@emkodev/emkore 1.0.3

package/test/unit/abstract-actor.test.ts

@@ -0,0 +1,608 @@
+import { test, expect, describe } from "bun:test";
+import { Actor } from "../../src/common/abstract.actor.ts";
+import type { Permission } from "../../src/common/type/permission.type.ts";
+import { ResourceScope } from "../../src/common/type/permission.type.ts";
+
+/**
+ * Concrete Actor implementation for testing.
+ * The abstract Actor class requires concrete implementations of id, businessId, and token.
+ */
+class TestActor extends Actor {
+  constructor(
+    private _id: string,
+    private _businessId: string,
+    private _token: string,
+    permissions: Permission[] = [],
+  ) {
+    super();
+    this.permissions = permissions;
+  }
+
+  get id(): string {
+    return this._id;
+  }
+
+  get businessId(): string {
+    return this._businessId;
+  }
+
+  get token(): string {
+    return this._token;
+  }
+}
+
+describe("Actor.getTeamIds() - Team extraction from permissions", () => {
+  test("should return empty array when no permissions", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    expect(teamIds).toEqual([]);
+  });
+
+  test("should return empty array when no team permissions", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "product",
+          action: "create",
+          constraints: { scope: ResourceScope.OWNED },
+        },
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: { scope: ResourceScope.BUSINESS },
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    expect(teamIds).toEqual([]);
+  });
+
+  test("should extract single team ID from permissions", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    expect(teamIds).toEqual(["1100-legal"]);
+  });
+
+  test("should extract multiple unique team IDs", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        {
+          resource: "customer",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-sales",
+          },
+        },
+        {
+          resource: "product",
+          action: "update",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-engineering",
+          },
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    expect(teamIds.length).toEqual(3);
+    expect(teamIds.includes("1100-legal")).toEqual(true);
+    expect(teamIds.includes("1100-sales")).toEqual(true);
+    expect(teamIds.includes("1100-engineering")).toEqual(true);
+  });
+
+  test("should deduplicate team IDs from multiple permissions", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        {
+          resource: "document",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        {
+          resource: "document",
+          action: "update",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        {
+          resource: "customer",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-sales",
+          },
+        },
+        {
+          resource: "customer",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-sales",
+          },
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    // Should have exactly 2 unique team IDs despite 5 permissions
+    expect(teamIds.length).toEqual(2);
+    expect(teamIds.includes("1100-legal")).toEqual(true);
+    expect(teamIds.includes("1100-sales")).toEqual(true);
+  });
+
+  test("should ignore permissions without teamId constraint", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        {
+          resource: "product",
+          action: "create",
+          constraints: { scope: ResourceScope.OWNED },
+        },
+        {
+          resource: "order",
+          action: "list",
+          constraints: { scope: ResourceScope.BUSINESS },
+        },
+        {
+          resource: "invoice",
+          action: "retrieve",
+          // No constraints at all
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    expect(teamIds).toEqual(["1100-legal"]);
+  });
+
+  test("should handle permissions with teamId but no scope", () => {
+    // Edge case: permission has teamId but scope is not TEAM
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.OWNED,
+            teamId: "1100-legal", // Has teamId despite OWNED scope
+          },
+        },
+        {
+          resource: "customer",
+          action: "create",
+          constraints: {
+            teamId: "1100-sales", // Has teamId with no scope
+          },
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    // Should extract teamIds regardless of scope value
+    expect(teamIds.length).toEqual(2);
+    expect(teamIds.includes("1100-legal")).toEqual(true);
+    expect(teamIds.includes("1100-sales")).toEqual(true);
+  });
+});
+
+describe("Actor.getTeamIds() - Caching behavior", () => {
