@jackwener/opencli 1.7.22 → 1.8.1

package/clis/upwork/utils.js

@@ -0,0 +1,323 @@
+/**
+ * Upwork adapter utilities.
+ *
+ * Upwork is a Nuxt (Vue) SSR app behind Cloudflare. Every adapter runs
+ * through the user's logged-in browser session (Strategy.COOKIE,
+ * browser: true) because bare fetches hit a `__cf_bm` challenge and
+ * because most surfaces only render data for an authenticated user.
+ *
+ * The list pages (search, best-matches feed) ship their full result
+ * payload inside `window.__NUXT__.state` — we read straight from that
+ * global instead of DOM-scraping rendered cards. Job detail uses the
+ * Vuex store (`window.$nuxt.$store.state.jobDetails.*`). All helpers
+ * below are pure (arg validation, decoders, URL builders, row mappers)
+ * so they stay unit-testable without a browser.
+ */
+
+import {
+    ArgumentError,
+    CommandExecutionError,
+} from '@jackwener/opencli/errors';
+
+export const UPWORK_ORIGIN = 'https://www.upwork.com';
+
+const CIPHERTEXT_PATTERN = /^~0[12]\d{15,21}$/;
+
+const FEED_TABS = {
+    'best-matches': { path: '/nx/find-work/best-matches', state: 'feedBestMatch' },
+    'most-recent': { path: '/nx/find-work/most-recent', state: 'feedMostRecent' },
+};
+
+const SORT_VALUES = new Set(['recency', 'relevance', 'client_total_charge', 'client_total_reviews']);
+
+export function unwrapBrowserResult(value) {
+    if (value && typeof value === 'object' && !Array.isArray(value) && 'session' in value && 'data' in value) {
+        return value.data;
+    }
+    return value;
+}
+
+export function isPlainObject(value) {
+    return value !== null && typeof value === 'object' && !Array.isArray(value);
+}
+
+function coerceInt(value) {
+    if (value === undefined || value === null || value === '') return NaN;
+    const n = typeof value === 'number' ? value : Number(value);
+    return Number.isFinite(n) && Number.isInteger(n) ? n : NaN;
+}
+
+export function requireQuery(value, label = 'query') {
+    const q = String(value ?? '').trim();
+    if (!q) throw new ArgumentError(`upwork ${label} cannot be empty`);
+    return q;
+}
+
+export function requirePositiveInt(value, defaultValue, label) {
+    const raw = value ?? defaultValue;
+    const n = coerceInt(raw);
+    if (!Number.isInteger(n) || n <= 0) {
+        throw new ArgumentError(`upwork ${label} must be a positive integer`);
+    }
+    return n;
+}
+
+export function requireBoundedInt(value, defaultValue, min, max, label) {
+    const n = requirePositiveInt(value, defaultValue, label);
+    if (n < min) throw new ArgumentError(`upwork ${label} must be >= ${min}`);
+    if (n > max) throw new ArgumentError(`upwork ${label} must be <= ${max}`);
+    return n;
+}
+
+/**
+ * Upwork job ids are the ciphertext form starting with `~01` or `~02`
+ * (the encoded uid surfaced everywhere in URLs and search results).
+ * Accepts a bare ciphertext or a full `/jobs/~02…` URL.
+ */
+export function requireCiphertext(value) {
+    let id = String(value ?? '').trim();
+    if (!id) throw new ArgumentError('upwork job id is required');
+    const urlMatch = id.match(/~0[12]\d+/);
+    if (urlMatch) id = urlMatch[0];
+    if (!CIPHERTEXT_PATTERN.test(id)) {
+        throw new ArgumentError(`upwork job id "${value}" is not a valid ciphertext (expected ~01… or ~02… followed by digits)`);
+    }
+    return id;
+}
+
+export function requireFeedTab(value, defaultValue = 'best-matches') {
+    const v = String(value ?? defaultValue).trim().toLowerCase();
+    if (!FEED_TABS[v]) {
+        throw new ArgumentError(`upwork tab must be one of ${Object.keys(FEED_TABS).join(' / ')}, got "${value}"`);
+    }
+    return v;
+}
+
+export function requireSort(value, defaultValue = 'recency') {
+    const v = String(value ?? defaultValue).trim().toLowerCase();
+    if (!SORT_VALUES.has(v)) {
+        throw new ArgumentError(`upwork sort must be one of ${Array.from(SORT_VALUES).join(' / ')}, got "${value}"`);
+    }
+    return v;
+}
+
+/**
+ * Build the Upwork search URL. Only forwards filters the user actually
+ * supplied so the URL stays canonical and round-trippable.
