@jskit-ai/users-core 0.1.33 → 0.1.35

package/src/server/workspaceBootstrapContributor.js

@@ -1,13 +1,7 @@
-import { AppError } from "@jskit-ai/kernel/server/runtime";
 import { requireServiceMethod } from "@jskit-ai/kernel/shared/actions/actionContributorHelpers";
-import { normalizeLowerText, normalizeText } from "@jskit-ai/kernel/shared/actions/textNormalization";
+import { normalizeLowerText } from "@jskit-ai/kernel/shared/actions/textNormalization";
 import {
   TENANCY_MODE_NONE,
-  TENANCY_MODE_PERSONAL,
-  TENANCY_MODE_WORKSPACES,
-  WORKSPACE_SLUG_POLICY_NONE,
-  WORKSPACE_SLUG_POLICY_IMMUTABLE_USERNAME,
-  WORKSPACE_SLUG_POLICY_USER_SELECTED,
   resolveTenancyProfile
 } from "../shared/tenancyProfile.js";
 import { workspacePendingInvitationsResource } from "../shared/resources/workspacePendingInvitationsResource.js";
@@ -16,9 +10,6 @@ import {
   mapWorkspaceSettingsPublic,
   mapWorkspaceSummary
 } from "./common/formatters/workspaceFormatter.js";
-import { accountAvatarFormatter } from "./common/formatters/accountAvatarFormatter.js";
-import { authenticatedUserValidator } from "./common/validators/authenticatedUserValidator.js";
-import { userSettingsFields } from "../shared/resources/userSettingsFields.js";
 
 const REQUESTED_WORKSPACE_STATUS_RESOLVED = "resolved";
 const REQUESTED_WORKSPACE_STATUS_NOT_FOUND = "not_found";
@@ -31,47 +22,6 @@ function normalizePendingInvites(invites) {
   }).pendingInvites;
 }
 
-function getOAuthProviderCatalogPayload(authService) {
-  if (!authService || typeof authService.getOAuthProviderCatalog !== "function") {
-    return {
-      oauthProviders: [],
-      oauthDefaultProvider: null
-    };
-  }
-
-  const catalog = authService.getOAuthProviderCatalog();
-  const providers = Array.isArray(catalog?.providers)
-    ? catalog.providers
-        .map((provider) => ({
-          id: normalizeLowerText(provider?.id),
-          label: normalizeText(provider?.label)
-        }))
-        .filter((provider) => provider.id && provider.label)
-    : [];
-  const defaultProvider = normalizeLowerText(catalog?.defaultProvider);
-
-  return {
-    oauthProviders: providers,
-    oauthDefaultProvider: providers.some((provider) => provider.id === defaultProvider) ? defaultProvider : null
-  };
-}
-
-function normalizeBoolean(value, fallback) {
-  if (typeof value === "boolean") {
-    return value;
-  }
-  if (typeof value === "string") {
-    const normalized = normalizeLowerText(value);
-    if (normalized === "true") {
-      return true;
-    }
-    if (normalized === "false") {
-      return false;
-    }
-  }
-  return fallback;
-}
-
 function normalizeQueryPayload(value = {}) {
   if (!value || typeof value !== "object" || Array.isArray(value)) {
     return {};
@@ -137,111 +87,28 @@ function resolveRequestedWorkspaceStatusFromError(error) {
   return "";
 }
 
