@tellescope/sdk 1.251.0 → 1.252.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/tests/api_tests/calendar_canvas_coding_clear.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/calendar_canvas_coding_clear.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/calendar_canvas_coding_clear.test.js +139 -0
- package/lib/cjs/tests/api_tests/calendar_canvas_coding_clear.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/calendar_event_webhook_template.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/calendar_event_webhook_template.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/calendar_event_webhook_template.test.js +337 -0
- package/lib/cjs/tests/api_tests/calendar_event_webhook_template.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/enduser_login_rate_limits.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/enduser_login_rate_limits.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/enduser_login_rate_limits.test.js +287 -0
- package/lib/cjs/tests/api_tests/enduser_login_rate_limits.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/integrations_redacted.test.d.ts.map +1 -1
- package/lib/cjs/tests/api_tests/integrations_redacted.test.js +30 -20
- package/lib/cjs/tests/api_tests/integrations_redacted.test.js.map +1 -1
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.d.ts.map +1 -1
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.js +234 -198
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.js.map +1 -1
- package/lib/cjs/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.d.ts +28 -0
- package/lib/cjs/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.js +349 -0
- package/lib/cjs/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0005-ai-conversations-rbac.test.d.ts +28 -0
- package/lib/cjs/tests/api_tests/security/F-0005-ai-conversations-rbac.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0005-ai-conversations-rbac.test.js +247 -0
- package/lib/cjs/tests/api_tests/security/F-0005-ai-conversations-rbac.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0007-invite-user-enumeration.test.d.ts +29 -0
- package/lib/cjs/tests/api_tests/security/F-0007-invite-user-enumeration.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0007-invite-user-enumeration.test.js +278 -0
- package/lib/cjs/tests/api_tests/security/F-0007-invite-user-enumeration.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.d.ts +24 -0
- package/lib/cjs/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.js +201 -0
- package/lib/cjs/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0013-sanitize-user-html.test.d.ts +2 -0
- package/lib/cjs/tests/api_tests/security/F-0013-sanitize-user-html.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0013-sanitize-user-html.test.js +148 -0
- package/lib/cjs/tests/api_tests/security/F-0013-sanitize-user-html.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0016-prototype-pollution.test.d.ts +2 -0
- package/lib/cjs/tests/api_tests/security/F-0016-prototype-pollution.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0016-prototype-pollution.test.js +88 -0
- package/lib/cjs/tests/api_tests/security/F-0016-prototype-pollution.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.d.ts +32 -0
- package/lib/cjs/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.js +237 -0
- package/lib/cjs/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0076-self-admin-role-assignment.test.d.ts +38 -0
- package/lib/cjs/tests/api_tests/security/F-0076-self-admin-role-assignment.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0076-self-admin-role-assignment.test.js +222 -0
- package/lib/cjs/tests/api_tests/security/F-0076-self-admin-role-assignment.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/user_portal_settings.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/user_portal_settings.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/user_portal_settings.test.js +301 -0
- package/lib/cjs/tests/api_tests/user_portal_settings.test.js.map +1 -0
- package/lib/cjs/tests/tests.d.ts.map +1 -1
- package/lib/cjs/tests/tests.js +198 -151
- package/lib/cjs/tests/tests.js.map +1 -1
- package/lib/esm/tests/api_tests/calendar_canvas_coding_clear.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/calendar_canvas_coding_clear.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/calendar_canvas_coding_clear.test.js +135 -0
- package/lib/esm/tests/api_tests/calendar_canvas_coding_clear.test.js.map +1 -0
- package/lib/esm/tests/api_tests/calendar_event_webhook_template.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/calendar_event_webhook_template.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/calendar_event_webhook_template.test.js +333 -0
- package/lib/esm/tests/api_tests/calendar_event_webhook_template.test.js.map +1 -0
- package/lib/esm/tests/api_tests/enduser_login_rate_limits.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/enduser_login_rate_limits.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/enduser_login_rate_limits.test.js +280 -0
- package/lib/esm/tests/api_tests/enduser_login_rate_limits.test.js.map +1 -0
- package/lib/esm/tests/api_tests/integrations_redacted.test.d.ts.map +1 -1
- package/lib/esm/tests/api_tests/integrations_redacted.test.js +30 -20
- package/lib/esm/tests/api_tests/integrations_redacted.test.js.map +1 -1
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.d.ts.map +1 -1
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.js +235 -199
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.js.map +1 -1
- package/lib/esm/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.d.ts +28 -0
- package/lib/esm/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.js +345 -0
- package/lib/esm/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0005-ai-conversations-rbac.test.d.ts +28 -0
- package/lib/esm/tests/api_tests/security/F-0005-ai-conversations-rbac.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0005-ai-conversations-rbac.test.js +243 -0
- package/lib/esm/tests/api_tests/security/F-0005-ai-conversations-rbac.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0007-invite-user-enumeration.test.d.ts +29 -0
- package/lib/esm/tests/api_tests/security/F-0007-invite-user-enumeration.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0007-invite-user-enumeration.test.js +271 -0
- package/lib/esm/tests/api_tests/security/F-0007-invite-user-enumeration.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.d.ts +24 -0
- package/lib/esm/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.js +194 -0