+ */
+export function buildSearchUrl({ query, location, category, sort, page, perPage }) {
+    const params = new URLSearchParams();
+    params.set('q', query);
+    if (location) params.set('location', location);
+    if (category) params.set('category2_uid', category);
+    if (sort && sort !== 'recency') params.set('sort', sort);
+    if (perPage && perPage !== 10) params.set('per_page', String(perPage));
+    if (page && page > 1) params.set('page', String(page));
+    return `${UPWORK_ORIGIN}/nx/search/jobs/?${params.toString()}`;
+}
+
+export function buildFeedUrl(tab) {
+    const t = FEED_TABS[tab];
+    if (!t) throw new ArgumentError(`unknown feed tab "${tab}"`);
+    return `${UPWORK_ORIGIN}${t.path}`;
+}
+
+export function feedStateKey(tab) {
+    const t = FEED_TABS[tab];
+    if (!t) throw new ArgumentError(`unknown feed tab "${tab}"`);
+    return t.state;
+}
+
+export function buildJobUrl(ciphertext) {
+    return `${UPWORK_ORIGIN}/jobs/${ciphertext}`;
+}
+
+export function isValidCiphertext(value) {
+    return CIPHERTEXT_PATTERN.test(String(value ?? '').trim());
+}
+
+/**
+ * Strip Upwork's `<span class="highlight">…</span>` markup that wraps
+ * matched query terms in search results, then collapse whitespace.
+ * Empty / null returns ''.
+ */
+export function stripHighlight(text) {
+    if (text == null) return '';
+    return String(text)
+        .replace(/<span class="highlight">/g, '')
+        .replace(/<\/span>/g, '')
+        .replace(/\s+/g, ' ')
+        .trim();
+}
+
+/**
+ * Decode `tierText` codes into stable lowercase labels.
+ *   - search rows use the i18n-keyed form: `jsn_Entry_205` / `_Intermediate_206` / `_Expert_207`
+ *   - feed rows already pass through the rendered label: `Entry level` / `Intermediate` / `Expert`
+ *   - detail uses a numeric `contractorTier`: 1 / 2 / 3
+ * Returns 'entry' | 'intermediate' | 'expert' | '' (unknown).
+ */
+export function decodeExperienceLevel(value) {
+    if (value == null || value === '') return '';
+    if (typeof value === 'number') {
+        if (value === 1) return 'entry';
+        if (value === 2) return 'intermediate';
+        if (value === 3) return 'expert';
+        return '';
+    }
+    const v = String(value).toLowerCase();
+    if (v.includes('entry')) return 'entry';
+    if (v.includes('intermediate')) return 'intermediate';
+    if (v.includes('expert')) return 'expert';
+    return '';
+}
+
+/**
+ * Decode the `engagement` workload code. Search rows ship it as
+ * `usnuxt_Engagement_421.fullTime` / `.partTime`; detail surfaces it
+ * pre-rendered as `More than 30 hrs/week`. Returns 'full-time' /
+ * 'part-time' / '' or passes the rendered string through.
