@nextsparkjs/theme-default 0.1.0-beta.17 → 0.1.0-beta.171

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (332) hide show
  1. package/api/ai/chat/stream/route.ts +4 -1
  2. package/api/ai/orchestrator/route.ts +10 -3
  3. package/api/ai/single-agent/route.ts +10 -3
  4. package/api/ai/usage/route.ts +4 -1
  5. package/blocks/benefits/component.tsx +4 -4
  6. package/blocks/cta-section/component.tsx +4 -4
  7. package/blocks/faq-accordion/component.tsx +2 -2
  8. package/blocks/features-grid/component.tsx +5 -5
  9. package/blocks/hero/component.tsx +2 -2
  10. package/blocks/hero/fields.ts +1 -1
  11. package/blocks/hero-with-form/component.tsx +7 -7
  12. package/blocks/hero-with-form/fields.ts +1 -1
  13. package/blocks/jumbotron/component.tsx +7 -7
  14. package/blocks/jumbotron/fields.ts +1 -1
  15. package/blocks/logo-cloud/component.tsx +6 -6
  16. package/blocks/logo-cloud/fields.ts +1 -1
  17. package/blocks/post-content/component.tsx +2 -2
  18. package/blocks/pricing-table/component.tsx +5 -5
  19. package/blocks/split-content/component.tsx +5 -5
  20. package/blocks/split-content/fields.ts +1 -1
  21. package/blocks/stats-counter/component.tsx +9 -9
  22. package/blocks/testimonials/component.tsx +4 -4
  23. package/blocks/testimonials/fields.ts +1 -1
  24. package/blocks/text-content/component.tsx +12 -10
  25. package/blocks/timeline/component.tsx +12 -12
  26. package/blocks/video-hero/component.tsx +7 -7
  27. package/blocks/video-hero/fields.ts +1 -1
  28. package/components/ai-chat/ChatPanel.tsx +7 -7
  29. package/components/ai-chat/Message.tsx +2 -2
  30. package/components/ai-chat/MessageInput.tsx +3 -3
  31. package/components/ai-chat/MessageList.tsx +3 -3
  32. package/components/ai-chat/TypingIndicator.tsx +2 -2
  33. package/config/app.config.ts +90 -62
  34. package/config/billing.config.ts +5 -10
  35. package/config/dashboard.config.ts +14 -0
  36. package/config/features.config.ts +10 -0
  37. package/config/permissions.config.ts +22 -23
  38. package/docs/{01-overview → public/01-overview}/01-introduction.md +5 -0
  39. package/docs/{01-overview → public/01-overview}/02-customization.md +5 -0
  40. package/docs/{02-features → public/02-features}/03-tasks-entity.md +5 -0
  41. package/docs/{03-ai → public/03-ai}/01-overview.md +5 -0
  42. package/docs/{03-ai → public/03-ai}/02-customization.md +5 -0
  43. package/docs/superadmin/01-setup/01-configuration.md +79 -0
  44. package/docs/superadmin/01-setup/02-deployment.md +82 -0
  45. package/docs/superadmin/02-management/01-users.md +83 -0
  46. package/docs/superadmin/03-integrations/01-langchain.md +139 -0
  47. package/emails/verify-email.ts +33 -0
  48. package/entities/customers/api/docs.md +107 -0
  49. package/entities/customers/api/presets.ts +80 -0
  50. package/entities/pages/api/docs.md +114 -0
  51. package/entities/pages/api/presets.ts +72 -0
  52. package/entities/posts/api/docs.md +120 -0
  53. package/entities/posts/api/presets.ts +74 -0
  54. package/entities/tasks/api/docs.md +126 -0
  55. package/entities/tasks/api/presets.ts +84 -0
  56. package/lib/selectors.ts +7 -4
  57. package/messages/de/admin.json +45 -0
  58. package/messages/en/admin.json +56 -0
  59. package/messages/en/navigation.json +2 -1
  60. package/messages/es/admin.json +56 -0
  61. package/messages/es/navigation.json +2 -1
  62. package/messages/fr/admin.json +45 -0
  63. package/messages/it/admin.json +45 -0
  64. package/messages/pt/admin.json +45 -0
  65. package/migrations/089_add_editor_team_role.sql +15 -23
  66. package/migrations/090_demo_users_teams.sql +11 -11
  67. package/migrations/091_greek_teams_billing.sql +15 -15
  68. package/migrations/093_pages_sample_data.sql +7 -7
  69. package/migrations/098_patterns_sample_data.sql +234 -0
  70. package/nextsparkjs-theme-default-0.1.0-beta.137.tgz +0 -0
  71. package/package.json +4 -3
  72. package/styles/globals.css +42 -0
  73. package/templates/(public)/page.tsx +1 -1
  74. package/tests/cypress/e2e/_utils/devtools/access.bdd.md +262 -0
  75. package/tests/cypress/e2e/_utils/devtools/access.cy.ts +171 -0
  76. package/tests/cypress/e2e/_utils/devtools/navigation.bdd.md +261 -0
  77. package/tests/cypress/e2e/_utils/devtools/navigation.cy.ts +157 -0
  78. package/tests/cypress/e2e/_utils/devtools/pages.bdd.md +303 -0
  79. package/tests/cypress/e2e/_utils/devtools/pages.cy.ts +184 -0
  80. package/tests/cypress/e2e/_utils/docs/README.md +215 -0
