npm - @jskit-ai/workspaces-core - Versions diffs - 0.1.14 → 0.1.16 - Mend

@jskit-ai/workspaces-core 0.1.14 → 0.1.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (83) hide show

package/test/usersRouteResources.test.js ADDED Viewed

@@ -0,0 +1,97 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import path from "node:path";
+import { existsSync } from "node:fs";
+import { fileURLToPath } from "node:url";
+import { deriveResourceRequiredMetadata } from "@jskit-ai/kernel/_testable";
+import "../test-support/registerDefaultSettingsFields.js";
+import { workspaceMembersResource } from "../src/shared/resources/workspaceMembersResource.js";
+import { workspaceResource } from "../src/shared/resources/workspaceResource.js";
+import { workspaceSettingsResource } from "../src/shared/resources/workspaceSettingsResource.js";
+function assertResourceShape(resource, label) {
+  assert.ok(resource, `${label} resource must exist.`);
+  assert.equal(typeof resource, "object", `${label} resource must be an object.`);
+  assert.equal(typeof resource.resource, "string", `${label}.resource must be a string.`);
+  for (const operationName of ["view", "list", "create", "replace", "patch"]) {
+    const operation = resource.operations?.[operationName];
+    assert.equal(typeof operation, "object", `${label}.operations.${operationName} must exist.`);
+    assert.equal(typeof operation.method, "string", `${label}.operations.${operationName}.method must exist.`);
+    const resolvedMessages =
+      operation?.messages && typeof operation.messages === "object"
+        ? operation.messages
+        : resource?.messages || resource?.operationMessages;
+    assert.equal(
+      typeof resolvedMessages,
+      "object",
+      `${label}.operations.${operationName} must resolve messages from operation.messages or resource.messages.`
+    );
+    assert.equal(
+      typeof operation.outputValidator?.schema,
+      "object",
+      `${label}.operations.${operationName} payload schema is required.`
+    );
+  }
+  assert.equal(typeof resource.operations.create.bodyValidator?.schema, "object", `${label}.operations.create.bodyValidator.schema is required.`);
+  assert.equal(typeof resource.operations.replace.bodyValidator?.schema, "object", `${label}.operations.replace.bodyValidator.schema is required.`);
+  assert.equal(typeof resource.operations.patch.bodyValidator?.schema, "object", `${label}.operations.patch.bodyValidator.schema is required.`);
+  const requiredMetadata = deriveResourceRequiredMetadata(resource);
+  assert.ok(Array.isArray(requiredMetadata.create), `${label}.derivedRequired.create must be an array.`);
+  assert.ok(Array.isArray(requiredMetadata.replace), `${label}.derivedRequired.replace must be an array.`);
+  assert.ok(Array.isArray(requiredMetadata.patch), `${label}.derivedRequired.patch must be an array.`);
+}
+test("workspace resources expose canonical validators", () => {
+  const resourcesByLabel = {
+    workspace: workspaceResource,
+    workspaceSettings: workspaceSettingsResource
+  };
+  for (const [label, resource] of Object.entries(resourcesByLabel)) {
+    assertResourceShape(resource, label);
+  }
+});
+test("workspace settings and invite operations expose canonical validators", () => {
+  const operationSpecs = [
+    { label: "workspaceMembers.rolesList", operation: workspaceMembersResource.operations.rolesList },
+    { label: "workspaceMembers.membersList", operation: workspaceMembersResource.operations.membersList },
+    { label: "workspaceMembers.updateMemberRole", operation: workspaceMembersResource.operations.updateMemberRole },
+    { label: "workspaceMembers.removeMember", operation: workspaceMembersResource.operations.removeMember },
+    { label: "workspaceMembers.invitesList", operation: workspaceMembersResource.operations.invitesList },
+    { label: "workspaceMembers.createInvite", operation: workspaceMembersResource.operations.createInvite },
+    { label: "workspaceMembers.revokeInvite", operation: workspaceMembersResource.operations.revokeInvite },
+    { label: "workspaceMembers.redeemInvite", operation: workspaceMembersResource.operations.redeemInvite }
+  ];
+  for (const { label, operation } of operationSpecs) {
+    assert.equal(typeof operation?.method, "string", `${label}.method must exist.`);
+    assert.equal(typeof operation?.outputValidator?.schema, "object", `${label}.outputValidator.schema must exist.`);
+    if (operation?.bodyValidator) {
+      assert.equal(typeof operation.bodyValidator.schema, "object", `${label}.bodyValidator.schema must exist.`);
+    }
+    if (operation?.paramsValidator) {
+      assert.equal(typeof operation.paramsValidator.schema, "object", `${label}.paramsValidator.schema must exist.`);
+    }
+    if (operation?.queryValidator) {
+      assert.equal(typeof operation.queryValidator.schema, "object", `${label}.queryValidator.schema must exist.`);
+    }
+  }
+});
+test("workspaces-core no longer uses a workspace schema helper that exposes raw schema leaves", () => {
+  const testFilePath = fileURLToPath(import.meta.url);
+  const packageRoot = path.resolve(path.dirname(testFilePath), "..");
+  const legacyWorkspaceRoutesFile = path.join(packageRoot, "src", "server", "common", "routes", "workspaceRoutes.js");
+  assert.equal(existsSync(legacyWorkspaceRoutesFile), false, "workspaceRoutes.js must not exist.");
+});
+test("workspaces-core route validators no longer live under a legacy shared/schema directory", () => {
+  const testFilePath = fileURLToPath(import.meta.url);
+  const packageRoot = path.resolve(path.dirname(testFilePath), "..");
+  const legacySchemaDir = path.join(packageRoot, "src", "shared", "schema");
+  assert.equal(existsSync(legacySchemaDir), false, "src/shared/schema must not exist.");
+});

