npm - @01.software/init - Versions diffs - 0.9.1 → 0.10.0 - Mend

@01.software/init 0.9.1 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (119) hide show

package/dist/create-app-templates/ecommerce/tests/customer-cart.test.ts ADDED Viewed

@@ -0,0 +1,392 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import { resolveCustomerCartToken } from "../lib/customer/cart-sync.ts";
+import {
+  clearSessionAndCartTokens,
+  readSessionToken,
+  writeSessionToken,
+  type SessionCookieStore,
+} from "../lib/customer/session.ts";
+import { resolveCartProvider } from "../lib/cart/select-provider.ts";
+import { resolveCheckoutCommerceProvider } from "../lib/checkout/checkout-provider.ts";
+import { buildSoftwareCommerceProvider } from "../lib/commerce/adapters/software.ts";
+import type { CartProvider, CommerceProvider } from "../lib/commerce/provider.ts";
+import type { ShippingPolicy } from "../lib/commerce/types.ts";
+import { appConfig } from "../app-config.ts";
+// ---- login cart-sync: merge (union/claim) vs mine -------------------------
+/**
+ * A fake customer-JWT commerce client recording how the login cart-sync calls
+ * merge/mine. `merge`/`mine` return the resolved customer cart token (the
+ * capability handle the storefront persists).
+ */
+function fakeCommerce(opts: {
+  mergeToken?: string | null;
+  mineToken?: string | null;
+  calls: string[];
+}) {
+  return {
+    cart: {
+      async merge(params: { guestCartToken: string }) {
+        opts.calls.push(`merge:${params.guestCartToken}`);
+        return { cartToken: opts.mergeToken ?? null };
+      },
+      async mine() {
+        opts.calls.push("mine");
+        return { cartToken: opts.mineToken ?? null };
+      },
+    },
+  };
+}
+test("cart-sync: union merge stores the resolved customer cart token", async () => {
+  // Overlapping + disjoint guest lines union server-side; merge returns the
+  // customer cart's token, which the storefront persists.
+  const calls: string[] = [];
+  const commerce = fakeCommerce({ mergeToken: "cart_customer", calls });
+  const result = await resolveCustomerCartToken(commerce, "cart_guest");
+  assert.deepEqual(calls, ["merge:cart_guest"]);
+  assert.equal(result.cartToken, "cart_customer");
+});
+test("cart-sync: claim merge (no existing customer cart) stores the token", async () => {
+  // The guest cart is claimed (taken over); merge still returns a token to keep
+  // operating the now-customer-bound cart.
+  const calls: string[] = [];
+  const commerce = fakeCommerce({ mergeToken: "cart_claimed", calls });
+  const result = await resolveCustomerCartToken(commerce, "cart_guest");
+  assert.deepEqual(calls, ["merge:cart_guest"]);
+  assert.equal(result.cartToken, "cart_claimed");
+});
+test("cart-sync: no guest cart loads the customer's active cart via mine()", async () => {
+  // Cross-device: a fresh device has no guest cookie, so mine() resolves the
+  // existing customer cart by JWT.
+  const calls: string[] = [];
+  const commerce = fakeCommerce({ mineToken: "cart_existing", calls });
+  const result = await resolveCustomerCartToken(commerce, null);
+  assert.deepEqual(calls, ["mine"]);
+  assert.equal(result.cartToken, "cart_existing");
+});
+test("cart-sync: mine() with no active cart resolves null (cookie gets cleared)", async () => {
+  const calls: string[] = [];
+  const commerce = fakeCommerce({ mineToken: null, calls });
+  const result = await resolveCustomerCartToken(commerce, null);
+  assert.deepEqual(calls, ["mine"]);
+  assert.equal(result.cartToken, null);
+});
+// ---- provider selection branches on the session token ---------------------
+const GUEST = { tag: "guest" } as unknown as CartProvider;
+const CUSTOMER = { tag: "customer" } as unknown as CartProvider;
+test("provider select: a session token routes to the customer cart provider", () => {
+  let seenToken: string | null = null;
+  const provider = resolveCartProvider("jwt-abc", {
+    guest: () => GUEST,
+    customer: (token) => {
+      seenToken = token;
+      return CUSTOMER;
+    },
+  });
+  assert.equal(provider, CUSTOMER);
+  assert.equal(seenToken, "jwt-abc");
+});
+test("provider select: no session token keeps the guest cart provider", () => {
+  let customerCalled = false;
+  const provider = resolveCartProvider(null, {
