from __future__ import annotations import argparse import importlib.util from pathlib import Path ROOT = Path(__file__).resolve().parents[3] SCRIPT = ROOT / "scripts" / "reboot-recovery" / "windows99-management-channel-probe.py" def _load_module(): spec = importlib.util.spec_from_file_location( "windows99_management_channel_probe", SCRIPT, ) assert spec is not None module = importlib.util.module_from_spec(spec) assert spec.loader is not None spec.loader.exec_module(module) return module def test_management_probe_surfaces_no_secret_console_channels(monkeypatch): module = _load_module() def fake_tcp_status(_host: str, port: int, _timeout: float) -> str: return "open" if port in {22, 2179, 3389} else "timeout" monkeypatch.setattr(module, "tcp_status", fake_tcp_status) monkeypatch.setattr( module, "ping_status", lambda _host: {"checked": True, "ok": False, "status": "failed"}, ) monkeypatch.setattr( module, "ssh_batch_status", lambda *_args, **_kwargs: { "checked": True, "ready": False, "status": "permission_denied", }, ) payload = module.build_payload( argparse.Namespace( host="192.168.0.99", ssh_user="administrator", tcp_timeout=0.01, ssh_timeout=1, ports=None, skip_ssh=False, console_artifact_status="not_attempted", console_artifact_blockers=None, generated_at="2026-07-02T16:00:00+08:00", output=None, ) ) assert "2179" in payload["tcp_ports"] assert payload["readback_present"] is True assert payload["hyperv_vmconnect_open"] is True assert payload["rdp_console_reachable"] is True assert payload["local_console_channel_reachable"] is True assert payload["console_collection_channels"] == [ "rdp_console", "hyperv_vmconnect", ] assert payload["console_artifact_status"] == "not_attempted" assert payload["console_artifact_reliable"] is False assert payload["console_artifact_blockers"] == [] assert payload["remote_execution_channel_ready"] is False assert payload["can_collect_vmware_verify_without_secret"] is False assert "windows99_remote_execution_channel_unavailable" in payload["blockers"] assert "read_windows_password" in payload["forbidden_actions"] def test_management_probe_surfaces_multiple_ssh_candidates(monkeypatch): module = _load_module() def fake_tcp_status(_host: str, port: int, _timeout: float) -> str: return "open" if port in {22, 3389} else "timeout" def fake_ssh_batch_status( _host: str, user: str, _timeout: int, _port_open: bool, ) -> dict[str, object]: return { "checked": True, "ready": user == "wooo", "status": "ready" if user == "wooo" else "permission_denied", } monkeypatch.setattr(module, "tcp_status", fake_tcp_status) monkeypatch.setattr( module, "ping_status", lambda _host: {"checked": True, "ok": True, "status": "ok"}, ) monkeypatch.setattr(module, "ssh_batch_status", fake_ssh_batch_status) payload = module.build_payload( argparse.Namespace( host="192.168.0.99", ssh_users=["administrator", "wooo", "ogt"], tcp_timeout=0.01, ssh_timeout=1, ports=None, skip_ssh=False, console_artifact_status="not_attempted", console_artifact_blockers=None, generated_at="2026-07-02T16:00:00+08:00", output=None, ) ) assert payload["ssh_users"] == ["administrator", "wooo", "ogt"] assert payload["ssh_user"] == "wooo" assert payload["ssh_batch"]["status"] == "ready" assert payload["remote_execution_channel_ready"] is True assert payload["can_collect_vmware_verify_without_secret"] is True assert payload["ssh_batch_candidates"] == [ { "user": "administrator", "checked": True, "ready": False, "status": "permission_denied", }, { "user": "wooo", "checked": True, "ready": True, "status": "ready", }, ] def test_management_probe_surfaces_console_artifact_clipboard_blocker(monkeypatch): module = _load_module() def fake_tcp_status(_host: str, port: int, _timeout: float) -> str: return "open" if port in {22, 2179, 3389} else "timeout" monkeypatch.setattr(module, "tcp_status", fake_tcp_status) monkeypatch.setattr( module, "ping_status", lambda _host: {"checked": True, "ok": True, "status": "ok"}, ) monkeypatch.setattr( module, "ssh_batch_status", lambda *_args, **_kwargs: { "checked": True, "ready": False, "status": "permission_denied", }, ) payload = module.build_payload( argparse.Namespace( host="192.168.0.99", ssh_users=["administrator"], tcp_timeout=0.01, ssh_timeout=1, ports=None, skip_ssh=False, console_artifact_status="blocked_clipboard_unreliable", console_artifact_blockers=None, generated_at="2026-07-03T09:20:00+08:00", output=None, ) ) assert payload["console_artifact_status"] == "blocked_clipboard_unreliable" assert payload["console_artifact_reliable"] is False assert payload["console_artifact_blockers"] == [ "windows99_console_clipboard_unreliable" ] assert "windows99_console_clipboard_unreliable" in payload["blockers"] assert payload["console_artifact_safe_next_step"] == ( "use_authorized_no_secret_management_channel_or_manual_console_stdout_capture" )