package/test/workspaceActionContextContributor.test.js ADDED Viewed

@@ -0,0 +1,344 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import { createWorkspaceActionContextContributor } from "../src/server/common/contributors/workspaceActionContextContributor.js";
+test("workspace action context contributor resolves workspace context for workspace actions", async () => {
+  const calls = [];
+  const contributor = createWorkspaceActionContextContributor({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug(user, workspaceSlug, options) {
+        calls.push({
+          user,
+          workspaceSlug,
+          options
+        });
+        return {
+          workspace: {
+            id: 10,
+            slug: "acme"
+          },
+          membership: {
+            roleSid: "owner"
+          },
+          permissions: ["workspace.settings.update"]
+        };
+      }
+    },
+    workspaceSurfaceIds: ["admin", "app"]
+  });
+  const request = {
+    user: {
+      id: 42,
+      email: "user@example.com"
+    }
+  };
+  const contribution = await contributor.contribute({
+    definition: {
+      id: "workspace.settings.update",
+      surfaces: ["admin", "app"]
+    },
+    input: {
+      workspaceSlug: "Acme"
+    },
+    context: {
+      requestMeta: {
+        request
+      }
+    },
+    request
+  });
+  assert.deepEqual(calls, [
+    {
+      user: request.user,
+      workspaceSlug: "Acme",
+      options: {
+        request
+      }
+    }
+  ]);
+  assert.deepEqual(contribution, {
+    requestMeta: {
+      resolvedWorkspaceContext: {
+        workspace: {
+          id: 10,
+          slug: "acme"
+        },
+        membership: {
+          roleSid: "owner"
+        },
+        permissions: ["workspace.settings.update"]
+      }
+    },
+    workspace: {
+      id: 10,
+      slug: "acme"
+    },
+    membership: {
+      roleSid: "owner"
+    },
+    permissions: ["workspace.settings.update"]
+  });
+});
+test("workspace action context contributor ignores actions that do not require workspace context", async () => {
+  const contributor = createWorkspaceActionContextContributor({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug() {
+        throw new Error("should not be called");
+      }
+    }
+  });
+  const contribution = await contributor.contribute({
+    actionId: "workspace.workspaces.list",
+    input: {
+      workspaceSlug: "acme"
+    },
+    context: {}
+  });
+  assert.deepEqual(contribution, {});
+});
+test("workspace action context contributor always resolves and stores resolved context", async () => {
+  const calls = [];
+  const contributor = createWorkspaceActionContextContributor({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug(user, workspaceSlug, options) {
+        calls.push({ user, workspaceSlug, options });
+        return {
+          workspace: {
+            id: 10,
+            slug: "acme",
+            ownerUserId: 77
+          },
+          membership: {
+            roleSid: "owner"
+          },
+          permissions: ["workspace.settings.update"]
+        };
+      }
+    },
+    workspaceSurfaceIds: ["admin", "app"]
+  });
+  const request = {
+    user: {
+      id: 42
+    }
+  };
+  const contribution = await contributor.contribute({
+    definition: {
+      id: "workspace.members.list",
+      surfaces: ["admin", "app"]
+    },
+    input: {
+      workspaceSlug: "acme"
+    },
+    context: {
+      workspace: {
+        id: 1
+      },
+      requestMeta: {
+        request
+      }
+    },
+    request
+  });
+  assert.deepEqual(calls, [
+    {
+      user: request.user,
+      workspaceSlug: "acme",
+      options: {
+        request
+      }
+    }
+  ]);
+  assert.deepEqual(contribution, {
+    requestMeta: {