+ */
+export function decodeWorkload(value) {
+    if (value == null || value === '') return '';
+    const v = String(value);
+    const suffix = v.includes('.') ? v.split('.').pop() : v;
+    const lower = suffix.toLowerCase();
+    if (lower === 'fulltime' || lower.includes('full')) return 'full-time';
+    if (lower === 'parttime' || lower.includes('part')) return 'part-time';
+    if (lower.includes('hrs/week') || lower.includes('hours')) return suffix.trim();
+    return '';
+}
+
+/**
+ * Decode `proposalsTier` to a compact bucket label. Search ships it as
+ * `usnuxt_JobProposalTier_418.lessThan5` etc; feed ships it pre-rendered
+ * as `15 to 20` / `5 to 10`. Returns the bucket like '<5' / '5-10' /
+ * '20-50' / '50+', or '' if unrecognized.
+ */
+export function decodeProposalsTier(value) {
+    if (value == null || value === '') return '';
+    const v = String(value);
+    const suffix = v.includes('.') ? v.split('.').pop() : v;
+    const s = suffix.trim();
+    if (/^lessThan(\d+)$/i.test(s)) return `<${s.match(/\d+/)[0]}`;
+    if (/^(\d+)plus$/i.test(s)) return `${s.match(/\d+/)[0]}+`;
+    const range = s.match(/^(\d+)\s*(?:to|-|–)\s*(\d+)$/i);
+    if (range) return `${range[1]}-${range[2]}`;
+    return s;
+}
+
+/**
+ * Format the budget into a single human-readable column.
+ *   - hourly (type 2):  "$40-$70/hr"  or "$30/hr"  or "" (no budget set)
+ *   - fixed  (type 1):  "$200"  or "" (no amount)
+ * Used by search/feed; detail uses formatBudgetFromDetail (different shape).
+ */
+export function formatBudget(job) {
+    const type = job?.type;
+    const min = Number(job?.hourlyBudget?.min) || 0;
+    const max = Number(job?.hourlyBudget?.max) || 0;
+    const amount = Number(job?.amount?.amount) || 0;
+    if (type === 2) {
+        if (min > 0 && max > 0 && max !== min) return `$${min}-$${max}/hr`;
+        if (max > 0) return `$${max}/hr`;
+        if (min > 0) return `$${min}/hr`;
+        return '';
+    }
+    if (type === 1) return amount > 0 ? `$${amount}` : '';
+    return '';
+}
+
+/** Detail page uses `extendedBudgetInfo.{hourlyBudgetMin,Max}` + `budget.amount`. */
+export function formatBudgetFromDetail(job) {
+    const type = job?.type;
+    const min = Number(job?.extendedBudgetInfo?.hourlyBudgetMin) || 0;
+    const max = Number(job?.extendedBudgetInfo?.hourlyBudgetMax) || 0;
+    const amount = Number(job?.budget?.amount) || 0;
+    if (type === 2) {
+        if (min > 0 && max > 0 && max !== min) return `$${min}-$${max}/hr`;
+        if (max > 0) return `$${max}/hr`;
+        if (min > 0) return `$${min}/hr`;
+        return '';
+    }
+    if (type === 1) return amount > 0 ? `$${amount}` : '';
+    return '';
+}
+
+export function jobType(type) {
+    if (type === 1) return 'fixed';
+    if (type === 2) return 'hourly';
+    return '';
+}
+
+/**
+ * Join skills/attrs into a comma-separated string. Search rows have
+ * `attrs[].prettyName`; feed rows additionally have `skills[].prefLabel`;
+ * detail has neither (skills live elsewhere). The function picks
+ * whichever array is populated and dedupes.
+ */
+export function formatSkills(job) {
+    const candidates = [];
+    const arrs = [job?.attrs, job?.skills, job?.ontologySkills];
+    for (const arr of arrs) {
+        if (!Array.isArray(arr)) continue;
+        for (const s of arr) {
+            const name = (s?.prettyName ?? s?.prefLabel ?? s?.name ?? '').trim();
+            if (name && !candidates.includes(name)) candidates.push(name);
+        }
+    }
+    return candidates.join(', ');
+}
+
+/**
+ * Normalize a search/feed job entry into the shared LIST_COLUMNS row shape.