  81. package/tests/cypress/e2e/_utils/selectors/auth.bdd.md +354 -0
  82. package/tests/cypress/e2e/_utils/selectors/auth.cy.ts +310 -0
  83. package/tests/cypress/e2e/_utils/selectors/billing.bdd.md +276 -0
  84. package/tests/cypress/e2e/_utils/selectors/billing.cy.ts +182 -0
  85. package/tests/cypress/e2e/_utils/selectors/block-editor.bdd.md +615 -0
  86. package/tests/cypress/e2e/_utils/selectors/block-editor.cy.ts +783 -0
  87. package/tests/cypress/e2e/_utils/selectors/dashboard-container.cy.ts +52 -0
  88. package/tests/cypress/e2e/_utils/selectors/dashboard-mobile.bdd.md +205 -0
  89. package/tests/cypress/e2e/_utils/selectors/dashboard-mobile.cy.ts +137 -0
  90. package/tests/cypress/e2e/_utils/selectors/dashboard-navigation.bdd.md +147 -0
  91. package/tests/cypress/e2e/_utils/selectors/dashboard-navigation.cy.ts +114 -0
  92. package/tests/cypress/e2e/_utils/selectors/dashboard-sidebar.bdd.md +76 -0
  93. package/tests/cypress/e2e/_utils/selectors/dashboard-sidebar.cy.ts +68 -0
  94. package/tests/cypress/e2e/_utils/selectors/dashboard-topnav.bdd.md +326 -0
  95. package/tests/cypress/e2e/_utils/selectors/dashboard-topnav.cy.ts +177 -0
  96. package/tests/cypress/e2e/_utils/selectors/devtools.bdd.md +306 -0
  97. package/tests/cypress/e2e/_utils/selectors/devtools.cy.ts +273 -0
  98. package/tests/cypress/e2e/_utils/selectors/global-search.bdd.md +115 -0
  99. package/tests/cypress/e2e/_utils/selectors/global-search.cy.ts +93 -0
  100. package/tests/cypress/e2e/_utils/selectors/patterns.bdd.md +388 -0
  101. package/tests/cypress/e2e/_utils/selectors/patterns.cy.ts +559 -0
  102. package/tests/cypress/e2e/_utils/selectors/public.cy.ts +112 -0
  103. package/tests/cypress/e2e/_utils/selectors/settings-api-keys.bdd.md +266 -0
  104. package/tests/cypress/e2e/_utils/selectors/settings-api-keys.cy.ts +233 -0
  105. package/tests/cypress/e2e/_utils/selectors/settings-billing.bdd.md +78 -0
  106. package/tests/cypress/e2e/_utils/selectors/settings-billing.cy.ts +108 -0
  107. package/tests/cypress/e2e/_utils/selectors/settings-layout.bdd.md +129 -0
  108. package/tests/cypress/e2e/_utils/selectors/settings-layout.cy.ts +115 -0
  109. package/tests/cypress/e2e/_utils/selectors/settings-password.bdd.md +82 -0
  110. package/tests/cypress/e2e/_utils/selectors/settings-password.cy.ts +74 -0
  111. package/tests/cypress/e2e/_utils/selectors/settings-profile.bdd.md +77 -0
  112. package/tests/cypress/e2e/_utils/selectors/settings-profile.cy.ts +79 -0
  113. package/tests/cypress/e2e/_utils/selectors/settings-teams.bdd.md +130 -0
  114. package/tests/cypress/e2e/_utils/selectors/settings-teams.cy.ts +86 -0
  115. package/tests/cypress/e2e/_utils/selectors/superadmin.bdd.md +261 -0
  116. package/tests/cypress/e2e/_utils/selectors/superadmin.cy.ts +193 -0
  117. package/tests/cypress/e2e/_utils/selectors/tasks.bdd.md +593 -0
  118. package/tests/cypress/e2e/_utils/selectors/tasks.cy.ts +864 -0
  119. package/tests/cypress/e2e/_utils/selectors/taxonomies.cy.ts +126 -0
  120. package/tests/cypress/e2e/_utils/selectors/teams.bdd.md +278 -0
  121. package/tests/cypress/e2e/_utils/selectors/teams.cy.ts +195 -0
  122. package/tests/cypress/e2e/_utils/superadmin/all-teams.bdd.md +261 -0
  123. package/tests/cypress/e2e/_utils/superadmin/all-teams.cy.ts +177 -0
  124. package/tests/cypress/e2e/_utils/superadmin/all-users.bdd.md +406 -0
  125. package/tests/cypress/e2e/_utils/superadmin/all-users.cy.ts +294 -0
  126. package/tests/cypress/e2e/_utils/superadmin/dashboard.bdd.md +235 -0
  127. package/tests/cypress/e2e/_utils/superadmin/dashboard.cy.ts +149 -0
  128. package/tests/cypress/e2e/_utils/superadmin/subscriptions-overview.bdd.md +290 -0
  129. package/tests/cypress/e2e/_utils/superadmin/subscriptions-overview.cy.ts +194 -0
  130. package/tests/cypress/e2e/ai/ai-usage.cy.ts +209 -0
  131. package/tests/cypress/e2e/ai/chat-api.cy.ts +119 -0
  132. package/tests/cypress/e2e/ai/guardrails.cy.ts +332 -0
  133. package/tests/cypress/e2e/api/_core/billing/BillingAPIController.js +319 -0
  134. package/tests/cypress/e2e/api/_core/billing/check-action.cy.ts +326 -0
  135. package/tests/cypress/e2e/api/_core/billing/checkout.cy.ts +358 -0
  136. package/tests/cypress/e2e/api/_core/billing/lifecycle.cy.ts +423 -0
  137. package/tests/cypress/e2e/api/_core/billing/plans/README.md +345 -0
  138. package/tests/cypress/e2e/api/_core/billing/plans/business.cy.ts +412 -0
