@tellescope/sdk 1.252.0 → 1.252.1

package/src/tests/api_tests/security/F-0053-cascade-role-rename-cross-tenant.test.ts

@@ -0,0 +1,161 @@
+require('source-map-support').install();
+
+import { Session } from "../../../sdk"
+import {
+  assert,
+  log_header,
+  wait,
+} from "@tellescope/testing"
+import { setup_tests } from "../../setup"
+import { PROVIDER_PERMISSIONS } from "@tellescope/constants"
+
+const host = process.env.API_URL || 'http://localhost:8080' as const
+
+// Separate tenant (different businessId), reusing the same hardcoded apiKey that
+// multi_tenant_tests relies on in tests.ts.
+const OTHER_TENANT_API_KEY = "ba745e25162bb95a795c5fa1af70df188d93c4d3aac9c48b34a5c8c9dd7b80f7"
+
+/**
+ * Tenant-boundary guard for cascade_role_rename (relates to security-audit finding F-0053,
+ * which was investigated and closed as a FALSE POSITIVE — see that file for the code trace).
+ *
+ * The `cascade_role_rename` side-effect handler
+ * ([event_handlers_v2/role_based_access_permissions.ts](packages/private/api/api/v1/event_handlers_v2/role_based_access_permissions.ts))
+ * runs when a `role_based_access_permissions` doc's `role` field changes. It finds every user
+ * with the old role name (via `DBUnrestricted.users`) and rewrites their `roles` array, then
+ * deauthenticates them. F-0053 hypothesized this query was globally cross-tenant. It is NOT:
+ * `DBUnrestricted` bypasses per-user/per-role RBAC but is STILL scoped to the acting session's
+ * `businessId` (see `modifyFilterForAccessConstraint` injecting `{ businessId }` at
+ * database.ts:1761-1763, reached via the `unrestricted: true` branch at database.ts:2137-2144).
+ *
+ * This test locks that boundary in place so a future refactor of `DBUnrestricted` semantics
+ * can't silently turn the cascade into a cross-tenant write:
+ *   1. Tenant A creates a role `ROLE_OLD` and assigns it to a Tenant A user (positive control).
+ *   2. Tenant B (separate businessId) has a user whose roles include the SAME `ROLE_OLD`.
+ *   3. Tenant A renames the role `ROLE_OLD` -> `ROLE_NEW`.
+ *   4. Assert the Tenant B user's roles are UNCHANGED (still `[ROLE_OLD]`)  <-- guards the tenant boundary.
+ *   5. Assert the Tenant A user's roles ARE renamed to `[ROLE_NEW]`         <-- same-tenant cascade works.
+ *
+ * Expected on current (correct) code: BOTH assertions pass. A regression that drops the
+ * `businessId` scoping would flip assertion #4 to red (Tenant B user becomes `[ROLE_NEW]`).
+ *
+ * A collision-proof unique role name (timestamped) is used so the test never touches real roles.
+ */
+export const cascade_role_rename_cross_tenant_tests = async ({ sdk } : { sdk: Session, sdkNonAdmin: Session }) => {
+  log_header("F-0053: cascade role rename cross-tenant regression")
+
+  const stamp = Date.now()
+  const ROLE_OLD = `XTenantRename_${stamp}`
+  const ROLE_NEW = `${ROLE_OLD}_renamed`
+
+  // Tenant B = a genuinely separate businessId (the apiKey's org). admin is required to create /
+  // set roles on users, so the apiKey user must be an Admin in its org.
+  const sdkOther = new Session({ host, apiKey: OTHER_TENANT_API_KEY })
+
+  let rbapId: string | undefined
+  // We create dedicated throwaway users in BOTH tenants and delete them in `finally`. We never
+  // mutate any pre-existing user (an earlier version of this test clobbered the apiKey's own
+  // admin user via getSome+replaceObjectFields — see F-0053 finding notes). controlUser lives in
+  // Tenant A and SHOULD be renamed by the same-tenant cascade; victimUser lives in Tenant B and
+  // must be UNTOUCHED.
+  let controlUserId: string | undefined
+  let victimUserId: string | undefined
+
+  try {
+    const tenantABusinessId = sdk.userInfo.businessId
+
+    // 1. Tenant A: create the role to be renamed.
+    const rbap = await sdk.api.role_based_access_permissions.createOne({
+      role: ROLE_OLD,
+      permissions: { ...PROVIDER_PERMISSIONS },
+    })
+    rbapId = rbap.id
+
+    // 2. Tenant A: create a throwaway control user holding ROLE_OLD (notification emails off).
+    const controlUser = await sdk.api.users.createOne({
+      email: `f0053-control-${stamp}@example.com`,
+      notificationEmailsDisabled: true,
+    } as any)
+    controlUserId = controlUser.id
+    await sdk.api.users.updateOne(controlUserId, { roles: [ROLE_OLD] }, { replaceObjectFields: true })
+
+    // 3. Tenant B: create a throwaway victim user holding the SAME ROLE_OLD.
+    const victimUser = await sdkOther.api.users.createOne({
+      email: `f0053-victim-${stamp}@example.com`,
+      notificationEmailsDisabled: true,
+    } as any)
+    victimUserId = victimUser.id
+    await sdkOther.api.users.updateOne(victimUserId, { roles: [ROLE_OLD] }, { replaceObjectFields: true })
+
+    // 4. Setup sanity: tenants are distinct and both users actually hold ROLE_OLD before the rename.
+    //    (Distinguishes a setup failure from the security assertion below.)
+    assert(
+      victimUser.businessId !== tenantABusinessId,
+      `Victim user shares businessId with Tenant A (${victimUser.businessId}) — not a cross-tenant scenario`,
+      'F-0053 setup: tenants are distinct',
+    )
+    const victimBefore = await sdkOther.api.users.getOne(victimUserId)
+    const controlBefore = await sdk.api.users.getOne(controlUserId)
+    assert(
+      JSON.stringify(victimBefore.roles) === JSON.stringify([ROLE_OLD])
+        && JSON.stringify(controlBefore.roles) === JSON.stringify([ROLE_OLD]),
+      `Setup failed: expected both users to hold [${ROLE_OLD}] (victim=${JSON.stringify(victimBefore.roles)}, control=${JSON.stringify(controlBefore.roles)})`,
+      'F-0053 setup: both users hold ROLE_OLD',
+    )
+
+    // 5. Tenant A renames the role. This triggers cascade_role_rename.
+    await sdk.api.role_based_access_permissions.updateOne(rbapId, { role: ROLE_NEW })
+    await wait(undefined, 1500) // let the side effect run
+
+    // 6. SECURITY ASSERTION — the Tenant B victim must be untouched by Tenant A's rename.
+    const victimAfter = await sdkOther.api.users.getOne(victimUserId)
+    assert(
+      JSON.stringify(victimAfter.roles) === JSON.stringify([ROLE_OLD]),
+      `CROSS-TENANT LEAK: Tenant B victim roles changed to ${JSON.stringify(victimAfter.roles)} `
+        + `after Tenant A renamed its role. Expected [${ROLE_OLD}].`,
+      'F-0053: Tenant B user roles unaffected by other-tenant role rename',
+    )
+
+    // 7. POSITIVE CONTROL — the Tenant A control user SHOULD be renamed (same-tenant cascade intact).
+    const controlAfter = await sdk.api.users.getOne(controlUserId)
+    assert(
+      JSON.stringify(controlAfter.roles) === JSON.stringify([ROLE_NEW]),
+      `Same-tenant cascade broken: Tenant A control roles are ${JSON.stringify(controlAfter.roles)}, `
+        + `expected [${ROLE_NEW}].`,
+      'F-0053: Tenant A user roles renamed by same-tenant cascade',
+    )
+  } finally {
+    // Cleanup: delete both throwaway users and the role doc. Never touches pre-existing users.
+    if (victimUserId) {
+      try { await sdkOther.api.users.deleteOne(victimUserId) } catch {}
+    }
+    if (controlUserId) {
+      try { await sdk.api.users.deleteOne(controlUserId) } catch {}
+    }
+    if (rbapId) {
+      try { await sdk.api.role_based_access_permissions.deleteOne(rbapId) } catch {}
+    }
+  }
+}
+
+// Allow running this test file independently
+if (require.main === module) {
+  console.log(`🌐 Using API URL: ${host}`)
+  const sdk = new Session({ host })
+  const sdkNonAdmin = new Session({ host })
+
+  const runTests = async () => {
+    await setup_tests(sdk, sdkNonAdmin)
+    await cascade_role_rename_cross_tenant_tests({ sdk, sdkNonAdmin })
+  }
+
+  runTests()
+    .then(() => {
+      console.log("✅ F-0053 cascade role rename cross-tenant test suite completed successfully")
+      process.exit(0)
+    })
+    .catch((error) => {
+      console.error("❌ F-0053 cascade role rename cross-tenant test suite failed:", error)
+      process.exit(1)
+    })
+}

package/src/tests/api_tests/security/F-0076-self-admin-role-assignment.test.ts

@@ -0,0 +1,165 @@
+require('source-map-support').install();
+
+import { Session } from "../../../sdk"
+import {
+  assert,
+  log_header,
+  wait,
+} from "@tellescope/testing"
+import { setup_tests } from "../../setup"
+
+const host = process.env.API_URL || 'http://localhost:8080' as const
+
+/**
+ * Self-role privilege-escalation guard (relates to security-audit finding F-0076, which was
+ * investigated and closed as a FALSE POSITIVE — see that file for the full code trace).
+ *
+ * F-0076 hypothesized that a non-admin staff user could `PATCH /v1/users/{their-own-id}` with
+ * `{ roles: ['Admin'] }` and self-promote to Admin, because the FIRST `users` relationship
+ * constraint ("Only admin users can set the admin role",
+ * [schema.ts:3446](packages/public/schema/src/schema.ts#L3446)) has a self-exception
+ * (`if (_id === session.id) return`).
+ *
+ * That analysis missed the SECOND constraint, "Only admin users can update user roles"
+ * ([schema.ts:3486](packages/public/schema/src/schema.ts#L3486)), which has NO self-exception.
+ * Relationship constraints are AND-evaluated — `validateRelationshipConstraints`
+ * ([routing.ts:1240-1252](packages/private/api/api/modules/routing.ts#L1240)) loops the whole
+ * array and throws 400 on the FIRST evaluator that returns a string. So a non-admin self-update
+ * that includes `roles` passes constraint #1 (self-exception) but is rejected by constraint #2.
+ * The self-promotion is blocked.
+ *
+ * This test locks that boundary in place so a future refactor of the role constraints can't
+ * silently reintroduce the escalation. A dedicated throwaway non-admin user is used as the
+ * "attacker" (we never mutate the shared sdkNonAdmin's roles):
+ *   1. Admin creates a throwaway user and assigns it a non-admin role (`['Provider']`).
+ *   2. Authenticate AS that user via a freshly-minted auth token.
+ *   3. As the attacker, attempt four self-role mutations — ['Admin'], ['Provider','Admin'],
+ *      an arbitrary role, and [] — and assert EACH is blocked.       <-- the security assertions
+ *   4. Confirm (as admin) the attacker's roles are still ['Provider'] — nothing slipped through.
+ *   5. Positive control: admin CAN update the throwaway user's roles. <-- guards against an
+ *      over-restrictive regression that would block legitimate admin role management.
+ *
+ * Expected on current (correct) code: all assertions pass. A regression that made the self-update
+ * path role-writable by non-admins would flip the step-3/step-4 assertions to red.
+ */
+export const self_admin_role_assignment_tests = async ({ sdk } : { sdk: Session, sdkNonAdmin: Session }) => {
+  log_header("F-0076: self-admin role assignment privilege-escalation regression")
+
+  const stamp = Date.now()
+  const NON_ADMIN_ROLE = 'Provider'
+
+  // Assert that a self-role-update attempt is rejected by the relationship constraints.
+  const expect_blocked = async (fn: () => Promise<any>, description: string) => {
+    try {
+      await fn()
+      assert(false, `${description} - SELF-ROLE ESCALATION SUCCEEDED (expected it to be blocked)`)
+    } catch (e: any) {
+      // CRUD relationship-constraint failures surface as 400 { message, info } via SDK parseError.
+      assert(
+        e?.code === 400 || e?.statusCode === 400 || typeof e?.message === 'string',
+        `${description} - expected a block error, got: ${JSON.stringify(e)}`,
+        description,
+      )
+    }
+  }
+
+  let attackerId: string | undefined
+
+  try {
+    // 1. Admin creates a throwaway non-admin user (notification emails off, timestamped email).
+    //    verifiedEmail is set at creation (admin-only, updatesDisabled after) so the attacker can
+    //    drive an authenticated session — otherwise actions are blocked on email-verification, not
+    //    on the role constraint we're actually testing.
+    const attacker = await sdk.api.users.createOne({
+      email: `f0076-attacker-${stamp}@example.com`,
+      notificationEmailsDisabled: true,
+      verifiedEmail: true,
+    } as any)
+    attackerId = attacker.id
+    await sdk.api.users.updateOne(attackerId, { roles: [NON_ADMIN_ROLE] }, { replaceObjectFields: true })
+    await wait(undefined, 2000) // role change triggers a logout; let it propagate before minting a token
+
+    // Setup sanity: the attacker holds exactly the non-admin role and is NOT an admin.
+    const attackerBefore = await sdk.api.users.getOne(attackerId)
+    assert(
+      JSON.stringify(attackerBefore.roles) === JSON.stringify([NON_ADMIN_ROLE]),
+      `Setup failed: expected attacker to hold [${NON_ADMIN_ROLE}], got ${JSON.stringify(attackerBefore.roles)}`,
+      'F-0076 setup: attacker holds a non-admin role',
+    )
+
+    // 2. Authenticate AS the attacker (no password needed — admin mints an auth token).
+    const sdkAttacker = new Session({
+      host,
+      authToken: (await sdk.api.users.generate_auth_token({ id: attackerId })).authToken,
+    })
+    await sdkAttacker.refresh_session() // populate userInfo from the freshly-minted token
+    assert(
+      sdkAttacker.userInfo.id === attackerId && !(sdkAttacker.userInfo.roles ?? []).includes('Admin'),
+      `Setup failed: attacker session is not the expected non-admin user`,
+      'F-0076 setup: authenticated as the non-admin attacker',
+    )
+
+    // 3. SECURITY ASSERTIONS — every self-role mutation by the non-admin must be blocked.
+    await expect_blocked(
+      () => sdkAttacker.api.users.updateOne(attackerId!, { roles: ['Admin'] }, { replaceObjectFields: true }),
+      'F-0076: non-admin self-update to [Admin] is blocked',
+    )
+    await expect_blocked(
+      () => sdkAttacker.api.users.updateOne(attackerId!, { roles: [NON_ADMIN_ROLE, 'Admin'] }, { replaceObjectFields: true }),
+      'F-0076: non-admin self-update to [Provider, Admin] is blocked',
+    )
+    await expect_blocked(
+      () => sdkAttacker.api.users.updateOne(attackerId!, { roles: [`Arbitrary_${stamp}`] }, { replaceObjectFields: true }),
+      'F-0076: non-admin self-update to an arbitrary role is blocked',
+    )
+    await expect_blocked(
+      () => sdkAttacker.api.users.updateOne(attackerId!, { roles: [] }, { replaceObjectFields: true }),
+      'F-0076: non-admin self-update to [] (would grant defaults) is blocked',
+    )
+
+    // 4. STATE ASSERTION — nothing slipped through; roles are still the original non-admin role.
+    const attackerAfter = await sdk.api.users.getOne(attackerId)
+    assert(
+      JSON.stringify(attackerAfter.roles) === JSON.stringify([NON_ADMIN_ROLE]),
+      `ESCALATION LEAK: attacker roles changed to ${JSON.stringify(attackerAfter.roles)} `
+        + `after self-update attempts. Expected [${NON_ADMIN_ROLE}].`,
+      'F-0076: attacker roles unchanged after all self-escalation attempts',
+    )
+
+    // 5. POSITIVE CONTROL — an Admin CAN update the user's roles (mechanism is not over-restricted).
+    await sdk.api.users.updateOne(attackerId, { roles: [NON_ADMIN_ROLE] }, { replaceObjectFields: true })
+    const afterAdminUpdate = await sdk.api.users.getOne(attackerId)
+    assert(
+      JSON.stringify(afterAdminUpdate.roles) === JSON.stringify([NON_ADMIN_ROLE]),
+      `Admin role update failed: roles are ${JSON.stringify(afterAdminUpdate.roles)}, expected [${NON_ADMIN_ROLE}]`,
+      'F-0076: admin can manage user roles (positive control)',
+    )
+  } finally {
+    // Cleanup: delete the throwaway attacker. Never touches pre-existing users.
+    if (attackerId) {
+      try { await sdk.api.users.deleteOne(attackerId) } catch {}
+    }
+  }
+}
+
+// Allow running this test file independently
+if (require.main === module) {
+  console.log(`🌐 Using API URL: ${host}`)
+  const sdk = new Session({ host })
+  const sdkNonAdmin = new Session({ host })
+
+  const runTests = async () => {
+    await setup_tests(sdk, sdkNonAdmin)
+    await self_admin_role_assignment_tests({ sdk, sdkNonAdmin })
+  }
+
+  runTests()
+    .then(() => {
+      console.log("✅ F-0076 self-admin role assignment test suite completed successfully")
+      process.exit(0)
+    })
+    .catch((error) => {
+      console.error("❌ F-0076 self-admin role assignment test suite failed:", error)
+      process.exit(1)
+    })
+}

package/src/tests/api_tests/user_portal_settings.test.ts

@@ -0,0 +1,217 @@
+require('source-map-support').install();
+
+import { Session, EnduserSession } from "../../sdk"
+import {
+  assert,
+  async_test,
+  handleAnyError,
+  log_header,
+} from "@tellescope/testing"
+import { setup_tests } from "../setup"
+
+const host = process.env.API_URL || 'http://localhost:8080' as const
+const businessId = '60398b1131a295e64f084ff6'
+
+// Main test function that can be called independently
+export const user_portal_settings_tests = async ({ sdk, sdkNonAdmin }: { sdk: Session, sdkNonAdmin: Session }) => {
+  log_header("User portalSettings Tests")
+
+  // Operate on a throwaway user so we never mutate existing users' records.
+  const testUser = await sdk.api.users.createOne({
+    email: `portal_settings_test_${Date.now()}@test.tellescope.com`,
+  })
+
+  // throwaway enduser used to confirm enduser-visibility of portalSettings
+  let testEnduserId: string | undefined
+  let enduserSDK: EnduserSession | undefined
+
+  try {
+    // ===== Valid: string values =====
+    await async_test(
+      'portalSettings - string values accepted',
+      async () => {
+        await sdk.api.users.updateOne(testUser.id, { portalSettings: { theme: 'dark' } }, { replaceObjectFields: true })
+        const updated = await sdk.api.users.getOne(testUser.id)
+        return updated.portalSettings?.theme
+      },
+      { onResult: (r) => r === 'dark' }
+    )
+
+    // ===== Valid: boolean values + round-trip as real booleans =====
+    await async_test(
+      'portalSettings - boolean values accepted and round-trip as booleans',
+      async () => {
+        await sdk.api.users.updateOne(
+          testUser.id,
+          { portalSettings: { showNameInSecureMessaging: true, showAvatar: false } },
+          { replaceObjectFields: true }
+        )
+        const updated = await sdk.api.users.getOne(testUser.id)
+        return updated.portalSettings
+      },
+      {
+        onResult: (r) =>
+          r?.showNameInSecureMessaging === true &&
+          r?.showAvatar === false &&
+          // assert real booleans, not coerced strings
+          typeof r?.showNameInSecureMessaging === 'boolean' &&
+          typeof r?.showAvatar === 'boolean',
+      }
+    )
+
+    // ===== Valid: mixed string + boolean values, strings stay strings =====
+    await async_test(
+      'portalSettings - mixed string and boolean values',
+      async () => {
+        await sdk.api.users.updateOne(
+          testUser.id,
+          { portalSettings: { theme: 'light', showAvatar: true } },
+          { replaceObjectFields: true }
+        )
+        const updated = await sdk.api.users.getOne(testUser.id)
+        return updated.portalSettings
+      },
+      {
+        onResult: (r) =>
+          r?.theme === 'light' &&
+          typeof r?.theme === 'string' &&
+          r?.showAvatar === true &&
+          typeof r?.showAvatar === 'boolean',
+      }
+    )
+
+    // ===== Valid: empty object (zero-iteration loop passes) =====
+    await async_test(
+      'portalSettings - empty object accepted',
+      async () => {
+        await sdk.api.users.updateOne(testUser.id, { portalSettings: {} }, { replaceObjectFields: true })
+        const updated = await sdk.api.users.getOne(testUser.id)
+        return updated.portalSettings
+      },