+ * Returns null when the row lacks a round-trippable ciphertext identity.
+ */
+export function jobToListRow(job, rank) {
+    const id = String(job?.ciphertext ?? '').trim();
+    if (!isValidCiphertext(id)) return null;
+    const client = job?.client || {};
+    const country = client?.location?.country || '';
+    const rating = Number(client?.totalFeedback);
+    return {
+        rank,
+        id,
+        title: stripHighlight(job?.title),
+        type: jobType(job?.type),
+        budget: formatBudget(job),
+        experienceLevel: decodeExperienceLevel(job?.tierText ?? job?.tier),
+        proposalsTier: decodeProposalsTier(job?.proposalsTier),
+        skills: formatSkills(job),
+        clientCountry: country,
+        clientRating: Number.isFinite(rating) && rating > 0 ? rating : null,
+        publishedOn: job?.publishedOn || job?.createdOn || '',
+        url: buildJobUrl(id),
+    };
+}
+
+export function jobsToListRows(jobs, { offset = 0, limit } = {}) {
+    const rows = [];
+    const source = limit ? jobs.slice(0, limit) : jobs;
+    for (const [index, job] of source.entries()) {
+        const rank = offset + index + 1;
+        const row = jobToListRow(job, rank);
+        if (!row) {
+            throw new CommandExecutionError(`Upwork result at rank ${rank} did not include a valid ciphertext id; cannot produce round-trippable detail rows.`);
+        }
+        rows.push(row);
+    }
+    return rows;
+}
+
+export const LIST_COLUMNS = [
+    'rank', 'id', 'title', 'type', 'budget',
+    'experienceLevel', 'proposalsTier', 'skills',
+    'clientCountry', 'clientRating', 'publishedOn', 'url',
+];
+
+export const DETAIL_COLUMNS = [
+    'id', 'title', 'type', 'budget', 'experienceLevel', 'workload',
+    'category', 'skills', 'description',
+    'clientCountry', 'clientSpent', 'clientHires', 'clientRating',
+    'proposalsCount', 'publishedOn', 'url',
+];

package/clis/weibo/delete.js

@@ -0,0 +1,172 @@
+/**
+ * Weibo delete — remove a single post owned by the logged-in user.
+ */
+import { cli, Strategy } from '@jackwener/opencli/registry';
+import { ArgumentError, AuthRequiredError, CommandExecutionError, EmptyResultError } from '@jackwener/opencli/errors';
+import { requireObjectEvaluateResult, unwrapEvaluateResult } from './utils.js';
+
+const WEIBO_HOST_RE = /(^|\.)weibo\.(com|cn)$/i;
+const POST_ID_RE = /^[A-Za-z0-9]{4,32}$/;
+
+function normalizePostId(raw) {
+    const input = String(raw ?? '').trim();
+    if (!input) {
+        throw new ArgumentError('weibo delete: id cannot be empty');
+    }
+
+    let candidate = input;
+    try {
+        const url = new URL(input);
+        if (url.protocol !== 'http:' && url.protocol !== 'https:') {
+            throw new ArgumentError('weibo delete: URL must use http or https');
+        }
+        if (!WEIBO_HOST_RE.test(url.hostname)) {
+            throw new ArgumentError('weibo delete: URL must be a weibo.com or weibo.cn post URL');
+        }
+        const parts = url.pathname.split('/').filter(Boolean);
+        if (url.hostname.toLowerCase().endsWith('weibo.cn') && parts[0] === 'status') {
+            candidate = parts[1] ?? '';
+        } else {
+            candidate = parts.at(-1) ?? '';
+        }
+    } catch (error) {
+        if (error instanceof ArgumentError) throw error;
+    }
+
+    candidate = String(candidate ?? '').trim();
+    if (!POST_ID_RE.test(candidate)) {
+        throw new ArgumentError('weibo delete: id must be a numeric idstr, mblogid, or Weibo post URL');
+    }
+    return candidate;
+}
+
+cli({
+    site: 'weibo',
+    name: 'delete',
+    access: 'write',
+    description: 'Delete one of my Weibo posts by id',
