@tellescope/sdk 1.242.9 → 1.243.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/enduser.d.ts +20 -0
- package/lib/cjs/enduser.d.ts.map +1 -1
- package/lib/cjs/sdk.d.ts +45 -0
- package/lib/cjs/sdk.d.ts.map +1 -1
- package/lib/cjs/sdk.js +2 -0
- package/lib/cjs/sdk.js.map +1 -1
- package/lib/cjs/tests/api_tests/concurrent_build_threads.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/concurrent_build_threads.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/concurrent_build_threads.test.js +169 -0
- package/lib/cjs/tests/api_tests/concurrent_build_threads.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/custom_aggregation.test.d.ts.map +1 -1
- package/lib/cjs/tests/api_tests/custom_aggregation.test.js +109 -7
- package/lib/cjs/tests/api_tests/custom_aggregation.test.js.map +1 -1
- package/lib/cjs/tests/api_tests/custom_dashboards.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/custom_dashboards.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/custom_dashboards.test.js +304 -0
- package/lib/cjs/tests/api_tests/custom_dashboards.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/inbox_thread_assignment_updates.test.d.ts.map +1 -1
- package/lib/cjs/tests/api_tests/inbox_thread_assignment_updates.test.js +655 -139
- package/lib/cjs/tests/api_tests/inbox_thread_assignment_updates.test.js.map +1 -1
- package/lib/cjs/tests/api_tests/no_access_permission_checks.test.d.ts +20 -0
- package/lib/cjs/tests/api_tests/no_access_permission_checks.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/no_access_permission_checks.test.js +481 -0
- package/lib/cjs/tests/api_tests/no_access_permission_checks.test.js.map +1 -0
- package/lib/cjs/tests/tests.d.ts.map +1 -1
- package/lib/cjs/tests/tests.js +125 -112
- package/lib/cjs/tests/tests.js.map +1 -1
- package/lib/esm/enduser.d.ts +20 -0
- package/lib/esm/enduser.d.ts.map +1 -1
- package/lib/esm/sdk.d.ts +45 -0
- package/lib/esm/sdk.d.ts.map +1 -1
- package/lib/esm/sdk.js +2 -0
- package/lib/esm/sdk.js.map +1 -1
- package/lib/esm/tests/api_tests/concurrent_build_threads.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/concurrent_build_threads.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/concurrent_build_threads.test.js +165 -0
- package/lib/esm/tests/api_tests/concurrent_build_threads.test.js.map +1 -0
- package/lib/esm/tests/api_tests/custom_aggregation.test.d.ts.map +1 -1
- package/lib/esm/tests/api_tests/custom_aggregation.test.js +110 -8
- package/lib/esm/tests/api_tests/custom_aggregation.test.js.map +1 -1
- package/lib/esm/tests/api_tests/custom_dashboards.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/custom_dashboards.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/custom_dashboards.test.js +300 -0
- package/lib/esm/tests/api_tests/custom_dashboards.test.js.map +1 -0
- package/lib/esm/tests/api_tests/inbox_thread_assignment_updates.test.d.ts.map +1 -1
- package/lib/esm/tests/api_tests/inbox_thread_assignment_updates.test.js +655 -139
- package/lib/esm/tests/api_tests/inbox_thread_assignment_updates.test.js.map +1 -1
- package/lib/esm/tests/api_tests/no_access_permission_checks.test.d.ts +20 -0
- package/lib/esm/tests/api_tests/no_access_permission_checks.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/no_access_permission_checks.test.js +477 -0
- package/lib/esm/tests/api_tests/no_access_permission_checks.test.js.map +1 -0
- package/lib/esm/tests/tests.d.ts.map +1 -1
- package/lib/esm/tests/tests.js +125 -112
- package/lib/esm/tests/tests.js.map +1 -1
- package/lib/tsconfig.tsbuildinfo +1 -1
- package/package.json +10 -10
- package/src/sdk.ts +9 -1
- package/src/tests/api_tests/concurrent_build_threads.test.ts +103 -0
- package/src/tests/api_tests/custom_aggregation.test.ts +74 -0
- package/src/tests/api_tests/custom_dashboards.test.ts +258 -0
- package/src/tests/api_tests/inbox_thread_assignment_updates.test.ts +431 -1
- package/src/tests/api_tests/no_access_permission_checks.test.ts +365 -0
- package/src/tests/tests.ts +8 -1
- package/test_generated.pdf +0 -0
|
@@ -0,0 +1,481 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __assign = (this && this.__assign) || function () {
|
|
3
|
+
__assign = Object.assign || function(t) {
|
|
4
|
+
for (var s, i = 1, n = arguments.length; i < n; i++) {
|
|
5
|
+
s = arguments[i];
|
|
6
|
+
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
|
|
7
|
+
t[p] = s[p];
|
|
8
|
+
}
|
|
9
|
+
return t;
|
|
10
|
+
};
|
|
11
|
+
return __assign.apply(this, arguments);
|
|
12
|
+
};
|
|
13
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
14
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
15
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
16
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
17
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
18
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
19
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
20
|
+
});
|
|
21
|
+
};
|
|
22
|
+
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
23
|
+
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
24
|
+
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
25
|
+
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
26
|
+
function step(op) {
|
|
27
|
+
if (f) throw new TypeError("Generator is already executing.");
|
|
28
|
+
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
29
|
+
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
30
|
+
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
31
|
+
switch (op[0]) {
|
|
32
|
+
case 0: case 1: t = op; break;
|
|
33
|
+
case 4: _.label++; return { value: op[1], done: false };
|
|
34
|
+
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
35
|
+
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
36
|
+
default:
|
|
37
|
+
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
38
|
+
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
39
|
+
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
40
|
+
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
41
|
+
if (t[2]) _.ops.pop();
|
|
42
|
+
_.trys.pop(); continue;
|
|
43
|
+
}
|
|
44
|
+
op = body.call(thisArg, _);
|
|
45
|
+
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
46
|
+
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
47
|
+
}
|
|
48
|
+
};
|
|
49
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
50
|
+
exports.no_access_permission_checks_tests = void 0;
|
|
51
|
+
require('source-map-support').install();
|
|
52
|
+
var sdk_1 = require("../../sdk");
|
|
53
|
+
var testing_1 = require("@tellescope/testing");
|
|
54
|
+
var setup_1 = require("../setup");
|
|
55
|
+
var constants_1 = require("@tellescope/constants");
|
|
56
|
+
var host = process.env.API_URL || 'http://localhost:8080';
|
|
57
|
+
var _a = [process.env.NON_ADMIN_EMAIL, process.env.NON_ADMIN_PASSWORD], nonAdminEmail = _a[0], nonAdminPassword = _a[1];
|
|
58
|
+
/**
|
|
59
|
+
* Security tests for endpoints with noAccessPermissions: true
|
|
60
|
+
*
|
|
61
|
+
* These tests verify that endpoints which bypass the standard middleware access check
|
|
62
|
+
* still properly enforce NO_ACCESS restrictions in their handlers.