  139. package/tests/cypress/e2e/api/_core/billing/plans/downgrade.cy.ts +510 -0
  140. package/tests/cypress/e2e/api/_core/billing/plans/fixtures/billing-plans.json +163 -0
  141. package/tests/cypress/e2e/api/_core/billing/plans/free.cy.ts +500 -0
  142. package/tests/cypress/e2e/api/_core/billing/plans/pro.cy.ts +497 -0
  143. package/tests/cypress/e2e/api/_core/billing/plans/starter.cy.ts +342 -0
  144. package/tests/cypress/e2e/api/_core/billing/portal.cy.ts +313 -0
  145. package/tests/cypress/e2e/api/_core/devtools/registries.bdd.md +300 -0
  146. package/tests/cypress/e2e/api/_core/devtools/registries.cy.ts +368 -0
  147. package/tests/cypress/e2e/api/_core/scheduled-actions/cron-endpoint.bdd.md +375 -0
  148. package/tests/cypress/e2e/api/_core/scheduled-actions/cron-endpoint.cy.ts +346 -0
  149. package/tests/cypress/e2e/api/_core/scheduled-actions/devtools-endpoint.bdd.md +451 -0
  150. package/tests/cypress/e2e/api/_core/scheduled-actions/devtools-endpoint.cy.ts +447 -0
  151. package/tests/cypress/e2e/api/_core/scheduled-actions/scheduling.bdd.md +649 -0
  152. package/tests/cypress/e2e/api/_core/scheduled-actions/scheduling.cy.ts +333 -0
  153. package/tests/cypress/e2e/api/_core/security/security-headers.cy.ts +601 -0
  154. package/tests/cypress/e2e/api/_core/settings/api-keys.crud.cy.ts +923 -0
  155. package/tests/cypress/e2e/api/_core/teams/teams-security.cy.ts +415 -0
  156. package/tests/cypress/e2e/api/_core/users/users-crud.cy.ts +469 -0
  157. package/tests/cypress/e2e/api/_core/users/users-metas.cy.ts +913 -0
  158. package/tests/cypress/e2e/api/_core/users/users-security.cy.ts +375 -0
  159. package/tests/cypress/e2e/api/entities/customers/customers-crud.cy.ts +648 -0
  160. package/tests/cypress/e2e/api/entities/customers/customers-metas.cy.ts +839 -0
  161. package/tests/cypress/e2e/api/entities/media/media-crud.cy.ts +600 -0
  162. package/tests/cypress/e2e/api/entities/media/media-role-permissions.cy.ts +617 -0
  163. package/tests/cypress/e2e/api/entities/media/media-team-isolation.cy.ts +464 -0
  164. package/tests/cypress/e2e/api/entities/pages/blocks-scope.cy.ts +396 -0
  165. package/tests/cypress/e2e/api/entities/pages/pages-crud.cy.ts +425 -0
  166. package/tests/cypress/e2e/api/entities/pages/pages-status.cy.ts +335 -0
  167. package/tests/cypress/e2e/api/entities/posts/post-categories-crud.cy.ts +610 -0
  168. package/tests/cypress/e2e/api/entities/posts/posts-crud.cy.ts +709 -0
  169. package/tests/cypress/e2e/api/entities/posts/posts-status.cy.ts +396 -0
  170. package/tests/cypress/e2e/api/entities/tasks/tasks-crud.cy.ts +602 -0
  171. package/tests/cypress/e2e/api/entities/tasks/tasks-metas.cy.ts +878 -0
  172. package/tests/cypress/e2e/patterns/patterns-in-pages.cy.ts +367 -0
  173. package/tests/cypress/e2e/uat/_core/auth/app-roles/developer-login.bdd.md +231 -0
  174. package/tests/cypress/e2e/uat/_core/auth/app-roles/developer-login.cy.ts +144 -0
  175. package/tests/cypress/e2e/uat/_core/auth/app-roles/superadmin-login.bdd.md +118 -0
  176. package/tests/cypress/e2e/uat/_core/auth/app-roles/superadmin-login.cy.ts +84 -0
  177. package/tests/cypress/e2e/uat/_core/auth/custom-roles/editor-login.bdd.md +288 -0
  178. package/tests/cypress/e2e/uat/_core/auth/custom-roles/editor-login.cy.ts +188 -0
  179. package/tests/cypress/e2e/uat/_core/auth/login-logout.bdd.md +160 -0
  180. package/tests/cypress/e2e/uat/_core/auth/login-logout.cy.ts +116 -0
  181. package/tests/cypress/e2e/uat/_core/auth/password-reset.bdd.md +289 -0
  182. package/tests/cypress/e2e/uat/_core/auth/password-reset.cy.ts +200 -0
  183. package/tests/cypress/e2e/uat/_core/auth/registration-control-invitation.cy.ts +176 -0
  184. package/tests/cypress/e2e/uat/_core/auth/registration-control-open.cy.ts +131 -0
  185. package/tests/cypress/e2e/uat/_core/auth/registration-control.cy.ts +140 -0
  186. package/tests/cypress/e2e/uat/_core/auth/team-roles/admin-login.bdd.md +225 -0
  187. package/tests/cypress/e2e/uat/_core/auth/team-roles/admin-login.cy.ts +148 -0
  188. package/tests/cypress/e2e/uat/_core/auth/team-roles/member-login.bdd.md +251 -0
  189. package/tests/cypress/e2e/uat/_core/auth/team-roles/member-login.cy.ts +163 -0
  190. package/tests/cypress/e2e/uat/_core/auth/team-roles/owner-login.bdd.md +231 -0
  191. package/tests/cypress/e2e/uat/_core/auth/team-roles/owner-login.cy.ts +141 -0