+      resolvedWorkspaceContext: {
+        workspace: {
+          id: 10,
+          slug: "acme",
+          ownerUserId: 77
+        },
+        membership: {
+          roleSid: "owner"
+        },
+        permissions: ["workspace.settings.update"]
+      }
+    },
+    membership: {
+      roleSid: "owner"
+    },
+    permissions: ["workspace.settings.update"]
+  });
+});
+test("workspace action context contributor resolves context for workspace-visible routes outside legacy action list", async () => {
+  const calls = [];
+  const contributor = createWorkspaceActionContextContributor({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug(user, workspaceSlug, options) {
+        calls.push({ user, workspaceSlug, options });
+        return {
+          workspace: {
+            id: 33,
+            slug: "acme"
+          },
+          membership: {
+            roleSid: "admin"
+          },
+          permissions: ["assistant.chat.use"]
+        };
+      }
+    }
+  });
+  const request = {
+    user: {
+      id: 42
+    },
+    routeOptions: {
+      config: {
+        visibility: "workspace"
+      }
+    }
+  };
+  const contribution = await contributor.contribute({
+    definition: {
+      id: "assistant.conversations.list",
+      surfaces: ["admin"]
+    },
+    input: {
+      workspaceSlug: "acme"
+    },
+    context: {
+      requestMeta: {
+        request
+      }
+    },
+    request
+  });
+  assert.deepEqual(calls, [
+    {
+      user: request.user,
+      workspaceSlug: "acme",
+      options: {
+        request
+      }
+    }
+  ]);
+  assert.deepEqual(contribution, {
+    requestMeta: {
+      resolvedWorkspaceContext: {
+        workspace: {
+          id: 33,
+          slug: "acme"
+        },
+        membership: {
+          roleSid: "admin"
+        },
+        permissions: ["assistant.chat.use"]
+      }
+    },
+    workspace: {
+      id: 33,
+      slug: "acme"
+    },
+    membership: {
+      roleSid: "admin"
+    },
+    permissions: ["assistant.chat.use"]
+  });
+});
+test("workspace action context contributor resolves context for workspace surfaces even when route visibility is public", async () => {
+  const calls = [];
+  const contributor = createWorkspaceActionContextContributor({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug(user, workspaceSlug, options) {
+        calls.push({ user, workspaceSlug, options });
+        return {
+          workspace: {
+            id: 77,
+            slug: "acme"
+          },
+          membership: {
+            roleSid: "member"
+          },
+          permissions: ["crud.breeds.list"]
+        };
+      }
+    },
+    workspaceSurfaceIds: ["admin", "app"]
+  });
+  const request = {
+    user: {
+      id: 42
+    },
+    routeOptions: {
+      config: {
+        surface: "admin",
+        visibility: "public"
+      }
+    }
+  };
+  const contribution = await contributor.contribute({
+    definition: {
+      id: "crud.breeds.list",
+      surfaces: ["admin"]
+    },
+    input: {
+      workspaceSlug: "acme"
+    },
+    context: {
+      requestMeta: {
+        request
+      }
+    },
+    request
+  });
+  assert.deepEqual(calls, [
+    {
+      user: request.user,
+      workspaceSlug: "acme",
+      options: {
+        request
+      }
+    }
+  ]);
+  assert.deepEqual(contribution, {
+    requestMeta: {
+      resolvedWorkspaceContext: {
+        workspace: {
+          id: 77,
+          slug: "acme"
+        },
+        membership: {
+          roleSid: "member"
+        },
+        permissions: ["crud.breeds.list"]
+      }
+    },
+    workspace: {
+      id: 77,
+      slug: "acme"
+    },
+    membership: {
+      roleSid: "member"
+    },
+    permissions: ["crud.breeds.list"]
+  });
+});