|
|
63
|
+
*
|
|
64
|
+
* Test approach:
|
|
65
|
+
* 1. Create a role with NO_ACCESS (null) for a specific model
|
|
66
|
+
* 2. Assign that role to a non-admin user
|
|
67
|
+
* 3. Attempt to call the endpoint
|
|
68
|
+
* 4. Verify whether access is properly denied
|
|
69
|
+
*
|
|
70
|
+
* If a test shows data is returned when it shouldn't be, that endpoint needs a fix.
|
|
71
|
+
*/
|
|
72
|
+
var no_access_permission_checks_tests = function (_a) {
|
|
73
|
+
var sdk = _a.sdk, sdkNonAdmin = _a.sdkNonAdmin;
|
|
74
|
+
return __awaiter(void 0, void 0, void 0, function () {
|
|
75
|
+
var testEnduser, noAccessTestRole, rbap, originalRoles, templatesOnlyRole, rbapTemplatesOnly, testJourney, waitlistEntry_1, assignedEnduserRole, rbapAssigned, resultAssigned_1;
|
|
76
|
+
return __generator(this, function (_b) {
|
|
77
|
+
switch (_b.label) {
|
|
78
|
+
case 0:
|
|
79
|
+
(0, testing_1.log_header)("NO_ACCESS Permission Checks Tests");
|
|
80
|
+
return [4 /*yield*/, sdk.api.endusers.createOne({
|
|
81
|
+
fname: 'NoAccessTest',
|
|
82
|
+
lname: 'User',
|
|
83
|
+
email: 'no-access-test@example.com',
|
|
84
|
+
})
|
|
85
|
+
// Create a role with NO_ACCESS to multiple models we want to test
|
|
86
|
+
];
|
|
87
|
+
case 1:
|
|
88
|
+
testEnduser = _b.sent();
|
|
89
|
+
noAccessTestRole = 'no-access-test-role';
|
|
90
|
+
return [4 /*yield*/, sdk.api.role_based_access_permissions.createOne({
|
|
91
|
+
role: noAccessTestRole,
|
|
92
|
+
permissions: __assign(__assign({}, constants_1.PROVIDER_PERMISSIONS), {
|
|
93
|
+
// Set NO_ACCESS for models we want to test
|
|
94
|
+
endusers: {
|
|
95
|
+
create: null,
|
|
96
|
+
read: null,
|
|
97
|
+
update: null,
|
|
98
|
+
delete: null,
|
|
99
|
+
}, inbox_threads: {
|
|
100
|
+
create: null,
|
|
101
|
+
read: null,
|
|
102
|
+
update: null,
|
|
103
|
+
delete: null,
|
|
104
|
+
}, templates: {
|
|
105
|
+
create: null,
|
|
106
|
+
read: null,
|
|
107
|
+
update: null,
|
|
108
|
+
delete: null,
|
|
109
|
+
}, waitlists: {
|
|
110
|
+
create: null,
|
|
111
|
+
read: null,
|
|
112
|
+
update: null,
|
|
113
|
+
delete: null,
|
|
114
|
+
}, background_errors: {
|
|
115
|
+
create: null,
|
|
116
|
+
read: null,
|
|
117
|
+
update: null,
|
|
118
|
+
delete: null,
|
|
119
|
+
} }),
|
|
120
|
+
})
|
|
121
|
+
// Save original role to restore later
|
|
122
|
+
];
|
|
123
|
+
case 2:
|
|
124
|
+
rbap = _b.sent();
|
|
125
|
+
originalRoles = sdkNonAdmin.userInfo.roles;
|
|
126
|
+
_b.label = 3;
|
|
127
|
+
case 3:
|
|
128
|
+
_b.trys.push([3, , 46, 52]);
|
|
129
|
+
// Assign the restricted role to non-admin user
|
|
130
|
+
return [4 /*yield*/, sdk.api.users.updateOne(sdkNonAdmin.userInfo.id, { roles: [noAccessTestRole] }, { replaceObjectFields: true })];
|
|
131
|
+
case 4:
|
|
132
|
+
// Assign the restricted role to non-admin user
|
|
133
|
+
_b.sent();
|
|
134
|
+
return [4 /*yield*/, (0, testing_1.wait)(undefined, 1500)]; // wait for role change to propagate
|
|
135
|
+
case 5:
|
|
136
|
+
_b.sent(); // wait for role change to propagate
|
|
137
|
+
return [4 /*yield*/, sdkNonAdmin.authenticate(nonAdminEmail, nonAdminPassword)
|
|
138
|
+
// ========================================
|
|
139
|
+
// Test 1: /bulk-actions/read (HIGH PRIORITY)
|
|
140
|
+
// ========================================
|
|
141
|
+
];
|
|
142
|
+
case 6:
|
|
143
|
+
_b.sent();
|
|
144
|
+
// ========================================
|
|
145
|
+
// Test 1: /bulk-actions/read (HIGH PRIORITY)
|
|
146
|
+
// ========================================
|
|
147
|
+
(0, testing_1.log_header)("Test 1: /bulk-actions/read with NO_ACCESS to endusers");
|
|
148
|
+
return [4 /*yield*/, (0, testing_1.async_test)("bulk_load - should block NO_ACCESS user from reading endusers", function () { return sdkNonAdmin.bulk_load({
|
|
149
|
+
load: [{ model: 'endusers', options: { limit: 10 } }]
|
|
150
|
+
}); }, {
|
|
151
|
+
// If this returns records, it's a vulnerability
|
|
152
|
+
// If it returns empty records or errors, it's safe
|
|
153
|
+
onResult: function (r) {
|
|
154
|
+
var enduserResult = r.results[0];
|
|
155
|
+
if (enduserResult === null) {
|
|
156
|
+
console.log(" ✅ SAFE: bulk_load returned null for NO_ACCESS model");
|
|
157
|
+
return true;
|
|
158
|
+
}
|
|
159
|
+
if (enduserResult.records.length === 0) {
|
|
160
|
+
console.log(" ✅ SAFE: bulk_load returned empty records for NO_ACCESS model");
|
|
161
|
+
return true;
|
|
162
|
+
}
|
|
163
|
+
console.log(" \u274C VULNERABILITY: bulk_load returned ".concat(enduserResult.records.length, " records when user has NO_ACCESS!"));
|
|
164
|
+
return false;
|
|
165
|
+
}
|
|
166
|
+
})
|
|
167
|
+
// ========================================
|
|
168
|
+
// Test 2: inbox_threads/build_threads