+    domain: 'weibo.com',
+    strategy: Strategy.COOKIE,
+    args: [
+        {
+            name: 'id',
+            required: true,
+            positional: true,
+            help: 'Post ID (numeric idstr or mblogid from URL / weibo me / weibo post output)',
+        },
+    ],
+    columns: ['status', 'id', 'mblogid'],
+    func: async (page, kwargs) => {
+        if (!page) {
+            throw new CommandExecutionError('Browser session required for weibo delete');
+        }
+        const raw = String(kwargs.id ?? '').trim();
+        const id = normalizePostId(raw);
+        await page.goto('https://weibo.com');
+        await page.wait(2);
+        const result = requireObjectEvaluateResult(unwrapEvaluateResult(await page.evaluate(`
+      (async () => {
+        const input = ${JSON.stringify(id)};
+        const readCookie = (name) => {
+          const pair = document.cookie.split(';').map(s => s.trim()).find(s => s.startsWith(name + '='));
+          return pair ? decodeURIComponent(pair.slice(name.length + 1)) : '';
+        };
+        // Step 1: resolve mblogid / idstr to canonical idstr via /show.
+        const showResp = await fetch('/ajax/statuses/show?id=' + encodeURIComponent(input), { credentials: 'include' });
+        if (showResp.status === 401 || showResp.status === 403) {
+          return { ok: false, error: 'auth', status: showResp.status };
+        }
+        // 404 from /show means the post does not exist (deleted, wrong id, or
+        // not owned by the logged-in user); map to the same path as a 2xx
+        // response with no idstr so the caller throws EmptyResultError
+        // instead of a generic CommandExecutionError("HTTP 404").
+        if (showResp.status === 404) {
+          return { ok: false, error: 'not_found', input };
+        }
+        if (!showResp.ok) {
+          return { ok: false, error: 'show_http', status: showResp.status };
+        }
+        const showBody = await showResp.json();
+        if (!showBody || !showBody.idstr) {
+          return { ok: false, error: 'not_found', input };
+        }
+        const idstr = String(showBody.idstr);
+        const mblogid = showBody.mblogid || '';
+        // Step 2: destroy. Weibo requires X-Xsrf-Token (double-submit CSRF token).
+        const token = readCookie('XSRF-TOKEN');
+        const destroyResp = await fetch('/ajax/statuses/destroy', {
+          method: 'POST',
+          credentials: 'include',
+          headers: {
+            'Content-Type': 'application/x-www-form-urlencoded',
+            'X-Xsrf-Token': token,
+          },
+          body: 'id=' + encodeURIComponent(idstr),
+        });
+        if (destroyResp.status === 401 || destroyResp.status === 403) {
+          return { ok: false, error: 'auth', status: destroyResp.status };
+        }
+        if (!destroyResp.ok) {
+          return { ok: false, error: 'destroy_http', status: destroyResp.status };
+        }
+        const destroyBody = await destroyResp.json();
+        // Require an explicit success signal from the API: { ok: 1 }. A
+        // missing / falsy body must not be silently treated as success.
+        if (!destroyBody || typeof destroyBody !== 'object') {
+          return { ok: false, error: 'api', msg: 'destroy returned malformed response', id: idstr };
+        }
+        if (destroyBody.ok !== 1) {
+          return { ok: false, error: 'api', msg: destroyBody.msg || destroyBody.message || 'destroy returned non-ok', id: idstr };
+        }
+        // Step 3: postcondition evidence. A write command cannot report success
+        // until the target no longer resolves after the delete API returns ok.
