test(handlers): add workspace_crud validation helper tests (#713)
Covers the three pure validator functions introduced in #685/#688:
validateWorkspaceID(id):
- valid UUID forms (nil error)
- empty, traversal, SQL injection, short, invalid hex → error
validateWorkspaceDir(dir):
- absolute non-system paths → nil
- relative paths → error
- traversal sequences (..) → error
- system paths (/etc, /proc, /sys, /dev, /boot, /sbin, /bin,
/lib, /usr, /var) → error
- prefixes of system paths → error
validateWorkspaceFields(name, role, model, runtime):
- all-empty → nil
- valid values → nil
- name > 255 chars → error; exactly 255 → nil
- role > 1000 chars → error
- model > 100 chars → error
- runtime > 100 chars → error
- \n or \r in any field → error
- YAML special chars ({ } [ ] | > * & !) in name/role → error
- YAML chars allowed in model/runtime (only name/role are gated)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Molecule AI Fullstack Engineer
dccc8f53cb