|
|
169
|
+
// ========================================
|
|
170
|
+
];
|
|
171
|
+
case 7:
|
|
172
|
+
_b.sent();
|
|
173
|
+
// ========================================
|
|
174
|
+
// Test 2: inbox_threads/build_threads
|
|
175
|
+
// ========================================
|
|
176
|
+
(0, testing_1.log_header)("Test 2: inbox_threads/build_threads with NO_ACCESS");
|
|
177
|
+
return [4 /*yield*/, (0, testing_1.async_test)("build_threads - should block NO_ACCESS user", function () { return sdkNonAdmin.api.inbox_threads.build_threads({
|
|
178
|
+
from: new Date(Date.now() - 7 * 24 * 60 * 60 * 1000),
|
|
179
|
+
to: new Date(),
|
|
180
|
+
}); }, { shouldError: true, onError: function (e) { return e.message === "You do not have access to this resource"; } })
|
|
181
|
+
// ========================================
|
|
182
|
+
// Test 2b: inbox_threads/load_threads with NO_ACCESS
|
|
183
|
+
// ========================================
|
|
184
|
+
];
|
|
185
|
+
case 8:
|
|
186
|
+
_b.sent();
|
|
187
|
+
// ========================================
|
|
188
|
+
// Test 2b: inbox_threads/load_threads with NO_ACCESS
|
|
189
|
+
// ========================================
|
|
190
|
+
(0, testing_1.log_header)("Test 2b: load_threads with NO_ACCESS");
|
|
191
|
+
return [4 /*yield*/, (0, testing_1.async_test)("load_threads - should block NO_ACCESS user", function () { return sdkNonAdmin.api.inbox_threads.load_threads({ limit: 10 }); }, { shouldError: true, onError: function (e) { return e.message === "You do not have access to this resource"; } })
|
|
192
|
+
// ========================================
|
|
193
|
+
// Test 3a: get_templated_message - NO_ACCESS to templates
|
|
194
|
+
// ========================================
|
|
195
|
+
];
|
|
196
|
+
case 9:
|
|
197
|
+
_b.sent();
|
|
198
|
+
// ========================================
|
|
199
|
+
// Test 3a: get_templated_message - NO_ACCESS to templates
|
|
200
|
+
// ========================================
|
|
201
|
+
(0, testing_1.log_header)("Test 3a: get_templated_message (templates NO_ACCESS)");
|
|
202
|
+
return [4 /*yield*/, (0, testing_1.async_test)("get_templated_message - should block user with NO_ACCESS to templates", function () { return sdkNonAdmin.api.templates.get_templated_message({
|
|
203
|
+
message: "Hello {{enduser.fname}}!",
|
|
204
|
+
userId: sdkNonAdmin.userInfo.id,
|
|
205
|
+
enduserId: testEnduser.id,
|
|
206
|
+
channel: 'Email',
|
|
207
|
+
}); }, { shouldError: true, onError: function (e) { return e.message === "You do not have access to this resource"; } })
|
|
208
|
+
// ========================================
|
|
209
|
+
// Test 3b: get_templated_message - NO_ACCESS to endusers (PHI leak prevention)
|
|
210
|
+
// ========================================
|
|
211
|
+
];
|
|
212
|
+
case 10:
|
|
213
|
+
_b.sent();
|
|
214
|
+
// ========================================
|
|
215
|
+
// Test 3b: get_templated_message - NO_ACCESS to endusers (PHI leak prevention)
|
|
216
|
+
// ========================================
|
|
217
|
+
(0, testing_1.log_header)("Test 3b: get_templated_message (endusers NO_ACCESS)");
|
|
218
|
+
templatesOnlyRole = 'templates-only-test-role';
|
|
219
|
+
return [4 /*yield*/, sdk.api.role_based_access_permissions.createOne({
|
|
220
|
+
role: templatesOnlyRole,
|
|
221
|
+
permissions: __assign(__assign({}, constants_1.PROVIDER_PERMISSIONS), {
|
|
222
|
+
// Allow templates access
|
|
223
|
+
templates: {
|
|
224
|
+
create: 'All',
|
|
225
|
+
read: 'All',
|
|
226
|
+
update: 'All',
|
|
227
|
+
delete: 'All',
|
|
228
|
+
},
|
|
229
|
+
// But NO_ACCESS to endusers
|
|
230
|
+
endusers: {
|
|
231
|
+
create: null,
|
|
232
|
+
read: null,
|
|
233
|
+
update: null,
|
|
234
|
+
delete: null,
|
|
235
|
+
} }),
|
|
236
|
+
})];
|
|
237
|
+
case 11:
|
|
238
|
+
rbapTemplatesOnly = _b.sent();
|
|
239
|
+
_b.label = 12;
|
|
240
|
+
case 12:
|
|
241
|
+
_b.trys.push([12, , 17, 22]);
|
|
242
|
+
// Temporarily assign the templates-only role
|
|
243
|
+
return [4 /*yield*/, sdk.api.users.updateOne(sdkNonAdmin.userInfo.id, { roles: [templatesOnlyRole] }, { replaceObjectFields: true })];
|
|
244
|
+
case 13:
|
|
245
|
+
// Temporarily assign the templates-only role
|
|
246
|
+
_b.sent();
|
|
247
|
+
return [4 /*yield*/, (0, testing_1.wait)(undefined, 1500)];
|
|
248
|
+
case 14:
|
|
249
|
+
_b.sent();
|
|
250
|
+
return [4 /*yield*/, sdkNonAdmin.authenticate(nonAdminEmail, nonAdminPassword)];
|
|
251
|
+
case 15:
|
|
252
|
+
_b.sent();
|
|
253
|
+
return [4 /*yield*/, (0, testing_1.async_test)("get_templated_message - should block user with NO_ACCESS to endusers (prevents PHI leak)", function () { return sdkNonAdmin.api.templates.get_templated_message({
