Spaces:
Sleeping
Sleeping
solidprivacy-nl commited on
Commit ·
b8b3671
1
Parent(s): 1534687
Add WP47 local file handling privacy tests
Browse files
tests/test_local_file_handling_privacy.py
ADDED
|
@@ -0,0 +1,136 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
from __future__ import annotations
|
| 2 |
+
|
| 3 |
+
import importlib.util
|
| 4 |
+
import sys
|
| 5 |
+
from pathlib import Path
|
| 6 |
+
|
| 7 |
+
|
| 8 |
+
REPO_ROOT = Path(__file__).resolve().parents[1]
|
| 9 |
+
LAUNCHER_PATH = REPO_ROOT / "scripts" / "run_local_streamlit.py"
|
| 10 |
+
LOCAL_RUN_PATH = REPO_ROOT / "LOCAL_RUN.md"
|
| 11 |
+
|
| 12 |
+
SYNTHETIC_FILENAME = "synthetic_confidential_fixture.txt"
|
| 13 |
+
SYNTHETIC_CONTENT = "SYNTHETIC-BETROKKENE-TEST-LOCAL-001"
|
| 14 |
+
|
| 15 |
+
|
| 16 |
+
def load_launcher_module():
|
| 17 |
+
spec = importlib.util.spec_from_file_location("run_local_streamlit_under_test", LAUNCHER_PATH)
|
| 18 |
+
module = importlib.util.module_from_spec(spec)
|
| 19 |
+
assert spec.loader is not None
|
| 20 |
+
sys.modules[spec.name] = module
|
| 21 |
+
spec.loader.exec_module(module)
|
| 22 |
+
return module
|
| 23 |
+
|
| 24 |
+
|
| 25 |
+
def test_local_launcher_defaults_to_loopback_and_expected_port():
|
| 26 |
+
launcher = load_launcher_module()
|
| 27 |
+
|
| 28 |
+
args = launcher.parse_args([])
|
| 29 |
+
|
| 30 |
+
assert args.address == "127.0.0.1"
|
| 31 |
+
assert args.port == "8501"
|
| 32 |
+
|
| 33 |
+
|
| 34 |
+
def test_local_launcher_streamlit_command_disables_usage_stats_and_has_no_cloud_endpoint(monkeypatch):
|
| 35 |
+
launcher = load_launcher_module()
|
| 36 |
+
commands: list[list[str]] = []
|
| 37 |
+
|
| 38 |
+
def fake_run_checked(command: list[str]) -> None:
|
| 39 |
+
commands.append(command)
|
| 40 |
+
|
| 41 |
+
monkeypatch.setattr(launcher, "run_checked", fake_run_checked)
|
| 42 |
+
|
| 43 |
+
assert launcher.main([]) == 0
|
| 44 |
+
|
| 45 |
+
assert commands[:2] == [
|
| 46 |
+
[sys.executable, "fix_streamlit_nested_expanders.py"],
|
| 47 |
+
[sys.executable, "fix_streamlit_pdf_text_reinsert.py"],
|
| 48 |
+
]
|
| 49 |
+
streamlit_command = commands[-1]
|
| 50 |
+
command_text = " ".join(streamlit_command).lower()
|
| 51 |
+
|
| 52 |
+
assert streamlit_command[:5] == [sys.executable, "-m", "streamlit", "run", "presidio_streamlit.py"]
|
| 53 |
+
assert streamlit_command[streamlit_command.index("--server.address") + 1] == "127.0.0.1"
|
| 54 |
+
assert streamlit_command[streamlit_command.index("--server.port") + 1] == "8501"
|
| 55 |
+
assert streamlit_command[streamlit_command.index("--server.headless") + 1] == "true"
|
| 56 |
+
assert streamlit_command[streamlit_command.index("--browser.gatherUsageStats") + 1] == "false"
|
| 57 |
+
|
| 58 |
+
forbidden_fragments = [
|
| 59 |
+
"0.0.0.0",
|
| 60 |
+
"huggingface.co",
|
| 61 |
+
"api.openai.com",
|
| 62 |
+
"http://",
|
| 63 |
+
"https://",
|
| 64 |
+
"telemetry",
|
| 65 |
+
"analytics",
|
| 66 |
+