+    guest: () => GUEST,
+    customer: () => {
+      customerCalled = true;
+      return CUSTOMER;
+    },
+  });
+  assert.equal(provider, GUEST);
+  assert.equal(customerCalled, false);
+});
+// ---- a logged-in user never mints a guest cart (SDK boundary) -------------
+const POLICY: ShippingPolicy = { currency: "KRW", baseAmount: 0 };
+/** Fake SDK client recording cart-namespace calls. */
+function fakeSdkClient(calls: string[]) {
+  return {
+    commerce: {
+      cart: {
+        async create() {
+          calls.push("commerce.cart.create");
+          return { cartToken: "cart_customer-bound" };
+        },
+        async get(token: string) {
+          calls.push(`commerce.cart.get:${token}`);
+          return { id: "c1", currency: "KRW", items: [] };
+        },
+        async addItem(params: { cartToken: string }) {
+          calls.push(`commerce.cart.addItem:${params.cartToken}`);
+          return {};
+        },
+      },
+    },
+    collections: {
+      from() {
+        return {
+          async find() {
+            return { docs: [] };
+          },
+          async update() {
+            return {};
+          },
+        };
+      },
+    },
+  };
+}
+test("provider builder: createCart() routes through the bound client (no hidden guest fallback)", async () => {
+  const calls: string[] = [];
+  // The customer cart provider is the shared provider builder bound to the
+  // customer-JWT client (see createSoftwareCustomerCartProvider), so create()
+  // routes through whatever client the provider was built with — there is no
+  // separate guest-cart code path. Bound to the JWT client, the JWT auto-binds
+  // `customer`, yielding a customer-bound cart.
+  const provider = buildSoftwareCommerceProvider(
+    Promise.resolve(fakeSdkClient(calls) as never),
+    POLICY,
+  );
+  const created = await provider.createCart();
+  assert.equal(created.cartToken, "cart_customer-bound");
+  assert.deepEqual(calls, ["commerce.cart.create"]);
+});
+test("customer cart provider: addCartItem() operates the cart by token through the client", async () => {
+  const calls: string[] = [];
+  const provider = buildSoftwareCommerceProvider(
+    Promise.resolve(fakeSdkClient(calls) as never),
+    POLICY,
+  );
+  const view = await provider.addCartItem({
+    cartToken: "cart_customer-bound",
+    item: { productId: "p1", variantId: "v1", quantity: 1 },
+  });
+  assert.ok(calls.includes("commerce.cart.addItem:cart_customer-bound"));
+  assert.ok(calls.includes("commerce.cart.get:cart_customer-bound"));
+  assert.equal(view.id, "c1");
+});
+// ---- checkout provider selection uses the customer session JWT ------------
+const GUEST_CHECKOUT = { tag: "guest-checkout" } as unknown as CommerceProvider;
+const CUSTOMER_CHECKOUT = {
+  tag: "customer-checkout",
+} as unknown as CommerceProvider;
+test("checkout provider select: a session token routes checkout through the customer provider", () => {
+  let seenToken: string | null = null;
+  const provider = resolveCheckoutCommerceProvider("jwt-checkout", {
+    guest: () => GUEST_CHECKOUT,
+    customer: (token) => {
+      seenToken = token;
+      return CUSTOMER_CHECKOUT;
+    },
+  });
+  assert.equal(provider, CUSTOMER_CHECKOUT);
+  assert.equal(seenToken, "jwt-checkout");
+});
+test("checkout provider select: no session token preserves the guest checkout provider", () => {
+  let customerCalled = false;
+  const provider = resolveCheckoutCommerceProvider(null, {
+    guest: () => GUEST_CHECKOUT,
+    customer: () => {
+      customerCalled = true;
+      return CUSTOMER_CHECKOUT;
+    },
+  });
+  assert.equal(provider, GUEST_CHECKOUT);
+  assert.equal(customerCalled, false);
+});
+// ---- checkout crosses the SDK boundary with the bound customer client -----
+function fakeCheckoutSdkClient(calls: string[]) {
+  return {
+    commerce: {
+      product: {
+        async detail() {
+          return null;
+        },
+        async stockCheck() {
+          return { allAvailable: true, results: [] };
+        },
+      },
+      cart: {
+        async create() {
+          return { cartToken: "cart_customer-bound" };
+        },
+        async get(cartToken: string) {
+          calls.push(`commerce.cart.get:${cartToken}`);
+          return {
