npm - @jmruthers/pace-core - Versions diffs - 0.5.3 → 0.5.5 - Mend

@jmruthers/pace-core 0.5.3 → 0.5.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (170) hide show

package/src/hooks/__tests__/usePermissionCache.unit.test.ts ADDED Viewed

@@ -0,0 +1,633 @@
+import { renderHook, waitFor } from '@testing-library/react';
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { TestWrapper, renderWithProviders } from '../../__tests__/helpers/test-utils';
+import { useRBAC } from '../../rbac/hooks/useRBAC';
+// Mock the useRBAC hook
+vi.mock('../../rbac/hooks/useRBAC');
+const mockUseRBAC = vi.mocked(useRBAC);
+// Import after mocking
+import { usePermissionCache } from '../usePermissionCache';
+describe('usePermissionCache', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    // Default mock implementation
+    mockUseRBAC.mockReturnValue({
+      hasPermission: vi.fn().mockResolvedValue(true),
+      user: { id: 'test-user-id' }
+    });
+  });
+  afterEach(() => {
+    vi.clearAllTimers();
+  });
+  describe('Initial Configuration', () => {
+    it('uses default configuration when no config is provided', () => {
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      expect(result.current).toHaveProperty('checkPermission');
+      expect(result.current).toHaveProperty('checkMultiplePermissions');
+      expect(result.current).toHaveProperty('getCachedPermissions');
+      expect(result.current).toHaveProperty('invalidateCache');
+      expect(result.current).toHaveProperty('getDebugInfo');
+      expect(result.current).toHaveProperty('getAuditTrail');
+    });
+    it('merges custom configuration with defaults', () => {
+      const customConfig = {
+        defaultTTL: 10000,
+        maxCacheSize: 500,
+        enableLogging: true,
+        enableAuditTrail: false
+      };
+      const { result } = renderHook(() => usePermissionCache(customConfig), {
+        wrapper: TestWrapper
+      });
+      expect(result.current).toHaveProperty('checkPermission');
+      expect(result.current).toHaveProperty('checkMultiplePermissions');
+    });
+  });
+  describe('Single Permission Checking', () => {
+    it('checks permission and caches result', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      const permission = await result.current.checkPermission('read', 'dashboard');
+      expect(permission).toBe(true);
+      expect(mockHasPermission).toHaveBeenCalledWith('read', 'dashboard');
+    });
+    it('returns cached result for subsequent calls', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      // First call
+      await result.current.checkPermission('read', 'dashboard');
+      // Second call should use cache
+      await result.current.checkPermission('read', 'dashboard');
+      expect(mockHasPermission).toHaveBeenCalledTimes(1);
+    });
+    it('respects custom TTL', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache({ defaultTTL: 1000 }), {
+        wrapper: TestWrapper
+      });
+      await result.current.checkPermission('read', 'dashboard', 2000);
+      expect(mockHasPermission).toHaveBeenCalledWith('read', 'dashboard');
+    });
+    it('handles permission check errors gracefully', async () => {
+      const consoleSpy = vi.spyOn(console, 'error').mockImplementation(() => {});
+      const mockHasPermission = vi.fn().mockRejectedValue(new Error('Database error'));
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      const permission = await result.current.checkPermission('read', 'dashboard');
+      expect(permission).toBe(false);
+      expect(consoleSpy).toHaveBeenCalled();
+      consoleSpy.mockRestore();
+    });
+  });
+  describe('Multiple Permission Checking', () => {
+    it('checks multiple permissions efficiently', async () => {
+      const mockHasPermission = vi.fn()
+        .mockResolvedValueOnce(true)
+        .mockResolvedValueOnce(false)
+        .mockResolvedValueOnce(true)
+        .mockResolvedValueOnce(false);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      const permissions = await result.current.checkMultiplePermissions([
+        ['read', 'dashboard'],
+        ['create', 'dashboard'],
+        ['update', 'dashboard'],
+        ['delete', 'dashboard']
+      ]);
+      expect(permissions).toHaveLength(4);
+      expect(permissions[0]).toEqual({
+        operation: 'read',
+        pageId: 'dashboard',
+        hasPermission: true,
+        cached: false,
+        timestamp: expect.any(Number)
+      });
+      expect(permissions[1]).toEqual({
+        operation: 'create',
+        pageId: 'dashboard',
+        hasPermission: false,
+        cached: false,
+        timestamp: expect.any(Number)
+      });
+    });
+    it('uses cached results for multiple permission checks', async () => {
+      const mockHasPermission = vi.fn()
+        .mockResolvedValueOnce(true)
+        .mockResolvedValueOnce(false);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      // First call
+      await result.current.checkMultiplePermissions([
+        ['read', 'dashboard'],
+        ['create', 'dashboard']
+      ]);
+      // Second call should use cache
+      await result.current.checkMultiplePermissions([
+        ['read', 'dashboard'],
+        ['create', 'dashboard']
+      ]);