"cloud",
|
| 67 |
+
]
|
| 68 |
+
assert not any(fragment in command_text for fragment in forbidden_fragments)
|
| 69 |
+
|
| 70 |
+
|
| 71 |
+
def test_launcher_command_does_not_include_document_content_or_file_names(monkeypatch):
|
| 72 |
+
launcher = load_launcher_module()
|
| 73 |
+
commands: list[list[str]] = []
|
| 74 |
+
|
| 75 |
+
def fake_run_checked(command: list[str]) -> None:
|
| 76 |
+
commands.append(command)
|
| 77 |
+
|
| 78 |
+
monkeypatch.setattr(launcher, "run_checked", fake_run_checked)
|
| 79 |
+
|
| 80 |
+
launcher.main(["--port", "8502"])
|
| 81 |
+
|
| 82 |
+
command_text = " ".join(" ".join(command) for command in commands)
|
| 83 |
+
assert SYNTHETIC_FILENAME not in command_text
|
| 84 |
+
assert SYNTHETIC_CONTENT not in command_text
|
| 85 |
+
|
| 86 |
+
|
| 87 |
+
def test_launcher_source_does_not_write_logs_temp_files_or_packaging_behavior():
|
| 88 |
+
source = LAUNCHER_PATH.read_text(encoding="utf-8")
|
| 89 |
+
lowered = source.lower()
|
| 90 |
+
|
| 91 |
+
forbidden_source_fragments = [
|
| 92 |
+
"logging",
|
| 93 |
+
"print(",
|
| 94 |
+
".write_text",
|
| 95 |
+
".write_bytes",
|
| 96 |
+
"open(",
|
| 97 |
+
"tempfile",
|
| 98 |
+
"namedtemporaryfile",
|
| 99 |
+
"pyinstaller",
|
| 100 |
+
"tauri",
|
| 101 |
+
"electron",
|
| 102 |
+
"msi",
|
| 103 |
+
"installer",
|
| 104 |
+
]
|
| 105 |
+
assert not any(fragment in lowered for fragment in forbidden_source_fragments)
|
| 106 |
+
|
| 107 |
+
|
| 108 |
+
def test_local_run_documentation_contains_privacy_boundaries():
|
| 109 |
+
doc = LOCAL_RUN_PATH.read_text(encoding="utf-8")
|
| 110 |
+
lowered = doc.lower()
|
| 111 |
+
|
| 112 |
+
assert "hugging face" in lowered
|
| 113 |
+
assert "do not process confidential real documents" in lowered
|
| 114 |
+
assert "127.0.0.1" in doc
|
| 115 |
+
assert "--browser.gatherUsageStats false" in doc
|
| 116 |
+
assert "no real data" in lowered
|
| 117 |
+
assert "synthetic examples" in lowered
|
| 118 |
+
assert "local-only" in lowered or "local runtime" in lowered
|
| 119 |
+
|
| 120 |
+
|
| 121 |
+
def test_local_run_documentation_covers_temp_runtime_limits_and_no_packaging_claim():
|
| 122 |
+
doc = LOCAL_RUN_PATH.read_text(encoding="utf-8")
|
| 123 |
+
lowered = doc.lower()
|
| 124 |
+
|
| 125 |
+
assert "runtime privacy expectations" in lowered
|
| 126 |
+
assert "should not pass source document content" in lowered
|
| 127 |
+
assert "should not create application-managed temporary files" in lowered
|
| 128 |
+
assert "write document-content logs" in lowered
|
| 129 |
+
assert "does not add ai processing" in lowered
|
| 130 |
+
assert "cloud document processing" in lowered
|
| 131 |
+
assert "does not prove a full offline or network-traffic guarantee" in lowered
|
| 132 |
+
assert "no installer" in lowered
|
| 133 |
+
assert "pyinstaller" in lowered
|
| 134 |
+
assert "tauri" in lowered
|
| 135 |
+
assert "electron" in lowered
|
| 136 |
+
assert "msi" in lowered
|