feat: harden gateway with policy engine, secure tools, and governance docs

tests/test_audit.py

@@ -0,0 +1,50 @@
+"""Tests for tamper-evident audit logging."""
+
+import json
+from pathlib import Path
+
+import pytest
+
+from aegis_gitea_mcp.audit import AuditLogger, validate_audit_log_integrity
+
+
+def test_audit_log_integrity_valid(tmp_path: Path, monkeypatch: pytest.MonkeyPatch) -> None:
+    """Fresh audit log should validate with intact hash chain."""
+    monkeypatch.setenv("GITEA_URL", "https://gitea.example.com")
+    monkeypatch.setenv("GITEA_TOKEN", "token-123")
+    monkeypatch.setenv("MCP_API_KEYS", "a" * 64)
+
+    log_path = tmp_path / "audit.log"
+    logger = AuditLogger(log_path=log_path)
+    logger.log_tool_invocation("list_repositories", result_status="pending")
+    logger.log_tool_invocation("list_repositories", result_status="success")
+    logger.close()
+
+    valid, errors = validate_audit_log_integrity(log_path)
+    assert valid
+    assert errors == []
+
+
+def test_audit_log_integrity_detects_tamper(
+    tmp_path: Path, monkeypatch: pytest.MonkeyPatch
+) -> None:
+    """Integrity validation should fail when entries are modified."""
+    monkeypatch.setenv("GITEA_URL", "https://gitea.example.com")
+    monkeypatch.setenv("GITEA_TOKEN", "token-123")
+    monkeypatch.setenv("MCP_API_KEYS", "a" * 64)
+
+    log_path = tmp_path / "audit.log"
+    logger = AuditLogger(log_path=log_path)
+    logger.log_tool_invocation("list_repositories", result_status="pending")
+    logger.log_tool_invocation("list_repositories", result_status="success")
+    logger.close()
+
+    lines = log_path.read_text(encoding="utf-8").splitlines()
+    first_entry = json.loads(lines[0])
+    first_entry["payload"]["tool_name"] = "tampered"
+    lines[0] = json.dumps(first_entry)
+    log_path.write_text("\n".join(lines) + "\n", encoding="utf-8")
+
+    valid, errors = validate_audit_log_integrity(log_path)
+    assert not valid
+    assert errors