+      expect(mockHasPermission).toHaveBeenCalledTimes(2);
+    });
+    it('handles mixed cached and uncached permissions', async () => {
+      const mockHasPermission = vi.fn()
+        .mockResolvedValueOnce(true)
+        .mockResolvedValueOnce(false)
+        .mockResolvedValueOnce(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      // Cache first two permissions
+      await result.current.checkMultiplePermissions([
+        ['read', 'dashboard'],
+        ['create', 'dashboard']
+      ]);
+      // Check all four permissions (first two should be cached)
+      const permissions = await result.current.checkMultiplePermissions([
+        ['read', 'dashboard'],
+        ['create', 'dashboard'],
+        ['update', 'dashboard'],
+        ['delete', 'dashboard']
+      ]);
+      expect(permissions).toHaveLength(4);
+      expect(permissions[0].cached).toBe(true);
+      expect(permissions[1].cached).toBe(true);
+      expect(permissions[2].cached).toBe(false);
+      expect(permissions[3].cached).toBe(false);
+    });
+  });
+  describe('Cache Management', () => {
+    it('enforces maximum cache size', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache({ maxCacheSize: 3 }), {
+        wrapper: TestWrapper
+      });
+      // Add more entries than max cache size
+      await result.current.checkPermission('read', 'page1');
+      await result.current.checkPermission('read', 'page2');
+      await result.current.checkPermission('read', 'page3');
+      await result.current.checkPermission('read', 'page4');
+      await result.current.checkPermission('read', 'page5');
+      // Check that cache size is maintained
+      const debugInfo = result.current.getDebugInfo();
+      expect(debugInfo.cacheSize).toBeLessThanOrEqual(3);
+    });
+    it('invalidates cache entries', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      // Cache some permissions
+      await result.current.checkPermission('read', 'dashboard');
+      await result.current.checkPermission('create', 'dashboard');
+      // Invalidate all cache
+      result.current.invalidateCache();
+      // Check permissions again (should not use cache)
+      await result.current.checkPermission('read', 'dashboard');
+      await result.current.checkPermission('create', 'dashboard');
+      expect(mockHasPermission).toHaveBeenCalledTimes(4);
+    });
+    it('invalidates cache entries by pattern', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      // Cache permissions for different pages
+      await result.current.checkPermission('read', 'dashboard');
+      await result.current.checkPermission('read', 'admin');
+      await result.current.checkPermission('read', 'users');
+      // Invalidate only dashboard permissions
+      result.current.invalidateCache('dashboard');
+      // Check permissions again
+      await result.current.checkPermission('read', 'dashboard');
+      await result.current.checkPermission('read', 'admin');
+      // dashboard should be called again, admin should use cache
+      expect(mockHasPermission).toHaveBeenCalledTimes(4);
+    });
+    it('cleans up expired cache entries', async () => {
+      vi.useFakeTimers();
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache({ defaultTTL: 1000 }), {
+        wrapper: TestWrapper
+      });
+      // Cache a permission
+      await result.current.checkPermission('read', 'dashboard');
+      // Advance time past TTL
+      vi.advanceTimersByTime(2000);
+      // Trigger cleanup by checking another permission
+      await result.current.checkPermission('read', 'admin');
+      const debugInfo = result.current.getDebugInfo();
+      expect(debugInfo.cacheSize).toBe(1); // Only the new permission should remain
+    });
+  });
+  describe('Debug Information', () => {
+    it('provides accurate debug information', async () => {
+      const mockHasPermission = vi.fn()
+        .mockResolvedValueOnce(true)
+        .mockResolvedValueOnce(false);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      // Make some permission checks
+      await result.current.checkPermission('read', 'dashboard');
+      await result.current.checkPermission('create', 'dashboard');
+      await result.current.checkPermission('read', 'dashboard'); // This should be cached
+      const debugInfo = result.current.getDebugInfo();
+      expect(debugInfo.cacheSize).toBe(2);
+      expect(debugInfo.cacheHits).toBe(1);
+      expect(debugInfo.cacheMisses).toBe(2);
+      expect(debugInfo.totalChecks).toBe(3);
+      expect(debugInfo.averageResponseTime).toBeGreaterThan(0);
+      expect(debugInfo.lastInvalidation).toBeGreaterThan(0);
+    });
+    it('tracks response times accurately', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      await result.current.checkPermission('read', 'dashboard');
+      const debugInfo = result.current.getDebugInfo();
+      // Just verify that response time is tracked (greater than 0)
+      expect(debugInfo.averageResponseTime).toBeGreaterThan(0);
+      expect(debugInfo.totalChecks).toBe(1);
+    });
+  });
+  describe('Audit Trail', () => {
+    it('records audit trail when enabled', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache({ enableAuditTrail: true }), {
+        wrapper: TestWrapper
+      });
