Skip to content

e2e for policy UI dropdowns; fix tool-detail badge writing unmatchable patterns#996

Merged
RhysSullivan merged 2 commits into
mainfrom
claude/festive-lumiere-0ebcc7
Jun 13, 2026
Merged

e2e for policy UI dropdowns; fix tool-detail badge writing unmatchable patterns#996
RhysSullivan merged 2 commits into
mainfrom
claude/festive-lumiere-0ebcc7

Conversation

@RhysSullivan

Copy link
Copy Markdown
Owner

What

Adds a browser e2e scenario covering the tool policy UI end to end, and fixes a bug it surfaced in the tool-detail policy badge.

The scenario registers an OpenAPI integration, connects two accounts, and drives all three policy-authoring surfaces in the console:

  1. Per-tool dropdown (tree row) — blocks a single tool.
  2. Category dropdown (group row) — sets Require approval on a whole namespace, and asserts the more-specific leaf rule keeps precedence.
  3. Tool-detail header badge — shows the inherited rule, authors an exact rule for the selected tool, and clears it.

It then asserts the rules govern both connected accounts, appear as rows on the Policies page, and persist server-side with the exact owner/pattern/action.

Policies · the tool tree's per-tool menu and category menu both author working rules (cloud)

The bug it caught

The detail header's policy badge passed the display id (e.g. google.gmail.users.getProfile) straight to onSetPolicy. Dynamic tools are policy-matched on the full integration.owner.connection.tool address, so a rule authored from that badge matched nothing — and the menu never recognized its own rule afterward (no checkmark, no Clear).

The fix routes the badge through the same toPolicyPattern bridge the tree rows already use (static plugin tools keep their verbatim address), threads the static flag from both pages, and shows the real stored pattern as the menu header.

Verification

Green on both targets:

  • e2e/scenarios/policies-ui.test.ts — cloud + selfhost
  • packages/react unit tests, format / lint / typecheck

An OpenAPI integration with two connected accounts drives the
account-grouped tool tree: the per-tool row menu blocks one tool, the
category row menu sets require_approval on the group, and the scenario
pins the connection-wildcarded patterns both menus surface, indicator
precedence (leaf rule over category rule) across both accounts, the
Clear affordance, the /policies rows, and the persisted server-side
owner/pattern/action ordering.
…n e2e

The detail header's PolicyBadgeMenu passed the display id (e.g.
google.gmail.users.getProfile) straight to onSetPolicy, but dynamic
tools are policy-matched on integration.owner.connection.tool — so a
rule authored from the badge never matched anything, and the menu never
recognized an existing rule (no checkmark, no Clear). Route the badge
through the same toPolicyPattern bridge the tree rows use (static tools
keep their verbatim address), thread the static flag from both pages,
and show the real stored pattern as the menu header.

The policies-ui scenario now drives the badge too: it must show the
inherited category rule, author an exact Always-run rule whose pattern
actually matches (badge flips to the more specific rule), and Clear
must restore inheritance.
@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
executor-marketing 5325a3a Commit Preview URL

Branch Preview URL
Jun 13 2026, 12:25 AM

@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs
executor-cloud 5325a3a Jun 13 2026, 12:27 AM

@github-actions

github-actions Bot commented Jun 13, 2026

Copy link
Copy Markdown
Contributor

Cloudflare preview

Torn down — the PR is closed.

@pkg-pr-new

pkg-pr-new Bot commented Jun 13, 2026

Copy link
Copy Markdown

Open in StackBlitz

@executor-js/cli

npm i https://pkg.pr.new/@executor-js/cli@996

@executor-js/config

npm i https://pkg.pr.new/@executor-js/config@996

@executor-js/execution

npm i https://pkg.pr.new/@executor-js/execution@996

@executor-js/sdk

npm i https://pkg.pr.new/@executor-js/sdk@996

@executor-js/codemode-core

npm i https://pkg.pr.new/@executor-js/codemode-core@996

@executor-js/runtime-quickjs

npm i https://pkg.pr.new/@executor-js/runtime-quickjs@996

@executor-js/plugin-file-secrets

npm i https://pkg.pr.new/@executor-js/plugin-file-secrets@996

@executor-js/plugin-graphql

npm i https://pkg.pr.new/@executor-js/plugin-graphql@996

@executor-js/plugin-keychain

npm i https://pkg.pr.new/@executor-js/plugin-keychain@996

@executor-js/plugin-mcp

npm i https://pkg.pr.new/@executor-js/plugin-mcp@996

@executor-js/plugin-onepassword

npm i https://pkg.pr.new/@executor-js/plugin-onepassword@996

@executor-js/plugin-openapi

npm i https://pkg.pr.new/@executor-js/plugin-openapi@996

executor

npm i https://pkg.pr.new/executor@996

commit: 5325a3a

@RhysSullivan RhysSullivan merged commit c8f1811 into main Jun 13, 2026
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant