@tellescope/sdk 1.251.0 → 1.252.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/tests/api_tests/calendar_canvas_coding_clear.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/calendar_canvas_coding_clear.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/calendar_canvas_coding_clear.test.js +139 -0
- package/lib/cjs/tests/api_tests/calendar_canvas_coding_clear.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/calendar_event_webhook_template.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/calendar_event_webhook_template.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/calendar_event_webhook_template.test.js +337 -0
- package/lib/cjs/tests/api_tests/calendar_event_webhook_template.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/enduser_login_rate_limits.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/enduser_login_rate_limits.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/enduser_login_rate_limits.test.js +287 -0
- package/lib/cjs/tests/api_tests/enduser_login_rate_limits.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/integrations_redacted.test.d.ts.map +1 -1
- package/lib/cjs/tests/api_tests/integrations_redacted.test.js +30 -20
- package/lib/cjs/tests/api_tests/integrations_redacted.test.js.map +1 -1
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.d.ts.map +1 -1
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.js +234 -198
- package/lib/cjs/tests/api_tests/push_forms_to_portal_group_completion.test.js.map +1 -1
- package/lib/cjs/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.d.ts +28 -0
- package/lib/cjs/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.js +349 -0
- package/lib/cjs/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0005-ai-conversations-rbac.test.d.ts +28 -0
- package/lib/cjs/tests/api_tests/security/F-0005-ai-conversations-rbac.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0005-ai-conversations-rbac.test.js +247 -0
- package/lib/cjs/tests/api_tests/security/F-0005-ai-conversations-rbac.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0007-invite-user-enumeration.test.d.ts +29 -0
- package/lib/cjs/tests/api_tests/security/F-0007-invite-user-enumeration.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0007-invite-user-enumeration.test.js +278 -0
- package/lib/cjs/tests/api_tests/security/F-0007-invite-user-enumeration.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.d.ts +24 -0
- package/lib/cjs/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.js +201 -0
- package/lib/cjs/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0013-sanitize-user-html.test.d.ts +2 -0
- package/lib/cjs/tests/api_tests/security/F-0013-sanitize-user-html.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0013-sanitize-user-html.test.js +148 -0
- package/lib/cjs/tests/api_tests/security/F-0013-sanitize-user-html.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0016-prototype-pollution.test.d.ts +2 -0
- package/lib/cjs/tests/api_tests/security/F-0016-prototype-pollution.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0016-prototype-pollution.test.js +88 -0
- package/lib/cjs/tests/api_tests/security/F-0016-prototype-pollution.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.d.ts +32 -0
- package/lib/cjs/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.js +237 -0
- package/lib/cjs/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0076-self-admin-role-assignment.test.d.ts +38 -0
- package/lib/cjs/tests/api_tests/security/F-0076-self-admin-role-assignment.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/security/F-0076-self-admin-role-assignment.test.js +222 -0
- package/lib/cjs/tests/api_tests/security/F-0076-self-admin-role-assignment.test.js.map +1 -0
- package/lib/cjs/tests/api_tests/user_portal_settings.test.d.ts +6 -0
- package/lib/cjs/tests/api_tests/user_portal_settings.test.d.ts.map +1 -0
- package/lib/cjs/tests/api_tests/user_portal_settings.test.js +301 -0
- package/lib/cjs/tests/api_tests/user_portal_settings.test.js.map +1 -0
- package/lib/cjs/tests/tests.d.ts.map +1 -1
- package/lib/cjs/tests/tests.js +198 -151
- package/lib/cjs/tests/tests.js.map +1 -1
- package/lib/esm/tests/api_tests/calendar_canvas_coding_clear.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/calendar_canvas_coding_clear.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/calendar_canvas_coding_clear.test.js +135 -0
- package/lib/esm/tests/api_tests/calendar_canvas_coding_clear.test.js.map +1 -0
- package/lib/esm/tests/api_tests/calendar_event_webhook_template.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/calendar_event_webhook_template.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/calendar_event_webhook_template.test.js +333 -0
- package/lib/esm/tests/api_tests/calendar_event_webhook_template.test.js.map +1 -0
- package/lib/esm/tests/api_tests/enduser_login_rate_limits.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/enduser_login_rate_limits.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/enduser_login_rate_limits.test.js +280 -0
- package/lib/esm/tests/api_tests/enduser_login_rate_limits.test.js.map +1 -0
- package/lib/esm/tests/api_tests/integrations_redacted.test.d.ts.map +1 -1
- package/lib/esm/tests/api_tests/integrations_redacted.test.js +30 -20
- package/lib/esm/tests/api_tests/integrations_redacted.test.js.map +1 -1
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.d.ts.map +1 -1
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.js +235 -199
- package/lib/esm/tests/api_tests/push_forms_to_portal_group_completion.test.js.map +1 -1
- package/lib/esm/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.d.ts +28 -0
- package/lib/esm/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.js +345 -0
- package/lib/esm/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0005-ai-conversations-rbac.test.d.ts +28 -0
- package/lib/esm/tests/api_tests/security/F-0005-ai-conversations-rbac.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0005-ai-conversations-rbac.test.js +243 -0
- package/lib/esm/tests/api_tests/security/F-0005-ai-conversations-rbac.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0007-invite-user-enumeration.test.d.ts +29 -0
- package/lib/esm/tests/api_tests/security/F-0007-invite-user-enumeration.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0007-invite-user-enumeration.test.js +271 -0
- package/lib/esm/tests/api_tests/security/F-0007-invite-user-enumeration.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.d.ts +24 -0
