@paakd/api 0.0.1

package/src/policies.spec.ts

@@ -0,0 +1,595 @@
+import { Code, ConnectError, createClient } from '@connectrpc/connect'
+import { createGrpcTransport } from '@connectrpc/connect-node'
+import { getCheckoutConfig } from '@paakd/config'
+import {
+  createAuthenticationInterceptor,
+  createHeadersInterceptor,
+} from './interceptors'
+import {
+  addPolicies,
+  addPolicy,
+  getFilteredPolicy,
+  getPolicies,
+  removeFilteredPolicy,
+  removePolicies,
+  removePolicy,
+  savePolicies,
+} from './policies'
+
+// Mock dependencies
+vi.mock('@connectrpc/connect', async () => {
+  const actual = await vi.importActual('@connectrpc/connect')
+  return {
+    ...actual,
+    createClient: vi.fn(),
+  }
+})
+
+vi.mock('./compressor/brotli', () => ({
+  brotliCompression: {
+    name: 'brotli',
+    compress: vi.fn(),
+    decompress: vi.fn(),
+  },
+}))
+
+vi.mock('@connectrpc/connect-node', () => ({
+  createGrpcTransport: vi.fn(),
+}))
+
+vi.mock('@paakd/config', () => ({
+  getCheckoutConfig: vi.fn(),
+}))
+
+vi.mock('./interceptors', () => ({
+  createAuthenticationInterceptor: vi.fn(),
+  createHeadersInterceptor: vi.fn().mockReturnValue(() => {}),
+}))
+
+vi.mock('../gen/src/proto/auth/v1/service_pb', () => ({
+  AuthService: {},
+}))
+
+const mockGetCheckoutConfig = vi.mocked(getCheckoutConfig)
+const mockCreateGrpcTransport = vi.mocked(createGrpcTransport)
+const mockCreateClient = vi.mocked(createClient)
+const mockCreateAuthenticationInterceptor = vi.mocked(
+  createAuthenticationInterceptor
+)
+const mockCreateHeadersInterceptor = vi.mocked(createHeadersInterceptor)
+
+describe('policies', () => {
+  let mockAuthClient: any
+  let mockTransport: any
+  let mockCheckoutConfig: any
+  let mockInterceptor: any
+
+  beforeEach(() => {
+    // Reset all mocks
+    vi.clearAllMocks()
+
+    // Setup mock objects
+    mockAuthClient = {
+      getPolicies: vi.fn(),
+      savePolicies: vi.fn(),
+      addPolicy: vi.fn(),
+      addPolicies: vi.fn(),
+      removePolicy: vi.fn(),
+      removePolicies: vi.fn(),
+      removeFilteredPolicy: vi.fn(),
+      getFilteredPolicy: vi.fn(),
+    }
+
+    mockTransport = {}
+    mockCheckoutConfig = {
+      enterpriseURL: 'https://enterprise.example.com',
+    }
+    mockInterceptor = {}
+
+    // Setup mock implementations
+    mockGetCheckoutConfig.mockResolvedValue(mockCheckoutConfig)
+    mockCreateGrpcTransport.mockReturnValue(mockTransport)
+    mockCreateAuthenticationInterceptor.mockReturnValue(mockInterceptor)
+    mockCreateHeadersInterceptor.mockReturnValue(mockInterceptor)
+    mockCreateClient.mockReturnValue(mockAuthClient)
+  })
+
+  describe('getPolicies', () => {
+    it('should return policies on success', async () => {
+      const mockPolicies = [
+        { pType: 'p', v0: 'alice', v1: 'data1', v2: 'read' },
+        { pType: 'p', v0: 'bob', v1: 'data2', v2: 'write' },
+      ]
+
+      mockAuthClient.getPolicies.mockResolvedValue({
+        policies: mockPolicies,
+      })
+
+      const result = await getPolicies({
+        headers: {},
+      })
+
+      expect(getCheckoutConfig).toHaveBeenCalled()
+      expect(createGrpcTransport).toHaveBeenCalledWith({
+        baseUrl: mockCheckoutConfig.enterpriseURL,
+        interceptors: [mockInterceptor, mockInterceptor],
+        acceptCompression: expect.any(Array), // Accept gzip and Brotli compression
+        sendCompression: expect.any(Object), // Send Brotli compression
+      })
+      expect(createClient).toHaveBeenCalledWith({}, mockTransport)
+      expect(mockAuthClient.getPolicies).toHaveBeenCalledWith({})
+
+      expect(result).toEqual({
+        value: mockPolicies,
+        status: 'success',
+      })
+    })
+
+    it('should handle ConnectError', async () => {
+      const connectError = {
+        code: Code.Unauthenticated,
+        rawMessage: 'Invalid credentials',
+        message: 'Authentication failed',
+        name: 'ConnectError',
+      } as ConnectError
+
+      // Make it pass instanceof check
+      Object.setPrototypeOf(connectError, ConnectError.prototype)
+
+      mockAuthClient.getPolicies.mockRejectedValue(connectError)
+
+      const result = await getPolicies({
+        headers: {},
+      })
+
+      expect(result).toEqual({
+        ...connectError,
+        message: 'Invalid credentials',
+        status: 'failed',
+      })
+    })
+
+    it('should handle unexpected errors', async () => {
+      const unexpectedError = new Error('Network error')
+      mockAuthClient.getPolicies.mockRejectedValue(unexpectedError)
+
+      const result = await getPolicies({
+        headers: {},
+      })
+
+      expect(result).toEqual({
+        code: Code.Internal,
+        rawMessage: 'An unexpected error occurred during login.',
+        message: 'An unexpected error occurred during login.',
+        status: 'failed',
+      })
+    })
+  })
+
+  describe('savePolicies', () => {
+    it('should save policies successfully', async () => {
+      const inputPolicies = [
+        ['p', 'alice', 'data1', 'read'],
+        ['p', 'bob', 'data2', 'write'],
+      ]
+
+      mockAuthClient.savePolicies.mockResolvedValue({})
+
+      const result = await savePolicies({
+        headers: {},
+        body: { inPolicies: inputPolicies },
+      })
+
+      expect(mockAuthClient.savePolicies).toHaveBeenCalledWith({
+        policies: [
+          {
+            pType: 'p',
+            v0: 'alice',
+            v1: 'data1',
+            v2: 'read',
+            v3: '',
+            v4: '',
+            v5: '',
+          },
+          {
+            pType: 'p',
+            v0: 'bob',
+            v1: 'data2',
+            v2: 'write',
+            v3: '',
+            v4: '',
+            v5: '',
+          },
+        ],
+      })
+
+      expect(result).toEqual({ status: 'success' })
+    })
+
+    it('should handle policies with different lengths', async () => {
+      const inputPolicies = [
+        ['p', 'alice'],
+        ['p', 'bob', 'data2', 'write', 'extra1', 'extra2', 'extra3', 'extra4'],
+      ]
+
+      mockAuthClient.savePolicies.mockResolvedValue({})
+
+      const result = await savePolicies({
+        headers: {},
+        body: { inPolicies: inputPolicies },
+      })
+
+      expect(mockAuthClient.savePolicies).toHaveBeenCalledWith({
+        policies: [
+          { pType: 'p', v0: 'alice', v1: '', v2: '', v3: '', v4: '', v5: '' },
+          {
+            pType: 'p',
+            v0: 'bob',
+            v1: 'data2',
+            v2: 'write',
+            v3: 'extra1',
+            v4: 'extra2',
+            v5: 'extra3',
+          },
+        ],
+      })
+
+      expect(result).toEqual({ status: 'success' })
+    })
+
+    it('should handle ConnectError', async () => {
+      const connectError = {
+        code: Code.Internal,
+        rawMessage: 'Database error',
+        message: 'Save failed',
+        name: 'ConnectError',
+      } as ConnectError
+
+      // Make it pass instanceof check
+      Object.setPrototypeOf(connectError, ConnectError.prototype)
+
+      mockAuthClient.savePolicies.mockRejectedValue(connectError)
+
+      const result = await savePolicies({
+        headers: {},
+        body: { inPolicies: [['p', 'alice']] },
+      })
+
+      expect(result).toEqual({
+        ...connectError,
+        message: 'Database error',
+        status: 'failed',
+      })
+    })
+  })
+
+  describe('addPolicy', () => {
+    it('should add policy successfully', async () => {
+      const rule = ['alice', 'data1', 'read']
+      const pType = 'p'
+
+      mockAuthClient.addPolicy.mockResolvedValue({})
+
+      const result = await addPolicy({
+        headers: {},
+        body: { rule, pType },
+      })
+
+      expect(mockAuthClient.addPolicy).toHaveBeenCalledWith({ rule, pType })
+
+      expect(result).toEqual({ status: 'success' })
+    })
+
+    it('should handle ConnectError', async () => {
+      const connectError = {
+        code: Code.InvalidArgument,
+        rawMessage: 'Invalid policy format',
+        message: 'Add failed',
+        name: 'ConnectError',
+      } as ConnectError
+
+      // Make it pass instanceof check
+      Object.setPrototypeOf(connectError, ConnectError.prototype)
+
+      mockAuthClient.addPolicy.mockRejectedValue(connectError)
+
+      const result = await addPolicy({
+        headers: {},
+        body: { rule: ['alice'], pType: 'p' },
+      })