- package/lib/esm/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0013-sanitize-user-html.test.d.ts +2 -0
- package/lib/esm/tests/api_tests/security/F-0013-sanitize-user-html.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0013-sanitize-user-html.test.js +144 -0
- package/lib/esm/tests/api_tests/security/F-0013-sanitize-user-html.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0016-prototype-pollution.test.d.ts +2 -0
- package/lib/esm/tests/api_tests/security/F-0016-prototype-pollution.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0016-prototype-pollution.test.js +84 -0
- package/lib/esm/tests/api_tests/security/F-0016-prototype-pollution.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.d.ts +32 -0
- package/lib/esm/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.js +233 -0
- package/lib/esm/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0076-self-admin-role-assignment.test.d.ts +38 -0
- package/lib/esm/tests/api_tests/security/F-0076-self-admin-role-assignment.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0076-self-admin-role-assignment.test.js +218 -0
- package/lib/esm/tests/api_tests/security/F-0076-self-admin-role-assignment.test.js.map +1 -0
- package/lib/esm/tests/api_tests/user_portal_settings.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/user_portal_settings.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/user_portal_settings.test.js +297 -0
- package/lib/esm/tests/api_tests/user_portal_settings.test.js.map +1 -0
- package/lib/esm/tests/tests.d.ts.map +1 -1
- package/lib/esm/tests/tests.js +198 -151
- package/lib/esm/tests/tests.js.map +1 -1
- package/lib/tsconfig.tsbuildinfo +1 -1
- package/package.json +10 -10
- package/src/tests/api_tests/calendar_event_webhook_template.test.ts +204 -0
- package/src/tests/api_tests/enduser_login_rate_limits.test.ts +178 -0
- package/src/tests/api_tests/integrations_redacted.test.ts +8 -0
- package/src/tests/api_tests/push_forms_to_portal_group_completion.test.ts +113 -88
- package/src/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.ts +236 -0
- package/src/tests/api_tests/security/F-0005-ai-conversations-rbac.test.ts +154 -0
- package/src/tests/api_tests/security/F-0007-invite-user-enumeration.test.ts +198 -0
- package/src/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.ts +130 -0
- package/src/tests/api_tests/security/F-0013-sanitize-user-html.test.ts +109 -0
- package/src/tests/api_tests/security/F-0016-prototype-pollution.test.ts +50 -0
- package/src/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.ts +161 -0
- package/src/tests/api_tests/security/F-0076-self-admin-role-assignment.test.ts +165 -0
- package/src/tests/api_tests/user_portal_settings.test.ts +217 -0
- package/src/tests/tests.ts +25 -2
- package/test_generated.pdf +0 -0
|
@@ -35,7 +35,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
35
35
|
}
|
|
36
36
|
};
|
|
37
37
|
require('source-map-support').install();
|
|
38
|
-
import { Session } from "../../sdk";
|
|
38
|
+
import { Session, EnduserSession } from "../../sdk";
|
|
39
39
|
import { log_header, wait, async_test } from "@tellescope/testing";
|
|
40
40
|
import { setup_tests } from "../setup";
|
|
41
41
|
var host = process.env.API_URL || "http://localhost:8080";
|
|
@@ -71,9 +71,9 @@ var pollFor = function (fetchFn, evaluateFn, description, intervalMs, maxIterati
|
|
|
71
71
|
export var push_forms_to_portal_group_completion_tests = function (_a) {
|
|
72
72
|
var sdk = _a.sdk, sdkNonAdmin = _a.sdkNonAdmin;
|
|
73
73
|
return __awaiter(void 0, void 0, void 0, function () {
|
|
74
|
-
var createdEnduserIds, createdJourneyIds, createdFormIds, createdFormGroupIds, createdTriggerIds,
|
|
75
|
-
return __generator(this, function (
|
|
76
|
-
switch (
|
|
74
|
+
var createdEnduserIds, createdJourneyIds, createdFormIds, createdFormGroupIds, createdTriggerIds, formA_1, fieldA_1, formB, fieldB_1, formGroup_1, runFlow, _i, createdTriggerIds_1, id, e_1, _b, createdEnduserIds_1, id, e_2, _c, createdJourneyIds_1, id, e_3, _d, createdFormGroupIds_1, id, e_4, _e, createdFormIds_1, id, e_5;
|
|
75
|
+
return __generator(this, function (_f) {
|
|
76
|
+
switch (_f.label) {
|
|
77
77
|
case 0:
|
|
78
78
|
log_header("Push Forms To Portal - Form Group Completed Trigger Tests");
|
|
79
79
|
createdEnduserIds = [];
|
|
@@ -81,24 +81,24 @@ export var push_forms_to_portal_group_completion_tests = function (_a) {
|
|
|
81
81
|
createdFormIds = [];
|
|
82
82
|
createdFormGroupIds = [];
|
|
83
83
|
createdTriggerIds = [];
|
|
84
|
-
|
|
84
|
+
_f.label = 1;
|
|
85
85
|
case 1:
|
|
86
|
-
|
|
86
|
+
_f.trys.push([1, , 9, 40]);
|
|
87
87
|
return [4 /*yield*/, sdk.api.forms.createOne({ title: 'Push To Portal Form A' })];
|
|
88
88
|
case 2:
|
|
89
|
-
|
|
90
|
-
createdFormIds.push(
|
|
89
|
+
formA_1 = _f.sent();
|
|
90
|
+
createdFormIds.push(formA_1.id);
|
|
91
91
|
return [4 /*yield*/, sdk.api.form_fields.createOne({
|
|
92
|
-
formId:
|
|
92
|
+
formId: formA_1.id,
|
|
93
93
|
type: 'string',
|
|
94
94
|
title: 'FieldA',
|
|
95
95
|
previousFields: [{ type: 'root', info: {} }],
|
|
96
96
|
})];
|
|
97
97
|
case 3:
|
|
98
|
-
|
|
98
|
+
fieldA_1 = _f.sent();
|
|
99
99
|
return [4 /*yield*/, sdk.api.forms.createOne({ title: 'Push To Portal Form B' })];
|
|
100
100
|
case 4:
|
|
101
|
-
formB =
|
|
101
|
+
formB = _f.sent();
|
|
102
102
|
createdFormIds.push(formB.id);
|
|
103
103
|
return [4 /*yield*/, sdk.api.form_fields.createOne({
|
|
104
104
|
formId: formB.id,
|
|
@@ -106,232 +106,268 @@ export var push_forms_to_portal_group_completion_tests = function (_a) {
|
|
|
106
106
|
title: 'FieldB',
|
|
107
107
|
previousFields: [{ type: 'root', info: {} }],
|
|
108
108
|
})
|
|
109
|
-
// 2. Create a form group containing both forms
|
|
109
|
+
// 2. Create a form group containing both forms (shared across both submission flows)
|
|
110
110
|
];
|
|
111
111
|
case 5:
|
|
112
|
-
|
|
112
|
+
fieldB_1 = _f.sent();
|
|
113
113
|
return [4 /*yield*/, sdk.api.form_groups.createOne({
|
|
114
114
|
title: 'Push To Portal Test Group',
|
|
115
|
-
formIds: [
|
|
115
|
+
formIds: [formA_1.id, formB.id],
|
|
116
116
|
})];
|
|
117
117
|
case 6:
|
|
118
|
-
|
|
119
|
-
createdFormGroupIds.push(
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
118
|
+
formGroup_1 = _f.sent();
|
|
119
|
+
createdFormGroupIds.push(formGroup_1.id);
|
|
120
|
+
runFlow = function (_a) {
|
|
121
|
+
var label = _a.label, tag = _a.tag, submitAsEnduser = _a.submitAsEnduser;
|
|
122
|
+
return __awaiter(void 0, void 0, void 0, function () {