- package/lib/esm/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.js +194 -0
- package/lib/esm/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0013-sanitize-user-html.test.d.ts +2 -0
- package/lib/esm/tests/api_tests/security/F-0013-sanitize-user-html.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0013-sanitize-user-html.test.js +144 -0
- package/lib/esm/tests/api_tests/security/F-0013-sanitize-user-html.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0016-prototype-pollution.test.d.ts +2 -0
- package/lib/esm/tests/api_tests/security/F-0016-prototype-pollution.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0016-prototype-pollution.test.js +84 -0
- package/lib/esm/tests/api_tests/security/F-0016-prototype-pollution.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.d.ts +32 -0
- package/lib/esm/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.js +233 -0
- package/lib/esm/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.js.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0076-self-admin-role-assignment.test.d.ts +38 -0
- package/lib/esm/tests/api_tests/security/F-0076-self-admin-role-assignment.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/security/F-0076-self-admin-role-assignment.test.js +218 -0
- package/lib/esm/tests/api_tests/security/F-0076-self-admin-role-assignment.test.js.map +1 -0
- package/lib/esm/tests/api_tests/user_portal_settings.test.d.ts +6 -0
- package/lib/esm/tests/api_tests/user_portal_settings.test.d.ts.map +1 -0
- package/lib/esm/tests/api_tests/user_portal_settings.test.js +297 -0
- package/lib/esm/tests/api_tests/user_portal_settings.test.js.map +1 -0
- package/lib/esm/tests/tests.d.ts.map +1 -1
- package/lib/esm/tests/tests.js +198 -151
- package/lib/esm/tests/tests.js.map +1 -1
- package/lib/tsconfig.tsbuildinfo +1 -1
- package/package.json +10 -10
- package/src/tests/api_tests/calendar_event_webhook_template.test.ts +204 -0
- package/src/tests/api_tests/enduser_login_rate_limits.test.ts +178 -0
- package/src/tests/api_tests/integrations_redacted.test.ts +8 -0
- package/src/tests/api_tests/push_forms_to_portal_group_completion.test.ts +113 -88
- package/src/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.ts +236 -0
- package/src/tests/api_tests/security/F-0005-ai-conversations-rbac.test.ts +154 -0
- package/src/tests/api_tests/security/F-0007-invite-user-enumeration.test.ts +198 -0
- package/src/tests/api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test.ts +130 -0
- package/src/tests/api_tests/security/F-0013-sanitize-user-html.test.ts +109 -0
- package/src/tests/api_tests/security/F-0016-prototype-pollution.test.ts +50 -0
- package/src/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.ts +161 -0
- package/src/tests/api_tests/security/F-0076-self-admin-role-assignment.test.ts +165 -0
- package/src/tests/api_tests/user_portal_settings.test.ts +217 -0
- package/src/tests/tests.ts +25 -2
- package/test_generated.pdf +0 -0
|
@@ -74,9 +74,9 @@ var pollFor = function (fetchFn, evaluateFn, description, intervalMs, maxIterati
|
|
|
74
74
|
var push_forms_to_portal_group_completion_tests = function (_a) {
|
|
75
75
|
var sdk = _a.sdk, sdkNonAdmin = _a.sdkNonAdmin;
|
|
76
76
|
return __awaiter(void 0, void 0, void 0, function () {
|
|
77
|
-
var createdEnduserIds, createdJourneyIds, createdFormIds, createdFormGroupIds, createdTriggerIds,
|
|
78
|
-
return __generator(this, function (
|
|
79
|
-
switch (
|
|
77
|
+
var createdEnduserIds, createdJourneyIds, createdFormIds, createdFormGroupIds, createdTriggerIds, formA_1, fieldA_1, formB, fieldB_1, formGroup_1, runFlow, _i, createdTriggerIds_1, id, e_1, _b, createdEnduserIds_1, id, e_2, _c, createdJourneyIds_1, id, e_3, _d, createdFormGroupIds_1, id, e_4, _e, createdFormIds_1, id, e_5;
|
|
78
|
+
return __generator(this, function (_f) {
|
|
79
|
+
switch (_f.label) {
|
|
80
80
|
case 0:
|
|
81
81
|
(0, testing_1.log_header)("Push Forms To Portal - Form Group Completed Trigger Tests");
|
|
82
82
|
createdEnduserIds = [];
|
|
@@ -84,24 +84,24 @@ var push_forms_to_portal_group_completion_tests = function (_a) {
|
|
|
84
84
|
createdFormIds = [];
|
|
85
85
|
createdFormGroupIds = [];
|
|
86
86
|
createdTriggerIds = [];
|
|
87
|
-
|
|
87
|
+
_f.label = 1;
|
|
88
88
|
case 1:
|
|
89
|
-
|
|
89
|
+
_f.trys.push([1, , 9, 40]);
|
|
90
90
|
return [4 /*yield*/, sdk.api.forms.createOne({ title: 'Push To Portal Form A' })];
|
|
91
91
|
case 2:
|
|
92
|
-
|
|
93
|
-
createdFormIds.push(
|
|
92
|
+
formA_1 = _f.sent();
|
|
93
|
+
createdFormIds.push(formA_1.id);
|
|
94
94
|
return [4 /*yield*/, sdk.api.form_fields.createOne({
|
|
95
|
-
formId:
|
|
95
|
+
formId: formA_1.id,
|
|
96
96
|
type: 'string',
|
|
97
97
|
title: 'FieldA',
|
|
98
98
|
previousFields: [{ type: 'root', info: {} }],
|
|
99
99
|
})];
|
|
100
100
|
case 3:
|
|
101
|
-
|
|
101
|
+
fieldA_1 = _f.sent();
|
|
102
102
|
return [4 /*yield*/, sdk.api.forms.createOne({ title: 'Push To Portal Form B' })];
|
|
103
103
|
case 4:
|
|
104
|
-
formB =
|
|
104
|
+
formB = _f.sent();
|
|
105
105
|
createdFormIds.push(formB.id);
|
|
106
106
|
return [4 /*yield*/, sdk.api.form_fields.createOne({
|
|
107
107
|
formId: formB.id,
|
|
@@ -109,232 +109,268 @@ var push_forms_to_portal_group_completion_tests = function (_a) {
|
|
|
109
109
|
title: 'FieldB',
|
|
110
110
|
previousFields: [{ type: 'root', info: {} }],
|
|
111
111
|
})
|
|
112
|
-
// 2. Create a form group containing both forms
|
|
112
|
+
// 2. Create a form group containing both forms (shared across both submission flows)
|
|
113
113
|
];
|
|
114
114
|
case 5:
|
|
115
|
-
|
|
115
|
+
fieldB_1 = _f.sent();
|
|
116
116
|
return [4 /*yield*/, sdk.api.form_groups.createOne({
|
|
117
117
|
title: 'Push To Portal Test Group',
|
|
118
|
-
formIds: [
|
|
118
|
+
formIds: [formA_1.id, formB.id],
|
|
119
119
|
})];
|
|
120
120
|
case 6:
|
|
121
|
-
|
|
122
|
-
createdFormGroupIds.push(
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
121
|
+
formGroup_1 = _f.sent();
|
|
122
|
+
createdFormGroupIds.push(formGroup_1.id);
|
|
123
|
+
runFlow = function (_a) {
|
|
124
|
+
var label = _a.label, tag = _a.tag, submitAsEnduser = _a.submitAsEnduser;
|
|
125
|
+
return __awaiter(void 0, void 0, void 0, function () {
|
|
126
|
+
var trigger, journey, pushStep, enduser, pushedResponses, _i, pushedResponses_1, fr, submitterApi, authToken, enduserSDK, _b, pushedResponses_2, fr, isFormA, targetFieldId, targetFieldTitle;