+
+      expect(result).toEqual({
+        ...connectError,
+        message: 'Invalid policy format',
+        status: 'failed',
+      })
+    })
+  })
+
+  describe('addPolicies', () => {
+    it('should add multiple policies successfully', async () => {
+      const rules = [
+        ['alice', 'data1', 'read'],
+        ['bob', 'data2', 'write'],
+      ]
+      const pType = 'p'
+
+      mockAuthClient.addPolicies.mockResolvedValue({})
+
+      const result = await addPolicies({
+        headers: {},
+        body: { inRules: rules, pType },
+      })
+
+      expect(mockAuthClient.addPolicies).toHaveBeenCalledWith({
+        rules: [
+          { rules: ['alice', 'data1', 'read'] },
+          { rules: ['bob', 'data2', 'write'] },
+        ],
+        pType,
+      })
+
+      expect(result).toEqual({ status: 'success' })
+    })
+
+    it('should handle unexpected errors', async () => {
+      const unexpectedError = new Error('Network timeout')
+      mockAuthClient.addPolicies.mockRejectedValue(unexpectedError)
+
+      const result = await addPolicies({
+        headers: {},
+        body: { inRules: [['alice']], pType: 'p' },
+      })
+
+      expect(result).toEqual({
+        code: Code.Internal,
+        rawMessage: 'An unexpected error occurred while adding policies.',
+        message: 'An unexpected error occurred while adding policies.',
+        status: 'failed',
+      })
+    })
+  })
+
+  describe('removePolicy', () => {
+    it('should remove policy successfully', async () => {
+      const rule = ['alice', 'data1', 'read']
+      const pType = 'p'
+
+      mockAuthClient.removePolicy.mockResolvedValue({})
+
+      const result = await removePolicy({
+        headers: {},
+        body: { rule, pType },
+      })
+
+      expect(mockAuthClient.removePolicy).toHaveBeenCalledWith({ rule, pType })
+
+      expect(result).toEqual({ status: 'success' })
+    })
+
+    it('should handle ConnectError', async () => {
+      const connectError = {
+        code: Code.NotFound,
+        rawMessage: 'Policy not found',
+        message: 'Remove failed',
+        name: 'ConnectError',
+      } as ConnectError
+
+      // Make it pass instanceof check
+      Object.setPrototypeOf(connectError, ConnectError.prototype)
+
+      mockAuthClient.removePolicy.mockRejectedValue(connectError)
+
+      const result = await removePolicy({
+        headers: {},
+        body: { rule: ['alice'], pType: 'p' },
+      })
+
+      expect(result).toEqual({
+        ...connectError,
+        message: 'Policy not found',
+        status: 'failed',
+      })
+    })
+  })
+
+  describe('removePolicies', () => {
+    it('should remove multiple policies successfully', async () => {
+      const rules = [
+        ['alice', 'data1', 'read'],
+        ['bob', 'data2', 'write'],
+      ]
+      const pType = 'p'
+
+      mockAuthClient.removePolicies.mockResolvedValue({})
+
+      const result = await removePolicies({
+        headers: {},
+        body: { inRules: rules, pType },
+      })
+
+      expect(mockAuthClient.removePolicies).toHaveBeenCalledWith({
+        rules: [
+          { rules: ['alice', 'data1', 'read'] },
+          { rules: ['bob', 'data2', 'write'] },
+        ],
+        pType,
+      })
+
+      expect(result).toEqual({ status: 'success' })
+    })
+  })
+
+  describe('removeFilteredPolicy', () => {
+    it('should remove filtered policy successfully', async () => {
+      const pType = 'p'
+      const fieldIndex = 0
+      const fieldValues = ['alice']
+
+      mockAuthClient.removeFilteredPolicy.mockResolvedValue({})
+
+      const result = await removeFilteredPolicy({
+        headers: {},
+        body: { pType, fieldIndex, fieldValues },
+      })
+
+      expect(mockAuthClient.removeFilteredPolicy).toHaveBeenCalledWith({
+        pType,
+        fieldIndex,
+        fieldValues,
+      })
+
+      expect(result).toEqual({ status: 'success' })
+    })
+
+    it('should handle ConnectError', async () => {
+      const connectError = {
+        code: Code.InvalidArgument,
+        rawMessage: 'Invalid filter criteria',
+        message: 'Filter failed',
+        name: 'ConnectError',
+      } as ConnectError
+
