@tellescope/sdk 1.250.2 → 1.251.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/sdk.d.ts +9 -0
- package/lib/cjs/sdk.d.ts.map +1 -1
- package/lib/cjs/sdk.js +3 -0
- package/lib/cjs/sdk.js.map +1 -1
- package/lib/cjs/tests/api_tests/account_switcher.test.d.ts.map +1 -1
- package/lib/cjs/tests/api_tests/account_switcher.test.js +1700 -306
- package/lib/cjs/tests/api_tests/account_switcher.test.js.map +1 -1
- package/lib/cjs/tests/api_tests/enduser_login.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/enduser_login.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/enduser_login.test.js +315 -0
- package/lib/cjs/tests/api_tests/enduser_login.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.js +370 -0
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/set_fields_order_templates.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/set_fields_order_templates.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/set_fields_order_templates.test.js +373 -0
- package/lib/cjs/tests/api_tests/set_fields_order_templates.test.js.map +1 -0
- package/lib/cjs/tests/setup.d.ts.map +1 -1
- package/lib/cjs/tests/setup.js +47 -32
- package/lib/cjs/tests/setup.js.map +1 -1
- package/lib/cjs/tests/tests.d.ts.map +1 -1
- package/lib/cjs/tests/tests.js +179 -158
- package/lib/cjs/tests/tests.js.map +1 -1
- package/lib/esm/sdk.d.ts +9 -0
- package/lib/esm/sdk.d.ts.map +1 -1
- package/lib/esm/sdk.js +3 -0
- package/lib/esm/sdk.js.map +1 -1
- package/lib/esm/tests/api_tests/account_switcher.test.d.ts.map +1 -1
- package/lib/esm/tests/api_tests/account_switcher.test.js +1702 -305
- package/lib/esm/tests/api_tests/account_switcher.test.js.map +1 -1
- package/lib/esm/tests/api_tests/enduser_login.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/enduser_login.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/enduser_login.test.js +308 -0
- package/lib/esm/tests/api_tests/enduser_login.test.js.map +1 -0
- package/lib/esm/tests/api_tests/enduser_login_phi_disclosure.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/enduser_login_phi_disclosure.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/enduser_login_phi_disclosure.test.js +268 -0
- package/lib/esm/tests/api_tests/enduser_login_phi_disclosure.test.js.map +1 -0
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.js +366 -0
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.js.map +1 -0
- package/lib/esm/tests/api_tests/set_fields_order_templates.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/set_fields_order_templates.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/set_fields_order_templates.test.js +369 -0
- package/lib/esm/tests/api_tests/set_fields_order_templates.test.js.map +1 -0
- package/lib/esm/tests/setup.d.ts.map +1 -1
- package/lib/esm/tests/setup.js +47 -32
- package/lib/esm/tests/setup.js.map +1 -1
- package/lib/esm/tests/tests.d.ts.map +1 -1
- package/lib/esm/tests/tests.js +179 -158
- package/lib/esm/tests/tests.js.map +1 -1
- package/lib/tsconfig.tsbuildinfo +1 -1
- package/package.json +10 -10
- package/src/sdk.ts +12 -0
- package/src/tests/api_tests/account_switcher.test.ts +1283 -0
- package/src/tests/api_tests/enduser_login.test.ts +215 -0
- package/src/tests/api_tests/push_forms_to_portal_group_completion.test.ts +198 -0
- package/src/tests/api_tests/set_fields_order_templates.test.ts +258 -0
- package/src/tests/setup.ts +8 -1
- package/src/tests/tests.ts +18 -5
- package/test_generated.pdf +0 -0
|
@@ -0,0 +1,268 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
11
|
+
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
12
|
+
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
13
|
+
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
14
|
+
function step(op) {
|
|
15
|
+
if (f) throw new TypeError("Generator is already executing.");
|
|
16
|
+
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
17
|
+
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
18
|
+
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
19
|
+
switch (op[0]) {
|
|
20
|
+
case 0: case 1: t = op; break;
|
|
21
|
+
case 4: _.label++; return { value: op[1], done: false };
|
|
22
|
+
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
23
|
+
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
24
|
+
default:
|
|
25
|
+
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
26
|
+
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
27
|
+
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
28
|
+
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
29
|
+
if (t[2]) _.ops.pop();
|
|
30
|
+
_.trys.pop(); continue;
|
|
31
|
+
}
|
|
32
|
+
op = body.call(thisArg, _);
|
|
33
|
+
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
34
|
+
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
35
|
+
}
|
|
36
|
+
};
|
|
37
|
+
require('source-map-support').install();
|
|
38
|
+
import axios from "axios";
|
|
39
|
+
import { Session } from "../../sdk";
|
|
40
|
+
import { async_test, log_header, } from "@tellescope/testing";
|
|
41
|
+
import { setup_tests } from "../setup";
|
|
42
|
+
var host = process.env.API_URL || 'http://localhost:8080';
|
|
43
|
+
// Reproduces the unauthenticated PHI disclosure reported by a security researcher:
|
|
44
|
+
// POST /v1/login-enduser for an enduser that has no password set returns the full
|
|
45
|
+
// enduser document (including PHI and hashedPassword) in the 400 error response.