+        const verifyResp = await fetch('/ajax/statuses/show?id=' + encodeURIComponent(idstr), { credentials: 'include' });
+        if (verifyResp.status === 401 || verifyResp.status === 403) {
+          return { ok: false, error: 'auth', status: verifyResp.status };
+        }
+        if (verifyResp.status === 404) {
+          return { ok: true, id: idstr, mblogid };
+        }
+        if (!verifyResp.ok) {
+          return { ok: false, error: 'verify_http', status: verifyResp.status, id: idstr };
+        }
+        let verifyBody = null;
+        try {
+          verifyBody = await verifyResp.json();
+        } catch {
+          return { ok: false, error: 'verify_malformed', msg: 'verify returned non-JSON response', id: idstr };
+        }
+        if (!verifyBody || typeof verifyBody !== 'object') {
+          return { ok: false, error: 'verify_malformed', msg: 'verify returned malformed response', id: idstr };
+        }
+        if (String(verifyBody.idstr || '') === idstr) {
+          return { ok: false, error: 'still_exists', id: idstr, mblogid: verifyBody.mblogid || mblogid };
+        }
+        if (!verifyBody.idstr || verifyBody.ok === 0) {
+          return { ok: true, id: idstr, mblogid };
+        }
+        return { ok: false, error: 'verify_mismatch', msg: 'verify returned a different post id', id: idstr };
+      })()
+    `)), 'weibo delete');
+        if (result.error === 'auth') {
+            throw new AuthRequiredError('weibo.com', 'Cookie 已过期！请在当前 Chrome 浏览器中重新登录 Weibo。');
+        }
+        if (result.error === 'not_found') {
+            throw new EmptyResultError('weibo delete', `Post not found for id "${String(result.input ?? raw)}". Verify the post still exists and belongs to the logged-in account.`);
+        }
+        if (result.error === 'show_http' || result.error === 'destroy_http' || result.error === 'verify_http') {
+            throw new CommandExecutionError(`weibo delete: HTTP ${result.status}`);
+        }
+        if (result.error === 'api' || result.error === 'verify_malformed' || result.error === 'verify_mismatch' || result.error === 'still_exists') {
+            throw new CommandExecutionError(`weibo delete: ${String(result.msg ?? result.error)}`);
+        }
+        if (!result.ok) {
+            throw new CommandExecutionError('weibo delete returned an unexpected response');
+        }
+        return [{ status: 'deleted', id: String(result.id ?? ''), mblogid: String(result.mblogid ?? '') }];
+    },
+});
+
+export const __test__ = {
+    normalizePostId,
+};

package/clis/weibo/delete.test.js

@@ -0,0 +1,94 @@
+import { describe, expect, it, vi } from 'vitest';
+import { getRegistry } from '@jackwener/opencli/registry';
+import { ArgumentError, AuthRequiredError, CommandExecutionError, EmptyResultError } from '@jackwener/opencli/errors';
+
+import './delete.js';
+
+function makePage(evaluateResult) {
+  return {
+    goto: vi.fn().mockResolvedValue(undefined),
+    wait: vi.fn().mockResolvedValue(undefined),
+    evaluate: vi.fn().mockResolvedValue(evaluateResult),
+  };
+}
+
+describe('weibo delete command', () => {
+  const getCommand = () => getRegistry().get('weibo/delete');
+
+  it('returns deleted status when the API reports success', async () => {
+    const page = makePage({ ok: true, id: '5197123456789012', mblogid: 'Px2yQfXYZ' });
+    const result = await getCommand().func(page, { id: 'Px2yQfXYZ' });
+    expect(result).toEqual([
+      { status: 'deleted', id: '5197123456789012', mblogid: 'Px2yQfXYZ' },
+    ]);
+    expect(page.goto).toHaveBeenCalledWith('https://weibo.com');
+    const script = page.evaluate.mock.calls[0][0];
+    expect(script.match(/\/ajax\/statuses\/show/g)).toHaveLength(2);