|
|
123
|
+
var trigger, journey, pushStep, enduser, pushedResponses, _i, pushedResponses_1, fr, submitterApi, authToken, enduserSDK, _b, pushedResponses_2, fr, isFormA, targetFieldId, targetFieldTitle;
|
|
124
|
+
return __generator(this, function (_c) {
|
|
125
|
+
switch (_c.label) {
|
|
126
|
+
case 0: return [4 /*yield*/, sdk.api.automation_triggers.createOne({
|
|
127
|
+
event: { type: 'Form Group Completed', info: { groupId: formGroup_1.id } },
|
|
128
|
+
action: { type: 'Add Tags', info: { tags: [tag] } },
|
|
129
|
+
status: 'Active',
|
|
130
|
+
title: "Form Group Completed - Push to Portal (".concat(label, ")"),
|
|
131
|
+
})];
|
|
132
|
+
case 1:
|
|
133
|
+
trigger = _c.sent();
|
|
134
|
+
createdTriggerIds.push(trigger.id);
|
|
135
|
+
return [4 /*yield*/, sdk.api.journeys.createOne({
|
|
136
|
+
title: "Push To Portal Trigger Journey (".concat(label, ")"),
|
|
137
|
+
})];
|
|
138
|
+
case 2:
|
|
139
|
+
journey = _c.sent();
|
|
140
|
+
createdJourneyIds.push(journey.id);
|
|
141
|
+
return [4 /*yield*/, sdk.api.automation_steps.createOne({
|
|
142
|
+
journeyId: journey.id,
|
|
143
|
+
action: { type: 'pushFormsToPortal', info: { formGroupIds: [formGroup_1.id] } },
|
|
144
|
+
events: [{ type: 'onJourneyStart', info: {} }],
|
|
145
|
+
})];
|
|
146
|
+
case 3:
|
|
147
|
+
pushStep = _c.sent();
|
|
148
|
+
return [4 /*yield*/, sdk.api.endusers.createOne({ fname: 'PushPortal', lname: label })];
|
|
149
|
+
case 4:
|
|
150
|
+
enduser = _c.sent();
|
|
151
|
+
createdEnduserIds.push(enduser.id);
|
|
152
|
+
return [4 /*yield*/, sdk.api.endusers.add_to_journey({
|
|
153
|
+
enduserIds: [enduser.id],
|
|
154
|
+
journeyId: journey.id,
|
|
155
|
+
})];
|
|
156
|
+
case 5:
|
|
157
|
+
_c.sent();
|
|
158
|
+
return [4 /*yield*/, pollFor(function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
159
|
+
var responses, pushed;
|
|
160
|
+
return __generator(this, function (_a) {
|
|
161
|
+
switch (_a.label) {
|
|
162
|
+
case 0: return [4 /*yield*/, sdk.api.form_responses.getSome({
|
|
163
|
+
filter: { enduserId: enduser.id },
|
|
164
|
+
})];
|
|
165
|
+
case 1:
|
|
166
|
+
responses = _a.sent();
|
|
167
|
+
pushed = responses.filter(function (r) { return !!r.pushedToPortalAt; });
|
|
168
|
+
return [2 /*return*/, pushed.length >= 2 ? pushed : undefined];
|
|
169
|
+
}
|
|
170
|
+
});
|
|
171
|
+
}); }, function (result) { return Array.isArray(result) && result.length >= 2; }, "pushed-to-portal form_responses to be created by worker (".concat(label, ")"), 500, 40)];
|
|
172
|
+
case 6:
|
|
173
|
+
pushedResponses = _c.sent();
|
|
174
|
+
for (_i = 0, pushedResponses_1 = pushedResponses; _i < pushedResponses_1.length; _i++) {
|
|
175
|
+
fr = pushedResponses_1[_i];
|
|
176
|
+
if (!fr.pushedToPortalAt) {
|
|
177
|
+
throw new Error("Expected pushedToPortalAt to be set on form_response ".concat(fr.id, " (").concat(label, ")"));
|
|
178
|
+
}
|
|
179
|
+
if (fr.groupId !== pushStep.id) {
|
|
180
|
+
throw new Error("Expected form_response.groupId (".concat(fr.groupId, ") to equal automation step id (").concat(pushStep.id, ") (").concat(label, ")"));
|
|
181
|
+
}
|
|
182
|
+
if (fr.automationStepId !== pushStep.id) {
|
|
183
|
+
throw new Error("Expected form_response.automationStepId (".concat(fr.automationStepId, ") to equal automation step id (").concat(pushStep.id, ") (").concat(label, ")"));
|
|
184
|
+
}
|
|
185
|
+
}
|
|
186
|
+
return [4 /*yield*/, async_test("Worker writes groupId === automationStepId and pushedToPortalAt set (".concat(label, ")"), function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
187
|
+
return [2 /*return*/, true];
|
|
188
|
+
}); }); }, { onResult: function (r) { return r === true; } })
|
|
189
|
+
// Build the submitter session
|
|
190
|
+
];
|
|
191
|
+
case 7:
|
|
192
|
+
_c.sent();
|
|
193
|
+
if (!submitAsEnduser) return [3 /*break*/, 9];
|
|
194
|
+
return [4 /*yield*/, sdk.api.endusers.generate_auth_token({ id: enduser.id })];
|
|
195
|
+
case 8:
|
|
196
|
+
authToken = (_c.sent()).authToken;
|
|
197
|
+
enduserSDK = new EnduserSession({ host: host, authToken: authToken, businessId: sdk.userInfo.businessId });
|
|
198
|
+
submitterApi = enduserSDK.api;
|
|
199
|
+
return [3 /*break*/, 10];
|
|
200
|
+
case 9:
|
|
201
|
+
submitterApi = sdk.api;
|
|
202
|
+
_c.label = 10;
|
|
203
|
+
case 10:
|
|
204
|
+
_b = 0, pushedResponses_2 = pushedResponses;
|
|
205
|
+
_c.label = 11;
|
|
206
|
+
case 11:
|
|
207
|
+
if (!(_b < pushedResponses_2.length)) return [3 /*break*/, 14];
|
|
208
|
+
fr = pushedResponses_2[_b];
|
|
209
|
+
isFormA = fr.formId === formA_1.id;
|
|
210
|
+
targetFieldId = isFormA ? fieldA_1.id : fieldB_1.id;
|
|
211
|
+
targetFieldTitle = isFormA ? 'FieldA' : 'FieldB';
|
|
212
|
+
return [4 /*yield*/, submitterApi.form_responses.submit_form_response({
|
|
213
|
+
accessCode: fr.accessCode,
|
|
214
|
+
responses: [{
|
|
215
|
+
fieldId: targetFieldId,
|
|
216
|
+
fieldTitle: targetFieldTitle,
|
|
217
|
+
answer: { type: 'string', value: 'pushed-portal-answer' },
|
|
218
|
+
}],
|
|
219
|
+
})];
|
|
220
|
+
case 12:
|
|
221
|
+
_c.sent();
|
|
222
|
+
_c.label = 13;
|
|
223
|
+
case 13:
|
|
224
|
+
_b++;
|
|
225
|
+
return [3 /*break*/, 11];
|
|
226
|
+
case 14: return [4 /*yield*/, pollFor(function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
227
|
+
var e;
|
|
228
|
+
var _a;
|
|
229
|
+
return __generator(this, function (_b) {
|
|
230
|
+
switch (_b.label) {
|
|
231
|
+
case 0: return [4 /*yield*/, sdk.api.endusers.getOne(enduser.id)];
|
|
232
|
+
case 1:
|
|
233
|
+
e = _b.sent();
|
|
234
|
+
return [2 /*return*/, ((_a = e.tags) === null || _a === void 0 ? void 0 : _a.includes(tag)) ? e : undefined];
|
|
235
|
+
}
|
|
236
|
+
});
|
|
237
|
+
}); }, function (result) { return !!result; }, "Form Group Completed trigger to apply tag after push-to-portal submissions (".concat(label, ")"), 500, 30)];
|
|
238
|
+
case 15:
|
|
239
|
+
_c.sent();
|
|
240
|
+
return [4 /*yield*/, async_test("Form Group Completed trigger fires for push-to-portal completion (".concat(label, ")"), function () { return sdk.api.endusers.getOne(enduser.id); }, { onResult: function (e) { var _a; return !!((_a = e.tags) === null || _a === void 0 ? void 0 : _a.includes(tag)); } })];
|
|
241
|
+
case 16:
|
|
242
|
+
_c.sent();
|
|
243
|
+
return [2 /*return*/];
|
|
244
|
+
}
|
|
245
|
+
});
|
|
246
|
+
});
|
|
247
|
+
};
|
|
248
|
+
// Admin submitter: simulates a staff user filling in the form on behalf of the patient
|
|
249
|
+
// (uses a user-scoped DB in submit_form_response).