|
|
46
|
+
// Also covers account enumeration via differing HTTP status codes between
|
|
47
|
+
// "enduser not found" (404) and "wrong password" (401) responses.
|
|
48
|
+
var post_login = function (body) { return __awaiter(void 0, void 0, void 0, function () {
|
|
49
|
+
var res, err_1;
|
|
50
|
+
var _a, _b;
|
|
51
|
+
return __generator(this, function (_c) {
|
|
52
|
+
switch (_c.label) {
|
|
53
|
+
case 0:
|
|
54
|
+
_c.trys.push([0, 2, , 3]);
|
|
55
|
+
return [4 /*yield*/, axios.post("".concat(host, "/v1/login-enduser"), body, { validateStatus: function () { return true; } })];
|
|
56
|
+
case 1:
|
|
57
|
+
res = _c.sent();
|
|
58
|
+
return [2 /*return*/, { status: res.status, data: res.data }];
|
|
59
|
+
case 2:
|
|
60
|
+
err_1 = _c.sent();
|
|
61
|
+
return [2 /*return*/, { status: (_a = err_1 === null || err_1 === void 0 ? void 0 : err_1.response) === null || _a === void 0 ? void 0 : _a.status, data: (_b = err_1 === null || err_1 === void 0 ? void 0 : err_1.response) === null || _b === void 0 ? void 0 : _b.data }];
|
|
62
|
+
case 3: return [2 /*return*/];
|
|
63
|
+
}
|
|
64
|
+
});
|
|
65
|
+
}); };
|
|
66
|
+
export var enduser_login_phi_disclosure_tests = function (_a) {
|
|
67
|
+
var sdk = _a.sdk, sdkNonAdmin = _a.sdkNonAdmin;
|
|
68
|
+
return __awaiter(void 0, void 0, void 0, function () {
|
|
69
|
+
var ts, PHI_FNAME, PHI_ADDRESS, PHI_DOB, noPasswordEnduser, withPasswordEnduser, leakResp_1, leakBody_1, _loop_1, _i, _b, sensitiveKey, wrongPasswordResp_1, unknownEmailResp_1, verifyOtpInvalidResp, verifyOtpBody_1;
|
|
70
|
+
var _c, _d;
|
|
71
|
+
return __generator(this, function (_e) {
|
|
72
|
+
switch (_e.label) {
|
|
73
|
+
case 0:
|
|
74
|
+
log_header("Enduser Login PHI Disclosure Tests");
|
|
75
|
+
ts = Date.now();
|
|
76
|
+
PHI_FNAME = "PHILeakMarkerFname".concat(ts);
|
|
77
|
+
PHI_ADDRESS = "".concat(ts, " Confidential Way");
|
|
78
|
+
PHI_DOB = '01-01-1990';
|
|
79
|
+
return [4 /*yield*/, sdk.api.endusers.createOne({
|
|
80
|
+
fname: PHI_FNAME,
|
|
81
|
+
lname: 'PHILeakTest',
|
|
82
|
+
email: "phi-leak-no-password-".concat(ts, "@tellescope.com"),
|
|
83
|
+
dateOfBirth: PHI_DOB,
|
|
84
|
+
addressLineOne: PHI_ADDRESS,
|
|
85
|
+
addressLineTwo: 'Apt 4B',
|
|
86
|
+
city: 'Springfield',
|
|
87
|
+
state: 'IL',
|
|
88
|
+
zipCode: '62701',
|
|
89
|
+
gender: 'Female',
|
|
90
|
+
assignedTo: [sdk.userInfo.id],
|
|
91
|
+
fields: { secretField: "should-not-leak-".concat(ts) },
|
|
92
|
+
tags: ['vip', 'sensitive'],
|
|
93
|
+
})];
|
|
94
|
+
case 1:
|
|
95
|
+
noPasswordEnduser = _e.sent();
|
|
96
|
+
return [4 /*yield*/, sdk.api.endusers.createOne({
|
|
97
|
+
fname: 'PasswordedEnduser',
|
|
98
|
+
lname: 'PHILeakTest',
|
|
99
|
+
email: "phi-leak-with-password-".concat(ts, "@tellescope.com"),
|
|
100
|
+
})];
|
|
101
|
+
case 2:
|
|
102
|
+
withPasswordEnduser = _e.sent();
|
|
103
|
+
return [4 /*yield*/, sdk.api.endusers.set_password({ id: withPasswordEnduser.id, password: 'CorrectPassword123!' })];
