Spaces:
Running
Running
Case Zero - initial public release (fully local: Qwen2.5-1.5B via llama.cpp + Supertonic, custom pixel-noir SPA via gradio.Server)
414dc55 | """API-level checks: the /api routes serve the public case through gradio.Server and | |
| never leak sealed fields. Uses Starlette's TestClient against the real Server instance. | |
| """ | |
| from __future__ import annotations | |
| import json | |
| from starlette.testclient import TestClient | |
| from case_zero.api import build_server | |
| _LEAK_TOKENS = ('"sealed"', '"killer"', '"correctMotive"', '"keyEvidence"', '"present"', '"default"', '"d":') | |
| def _client() -> TestClient: | |
| return TestClient(build_server()) | |
| def test_healthz() -> None: | |
| assert _client().get("/healthz").json() == {"ok": True} | |
| def test_post_case_returns_public_case_without_leak() -> None: | |
| resp = _client().post("/api/case", json={"caseId": "GRAYMOOR-3107"}) | |
| assert resp.status_code == 200 | |
| body = resp.json() | |
| assert body["caseId"] == "GRAYMOOR-3107" | |
| assert len(body["runId"]) >= 16 | |
| case = body["case"] | |
| assert len(case["suspects"]) == 4 | |
| assert len(case["evidence"]) == 6 | |
| assert case["suspects"][0]["suggestedQuestions"] | |
| blob = json.dumps(body) | |
| for token in _LEAK_TOKENS: | |
| assert token not in blob, f"sealed token leaked through the API: {token}" | |
| def test_get_unknown_case_is_404() -> None: | |
| assert _client().get("/api/case/NOPE-0000").status_code == 404 | |