|
|
250
|
+
return [4 /*yield*/, runFlow({
|
|
251
|
+
label: 'admin-submit',
|
|
252
|
+
tag: 'form-group-completed-push-admin',
|
|
253
|
+
submitAsEnduser: false,
|
|
254
|
+
})
|
|
255
|
+
// Enduser submitter: simulates the patient submitting via the portal
|
|
256
|
+
// (uses an enduser-scoped DB in submit_form_response — exercises the path QA caught).
|
|
257
|
+
];
|
|
126
258
|
case 7:
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
259
|
+
// Admin submitter: simulates a staff user filling in the form on behalf of the patient
|
|
260
|
+
// (uses a user-scoped DB in submit_form_response).
|
|
261
|
+
_f.sent();
|
|
262
|
+
// Enduser submitter: simulates the patient submitting via the portal
|
|
263
|
+
// (uses an enduser-scoped DB in submit_form_response — exercises the path QA caught).
|
|
264
|
+
return [4 /*yield*/, runFlow({
|
|
265
|
+
label: 'enduser-submit',
|
|
266
|
+
tag: 'form-group-completed-push-enduser',
|
|
267
|
+
submitAsEnduser: true,
|
|
131
268
|
})];
|
|
132
269
|
case 8:
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
action: { type: 'pushFormsToPortal', info: { formGroupIds: [formGroup.id] } },
|
|
138
|
-
events: [{ type: 'onJourneyStart', info: {} }],
|
|
139
|
-
})
|
|
140
|
-
// 5. Create enduser and add to journey
|
|
141
|
-
];
|
|
270
|
+
// Enduser submitter: simulates the patient submitting via the portal
|
|
271
|
+
// (uses an enduser-scoped DB in submit_form_response — exercises the path QA caught).
|
|
272
|
+
_f.sent();
|
|
273
|
+
return [3 /*break*/, 40];
|
|
142
274
|
case 9:
|
|
143
|
-
|
|
144
|
-
|
|
275
|
+
_i = 0, createdTriggerIds_1 = createdTriggerIds;
|
|
276
|
+
_f.label = 10;
|
|
145
277
|
case 10:
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
enduserIds: [enduser_1.id],
|
|
150
|
-
journeyId: journey.id,
|
|
151
|
-
})
|
|
152
|
-
// 6. Poll for the worker to create the push-to-portal form_responses
|
|
153
|
-
];
|
|
278
|
+
if (!(_i < createdTriggerIds_1.length)) return [3 /*break*/, 15];
|
|
279
|
+
id = createdTriggerIds_1[_i];
|
|
280
|
+
_f.label = 11;
|
|
154
281
|
case 11:
|
|
155
|
-
|
|
156
|
-
return [4 /*yield*/,
|
|
157
|
-
var responses, pushed;
|
|
158
|
-
return __generator(this, function (_a) {
|
|
159
|
-
switch (_a.label) {
|
|
160
|
-
case 0: return [4 /*yield*/, sdk.api.form_responses.getSome({
|
|
161
|
-
filter: { enduserId: enduser_1.id },
|
|
162
|
-
})];
|
|
163
|
-
case 1:
|
|
164
|
-
responses = _a.sent();
|
|
165
|
-
pushed = responses.filter(function (r) { return !!r.pushedToPortalAt; });
|
|
166
|
-
return [2 /*return*/, pushed.length >= 2 ? pushed : undefined];
|
|
167
|
-
}
|
|
168
|
-
});
|
|
169
|
-
}); }, function (result) { return Array.isArray(result) && result.length >= 2; }, 'pushed-to-portal form_responses to be created by worker', 500, 40)
|
|
170
|
-
// 7. Assert worker behavior: groupId === automationStepId and pushedToPortalAt is set
|
|
171
|
-
];
|
|
282
|
+
_f.trys.push([11, 13, , 14]);
|
|
283
|
+
return [4 /*yield*/, sdk.api.automation_triggers.deleteOne(id)];
|
|
172
284
|
case 12:
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
for (_i = 0, pushedResponses_1 = pushedResponses; _i < pushedResponses_1.length; _i++) {
|
|
176
|
-
fr = pushedResponses_1[_i];
|
|
177
|
-
if (!fr.pushedToPortalAt) {
|
|
178
|
-
throw new Error("Expected pushedToPortalAt to be set on form_response ".concat(fr.id));
|
|
179
|
-
}
|
|
180
|
-
if (fr.groupId !== pushStep.id) {
|
|
181
|
-
throw new Error("Expected form_response.groupId (".concat(fr.groupId, ") to equal automation step id (").concat(pushStep.id, ")"));
|
|
182
|
-
}
|
|
183
|
-
if (fr.automationStepId !== pushStep.id) {
|
|
184
|
-
throw new Error("Expected form_response.automationStepId (".concat(fr.automationStepId, ") to equal automation step id (").concat(pushStep.id, ")"));
|
|
185
|
-
}
|
|
186
|
-
}
|
|
187
|
-
return [4 /*yield*/, async_test("Worker writes groupId === automationStepId and pushedToPortalAt set", function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
188
|
-
return [2 /*return*/, true];
|
|
189
|
-
}); }); }, { onResult: function (r) { return r === true; } })
|
|
190
|
-
// 8. Submit every form_response on behalf of the enduser
|
|
191
|
-
// Identify which form_response corresponds to formA / formB via formId
|
|
192
|
-
];
|
|
285
|