  192. package/tests/cypress/e2e/uat/_core/billing/extended.bdd.md +273 -0
  193. package/tests/cypress/e2e/uat/_core/billing/extended.cy.ts +209 -0
  194. package/tests/cypress/e2e/uat/_core/billing/feature-gates.bdd.md +407 -0
  195. package/tests/cypress/e2e/uat/_core/billing/feature-gates.cy.ts +307 -0
  196. package/tests/cypress/e2e/uat/_core/billing/page.bdd.md +329 -0
  197. package/tests/cypress/e2e/uat/_core/billing/page.cy.ts +250 -0
  198. package/tests/cypress/e2e/uat/_core/billing/status.bdd.md +190 -0
  199. package/tests/cypress/e2e/uat/_core/billing/status.cy.ts +145 -0
  200. package/tests/cypress/e2e/uat/_core/billing/team-switch.bdd.md +156 -0
  201. package/tests/cypress/e2e/uat/_core/billing/team-switch.cy.ts +122 -0
  202. package/tests/cypress/e2e/uat/_core/billing/usage.bdd.md +218 -0
  203. package/tests/cypress/e2e/uat/_core/billing/usage.cy.ts +176 -0
  204. package/tests/cypress/e2e/uat/_core/blocks/hero.bdd.md +124 -0
  205. package/tests/cypress/e2e/uat/_core/blocks/hero.cy.ts +56 -0
  206. package/tests/cypress/e2e/uat/_core/devtools/api-tester.cy.ts +390 -0
  207. package/tests/cypress/e2e/uat/_core/performance/suspense-loading.cy.ts +134 -0
  208. package/tests/cypress/e2e/uat/_core/scheduled-actions/devtools-ui.bdd.md +736 -0
  209. package/tests/cypress/e2e/uat/_core/scheduled-actions/devtools-ui.cy.ts +740 -0
  210. package/tests/cypress/e2e/uat/_core/teams/inline-edit.cy.ts +278 -0
  211. package/tests/cypress/e2e/uat/_core/teams/roles-matrix.bdd.md +553 -0
  212. package/tests/cypress/e2e/uat/_core/teams/roles-matrix.cy.ts +185 -0
  213. package/tests/cypress/e2e/uat/_core/teams/switcher.bdd.md +1151 -0
  214. package/tests/cypress/e2e/uat/_core/teams/switcher.cy.ts +497 -0
  215. package/tests/cypress/e2e/uat/_core/teams/team-switcher.md +198 -0
  216. package/tests/cypress/e2e/uat/entities/customers/member.bdd.md +275 -0
  217. package/tests/cypress/e2e/uat/entities/customers/member.cy.ts +122 -0
  218. package/tests/cypress/e2e/uat/entities/customers/owner.bdd.md +243 -0
  219. package/tests/cypress/e2e/uat/entities/customers/owner.cy.ts +165 -0
  220. package/tests/cypress/e2e/uat/entities/pages/block-crud.bdd.md +476 -0
  221. package/tests/cypress/e2e/uat/entities/pages/block-crud.cy.ts +486 -0
  222. package/tests/cypress/e2e/uat/entities/pages/block-editor.bdd.md +460 -0
  223. package/tests/cypress/e2e/uat/entities/pages/block-editor.cy.ts +301 -0
  224. package/tests/cypress/e2e/uat/entities/pages/list.bdd.md +432 -0
  225. package/tests/cypress/e2e/uat/entities/pages/list.cy.ts +273 -0
  226. package/tests/cypress/e2e/uat/entities/pages/public-rendering.bdd.md +696 -0
  227. package/tests/cypress/e2e/uat/entities/pages/public-rendering.cy.ts +340 -0
  228. package/tests/cypress/e2e/uat/entities/posts/categories-api-aware.bdd.md +161 -0
  229. package/tests/cypress/e2e/uat/entities/posts/categories-api-aware.cy.ts +104 -0
  230. package/tests/cypress/e2e/uat/entities/posts/categories.bdd.md +375 -0
  231. package/tests/cypress/e2e/uat/entities/posts/categories.cy.ts +241 -0
  232. package/tests/cypress/e2e/uat/entities/posts/editor.bdd.md +429 -0
  233. package/tests/cypress/e2e/uat/entities/posts/editor.cy.ts +257 -0
  234. package/tests/cypress/e2e/uat/entities/posts/list.bdd.md +340 -0
  235. package/tests/cypress/e2e/uat/entities/posts/list.cy.ts +177 -0
  236. package/tests/cypress/e2e/uat/entities/posts/public.bdd.md +614 -0
  237. package/tests/cypress/e2e/uat/entities/posts/public.cy.ts +249 -0
  238. package/tests/cypress/e2e/uat/entities/tasks/member.bdd.md +222 -0
  239. package/tests/cypress/e2e/uat/entities/tasks/member.cy.ts +165 -0
  240. package/tests/cypress/e2e/uat/entities/tasks/owner.bdd.md +419 -0
  241. package/tests/cypress/e2e/uat/entities/tasks/owner.cy.ts +191 -0
  242. package/tests/cypress/e2e/uat/features/roles/editor-role.bdd.md +552 -0
  243. package/tests/cypress/e2e/uat/features/roles/editor-role.cy.ts +210 -0
  244. package/tests/cypress/e2e/uat/features/roles/member-restrictions.bdd.md +450 -0
  245. package/tests/cypress/e2e/uat/features/roles/member-restrictions.cy.ts +189 -0
  246. package/tests/cypress/e2e/uat/features/roles/owner-full-crud.bdd.md +530 -0
  247. package/tests/cypress/e2e/uat/features/roles/owner-full-crud.cy.ts +247 -0
  248. package/tests/cypress/fixtures/blocks.json +218 -0
  249. package/tests/cypress/fixtures/entities.json +87 -0
  250. package/tests/cypress/fixtures/page-builder.json +21 -0