+  test("should cache result on first call", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+      ],
+    );
+
+    const firstCall = actor.getTeamIds();
+    const secondCall = actor.getTeamIds();
+
+    // Should return same array reference (cached)
+    expect(firstCall).toEqual(secondCall);
+    expect(firstCall === secondCall).toEqual(true);
+  });
+
+  test("should invalidate cache when permissions are set", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+      ],
+    );
+
+    const firstCall = actor.getTeamIds();
+    expect(firstCall).toEqual(["1100-legal"]);
+
+    // Update permissions
+    actor.permissions = [
+      {
+        resource: "customer",
+        action: "create",
+        constraints: {
+          scope: ResourceScope.TEAM,
+          teamId: "1100-sales",
+        },
+      },
+    ];
+
+    const secondCall = actor.getTeamIds();
+
+    // Should return new team IDs after permissions change
+    expect(secondCall).toEqual(["1100-sales"]);
+    expect(firstCall).not.toEqual(secondCall);
+  });
+
+  test("should invalidate cache when permission is added", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+      ],
+    );
+
+    const firstCall = actor.getTeamIds();
+    expect(firstCall).toEqual(["1100-legal"]);
+
+    // Add new permission
+    actor.addPermission({
+      resource: "customer",
+      action: "create",
+      constraints: {
+        scope: ResourceScope.TEAM,
+        teamId: "1100-sales",
+      },
+    });
+
+    const secondCall = actor.getTeamIds();
+
+    // Should include new team
+    expect(secondCall.length).toEqual(2);
+    expect(secondCall.includes("1100-legal")).toEqual(true);
+    expect(secondCall.includes("1100-sales")).toEqual(true);
+  });
+
+  test("should invalidate cache when permissions are added", () => {
+    const actor = new TestActor(
+      "1001-user-1",
+      "0002-business-1",
+      "token-123",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+      ],
+    );
+
+    const firstCall = actor.getTeamIds();
+    expect(firstCall).toEqual(["1100-legal"]);
+
+    // Add multiple permissions
+    actor.addPermissions([
+      {
+        resource: "customer",
+        action: "create",
+        constraints: {
+          scope: ResourceScope.TEAM,
+          teamId: "1100-sales",
+        },
+      },
+      {
+        resource: "product",
+        action: "update",
+        constraints: {
+          scope: ResourceScope.TEAM,
+          teamId: "1100-engineering",
+        },
+      },
+    ]);
+
+    const secondCall = actor.getTeamIds();
+
+    // Should include all teams
+    expect(secondCall.length).toEqual(3);
+    expect(secondCall.includes("1100-legal")).toEqual(true);
+    expect(secondCall.includes("1100-sales")).toEqual(true);
+    expect(secondCall.includes("1100-engineering")).toEqual(true);
+  });
+});
+
+describe("Actor.getTeamIds() - Real-world scenarios", () => {
+  test("Legal team member with document permissions", () => {
+    const actor = new TestActor(
+      "1001-alice",
+      "0002-techcorp",
+      "token-alice",
+      [
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        {
+          resource: "document",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        {
+          resource: "document",
+          action: "update",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        // Also has personal permissions
+        {
+          resource: "product",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.OWNED,
+          },
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    expect(teamIds).toEqual(["1100-legal"]);
+  });
+
+  test("Multi-team member (Legal + Sales)", () => {
+    const actor = new TestActor(
+      "1001-bob",
+      "0002-techcorp",
+      "token-bob",
+      [
+        // Legal team permissions
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        {
+          resource: "document",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-legal",
+          },
+        },
+        // Sales team permissions
+        {
+          resource: "customer",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-sales",
+          },
+        },
+        {
+          resource: "customer",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-sales",
+          },
+        },
+        {
+          resource: "quote",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-sales",
+          },
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    expect(teamIds.length).toEqual(2);
+    expect(teamIds.includes("1100-legal")).toEqual(true);
+    expect(teamIds.includes("1100-sales")).toEqual(true);
+  });
+
+  test("Business owner with BUSINESS scope (no teams)", () => {