|
|
254
|
+
message: "Hello {{enduser.fname}} {{enduser.lname}} {{enduser.email}}!",
|
|
255
|
+
userId: sdkNonAdmin.userInfo.id,
|
|
256
|
+
enduserId: testEnduser.id,
|
|
257
|
+
channel: 'Email',
|
|
258
|
+
}); }, { shouldError: true, onError: function (e) { return e.message === "You do not have access to this resource"; } })];
|
|
259
|
+
case 16:
|
|
260
|
+
_b.sent();
|
|
261
|
+
return [3 /*break*/, 22];
|
|
262
|
+
case 17:
|
|
263
|
+
// Restore the original test role
|
|
264
|
+
return [4 /*yield*/, sdk.api.users.updateOne(sdkNonAdmin.userInfo.id, { roles: [noAccessTestRole] }, { replaceObjectFields: true })];
|
|
265
|
+
case 18:
|
|
266
|
+
// Restore the original test role
|
|
267
|
+
_b.sent();
|
|
268
|
+
return [4 /*yield*/, (0, testing_1.wait)(undefined, 1000)];
|
|
269
|
+
case 19:
|
|
270
|
+
_b.sent();
|
|
271
|
+
return [4 /*yield*/, sdkNonAdmin.authenticate(nonAdminEmail, nonAdminPassword)
|
|
272
|
+
// Cleanup the templates-only role
|
|
273
|
+
];
|
|
274
|
+
case 20:
|
|
275
|
+
_b.sent();
|
|
276
|
+
// Cleanup the templates-only role
|
|
277
|
+
return [4 /*yield*/, sdk.api.role_based_access_permissions.deleteOne(rbapTemplatesOnly.id)];
|
|
278
|
+
case 21:
|
|
279
|
+
// Cleanup the templates-only role
|
|
280
|
+
_b.sent();
|
|
281
|
+
return [7 /*endfinally*/];
|
|
282
|
+
case 22:
|
|
283
|
+
// ========================================
|
|
284
|
+
// Test 4: waitlists/grant_access_from_waitlist
|
|
285
|
+
// ========================================
|
|
286
|
+
(0, testing_1.log_header)("Test 4: waitlists/grant_access_from_waitlist with NO_ACCESS");
|
|
287
|
+
return [4 /*yield*/, sdk.api.journeys.createOne({
|
|
288
|
+
title: 'Waitlist Test Journey',
|
|
289
|
+
})];
|
|
290
|
+
case 23:
|
|
291
|
+
testJourney = _b.sent();
|
|
292
|
+
return [4 /*yield*/, sdk.api.waitlists.createOne({
|
|
293
|
+
title: 'Test Waitlist',
|
|
294
|
+
journeyId: testJourney.id,
|
|
295
|
+
enduserIds: [],
|
|
296
|
+
})];
|
|
297
|
+
case 24:
|
|
298
|
+
waitlistEntry_1 = _b.sent();
|
|
299
|
+
_b.label = 25;
|
|
300
|
+
case 25:
|
|
301
|
+
_b.trys.push([25, , 27, 30]);
|
|
302
|
+
return [4 /*yield*/, (0, testing_1.async_test)("grant_access_from_waitlist - should block NO_ACCESS user", function () { return sdkNonAdmin.api.waitlists.grant_access_from_waitlist({
|
|
303
|
+
id: waitlistEntry_1.id,
|
|
304
|
+
count: 1,
|
|
305
|
+
}); }, { shouldError: true, onError: function (e) { return e.message === "You do not have access to this resource"; } })];
|
|
306
|
+
case 26:
|
|
307
|
+
_b.sent();
|
|
308
|
+
return [3 /*break*/, 30];
|
|
309
|
+
case 27:
|
|
310
|
+
// Cleanup
|
|
311
|
+
return [4 /*yield*/, sdk.api.waitlists.deleteOne(waitlistEntry_1.id)];
|
|
312
|
+
case 28:
|
|
313
|
+
// Cleanup
|
|
314
|
+
_b.sent();
|
|
315
|
+
return [4 /*yield*/, sdk.api.journeys.deleteOne(testJourney.id)];
|
|
316
|
+
case 29:
|
|
317
|
+
_b.sent();
|
|
318
|
+
return [7 /*endfinally*/];
|
|
319
|
+
case 30:
|
|
320
|
+
// ========================================
|
|
321
|
+
// Test 5: background_errors/mark_read
|
|
322
|
+
// ========================================
|
|
323
|
+
(0, testing_1.log_header)("Test 5: background_errors/mark_read with NO_ACCESS");
|
|
324
|
+
return [4 /*yield*/, (0, testing_1.async_test)("mark_read (background_errors) - should block NO_ACCESS user", function () { return sdkNonAdmin.api.background_errors.mark_read({}); }, { shouldError: true, onError: function (e) { return e.message === "You do not have access to this resource"; } })
|
|
325
|
+
// ========================================
|
|
326
|
+
// Test 6: load_threads searchKeywords redaction
|
|
327
|
+
// ========================================
|
|
328
|
+
];
|
|
329
|
+
case 31:
|
|
330
|
+
_b.sent();
|
|
331
|
+
// ========================================
|
|
332
|
+
// Test 6: load_threads searchKeywords redaction
|
|
333
|
+
// ========================================
|
|
334
|
+
(0, testing_1.log_header)("Test 6: load_threads searchKeywords redaction");
|
|
335
|
+
assignedEnduserRole = 'assigned-enduser-test-role';
|
|
336
|
+
return [4 /*yield*/, sdk.api.role_based_access_permissions.createOne({
|
|
337
|
+
role: assignedEnduserRole,
|
|
338
|
+
permissions: __assign(__assign({}, constants_1.PROVIDER_PERMISSIONS), { endusers: { create: 'All', read: 'Assigned', update: 'Assigned', delete: 'Assigned' }, emails: { create: 'All', read: 'All', update: 'All', delete: 'All' }, sms_messages: { create: 'All', read: 'All', update: 'All', delete: 'All' }, inbox_threads: { create: 'All', read: 'All', update: 'All', delete: 'All' } }),
|
|
339
|
+
})];
|
|
340
|
+
case 32:
|
|
341
|
+
rbapAssigned = _b.sent();
|
|