  251. package/tests/cypress/src/components/CategoriesPOM.ts +382 -0
  252. package/tests/cypress/src/components/CustomersPOM.ts +439 -0
  253. package/tests/cypress/src/components/DevKeyringPOM.ts +160 -0
  254. package/tests/cypress/src/components/EntityForm.ts +375 -0
  255. package/tests/cypress/src/components/EntityList.ts +389 -0
  256. package/tests/cypress/src/components/PageBuilderPOM.ts +710 -0
  257. package/tests/cypress/src/components/PostEditorPOM.ts +370 -0
  258. package/tests/cypress/src/components/PostsListPOM.ts +223 -0
  259. package/tests/cypress/src/components/PublicPagePOM.ts +447 -0
  260. package/tests/cypress/src/components/PublicPostPOM.ts +146 -0
  261. package/tests/cypress/src/components/TasksPOM.ts +272 -0
  262. package/tests/cypress/src/components/TeamSwitcherPOM.ts +450 -0
  263. package/tests/cypress/src/components/index.ts +21 -0
  264. package/tests/cypress/src/controllers/ApiKeysAPIController.js +178 -0
  265. package/tests/cypress/src/controllers/BaseAPIController.js +317 -0
  266. package/tests/cypress/src/controllers/CustomerAPIController.js +251 -0
  267. package/tests/cypress/src/controllers/MediaAPIController.js +231 -0
  268. package/tests/cypress/src/controllers/PagesAPIController.js +226 -0
  269. package/tests/cypress/src/controllers/PostsAPIController.js +250 -0
  270. package/tests/cypress/src/controllers/TaskAPIController.js +240 -0
  271. package/tests/cypress/src/controllers/UsersAPIController.js +242 -0
  272. package/tests/cypress/src/controllers/index.js +25 -0
  273. package/tests/cypress/src/core/AuthPOM.ts +450 -0
  274. package/tests/cypress/src/core/BasePOM.ts +33 -0
  275. package/tests/cypress/src/core/BlockEditorBasePOM.ts +874 -0
  276. package/tests/cypress/src/core/DashboardEntityPOM.ts +41 -0
  277. package/tests/cypress/src/core/index.ts +14 -0
  278. package/tests/cypress/src/entities/CustomersPOM.ts +172 -0
  279. package/tests/cypress/src/entities/PagesPOM.ts +137 -0
  280. package/tests/cypress/src/entities/PatternsPOM.ts +329 -0
  281. package/tests/cypress/src/entities/PostsPOM.ts +137 -0
  282. package/tests/cypress/src/entities/TasksPOM.ts +246 -0
  283. package/tests/cypress/src/entities/index.ts +16 -0
  284. package/tests/cypress/src/features/BillingPOM.ts +385 -0
  285. package/tests/cypress/src/features/DashboardPOM.ts +271 -0
  286. package/tests/cypress/src/features/DevtoolsPOM.ts +750 -0
  287. package/tests/cypress/src/features/PageBuilderPOM.ts +283 -0
  288. package/tests/cypress/src/features/PostEditorPOM.ts +313 -0
  289. package/tests/cypress/src/features/ScheduledActionsPOM.ts +463 -0
  290. package/tests/cypress/src/features/SettingsPOM.ts +707 -0
  291. package/tests/cypress/src/features/SuperadminPOM.ts +851 -0
  292. package/tests/cypress/src/features/SuperadminTeamRolesPOM.ts +285 -0
  293. package/tests/cypress/src/features/index.ts +28 -0
  294. package/tests/cypress/src/helpers/ApiInterceptor.ts +20 -0
  295. package/tests/cypress/src/index.ts +101 -0
  296. package/tests/cypress/src/pages/dashboard/Dashboard.js +677 -0
  297. package/tests/cypress/src/pages/dashboard/DashboardPage.js +43 -0
  298. package/tests/cypress/src/pages/dashboard/DashboardStats.js +546 -0
  299. package/tests/cypress/src/pages/dashboard/index.js +6 -0
  300. package/tests/cypress/src/pages/index.js +5 -0
  301. package/tests/cypress/src/pages/public/FeaturesPage.js +28 -0
  302. package/tests/cypress/src/pages/public/LandingPage.js +69 -0
  303. package/tests/cypress/src/pages/public/PricingPage.js +33 -0
  304. package/tests/cypress/src/pages/public/index.js +6 -0
  305. package/tests/cypress/src/selectors.ts +46 -0
  306. package/tests/cypress/src/session-helpers.ts +518 -0
  307. package/tests/cypress/support/doc-commands.ts +260 -0
  308. package/tests/cypress/support/e2e.ts +90 -0
  309. package/tests/cypress.config.ts +178 -0
  310. package/tests/jest/__mocks__/@nextsparkjs/core/components/ui/badge.js +16 -0
  311. package/tests/jest/__mocks__/@nextsparkjs/core/lib/db.js +11 -0
  312. package/tests/jest/__mocks__/@nextsparkjs/registries/permissions-registry.ts +160 -0
  313. package/tests/jest/__mocks__/@nextsparkjs/registries/theme-registry.ts +68 -0
  314. package/tests/jest/__mocks__/jose.js +22 -0
  315. package/tests/jest/__mocks__/next/image.js +15 -0
  316. package/tests/jest/__mocks__/next-server.js +56 -0
  317. package/tests/jest/components/post-header.test.tsx +377 -0