-function resolveAppState(appConfig = {}, { workspaceInvitationsEnabled = true } = {}) {
-  const features = {
-    workspaceSwitching: normalizeBoolean(appConfig.workspaceSwitching, true),
-    workspaceInvites: workspaceInvitationsEnabled === true,
-    assistantEnabled: normalizeBoolean(appConfig.assistantEnabled, false),
-    assistantRequiredPermission: normalizeText(appConfig.assistantRequiredPermission),
-    socialEnabled: normalizeBoolean(appConfig.socialEnabled, false),
-    socialFederationEnabled: normalizeBoolean(appConfig.socialFederationEnabled, false)
-  };
-
-  return {
-    features
-  };
-}
-
-function normalizeSlugPolicy(value = "") {
-  const normalizedValue = normalizeLowerText(value);
-  if (
-    normalizedValue === WORKSPACE_SLUG_POLICY_IMMUTABLE_USERNAME ||
-    normalizedValue === WORKSPACE_SLUG_POLICY_USER_SELECTED
-  ) {
-    return normalizedValue;
-  }
-  return WORKSPACE_SLUG_POLICY_NONE;
-}
-
-function isSupportedTenancyMode(value = "") {
-  return value === TENANCY_MODE_NONE || value === TENANCY_MODE_PERSONAL || value === TENANCY_MODE_WORKSPACES;
-}
-
 function resolveBootstrapTenancyProfile(tenancyProfile = null, appConfig = {}) {
   const fallback = resolveTenancyProfile(appConfig);
-  const source = tenancyProfile && typeof tenancyProfile === "object" ? tenancyProfile : fallback;
-  const mode = isSupportedTenancyMode(source?.mode) ? source.mode : fallback.mode;
-  const workspace = source?.workspace && typeof source.workspace === "object" ? source.workspace : fallback.workspace;
-
   return Object.freeze({
-    mode,
+    mode: fallback.mode,
     workspace: Object.freeze({
-      enabled: workspace.enabled === true,
-      autoProvision: workspace.autoProvision === true,
-      allowSelfCreate: workspace.allowSelfCreate === true,
-      slugPolicy: normalizeSlugPolicy(workspace.slugPolicy)
+      enabled: fallback.workspace.enabled === true,
+      autoProvision: fallback.workspace.autoProvision === true,
+      allowSelfCreate: fallback.workspace.allowSelfCreate === true,
+      slugPolicy: fallback.workspace.slugPolicy
     })
   });
 }
 
-function createAnonymousBootstrapPayload({ appState, tenancyProfile }) {
-  return {
-    session: {
-      authenticated: false
-    },
-    profile: null,
-    tenancy: tenancyProfile,
-    app: appState,
-    workspaces: [],
-    pendingInvites: [],
-    activeWorkspace: null,
-    membership: null,
-    requestedWorkspace: null,
-    permissions: [],
-    surfaceAccess: {
-      consoleowner: false
-    },
-    workspaceSettings: null,
-    userSettings: null
-  };
-}
-
-function mapUserSettingsBootstrap(settings = {}) {
-  const source = settings && typeof settings === "object" ? settings : {};
-  const mapped = {};
-
-  for (const field of userSettingsFields) {
-    if (field.includeInBootstrap === false) {
-      continue;
-    }
-    const rawValue = Object.hasOwn(source, field.key)
-      ? source[field.key]
-      : field.resolveDefault({
-          settings: source
-        });
-    mapped[field.key] = field.normalizeOutput(rawValue, {
-      settings: source
-    });
-  }
-
-  return mapped;
-}
-
 function createWorkspaceBootstrapContributor({
   workspaceService,
   workspacePendingInvitationsService,
   usersRepository,
-  userSettingsRepository,
   workspaceInvitationsEnabled = false,
   appConfig = {},
-  tenancyProfile = null,
-  authService,
-  consoleService = null
+  tenancyProfile = null
 } = {}) {
-  const contributorId = "users.bootstrap";
-  const appState = resolveAppState(appConfig, {
-    workspaceInvitationsEnabled
-  });
+  const contributorId = "users.workspace.bootstrap";
   const resolvedTenancyProfile = resolveBootstrapTenancyProfile(tenancyProfile, appConfig);
 
   requireServiceMethod(workspaceService, "listWorkspacesForUser", contributorId, {
@@ -255,144 +122,83 @@ function createWorkspaceBootstrapContributor({
       serviceLabel: "workspacePendingInvitationsService"
     });
   }
-  requireServiceMethod(usersRepository, "findByIdentity", contributorId, {
+  requireServiceMethod(usersRepository, "findById", contributorId, {
     serviceLabel: "usersRepository"
   });
-  requireServiceMethod(userSettingsRepository, "ensureForUserId", contributorId, {
-    serviceLabel: "userSettingsRepository"
-  });
 
   return Object.freeze({
     contributorId,
-    async contribute({ request = null, reply = null, query = {} } = {}) {
-      const authResult = await request.executeAction({
-        actionId: "auth.session.read"
-      });
+    async contribute({ request = null, query = {}, payload = {} } = {}) {
+      const normalizedUserId = Number(payload?.session?.authenticated === true ? payload?.session?.userId : 0);
+      const normalizedWorkspaceSlug = resolveBootstrapWorkspaceSlug({ query, request });
+      if (!normalizedUserId) {
+        if (!normalizedWorkspaceSlug || resolvedTenancyProfile.mode === TENANCY_MODE_NONE) {
+          return {};
+        }
 