342
|
+
_b.label = 33;
|
|
343
|
+
case 33:
|
|
344
|
+
_b.trys.push([33, , 39, 44]);
|
|
345
|
+
return [4 /*yield*/, sdk.api.users.updateOne(sdkNonAdmin.userInfo.id, { roles: [assignedEnduserRole] }, { replaceObjectFields: true })];
|
|
346
|
+
case 34:
|
|
347
|
+
_b.sent();
|
|
348
|
+
return [4 /*yield*/, (0, testing_1.wait)(undefined, 1500)];
|
|
349
|
+
case 35:
|
|
350
|
+
_b.sent();
|
|
351
|
+
return [4 /*yield*/, sdkNonAdmin.authenticate(nonAdminEmail, nonAdminPassword)
|
|
352
|
+
// Load threads and verify searchKeywords is redacted for Assigned enduser access
|
|
353
|
+
];
|
|
354
|
+
case 36:
|
|
355
|
+
_b.sent();
|
|
356
|
+
return [4 /*yield*/, sdkNonAdmin.api.inbox_threads.load_threads({ limit: 10 })];
|
|
357
|
+
case 37:
|
|
358
|
+
resultAssigned_1 = _b.sent();
|
|
359
|
+
return [4 /*yield*/, (0, testing_1.async_test)("load_threads - searchKeywords redacted for Assigned enduser access", function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
360
|
+
return [2 /*return*/, resultAssigned_1];
|
|
361
|
+
}); }); }, {
|
|
362
|
+
onResult: function (r) {
|
|
363
|
+
// All threads should have searchKeywords undefined/missing
|
|
364
|
+
var allRedacted = r.threads.every(function (t) { return t.searchKeywords === undefined; });
|
|
365
|
+
if (!allRedacted) {
|
|
366
|
+
console.log(" ❌ VULNERABILITY: searchKeywords visible to user with Assigned enduser access!");
|
|
367
|
+
}
|
|
368
|
+
else {
|
|
369
|
+
console.log(" ✅ SAFE: searchKeywords properly redacted");
|
|
370
|
+
}
|
|
371
|
+
return allRedacted;
|
|
372
|
+
}
|
|
373
|
+
})];
|
|
374
|
+
case 38:
|
|
375
|
+
_b.sent();
|
|
376
|
+
return [3 /*break*/, 44];
|
|
377
|
+
case 39:
|
|
378
|
+
// Restore the original test role
|
|
379
|
+
return [4 /*yield*/, sdk.api.users.updateOne(sdkNonAdmin.userInfo.id, { roles: [noAccessTestRole] }, { replaceObjectFields: true })];
|
|
380
|
+
case 40:
|
|
381
|
+
// Restore the original test role
|
|
382
|
+
_b.sent();
|
|
383
|
+
return [4 /*yield*/, (0, testing_1.wait)(undefined, 1000)];
|
|
384
|
+
case 41:
|
|
385
|
+
_b.sent();
|
|
386
|
+
return [4 /*yield*/, sdkNonAdmin.authenticate(nonAdminEmail, nonAdminPassword)
|
|
387
|
+
// Cleanup the assigned role
|
|
388
|
+
];
|
|
389
|
+
case 42:
|
|
390
|
+
_b.sent();
|
|
391
|
+
// Cleanup the assigned role
|
|
392
|
+
return [4 /*yield*/, sdk.api.role_based_access_permissions.deleteOne(rbapAssigned.id)];
|
|
393
|
+
case 43:
|
|
394
|
+
// Cleanup the assigned role
|
|
395
|
+
_b.sent();
|
|
396
|
+
return [7 /*endfinally*/];
|
|
397
|
+
case 44:
|
|
398
|
+
// Test that admin/full access users CAN see searchKeywords
|
|
399
|
+
return [4 /*yield*/, (0, testing_1.async_test)("load_threads - searchKeywords visible for admin/full enduser access", function () { return sdk.api.inbox_threads.load_threads({ limit: 10 }); }, {
|
|
400
|
+
onResult: function (r) {
|
|
401
|
+
// Skip check if no threads exist (can't verify without data)
|
|
402
|
+
if (r.threads.length === 0) {
|
|
403
|
+
console.log(" ⏭️ SKIPPED: No threads exist to verify searchKeywords visibility");
|
|
404
|
+
return true;
|
|
405
|
+
}
|
|
406
|
+
// At least some threads should have searchKeywords
|
|
407
|
+
var hasSearchKeywords = r.threads.some(function (t) { return t.searchKeywords !== undefined; });
|
|
408
|
+
if (hasSearchKeywords) {
|
|
409
|
+
console.log(" ✅ Admin can see searchKeywords");
|
|
410
|
+
}
|
|
411
|
+
else {
|
|
412
|
+
console.log(" ⚠️ No searchKeywords found on threads (may not have been built yet)");
|
|
413
|
+
}
|
|
414
|
+
return true; // Don't fail if keywords don't exist yet
|
|
415
|
+
}
|
|
416
|
+
})];
|
|
417
|
+
case 45:
|
|
418
|
+
// Test that admin/full access users CAN see searchKeywords
|
|
419
|
+
_b.sent();
|
|
420
|
+
console.log("\n" + "=".repeat(60));
|
|
421
|
+
console.log("NO_ACCESS Permission Checks Tests Complete");
|
|
422
|
+
console.log("=".repeat(60));
|
|
423
|
+
return [3 /*break*/, 52];
|
|
424
|
+
case 46:
|
|
425
|
+
// Restore original role
|
|
426
|
+
return [4 /*yield*/, sdk.api.users.updateOne(sdkNonAdmin.userInfo.id, { roles: originalRoles }, { replaceObjectFields: true })];
|
|
427
|
+
case 47:
|
|
428
|
+
// Restore original role
|
|
429
|
+
_b.sent();
|
|
430
|
+
return [4 /*yield*/, (0, testing_1.wait)(undefined, 1000)];
|
|
431
|
+
case 48:
|
|
432
|
+
_b.sent();
|
|
433
|
+
return [4 /*yield*/, sdkNonAdmin.authenticate(nonAdminEmail, nonAdminPassword)
|
|
434
|
+
// Cleanup
|
|
435
|
+
];
|
|
436
|
+
case 49:
|
|
437
|
+
_b.sent();
|
|
438
|
+
// Cleanup
|
|
439
|
+
return [4 /*yield*/, sdk.api.role_based_access_permissions.deleteOne(rbap.id)];
|
|
440
|
+
case 50:
|
|
441
|
+
// Cleanup
|
|
442
|
+
_b.sent();
|
|
443