|
|
104
|
+
case 3:
|
|
105
|
+
_e.sent();
|
|
106
|
+
_e.label = 4;
|
|
107
|
+
case 4:
|
|
108
|
+
_e.trys.push([4, , 20, 22]);
|
|
109
|
+
return [4 /*yield*/, post_login({
|
|
110
|
+
email: noPasswordEnduser.email,
|
|
111
|
+
password: 'arbitrary-password',
|
|
112
|
+
businessId: sdk.userInfo.businessId,
|
|
113
|
+
})];
|
|
114
|
+
case 5:
|
|
115
|
+
leakResp_1 = _e.sent();
|
|
116
|
+
leakBody_1 = JSON.stringify((_c = leakResp_1.data) !== null && _c !== void 0 ? _c : {});
|
|
117
|
+
return [4 /*yield*/, async_test('No-password login response does not include fname PHI marker', function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
118
|
+
return [2 /*return*/, leakBody_1.includes(PHI_FNAME) ? 'leaked' : 'safe'];
|
|
119
|
+
}); }); }, { expectedResult: 'safe' })];
|
|
120
|
+
case 6:
|
|
121
|
+
_e.sent();
|
|
122
|
+
return [4 /*yield*/, async_test('No-password login response does not include dateOfBirth', function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
123
|
+
return [2 /*return*/, leakBody_1.includes(PHI_DOB) ? 'leaked' : 'safe'];
|
|
124
|
+
}); }); }, { expectedResult: 'safe' })];
|
|
125
|
+
case 7:
|
|
126
|
+
_e.sent();
|
|
127
|
+
return [4 /*yield*/, async_test('No-password login response does not include addressLineOne marker', function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
128
|
+
return [2 /*return*/, leakBody_1.includes(PHI_ADDRESS) ? 'leaked' : 'safe'];
|
|
129
|
+
}); }); }, { expectedResult: 'safe' })];
|
|
130
|
+
case 8:
|
|
131
|
+
_e.sent();
|
|
132
|
+
_loop_1 = function (sensitiveKey) {
|
|
133
|
+
return __generator(this, function (_f) {
|
|
134
|
+
switch (_f.label) {
|
|
135
|
+
case 0: return [4 /*yield*/, async_test("No-password login response does not include \"".concat(sensitiveKey, "\" key"), function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
136
|
+
return [2 /*return*/, leakBody_1.includes("\"".concat(sensitiveKey, "\"")) ? 'leaked' : 'safe'];
|
|
137
|
+
}); }); }, { expectedResult: 'safe' })];
|
|
138
|
+
case 1:
|
|
139
|
+
_f.sent();
|
|
140
|
+
return [2 /*return*/];
|
|
141
|
+
}
|
|
142
|
+
});
|
|
143
|
+
};
|
|
144
|
+
_i = 0, _b = ['hashedPassword', 'assignedTo', 'fields', 'tags', 'insurance', 'customFields'];
|
|
145
|
+
_e.label = 9;
|
|
146
|
+
case 9:
|
|
147
|
+
if (!(_i < _b.length)) return [3 /*break*/, 12];
|
|
148
|
+
sensitiveKey = _b[_i];
|
|
149
|
+
return [5 /*yield**/, _loop_1(sensitiveKey)];
|
|
150
|
+
case 10:
|
|
151
|
+
_e.sent();
|
|
152
|
+
_e.label = 11;
|
|
153
|
+
case 11:
|
|
154
|
+
_i++;
|
|
155
|
+
return [3 /*break*/, 9];
|
|
156
|
+
case 12: return [4 /*yield*/, async_test('No-password login response info field is absent or empty', function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
157
|
+
var info;
|
|
158
|
+
var _a;
|
|
159
|
+
return __generator(this, function (_b) {
|
|
160
|
+
info = ((_a = leakResp_1.data) !== null && _a !== void 0 ? _a : {}).info;
|
|
161
|
+