-      if (authResult?.clearSession === true && typeof authService?.clearSessionCookies === "function") {
-        authService.clearSessionCookies(reply);
-      }
-      if (authResult?.session && typeof authService?.writeSessionCookies === "function") {
-        authService.writeSessionCookies(reply, authResult.session);
-      }
-      if (authResult?.transientFailure === true) {
-        throw new AppError(503, "Authentication service temporarily unavailable. Please retry.");
+        return {
+          requestedWorkspace: createRequestedWorkspacePayload(
+            normalizedWorkspaceSlug,
+            REQUESTED_WORKSPACE_STATUS_UNAUTHENTICATED
+          )
+        };
       }
-      let seededConsoleOwnerUserId = 0;
-      if (
-        authResult?.authenticated &&
-        authResult?.profile?.id != null &&
-        consoleService &&
-        typeof consoleService.ensureInitialConsoleMember === "function"
-      ) {
-        seededConsoleOwnerUserId = Number(await consoleService.ensureInitialConsoleMember(authResult.profile.id));
+
+      const latestProfile = await usersRepository.findById(normalizedUserId);
+      if (!latestProfile) {
+        return {};
       }
 
-      const user = authResult?.authenticated ? authResult.profile : null;
-      const normalizedUser = authenticatedUserValidator.normalize(user);
       const pendingInvites =
-        workspaceInvitationsEnabled && normalizedUser
+        workspaceInvitationsEnabled
           ? normalizePendingInvites(
-              await workspacePendingInvitationsService.listPendingInvitesForUser(normalizedUser, {
+              await workspacePendingInvitationsService.listPendingInvitesForUser(latestProfile, {
                 context: {
-                  actor: normalizedUser
+                  actor: latestProfile
                 }
               })
             )
           : [];
-      const normalizedWorkspaceSlug = resolveBootstrapWorkspaceSlug({ query, request });
-      let payload = createAnonymousBootstrapPayload({
-        appState,
-        tenancyProfile: resolvedTenancyProfile
-      });
-      if (normalizedWorkspaceSlug && !normalizedUser) {
-        payload = {
-          ...payload,
-          requestedWorkspace: createRequestedWorkspacePayload(
+      const workspaces = await workspaceService.listWorkspacesForUser(latestProfile, { request });
+      let workspaceContext = null;
+      let requestedWorkspace = null;
+      if (normalizedWorkspaceSlug && resolvedTenancyProfile.mode !== TENANCY_MODE_NONE) {
+        try {
+          workspaceContext = await workspaceService.resolveWorkspaceContextForUserBySlug(
+            latestProfile,
             normalizedWorkspaceSlug,
-            REQUESTED_WORKSPACE_STATUS_UNAUTHENTICATED
-          )
-        };
-      }
-
-      if (normalizedUser) {
-        const latestProfile =
-          (await usersRepository.findByIdentity({
-            provider: normalizedUser.authProvider,
-            providerUserId: normalizedUser.authProviderUserSid
-          })) || normalizedUser;
-
-        const workspaces = await workspaceService.listWorkspacesForUser(latestProfile, { request });
-        let workspaceContext = null;
-        let requestedWorkspace = null;
-        if (normalizedWorkspaceSlug && resolvedTenancyProfile.mode !== TENANCY_MODE_NONE) {
-          try {
-            workspaceContext = await workspaceService.resolveWorkspaceContextForUserBySlug(
-              latestProfile,
-              normalizedWorkspaceSlug,
-              { request }
-            );
-            requestedWorkspace = createRequestedWorkspacePayload(
-              normalizedWorkspaceSlug,
-              REQUESTED_WORKSPACE_STATUS_RESOLVED
-            );
-          } catch (error) {
-            const requestedWorkspaceStatus = resolveRequestedWorkspaceStatusFromError(error);
-            if (!requestedWorkspaceStatus) {
-              throw error;
-            }
-            requestedWorkspace = createRequestedWorkspacePayload(normalizedWorkspaceSlug, requestedWorkspaceStatus);
+            { request }
+          );
+          requestedWorkspace = createRequestedWorkspacePayload(
+            normalizedWorkspaceSlug,
+            REQUESTED_WORKSPACE_STATUS_RESOLVED
+          );
+        } catch (error) {
+          const requestedWorkspaceStatus = resolveRequestedWorkspaceStatusFromError(error);
+          if (!requestedWorkspaceStatus) {
+            throw error;
           }
+          requestedWorkspace = createRequestedWorkspacePayload(normalizedWorkspaceSlug, requestedWorkspaceStatus);
         }
-
-        const userSettings = await userSettingsRepository.ensureForUserId(latestProfile.id);
-        payload = {
-          session: {
-            authenticated: true,
-            userId: latestProfile.id
-          },
-          profile: {
-            displayName: latestProfile.displayName,
-            email: latestProfile.email,
-            avatar: accountAvatarFormatter(latestProfile, userSettings)
-          },
-          tenancy: resolvedTenancyProfile,
-          app: appState,
-          workspaces: [...workspaces],
-          pendingInvites,
-          activeWorkspace: workspaceContext
-            ? mapWorkspaceSummary(workspaceContext.workspace, {
-                roleSid: workspaceContext.membership?.roleSid,
-                status: workspaceContext.membership?.status
-              })
-            : null,
-          membership: mapMembershipSummary(workspaceContext?.membership, workspaceContext?.workspace),
-          requestedWorkspace,
-          permissions: workspaceContext ? [...workspaceContext.permissions] : [],
-          surfaceAccess: {
-            consoleowner: seededConsoleOwnerUserId > 0 && seededConsoleOwnerUserId === Number(latestProfile.id)
-          },
-          workspaceSettings: workspaceContext
-            ? mapWorkspaceSettingsPublic(workspaceContext.workspaceSettings, {
-                workspaceInvitationsEnabled
-              })
-            : null,
-          userSettings: mapUserSettingsBootstrap(userSettings),
-          requestMeta: {
-            hasRequest: Boolean(request)
-          }
-        };
       }
 
