@jgardner04/ghost-mcp-server 1.10.0 → 1.12.0

package/src/services/__tests__/postService.test.js

@@ -26,7 +26,11 @@ describe('postService', () => {
     vi.clearAllMocks();
   });
 
-  describe('createPostService - validation', () => {
+  // NOTE: Input validation tests have been moved to MCP layer tests.
+  // The postService no longer performs Joi validation - input is validated
+  // by Zod schemas at the MCP tool layer (see mcp_server_improved.js).
+
+  describe('createPostService - basic functionality', () => {
     it('should accept valid input and create a post', async () => {
       const validInput = {
         title: 'Test Post',
@@ -47,41 +51,6 @@ describe('postService', () => {
       );
     });
 
-    it('should reject input with missing title', async () => {
-      const invalidInput = {
-        html: '<p>Test content</p>',
-      };
-
-      await expect(createPostService(invalidInput)).rejects.toThrow(
-        'Invalid post input: "title" is required'
-      );
-      expect(createPost).not.toHaveBeenCalled();
-    });
-
-    it('should reject input with missing html', async () => {
-      const invalidInput = {
-        title: 'Test Post',
-      };
-
-      await expect(createPostService(invalidInput)).rejects.toThrow(
-        'Invalid post input: "html" is required'
-      );
-      expect(createPost).not.toHaveBeenCalled();
-    });
-
-    it('should reject input with invalid status', async () => {
-      const invalidInput = {
-        title: 'Test Post',
-        html: '<p>Content</p>',
-        status: 'invalid-status',
-      };
-
-      await expect(createPostService(invalidInput)).rejects.toThrow(
-        'Invalid post input: "status" must be one of [draft, published, scheduled]'
-      );
-      expect(createPost).not.toHaveBeenCalled();
-    });
-
     it('should accept valid status values', async () => {
       const statuses = ['draft', 'published', 'scheduled'];
       createPost.mockResolvedValue({ id: '1', title: 'Test' });
@@ -100,39 +69,6 @@ describe('postService', () => {
       }
     });
 
-    it('should validate tags array with maximum length', async () => {
-      const invalidInput = {
-        title: 'Test Post',
-        html: '<p>Content</p>',
-        tags: Array(11).fill('tag'), // 11 tags exceeds max of 10
-      };
-
-      await expect(createPostService(invalidInput)).rejects.toThrow('Invalid post input:');
-      expect(createPost).not.toHaveBeenCalled();
-    });
-
-    it('should validate tag string max length', async () => {
-      const invalidInput = {
-        title: 'Test Post',
-        html: '<p>Content</p>',
-        tags: ['a'.repeat(51)], // 51 chars exceeds max of 50
-      };
-
-      await expect(createPostService(invalidInput)).rejects.toThrow('Invalid post input:');
-      expect(createPost).not.toHaveBeenCalled();
-    });
-
-    it('should validate feature_image is a valid URI', async () => {
-      const invalidInput = {
-        title: 'Test Post',
-        html: '<p>Content</p>',
-        feature_image: 'not-a-valid-url',
-      };
-
-      await expect(createPostService(invalidInput)).rejects.toThrow('Invalid post input:');
-      expect(createPost).not.toHaveBeenCalled();
-    });
-
     it('should accept valid feature_image URI', async () => {
       const validInput = {
         title: 'Test Post',
@@ -217,27 +153,7 @@ describe('postService', () => {
       );
     });
 
-    it('should reject tags array with non-string values', async () => {
-      const input = {
-        title: 'Test Post',
-        html: '<p>Content</p>',
-        tags: [null, 'valid-tag'],
-      };
-
-      await expect(createPostService(input)).rejects.toThrow('Invalid post input:');
-      expect(createPost).not.toHaveBeenCalled();
-    });
-
-    it('should reject tags array with empty strings', async () => {
-      const input = {
-        title: 'Test Post',
-        html: '<p>Content</p>',
-        tags: ['', 'valid-tag'],
-      };
-
-      await expect(createPostService(input)).rejects.toThrow('Invalid post input:');
-      expect(createPost).not.toHaveBeenCalled();
-    });
+    // NOTE: Tag validation tests (non-string values, empty strings) moved to MCP layer
 
     it('should trim whitespace from tag names', async () => {
       const input = {
@@ -383,15 +299,7 @@ describe('postService', () => {
       expect(calledDescription).toBe('a'.repeat(497) + '...');
     });
 