if (info === undefined)
|
|
162
|
+
return [2 /*return*/, 'safe'];
|
|
163
|
+
if (typeof info === 'object' && info !== null && Object.keys(info).length === 0)
|
|
164
|
+
return [2 /*return*/, 'safe'];
|
|
165
|
+
return [2 /*return*/, 'leaked'];
|
|
166
|
+
});
|
|
167
|
+
}); }, { expectedResult: 'safe' })
|
|
168
|
+
// ---------------------------------------------------------------------
|
|
169
|
+
// Fix 3 target: account enumeration via HTTP status code
|
|
170
|
+
// ---------------------------------------------------------------------
|
|
171
|
+
];
|
|
172
|
+
case 13:
|
|
173
|
+
_e.sent();
|
|
174
|
+
return [4 /*yield*/, post_login({
|
|
175
|
+
email: withPasswordEnduser.email,
|
|
176
|
+
password: 'WrongPassword!2025',
|
|
177
|
+
businessId: sdk.userInfo.businessId,
|
|
178
|
+
})];
|
|
179
|
+
case 14:
|
|
180
|
+
wrongPasswordResp_1 = _e.sent();
|
|
181
|
+
return [4 /*yield*/, post_login({
|
|
182
|
+
email: "does-not-exist-".concat(ts, "@tellescope.com"),
|
|
183
|
+
password: 'AnyPassword!2025',
|
|
184
|
+
businessId: sdk.userInfo.businessId,
|
|
185
|
+
})];
|
|
186
|
+
case 15:
|
|
187
|
+
unknownEmailResp_1 = _e.sent();
|
|
188
|
+
return [4 /*yield*/, async_test('Login returns same status for wrong-password vs unknown-email (no enumeration)', function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
189
|
+
return __generator(this, function (_a) {
|
|
190
|
+
return [2 /*return*/, (wrongPasswordResp_1.status === unknownEmailResp_1.status
|
|
191
|
+
? "same:".concat(wrongPasswordResp_1.status)
|
|
192
|
+
: "diff:wrongPw=".concat(wrongPasswordResp_1.status, ",unknown=").concat(unknownEmailResp_1.status))];
|
|
193
|
+
});
|
|
194
|
+
}); }, { expectedResult: 'same:401' })];
|
|
195
|
+
case 16:
|
|
196
|
+
_e.sent();
|
|
197
|
+
return [4 /*yield*/, async_test('Login returns same message for wrong-password vs unknown-email', function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
198
|
+
var _a, _b, _c, _d, _e, _f;
|
|
199
|
+
return __generator(this, function (_g) {
|
|
200
|
+
return [2 /*return*/, (((_b = (_a = wrongPasswordResp_1.data) === null || _a === void 0 ? void 0 : _a.message) !== null && _b !== void 0 ? _b : null) === ((_d = (_c = unknownEmailResp_1.data) === null || _c === void 0 ? void 0 : _c.message) !== null && _d !== void 0 ? _d : null)
|
|
201
|
+
? 'same'
|
|
202
|
+
: "diff:wrongPw=".concat(JSON.stringify((_e = wrongPasswordResp_1.data) === null || _e === void 0 ? void 0 : _e.message), ",unknown=").concat(JSON.stringify((_f = unknownEmailResp_1.data) === null || _f === void 0 ? void 0 : _f.message)))];
|
|
203
|
+
});
|
|
204
|
+
}); }, { expectedResult: 'same' })
|
|
205
|
+
// ---------------------------------------------------------------------
|
|
206
|
+
// Fix 5 target (partial): verify_otp invalid-code error response does
|
|
207
|
+
// not leak the enduser. Full success-path redaction is also covered
|
|
208
|
+
// here since both code paths must not leak.
