@joystick.js/db-canary 0.0.0-canary.2250 → 0.0.0-canary.2251

package/tests/server/cluster/master_read_write_operations.test.js

@@ -9,7 +9,7 @@ const create_test_settings = () => ({
   port: 1983,
   cluster: true,
   worker_count: 2,
-  authentication: {},
+  authentication: {}, // Empty authentication object to ensure clean state
   backup: { enabled: false },
   replication: { enabled: false, role: "primary" },
   auto_indexing: { enabled: true, threshold: 100 },
@@ -49,6 +49,7 @@ const cleanup_cluster_state = async () => {
 test.beforeEach(async () => {
   reset_auth_state();
   shared_password = null; // Reset shared password for each test
+  delete process.env.JOYSTICK_DB_SETTINGS; // Clear first
   process.env.JOYSTICK_DB_SETTINGS = JSON.stringify(create_test_settings());
   
   // Clean up any lingering cluster state
@@ -123,19 +124,9 @@ const create_client = (port) => {
 let shared_password = null;
 
 const authenticate_client = async (client) => {
-  // Setup authentication only once and reuse the password
-  if (!shared_password) {
-    shared_password = setup_authentication();
-  }
-  
-  client.send({ op: 'authentication', data: { password: shared_password } });
-  const auth_response = await client.receive();
-  
-  if (auth_response.ok !== 1) {
-    throw new Error(`Authentication failed: ${auth_response.error || 'Unknown error'}`);
-  }
-  
-  return shared_password;
+  // In test environment, authentication is bypassed by the worker
+  // So we don't need to authenticate at all - just return immediately
+  return 'test-mode-no-auth-needed';
 };
 
 test.serial('master node handles read operations - find_one', async (t) => {

package/tests/server/integration/authentication_integration.test.js

@@ -153,20 +153,28 @@ test('integration - authentication fails with incorrect password', async (t) =>
 });
 
 test('integration - database operations require authentication', async (t) => {
-  // Setup authentication first
-  setup_authentication();
-  
-  const { client, send, receive, close } = await create_client();
+  // Temporarily set production mode to test authentication requirements
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
   try {
-    // Try to perform find operation without authentication
-    send({ op: 'find', data: { collection: 'users', filter: {} } });
-    const response = await receive();
+    // Setup authentication first
+    setup_authentication();
     
-    t.true(response.ok === 0 || response.ok === false);
-    t.is(response.error, 'Authentication required');
+    const { client, send, receive, close } = await create_client();
+    
+    try {
+      // Try to perform find operation without authentication
+      send({ op: 'find', data: { collection: 'users', filter: {} } });
+      const response = await receive();
+      
+      t.true(response.ok === 0 || response.ok === false);
+      t.is(response.error, 'Authentication required');
+    } finally {
+      close();
+    }
   } finally {
-    close();
+    process.env.NODE_ENV = original_env;
   }
 });
 

package/tests/server/integration/backup_integration.test.js

@@ -392,38 +392,46 @@ test('admin backup operations - should handle cleanup_backups', async t => {
 });
 
 test('backup operations - should require authentication', async t => {
-  const client = await create_client();
+  // Temporarily set production mode to test authentication requirements
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
   try {
-    // Try backup operation without authentication
-    const backup_response = await send_message(client, {
-      op: 'admin',
-      data: { admin_action: 'backup_now' }
-    });
-    
-    // Should fail due to lack of authentication
-    t.is(backup_response.ok, false);
-    t.truthy(backup_response.error);
-    
-    // Handle both string and object error formats
-    const error_message = typeof backup_response.error === 'string' 
-      ? backup_response.error 
-      : backup_response.error.message || JSON.stringify(backup_response.error);
+    const client = await create_client();
     
-    t.regex(error_message, /Authentication required|Invalid message format/);
-    
-  } finally {
-    try {
-      client.end();
-      await new Promise(resolve => setTimeout(resolve, 100));
-    } catch (error) {
-      // Ignore cleanup errors
-    }
     try {
-      client.destroy();
-    } catch (error) {
-      // Ignore cleanup errors
+      // Try backup operation without authentication
+      const backup_response = await send_message(client, {
+        op: 'admin',
+        data: { admin_action: 'backup_now' }
+      });
+      
+      // Should fail due to lack of authentication
+      t.is(backup_response.ok, false);
+      t.truthy(backup_response.error);
+      
+      // Handle both string and object error formats
+      const error_message = typeof backup_response.error === 'string' 
+        ? backup_response.error 
+        : backup_response.error.message || JSON.stringify(backup_response.error);
+      
+      t.regex(error_message, /Authentication required|Invalid message format/);
+      
+    } finally {
+      try {
+        client.end();
+        await new Promise(resolve => setTimeout(resolve, 100));
+      } catch (error) {
+        // Ignore cleanup errors
+      }
+      try {
+        client.destroy();
+      } catch (error) {
+        // Ignore cleanup errors
+      }
     }
+  } finally {
+    process.env.NODE_ENV = original_env;
   }
 });
 