package/test/workspaceActionSurfaces.test.js ADDED Viewed

@@ -0,0 +1,85 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import {
+  materializeWorkspaceActionSurfacesFromAppConfig,
+  resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig
+} from "../src/server/support/workspaceActionSurfaces.js";
+test("materializeWorkspaceActionSurfacesFromAppConfig resolves workspace surfaces from appConfig", () => {
+  const actionDefinitions = [
+    {
+      id: "workspace.settings.read",
+      surfacesFrom: "workspace"
+    },
+    {
+      id: "auth.session.read",
+      surfacesFrom: "enabled"
+    }
+  ];
+  const materialized = materializeWorkspaceActionSurfacesFromAppConfig(actionDefinitions, {
+    appConfig: {
+      surfaceDefinitions: {
+        app: { id: "app", enabled: true, requiresWorkspace: true },
+        admin: { id: "admin", enabled: true, requiresWorkspace: true },
+        ops: { id: "ops", enabled: true, requiresWorkspace: false }
+      }
+    }
+  });
+  assert.deepEqual(materialized, [
+    {
+      id: "workspace.settings.read",
+      surfaces: ["app", "admin"]
+    },
+    {
+      id: "auth.session.read",
+      surfacesFrom: "enabled"
+    }
+  ]);
+});
+test("materializeWorkspaceActionSurfacesFromAppConfig drops workspace actions when no workspace surfaces are enabled", () => {
+  const actionDefinitions = [
+    {
+      id: "workspace.settings.read",
+      surfacesFrom: "workspace"
+    }
+  ];
+  const materialized = materializeWorkspaceActionSurfacesFromAppConfig(actionDefinitions, {
+    appConfig: {
+      surfaceDefinitions: {
+        app: { id: "app", enabled: true, requiresWorkspace: false },
+        ops: { id: "ops", enabled: true, requiresWorkspace: false }
+      }
+    }
+  });
+  assert.deepEqual(materialized, []);
+});
+test("resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig picks a workspace surface when app default is non-workspace", () => {
+  const surfaceId = resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig({
+    surfaceDefaultId: "home",
+    surfaceDefinitions: {
+      home: { id: "home", enabled: true, requiresWorkspace: false },
+      app: { id: "app", enabled: true, requiresWorkspace: true },
+      admin: { id: "admin", enabled: true, requiresWorkspace: true }
+    }
+  });
+  assert.equal(surfaceId, "app");
+});
+test("resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig falls back to app default when no workspace surfaces exist", () => {
+  const surfaceId = resolveDefaultWorkspaceRouteSurfaceIdFromAppConfig({
+    surfaceDefaultId: "home",
+    surfaceDefinitions: {
+      home: { id: "home", enabled: true, requiresWorkspace: false },
+      ops: { id: "ops", enabled: true, requiresWorkspace: false }
+    }
+  });
+  assert.equal(surfaceId, "home");
+});

package/test/workspaceAuthPolicyContextResolver.test.js ADDED Viewed

@@ -0,0 +1,119 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+import { createWorkspaceAuthPolicyContextResolver } from "../src/server/common/contributors/workspaceAuthPolicyContextResolver.js";
+test("workspace auth policy context resolver returns empty context when policy does not require workspace context", async () => {
+  const resolver = createWorkspaceAuthPolicyContextResolver({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug() {
+        throw new Error("must not be called");
+      }
+    }
+  });
+  const resolved = await resolver({
+    request: {
+      params: {
+        workspaceSlug: "acme"
+      }
+    },
+    actor: {
+      id: 7
+    },
+    meta: {
+      contextPolicy: "none",
+      permission: ""
+    }
+  });
+  assert.deepEqual(resolved, {});
+});
+test("workspace auth policy context resolver resolves workspace context from users workspace service", async () => {
+  const calls = [];
+  const resolver = createWorkspaceAuthPolicyContextResolver({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug(actor, workspaceSlug, options) {
+        calls.push({
+          actor,
+          workspaceSlug,
+          options
+        });
+        return {
+          workspace: {
+            id: 11,
+            slug: workspaceSlug
+          },
+          membership: {
+            roleSid: "owner"
+          },
+          permissions: ["projects.read"]
+        };
+      }
+    }
+  });
+  const request = {
+    params: {
+      workspaceSlug: "ACME"
+    }
+  };
+  const actor = {
+    id: 7
+  };
+  const resolved = await resolver({
+    request,
+    actor,
+    meta: {
+      contextPolicy: "required"
+    }
+  });
+  assert.deepEqual(calls, [
+    {
+      actor,
+      workspaceSlug: "acme",
+      options: {
+        request
+      }
+    }
+  ]);
+  assert.deepEqual(resolved, {
+    workspace: {
+      id: 11,
+      slug: "acme"
+    },
+    membership: {
+      roleSid: "owner"
+    },
+    permissions: ["projects.read"]
+  });
+});
+test("workspace auth policy context resolver skips workspace lookup when workspace slug is absent", async () => {
+  let called = false;
+  const resolver = createWorkspaceAuthPolicyContextResolver({
+    workspaceService: {
+      async resolveWorkspaceContextForUserBySlug() {
+        called = true;
+        return {};
+      }
+    }
+  });
+  const resolved = await resolver({
+    request: {
+      params: {}
+    },
+    actor: {
+      id: 7
+    },
+    meta: {
+      contextPolicy: "required"
+    }
+  });
+  assert.equal(called, false);
+  assert.deepEqual(resolved, {});
+});