesystem_component_integration() -> Result<()> {
     let project_dir = std::env::var("CARGO_MANIFEST_DIR").context("CARGO_MANIFEST_DIR not set")?;
 
     let execute_request = format!(
-        r#"{{"jsonrpc": "2.0", "method": "tools/call", "params": {{"name": "list-directory", "arguments": {{"path": "{}"}}}}, "id": 4}}
-"#,
-        project_dir
+        r#"{{"jsonrpc": "2.0", "method": "tools/call", "params": {{"name": "list-directory", "arguments": {{"path": "{project_dir}"}}}}, "id": 4}}
+"#
     );
 
     stdin.write_all(execute_request.as_bytes()).await?;
@@ -247,9 +246,8 @@ async fn test_filesystem_component_integration() -> Result<()> {
         .contains("Failed to read directory"));
 
     let grant_permission_request = format!(
-        r#"{{"jsonrpc": "2.0", "method": "tools/call", "params": {{"name": "grant-storage-permission", "arguments": {{"component_id": "filesystem", "details": {{"uri": "fs://{}", "access": ["read"]}}}}}}, "id": 5}}
-"#,
-        project_dir
+        r#"{{"jsonrpc": "2.0", "method": "tools/call", "params": {{"name": "grant-storage-permission", "arguments": {{"component_id": "filesystem", "details": {{"uri": "fs://{project_dir}", "access": ["read"]}}}}}}, "id": 5}}
+"#
     );
 
     stdin.write_all(grant_permission_request.as_bytes()).await?;
@@ -308,9 +306,8 @@ async fn test_filesystem_component_integration() -> Result<()> {
     assert!(policy_info["policy_info"]["policy_id"].is_string());
 
     let execute_with_permission_request = format!(
-        r#"{{"jsonrpc": "2.0", "method": "tools/call", "params": {{"name": "list-directory", "arguments": {{"path": "{}"}}}}, "id": 7}}
-"#,
-        project_dir
+        r#"{{"jsonrpc": "2.0", "method": "tools/call", "params": {{"name": "list-directory", "arguments": {{"path": "{project_dir}"}}}}, "id": 7}}
+"#
     );
 
     stdin
@@ -401,7 +398,7 @@ async fn test_filesystem_component_lifecycle_manager() -> Result<()> {
         .execute_component_call(
             &id,
             "list-directory",
-            &format!(r#"{{"path": "{}"}}"#, project_dir),
+            &format!(r#"{{"path": "{project_dir}"}}"#),
         )
         .await;
 
@@ -411,10 +408,7 @@ async fn test_filesystem_component_lifecycle_manager() -> Result<()> {
         Ok(response) => {
             // If it succeeds, it should be because the component has some default access
             // but it might still benefit from explicit permissions
-            println!(
-                "Component succeeded without explicit permissions: {}",
-                response
-            );
+            println!("Component succeeded without explicit permissions: {response}");
         }
         Err(error) => {
             // If it fails, verify it's the expected permission error
@@ -441,14 +435,14 @@ async fn test_filesystem_component_lifecycle_manager() -> Result<()> {
     let policy_info = policy_info.unwrap();
     let policy_content = tokio::fs::read_to_string(&policy_info.local_path).await?;
     assert!(policy_content.contains("storage"));
-    assert!(policy_content.contains(&format!("fs://{}", project_dir)));
+    assert!(policy_content.contains(&format!("fs://{project_dir}")));
     assert!(policy_content.contains("read"));
 
     let result_with_permission = manager
         .execute_component_call(
             &id,
             "list-directory",
-            &format!(r#"{{"path": "{}"}}"#, project_dir),
+            &format!(r#"{{"path": "{project_dir}"}}"#),
         )
         .await;
 
diff --git a/tests/transport_integration_test.rs b/tests/transport_integration_test.rs
@@ -1,5 +1,4 @@
 use std::net::{Ipv4Addr, SocketAddr, SocketAddrV4};
-use std::path::PathBuf;
 use std::process::Stdio;
 use std::sync::Arc;
 use std::time::Duration;
@@ -284,7 +283,7 @@ async fn test_load_component_from_oci() -> Result<()> {
                 || error_msg.contains("docker client")
                 || error_msg.contains("Failed to start docker registry")
             {
-                println!("Skipping OCI test: Docker is not available - {}", error_msg);
+                println!("Skipping OCI test: Docker is not available - {error_msg}");
                 return Ok(());
             }
             return Err(e);

Original file line number	Diff line number	Diff line change
`@@ -695,7 +695,7 @@ mod tests {`
`695`	`695`	`#[test]`
`696`	`696`	`fn test_vals_to_json_single() {`
`697`	`697`	`let val = Val::Bool(true);`
`698`		`- let json_val = vals_to_json(&[val.clone()]);`
	`698`	`+ let json_val = vals_to_json(std::slice::from_ref(&val));`
`699`	`699`	`assert_eq!(json_val, val_to_json(&val));`
`700`	`700`	`}`
`701`	`701`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,4 @@`
`1`	`1`	`use std::net::{Ipv4Addr, SocketAddr, SocketAddrV4};`
`2`		`-use std::path::PathBuf;`
`3`	`2`	`use std::process::Stdio;`
`4`	`3`	`use std::sync::Arc;`
`5`	`4`	`use std::time::Duration;`
`@@ -284,7 +283,7 @@ async fn test_load_component_from_oci() -> Result<()> {`
`284`	`283`	`\|\| error_msg.contains("docker client")`
`285`	`284`	`\|\| error_msg.contains("Failed to start docker registry")`
`286`	`285`	`{`
`287`		`- println!("Skipping OCI test: Docker is not available - {}", error_msg);`
	`286`	`+ println!("Skipping OCI test: Docker is not available - {error_msg}");`
`288`	`287`	`return Ok(());`
`289`	`288`	`}`
`290`	`289`	`return Err(e);`