|
|
209
|
+
// ---------------------------------------------------------------------
|
|
210
|
+
];
|
|
211
|
+
case 17:
|
|
212
|
+
_e.sent();
|
|
213
|
+
return [4 /*yield*/, axios.post("".concat(host, "/v1/verify-otp-code"), { token: 'not-a-real-token', code: '000000', businessId: sdk.userInfo.businessId }, { validateStatus: function () { return true; } })];
|
|
214
|
+
case 18:
|
|
215
|
+
verifyOtpInvalidResp = _e.sent();
|
|
216
|
+
verifyOtpBody_1 = JSON.stringify((_d = verifyOtpInvalidResp.data) !== null && _d !== void 0 ? _d : {});
|
|
217
|
+
return [4 /*yield*/, async_test('verify_otp invalid-code response does not include any enduser fields', function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
218
|
+
return __generator(this, function (_a) {
|
|
219
|
+
return [2 /*return*/, (verifyOtpBody_1.includes('"hashedPassword"')
|
|
220
|
+
|| verifyOtpBody_1.includes('"assignedTo"')
|
|
221
|
+
|| verifyOtpBody_1.includes(PHI_FNAME)
|
|
222
|
+
? 'leaked' : 'safe')];
|
|
223
|
+
});
|
|
224
|
+
}); }, { expectedResult: 'safe' })];
|
|
225
|
+
case 19:
|
|
226
|
+
_e.sent();
|
|
227
|
+
return [3 /*break*/, 22];
|
|
228
|
+
case 20: return [4 /*yield*/, Promise.all([
|
|
229
|
+
sdk.api.endusers.deleteOne(noPasswordEnduser.id).catch(function () { return null; }),
|
|
230
|
+
sdk.api.endusers.deleteOne(withPasswordEnduser.id).catch(function () { return null; }),
|
|
231
|
+
])];
|
|
232
|
+
case 21:
|
|
233
|
+
_e.sent();
|
|
234
|
+
return [7 /*endfinally*/];
|
|
235
|
+
case 22: return [2 /*return*/];
|
|
236
|
+
}
|
|
237
|
+
});
|
|
238
|
+
});
|
|
239
|
+
};
|
|
240
|
+
// Allow running this test file independently
|
|
241
|
+
if (require.main === module) {
|
|
242
|
+
console.log("\uD83C\uDF10 Using API URL: ".concat(host));
|
|
243
|
+
var sdk_1 = new Session({ host: host });
|
|
244
|
+
var sdkNonAdmin_1 = new Session({ host: host });
|
|
245
|
+
var runTests = function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
246
|
+
return __generator(this, function (_a) {
|
|
247
|
+
switch (_a.label) {
|
|
248
|
+
case 0: return [4 /*yield*/, setup_tests(sdk_1, sdkNonAdmin_1)];
|
|
249
|
+
case 1:
|
|
250
|
+
_a.sent();
|
|
251
|
+
return [4 /*yield*/, enduser_login_phi_disclosure_tests({ sdk: sdk_1, sdkNonAdmin: sdkNonAdmin_1 })];
|
|
252
|
+
case 2:
|
|
253
|
+
_a.sent();
|
|
254
|
+
return [2 /*return*/];
|
|
255
|
+
}
|
|
256
|
+
});
|
|