+
_f.sent();
|
|
286
|
+
return [3 /*break*/, 14];
|
|
193
287
|
case 13:
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
_h.label = 14;
|
|
288
|
+
e_1 = _f.sent();
|
|
289
|
+
return [3 /*break*/, 14];
|
|
197
290
|
case 14:
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
isFormA = fr.formId === formA.id;
|
|
201
|
-
targetFieldId = isFormA ? fieldA.id : fieldB.id;
|
|
202
|
-
targetFieldTitle = isFormA ? 'FieldA' : 'FieldB';
|
|
203
|
-
return [4 /*yield*/, sdk.api.form_responses.submit_form_response({
|
|
204
|
-
accessCode: fr.accessCode,
|
|
205
|
-
responses: [{
|
|
206
|
-
fieldId: targetFieldId,
|
|
207
|
-
fieldTitle: targetFieldTitle,
|
|
208
|
-
answer: { type: 'string', value: 'pushed-portal-answer' },
|
|
209
|
-
}],
|
|
210
|
-
})];
|
|
291
|
+
_i++;
|
|
292
|
+
return [3 /*break*/, 10];
|
|
211
293
|
case 15:
|
|
212
|
-
|
|
213
|
-
|
|
294
|
+
_b = 0, createdEnduserIds_1 = createdEnduserIds;
|
|
295
|
+
_f.label = 16;
|
|
214
296
|
case 16:
|
|
215
|
-
_b
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
var _a;
|
|
222
|
-
return __generator(this, function (_b) {
|
|
223
|
-
switch (_b.label) {
|
|
224
|
-
case 0: return [4 /*yield*/, sdk.api.endusers.getOne(enduser_1.id)];
|
|
225
|
-
case 1:
|
|
226
|
-
e = _b.sent();
|
|
227
|
-
return [2 /*return*/, ((_a = e.tags) === null || _a === void 0 ? void 0 : _a.includes('form-group-completed-push')) ? e : undefined];
|
|
228
|
-
}
|
|
229
|
-
});
|
|
230
|
-
}); }, function (result) { return !!result; }, 'Form Group Completed trigger to apply tag after push-to-portal submissions', 500, 30)];
|
|
297
|
+
if (!(_b < createdEnduserIds_1.length)) return [3 /*break*/, 21];
|
|
298
|
+
id = createdEnduserIds_1[_b];
|
|
299
|
+
_f.label = 17;
|
|
300
|
+
case 17:
|
|
301
|
+
_f.trys.push([17, 19, , 20]);
|
|
302
|
+
return [4 /*yield*/, sdk.api.endusers.deleteOne(id)];
|
|
231
303
|
case 18:
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
return [4 /*yield*/, async_test("Form Group Completed trigger fires for push-to-portal completion", function () { return sdk.api.endusers.getOne(enduser_1.id); }, { onResult: function (e) { var _a; return !!((_a = e.tags) === null || _a === void 0 ? void 0 : _a.includes('form-group-completed-push')); } })];
|
|
304
|
+
_f.sent();
|
|
305
|
+
return [3 /*break*/, 20];
|
|
235
306
|
case 19:
|
|
236
|
-
|
|
237
|
-
return [3 /*break*/,
|
|
307
|
+
e_2 = _f.sent();
|
|
308
|
+
return [3 /*break*/, 20];
|
|
238
309
|
case 20:
|
|
239
|
-
|
|
240
|
-
|
|
310
|
+
_b++;
|
|
311
|
+
return [3 /*break*/, 16];
|
|
241
312
|
case 21:
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
_h.label = 22;
|
|
313
|
+
_c = 0, createdJourneyIds_1 = createdJourneyIds;
|
|
314
|
+
_f.label = 22;
|
|
245
315
|
case 22:
|
|
246
|
-
|
|
247
|
-
|
|
316
|
+
if (!(_c < createdJourneyIds_1.length)) return [3 /*break*/, 27];
|
|
317
|
+
id = createdJourneyIds_1[_c];
|
|
318
|
+
_f.label = 23;
|
|
248
319
|
case 23:
|
|
249
|
-
|
|
250
|
-
return [
|
|
320
|
+
_f.trys.push([23, 25, , 26]);
|
|
321
|
+
return [4 /*yield*/, sdk.api.journeys.deleteOne(id)];
|
|
251
322
|
case 24:
|
|
252
|
-
|
|
253
|
-
return [3 /*break*/,
|
|
323
|
+
_f.sent();
|
|
324
|
+
return [3 /*break*/, 26];
|
|
254
325
|
case 25:
|
|
255
|
-
|
|
256
|
-
return [3 /*break*/,
|
|
326
|
+
e_3 = _f.sent();
|
|
327
|
+
return [3 /*break*/, 26];
|
|
257
328
|
case 26:
|
|
258
|
-
|
|
259
|
-
|
|
329
|
+
_c++;
|
|
330
|
+
return [3 /*break*/, 22];
|
|
260
331
|
case 27:
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
_h.label = 28;
|
|
332
|
+
_d = 0, createdFormGroupIds_1 = createdFormGroupIds;
|
|
333
|
+
_f.label = 28;
|
|
264
334
|
case 28:
|
|
265
|
-
|
|
266
|
-
|
|
335
|
+
if (!(_d < createdFormGroupIds_1.length)) return [3 /*break*/, 33];
|
|
336
|
+
id = createdFormGroupIds_1[_d];
|
|
337
|
+
_f.label = 29;
|
|
267
338
|
case 29:
|
|
268
|
-
|
|
269
|
-
return [
|
|
339
|
+
_f.trys.push([29, 31, , 32]);
|
|
340
|
+
return [4 /*yield*/, sdk.api.form_groups.deleteOne(id)];
|
|
270
341
|
case 30:
|
|
271
|
-
|
|
272
|
-
return [3 /*break*/,
|
|
342
|
+
_f.sent();
|
|
343
|
+
return [3 /*break*/, 32];
|
|
273
344
|
case 31:
|
|
274
|
-
|
|
275
|
-
return [3 /*break*/,
|
|
345
|
+
e_4 = _f.sent();
|
|
346
|
+
return [3 /*break*/, 32];
|
|
276
347
|
case 32:
|
|
277
|
-
|
|
278
|