|
|
127
|
+
return __generator(this, function (_c) {
|
|
128
|
+
switch (_c.label) {
|
|
129
|
+
case 0: return [4 /*yield*/, sdk.api.automation_triggers.createOne({
|
|
130
|
+
event: { type: 'Form Group Completed', info: { groupId: formGroup_1.id } },
|
|
131
|
+
action: { type: 'Add Tags', info: { tags: [tag] } },
|
|
132
|
+
status: 'Active',
|
|
133
|
+
title: "Form Group Completed - Push to Portal (".concat(label, ")"),
|
|
134
|
+
})];
|
|
135
|
+
case 1:
|
|
136
|
+
trigger = _c.sent();
|
|
137
|
+
createdTriggerIds.push(trigger.id);
|
|
138
|
+
return [4 /*yield*/, sdk.api.journeys.createOne({
|
|
139
|
+
title: "Push To Portal Trigger Journey (".concat(label, ")"),
|
|
140
|
+
})];
|
|
141
|
+
case 2:
|
|
142
|
+
journey = _c.sent();
|
|
143
|
+
createdJourneyIds.push(journey.id);
|
|
144
|
+
return [4 /*yield*/, sdk.api.automation_steps.createOne({
|
|
145
|
+
journeyId: journey.id,
|
|
146
|
+
action: { type: 'pushFormsToPortal', info: { formGroupIds: [formGroup_1.id] } },
|
|
147
|
+
events: [{ type: 'onJourneyStart', info: {} }],
|
|
148
|
+
})];
|
|
149
|
+
case 3:
|
|
150
|
+
pushStep = _c.sent();
|
|
151
|
+
return [4 /*yield*/, sdk.api.endusers.createOne({ fname: 'PushPortal', lname: label })];
|
|
152
|
+
case 4:
|
|
153
|
+
enduser = _c.sent();
|
|
154
|
+
createdEnduserIds.push(enduser.id);
|
|
155
|
+
return [4 /*yield*/, sdk.api.endusers.add_to_journey({
|
|
156
|
+
enduserIds: [enduser.id],
|
|
157
|
+
journeyId: journey.id,
|
|
158
|
+
})];
|
|
159
|
+
case 5:
|
|
160
|
+
_c.sent();
|
|
161
|
+
return [4 /*yield*/, pollFor(function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
162
|
+
var responses, pushed;
|
|
163
|
+
return __generator(this, function (_a) {
|
|
164
|
+
switch (_a.label) {
|
|
165
|
+
case 0: return [4 /*yield*/, sdk.api.form_responses.getSome({
|
|
166
|
+
filter: { enduserId: enduser.id },
|
|
167
|
+
})];
|
|
168
|
+
case 1:
|
|
169
|
+
responses = _a.sent();
|
|
170
|
+
pushed = responses.filter(function (r) { return !!r.pushedToPortalAt; });
|
|
171
|
+
return [2 /*return*/, pushed.length >= 2 ? pushed : undefined];
|
|
172
|
+
}
|
|
173
|
+
});
|
|
174
|
+
}); }, function (result) { return Array.isArray(result) && result.length >= 2; }, "pushed-to-portal form_responses to be created by worker (".concat(label, ")"), 500, 40)];
|
|
175
|
+
case 6:
|
|
176
|
+
pushedResponses = _c.sent();
|
|
177
|
+
for (_i = 0, pushedResponses_1 = pushedResponses; _i < pushedResponses_1.length; _i++) {
|
|
178
|
+
fr = pushedResponses_1[_i];
|
|
179
|
+
if (!fr.pushedToPortalAt) {
|
|
180
|
+
throw new Error("Expected pushedToPortalAt to be set on form_response ".concat(fr.id, " (").concat(label, ")"));
|
|
181
|
+
}
|
|
182
|
+
if (fr.groupId !== pushStep.id) {
|
|
183
|
+
throw new Error("Expected form_response.groupId (".concat(fr.groupId, ") to equal automation step id (").concat(pushStep.id, ") (").concat(label, ")"));
|
|
184
|
+
}
|
|
185
|
+
if (fr.automationStepId !== pushStep.id) {
|
|
186
|
+
throw new Error("Expected form_response.automationStepId (".concat(fr.automationStepId, ") to equal automation step id (").concat(pushStep.id, ") (").concat(label, ")"));
|
|
187
|
+
}
|
|
188
|
+
}
|
|
189
|
+
return [4 /*yield*/, (0, testing_1.async_test)("Worker writes groupId === automationStepId and pushedToPortalAt set (".concat(label, ")"), function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
190
|
+
return [2 /*return*/, true];
|
|
191
|
+
}); }); }, { onResult: function (r) { return r === true; } })
|
|
192
|
+
// Build the submitter session
|
|
193
|
+
];
|
|
194
|
+
case 7:
|
|
195
|
+
_c.sent();
|
|
196
|
+
if (!submitAsEnduser) return [3 /*break*/, 9];
|
|
197
|
+
return [4 /*yield*/, sdk.api.endusers.generate_auth_token({ id: enduser.id })];
|
|
198
|
+
case 8:
|
|
199
|
+
authToken = (_c.sent()).authToken;
|
|
200
|
+
enduserSDK = new sdk_1.EnduserSession({ host: host, authToken: authToken, businessId: sdk.userInfo.businessId });
|
|
201
|
+
submitterApi = enduserSDK.api;
|
|
202
|
+
return [3 /*break*/, 10];
|
|
203
|
+
case 9:
|
|
204
|
+
submitterApi = sdk.api;
|
|
205
|
+
_c.label = 10;
|
|
206
|
+
case 10:
|
|
207
|
+
_b = 0, pushedResponses_2 = pushedResponses;
|
|
208
|
+
_c.label = 11;
|
|
209
|
+
case 11:
|
|
210
|
+
if (!(_b < pushedResponses_2.length)) return [3 /*break*/, 14];
|
|
211
|
+
fr = pushedResponses_2[_b];
|
|
212
|
+
isFormA = fr.formId === formA_1.id;
|
|
213
|
+
targetFieldId = isFormA ? fieldA_1.id : fieldB_1.id;
|
|
214
|
+
targetFieldTitle = isFormA ? 'FieldA' : 'FieldB';
|
|
215
|
+
return [4 /*yield*/, submitterApi.form_responses.submit_form_response({
|
|
216
|
+
accessCode: fr.accessCode,
|
|
217
|
+
responses: [{
|
|
218
|
+
fieldId: targetFieldId,
|
|
219
|
+
fieldTitle: targetFieldTitle,
|
|
220
|
+
answer: { type: 'string', value: 'pushed-portal-answer' },
|
|
221
|
+
}],
|
|
222
|
+
})];
|
|
223
|
+
case 12:
|
|
224
|
+
_c.sent();
|
|
225
|
+
_c.label = 13;
|
|
226
|
+
case 13:
|
|
227
|
+
_b++;
|
|
228
|
+
return [3 /*break*/, 11];
|
|
229
|
+
case 14: return [4 /*yield*/, pollFor(function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
230
|
+
var e;
|
|
231
|
+
var _a;
|
|
232
|
+
return __generator(this, function (_b) {
|
|
233
|
+
switch (_b.label) {
|
|
234
|
+
case 0: return [4 /*yield*/, sdk.api.endusers.getOne(enduser.id)];
|
|
235
|
+
case 1:
|
|
236
|
+
e = _b.sent();
|
|
237
|
+
return [2 /*return*/, ((_a = e.tags) === null || _a === void 0 ? void 0 : _a.includes(tag)) ? e : undefined];
|
|
238
|
+
}
|
|
239
|
+
});
|
|
240
|
+
}); }, function (result) { return !!result; }, "Form Group Completed trigger to apply tag after push-to-portal submissions (".concat(label, ")"), 500, 30)];
|
|
241
|
+
case 15:
|
|
242
|
+
_c.sent();
|
|
243
|
+
return [4 /*yield*/, (0, testing_1.async_test)("Form Group Completed trigger fires for push-to-portal completion (".concat(label, ")"), function () { return sdk.api.endusers.getOne(enduser.id); }, { onResult: function (e) { var _a; return !!((_a = e.tags) === null || _a === void 0 ? void 0 : _a.includes(tag)); } })];
|
|
244
|
+
case 16:
|
|
245
|
+
_c.sent();
|
|
246
|
+
return [2 /*return*/];
|
|
247
|
+
}
|
|
248
|
+
});
|
|
249
|
+
});
|
|
250
|
+
};
|
|
251
|
+
// Admin submitter: simulates a staff user filling in the form on behalf of the patient
|
|
252
|
+
// (uses a user-scoped DB in submit_form_response).