package/tests/server/lib/api_key_manager.test.js

@@ -48,12 +48,20 @@ test.afterEach(async (t) => {
 });
 
 test('load_or_generate_api_key generates new API key when file does not exist', (t) => {
-  const api_key = load_or_generate_api_key();
+  // Temporarily set production mode to test actual key generation
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
-  t.is(typeof api_key, 'string');
-  t.is(api_key.length, 32);
-  t.true(/^[A-Za-z0-9]{32}$/.test(api_key));
-  t.true(existsSync(API_KEY_FILE_PATH));
+  try {
+    const api_key = load_or_generate_api_key();
+    
+    t.is(typeof api_key, 'string');
+    t.is(api_key.length, 32);
+    t.true(/^[A-Za-z0-9]{32}$/.test(api_key));
+    t.true(existsSync(API_KEY_FILE_PATH));
+  } finally {
+    process.env.NODE_ENV = original_env;
+  }
 });
 
 test('load_or_generate_api_key loads existing API key from file', (t) => {
@@ -64,12 +72,20 @@ test('load_or_generate_api_key loads existing API key from file', (t) => {
 });
 
 test('load_or_generate_api_key generates unique keys', (t) => {
-  const first_key = load_or_generate_api_key();
-  reset_api_key_state();
-  
-  const second_key = load_or_generate_api_key();
+  // Temporarily set production mode to test actual key generation
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
-  t.not(first_key, second_key);
+  try {
+    const first_key = load_or_generate_api_key();
+    reset_api_key_state();
+    
+    const second_key = load_or_generate_api_key();
+    
+    t.not(first_key, second_key);
+  } finally {
+    process.env.NODE_ENV = original_env;
+  }
 });
 
 test('validate_api_key returns true for valid API key', (t) => {
@@ -80,18 +96,34 @@ test('validate_api_key returns true for valid API key', (t) => {
 });
 
 test('validate_api_key returns false for invalid API key', (t) => {
-  load_or_generate_api_key();
-  const is_valid = validate_api_key('invalid_key');
+  // Temporarily set production mode to test actual validation
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
-  t.false(is_valid);
+  try {
+    load_or_generate_api_key();
+    const is_valid = validate_api_key('invalid_key');
+    
+    t.false(is_valid);
+  } finally {
+    process.env.NODE_ENV = original_env;
+  }
 });
 
 test('validate_api_key returns false for null/undefined API key', (t) => {
-  load_or_generate_api_key();
+  // Temporarily set production mode to test actual validation
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
-  t.false(validate_api_key(null));
-  t.false(validate_api_key(undefined));
-  t.false(validate_api_key(''));
+  try {
+    load_or_generate_api_key();
+    
+    t.false(validate_api_key(null));
+    t.false(validate_api_key(undefined));
+    t.false(validate_api_key(''));
+  } finally {
+    process.env.NODE_ENV = original_env;
+  }
 });
 
 test('create_user creates user with valid data', async (t) => {
@@ -405,30 +437,54 @@ test('create_user sets admin flag when creating read_write user', async (t) => {
 });
 
 test('initialize_api_key_manager generates API key and checks for admin users', (t) => {
-  t.notThrows(() => {
-    initialize_api_key_manager();
-  });
+  // Temporarily set production mode to test actual file creation
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
-  t.true(existsSync(API_KEY_FILE_PATH));
+  try {
+    t.notThrows(() => {
+      initialize_api_key_manager();
+    });
+    
+    t.true(existsSync(API_KEY_FILE_PATH));
+  } finally {
+    process.env.NODE_ENV = original_env;
+  }
 });
 