  318. package/tests/jest/jest.config.cjs +154 -0
  319. package/tests/jest/langchain/COVERAGE.md +372 -0
  320. package/tests/jest/langchain/guardrails.test.ts +465 -0
  321. package/tests/jest/langchain/streaming.test.ts +370 -0
  322. package/tests/jest/langchain/token-tracker.test.ts +455 -0
  323. package/tests/jest/langchain/tracer-callbacks.test.ts +881 -0
  324. package/tests/jest/langchain/tracer.test.ts +823 -0
  325. package/tests/jest/services/tasks.service.test.ts +707 -0
  326. package/tests/jest/setup.ts +170 -0
  327. package/tests/jest/tsconfig.jest.json +6 -0
  328. package/tests/jest/validation/categories.test.ts +429 -0
  329. package/tests/jest/validation/posts.test.ts +546 -0
  330. package/tests/tsconfig.json +21 -0
  331. /package/docs/{02-features → public/02-features}/01-components.md +0 -0
  332. /package/docs/{02-features → public/02-features}/02-styling.md +0 -0
@@ -0,0 +1,375 @@
1
+ /// <reference types="cypress" />
2
+
3
+ /**
4
+ * Users API - Security Tests
5
+ *
6
+ * Tests for access control and authentication on the /api/v1/users endpoint.
7
+ * Verifies that only superadmins can access user management endpoints.
8
+ *
9
+ * Uses DevKeyring for session-based authentication tests (login without password).
10
+ *
11
+ * @endpoint /api/v1/users
12
+ * @see users-security.md for documentation
13
+ */
14
+
15
+ import * as allure from 'allure-cypress'
16
+
17
+ import { DevKeyringPOM as DevKeyring } from '../../../../src/components/DevKeyringPOM'
18
+ import { getThemeUsers } from '../../../../src/session-helpers'
19
+
20
+ describe('Users API - Security & Access Control', {
21
+ tags: ['@api', '@feat-users', '@security', '@regression']
22
+ }, () => {
23
+
24
+ // API Key for API-based tests
25
+ const SUPERADMIN_API_KEY = 'test_api_key_for_testing_purposes_only_not_a_real_secret_key_abc123'
26
+
27
+ const BASE_URL = Cypress.config('baseUrl') || 'http://localhost:5173'
28
+
29
+ // Track created users for cleanup
30
+ const createdUserIds: string[] = []
31
+
32
+ beforeEach(() => {
33
+ allure.epic('API')
34
+ allure.feature('Users')
35
+ allure.story('Security & Access Control')
36
+ })
37
+
38
+ after(() => {
39
+ // Cleanup: Delete any users created during tests
40
+ if (createdUserIds.length > 0) {
41
+ cy.log(`🧹 Cleaning up ${createdUserIds.length} test user(s)`)
42
+ createdUserIds.forEach((userId) => {
43
+ cy.request({
44
+ method: 'DELETE',
45
+ url: `${BASE_URL}/api/v1/users/${userId}`,
46
+ headers: {
47
+ 'Authorization': `Bearer ${SUPERADMIN_API_KEY}`,
48
+ 'Content-Type': 'application/json'
49
+ },
50
+ failOnStatusCode: false
51
+ }).then((response) => {
52
+ if (response.status === 200) {
53
+ cy.log(`✅ Deleted test user: ${userId}`)
54
+ } else {
55
+ cy.log(`⚠️ Failed to delete user ${userId}: ${response.status}`)
56
+ }
57
+ })
58
+ })
59
+ }
60
+ })
61
+
62
+ // ============================================
63
+ // Session-Based Authentication Tests
64
+ // ============================================
65
+
66
+ describe('Session-Based Authentication', () => {
67
+
68
+ it('USER_SEC_001: Member user should get 403 on GET /api/v1/users', { tags: '@smoke' }, () => {
69
+ allure.severity('critical')
70
+ const users = getThemeUsers()
71
+
72
+ // Login as member using DevKeyring (quick login by email)
73
+ cy.session('member-security-001', () => {
74
+ cy.visit('/login')
75
+ const devKeyring = new DevKeyring()
76
+ devKeyring.validateVisible()
77
+ devKeyring.quickLoginByEmail(users.MEMBER)
78
+ cy.url().should('include', '/dashboard')
79
+ }, {
80
+ validate: () => {
81
+ cy.visit('/dashboard')
82
+ cy.url().should('include', '/dashboard')
83
+ }
84
+ })
85
+
86
+ cy.visit('/dashboard')
87
+
88
+ // Attempt to access /api/v1/users
89
+ cy.request({
90
+ method: 'GET',
91
+ url: '/api/v1/users',
92
+ failOnStatusCode: false
93
+ }).then((response) => {
94
+ expect(response.status).to.eq(403)
95
+ expect(response.body).to.have.property('success', false)
96
+ expect(response.body).to.have.property('error')
97
+ expect(response.body.error).to.include('Insufficient permissions')
98
+ })
99
+ })
100
+
101
+ it('USER_SEC_002: Superadmin should get 200 on GET /api/v1/users', { tags: '@smoke' }, () => {
102
+ allure.severity('critical')
103
+ // Note: We use API key for superadmin tests as DevKeyring uses theme users
104
+ // and superadmin@cypress.com might not be in the DevKeyring list.
