npm - @jskit-ai/users-core - Versions diffs - 0.1.4 - Mend

@jskit-ai/users-core 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (148) hide show

package/test/usersRouteValidators.test.js ADDED Viewed

@@ -0,0 +1,49 @@
+import test from "node:test";
+import assert from "node:assert/strict";
+import { Type } from "@fastify/type-provider-typebox";
+import { compileRouteValidator } from "@jskit-ai/kernel/_testable";
+import { routeParamsValidator } from "../src/server/common/validators/routeParamsValidator.js";
+test("routeParamsValidator exposes a shared route params validator", () => {
+  assert.equal(typeof routeParamsValidator.schema, "object");
+  assert.equal(typeof routeParamsValidator.normalize, "function");
+});
+test("route validator pipeline uses the shared params validator and merges query arrays automatically", () => {
+  const paginationQueryValidator = Object.freeze({
+    schema: Type.Object(
+      {
+        cursor: Type.Optional(Type.String({ minLength: 1 })),
+        limit: Type.Optional(Type.String({ pattern: "^[0-9]+$" }))
+      },
+      { additionalProperties: false }
+    )
+  });
+  const searchQueryValidator = Object.freeze({
+    schema: Type.Object(
+      {
+        search: Type.Optional(Type.String({ minLength: 1 }))
+      },
+      { additionalProperties: false }
+    )
+  });
+  const compiled = compileRouteValidator({
+    paramsValidator: routeParamsValidator,
+    queryValidator: [paginationQueryValidator, searchQueryValidator]
+  });
+  assert.equal(compiled.schema.params.type, "object");
+  assert.equal(compiled.schema.params.additionalProperties, false);
+  assert.equal(typeof compiled.schema.params.properties.workspaceSlug, "object");
+  assert.equal(typeof compiled.schema.params.properties.memberUserId, "object");
+  assert.equal(typeof compiled.schema.params.properties.inviteId, "object");
+  assert.equal(typeof compiled.schema.params.properties.provider, "object");
+  assert.equal(compiled.input.params({ workspaceSlug: "  ACME  " }).workspaceSlug, "acme");
+  assert.equal(compiled.schema.querystring.type, "object");
+  assert.equal(compiled.schema.querystring.additionalProperties, false);
+  assert.equal(typeof compiled.schema.querystring.properties.cursor, "object");
+  assert.equal(typeof compiled.schema.querystring.properties.limit, "object");
+  assert.equal(typeof compiled.schema.querystring.properties.search, "object");
+});

package/test/usersVisibility.test.js ADDED Viewed

@@ -0,0 +1,22 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import {
+  isWorkspaceVisibility,
+  normalizeScopedRouteVisibility
+} from "../src/shared/support/usersVisibility.js";
+test("normalizeScopedRouteVisibility normalizes users visibility levels", () => {
+  assert.equal(normalizeScopedRouteVisibility("WORKSPACE"), "workspace");
+  assert.equal(normalizeScopedRouteVisibility("workspace_user"), "workspace_user");
+  assert.equal(normalizeScopedRouteVisibility("user"), "user");
+  assert.equal(normalizeScopedRouteVisibility(""), "public");
+  assert.equal(normalizeScopedRouteVisibility("unknown"), "public");
+  assert.equal(normalizeScopedRouteVisibility("unknown", { fallback: "workspace" }), "workspace");
+});
+test("isWorkspaceVisibility recognizes workspace-only visibility levels", () => {
+  assert.equal(isWorkspaceVisibility("workspace"), true);
+  assert.equal(isWorkspaceVisibility("workspace_user"), true);
+  assert.equal(isWorkspaceVisibility("public"), false);
+  assert.equal(isWorkspaceVisibility("user"), false);
+});