|
+
return [4 /*yield*/, sdk.api.endusers.deleteOne(testEnduser.id)];
|
|
444
|
+
case 51:
|
|
445
|
+
_b.sent();
|
|
446
|
+
return [7 /*endfinally*/];
|
|
447
|
+
case 52: return [2 /*return*/];
|
|
448
|
+
}
|
|
449
|
+
});
|
|
450
|
+
});
|
|
451
|
+
};
|
|
452
|
+
exports.no_access_permission_checks_tests = no_access_permission_checks_tests;
|
|
453
|
+
// Allow running this test file independently
|
|
454
|
+
if (require.main === module) {
|
|
455
|
+
console.log("\uD83C\uDF10 Using API URL: ".concat(host));
|
|
456
|
+
var sdk_2 = new sdk_1.Session({ host: host });
|
|
457
|
+
var sdkNonAdmin_1 = new sdk_1.Session({ host: host });
|
|
458
|
+
var runTests = function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
459
|
+
return __generator(this, function (_a) {
|
|
460
|
+
switch (_a.label) {
|
|
461
|
+
case 0: return [4 /*yield*/, (0, setup_1.setup_tests)(sdk_2, sdkNonAdmin_1)];
|
|
462
|
+
case 1:
|
|
463
|
+
_a.sent();
|
|
464
|
+
return [4 /*yield*/, (0, exports.no_access_permission_checks_tests)({ sdk: sdk_2, sdkNonAdmin: sdkNonAdmin_1 })];
|
|
465
|
+
case 2:
|
|
466
|
+
_a.sent();
|
|
467
|
+
return [2 /*return*/];
|
|
468
|
+
}
|
|
469
|
+
});
|
|
470
|
+
}); };
|
|
471
|
+
runTests()
|
|
472
|
+
.then(function () {
|
|
473
|
+
console.log("✅ NO_ACCESS permission checks test suite completed successfully");
|
|
474
|
+
process.exit(0);
|
|
475
|
+
})
|
|
476
|
+
.catch(function (error) {
|
|
477
|
+
console.error("❌ NO_ACCESS permission checks test suite failed:", error);
|
|
478
|
+
process.exit(1);
|
|
479
|
+
});
|
|
480
|
+
}
|
|
481
|
+
//# sourceMappingURL=no_access_permission_checks.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"no_access_permission_checks.test.js","sourceRoot":"","sources":["../../../../src/tests/api_tests/no_access_permission_checks.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,CAAC,oBAAoB,CAAC,CAAC,OAAO,EAAE,CAAC;AAExC,iCAAmC;AACnC,+CAI4B;AAC5B,kCAAsC;AACtC,mDAA4D;AAE5D,IAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,uBAAgC,CAAA;AAC9D,IAAA,KAAoC,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAhG,aAAa,QAAA,EAAE,gBAAgB,QAAiE,CAAA;AAEvG;;;;;;;;;;;;;GAaG;AACI,IAAM,iCAAiC,GAAG,UAAO,EAA6D;QAA3D,GAAG,SAAA,EAAE,WAAW,iBAAA;;;;;;oBACxE,IAAA,oBAAU,EAAC,mCAAmC,CAAC,CAAA;oBAG3B,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;4BACnD,KAAK,EAAE,cAAc;4BACrB,KAAK,EAAE,MAAM;4BACb,KAAK,EAAE,4BAA4B;yBACpC,CAAC;wBAEF,kEAAkE;sBAFhE;;oBAJI,WAAW,GAAG,SAIlB;oBAGI,gBAAgB,GAAG,qBAAqB,CAAA;oBACjC,qBAAM,GAAG,CAAC,GAAG,CAAC,6BAA6B,CAAC,SAAS,CAAC;4BACjE,IAAI,EAAE,gBAAgB;4BACtB,WAAW,wBACN,gCAAoB;gCACvB,2CAA2C;gCAC3C,QAAQ,EAAE;oCACR,MAAM,EAAE,IAAI;oCACZ,IAAI,EAAE,IAAI;oCACV,MAAM,EAAE,IAAI;oCACZ,MAAM,EAAE,IAAI;iCACb,EACD,aAAa,EAAE;oCACb,MAAM,EAAE,IAAI;oCACZ,IAAI,EAAE,IAAI;oCACV,MAAM,EAAE,IAAI;oCACZ,MAAM,EAAE,IAAI;iCACb,EACD,SAAS,EAAE;oCACT,MAAM,EAAE,IAAI;oCACZ,IAAI,EAAE,IAAI;oCACV,MAAM,EAAE,IAAI;oCACZ,MAAM,EAAE,IAAI;iCACb,EACD,SAAS,EAAE;oCACT,MAAM,EAAE,IAAI;oCACZ,IAAI,EAAE,IAAI;oCACV,MAAM,EAAE,IAAI;oCACZ,MAAM,EAAE,IAAI;iCACb,EACD,iBAAiB,EAAE;oCACjB,MAAM,EAAE,IAAI;oCACZ,IAAI,EAAE,IAAI;oCACV,MAAM,EAAE,IAAI;oCACZ,MAAM,EAAE,IAAI;iCACb,GACF;yBACF,CAAC;wBAEF,sCAAsC;sBAFpC;;oBApCI,IAAI,GAAG,SAoCX;oBAGI,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAA;;;;oBAG9C,+CAA+C;oBAC/C,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,gBAAgB,CAAC,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,EAAA;;oBADpH,+CAA+C;oBAC/C,SAAoH,CAAA;oBACpH,qBAAM,IAAA,cAAI,EAAC,SAAS,EAAE,IAAI,CAAC,EAAA,CAAC,oCAAoC;;oBAAhE,SAA2B,CAAA,CAAC,oCAAoC;oBAChE,qBAAM,WAAW,CAAC,YAAY,CAAC,aAAc,EAAE,gBAAiB,CAAC;wBAEjE,2CAA2C;wBAC3C,6CAA6C;wBAC7C,2CAA2C;sBAJsB;;oBAAjE,SAAiE,CAAA;oBAEjE,2CAA2C;oBAC3C,6CAA6C;oBAC7C,2CAA2C;oBAC3C,IAAA,oBAAU,EAAC,uDAAuD,CAAC,CAAA;oBAEnE,qBAAM,IAAA,oBAAU,EACd,+DAA+D,EAC/D,cAAM,OAAA,WAAW,CAAC,SAAS,CAAC;4BAC1B,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,UAAiB,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAAC;yBAC7D,CAAC,EAFI,CAEJ,EACF;4BACE,gDAAgD;4BAChD,mDAAmD;4BACnD,QAAQ,EAAE,UAAA,CAAC;gCACT,IAAM,aAAa,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;gCAClC,IAAI,aAAa,KAAK,IAAI,EAAE;oCAC1B,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAA;oCACpE,OAAO,IAAI,CAAA;iCACZ;gCACD,IAAI,aAAa,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;oCACtC,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAA;oCAC7E,OAAO,IAAI,CAAA;iCACZ;gCACD,OAAO,CAAC,GAAG,CAAC,qDAAyC,aAAa,CAAC,OAAO,CAAC,MAAM,sCAAmC,CAAC,CAAA;gCACrH,OAAO,KAAK,CAAA;4BACd,CAAC;yBACF,CACF;wBAED,2CAA2C;wBAC3C,sCAAsC;wBACtC,2CAA2C;sBAJ1C;;oBAtBD,SAsBC,CAAA;oBAED,2CAA2C;oBAC3C,sCAAsC;oBACtC,2CAA2C;oBAC3C,IAAA,oBAAU,EAAC,oDAAoD,CAAC,CAAA;oBAEhE,qBAAM,IAAA,oBAAU,EACd,6CAA6C,EAC7C,cAAM,OAAA,WAAW,CAAC,GAAG,CAAC,aAAa,CAAC,aAAa,CAAC;4BAChD,IAAI,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;4BACpD,EAAE,EAAE,IAAI,IAAI,EAAE;yBACf,CAAC,EAHI,CAGJ,EACF,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,OAAO,KAAK,yCAAyC,EAAvD,CAAuD,EAAE,CACpG;wBAED,2CAA2C;wBAC3C,qDAAqD;wBACrD,2CAA2C;sBAJ1C;;oBAPD,SAOC,CAAA;oBAED,2CAA2C;oBAC3C,qDAAqD;oBACrD,2CAA2C;oBAC3C,IAAA,oBAAU,EAAC,sCAAsC,CAAC,CAAA;oBAElD,qBAAM,IAAA,oBAAU,EACd,4CAA4C,EAC5C,cAAM,OAAA,WAAW,CAAC,GAAG,CAAC,aAAa,CAAC,YAAY,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,EAAzD,CAAyD,EAC/D,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,OAAO,KAAK,yCAAyC,EAAvD,CAAuD,EAAE,CACpG;wBAED,2CAA2C;wBAC3C,0DAA0D;wBAC1D,2CAA2C;sBAJ1C;;oBAJD,SAIC,CAAA;oBAED,2CAA2C;oBAC3C,0DAA0D;oBAC1D,2CAA2C;oBAC3C,IAAA,oBAAU,EAAC,sDAAsD,CAAC,CAAA;oBAElE,qBAAM,IAAA,oBAAU,EACd,uEAAuE,EACvE,cAAM,OAAA,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,qBAAqB,CAAC;4BACpD,OAAO,EAAE,0BAA0B;4BACnC,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,EAAE;4BAC/B,SAAS,EAAE,WAAW,CAAC,EAAE;4BACzB,OAAO,EAAE,OAAO;yBACjB,CAAC,EALI,CAKJ,EACF,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,OAAO,KAAK,yCAAyC,EAAvD,CAAuD,EAAE,CACpG;wBAED,2CAA2C;wBAC3C,+EAA+E;wBAC/E,2CAA2C;sBAJ1C;;oBATD,SASC,CAAA;oBAED,2CAA2C;oBAC3C,+EAA+E;oBAC/E,2CAA2C;oBAC3C,IAAA,oBAAU,EAAC,qDAAqD,CAAC,CAAA;oBAG3D,iBAAiB,GAAG,0BAA0B,CAAA;oBAC1B,qBAAM,GAAG,CAAC,GAAG,CAAC,6BAA6B,CAAC,SAAS,CAAC;4BAC9E,IAAI,EAAE,iBAAiB;4BACvB,WAAW,wBACN,gCAAoB;gCACvB,yBAAyB;gCACzB,SAAS,EAAE;oCACT,MAAM,EAAE,KAAK;oCACb,IAAI,EAAE,KAAK;oCACX,MAAM,EAAE,KAAK;oCACb,MAAM,EAAE,KAAK;iCACd;gCACD,4BAA4B;gCAC5B,QAAQ,EAAE;oCACR,MAAM,EAAE,IAAI;oCACZ,IAAI,EAAE,IAAI;oCACV,MAAM,EAAE,IAAI;oCACZ,MAAM,EAAE,IAAI;iCACb,GACF;yBACF,CAAC,EAAA;;oBAnBI,iBAAiB,GAAG,SAmBxB;;;;oBAGA,6CAA6C;oBAC7C,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,iBAAiB,CAAC,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,EAAA;;oBADrH,6CAA6C;oBAC7C,SAAqH,CAAA;oBACrH,qBAAM,IAAA,cAAI,EAAC,SAAS,EAAE,IAAI,CAAC,EAAA;;oBAA3B,SAA2B,CAAA;oBAC3B,qBAAM,WAAW,CAAC,YAAY,CAAC,aAAc,EAAE,gBAAiB,CAAC,EAAA;;oBAAjE,SAAiE,CAAA;oBAEjE,qBAAM,IAAA,oBAAU,EACd,0FAA0F,EAC1F,cAAM,OAAA,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,qBAAqB,CAAC;4BACpD,OAAO,EAAE,8DAA8D;4BACvE,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,EAAE;4BAC/B,SAAS,EAAE,WAAW,CAAC,EAAE;4BACzB,OAAO,EAAE,OAAO;yBACjB,CAAC,EALI,CAKJ,EACF,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,OAAO,KAAK,yCAAyC,EAAvD,CAAuD,EAAE,CACpG,EAAA;;oBATD,SASC,CAAA;;;gBAED,iCAAiC;gBACjC,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,gBAAgB,CAAC,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,EAAA;;oBADpH,iCAAiC;oBACjC,SAAoH,CAAA;oBACpH,qBAAM,IAAA,cAAI,EAAC,SAAS,EAAE,IAAI,CAAC,EAAA;;oBAA3B,SAA2B,CAAA;oBAC3B,qBAAM,WAAW,CAAC,YAAY,CAAC,aAAc,EAAE,gBAAiB,CAAC;wBAEjE,kCAAkC;sBAF+B;;oBAAjE,SAAiE,CAAA;oBAEjE,kCAAkC;oBAClC,qBAAM,GAAG,CAAC,GAAG,CAAC,6BAA6B,CAAC,SAAS,CAAC,iBAAiB,CAAC,EAAE,CAAC,EAAA;;oBAD3E,kCAAkC;oBAClC,SAA2E,CAAA;;;oBAG7E,2CAA2C;oBAC3C,+CAA+C;oBAC/C,2CAA2C;oBAC3C,IAAA,oBAAU,EAAC,6DAA6D,CAAC,CAAA;oBAGrD,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;4BACnD,KAAK,EAAE,uBAAuB;yBAC/B,CAAC,EAAA;;oBAFI,WAAW,GAAG,SAElB;oBAEoB,qBAAM,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC;4BACtD,KAAK,EAAE,eAAe;4BACtB,SAAS,EAAE,WAAW,CAAC,EAAE;4BACzB,UAAU,EAAE,EAAE;yBACf,CAAC,EAAA;;oBAJI,kBAAgB,SAIpB;;;;oBAGA,qBAAM,IAAA,oBAAU,EACd,0DAA0D,EAC1D,cAAM,OAAA,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,0BAA0B,CAAC;4BACzD,EAAE,EAAE,eAAa,CAAC,EAAE;4BACpB,KAAK,EAAE,CAAC;yBACT,CAAC,EAHI,CAGJ,EACF,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,OAAO,KAAK,yCAAyC,EAAvD,CAAuD,EAAE,CACpG,EAAA;;oBAPD,SAOC,CAAA;;;gBAED,UAAU;gBACV,qBAAM,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,eAAa,CAAC,EAAE,CAAC,EAAA;;oBADnD,UAAU;oBACV,SAAmD,CAAA;oBACnD,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,EAAA;;oBAAhD,SAAgD,CAAA;;;oBAGlD,2CAA2C;oBAC3C,sCAAsC;oBACtC,2CAA2C;oBAC3C,IAAA,oBAAU,EAAC,oDAAoD,CAAC,CAAA;oBAEhE,qBAAM,IAAA,oBAAU,EACd,6DAA6D,EAC7D,cAAM,OAAA,WAAW,CAAC,GAAG,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC,EAA/C,CAA+C,EACrD,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,OAAO,KAAK,yCAAyC,EAAvD,CAAuD,EAAE,CACpG;wBAED,2CAA2C;wBAC3C,gDAAgD;wBAChD,2CAA2C;sBAJ1C;;oBAJD,SAIC,CAAA;oBAED,2CAA2C;oBAC3C,gDAAgD;oBAChD,2CAA2C;oBAC3C,IAAA,oBAAU,EAAC,+CAA+C,CAAC,CAAA;oBAGrD,mBAAmB,GAAG,4BAA4B,CAAA;oBACnC,qBAAM,GAAG,CAAC,GAAG,CAAC,6BAA6B,CAAC,SAAS,CAAC;4BACzE,IAAI,EAAE,mBAAmB;4BACzB,WAAW,wBACN,gCAAoB,KACvB,QAAQ,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,EACrF,MAAM,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,EACpE,YAAY,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,EAC1E,aAAa,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