-      const oauthCatalogPayload = getOAuthProviderCatalogPayload(authService);
-      const session = payload?.session && typeof payload.session === "object" ? payload.session : { authenticated: false };
-
       return {
-        ...payload,
-        session: {
-          ...session,
-          ...oauthCatalogPayload
-        }
+        workspaces: [...workspaces],
+        pendingInvites,
+        activeWorkspace: workspaceContext
+          ? mapWorkspaceSummary(workspaceContext.workspace, {
+              roleSid: workspaceContext.membership?.roleSid,
+              status: workspaceContext.membership?.status
+            })
+          : null,
+        membership: mapMembershipSummary(workspaceContext?.membership, workspaceContext?.workspace),
+        requestedWorkspace,
+        permissions: workspaceContext ? [...workspaceContext.permissions] : [],
+        workspaceSettings: workspaceContext
+          ? mapWorkspaceSettingsPublic(workspaceContext.workspaceSettings, {
+              workspaceInvitationsEnabled
+            })
+          : null
       };
     }
   });

package/src/shared/settings.js

@@ -30,8 +30,7 @@ const DEFAULT_USER_SETTINGS = Object.freeze({
   accountActivity: true,
   securityAlerts: true,
   passwordSignInEnabled: true,
-  passwordSetupRequired: false,
-  lastActiveWorkspaceId: null
+  passwordSetupRequired: false
 });
 