package/test/workspaceActionContextContributor.test.js ADDED Viewed

@@ -0,0 +1,251 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import { createWorkspaceActionContextContributor } from "../src/server/common/contributors/workspaceActionContextContributor.js";
+test("workspace action context contributor resolves workspace context for workspace actions", async () => {
+  const calls = [];
+  const contributor = createWorkspaceActionContextContributor({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug(user, workspaceSlug, options) {
+        calls.push({
+          user,
+          workspaceSlug,
+          options
+        });
+        return {
+          workspace: {
+            id: 10,
+            slug: "acme"
+          },
+          membership: {
+            roleId: "owner"
+          },
+          permissions: ["workspace.settings.update"]
+        };
+      }
+    }
+  });
+  const request = {
+    user: {
+      id: 42,
+      email: "user@example.com"
+    }
+  };
+  const contribution = await contributor.contribute({
+    actionId: "workspace.settings.update",
+    input: {
+      workspaceSlug: "Acme"
+    },
+    context: {
+      requestMeta: {
+        request
+      }
+    },
+    request
+  });
+  assert.deepEqual(calls, [
+    {
+      user: request.user,
+      workspaceSlug: "Acme",
+      options: {
+        request
+      }
+    }
+  ]);
+  assert.deepEqual(contribution, {
+    requestMeta: {
+      resolvedWorkspaceContext: {
+        workspace: {
+          id: 10,
+          slug: "acme"
+        },
+        membership: {
+          roleId: "owner"
+        },
+        permissions: ["workspace.settings.update"]
+      }
+    },
+    workspace: {
+      id: 10,
+      slug: "acme"
+    },
+    membership: {
+      roleId: "owner"
+    },
+    permissions: ["workspace.settings.update"]
+  });
+});
+test("workspace action context contributor ignores actions that do not require workspace context", async () => {
+  const contributor = createWorkspaceActionContextContributor({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug() {
+        throw new Error("should not be called");
+      }
+    }
+  });
+  const contribution = await contributor.contribute({
+    actionId: "workspace.workspaces.list",
+    input: {
+      workspaceSlug: "acme"
+    },
+    context: {}
+  });
+  assert.deepEqual(contribution, {});
+});
+test("workspace action context contributor always resolves and stores resolved context", async () => {
+  const calls = [];
+  const contributor = createWorkspaceActionContextContributor({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug(user, workspaceSlug, options) {
+        calls.push({ user, workspaceSlug, options });
+        return {
+          workspace: {
+            id: 10,
+            slug: "acme",
+            ownerUserId: 77
+          },
+          membership: {
+            roleId: "owner"
+          },
+          permissions: ["workspace.settings.update"]
+        };
+      }
+    }
+  });
+  const request = {
+    user: {
+      id: 42
+    }
+  };
+  const contribution = await contributor.contribute({
+    actionId: "workspace.members.list",
+    input: {
+      workspaceSlug: "acme"
+    },
+    context: {
+      workspace: {
+        id: 1
+      },
+      requestMeta: {
+        request
+      }
+    },
+    request
+  });
+  assert.deepEqual(calls, [
+    {
+      user: request.user,
+      workspaceSlug: "acme",
+      options: {
+        request
+      }
+    }
+  ]);
+  assert.deepEqual(contribution, {
+    requestMeta: {
+      resolvedWorkspaceContext: {
+        workspace: {
+          id: 10,
+          slug: "acme",
+          ownerUserId: 77
+        },
+        membership: {
+          roleId: "owner"
+        },
+        permissions: ["workspace.settings.update"]
+      }
+    },
+    membership: {
+      roleId: "owner"
+    },
+    permissions: ["workspace.settings.update"]
+  });
+});
+test("workspace action context contributor resolves context for workspace-visible routes outside legacy action list", async () => {
+  const calls = [];
+  const contributor = createWorkspaceActionContextContributor({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug(user, workspaceSlug, options) {
+        calls.push({ user, workspaceSlug, options });
+        return {
+          workspace: {
+            id: 33,
+            slug: "acme"
+          },
+          membership: {
+            roleId: "admin"
+          },
+          permissions: ["assistant.chat.use"]
+        };
+      }
+    }
+  });
+  const request = {
+    user: {
+      id: 42
+    },
+    routeOptions: {
+      config: {
+        visibility: "workspace"
+      }
+    }
+  };
+  const contribution = await contributor.contribute({
+    actionId: "assistant.conversations.list",
+    input: {
+      workspaceSlug: "acme"
+    },
+    context: {
+      requestMeta: {
+        request
+      }
+    },
+    request
+  });
+  assert.deepEqual(calls, [
+    {
+      user: request.user,
+      workspaceSlug: "acme",
+      options: {
+        request
+      }
+    }
+  ]);
+  assert.deepEqual(contribution, {
+    requestMeta: {
+      resolvedWorkspaceContext: {
+        workspace: {
+          id: 33,
+          slug: "acme"
+        },
+        membership: {
+          roleId: "admin"
+        },
+        permissions: ["assistant.chat.use"]
+      }
+    },
+    workspace: {
+      id: 33,
+      slug: "acme"
+    },
+    membership: {
+      roleId: "admin"
+    },
+    permissions: ["assistant.chat.use"]
+  });
+});

