@gravito/monolith 1.0.0-alpha.6 → 1.0.0

package/tests/extra.test.ts

@@ -0,0 +1,135 @@
+import { describe, expect, it } from 'bun:test'
+import { mkdirSync, mkdtempSync, writeFileSync } from 'node:fs'
+import { rm } from 'node:fs/promises'
+import { tmpdir } from 'node:os'
+import { join } from 'node:path'
+import { ContentManager } from '../src/ContentManager'
+import { Controller } from '../src/Controller'
+import { OrbitMonolith } from '../src/index'
+import { Sanitizer } from '../src/Sanitizer'
+
+class TestController extends Controller {
+  public run() {
+    return {
+      json: this.json({ ok: true }, 201),
+      text: this.text('hi', 202),
+      redirect: this.redirect('/next', 303),
+      value: this.get<string>('token'),
+      req: this.request,
+    }
+  }
+
+  public async runValidate() {
+    return this.validate<{ id: number }>({}, 'json')
+  }
+}
+
+describe('Controller helpers', () => {
+  it('exposes response helpers and request access', async () => {
+    const context = {
+      json: (data: unknown, status: number) => ({ type: 'json', data, status }),
+      text: (text: string, status: number) => ({ type: 'text', text, status }),
+      redirect: (url: string, status: number) => ({ type: 'redirect', url, status }),
+      get: (key: string) => (key === 'token' ? 'abc' : undefined),
+      req: {
+        valid: () => ({ id: 42 }),
+      },
+    }
+
+    const controller = new TestController().setContext(context as any)
+    const result = controller.run()
+
+    expect(result.json).toEqual({ type: 'json', data: { ok: true }, status: 201 })
+    expect(result.text).toEqual({ type: 'text', text: 'hi', status: 202 })
+    expect(result.redirect).toEqual({ type: 'redirect', url: '/next', status: 303 })
+    expect(result.value).toBe('abc')
+    expect(result.req).toBe(context.req)
+
+    const validated = await controller.runValidate()
+    expect(validated.id).toBe(42)
+  })
+})
+
+describe('Sanitizer', () => {
+  it('cleans strings and nested objects', () => {
+    expect(Sanitizer.clean('plain')).toBe('plain')
+
+    const data = {
+      name: '  Ada  ',
+      empty: ' ',
+      nested: {
+        title: '  Test  ',
+      },
+      items: ['  one  ', ''],
+    }
+
+    const cleaned = Sanitizer.clean(data)
+    expect(cleaned).toEqual({
+      name: 'Ada',
+      empty: null,
+      nested: { title: 'Test' },
+      items: ['one', null],
+    })
+  })
+})
+
+describe('ContentManager security helpers', () => {
+  it('sanitizes path segments and escapes unsafe output', async () => {
+    const root = mkdtempSync(join(tmpdir(), 'monolith-content-'))
+    const base = join(root, 'content', 'docs', 'en')
+    mkdirSync(base, { recursive: true })
+
+    const markdown = `---\ntitle: Safe\n---\n\n<link>\n\n[bad](javascript:alert(1))\n\n[good](https://example.com "Title")`
+    writeFileSync(join(base, 'safe.md'), markdown)
+
+    const manager = new ContentManager(root)
+    manager.defineCollection('docs', { path: 'content/docs' })
+
+    expect(await manager.find('docs', '../hack', 'en')).toBeNull()
+    expect(await manager.list('docs', '../evil')).toEqual([])
+
+    const item = await manager.find('docs', 'safe', 'en')
+    expect(item).not.toBeNull()
+    expect(item?.body).toContain('&lt;link&gt;')
+    expect(item?.body).toContain('bad')
+    expect(item?.body).toContain('<a href="https://example.com" title="Title">good</a>')
+
+    await rm(root, { recursive: true, force: true })
+  })
+})
+
+describe('OrbitMonolith', () => {
+  it('injects ContentManager into context', async () => {
+    const middlewares: Array<(c: any, next: () => Promise<void>) => Promise<void>> = []
+
+    const core = {
+      adapter: {
+        use: (_path: string, handler: any) => {
+          middlewares.push(handler)
+        },
+      },
+      logger: {
+        info: (_message: string) => {},
+      },
+    }
+
+    const orbit = new OrbitMonolith({
+      root: '/tmp',
+      collections: { docs: { path: 'content/docs' } },
+    })
+
+    orbit.install(core as any)
+
+    const context = {
+      set: (key: string, value: unknown) => {
+        if (key === 'content') {
+          context.content = value
+        }
+      },
+      content: null as null | ContentManager,
+    }
+
+    await middlewares[0]?.(context, async () => {})
+    expect(context.content).toBeInstanceOf(ContentManager)
+  })
+})