-    it('should reject empty HTML content', async () => {
-      const input = {
-        title: 'Test Post',
-        html: '',
-      };
-
-      await expect(createPostService(input)).rejects.toThrow('Invalid post input:');
-      expect(createPost).not.toHaveBeenCalled();
-    });
+    // NOTE: Empty HTML validation test moved to MCP layer
 
     it('should strip HTML tags and truncate when generating meta_description', async () => {
       const longHtml = '<p>' + 'word '.repeat(200) + '</p>';

package/src/services/__tests__/tierService.test.js

@@ -0,0 +1,372 @@
+import { describe, it, expect } from 'vitest';
+import {
+  validateTierData,
+  validateTierUpdateData,
+  validateTierQueryOptions,
+  sanitizeNqlValue,
+} from '../tierService.js';
+import { ValidationError } from '../../errors/index.js';
+
+describe('tierService - Validation', () => {
+  describe('validateTierData', () => {
+    it('should validate required name field', () => {
+      expect(() => validateTierData({})).toThrow(ValidationError);
+      expect(() => validateTierData({})).toThrow('Tier validation failed');
+    });
+
+    it('should validate required currency field', () => {
+      expect(() => validateTierData({ name: 'Premium' })).toThrow(ValidationError);
+      expect(() => validateTierData({ name: 'Premium' })).toThrow('Tier validation failed');
+    });
+
+    it('should accept valid tier data with name and currency', () => {
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+        })
+      ).not.toThrow();
+    });
+
+    it('should validate name is a non-empty string', () => {
+      expect(() =>
+        validateTierData({
+          name: '',
+          currency: 'USD',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate name does not exceed max length', () => {
+      const longName = 'a'.repeat(192);
+      expect(() =>
+        validateTierData({
+          name: longName,
+          currency: 'USD',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate currency is a 3-letter uppercase code', () => {
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'us',
+        })
+      ).toThrow('Tier validation failed');
+
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USDD',
+        })
+      ).toThrow('Tier validation failed');
+
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: '123',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate description does not exceed max length', () => {
+      const longDescription = 'a'.repeat(2001);
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          description: longDescription,
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate monthly_price is a non-negative number', () => {
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          monthly_price: -100,
+        })
+      ).toThrow('Tier validation failed');
+
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          monthly_price: 'invalid',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate yearly_price is a non-negative number', () => {
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          yearly_price: -1000,
+        })
+      ).toThrow('Tier validation failed');
+
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          yearly_price: 'invalid',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate benefits is an array of strings', () => {
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          benefits: 'not an array',
+        })
+      ).toThrow('Tier validation failed');
+
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          benefits: [123, 456],
+        })
+      ).toThrow('Tier validation failed');
+
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          benefits: ['Benefit 1', ''],
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate welcome_page_url is a valid URL', () => {
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          welcome_page_url: 'not-a-url',
+        })
+      ).toThrow('Tier validation failed');
+
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          welcome_page_url: 'ftp://example.com',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should accept valid welcome_page_url', () => {
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          welcome_page_url: 'https://example.com/welcome',
+        })
+      ).not.toThrow();
+
+      expect(() =>
+        validateTierData({
+          name: 'Premium',
+          currency: 'USD',
+          welcome_page_url: 'http://example.com/welcome',
+        })
+      ).not.toThrow();
+    });
+
+    it('should accept complete valid tier data', () => {
+      expect(() =>
+        validateTierData({
+          name: 'Premium Membership',
+          description: 'Access to premium content',
+          currency: 'USD',
+          monthly_price: 999,
+          yearly_price: 9999,
+          benefits: ['Ad-free experience', 'Exclusive content', 'Priority support'],
+          welcome_page_url: 'https://example.com/welcome',
+        })
+      ).not.toThrow();
+    });
+  });
+
+  describe('validateTierUpdateData', () => {
+    it('should accept empty update data', () => {