|
|
253
|
+
return [4 /*yield*/, runFlow({
|
|
254
|
+
label: 'admin-submit',
|
|
255
|
+
tag: 'form-group-completed-push-admin',
|
|
256
|
+
submitAsEnduser: false,
|
|
257
|
+
})
|
|
258
|
+
// Enduser submitter: simulates the patient submitting via the portal
|
|
259
|
+
// (uses an enduser-scoped DB in submit_form_response — exercises the path QA caught).
|
|
260
|
+
];
|
|
129
261
|
case 7:
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
262
|
+
// Admin submitter: simulates a staff user filling in the form on behalf of the patient
|
|
263
|
+
// (uses a user-scoped DB in submit_form_response).
|
|
264
|
+
_f.sent();
|
|
265
|
+
// Enduser submitter: simulates the patient submitting via the portal
|
|
266
|
+
// (uses an enduser-scoped DB in submit_form_response — exercises the path QA caught).
|
|
267
|
+
return [4 /*yield*/, runFlow({
|
|
268
|
+
label: 'enduser-submit',
|
|
269
|
+
tag: 'form-group-completed-push-enduser',
|
|
270
|
+
submitAsEnduser: true,
|
|
134
271
|
})];
|
|
135
272
|
case 8:
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
action: { type: 'pushFormsToPortal', info: { formGroupIds: [formGroup.id] } },
|
|
141
|
-
events: [{ type: 'onJourneyStart', info: {} }],
|
|
142
|
-
})
|
|
143
|
-
// 5. Create enduser and add to journey
|
|
144
|
-
];
|
|
273
|
+
// Enduser submitter: simulates the patient submitting via the portal
|
|
274
|
+
// (uses an enduser-scoped DB in submit_form_response — exercises the path QA caught).
|
|
275
|
+
_f.sent();
|
|
276
|
+
return [3 /*break*/, 40];
|
|
145
277
|
case 9:
|
|
146
|
-
|
|
147
|
-
|
|
278
|
+
_i = 0, createdTriggerIds_1 = createdTriggerIds;
|
|
279
|
+
_f.label = 10;
|
|
148
280
|
case 10:
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
enduserIds: [enduser_1.id],
|
|
153
|
-
journeyId: journey.id,
|
|
154
|
-
})
|
|
155
|
-
// 6. Poll for the worker to create the push-to-portal form_responses
|
|
156
|
-
];
|
|
281
|
+
if (!(_i < createdTriggerIds_1.length)) return [3 /*break*/, 15];
|
|
282
|
+
id = createdTriggerIds_1[_i];
|
|
283
|
+
_f.label = 11;
|
|
157
284
|
case 11:
|
|
158
|
-
|
|
159
|
-
return [4 /*yield*/,
|
|
160
|
-
var responses, pushed;
|
|
161
|
-
return __generator(this, function (_a) {
|
|
162
|
-
switch (_a.label) {
|
|
163
|
-
case 0: return [4 /*yield*/, sdk.api.form_responses.getSome({
|
|
164
|
-
filter: { enduserId: enduser_1.id },
|
|
165
|
-
})];
|
|
166
|
-
case 1:
|
|
167
|
-
responses = _a.sent();
|
|
168
|
-
pushed = responses.filter(function (r) { return !!r.pushedToPortalAt; });
|
|
169
|
-
return [2 /*return*/, pushed.length >= 2 ? pushed : undefined];
|
|
170
|
-
}
|
|
171
|
-
});
|
|
172
|
-
}); }, function (result) { return Array.isArray(result) && result.length >= 2; }, 'pushed-to-portal form_responses to be created by worker', 500, 40)
|
|
173
|
-
// 7. Assert worker behavior: groupId === automationStepId and pushedToPortalAt is set
|
|
174
|
-
];
|
|
285
|
+
_f.trys.push([11, 13, , 14]);
|
|
286
|
+
return [4 /*yield*/, sdk.api.automation_triggers.deleteOne(id)];
|
|
175
287
|
case 12:
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
for (_i = 0, pushedResponses_1 = pushedResponses; _i < pushedResponses_1.length; _i++) {
|
|
179
|
-
fr = pushedResponses_1[_i];
|
|
180
|
-
if (!fr.pushedToPortalAt) {
|
|
181
|
-
throw new Error("Expected pushedToPortalAt to be set on form_response ".concat(fr.id));
|
|
182
|
-
}
|
|
183
|
-
if (fr.groupId !== pushStep.id) {
|
|
184
|
-
throw new Error("Expected form_response.groupId (".concat(fr.groupId, ") to equal automation step id (").concat(pushStep.id, ")"));
|
|
185
|
-
}
|
|
186
|
-
if (fr.automationStepId !== pushStep.id) {
|
|
187
|
-
throw new Error("Expected form_response.automationStepId (".concat(fr.automationStepId, ") to equal automation step id (").concat(pushStep.id, ")"));
|
|
188
|
-
}
|
|
189
|
-
}
|
|
190
|
-
return [4 /*yield*/, (0, testing_1.async_test)("Worker writes groupId === automationStepId and pushedToPortalAt set", function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
191
|
-
return [2 /*return*/, true];
|
|
192
|
-
}); }); }, { onResult: function (r) { return r === true; } })
|
|
193
|
-
// 8. Submit every form_response on behalf of the enduser
|
|
194
|
-
// Identify which form_response corresponds to formA / formB via formId