+      // Make it pass instanceof check
+      Object.setPrototypeOf(connectError, ConnectError.prototype)
+
+      mockAuthClient.removeFilteredPolicy.mockRejectedValue(connectError)
+
+      const result = await removeFilteredPolicy({
+        headers: {},
+        body: { pType: 'p', fieldIndex: 0, fieldValues: ['alice'] },
+      })
+
+      expect(result).toEqual({
+        ...connectError,
+        message: 'Invalid filter criteria',
+        status: 'failed',
+      })
+    })
+  })
+
+  describe('getFilteredPolicy', () => {
+    it('should get filtered policies successfully', async () => {
+      const filter = {
+        v0: [['alice'], ['bob']],
+        v1: [['data1']],
+      }
+
+      const mockPolicies = [
+        { pType: 'p', v0: 'alice', v1: 'data1', v2: 'read' },
+      ]
+
+      mockAuthClient.getFilteredPolicy.mockResolvedValue({
+        policies: mockPolicies,
+      })
+
+      const result = await getFilteredPolicy({
+        headers: {},
+        body: { inFilter: filter },
+      })
+
+      expect(mockAuthClient.getFilteredPolicy).toHaveBeenCalledWith({
+        filter: [
+          {
+            key: 'v0',
+            values: [{ items: ['alice'] }, { items: ['bob'] }],
+          },
+          {
+            key: 'v1',
+            values: [{ items: ['data1'] }],
+          },
+        ],
+      })
+
+      expect(result).toEqual({
+        value: mockPolicies,
+        status: 'success',
+      })
+    })
+
+    it('should handle empty filter', async () => {
+      const filter = {}
+
+      mockAuthClient.getFilteredPolicy.mockResolvedValue({
+        policies: [],
+      })
+
+      const result = await getFilteredPolicy({
+        headers: {},
+        body: { inFilter: filter },
+      })
+
+      expect(mockAuthClient.getFilteredPolicy).toHaveBeenCalledWith({
+        filter: [],
+      })
+
+      expect(result).toEqual({
+        value: [],
+        status: 'success',
+      })
+    })
+
+    it('should handle unexpected errors', async () => {
+      const unexpectedError = new Error('Database connection failed')
+      mockAuthClient.getFilteredPolicy.mockRejectedValue(unexpectedError)
+
+      const result = await getFilteredPolicy({
+        headers: {},
+        body: { inFilter: {} },
+      })
+
+      expect(result).toEqual({
+        code: Code.Internal,
+        rawMessage: 'An unexpected error occurred while fetching policies.',
+        message: 'An unexpected error occurred while fetching policies.',
+        status: 'failed',
+      })
+    })
+  })
+
+  describe('common functionality', () => {
+    it('should setup transport and client consistently across all functions', async () => {
+      // Test one function to verify the setup pattern
+      await getPolicies({
+        headers: {},
+      })
+
+      expect(getCheckoutConfig).toHaveBeenCalled()
+      expect(createAuthenticationInterceptor).toHaveBeenCalledWith(
+        mockCheckoutConfig
+      )
+      expect(createGrpcTransport).toHaveBeenCalledWith({
+        baseUrl: mockCheckoutConfig.enterpriseURL,
+        interceptors: [mockInterceptor, mockInterceptor],
+        acceptCompression: expect.any(Array), // Accept gzip and Brotli compression
+        sendCompression: expect.any(Object), // Send Brotli compression
+      })
+      expect(createClient).toHaveBeenCalledWith({}, mockTransport)
+    })
+
+    it('should use consistent timeout across all functions', async () => {
+      mockAuthClient.getPolicies.mockResolvedValue({ policies: [] })
+      mockAuthClient.addPolicy.mockResolvedValue({})
+      mockAuthClient.removePolicy.mockResolvedValue({})
+
+      await getPolicies({
+        headers: {},
+      })
+      await addPolicy({
+        headers: {},
+        body: { rule: ['alice'], pType: 'p' },
+      })
+      await removePolicy({
+        headers: {},
+        body: { rule: ['bob'], pType: 'p' },
+      })
+
+      // Verify all calls use the same timeout
+      expect(mockAuthClient.getPolicies).toHaveBeenCalledWith({})
+      expect(mockAuthClient.addPolicy).toHaveBeenCalledWith(expect.any(Object))
+      expect(mockAuthClient.removePolicy).toHaveBeenCalledWith(
+        expect.any(Object)
+      )
+    })
+  })
+})