+    const actor = new TestActor(
+      "1001-owner",
+      "0002-techcorp",
+      "token-owner",
+      [
+        {
+          resource: "product",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.BUSINESS,
+          },
+        },
+        {
+          resource: "product",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.BUSINESS,
+          },
+        },
+        {
+          resource: "user",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.BUSINESS,
+          },
+        },
+        {
+          resource: "team",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.BUSINESS,
+          },
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    expect(teamIds).toEqual([]);
+  });
+
+  test("Employee with mixed scope permissions", () => {
+    const actor = new TestActor(
+      "1001-carol",
+      "0002-techcorp",
+      "token-carol",
+      [
+        // Team permissions
+        {
+          resource: "document",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.TEAM,
+            teamId: "1100-engineering",
+          },
+        },
+        // Personal permissions
+        {
+          resource: "task",
+          action: "create",
+          constraints: {
+            scope: ResourceScope.OWNED,
+          },
+        },
+        {
+          resource: "task",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.OWNED,
+          },
+        },
+        // Business-wide read permissions
+        {
+          resource: "product",
+          action: "retrieve",
+          constraints: {
+            scope: ResourceScope.ALL,
+          },
+        },
+      ],
+    );
+
+    const teamIds = actor.getTeamIds();
+
+    expect(teamIds).toEqual(["1100-engineering"]);
+  });
+});

package/test/unit/actor.test.ts

@@ -0,0 +1,89 @@
+import { test, expect } from "bun:test";
+import { Actor, type Permission } from "../../mod.ts";
+
+class TestActor extends Actor {
+  constructor(
+    public readonly id: string,
+    public readonly businessId: string,
+    public readonly token: string,
+  ) {
+    super();
+  }
+}
+
+test("Actor - basic properties", () => {
+  const actor = new TestActor("user-123", "business-456", "token-789");
+
+  expect(actor.id).toEqual("user-123");
+  expect(actor.businessId).toEqual("business-456");
+  expect(actor.token).toEqual("token-789");
+  expect(actor.permissions).toEqual([]);
+});
+
+test("Actor - set permissions", () => {
+  const actor = new TestActor("user-123", "business-456", "token-789");
+
+  const permissions: Permission[] = [
+    { resource: "user", action: "create" },
+    { resource: "user", action: "read" },
+    { resource: "post", action: "write" },
+  ];
+
+  actor.permissions = permissions;
+  expect(actor.permissions.length).toEqual(3);
+  expect(actor.permissions[0].resource).toEqual("user");
+  expect(actor.permissions[0].action).toEqual("create");
+});
+
+test("Actor - add single permission", () => {
+  const actor = new TestActor("user-123", "business-456", "token-789");
+
+  actor.addPermission({ resource: "user", action: "create" });
+  expect(actor.permissions.length).toEqual(1);
+
+  actor.addPermission({ resource: "user", action: "read" });
+  expect(actor.permissions.length).toEqual(2);
+
+  // Adding a new object with same values will add it (Set compares by reference)
+  actor.addPermission({ resource: "user", action: "create" });
+  expect(actor.permissions.length).toEqual(3);
+});
+
+test("Actor - add multiple permissions", () => {
+  const actor = new TestActor("user-123", "business-456", "token-789");
+
+  const permissions: Permission[] = [
+    { resource: "user", action: "create" },
+    { resource: "user", action: "read" },
+    { resource: "post", action: "write" },
+  ];
+
+  actor.addPermissions(permissions);
+  expect(actor.permissions.length).toEqual(3);
+
+  // Adding more permissions (new objects will be added even with same values)
+  actor.addPermissions([
+    { resource: "comment", action: "delete" },
+    { resource: "user", action: "create" }, // New object, will be added
+  ]);
+
+  expect(actor.permissions.length).toEqual(5);
+});
+
+test("Actor - permissions setter replaces all", () => {
+  const actor = new TestActor("user-123", "business-456", "token-789");
+
+  // Set initial permissions
+  actor.permissions = [
+    { resource: "user", action: "create" },
+    { resource: "user", action: "read" },
+  ];
+  expect(actor.permissions.length).toEqual(2);
+
+  // Replace with new set
+  actor.permissions = [
+    { resource: "post", action: "write" },
+  ];
+  expect(actor.permissions.length).toEqual(1);
+  expect(actor.permissions[0].resource).toEqual("post");
+});