|
|
195
|
-
];
|
|
288
|
+
_f.sent();
|
|
289
|
+
return [3 /*break*/, 14];
|
|
196
290
|
case 13:
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
_h.label = 14;
|
|
291
|
+
e_1 = _f.sent();
|
|
292
|
+
return [3 /*break*/, 14];
|
|
200
293
|
case 14:
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
isFormA = fr.formId === formA.id;
|
|
204
|
-
targetFieldId = isFormA ? fieldA.id : fieldB.id;
|
|
205
|
-
targetFieldTitle = isFormA ? 'FieldA' : 'FieldB';
|
|
206
|
-
return [4 /*yield*/, sdk.api.form_responses.submit_form_response({
|
|
207
|
-
accessCode: fr.accessCode,
|
|
208
|
-
responses: [{
|
|
209
|
-
fieldId: targetFieldId,
|
|
210
|
-
fieldTitle: targetFieldTitle,
|
|
211
|
-
answer: { type: 'string', value: 'pushed-portal-answer' },
|
|
212
|
-
}],
|
|
213
|
-
})];
|
|
294
|
+
_i++;
|
|
295
|
+
return [3 /*break*/, 10];
|
|
214
296
|
case 15:
|
|
215
|
-
|
|
216
|
-
|
|
297
|
+
_b = 0, createdEnduserIds_1 = createdEnduserIds;
|
|
298
|
+
_f.label = 16;
|
|
217
299
|
case 16:
|
|
218
|
-
_b
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
var _a;
|
|
225
|
-
return __generator(this, function (_b) {
|
|
226
|
-
switch (_b.label) {
|
|
227
|
-
case 0: return [4 /*yield*/, sdk.api.endusers.getOne(enduser_1.id)];
|
|
228
|
-
case 1:
|
|
229
|
-
e = _b.sent();
|
|
230
|
-
return [2 /*return*/, ((_a = e.tags) === null || _a === void 0 ? void 0 : _a.includes('form-group-completed-push')) ? e : undefined];
|
|
231
|
-
}
|
|
232
|
-
});
|
|
233
|
-
}); }, function (result) { return !!result; }, 'Form Group Completed trigger to apply tag after push-to-portal submissions', 500, 30)];
|
|
300
|
+
if (!(_b < createdEnduserIds_1.length)) return [3 /*break*/, 21];
|
|
301
|
+
id = createdEnduserIds_1[_b];
|
|
302
|
+
_f.label = 17;
|
|
303
|
+
case 17:
|
|
304
|
+
_f.trys.push([17, 19, , 20]);
|
|
305
|
+
return [4 /*yield*/, sdk.api.endusers.deleteOne(id)];
|
|
234
306
|
case 18:
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
return [4 /*yield*/, (0, testing_1.async_test)("Form Group Completed trigger fires for push-to-portal completion", function () { return sdk.api.endusers.getOne(enduser_1.id); }, { onResult: function (e) { var _a; return !!((_a = e.tags) === null || _a === void 0 ? void 0 : _a.includes('form-group-completed-push')); } })];
|
|
307
|
+
_f.sent();
|
|
308
|
+
return [3 /*break*/, 20];
|
|
238
309
|
case 19:
|
|
239
|
-
|
|
240
|
-
return [3 /*break*/,
|
|
310
|
+
e_2 = _f.sent();
|
|
311
|
+
return [3 /*break*/, 20];
|
|
241
312
|
case 20:
|
|
242
|
-
|
|
243
|
-
|
|
313
|
+
_b++;
|
|
314
|
+
return [3 /*break*/, 16];
|
|
244
315
|
case 21:
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
_h.label = 22;
|
|
316
|
+
_c = 0, createdJourneyIds_1 = createdJourneyIds;
|
|
317
|
+
_f.label = 22;
|
|
248
318
|
case 22:
|
|
249
|
-
|
|
250
|
-
|
|
319
|
+
if (!(_c < createdJourneyIds_1.length)) return [3 /*break*/, 27];
|
|
320
|
+
id = createdJourneyIds_1[_c];
|
|
321
|
+
_f.label = 23;
|
|
251
322
|
case 23:
|
|
252
|
-
|
|
253
|
-
return [
|
|
323
|
+
_f.trys.push([23, 25, , 26]);
|
|
324
|
+
return [4 /*yield*/, sdk.api.journeys.deleteOne(id)];
|
|
254
325
|
case 24:
|
|
255
|
-
|
|
256
|
-
return [3 /*break*/,
|
|
326
|
+
_f.sent();
|
|
327
|
+
return [3 /*break*/, 26];
|
|
257
328
|
case 25:
|
|
258
|
-
|
|
259
|
-
return [3 /*break*/,
|
|
329
|
+
e_3 = _f.sent();
|
|
330
|
+
return [3 /*break*/, 26];
|
|
260
331
|
case 26:
|
|
261
|
-
|
|
262
|
-
|
|
332
|
+
_c++;
|
|
333
|
+
return [3 /*break*/, 22];
|
|
263
334
|
case 27:
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
_h.label = 28;
|
|
335
|
+
_d = 0, createdFormGroupIds_1 = createdFormGroupIds;
|
|
336
|
+
_f.label = 28;
|
|
267
337
|
case 28:
|
|
268
|
-
|
|
269
|
-
|
|
338
|
+
if (!(_d < createdFormGroupIds_1.length)) return [3 /*break*/, 33];
|
|
339
|
+
id = createdFormGroupIds_1[_d];
|
|
340
|
+
_f.label = 29;
|
|
270
341
|
case 29:
|
|
271
|
-
|
|
272
|
-
return [
|
|
342
|
+
_f.trys.push([29, 31, , 32]);
|
|
343
|
+
return [4 /*yield*/, sdk.api.form_groups.deleteOne(id)];
|
|
273
344
|
case 30:
|
|
274
|
-
|
|
275
|
-
return [3 /*break*/,
|
|
345
|
+
_f.sent();
|
|
346
|
+
return [3 /*break*/, 32];
|
|
276
347
|
case 31:
|
|
277
|
-
|
|
278
|
-
return [3 /*break*/,
|
|
348
|
+
e_4 = _f.sent();
|
|
349
|
+
return [3 /*break*/, 32];