-
|
|
348
|
+
_d++;
|
|
349
|
+
return [3 /*break*/, 28];
|
|
279
350
|
case 33:
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
_h.label = 34;
|
|
351
|
+
_e = 0, createdFormIds_1 = createdFormIds;
|
|
352
|
+
_f.label = 34;
|
|
283
353
|
case 34:
|
|
284
|
-
|
|
285
|
-
|
|
354
|
+
if (!(_e < createdFormIds_1.length)) return [3 /*break*/, 39];
|
|
355
|
+
id = createdFormIds_1[_e];
|
|
356
|
+
_f.label = 35;
|
|
286
357
|
case 35:
|
|
287
|
-
|
|
288
|
-
return [
|
|
358
|
+
_f.trys.push([35, 37, , 38]);
|
|
359
|
+
return [4 /*yield*/, sdk.api.forms.deleteOne(id)];
|
|
289
360
|
case 36:
|
|
290
|
-
|
|
291
|
-
return [3 /*break*/,
|
|
361
|
+
_f.sent();
|
|
362
|
+
return [3 /*break*/, 38];
|
|
292
363
|
case 37:
|
|
293
|
-
|
|
294
|
-
return [3 /*break*/,
|
|
364
|
+
e_5 = _f.sent();
|
|
365
|
+
return [3 /*break*/, 38];
|
|
295
366
|
case 38:
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
case 39:
|
|
299
|
-
|
|
300
|
-
id = createdFormGroupIds_1[_f];
|
|
301
|
-
_h.label = 40;
|
|
302
|
-
case 40:
|
|
303
|
-
_h.trys.push([40, 42, , 43]);
|
|
304
|
-
return [4 /*yield*/, sdk.api.form_groups.deleteOne(id)];
|
|
305
|
-
case 41:
|
|
306
|
-
_h.sent();
|
|
307
|
-
return [3 /*break*/, 43];
|
|
308
|
-
case 42:
|
|
309
|
-
e_4 = _h.sent();
|
|
310
|
-
return [3 /*break*/, 43];
|
|
311
|
-
case 43:
|
|
312
|
-
_f++;
|
|
313
|
-
return [3 /*break*/, 39];
|
|
314
|
-
case 44:
|
|
315
|
-
_g = 0, createdFormIds_1 = createdFormIds;
|
|
316
|
-
_h.label = 45;
|
|
317
|
-
case 45:
|
|
318
|
-
if (!(_g < createdFormIds_1.length)) return [3 /*break*/, 50];
|
|
319
|
-
id = createdFormIds_1[_g];
|
|
320
|
-
_h.label = 46;
|
|
321
|
-
case 46:
|
|
322
|
-
_h.trys.push([46, 48, , 49]);
|
|
323
|
-
return [4 /*yield*/, sdk.api.forms.deleteOne(id)];
|
|
324
|
-
case 47:
|
|
325
|
-
_h.sent();
|
|
326
|
-
return [3 /*break*/, 49];
|
|
327
|
-
case 48:
|
|
328
|
-
e_5 = _h.sent();
|
|
329
|
-
return [3 /*break*/, 49];
|
|
330
|
-
case 49:
|
|
331
|
-
_g++;
|
|
332
|
-
return [3 /*break*/, 45];
|
|
333
|
-
case 50: return [7 /*endfinally*/];
|
|
334
|
-
case 51: return [2 /*return*/];
|
|
367
|
+
_e++;
|
|
368
|
+
return [3 /*break*/, 34];
|
|
369
|
+
case 39: return [7 /*endfinally*/];
|
|
370
|
+
case 40: return [2 /*return*/];
|
|
335
371
|
}
|
|
336
372
|
});
|
|
337
373
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"push_forms_to_portal_group_completion.test.js","sourceRoot":"","sources":["../../../../src/tests/api_tests/push_forms_to_portal_group_completion.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,CAAC,oBAAoB,CAAC,CAAC,OAAO,EAAE,CAAC;AAExC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;
|
|
1
|
+
{"version":3,"file":"push_forms_to_portal_group_completion.test.js","sourceRoot":"","sources":["../../../../src/tests/api_tests/push_forms_to_portal_group_completion.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,CAAC,oBAAoB,CAAC,CAAC,OAAO,EAAE,CAAC;AAExC,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAA;AACnD,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAElE,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAA;AAEtC,IAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,uBAAuB,CAAA;AAE3D,IAAM,OAAO,GAAG,UACd,OAAqC,EACrC,UAAkD,EAClD,WAAmB,EACnB,UAAgB,EAChB,aAAkB;IADlB,2BAAA,EAAA,gBAAgB;IAChB,8BAAA,EAAA,kBAAkB;;;;;;oBAGT,CAAC,GAAG,CAAC;;;yBAAE,CAAA,CAAC,GAAG,aAAa,CAAA;oBAC/B,qBAAM,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC,EAAA;;oBAAjC,SAAiC,CAAA;oBACpB,qBAAM,OAAO,EAAE,EAAA;;oBAA5B,UAAU,GAAG,SAAe,CAAA;oBAC5B,IAAI,UAAU,CAAC,UAAU,CAAC;wBAAE,sBAAO,UAAU,EAAA;;;oBAHZ,CAAC,EAAE,CAAA;;wBAKtC,MAAM,IAAI,KAAK,CAAC,2BAAoB,WAAW,uBAAa,aAAa,GAAG,UAAU,OAAI,CAAC,CAAA;;;;CAC5F,CAAA;AAED,MAAM,CAAC,IAAM,2CAA2C,GAAG,UAAO,EAA6D;QAA3D,GAAG,SAAA,EAAE,WAAW,iBAAA;;;;;;oBAClF,UAAU,CAAC,2DAA2D,CAAC,CAAA;oBAEjE,iBAAiB,GAAa,EAAE,CAAA;oBAChC,iBAAiB,GAAa,EAAE,CAAA;oBAChC,cAAc,GAAa,EAAE,CAAA;oBAC7B,mBAAmB,GAAa,EAAE,CAAA;oBAClC,iBAAiB,GAAa,EAAE,CAAA;;;;oBAItB,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,EAAA;;oBAAzE,UAAQ,SAAiE;oBAC/E,cAAc,CAAC,IAAI,CAAC,OAAK,CAAC,EAAE,CAAC,CAAA;oBACd,qBAAM,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC;4BACjD,MAAM,EAAE,OAAK,CAAC,EAAE;4BAChB,IAAI,EAAE,QAAQ;4BACd,KAAK,EAAE,QAAQ;4BACf,cAAc,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;yBAC7C,CAAC,EAAA;;oBALI,WAAS,SAKb;oBAEY,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,EAAA;;oBAAzE,KAAK,GAAG,SAAiE;oBAC/E,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;oBACd,qBAAM,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC;4BACjD,MAAM,EAAE,KAAK,CAAC,EAAE;4BAChB,IAAI,EAAE,QAAQ;4BACd,KAAK,EAAE,QAAQ;4BACf,cAAc,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;yBAC7C,CAAC;wBAEF,qFAAqF;sBAFnF;;oBALI,WAAS,SAKb;oBAGgB,qBAAM,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC;4BACpD,KAAK,EAAE,2BAA2B;4BAClC,OAAO,EAAE,CAAC,OAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,CAAC;yBAC9B,CAAC,EAAA;;oBAHI,cAAY,SAGhB;oBACF,mBAAmB,CAAC,IAAI,CAAC,WAAS,CAAC,EAAE,CAAC,CAAA;oBAOhC,OAAO,GAAG,UAAO,EAA0F;4BAAxF,KAAK,WAAA,EAAE,GAAG,SAAA,EAAE,eAAe,qBAAA;;;;;4CAClC,qBAAM,GAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,SAAS,CAAC;4CAC1D,KAAK,EAAE,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,WAAS,CAAC,EAAE,EAAE,EAAE;4CACxE,MAAM,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE;4CACnD,MAAM,EAAE,QAAQ;4CAChB,KAAK,EAAE,iDAA0C,KAAK,MAAG;yCAC1D,CAAC,EAAA;;wCALI,OAAO,GAAG,SAKd;wCACF,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;wCAElB,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;gDAC/C,KAAK,EAAE,0CAAmC,KAAK,MAAG;6CACnD,CAAC,EAAA;;wCAFI,OAAO,GAAG,SAEd;wCACF,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;wCAEjB,qBAAM,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,SAAS,CAAC;gDACxD,SAAS,EAAE,OAAO,CAAC,EAAE;gDACrB,MAAM,EAAE,EAAE,IAAI,EAAE,mBAAmB,EAAE,IAAI,EAAE,EAAE,YAAY,EAAE,CAAC,WAAS,CAAC,EAAE,CAAC,EAAE,EAAE;gDAC7E,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;6CAC/C,CAAC,EAAA;;wCAJI,QAAQ,GAAG,SAIf;wCAEc,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAA;;wCAAjF,OAAO,GAAG,SAAuE;wCACvF,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;wCAElC,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC;gDACpC,UAAU,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gDACxB,SAAS,EAAE,OAAO,CAAC,EAAE;6CACtB,CAAC,EAAA;;wCAHF,SAGE,CAAA;wCAEsB,qBAAM,OAAO,CACnC;;;;gEACoB,qBAAM,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,OAAO,CAAC;gEACrD,MAAM,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE;6DAClC,CAAC,EAAA;;4DAFI,SAAS,GAAG,SAEhB;4DACI,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,UAAA,CAAC,IAAI,OAAA,CAAC,CAAC,CAAC,CAAC,gBAAgB,EAApB,CAAoB,CAAC,CAAA;4DAC1D,sBAAO,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,EAAA;;;iDAC/C,EACD,UAAC,MAAM,IAAsB,OAAA,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,EAA3C,CAA2C,EACxE,mEAA4D,KAAK,MAAG,EACpE,GAAG,EACH,EAAE,CACH,EAAA;;wCAZK,eAAe,GAAG,SAYvB;wCAED,WAAgC,EAAf,mCAAe,EAAf,6BAAe,EAAf,IAAe,EAAE;4CAAvB,EAAE;4CACX,IAAI,CAAC,EAAE,CAAC,gBAAgB,EAAE;gDACxB,MAAM,IAAI,KAAK,CAAC,+DAAwD,EAAE,CAAC,EAAE,eAAK,KAAK,MAAG,CAAC,CAAA;6CAC5F;4CACD,IAAI,EAAE,CAAC,OAAO,KAAK,QAAQ,CAAC,EAAE,EAAE;gDAC9B,MAAM,IAAI,KAAK,CAAC,0CAAmC,EAAE,CAAC,OAAO,4CAAkC,QAAQ,CAAC,EAAE,gBAAM,KAAK,MAAG,CAAC,CAAA;6CAC1H;4CACD,IAAI,EAAE,CAAC,gBAAgB,KAAK,QAAQ,CAAC,EAAE,EAAE;gDACvC,MAAM,IAAI,KAAK,CAAC,mDAA4C,EAAE,CAAC,gBAAgB,4CAAkC,QAAQ,CAAC,EAAE,gBAAM,KAAK,MAAG,CAAC,CAAA;6CAC5I;yCACF;wCAED,qBAAM,UAAU,CACd,+EAAwE,KAAK,MAAG,EAChF;gDAAY,sBAAA,IAAI,EAAA;qDAAA,EAChB,EAAE,QAAQ,EAAE,UAAA,CAAC,IAAI,OAAA,CAAC,KAAK,IAAI,EAAV,CAAU,EAAE,CAC9B;4CAED,8BAA8B;0CAF7B;;wCAJD,SAIC,CAAA;6CAIG,eAAe,EAAf,wBAAe;wCACK,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,EAAA;;wCAA5E,SAAS,GAAK,CAAA,SAA8D,CAAA,UAAnE;wCACX,UAAU,GAAG,IAAI,cAAc,CAAC,EAAE,IAAI,MAAA,EAAE,SAAS,WAAA,EAAE,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAA;wCAC/F,YAAY,GAAG,UAAU,CAAC,GAAG,CAAA;;;wCAE7B,YAAY,GAAG,GAAG,CAAC,GAAG,CAAA;;;8CAGQ,EAAf,mCAAe;;;6CAAf,CAAA,6BAAe,CAAA;wCAArB,EAAE;wCACL,OAAO,GAAG,EAAE,CAAC,MAAM,KAAK,OAAK,CAAC,EAAE,CAAA;wCAChC,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,QAAM,CAAC,EAAE,CAAC,CAAC,CAAC,QAAM,CAAC,EAAE,CAAA;wCAC/C,gBAAgB,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAA;wCACtD,qBAAM,YAAY,CAAC,cAAc,CAAC,oBAAoB,CAAC;gDACrD,UAAU,EAAE,EAAE,CAAC,UAAoB;gDACnC,SAAS,EAAE,CAAC;wDACV,OAAO,EAAE,aAAa;wDACtB,UAAU,EAAE,gBAAgB;wDAC5B,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,sBAAsB,EAAE;qDAC1D,CAAC;6CACH,CAAC,EAAA;;wCAPF,SAOE,CAAA;;;wCAXa,IAAe,CAAA;;6CAchC,qBAAM,OAAO,CACX;;;;;4DACY,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,EAAA;;wDAA7C,CAAC,GAAG,SAAyC;wDACnD,sBAAO,CAAA,MAAA,CAAC,CAAC,IAAI,0CAAE,QAAQ,CAAC,GAAG,CAAC,EAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,EAAA;;;6CAC7C,EACD,UAAC,MAAM,IAAwB,OAAA,CAAC,CAAC,MAAM,EAAR,CAAQ,EACvC,sFAA+E,KAAK,MAAG,EACvF,GAAG,EACH,EAAE,CACH,EAAA;;wCATD,SASC,CAAA;wCAED,qBAAM,UAAU,CACd,4EAAqE,KAAK,MAAG,EAC7E,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,EAAnC,CAAmC,EACzC,EAAE,QAAQ,EAAE,UAAC,CAAU,YAAK,OAAA,CAAC,CAAC,CAAA,MAAA,CAAC,CAAC,IAAI,0CAAE,QAAQ,CAAC,GAAG,CAAC,CAAA,CAAA,EAAA,EAAE,CACtD,EAAA;;wCAJD,SAIC,CAAA;;;;;qBACF,CAAA;oBAED,uFAAuF;oBACvF,mDAAmD;oBACnD,qBAAM,OAAO,CAAC;4BACZ,KAAK,EAAE,cAAc;4BACrB,GAAG,EAAE,iCAAiC;4BACtC,eAAe,EAAE,KAAK;yBACvB,CAAC;wBAEF,qEAAqE;wBACrE,sFAAsF;sBAHpF;;oBANF,uFAAuF;oBACvF,mDAAmD;oBACnD,SAIE,CAAA;oBAEF,qEAAqE;oBACrE,sFAAsF;oBACtF,qBAAM,OAAO,CAAC;4BACZ,KAAK,EAAE,gBAAgB;4BACvB,GAAG,EAAE,mCAAmC;4BACxC,eAAe,EAAE,IAAI;yBACtB,CAAC,EAAA;;oBANF,qEAAqE;oBACrE,sFAAsF;oBACtF,SAIE,CAAA;;;0BAGgC,EAAjB,uCAAiB;;;yBAAjB,CAAA,+BAAiB,CAAA;oBAAvB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAA/C,SAA+C,CAAA;;;;;;oBADtC,IAAiB,CAAA;;;0BAGA,EAAjB,uCAAiB;;;yBAAjB,CAAA,+BAAiB,CAAA;oBAAvB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAApC,SAAoC,CAAA;;;;;;oBAD3B,IAAiB,CAAA;;;0BAGA,EAAjB,uCAAiB;;;yBAAjB,CAAA,+BAAiB,CAAA;oBAAvB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAApC,SAAoC,CAAA;;;;;;oBAD3B,IAAiB,CAAA;;;0BAGE,EAAnB,2CAAmB;;;yBAAnB,CAAA,iCAAmB,CAAA;oBAAzB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAAvC,SAAuC,CAAA;;;;;;oBAD9B,IAAmB,CAAA;;;0BAGL,EAAd,iCAAc;;;yBAAd,CAAA,4BAAc,CAAA;oBAApB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAAjC,SAAiC,CAAA;;;;;;oBADxB,IAAc,CAAA;;;;;;;CAIlC,CAAA;AAED,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE;IAC3B,OAAO,CAAC,GAAG,CAAC,sCAAqB,IAAI,CAAE,CAAC,CAAA;IACxC,IAAM,KAAG,GAAG,IAAI,OAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IACjC,IAAM,aAAW,GAAG,IAAI,OAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IAEzC,IAAM,QAAQ,GAAG;;;wBACf,qBAAM,WAAW,CAAC,KAAG,EAAE,aAAW,CAAC,EAAA;;oBAAnC,SAAmC,CAAA;oBACnC,qBAAM,2CAA2C,CAAC,EAAE,GAAG,OAAA,EAAE,WAAW,eAAA,EAAE,CAAC,EAAA;;oBAAvE,SAAuE,CAAA;;;;SACxE,CAAA;IAED,QAAQ,EAAE;SACP,IAAI,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,2EAA2E,CAAC,CAAA;QACxF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC;SACD,KAAK,CAAC,UAAC,KAAK;QACX,OAAO,CAAC,KAAK,CAAC,4DAA4D,EAAE,KAAK,CAAC,CAAA;QAClF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC,CAAA;CACL"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import { Session } from "../../../sdk";
|
|
2
|
+
/**
|
|
3
|
+
* Regression test for F-0001 (security-audit/findings/F-0001-data-sync-bypasses-applyRedactions.md).
|
|
4
|
+
*
|
|
5
|
+
* The /v1/data-sync handler must apply the central applyRedactions() pipeline to
|
|
6
|
+
* every non-deleted record. The original bug: redactions were gated behind
|
|
7
|
+
* `if (session.fieldRedactions && session.fieldRedactions[record.modelName])`
|
|
8
|
+
* which meant any session without role-based field redactions (including all
|
|
9
|
+
* admins) received raw records — leaking schema-level `redactions: ['all']`
|
|
10
|
+
* fields (hashedPass, hashedPassword, hashedInviteCode).
|
|
11
|
+
*
|
|
12
|
+
* This test:
|
|
13
|
+
* 1. Configures a non-admin user with broad read access on users + endusers
|
|
14
|
+
* and NO fieldRedactions — the realistic "regular user with read access"
|
|
15
|
+
* condition that triggers the bypass.
|
|
16
|
+
* 2. Creates an enduser with a password to populate the sync stream.
|
|
17
|
+
* 3. Calls /v1/data-sync as the non-admin.
|
|
18
|
+
* 4. Asserts no returned record contains hashedPass / hashedPassword /
|
|
19
|
+
* hashedInviteCode.
|
|
20
|
+
*
|
|
21
|
+
* Pre-fix: assertion fails with leaked records.
|
|
22
|
+
* Post-fix: assertion passes.
|
|
23
|
+
*/
|
|
24
|
+
export declare const data_sync_redaction_bypass_tests: ({ sdk, sdkNonAdmin }: {
|
|
25
|
+
sdk: Session;
|
|
26
|
+
sdkNonAdmin: Session;
|
|
27
|
+
}) => Promise<void>;
|
|
28
|
+
//# sourceMappingURL=F-0001-data-sync-redaction-bypass.test.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"F-0001-data-sync-redaction-bypass.test.d.ts","sourceRoot":"","sources":["../../../../../src/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAwCtC;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,gCAAgC;SAAwC,OAAO;iBAAe,OAAO;mBAqJjH,CAAA"}
|