+      await result.current.checkPermission('read', 'dashboard');
+      await result.current.checkPermission('create', 'admin');
+      const auditTrail = result.current.getAuditTrail();
+      expect(auditTrail).toHaveLength(2);
+      expect(auditTrail[0]).toEqual({
+        timestamp: expect.any(Number),
+        operation: 'read',
+        pageId: 'dashboard',
+        result: true,
+        cached: false,
+        userId: 'test-user-id'
+      });
+      expect(auditTrail[1]).toEqual({
+        timestamp: expect.any(Number),
+        operation: 'create',
+        pageId: 'admin',
+        result: true,
+        cached: false,
+        userId: 'test-user-id'
+      });
+    });
+    it('does not record audit trail when disabled', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache({ enableAuditTrail: false }), {
+        wrapper: TestWrapper
+      });
+      await result.current.checkPermission('read', 'dashboard');
+      const auditTrail = result.current.getAuditTrail();
+      expect(auditTrail).toHaveLength(0);
+    });
+    it('limits audit trail size', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache({ enableAuditTrail: true }), {
+        wrapper: TestWrapper
+      });
+      // Make more than 1000 permission checks
+      for (let i = 0; i < 1100; i++) {
+        await result.current.checkPermission('read', `page${i}`);
+      }
+      const auditTrail = result.current.getAuditTrail();
+      expect(auditTrail.length).toBeLessThanOrEqual(500);
+    });
+  });
+  describe('Logging', () => {
+    it('logs permission checks when enabled', async () => {
+      const consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache({ enableLogging: true }), {
+        wrapper: TestWrapper
+      });
+      await result.current.checkPermission('read', 'dashboard');
+      expect(consoleSpy).toHaveBeenCalledWith(
+        expect.stringContaining('[PermissionCache] read:dashboard = true (fresh)')
+      );
+      consoleSpy.mockRestore();
+    });
+    it('does not log when disabled', async () => {
+      const consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache({ enableLogging: false }), {
+        wrapper: TestWrapper
+      });
+      await result.current.checkPermission('read', 'dashboard');
+      expect(consoleSpy).not.toHaveBeenCalledWith(
+        expect.stringContaining('[PermissionCache]')
+      );
+      consoleSpy.mockRestore();
+    });
+  });
+  describe('Cached Permissions', () => {
+    it('returns cached permissions for a page', async () => {
+      const mockHasPermission = vi.fn()
+        .mockResolvedValueOnce(true)
+        .mockResolvedValueOnce(false)
+        .mockResolvedValueOnce(true)
+        .mockResolvedValueOnce(false);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      // Cache all permissions for dashboard
+      await result.current.checkPermission('read', 'dashboard');
+      await result.current.checkPermission('create', 'dashboard');
+      await result.current.checkPermission('update', 'dashboard');
+      await result.current.checkPermission('delete', 'dashboard');
+      const cachedPermissions = result.current.getCachedPermissions('dashboard');
+      expect(cachedPermissions).toHaveLength(4);
+      expect(cachedPermissions).toEqual([
+        { operation: 'read', hasPermission: true },
+        { operation: 'create', hasPermission: false },
+        { operation: 'update', hasPermission: true },
+        { operation: 'delete', hasPermission: false }
+      ]);
+    });
+    it('returns empty array for uncached page', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      const cachedPermissions = result.current.getCachedPermissions('uncached-page');
+      expect(cachedPermissions).toHaveLength(0);
+    });
+  });
+  describe('Edge Cases', () => {
+    it('handles concurrent permission checks', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      // Make concurrent permission checks
+      const promises = [
+        result.current.checkPermission('read', 'dashboard'),
+        result.current.checkPermission('read', 'dashboard'),
+        result.current.checkPermission('read', 'dashboard')
+      ];
+      const results = await Promise.all(promises);
+      expect(results).toEqual([true, true, true]);
+      expect(mockHasPermission).toHaveBeenCalledTimes(1); // Should only call once due to caching
+    });
+    it('handles rapid cache invalidation', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      await result.current.checkPermission('read', 'dashboard');
+      result.current.invalidateCache();
+      await result.current.checkPermission('read', 'dashboard');
+      expect(mockHasPermission).toHaveBeenCalledTimes(2);
+    });
+    it('handles empty permission arrays', async () => {
+      const mockHasPermission = vi.fn().mockResolvedValue(true);
+      mockUseRBAC.mockReturnValue({
+        hasPermission: mockHasPermission,
+        user: { id: 'test-user-id' }
+      });
+      const { result } = renderHook(() => usePermissionCache(), {
+        wrapper: TestWrapper
+      });
+      const permissions = await result.current.checkMultiplePermissions([]);
+      expect(permissions).toHaveLength(0);
+      expect(mockHasPermission).not.toHaveBeenCalled();
+    });
+  });
+});