105
+ // This test validates superadmin API key access instead of session.
106
+ cy.request({
107
+ method: 'GET',
108
+ url: `${BASE_URL}/api/v1/users`,
109
+ headers: {
110
+ 'Authorization': `Bearer ${SUPERADMIN_API_KEY}`,
111
+ 'Content-Type': 'application/json'
112
+ },
113
+ failOnStatusCode: false
114
+ }).then((response) => {
115
+ expect(response.status).to.eq(200)
116
+ expect(response.body).to.have.property('success', true)
117
+ expect(response.body).to.have.property('data')
118
+ expect(response.body.data).to.be.an('array')
119
+ expect(response.body.data.length).to.be.greaterThan(0)
120
+
121
+ // Validate user structure
122
+ const firstUser = response.body.data[0]
123
+ expect(firstUser).to.have.property('id')
124
+ expect(firstUser).to.have.property('email')
125
+ })
126
+ })
127
+
128
+ it('USER_SEC_003: Member cannot POST to /api/v1/users (create user)', () => {
129
+ const users = getThemeUsers()
130
+
131
+ // Login as member using DevKeyring (quick login by email)
132
+ cy.session('member-security-003', () => {
133
+ cy.visit('/login')
134
+ const devKeyring = new DevKeyring()
135
+ devKeyring.validateVisible()
136
+ devKeyring.quickLoginByEmail(users.MEMBER)
137
+ cy.url().should('include', '/dashboard')
138
+ }, {
139
+ validate: () => {
140
+ cy.visit('/dashboard')
141
+ cy.url().should('include', '/dashboard')
142
+ }
143
+ })
144
+
145
+ cy.visit('/dashboard')
146
+
147
+ // Attempt to create a user
148
+ cy.request({
149
+ method: 'POST',
150
+ url: '/api/v1/users',
151
+ body: {
152
+ email: 'test-create@example.com',
153
+ firstName: 'Test',
154
+ lastName: 'User',
155
+ country: 'US'
156
+ },
157
+ failOnStatusCode: false
158
+ }).then((response) => {
159
+ expect(response.status).to.eq(403)
160
+ expect(response.body).to.have.property('success', false)
161
+ expect(response.body.error).to.include('Insufficient permissions')
162
+ })
163
+ })
164
+ })
165
+
166
+ // ============================================
167
+ // API Key Authentication Tests
168
+ // ============================================
169
+
170
+ describe('API Key Authentication', () => {
171
+
172
+ it('USER_SEC_010: Superadmin API key should get 200 on GET /api/v1/users', () => {
173
+ cy.request({
174
+ method: 'GET',
175
+ url: `${BASE_URL}/api/v1/users`,
176
+ headers: {
177
+ 'Authorization': `Bearer ${SUPERADMIN_API_KEY}`,
178
+ 'Content-Type': 'application/json'
179
+ },
180
+ failOnStatusCode: false
181
+ }).then((response) => {
182
+ expect(response.status).to.eq(200)
183
+ expect(response.body).to.have.property('success', true)
184
+ expect(response.body).to.have.property('data')
185
+ expect(response.body.data).to.be.an('array')
186
+ expect(response.body.data.length).to.be.greaterThan(0)
187
+
188
+ // Validate user structure
189
+ const firstUser = response.body.data[0]
190
+ expect(firstUser).to.have.property('id')
191
+ expect(firstUser).to.have.property('email')
192
+ expect(firstUser).to.have.property('role')
193
+ })
194
+ })
195
+
196
+ it('USER_SEC_011: Invalid API key should get 401', () => {
197
+ cy.request({
198
+ method: 'GET',
199
+ url: `${BASE_URL}/api/v1/users`,
200
+ headers: {
201
+ 'Authorization': 'Bearer test_invalid_key_for_testing_purposes_only_not_real_12345678901234567',
202
+ 'Content-Type': 'application/json'
203
+ },
204
+ failOnStatusCode: false
205
+ }).then((response) => {
206
+ expect(response.status).to.eq(401)
207
+ expect(response.body).to.have.property('success', false)
208
+ })
209
+ })
210
+
211
+ it('USER_SEC_012: Malformed API key should get 401', () => {
212
+ cy.request({
213
+ method: 'GET',
214
+ url: `${BASE_URL}/api/v1/users`,
215
+ headers: {
216
+ 'Authorization': 'Bearer not_a_valid_key',
217
+ 'Content-Type': 'application/json'
218
+ },
219
+ failOnStatusCode: false
220
+ }).then((response) => {
221
+ expect(response.status).to.eq(401)
222
+ expect(response.body).to.have.property('success', false)
223
+ })
224
+ })
225
+
226
+ it('USER_SEC_013: Superadmin API key can create users via POST', () => {
227
+ const timestamp = Date.now()
228
+ const newUserData = {
229
+ email: `cypress-security-test-${timestamp}@example.com`,
230
+ firstName: 'Security',
231
+ lastName: 'Test',
232
+ country: 'US',
233
+ language: 'en',
234
+ timezone: 'UTC'
235
+ }
236
+
237
+ cy.request({
238
+ method: 'POST',
239
+ url: `${BASE_URL}/api/v1/users`,
240
+ headers: {
241