+      expect(() => validateTierUpdateData({})).not.toThrow();
+    });
+
+    it('should validate name if provided', () => {
+      expect(() =>
+        validateTierUpdateData({
+          name: '',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate currency if provided', () => {
+      expect(() =>
+        validateTierUpdateData({
+          currency: 'us',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate description length if provided', () => {
+      const longDescription = 'a'.repeat(2001);
+      expect(() =>
+        validateTierUpdateData({
+          description: longDescription,
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate monthly_price if provided', () => {
+      expect(() =>
+        validateTierUpdateData({
+          monthly_price: -100,
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate yearly_price if provided', () => {
+      expect(() =>
+        validateTierUpdateData({
+          yearly_price: -1000,
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate benefits if provided', () => {
+      expect(() =>
+        validateTierUpdateData({
+          benefits: 'not an array',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should validate welcome_page_url if provided', () => {
+      expect(() =>
+        validateTierUpdateData({
+          welcome_page_url: 'not-a-url',
+        })
+      ).toThrow('Tier validation failed');
+    });
+
+    it('should accept valid update data', () => {
+      expect(() =>
+        validateTierUpdateData({
+          name: 'Updated Premium',
+          monthly_price: 1299,
+          benefits: ['New benefit'],
+        })
+      ).not.toThrow();
+    });
+  });
+
+  describe('validateTierQueryOptions', () => {
+    it('should accept empty options', () => {
+      expect(() => validateTierQueryOptions({})).not.toThrow();
+    });
+
+    it('should validate limit is within range', () => {
+      expect(() => validateTierQueryOptions({ limit: 0 })).toThrow('Tier query validation failed');
+
+      expect(() => validateTierQueryOptions({ limit: 101 })).toThrow(
+        'Tier query validation failed'
+      );
+
+      expect(() => validateTierQueryOptions({ limit: 50 })).not.toThrow();
+    });
+
+    it('should validate limit is a number', () => {
+      expect(() => validateTierQueryOptions({ limit: 'invalid' })).toThrow(
+        'Tier query validation failed'
+      );
+    });
+
+    it('should validate page is >= 1', () => {
+      expect(() => validateTierQueryOptions({ page: 0 })).toThrow('Tier query validation failed');
+
+      expect(() => validateTierQueryOptions({ page: -1 })).toThrow('Tier query validation failed');
+
+      expect(() => validateTierQueryOptions({ page: 1 })).not.toThrow();
+    });
+
+    it('should validate page is a number', () => {
+      expect(() => validateTierQueryOptions({ page: 'invalid' })).toThrow(
+        'Tier query validation failed'
+      );
+    });
+
+    it('should validate filter is a non-empty string', () => {
+      expect(() => validateTierQueryOptions({ filter: '' })).toThrow(
+        'Tier query validation failed'
+      );
+
+      expect(() => validateTierQueryOptions({ filter: '   ' })).toThrow(
+        'Tier query validation failed'
+      );
+
+      expect(() => validateTierQueryOptions({ filter: 'type:paid' })).not.toThrow();
+    });
+
+    it('should validate order is a non-empty string', () => {
+      expect(() => validateTierQueryOptions({ order: '' })).toThrow('Tier query validation failed');
+
+      expect(() => validateTierQueryOptions({ order: 'created_at desc' })).not.toThrow();
+    });
+
+    it('should validate include is a non-empty string', () => {
+      expect(() => validateTierQueryOptions({ include: '' })).toThrow(
+        'Tier query validation failed'
+      );
+
+      expect(() =>
+        validateTierQueryOptions({ include: 'monthly_price,yearly_price' })
+      ).not.toThrow();
+    });
+
+    it('should accept valid query options', () => {
+      expect(() =>
+        validateTierQueryOptions({
+          limit: 50,
+          page: 2,
+          filter: 'type:paid',
+          order: 'created_at desc',
+          include: 'monthly_price,yearly_price',
+        })
+      ).not.toThrow();
+    });
+  });
+
+  describe('sanitizeNqlValue', () => {
+    it('should return value if undefined or null', () => {
+      expect(sanitizeNqlValue(null)).toBe(null);
+      expect(sanitizeNqlValue(undefined)).toBe(undefined);
+    });
+
+    it('should escape backslashes', () => {
+      expect(sanitizeNqlValue('test\\value')).toBe('test\\\\value');
+    });
+
+    it('should escape single quotes', () => {
+      expect(sanitizeNqlValue("test'value")).toBe("test\\'value");
+    });
+
+    it('should escape double quotes', () => {
+      expect(sanitizeNqlValue('test"value')).toBe('test\\"value');
+    });
+
+    it('should escape multiple special characters', () => {
+      expect(sanitizeNqlValue('test\\value"with\'quotes')).toBe('test\\\\value\\"with\\\'quotes');
+    });
+
+    it('should handle strings without special characters', () => {
+      expect(sanitizeNqlValue('simple-value')).toBe('simple-value');
+    });
+  });
+});