|
|
279
350
|
case 32:
|
|
280
|
-
|
|
281
|
-
|
|
351
|
+
_d++;
|
|
352
|
+
return [3 /*break*/, 28];
|
|
282
353
|
case 33:
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
_h.label = 34;
|
|
354
|
+
_e = 0, createdFormIds_1 = createdFormIds;
|
|
355
|
+
_f.label = 34;
|
|
286
356
|
case 34:
|
|
287
|
-
|
|
288
|
-
|
|
357
|
+
if (!(_e < createdFormIds_1.length)) return [3 /*break*/, 39];
|
|
358
|
+
id = createdFormIds_1[_e];
|
|
359
|
+
_f.label = 35;
|
|
289
360
|
case 35:
|
|
290
|
-
|
|
291
|
-
return [
|
|
361
|
+
_f.trys.push([35, 37, , 38]);
|
|
362
|
+
return [4 /*yield*/, sdk.api.forms.deleteOne(id)];
|
|
292
363
|
case 36:
|
|
293
|
-
|
|
294
|
-
return [3 /*break*/,
|
|
364
|
+
_f.sent();
|
|
365
|
+
return [3 /*break*/, 38];
|
|
295
366
|
case 37:
|
|
296
|
-
|
|
297
|
-
return [3 /*break*/,
|
|
367
|
+
e_5 = _f.sent();
|
|
368
|
+
return [3 /*break*/, 38];
|
|
298
369
|
case 38:
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
case 39:
|
|
302
|
-
|
|
303
|
-
id = createdFormGroupIds_1[_f];
|
|
304
|
-
_h.label = 40;
|
|
305
|
-
case 40:
|
|
306
|
-
_h.trys.push([40, 42, , 43]);
|
|
307
|
-
return [4 /*yield*/, sdk.api.form_groups.deleteOne(id)];
|
|
308
|
-
case 41:
|
|
309
|
-
_h.sent();
|
|
310
|
-
return [3 /*break*/, 43];
|
|
311
|
-
case 42:
|
|
312
|
-
e_4 = _h.sent();
|
|
313
|
-
return [3 /*break*/, 43];
|
|
314
|
-
case 43:
|
|
315
|
-
_f++;
|
|
316
|
-
return [3 /*break*/, 39];
|
|
317
|
-
case 44:
|
|
318
|
-
_g = 0, createdFormIds_1 = createdFormIds;
|
|
319
|
-
_h.label = 45;
|
|
320
|
-
case 45:
|
|
321
|
-
if (!(_g < createdFormIds_1.length)) return [3 /*break*/, 50];
|
|
322
|
-
id = createdFormIds_1[_g];
|
|
323
|
-
_h.label = 46;
|
|
324
|
-
case 46:
|
|
325
|
-
_h.trys.push([46, 48, , 49]);
|
|
326
|
-
return [4 /*yield*/, sdk.api.forms.deleteOne(id)];
|
|
327
|
-
case 47:
|
|
328
|
-
_h.sent();
|
|
329
|
-
return [3 /*break*/, 49];
|
|
330
|
-
case 48:
|
|
331
|
-
e_5 = _h.sent();
|
|
332
|
-
return [3 /*break*/, 49];
|
|
333
|
-
case 49:
|
|
334
|
-
_g++;
|
|
335
|
-
return [3 /*break*/, 45];
|
|
336
|
-
case 50: return [7 /*endfinally*/];
|
|
337
|
-
case 51: return [2 /*return*/];
|
|
370
|
+
_e++;
|
|
371
|
+
return [3 /*break*/, 34];
|
|
372
|
+
case 39: return [7 /*endfinally*/];
|
|
373
|
+
case 40: return [2 /*return*/];
|
|
338
374
|
}
|
|
339
375
|
});
|
|
340
376
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"push_forms_to_portal_group_completion.test.js","sourceRoot":"","sources":["../../../../src/tests/api_tests/push_forms_to_portal_group_completion.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,CAAC,oBAAoB,CAAC,CAAC,OAAO,EAAE,CAAC;AAExC,
|
|
1
|
+
{"version":3,"file":"push_forms_to_portal_group_completion.test.js","sourceRoot":"","sources":["../../../../src/tests/api_tests/push_forms_to_portal_group_completion.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,CAAC,oBAAoB,CAAC,CAAC,OAAO,EAAE,CAAC;AAExC,iCAAmD;AACnD,+CAAkE;AAElE,kCAAsC;AAEtC,IAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,uBAAuB,CAAA;AAE3D,IAAM,OAAO,GAAG,UACd,OAAqC,EACrC,UAAkD,EAClD,WAAmB,EACnB,UAAgB,EAChB,aAAkB;IADlB,2BAAA,EAAA,gBAAgB;IAChB,8BAAA,EAAA,kBAAkB;;;;;;oBAGT,CAAC,GAAG,CAAC;;;yBAAE,CAAA,CAAC,GAAG,aAAa,CAAA;oBAC/B,qBAAM,IAAA,cAAI,EAAC,SAAS,EAAE,UAAU,CAAC,EAAA;;oBAAjC,SAAiC,CAAA;oBACpB,qBAAM,OAAO,EAAE,EAAA;;oBAA5B,UAAU,GAAG,SAAe,CAAA;oBAC5B,IAAI,UAAU,CAAC,UAAU,CAAC;wBAAE,sBAAO,UAAU,EAAA;;;oBAHZ,CAAC,EAAE,CAAA;;wBAKtC,MAAM,IAAI,KAAK,CAAC,2BAAoB,WAAW,uBAAa,aAAa,GAAG,UAAU,OAAI,CAAC,CAAA;;;;CAC5F,CAAA;AAEM,IAAM,2CAA2C,GAAG,UAAO,EAA6D;QAA3D,GAAG,SAAA,EAAE,WAAW,iBAAA;;;;;;oBAClF,IAAA,oBAAU,EAAC,2DAA2D,CAAC,CAAA;oBAEjE,iBAAiB,GAAa,EAAE,CAAA;oBAChC,iBAAiB,GAAa,EAAE,CAAA;oBAChC,cAAc,GAAa,EAAE,CAAA;oBAC7B,mBAAmB,GAAa,EAAE,CAAA;oBAClC,iBAAiB,GAAa,EAAE,CAAA;;;;oBAItB,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,EAAA;;oBAAzE,UAAQ,SAAiE;oBAC/E,cAAc,CAAC,IAAI,CAAC,OAAK,CAAC,EAAE,CAAC,CAAA;oBACd,qBAAM,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC;4BACjD,MAAM,EAAE,OAAK,CAAC,EAAE;4BAChB,IAAI,EAAE,QAAQ;4BACd,KAAK,EAAE,QAAQ;4BACf,cAAc,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;yBAC7C,CAAC,EAAA;;oBALI,WAAS,SAKb;oBAEY,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,EAAA;;oBAAzE,KAAK,GAAG,SAAiE;oBAC/E,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;oBACd,qBAAM,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC;4BACjD,MAAM,EAAE,KAAK,CAAC,EAAE;4BAChB,IAAI,EAAE,QAAQ;4BACd,KAAK,EAAE,QAAQ;4BACf,cAAc,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;yBAC7C,CAAC;wBAEF,qFAAqF;sBAFnF;;oBALI,WAAS,SAKb;oBAGgB,qBAAM,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC;4BACpD,KAAK,EAAE,2BAA2B;4BAClC,OAAO,EAAE,CAAC,OAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,CAAC;yBAC9B,CAAC,EAAA;;oBAHI,cAAY,SAGhB;oBACF,mBAAmB,CAAC,IAAI,CAAC,WAAS,CAAC,EAAE,CAAC,CAAA;oBAOhC,OAAO,GAAG,UAAO,EAA0F;4BAAxF,KAAK,WAAA,EAAE,GAAG,SAAA,EAAE,eAAe,qBAAA;;;;;4CAClC,qBAAM,GAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,SAAS,CAAC;4CAC1D,KAAK,EAAE,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,WAAS,CAAC,EAAE,EAAE,EAAE;4CACxE,MAAM,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE;4CACnD,MAAM,EAAE,QAAQ;4CAChB,KAAK,EAAE,iDAA0C,KAAK,MAAG;yCAC1D,CAAC,EAAA;;wCALI,OAAO,GAAG,SAKd;wCACF,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;wCAElB,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;gDAC/C,KAAK,EAAE,0CAAmC,KAAK,MAAG;6CACnD,CAAC,EAAA;;wCAFI,OAAO,GAAG,SAEd;wCACF,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;wCAEjB,qBAAM,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,SAAS,CAAC;gDACxD,SAAS,EAAE,OAAO,CAAC,EAAE;gDACrB,MAAM,EAAE,EAAE,IAAI,EAAE,mBAAmB,EAAE,IAAI,EAAE,EAAE,YAAY,EAAE,CAAC,WAAS,CAAC,EAAE,CAAC,EAAE,EAAE;gDAC7E,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;6CAC/C,CAAC,EAAA;;wCAJI,QAAQ,GAAG,SAIf;wCAEc,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAA;;wCAAjF,OAAO,GAAG,SAAuE;wCACvF,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;wCAElC,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC;gDACpC,UAAU,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gDACxB,SAAS,EAAE,OAAO,CAAC,EAAE;6CACtB,CAAC,EAAA;;wCAHF,SAGE,CAAA;wCAEsB,qBAAM,OAAO,CACnC;;;;gEACoB,qBAAM,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,OAAO,CAAC;gEACrD,MAAM,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE;6DAClC,CAAC,EAAA;;4DAFI,SAAS,GAAG,SAEhB;4DACI,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,UAAA,CAAC,IAAI,OAAA,CAAC,CAAC,CAAC,CAAC,gBAAgB,EAApB,CAAoB,CAAC,CAAA;4DAC1D,sBAAO,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,EAAA;;;iDAC/C,EACD,UAAC,MAAM,IAAsB,OAAA,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,EAA3C,CAA2C,EACxE,mEAA4D,KAAK,MAAG,EACpE,GAAG,EACH,EAAE,CACH,EAAA;;wCAZK,eAAe,GAAG,SAYvB;wCAED,WAAgC,EAAf,mCAAe,EAAf,6BAAe,EAAf,IAAe,EAAE;4CAAvB,EAAE;4CACX,IAAI,CAAC,EAAE,CAAC,gBAAgB,EAAE;gDACxB,MAAM,IAAI,KAAK,CAAC,+DAAwD,EAAE,CAAC,EAAE,eAAK,KAAK,MAAG,CAAC,CAAA;6CAC5F;4CACD,IAAI,EAAE,CAAC,OAAO,KAAK,QAAQ,CAAC,EAAE,EAAE;gDAC9B,MAAM,IAAI,KAAK,CAAC,0CAAmC,EAAE,CAAC,OAAO,4CAAkC,QAAQ,CAAC,EAAE,gBAAM,KAAK,MAAG,CAAC,CAAA;6CAC1H;4CACD,IAAI,EAAE,CAAC,gBAAgB,KAAK,QAAQ,CAAC,EAAE,EAAE;gDACvC,MAAM,IAAI,KAAK,CAAC,mDAA4C,EAAE,CAAC,gBAAgB,4CAAkC,QAAQ,CAAC,EAAE,gBAAM,KAAK,MAAG,CAAC,CAAA;6CAC5I;yCACF;wCAED,qBAAM,IAAA,oBAAU,EACd,+EAAwE,KAAK,MAAG,EAChF;gDAAY,sBAAA,IAAI,EAAA;qDAAA,EAChB,EAAE,QAAQ,EAAE,UAAA,CAAC,IAAI,OAAA,CAAC,KAAK,IAAI,EAAV,CAAU,EAAE,CAC9B;4CAED,8BAA8B;0CAF7B;;wCAJD,SAIC,CAAA;6CAIG,eAAe,EAAf,wBAAe;wCACK,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,EAAA;;wCAA5E,SAAS,GAAK,CAAA,SAA8D,CAAA,UAAnE;wCACX,UAAU,GAAG,IAAI,oBAAc,CAAC,EAAE,IAAI,MAAA,EAAE,SAAS,WAAA,EAAE,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAA;wCAC/F,YAAY,GAAG,UAAU,CAAC,GAAG,CAAA;;;wCAE7B,YAAY,GAAG,GAAG,CAAC,GAAG,CAAA;;;8CAGQ,EAAf,mCAAe;;;6CAAf,CAAA,6BAAe,CAAA;wCAArB,EAAE;wCACL,OAAO,GAAG,EAAE,CAAC,MAAM,KAAK,OAAK,CAAC,EAAE,CAAA;wCAChC,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,QAAM,CAAC,EAAE,CAAC,CAAC,CAAC,QAAM,CAAC,EAAE,CAAA;wCAC/C,gBAAgB,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAA;wCACtD,qBAAM,YAAY,CAAC,cAAc,CAAC,oBAAoB,CAAC;gDACrD,UAAU,EAAE,EAAE,CAAC,UAAoB;gDACnC,SAAS,EAAE,CAAC;wDACV,OAAO,EAAE,aAAa;wDACtB,UAAU,EAAE,gBAAgB;wDAC5B,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,sBAAsB,EAAE;qDAC1D,CAAC;6CACH,CAAC,EAAA;;wCAPF,SAOE,CAAA;;;wCAXa,IAAe,CAAA;;6CAchC,qBAAM,OAAO,CACX;;;;;4DACY,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,EAAA;;wDAA7C,CAAC,GAAG,SAAyC;wDACnD,sBAAO,CAAA,MAAA,CAAC,CAAC,IAAI,0CAAE,QAAQ,CAAC,GAAG,CAAC,EAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,EAAA;;;6CAC7C,EACD,UAAC,MAAM,IAAwB,OAAA,CAAC,CAAC,MAAM,EAAR,CAAQ,EACvC,sFAA+E,KAAK,MAAG,EACvF,GAAG,EACH,EAAE,CACH,EAAA;;wCATD,SASC,CAAA;wCAED,qBAAM,IAAA,oBAAU,EACd,4EAAqE,KAAK,MAAG,EAC7E,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,EAAnC,CAAmC,EACzC,EAAE,QAAQ,EAAE,UAAC,CAAU,YAAK,OAAA,CAAC,CAAC,CAAA,MAAA,CAAC,CAAC,IAAI,0CAAE,QAAQ,CAAC,GAAG,CAAC,CAAA,CAAA,EAAA,EAAE,CACtD,EAAA;;wCAJD,SAIC,CAAA;;;;;qBACF,CAAA;oBAED,uFAAuF;oBACvF,mDAAmD;oBACnD,qBAAM,OAAO,CAAC;4BACZ,KAAK,EAAE,cAAc;4BACrB,GAAG,EAAE,iCAAiC;4BACtC,eAAe,EAAE,KAAK;yBACvB,CAAC;wBAEF,qEAAqE;wBACrE,sFAAsF;sBAHpF;;oBANF,uFAAuF;oBACvF,mDAAmD;oBACnD,SAIE,CAAA;oBAEF,qEAAqE;oBACrE,sFAAsF;oBACtF,qBAAM,OAAO,CAAC;4BACZ,KAAK,EAAE,gBAAgB;4BACvB,GAAG,EAAE,mCAAmC;4BACxC,eAAe,EAAE,IAAI;yBACtB,CAAC,EAAA;;oBANF,qEAAqE;oBACrE,sFAAsF;oBACtF,SAIE,CAAA;;;0BAGgC,EAAjB,uCAAiB;;;yBAAjB,CAAA,+BAAiB,CAAA;oBAAvB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAA/C,SAA+C,CAAA;;;;;;oBADtC,IAAiB,CAAA;;;0BAGA,EAAjB,uCAAiB;;;yBAAjB,CAAA,+BAAiB,CAAA;oBAAvB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAApC,SAAoC,CAAA;;;;;;oBAD3B,IAAiB,CAAA;;;0BAGA,EAAjB,uCAAiB;;;yBAAjB,CAAA,+BAAiB,CAAA;oBAAvB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAApC,SAAoC,CAAA;;;;;;oBAD3B,IAAiB,CAAA;;;0BAGE,EAAnB,2CAAmB;;;yBAAnB,CAAA,iCAAmB,CAAA;oBAAzB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAAvC,SAAuC,CAAA;;;;;;oBAD9B,IAAmB,CAAA;;;0BAGL,EAAd,iCAAc;;;yBAAd,CAAA,4BAAc,CAAA;oBAApB,EAAE;;;;oBACL,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC,EAAA;;oBAAjC,SAAiC,CAAA;;;;;;oBADxB,IAAc,CAAA;;;;;;;CAIlC,CAAA;AAhLY,QAAA,2CAA2C,+CAgLvD;AAED,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE;IAC3B,OAAO,CAAC,GAAG,CAAC,sCAAqB,IAAI,CAAE,CAAC,CAAA;IACxC,IAAM,KAAG,GAAG,IAAI,aAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IACjC,IAAM,aAAW,GAAG,IAAI,aAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IAEzC,IAAM,QAAQ,GAAG;;;wBACf,qBAAM,IAAA,mBAAW,EAAC,KAAG,EAAE,aAAW,CAAC,EAAA;;oBAAnC,SAAmC,CAAA;oBACnC,qBAAM,IAAA,mDAA2C,EAAC,EAAE,GAAG,OAAA,EAAE,WAAW,eAAA,EAAE,CAAC,EAAA;;oBAAvE,SAAuE,CAAA;;;;SACxE,CAAA;IAED,QAAQ,EAAE;SACP,IAAI,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,2EAA2E,CAAC,CAAA;QACxF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC;SACD,KAAK,CAAC,UAAC,KAAK;QACX,OAAO,CAAC,KAAK,CAAC,4DAA4D,EAAE,KAAK,CAAC,CAAA;QAClF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC,CAAA;CACL"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import { Session } from "../../../sdk";
|
|
2
|
+
/**
|
|
3
|
+
* Regression test for F-0001 (security-audit/findings/F-0001-data-sync-bypasses-applyRedactions.md).
|
|
4
|
+
*
|
|
5
|
+
* The /v1/data-sync handler must apply the central applyRedactions() pipeline to
|
|
6
|
+
* every non-deleted record. The original bug: redactions were gated behind
|
|
7
|
+
* `if (session.fieldRedactions && session.fieldRedactions[record.modelName])`
|
|
8
|
+
* which meant any session without role-based field redactions (including all
|
|
9
|
+
* admins) received raw records — leaking schema-level `redactions: ['all']`
|
|
10
|
+
* fields (hashedPass, hashedPassword, hashedInviteCode).
|
|
11
|
+
*
|
|
12
|
+
* This test:
|
|
13
|
+
* 1. Configures a non-admin user with broad read access on users + endusers
|
|
14
|
+
* and NO fieldRedactions — the realistic "regular user with read access"
|
|
15
|
+
* condition that triggers the bypass.
|
|
16
|
+
* 2. Creates an enduser with a password to populate the sync stream.
|
|
17
|
+
* 3. Calls /v1/data-sync as the non-admin.
|
|
18
|
+
* 4. Asserts no returned record contains hashedPass / hashedPassword /
|
|
19
|
+
* hashedInviteCode.
|
|
20
|
+
*
|
|
21
|
+
* Pre-fix: assertion fails with leaked records.
|
|
22
|
+
* Post-fix: assertion passes.
|
|
23
|
+
*/
|
|
24
|
+
export declare const data_sync_redaction_bypass_tests: ({ sdk, sdkNonAdmin }: {
|
|
25
|
+
sdk: Session;
|
|
26
|
+
sdkNonAdmin: Session;
|
|
27
|
+
}) => Promise<void>;
|
|
28
|
+
//# sourceMappingURL=F-0001-data-sync-redaction-bypass.test.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"F-0001-data-sync-redaction-bypass.test.d.ts","sourceRoot":"","sources":["../../../../../src/tests/api_tests/security/F-0001-data-sync-redaction-bypass.test.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAwCtC;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,gCAAgC;SAAwC,OAAO;iBAAe,OAAO;mBAqJjH,CAAA"}
|