257
|
+
}); };
|
|
258
|
+
runTests()
|
|
259
|
+
.then(function () {
|
|
260
|
+
console.log("✅ Enduser login PHI disclosure test suite completed successfully");
|
|
261
|
+
process.exit(0);
|
|
262
|
+
})
|
|
263
|
+
.catch(function (error) {
|
|
264
|
+
console.error("❌ Enduser login PHI disclosure test suite failed:", error);
|
|
265
|
+
process.exit(1);
|
|
266
|
+
});
|
|
267
|
+
}
|
|
268
|
+
//# sourceMappingURL=enduser_login_phi_disclosure.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"enduser_login_phi_disclosure.test.js","sourceRoot":"","sources":["../../../../src/tests/api_tests/enduser_login_phi_disclosure.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,CAAC,oBAAoB,CAAC,CAAC,OAAO,EAAE,CAAC;AAExC,OAAO,KAAK,MAAM,OAAO,CAAA;AACzB,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EACL,UAAU,EACV,UAAU,GACX,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAA;AAEtC,IAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,uBAAgC,CAAA;AAEpE,mFAAmF;AACnF,kFAAkF;AAClF,iFAAiF;AACjF,0EAA0E;AAC1E,kEAAkE;AAElE,IAAM,UAAU,GAAG,UAAO,IAAS;;;;;;;gBAEnB,qBAAM,KAAK,CAAC,IAAI,CAAC,UAAG,IAAI,sBAAmB,EAAE,IAAI,EAAE,EAAE,cAAc,EAAE,cAAM,OAAA,IAAI,EAAJ,CAAI,EAAE,CAAC,EAAA;;gBAAxF,GAAG,GAAG,SAAkF;gBAC9F,sBAAO,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,EAAA;;;gBAE7C,sBAAO,EAAE,MAAM,EAAE,MAAA,KAAG,aAAH,KAAG,uBAAH,KAAG,CAAE,QAAQ,0CAAE,MAAM,EAAE,IAAI,EAAE,MAAA,KAAG,aAAH,KAAG,uBAAH,KAAG,CAAE,QAAQ,0CAAE,IAAI,EAAE,EAAA;;;;KAEtE,CAAA;AAED,MAAM,CAAC,IAAM,kCAAkC,GAAG,UAAO,EAA6D;QAA3D,GAAG,SAAA,EAAE,WAAW,iBAAA;;;;;;;oBACzE,UAAU,CAAC,oCAAoC,CAAC,CAAA;oBAE1C,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;oBAEf,SAAS,GAAG,4BAAqB,EAAE,CAAE,CAAA;oBACrC,WAAW,GAAG,UAAG,EAAE,sBAAmB,CAAA;oBACtC,OAAO,GAAG,YAAY,CAAA;oBAEF,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;4BACzD,KAAK,EAAE,SAAS;4BAChB,KAAK,EAAE,aAAa;4BACpB,KAAK,EAAE,+BAAwB,EAAE,oBAAiB;4BAClD,WAAW,EAAE,OAAO;4BACpB,cAAc,EAAE,WAAW;4BAC3B,cAAc,EAAE,QAAQ;4BACxB,IAAI,EAAE,aAAa;4BACnB,KAAK,EAAE,IAAI;4BACX,OAAO,EAAE,OAAO;4BAChB,MAAM,EAAE,QAAQ;4BAChB,UAAU,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;4BAC7B,MAAM,EAAE,EAAE,WAAW,EAAE,0BAAmB,EAAE,CAAE,EAAE;4BAChD,IAAI,EAAE,CAAC,KAAK,EAAE,WAAW,CAAC;yBAC3B,CAAC,EAAA;;oBAdI,iBAAiB,GAAG,SAcxB;oBAE0B,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;4BAC3D,KAAK,EAAE,mBAAmB;4BAC1B,KAAK,EAAE,aAAa;4BACpB,KAAK,EAAE,iCAA0B,EAAE,oBAAiB;yBACrD,CAAC,EAAA;;oBAJI,mBAAmB,GAAG,SAI1B;oBACF,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,mBAAmB,CAAC,EAAE,EAAE,QAAQ,EAAE,qBAAqB,EAAE,CAAC,EAAA;;oBAApG,SAAoG,CAAA;;;;oBAMjF,qBAAM,UAAU,CAAC;4BAChC,KAAK,EAAE,iBAAiB,CAAC,KAAK;4BAC9B,QAAQ,EAAE,oBAAoB;4BAC9B,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,UAAU;yBACpC,CAAC,EAAA;;oBAJI,aAAW,SAIf;oBAEI,aAAW,IAAI,CAAC,SAAS,CAAC,MAAA,UAAQ,CAAC,IAAI,mCAAI,EAAE,CAAC,CAAA;oBAEpD,qBAAM,UAAU,CACd,8DAA8D,EAC9D;4BAAY,sBAAA,UAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAA;iCAAA,EAC5D,EAAE,cAAc,EAAE,MAAM,EAAE,CAC3B,EAAA;;oBAJD,SAIC,CAAA;oBACD,qBAAM,UAAU,CACd,yDAAyD,EACzD;4BAAY,sBAAA,UAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAA;iCAAA,EAC1D,EAAE,cAAc,EAAE,MAAM,EAAE,CAC3B,EAAA;;oBAJD,SAIC,CAAA;oBACD,qBAAM,UAAU,CACd,mEAAmE,EACnE;4BAAY,sBAAA,UAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAA;iCAAA,EAC9D,EAAE,cAAc,EAAE,MAAM,EAAE,CAC3B,EAAA;;oBAJD,SAIC,CAAA;wCACU,YAAY;;;wCACrB,qBAAM,UAAU,CACd,wDAAgD,YAAY,WAAO,EACnE;wCAAY,sBAAA,UAAQ,CAAC,QAAQ,CAAC,YAAI,YAAY,OAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAA;6CAAA,EACtE,EAAE,cAAc,EAAE,MAAM,EAAE,CAC3B,EAAA;;oCAJD,SAIC,CAAA;;;;;0BALuG,EAA/E,MAAC,gBAAgB,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,cAAc,CAAC;;;yBAA/E,CAAA,cAA+E,CAAA;oBAA/F,YAAY;kDAAZ,YAAY;;;;;oBAAI,IAA+E,CAAA;;yBAO1G,qBAAM,UAAU,CACd,0DAA0D,EAC1D;;;;4BACQ,IAAI,GAAG,CAAC,MAAA,UAAQ,CAAC,IAAI,mCAAI,EAAE,CAAC,CAAC,IAAI,CAAA;4BACvC,IAAI,IAAI,KAAK,SAAS;gCAAE,sBAAO,MAAM,EAAA;4BACrC,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;gCAAE,sBAAO,MAAM,EAAA;4BAC9F,sBAAO,QAAQ,EAAA;;yBAChB,EACD,EAAE,cAAc,EAAE,MAAM,EAAE,CAC3B;oBAED,wEAAwE;oBACxE,yDAAyD;oBACzD,wEAAwE;kBAJvE;;oBATD,SASC,CAAA;oBAKyB,qBAAM,UAAU,CAAC;4BACzC,KAAK,EAAE,mBAAmB,CAAC,KAAK;4BAChC,QAAQ,EAAE,oBAAoB;4BAC9B,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,UAAU;yBACpC,CAAC,EAAA;;oBAJI,sBAAoB,SAIxB;oBACuB,qBAAM,UAAU,CAAC;4BACxC,KAAK,EAAE,yBAAkB,EAAE,oBAAiB;4BAC5C,QAAQ,EAAE,kBAAkB;4BAC5B,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,UAAU;yBACpC,CAAC,EAAA;;oBAJI,qBAAmB,SAIvB;oBAEF,qBAAM,UAAU,CACd,gFAAgF,EAChF;;gCAAY,sBAAA,CACV,mBAAiB,CAAC,MAAM,KAAK,kBAAgB,CAAC,MAAM;wCAClD,CAAC,CAAC,eAAQ,mBAAiB,CAAC,MAAM,CAAE;wCACpC,CAAC,CAAC,uBAAgB,mBAAiB,CAAC,MAAM,sBAAY,kBAAgB,CAAC,MAAM,CAAE,CAClF,EAAA;;6BAAA,EACD,EAAE,cAAc,EAAE,UAAU,EAAE,CAC/B,EAAA;;oBARD,SAQC,CAAA;oBACD,qBAAM,UAAU,CACd,gEAAgE,EAChE;;;gCAAY,sBAAA,CACV,CAAC,MAAA,MAAA,mBAAiB