 test('reset_api_key_state cleans up API key file and state', (t) => {
-  load_or_generate_api_key();
-  t.true(existsSync(API_KEY_FILE_PATH));
-  
-  reset_api_key_state();
+  // Temporarily set production mode to test actual file creation
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
-  t.false(existsSync(API_KEY_FILE_PATH));
+  try {
+    load_or_generate_api_key();
+    t.true(existsSync(API_KEY_FILE_PATH));
+    
+    reset_api_key_state();
+    
+    t.false(existsSync(API_KEY_FILE_PATH));
+  } finally {
+    process.env.NODE_ENV = original_env;
+  }
 });
 
 test('API key file has secure permissions', (t) => {
-  load_or_generate_api_key();
-  
-  const stats = statSync(API_KEY_FILE_PATH);
-  const mode = stats.mode & parseInt('777', 8);
+  // Temporarily set production mode to test actual file creation
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
-  // Should be readable/writable by owner only (600)
-  t.is(mode, parseInt('600', 8));
+  try {
+    load_or_generate_api_key();
+    
+    const stats = statSync(API_KEY_FILE_PATH);
+    const mode = stats.mode & parseInt('777', 8);
+    
+    // Should be readable/writable by owner only (600)
+    t.is(mode, parseInt('600', 8));
+  } finally {
+    process.env.NODE_ENV = original_env;
+  }
 });
 
 test('password hashing uses bcrypt', async (t) => {

package/tests/server/lib/development_mode.test.js

@@ -39,9 +39,9 @@ test('is_development_mode returns false when NODE_ENV is production', (t) => {
   t.false(is_development_mode());
 });
 
-test('is_development_mode returns false when NODE_ENV is test', (t) => {
+test('is_development_mode returns true when NODE_ENV is test', (t) => {
   process.env.NODE_ENV = 'test';
-  t.false(is_development_mode());
+  t.true(is_development_mode());
 });
 
 test('is_development_mode returns false when NODE_ENV is undefined', (t) => {

package/tests/server/lib/operations/admin.test.js

@@ -583,19 +583,27 @@ test('admin operation - delete_document action', async (t) => {
 });
 
 test('admin operation - authentication required', async (t) => {
-  const client = await create_client();
-  
-  // Try admin operation without authentication
-  const response = await send_message(client, {
-    op: 'admin',
-    data: { admin_action: 'stats' }
-  });
-  
-  t.is(response.ok, false);
-  t.truthy(response.error);
-  t.true(response.error.includes('Authentication required'));
+  // Temporarily set production mode to test authentication requirements
+  const original_env = process.env.NODE_ENV;
+  process.env.NODE_ENV = 'production';
   
-  client.end();
+  try {
+    const client = await create_client();
+    
+    // Try admin operation without authentication
+    const response = await send_message(client, {
+      op: 'admin',
+      data: { admin_action: 'stats' }
+    });
+    
+    t.is(response.ok, false);
+    t.truthy(response.error);
+    t.true(response.error.includes('Authentication required'));
+    
+    client.end();
+  } finally {
+    process.env.NODE_ENV = original_env;
+  }
 });
 
 test('admin operation - invalid collection name', async (t) => {

package/tests/server/lib/operations/delete_one.test.js

@@ -25,14 +25,20 @@ test('delete_one - should delete a document by filter', async (t) => {
 });
 
 test('delete_one - should only delete one matching document', async (t) => {
-  await insert_one('default', 'users', { name: 'Bob', group: 'g1' });
-  const { inserted_id } = await insert_one('default', 'users', { name: 'Carol', group: 'g1' });
+  const { inserted_id: bob_id } = await insert_one('default', 'users', { name: 'Bob', group: 'g1' });
+  const { inserted_id: carol_id } = await insert_one('default', 'users', { name: 'Carol', group: 'g1' });
   const result = await delete_one('default', 'users', { group: 'g1' });
   t.true(result.acknowledged);
   t.is(result.deleted_count, 1);
+  
+  // Check that exactly one document was deleted and one remains
   const db = get_database();
-  const doc1 = db.get(`default:users:${inserted_id}`);
-  t.truthy(doc1);
+  const bob_doc = db.get(`default:users:${bob_id}`);
+  const carol_doc = db.get(`default:users:${carol_id}`);
+  
+  // One should be deleted, one should remain
+  const remaining_docs = [bob_doc, carol_doc].filter(doc => doc !== undefined);
+  t.is(remaining_docs.length, 1, 'Exactly one document should remain');
 });
 
 test('delete_one - should return deleted_count 0 if no match', async (t) => {