package/tests/mvc.test.ts

@@ -0,0 +1,150 @@
+import { beforeEach, describe, expect, it } from 'bun:test'
+import { Photon } from '@gravito/photon'
+import { Controller, FormRequest, Route, Schema } from '../src'
+
+// --- Mock Classes ---
+
+class MockController extends Controller {
+  async index() {
+    return this.json({ success: true, action: 'index' })
+  }
+
+  async store() {
+    return this.json({ success: true, action: 'store' }, 201)
+  }
+
+  async show() {
+    return this.text('Viewing record')
+  }
+}
+
+class MockRequest extends FormRequest {
+  authorize() {
+    // Simulate authorization failure if header is present
+    return this.context.req.header('x-fail-auth') !== 'yes'
+  }
+
+  schema() {
+    return Schema.Object({
+      name: Schema.String({ minLength: 3 }),
+      age: Schema.Number(),
+    })
+  }
+}
+
+// --- Tests ---
+
+describe('@gravito/monolith MVC', () => {
+  let app: Photon
+
+  beforeEach(() => {
+    app = new Photon()
+  })
+
+  describe('Base Controller', () => {
+    it('should resolve call() and return json', async () => {
+      app.get('/test', MockController.call('index'))
+
+      const res = await app.request('/test')
+      expect(res.status).toBe(200)
+      expect(await res.json()).toEqual({ success: true, action: 'index' })
+    })
+
+    it('should resolve call() and return text', async () => {
+      app.get('/show', MockController.call('show'))
+
+      const res = await app.request('/show')
+      expect(res.status).toBe(200)
+      expect(await res.text()).toBe('Viewing record')
+    })
+  })
+
+  describe('Route Helper (Resource Routing)', () => {
+    it('should register multiple standard routes automatically', async () => {
+      Route.resource(app, 'users', MockController)
+
+      const resIndex = await app.request('/users')
+      expect(resIndex.status).toBe(200)
+      expect(await resIndex.json()).toEqual({ success: true, action: 'index' })
+
+      const resStore = await app.request('/users', { method: 'POST' })
+      expect(resStore.status).toBe(201)
+      expect(await resStore.json()).toEqual({ success: true, action: 'store' })
+
+      const resShow = await app.request('/users/123')
+      expect(resShow.status).toBe(200)
+      expect(await resShow.text()).toBe('Viewing record')
+    })
+  })
+
+  describe('FormRequest', () => {
+    it('should pass valid data', async () => {
+      app.post('/validate', MockRequest.middleware(), (c) => {
+        return c.json({ ok: true })
+      })
+
+      const res = await app.request('/validate', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ name: 'Carl', age: 25 }),
+      })
+
+      expect(res.status).toBe(200)
+      expect(await res.json()).toEqual({ ok: true })
+    })
+
+    it('should return 422 on validation failure with Laravel-style format', async () => {
+      app.post('/validate', MockRequest.middleware(), (c) => c.json({ ok: true }))
+
+      const res = await app.request('/validate', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ name: 'Ca', age: 'invalid' }),
+      })
+
+      expect(res.status).toBe(422)
+      const data: any = await res.json()
+      console.log('DEBUG ERRORS:', JSON.stringify(data.errors))
+      expect(data.message).toBe('The given data was invalid.')
+      expect(data.errors).toBeDefined()
+    })
+
+    it('should return 403 on authorization failure', async () => {
+      app.post('/validate', MockRequest.middleware(), (c) => c.json({ ok: true }))
+
+      const res = await app.request('/validate', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          'x-fail-auth': 'yes',
+        },
+        body: JSON.stringify({ name: 'Carl', age: 25 }),
+      })
+
+      expect(res.status).toBe(403)
+      expect(await res.json()).toEqual({ message: 'This action is unauthorized.' })
+    })
+
+    it('should trim strings and convert empty strings to null in validated data', async () => {
+      app.post('/clean', MockRequest.middleware(), async (c) => {
+        const req = new MockRequest()
+        req.setContext(c)
+        return c.json(req.validated())
+      })
+
+      const res = await app.request('/clean', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          name: '  Carl  ', // Should be trimmed
+          age: 25,
+          extra: '', // Should become null if it were in schema, but MockRequest only has name and age
+        }),
+      })
+
+      expect(res.status).toBe(200)
+      const data: any = await res.json()
+      expect(data.name).toBe('Carl')
+    })
+  })
+})

package/tsconfig.json

@@ -3,8 +3,10 @@
     "compilerOptions": {
         "outDir": "./dist",
         "baseUrl": ".",
+        "skipLibCheck": true,
+        "types": ["bun-types"],
         "paths": {
-            "gravito-core": ["../../packages/core/src/index.ts"],
+            "@gravito/core": ["../../packages/core/src/index.ts"],
             "@gravito/*": ["../../packages/*/src/index.ts"]
         }
     },