+    expect(script).toContain('/ajax/statuses/destroy');
+    expect(script).toContain('still_exists');
+  });
+
+  it('normalizes supported Weibo post URLs before evaluating delete flow', async () => {
+    const page = makePage({ ok: true, id: '5197123456789012', mblogid: 'Px2yQfXYZ' });
+    const result = await getCommand().func(page, { id: 'https://weibo.com/1234567890/Px2yQfXYZ?refer_flag=1001030103_' });
+
+    expect(result).toEqual([
+      { status: 'deleted', id: '5197123456789012', mblogid: 'Px2yQfXYZ' },
+    ]);
+    expect(page.evaluate.mock.calls[0][0]).toContain('const input = "Px2yQfXYZ"');
+  });
+
+  it('throws ArgumentError when id is empty or whitespace', async () => {
+    const page = makePage({ ok: true, id: '0' });
+    await expect(getCommand().func(page, { id: '   ' })).rejects.toBeInstanceOf(ArgumentError);
+    await expect(getCommand().func(page, { id: '' })).rejects.toBeInstanceOf(ArgumentError);
+    await expect(getCommand().func(page, { id: 'https://example.com/123/Px2yQfXYZ' })).rejects.toBeInstanceOf(ArgumentError);
+    await expect(getCommand().func(page, { id: 'javascript:alert(1)' })).rejects.toBeInstanceOf(ArgumentError);
+    await expect(getCommand().func(page, { id: '../not-a-post' })).rejects.toBeInstanceOf(ArgumentError);
+    expect(page.goto).not.toHaveBeenCalled();
+  });
+
+  it('maps 401 / 403 from the show endpoint to AuthRequiredError', async () => {
+    const page = makePage({ error: 'auth', status: 401 });
+    await expect(getCommand().func(page, { id: 'Px2yQfXYZ' })).rejects.toBeInstanceOf(AuthRequiredError);
+  });
+
+  it('throws EmptyResultError when the post cannot be resolved', async () => {
+    const page = makePage({ error: 'not_found', input: 'Px2yQfXYZ' });
+    await expect(getCommand().func(page, { id: 'Px2yQfXYZ' })).rejects.toBeInstanceOf(EmptyResultError);
+  });
+
+  it('throws CommandExecutionError on non-2xx show response', async () => {
+    const page = makePage({ error: 'show_http', status: 500 });
+    await expect(getCommand().func(page, { id: '5197123456789012' })).rejects.toBeInstanceOf(CommandExecutionError);
+  });
+
+  it('throws CommandExecutionError on non-2xx destroy response', async () => {
+    const page = makePage({ error: 'destroy_http', status: 502 });
+    await expect(getCommand().func(page, { id: '5197123456789012' })).rejects.toBeInstanceOf(CommandExecutionError);
+  });
+
+  it('surfaces API-level errors from destroy as CommandExecutionError with msg', async () => {
+    const page = makePage({ error: 'api', msg: '无权限删除', id: '5197123456789012' });
+    await expect(getCommand().func(page, { id: '5197123456789012' })).rejects.toThrowError(/无权限删除/);
+  });
+
+  it('throws CommandExecutionError when postcondition verification still sees the target', async () => {
+    const page = makePage({ error: 'still_exists', id: '5197123456789012', mblogid: 'Px2yQfXYZ' });
+    await expect(getCommand().func(page, { id: '5197123456789012' })).rejects.toBeInstanceOf(CommandExecutionError);
+  });
+
+  it('throws CommandExecutionError when postcondition verification is malformed', async () => {
+    const page = makePage({ error: 'verify_malformed', msg: 'verify returned malformed response', id: '5197123456789012' });
+    await expect(getCommand().func(page, { id: '5197123456789012' })).rejects.toThrowError(/verify returned malformed response/);
+  });
+
+  it('unwraps the browser-bridge { session, data } envelope', async () => {
+    const page = makePage({
+      session: 'site:weibo:abc',
+      data: { ok: true, id: '42', mblogid: 'M420' },
+    });
+    const result = await getCommand().func(page, { id: 'M420' });
+    expect(result).toEqual([{ status: 'deleted', id: '42', mblogid: 'M420' }]);
+  });
+});