,GAC5E;yBACF,CAAC,EAAA;;oBATI,YAAY,GAAG,SASnB;;;;oBAGA,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,mBAAmB,CAAC,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,EAAA;;oBAAvH,SAAuH,CAAA;oBACvH,qBAAM,IAAA,cAAI,EAAC,SAAS,EAAE,IAAI,CAAC,EAAA;;oBAA3B,SAA2B,CAAA;oBAC3B,qBAAM,WAAW,CAAC,YAAY,CAAC,aAAc,EAAE,gBAAiB,CAAC;wBAEjE,iFAAiF;sBAFhB;;oBAAjE,SAAiE,CAAA;oBAG1C,qBAAM,WAAW,CAAC,GAAG,CAAC,aAAa,CAAC,YAAY,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,EAAA;;oBAAhF,mBAAiB,SAA+D;oBAEtF,qBAAM,IAAA,oBAAU,EACd,oEAAoE,EACpE;4BAAY,sBAAA,gBAAc,EAAA;iCAAA,EAC1B;4BACE,QAAQ,EAAE,UAAA,CAAC;gCACT,2DAA2D;gCAC3D,IAAM,WAAW,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,cAAc,KAAK,SAAS,EAA9B,CAA8B,CAAC,CAAA;gCAC/E,IAAI,CAAC,WAAW,EAAE;oCAChB,OAAO,CAAC,GAAG,CAAC,iFAAiF,CAAC,CAAA;iCAC/F;qCAAM;oCACL,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAA;iCAC1D;gCACD,OAAO,WAAW,CAAA;4BACpB,CAAC;yBACF,CACF,EAAA;;oBAfD,SAeC,CAAA;;;gBAED,iCAAiC;gBACjC,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,gBAAgB,CAAC,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,EAAA;;oBADpH,iCAAiC;oBACjC,SAAoH,CAAA;oBACpH,qBAAM,IAAA,cAAI,EAAC,SAAS,EAAE,IAAI,CAAC,EAAA;;oBAA3B,SAA2B,CAAA;oBAC3B,qBAAM,WAAW,CAAC,YAAY,CAAC,aAAc,EAAE,gBAAiB,CAAC;wBAEjE,4BAA4B;sBAFqC;;oBAAjE,SAAiE,CAAA;oBAEjE,4BAA4B;oBAC5B,qBAAM,GAAG,CAAC,GAAG,CAAC,6BAA6B,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC,EAAA;;oBADtE,4BAA4B;oBAC5B,SAAsE,CAAA;;;gBAGxE,2DAA2D;gBAC3D,qBAAM,IAAA,oBAAU,EACd,qEAAqE,EACrE,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,YAAY,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,EAAjD,CAAiD,EACvD;wBACE,QAAQ,EAAE,UAAA,CAAC;4BACT,6DAA6D;4BAC7D,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;gCAC1B,OAAO,CAAC,GAAG,CAAC,oEAAoE,CAAC,CAAA;gCACjF,OAAO,IAAI,CAAA;6BACZ;4BACD,mDAAmD;4BACnD,IAAM,iBAAiB,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,cAAc,KAAK,SAAS,EAA9B,CAA8B,CAAC,CAAA;4BACpF,IAAI,iBAAiB,EAAE;gCACrB,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAA;6BAChD;iCAAM;gCACL,OAAO,CAAC,GAAG,CAAC,uEAAuE,CAAC,CAAA;6BACrF;4BACD,OAAO,IAAI,CAAA,CAAC,yCAAyC;wBACvD,CAAC;qBACF,CACF,EAAA;;oBArBD,2DAA2D;oBAC3D,SAoBC,CAAA;oBAED,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;oBAClC,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAA;oBACzD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;;;gBAG3B,wBAAwB;gBACxB,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,EAAA;;oBAD/G,wBAAwB;oBACxB,SAA+G,CAAA;oBAC/G,qBAAM,IAAA,cAAI,EAAC,SAAS,EAAE,IAAI,CAAC,EAAA;;oBAA3B,SAA2B,CAAA;oBAC3B,qBAAM,WAAW,CAAC,YAAY,CAAC,aAAc,EAAE,gBAAiB,CAAC;wBAEjE,UAAU;sBAFuD;;oBAAjE,SAAiE,CAAA;oBAEjE,UAAU;oBACV,qBAAM,GAAG,CAAC,GAAG,CAAC,6BAA6B,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,EAAA;;oBAD9D,UAAU;oBACV,SAA8D,CAAA;oBAC9D,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,EAAA;;oBAAhD,SAAgD,CAAA;;;;;;CAEnD,CAAA;AA1TY,QAAA,iCAAiC,qCA0T7C;AAED,6CAA6C;AAC7C,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE;IAC3B,OAAO,CAAC,GAAG,CAAC,sCAAqB,IAAI,CAAE,CAAC,CAAA;IACxC,IAAM,KAAG,GAAG,IAAI,aAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IACjC,IAAM,aAAW,GAAG,IAAI,aAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IAEzC,IAAM,QAAQ,GAAG;;;wBACf,qBAAM,IAAA,mBAAW,EAAC,KAAG,EAAE,aAAW,CAAC,EAAA;;oBAAnC,SAAmC,CAAA;oBACnC,qBAAM,IAAA,yCAAiC,EAAC,EAAE,GAAG,OAAA,EAAE,WAAW,eAAA,EAAE,CAAC,EAAA;;oBAA7D,SAA6D,CAAA;;;;SAC9D,CAAA;IAED,QAAQ,EAAE;SACP,IAAI,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAA;QAC9E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC;SACD,KAAK,CAAC,UAAC,KAAK;QACX,OAAO,CAAC,KAAK,CAAC,kDAAkD,EAAE,KAAK,CAAC,CAAA;QACxE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC,CAAA;CACL"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tests.d.ts","sourceRoot":"","sources":["../../../src/tests/tests.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"tests.d.ts","sourceRoot":"","sources":["../../../src/tests/tests.ts"],"names":[],"mappings":"AAwvEA,eAAO,MAAM,kCAAkC,qBAgJ9C,CAAA;AAED,eAAO,MAAM,mCAAmC,qBA2K/C,CAAA;AAGD,eAAO,MAAM,oBAAoB,qBAoHhC,CAAA;AAED,eAAO,MAAM,+BAA+B,qBAsF3C,CAAA;AAID,eAAO,MAAM,0BAA0B,qBAqCtC,CAAA;AA8qED,eAAO,MAAM,cAAc,qBAqC1B,CAAA;AAgnBD,eAAO,MAAM,0BAA0B,qBAmFtC,CAAA;AAqED,eAAO,MAAM,eAAe,qBAmD3B,CAAA;AAED,eAAO,MAAM,oBAAoB,6BAsBhC,CAAA;AAED,eAAO,MAAM,oCAAoC,qBAylBhD,CAAA;AAED,eAAO,MAAM,mCAAmC,qBAkE/C,CAAA;AAm7CD,eAAO,MAAM,yBAAyB,qBA0DrC,CAAA;AAED,eAAO,MAAM,kBAAkB,qBAmK9B,CAAA;AAED,eAAO,MAAM,sBAAsB,qBA0BlC,CAAA;AAGD,eAAO,MAAM,mBAAmB,qBAmC/B,CAAA;AAED,eAAO,MAAM,gCAAgC,mCA2C5C,CAAA;AAED,eAAO,MAAM,cAAc,qBAyZ1B,CAAA;AAGD,eAAO,MAAM,oBAAoB,uBAuBhC,CAAA;AA4wBD,eAAO,MAAM,4BAA4B,qBAoExC,CAAA;AAED,eAAO,MAAM,+BAA+B,qBA4U3C,CAAA;AAED,eAAO,MAAM,gDAAgD,qBAwC5D,CAAA;AAED,eAAO,MAAM,qBAAqB,qBAwIjC,CAAA"}
|