 function normalizeWorkspaceHexColor(value) {

package/templates/migrations/users_core_generic_initial.cjs

@@ -0,0 +1,69 @@
+/**
+ * @param {import('knex').Knex} knex
+ */
+exports.up = async function up(knex) {
+  const hasUsersTable = await knex.schema.hasTable("users");
+  if (!hasUsersTable) {
+    await knex.schema.createTable("users", (table) => {
+      table.increments("id").primary();
+      table.string("auth_provider", 64).notNullable();
+      table.string("auth_provider_user_sid", 191).notNullable();
+      table.string("email", 255).notNullable();
+      table.string("username", 120).notNullable();
+      table.string("display_name", 160).notNullable();
+      table.string("avatar_storage_key", 512).nullable();
+      table.string("avatar_version", 64).nullable();
+      table.timestamp("avatar_updated_at", { useTz: false }).nullable();
+      table.timestamp("created_at", { useTz: false }).notNullable().defaultTo(knex.fn.now());
+      table.unique(["auth_provider", "auth_provider_user_sid"], "uq_users_identity");
+      table.unique(["email"], "uq_users_email");
+      table.unique(["username"], "uq_users_username");
+    });
+  }
+
+  const hasUserSettingsTable = await knex.schema.hasTable("user_settings");
+  if (!hasUserSettingsTable) {
+    await knex.schema.createTable("user_settings", (table) => {
+      table.integer("user_id").unsigned().primary().references("id").inTable("users").onDelete("CASCADE");
+      table.string("theme", 32).notNullable().defaultTo("system");
+      table.string("locale", 24).notNullable().defaultTo("en");
+      table.string("time_zone", 64).notNullable().defaultTo("UTC");
+      table.string("date_format", 32).notNullable().defaultTo("yyyy-mm-dd");
+      table.string("number_format", 32).notNullable().defaultTo("1,234.56");
+      table.string("currency_code", 3).notNullable().defaultTo("USD");
+      table.integer("avatar_size").notNullable().defaultTo(64);
+      table.boolean("password_sign_in_enabled").notNullable().defaultTo(true);
+      table.boolean("password_setup_required").notNullable().defaultTo(false);
+      table.boolean("notify_product_updates").notNullable().defaultTo(true);
+      table.boolean("notify_account_activity").notNullable().defaultTo(true);
+      table.boolean("notify_security_alerts").notNullable().defaultTo(true);
+      table.timestamp("created_at", { useTz: false }).notNullable().defaultTo(knex.fn.now());
+      table.timestamp("updated_at", { useTz: false }).notNullable().defaultTo(knex.fn.now());
+    });
+  }
+
+  const hasConsoleSettingsTable = await knex.schema.hasTable("console_settings");
+  if (!hasConsoleSettingsTable) {
+    await knex.schema.createTable("console_settings", (table) => {
+      table.integer("id").primary();
+      table.integer("owner_user_id").unsigned().nullable().references("id").inTable("users").onDelete("SET NULL");
+      table.timestamp("created_at", { useTz: false }).notNullable().defaultTo(knex.fn.now());
+      table.timestamp("updated_at", { useTz: false }).notNullable().defaultTo(knex.fn.now());
+    });
+
+    await knex("console_settings").insert({
+      id: 1,
+      created_at: knex.fn.now(),
+      updated_at: knex.fn.now()
+    });
+  }
+};
+
+/**
+ * @param {import('knex').Knex} knex
+ */
+exports.down = async function down(knex) {
+  await knex.schema.dropTableIfExists("console_settings");
+  await knex.schema.dropTableIfExists("user_settings");
+  await knex.schema.dropTableIfExists("users");
+};

package/test/registerUsersCore.test.js

@@ -0,0 +1,42 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import { registerUsersCore } from "../src/server/registerUsersCore.js";
+
+test("registerUsersCore registers console and workspace action surface aliases when action runtime is available", () => {
+  const calls = [];
+  const app = {
+    singleton() {
+      return this;
+    },
+    actionSurfaceSource(sourceName, resolver) {
+      calls.push({
+        sourceName: String(sourceName || ""),
+        resolverType: typeof resolver
+      });
+      return this;
+    }
+  };
+
+  registerUsersCore(app);
+
+  assert.deepEqual(calls, [
+    {
+      sourceName: "workspace",
+      resolverType: "function"
+    },
+    {
+      sourceName: "console",
+      resolverType: "function"
+    }
+  ]);
+});
+
+test("registerUsersCore still works when action runtime has not installed actionSurfaceSource yet", () => {
+  const app = {
+    singleton() {
+      return this;
+    }
+  };
+
+  assert.doesNotThrow(() => registerUsersCore(app));
+});