,CAAC,IAAI,0CAAE,OAAO,mCAAI,IAAI,CAAC,KAAK,CAAC,MAAA,MAAA,kBAAgB,CAAC,IAAI,0CAAE,OAAO,mCAAI,IAAI,CAAC;wCACpF,CAAC,CAAC,MAAM;wCACR,CAAC,CAAC,uBAAgB,IAAI,CAAC,SAAS,CAAC,MAAA,mBAAiB,CAAC,IAAI,0CAAE,OAAO,CAAC,sBAAY,IAAI,CAAC,SAAS,CAAC,MAAA,kBAAgB,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAE,CAChI,EAAA;;6BAAA,EACD,EAAE,cAAc,EAAE,MAAM,EAAE,CAC3B;wBAED,wEAAwE;wBACxE,sEAAsE;wBACtE,oEAAoE;wBACpE,4CAA4C;wBAC5C,wEAAwE;sBANvE;;oBARD,SAQC,CAAA;oBAO4B,qBAAM,KAAK,CAAC,IAAI,CAC3C,UAAG,IAAI,wBAAqB,EAC5B,EAAE,KAAK,EAAE,kBAAkB,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,EAClF,EAAE,cAAc,EAAE,cAAM,OAAA,IAAI,EAAJ,CAAI,EAAE,CAC/B,EAAA;;oBAJK,oBAAoB,GAAG,SAI5B;oBACK,kBAAgB,IAAI,CAAC,SAAS,CAAC,MAAA,oBAAoB,CAAC,IAAI,mCAAI,EAAE,CAAC,CAAA;oBACrE,qBAAM,UAAU,CACd,sEAAsE,EACtE;;gCAAY,sBAAA,CACV,eAAa,CAAC,QAAQ,CAAC,kBAAkB,CAAC;2CACvC,eAAa,CAAC,QAAQ,CAAC,cAAc,CAAC;2CACtC,eAAa,CAAC,QAAQ,CAAC,SAAS,CAAC;wCAClC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CACtB,EAAA;;6BAAA,EACD,EAAE,cAAc,EAAE,MAAM,EAAE,CAC3B,EAAA;;oBATD,SASC,CAAA;;yBAED,qBAAM,OAAO,CAAC,GAAG,CAAC;wBAChB,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,cAAM,OAAA,IAAI,EAAJ,CAAI,CAAC;wBAClE,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,cAAM,OAAA,IAAI,EAAJ,CAAI,CAAC;qBACrE,CAAC,EAAA;;oBAHF,SAGE,CAAA;;;;;;CAEL,CAAA;AAED,6CAA6C;AAC7C,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE;IAC3B,OAAO,CAAC,GAAG,CAAC,sCAAqB,IAAI,CAAE,CAAC,CAAA;IACxC,IAAM,KAAG,GAAG,IAAI,OAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IACjC,IAAM,aAAW,GAAG,IAAI,OAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IAEzC,IAAM,QAAQ,GAAG;;;wBACf,qBAAM,WAAW,CAAC,KAAG,EAAE,aAAW,CAAC,EAAA;;oBAAnC,SAAmC,CAAA;oBACnC,qBAAM,kCAAkC,CAAC,EAAE,GAAG,OAAA,EAAE,WAAW,eAAA,EAAE,CAAC,EAAA;;oBAA9D,SAA8D,CAAA;;;;SAC/D,CAAA;IAED,QAAQ,EAAE;SACP,IAAI,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,kEAAkE,CAAC,CAAA;QAC/E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC;SACD,KAAK,CAAC,UAAC,KAAK;QACX,OAAO,CAAC,KAAK,CAAC,mDAAmD,EAAE,KAAK,CAAC,CAAA;QACzE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC,CAAA;CACL"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"push_forms_to_portal_group_completion.test.d.ts","sourceRoot":"","sources":["../../../../src/tests/api_tests/push_forms_to_portal_group_completion.test.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AAuBnC,eAAO,MAAM,2CAA2C;SAAwC,OAAO;iBAAe,OAAO;mBAuJ5H,CAAA"}
|