+ 'Authorization': `Bearer ${SUPERADMIN_API_KEY}`,
242
+ 'Content-Type': 'application/json'
243
+ },
244
+ body: newUserData,
245
+ failOnStatusCode: false
246
+ }).then((response) => {
247
+ expect(response.status).to.eq(201)
248
+ expect(response.body).to.have.property('success', true)
249
+ expect(response.body.data).to.have.property('id')
250
+ expect(response.body.data).to.have.property('email', newUserData.email)
251
+ expect(response.body.data).to.have.property('firstName', newUserData.firstName)
252
+
253
+ // Track for cleanup
254
+ createdUserIds.push(response.body.data.id)
255
+ })
256
+ })
257
+ })
258
+
259
+ // ============================================
260
+ // Unauthenticated Access Tests
261
+ // ============================================
262
+
263
+ describe('Unauthenticated Access', () => {
264
+
265
+ it('USER_SEC_020: No authentication should get 401', () => {
266
+ // Clear all sessions and cookies
267
+ cy.clearAllSessionStorage()
268
+ cy.clearAllCookies()
269
+
270
+ // Attempt to access without authentication
271
+ cy.request({
272
+ method: 'GET',
273
+ url: `${BASE_URL}/api/v1/users`,
274
+ failOnStatusCode: false
275
+ }).then((response) => {
276
+ expect(response.status).to.eq(401)
277
+ expect(response.body).to.have.property('success', false)
278
+ expect(response.body).to.have.property('error')
279
+ expect(response.body.error).to.include('Authentication required')
280
+ })
281
+ })
282
+
283
+ it('USER_SEC_021: No auth on POST should get 401', () => {
284
+ cy.clearAllSessionStorage()
285
+ cy.clearAllCookies()
286
+
287
+ cy.request({
288
+ method: 'POST',
289
+ url: `${BASE_URL}/api/v1/users`,
290
+ body: {
291
+ email: 'unauthorized@example.com',
292
+ firstName: 'Unauthorized',
293
+ lastName: 'User',
294
+ country: 'US'
295
+ },
296
+ failOnStatusCode: false
297
+ }).then((response) => {
298
+ expect(response.status).to.eq(401)
299
+ expect(response.body).to.have.property('success', false)
300
+ expect(response.body.error).to.include('Authentication required')
301
+ })
302
+ })
303
+
304
+ it('USER_SEC_022: Empty Authorization header should get 401', () => {
305
+ cy.request({
306
+ method: 'GET',
307
+ url: `${BASE_URL}/api/v1/users`,
308
+ headers: {
309
+ 'Authorization': '',
310
+ 'Content-Type': 'application/json'
311
+ },
312
+ failOnStatusCode: false
313
+ }).then((response) => {
314
+ expect(response.status).to.eq(401)
315
+ expect(response.body).to.have.property('success', false)
316
+ })
317
+ })
318
+ })
319
+
320
+ // ============================================
321
+ // Response Structure Validation
322
+ // ============================================
323
+
324
+ describe('Response Structure Validation', () => {
325
+
326
+ it('USER_SEC_030: Users list should have proper pagination info', () => {
327
+ cy.request({
328
+ method: 'GET',
329
+ url: `${BASE_URL}/api/v1/users`,
330
+ headers: {
331
+ 'Authorization': `Bearer ${SUPERADMIN_API_KEY}`,
332
+ 'Content-Type': 'application/json'
333
+ },
334
+ failOnStatusCode: false
335
+ }).then((response) => {
336
+ expect(response.status).to.eq(200)
337
+ expect(response.body).to.have.property('success', true)
338
+ expect(response.body).to.have.property('data')
339
+ expect(response.body).to.have.property('info')
340
+ expect(response.body.info).to.have.property('timestamp')
341
+ expect(response.body.info).to.have.property('page')
342
+ expect(response.body.info).to.have.property('limit')
343
+ expect(response.body.info).to.have.property('total')
344
+ })
345
+ })
346
+
347
+ it('USER_SEC_031: Users should have expected fields (no sensitive data)', () => {
348
+ cy.request({
349
+ method: 'GET',
350
+ url: `${BASE_URL}/api/v1/users`,
351
+ headers: {
352
+ 'Authorization': `Bearer ${SUPERADMIN_API_KEY}`,
353
+ 'Content-Type': 'application/json'
354
+ },
355
+ failOnStatusCode: false
356
+ }).then((response) => {
357
+ expect(response.status).to.eq(200)
358
+
359
+ if (response.body.data.length > 0) {
360
+ const user = response.body.data[0]
361
+
362
+ // Should have these fields
363
+ expect(user).to.have.property('id')
364
+ expect(user).to.have.property('email')
365
+ expect(user).to.have.property('role')
366
+ expect(user).to.have.property('createdAt')
367
+
368
+ // Should NOT expose sensitive fields
369
+ expect(user).to.not.have.property('password')
370
+ expect(user).to.not.have.property('passwordHash')
371
+ }
372
+ })
373
+ })
374
+ })
375
+ })