+            id: cartToken === "cart_other_token" ? "cart_other" : "cart_owned",
+            currency: "KRW",
+            totalAmount: 99000,
+            items: [{ id: "item_1", variant: "var_1", quantity: 1 }],
+          };
+        },
+        async addItem() {
+          return {};
+        },
+        async updateItem() {
+          return {};
+        },
+        async removeItem() {
+          return {};
+        },
+        async clear() {
+          return {};
+        },
+      },
+      orders: {
+        async checkout(params: { cartId: string }) {
+          calls.push(`commerce.orders.checkout:${params.cartId}`);
+          if (params.cartId === "cart_other") {
+            throw Object.assign(new Error("Forbidden"), { status: 403 });
+          }
+          return {
+            id: "checkout_1",
+            orderNumber: "ORD-1",
+            totalAmount: 99000,
+            items: [],
+          };
+        },
+        async confirmPaymentReturningOrder() {
+          throw new Error("not used");
+        },
+        async getByPaymentId() {
+          throw new Error("not used");
+        },
+        async updateTransaction() {
+          throw new Error("not used");
+        },
+        async cancelOrder() {
+          throw new Error("not used");
+        },
+      },
+    },
+    collections: {
+      from(slug: string) {
+        return {
+          async find() {
+            calls.push(`collections.${slug}.find`);
+            return { docs: [] };
+          },
+          async update(id: string) {
+            calls.push(`collections.${slug}.update:${id}`);
+            return {};
+          },
+        };
+      },
+    },
+  };
+}
+test("customer checkout provider: own cart checks out through the bound SDK client", async () => {
+  const calls: string[] = [];
+  const provider = buildSoftwareCommerceProvider(
+    Promise.resolve(fakeCheckoutSdkClient(calls) as never),
+    POLICY,
+  );
+  const pending = await provider.checkoutCart({
+    cartToken: "cart_owned_token",
+    customerSnapshot: {
+      name: "Ada",
+      email: "ada@example.com",
+      phone: "010",
+    },
+    shippingAddress: {
+      recipientName: "Ada",
+      phone: "010",
+      postalCode: "04524",
+      address: "Seoul",
+      detailAddress: "101",
+    },
+  });
+  assert.equal(pending.order.orderNumber, "ORD-1");
+  assert.ok(calls.includes("commerce.cart.get:cart_owned_token"));
+  assert.ok(calls.includes("collections.carts.update:cart_owned"));
+  assert.ok(calls.includes("commerce.orders.checkout:cart_owned"));
+});
+test("customer checkout provider: another customer's cart is rejected by the SDK boundary", async () => {
+  const calls: string[] = [];
+  const provider = buildSoftwareCommerceProvider(
+    Promise.resolve(fakeCheckoutSdkClient(calls) as never),
+    POLICY,
+  );
+  await assert.rejects(
+    provider.checkoutCart({
+      cartToken: "cart_other_token",
+      customerSnapshot: {
+        name: "Ada",
+        email: "ada@example.com",
+        phone: "010",
+      },
+      shippingAddress: {
+        recipientName: "Ada",
+        phone: "010",
+        postalCode: "04524",
+        address: "Seoul",
+        detailAddress: "101",
+      },
+    }),
+    Object.assign(new Error("Forbidden"), { status: 403 }),
+  );
+  assert.ok(calls.includes("commerce.orders.checkout:cart_other"));
+});
+// ---- logout clears both the session JWT and the cart cookie ---------------
+function fakeCookieStore(): SessionCookieStore & { entries: Map<string, string> } {
+  const entries = new Map<string, string>();
+  return {
+    entries,
+    get(name) {
+      const value = entries.get(name);
+      return value === undefined ? undefined : { value };
+    },
+    set(name, value) {
+      entries.set(name, value);
+    },
+    delete(name) {
+      entries.delete(name);
+    },
+  };
+}
+test("logout: clears both the session JWT cookie and the cart cookie atomically", () => {
+  const store = fakeCookieStore();
+  writeSessionToken(store, "jwt-123");
+  store.set(appConfig.cartKey, "cart_customer", {
+    httpOnly: true,
+    secure: false,
+    sameSite: "lax",
+    path: "/",
+    maxAge: 1,
+  });
+  clearSessionAndCartTokens(store);
+  assert.equal(readSessionToken(store), null);
+  assert.equal(store.entries.get(appConfig.cartKey), undefined);
+});