"""危险命令检测测试。"""

import pytest
from butler.security.guardrail import is_dangerous_command


class TestDangerousCommandDetection:
    """危险命令检测测试。"""

    def test_safe_commands(self):
        """安全命令不被标记。"""
        assert is_dangerous_command("ls -la") is False
        assert is_dangerous_command("cat file.txt") is False
        assert is_dangerous_command("echo hello") is False
        assert is_dangerous_command("pwd") is False

    def test_rm_rf_detection(self):
        """检测 rm -rf。"""
        assert is_dangerous_command("rm -rf /") is True
        assert is_dangerous_command("rm -rf ./node_modules") is True
        assert is_dangerous_command("rm -fr /tmp") is True

    def test_chmod_777_detection(self):
        """检测 chmod 777。"""
        assert is_dangerous_command("chmod 777 /tmp") is True
        assert is_dangerous_command("chmod -R 777 /var") is True

    def test_sudo_detection(self):
        """检测 sudo 提权。"""
        assert is_dangerous_command("sudo rm file") is True
        assert is_dangerous_command("sudo apt update") is True

    def test_command_injection_detection(self):
        """检测命令注入。"""
        assert is_dangerous_command("sh -c 'rm -rf /'") is True
        assert is_dangerous_command("bash -c 'evil'") is True
        assert is_dangerous_command("echo 'rm -rf' | bash") is True

    def test_disk_operations_detection(self):
        """检测磁盘操作。"""
        assert is_dangerous_command("dd if=/dev/zero of=/dev/sda") is True
        assert is_dangerous_command("mkfs.ext4 /dev/sda1") is True
        assert is_dangerous_command("fdisk /dev/sda") is True

    def test_system_operations_detection(self):
        """检测系统操作。"""
        assert is_dangerous_command("shutdown now") is True
        assert is_dangerous_command("reboot") is True
        assert is_dangerous_command("iptables -F") is True

    def test_safe_rm_single_file(self):
        """单独删除文件是安全的。"""
        assert is_dangerous_command("rm file.txt") is False
        assert is_dangerous_command("rm -i file.txt") is False