package/test/usersBootstrapContributor.test.js

@@ -0,0 +1,172 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import { createUsersBootstrapContributor } from "../src/server/usersBootstrapContributor.js";
+import {
+  TENANCY_MODE_PERSONAL,
+  WORKSPACE_SLUG_POLICY_IMMUTABLE_USERNAME
+} from "../src/shared/tenancyProfile.js";
+
+function createAuthenticatedProfile(overrides = {}) {
+  return {
+    id: 7,
+    authProvider: "local",
+    authProviderUserSid: "user-7",
+    username: "tester",
+    displayName: "Test User",
+    email: "test@example.com",
+    ...overrides
+  };
+}
+
+function createUserSettings() {
+  return {
+    theme: "system",
+    locale: "en",
+    timeZone: "UTC",
+    dateFormat: "YYYY-MM-DD",
+    numberFormat: "1,234.56",
+    currencyCode: "USD",
+    avatarSize: 64,
+    productUpdates: true,
+    accountActivity: true,
+    securityAlerts: true
+  };
+}
+
+test("users bootstrap contributor seeds the initial console owner and exposes generic app payload", async () => {
+  const profile = createAuthenticatedProfile({ id: 12 });
+  const consoleOwnerSeeds = [];
+  const writtenSessions = [];
+  const contributor = createUsersBootstrapContributor({
+    usersRepository: {
+      async findById() {
+        return profile;
+      }
+    },
+    userSettingsRepository: {
+      async ensureForUserId() {
+        return createUserSettings();
+      }
+    },
+    authService: {
+      writeSessionCookies(reply, session) {
+        writtenSessions.push({ reply, session });
+      },
+      getOAuthProviderCatalog() {
+        return {
+          providers: [
+            { id: "google", label: "Google" }
+          ],
+          defaultProvider: "google"
+        };
+      }
+    },
+    consoleService: {
+      async ensureInitialConsoleMember(userId) {
+        consoleOwnerSeeds.push(Number(userId));
+        return Number(userId);
+      }
+    }
+  });
+
+  const reply = {};
+  const payload = await contributor.contribute({
+    request: {
+      async executeAction() {
+        return {
+          authenticated: true,
+          profile,
+          session: {
+            csrfToken: "csrf-1"
+          }
+        };
+      }
+    },
+    reply
+  });
+
+  assert.deepEqual(consoleOwnerSeeds, [12]);
+  assert.equal(writtenSessions.length, 1);
+  assert.equal(writtenSessions[0].reply, reply);
+  assert.deepEqual(writtenSessions[0].session, {
+    csrfToken: "csrf-1"
+  });
+  assert.equal(payload.session.authenticated, true);
+  assert.equal(payload.session.userId, 12);
+  assert.equal(payload.surfaceAccess.consoleowner, true);
+  assert.equal(payload.app.features.workspaceSwitching, false);
+  assert.deepEqual(payload.session.oauthProviders, [
+    {
+      id: "google",
+      label: "Google"
+    }
+  ]);
+  assert.equal(payload.session.oauthDefaultProvider, "google");
+  assert.deepEqual(payload.workspaces, []);
+  assert.deepEqual(payload.userSettings, {});
+  assert.equal(payload.requestMeta.hasRequest, true);
+});
+
+test("users bootstrap contributor emits canonical tenancy profile for anonymous bootstrap", async () => {
+  const contributor = createUsersBootstrapContributor({
+    usersRepository: {
+      async findById() {
+        return null;
+      }
+    },
+    userSettingsRepository: {
+      async ensureForUserId() {
+        return createUserSettings();
+      }
+    },
+    tenancyProfile: {
+      mode: TENANCY_MODE_PERSONAL,
+      workspace: {
+        enabled: true,
+        autoProvision: true,
+        allowSelfCreate: false,
+        slugPolicy: WORKSPACE_SLUG_POLICY_IMMUTABLE_USERNAME
+      }
+    },
+    appConfig: {
+      tenancyMode: "none"
+    },
+    authService: {
+      getOAuthProviderCatalog() {
+        return {
+          providers: [],
+          defaultProvider: null
+        };
+      }
+    }
+  });
+
+  const payload = await contributor.contribute({
+    request: {
+      async executeAction() {
+        return {
+          authenticated: false
+        };
+      }
+    },
+    reply: {}
+  });
+
+  assert.deepEqual(payload.tenancy, {
+    mode: TENANCY_MODE_PERSONAL,
+    workspace: {
+      enabled: true,
+      autoProvision: true,
+      allowSelfCreate: false,
+      slugPolicy: WORKSPACE_SLUG_POLICY_IMMUTABLE_USERNAME
+    }
+  });
+  assert.deepEqual(payload.session, {
+    authenticated: false,
+    oauthProviders: [],
+    oauthDefaultProvider: null
+  });
+  assert.deepEqual(payload.workspaces, []);
+  assert.equal(payload.surfaceAccess.consoleowner, false);
+  assert.equal(payload.userSettings, null);
+});