package/test/workspaceActionSurfaces.test.js ADDED Viewed

@@ -0,0 +1,105 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import {
+  materializeWorkspaceActionSurfacesFromAppConfig,
+  resolveConsoleSurfaceIdsFromAppConfig,
+  resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig
+} from "../src/server/support/workspaceActionSurfaces.js";
+test("materializeWorkspaceActionSurfacesFromAppConfig resolves workspace surfaces from appConfig", () => {
+  const actionDefinitions = [
+    {
+      id: "workspace.settings.read",
+      surfacesFrom: "workspace"
+    },
+    {
+      id: "auth.session.read",
+      surfacesFrom: "enabled"
+    }
+  ];
+  const materialized = materializeWorkspaceActionSurfacesFromAppConfig(actionDefinitions, {
+    appConfig: {
+      surfaceDefinitions: {
+        app: { id: "app", enabled: true, requiresWorkspace: true },
+        admin: { id: "admin", enabled: true, requiresWorkspace: true },
+        console: { id: "console", enabled: true, requiresWorkspace: false }
+      }
+    }
+  });
+  assert.deepEqual(materialized, [
+    {
+      id: "workspace.settings.read",
+      surfaces: ["app", "admin"]
+    },
+    {
+      id: "auth.session.read",
+      surfacesFrom: "enabled"
+    }
+  ]);
+});
+test("materializeWorkspaceActionSurfacesFromAppConfig drops workspace actions when no workspace surfaces are enabled", () => {
+  const actionDefinitions = [
+    {
+      id: "workspace.settings.read",
+      surfacesFrom: "workspace"
+    }
+  ];
+  const materialized = materializeWorkspaceActionSurfacesFromAppConfig(actionDefinitions, {
+    appConfig: {
+      surfaceDefinitions: {
+        app: { id: "app", enabled: true, requiresWorkspace: false },
+        console: { id: "console", enabled: true, requiresWorkspace: false }
+      }
+    }
+  });
+  assert.deepEqual(materialized, []);
+});
+test("resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig picks a workspace surface when app default is non-workspace", () => {
+  const surfaceId = resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig({
+    surfaceDefaultId: "home",
+    surfaceDefinitions: {
+      home: { id: "home", enabled: true, requiresWorkspace: false },
+      app: { id: "app", enabled: true, requiresWorkspace: true },
+      admin: { id: "admin", enabled: true, requiresWorkspace: true }
+    }
+  });
+  assert.equal(surfaceId, "app");
+});
+test("resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig falls back to app default when no workspace surfaces exist", () => {
+  const surfaceId = resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig({
+    surfaceDefaultId: "home",
+    surfaceDefinitions: {
+      home: { id: "home", enabled: true, requiresWorkspace: false },
+      console: { id: "console", enabled: true, requiresWorkspace: false }
+    }
+  });
+  assert.equal(surfaceId, "home");
+});
+test("resolveConsoleSurfaceIdsFromAppConfig resolves all enabled console-owner surfaces", () => {
+  const surfaceIds = resolveConsoleSurfaceIdsFromAppConfig({
+    surfaceDefinitions: {
+      home: { id: "home", enabled: true, requiresWorkspace: false, accessPolicyId: "public" },
+      console: { id: "console", enabled: true, requiresWorkspace: false, accessPolicyId: "console_owner" },
+      opsConsole: { id: "opsConsole", enabled: true, requiresWorkspace: false, accessPolicyId: "console_owner" },
+      app: { id: "app", enabled: true, requiresWorkspace: true, accessPolicyId: "workspace_member" },
+      disabledConsole: {
+        id: "disabledConsole",
+        enabled: false,
+        requiresWorkspace: false,
+        accessPolicyId: "console_owner"
+      }
+    }
+  });
+  assert.deepEqual(surfaceIds, ["console", "opsconsole"]);
+});

package/test/workspaceAuthPolicyContextResolver.test.js ADDED Viewed

@@ -0,0 +1,119 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import { createWorkspaceAuthPolicyContextResolver } from "../src/server/common/contributors/workspaceAuthPolicyContextResolver.js";
+test("workspace auth policy context resolver returns empty context when policy does not require workspace context", async () => {
+  const resolver = createWorkspaceAuthPolicyContextResolver({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug() {
+        throw new Error("must not be called");
+      }
+    }
+  });
+  const resolved = await resolver({
+    request: {
+      params: {
+        workspaceSlug: "acme"
+      }
+    },
+    actor: {
+      id: 7
+    },
+    meta: {
+      contextPolicy: "none",
+      permission: ""
+    }
+  });
+  assert.deepEqual(resolved, {});
+});
+test("workspace auth policy context resolver resolves workspace context from users workspace service", async () => {
+  const calls = [];
+  const resolver = createWorkspaceAuthPolicyContextResolver({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug(actor, workspaceSlug, options) {
+        calls.push({
+          actor,
+          workspaceSlug,
+          options
+        });
+        return {
+          workspace: {
+            id: 11,
+            slug: workspaceSlug
+          },
+          membership: {
+            roleId: "owner"
+          },
+          permissions: ["projects.read"]
+        };
+      }
+    }
+  });
+  const request = {
+    params: {
+      workspaceSlug: "ACME"
+    }
+  };
+  const actor = {
+    id: 7
+  };
+  const resolved = await resolver({
+    request,
+    actor,
+    meta: {
+      contextPolicy: "required"
+    }
+  });
+  assert.deepEqual(calls, [
+    {
+      actor,
+      workspaceSlug: "acme",
+      options: {
+        request
+      }
+    }
+  ]);
+  assert.deepEqual(resolved, {
+    workspace: {
+      id: 11,
+      slug: "acme"
+    },
+    membership: {
+      roleId: "owner"
+    },
+    permissions: ["projects.read"]
+  });
+});
+test("workspace auth policy context resolver skips workspace lookup when workspace slug is absent", async () => {
+  let called = false;
+  const resolver = createWorkspaceAuthPolicyContextResolver({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug() {
+        called = true;
+        return {};
+      }
+    }
+  });
+  const resolved = await resolver({
+    request: {
+      params: {}
+    },
+    actor: {
+      id: 7
+    },
+    meta: {
+      contextPolicy: "required"
+    }
+  });
+  assert.equal(called, false);
+  assert.deepEqual(resolved, {});
+});