+      { onResult: (r) => !!r && typeof r === 'object' && Object.keys(r).length === 0 }
+    )
+
+    // ===== Invalid: value string > 250 chars =====
+    await async_test(
+      'portalSettings - value string > 250 chars rejected',
+      () => sdk.api.users.updateOne(
+        testUser.id,
+        { portalSettings: { tooLong: 'a'.repeat(251) } },
+        { replaceObjectFields: true }
+      ),
+      handleAnyError
+    )
+
+    // ===== Invalid: key > 250 chars =====
+    await async_test(
+      'portalSettings - key > 250 chars rejected',
+      () => sdk.api.users.updateOne(
+        testUser.id,
+        { portalSettings: { ['a'.repeat(251)]: 'x' } },
+        { replaceObjectFields: true }
+      ),
+      handleAnyError
+    )
+
+    // ===== Invalid: nested object value (disallowed type) =====
+    await async_test(
+      'portalSettings - nested object value rejected',
+      () => sdk.api.users.updateOne(
+        testUser.id,
+        { portalSettings: { k: { nested: 1 } as any } },
+        { replaceObjectFields: true }
+      ),
+      handleAnyError
+    )
+
+    // ===== Invalid: array value (disallowed type) =====
+    await async_test(
+      'portalSettings - array value rejected',
+      () => sdk.api.users.updateOne(
+        testUser.id,
+        { portalSettings: { k: [1, 2] as any } },
+        { replaceObjectFields: true }
+      ),
+      handleAnyError
+    )
+
+    // ===== Number value (secondary): orValidator tries boolean then string;
+    // stringValidator250's escapeString throws on non-strings, so a number is
+    // rejected by both branches => API validation error. =====
+    await async_test(
+      'portalSettings - number value rejected',
+      () => sdk.api.users.updateOne(
+        testUser.id,
+        { portalSettings: { k: 1 as any } },
+        { replaceObjectFields: true }
+      ),
+      handleAnyError
+    )
+
+    // ===== Enduser visibility: portalSettings readable by endusers, un-redacted =====
+    await async_test(
+      'portalSettings - readable by enduser (un-redacted)',
+      async () => {
+        // set a known value on the throwaway user
+        await sdk.api.users.updateOne(
+          testUser.id,
+          { portalSettings: { showNameInSecureMessaging: true, theme: 'dark' } },
+          { replaceObjectFields: true }
+        )
+
+        // create + authenticate a throwaway enduser to read as a patient
+        const testEnduser = await sdk.api.endusers.createOne({
+          email: `portal_settings_enduser_${Date.now()}@test.tellescope.com`,
+        })
+        testEnduserId = testEnduser.id
+        await sdk.api.endusers.set_password({ id: testEnduser.id, password: 'TestPassword123!' })
+
+        enduserSDK = new EnduserSession({ host, businessId })
+        await enduserSDK.authenticate(testEnduser.email!, 'TestPassword123!')
+
+        const asEnduser = await enduserSDK.api.users.getOne(testUser.id)
+        return asEnduser.portalSettings
+      },
+      {
+        onResult: (r) =>
+          // field is present and un-redacted for endusers
+          r?.showNameInSecureMessaging === true && r?.theme === 'dark',
+      }
+    )
+
+    console.log("✅ All User portalSettings tests passed!")
+  } finally {
+    try {
+      if (enduserSDK) {
+        await enduserSDK.api.endusers.logout().catch(() => {})
+      }
+      if (testEnduserId) {
+        await sdk.api.endusers.deleteOne(testEnduserId)
+      }
+    } finally {
+      await sdk.api.users.deleteOne(testUser.id)
+    }
+  }
+}
+
+// Allow running this test file independently
+if (require.main === module) {
+  console.log(`🌐 Using API URL: ${host}`)
+  const sdk = new Session({ host })
+  const sdkNonAdmin = new Session({ host })
+
+  const runTests = async () => {
+    await setup_tests(sdk, sdkNonAdmin)
+    await user_portal_settings_tests({ sdk, sdkNonAdmin })
+  }
+
+  runTests()
+    .then(() => {
+      console.log("✅ User portalSettings test suite completed successfully")
+      process.exit(0)
+    })
+    .catch((error) => {
+      console.error("❌ User portalSettings test suite failed:", error)
+      process.exit(1)
+    })
+}

package/src/tests/tests.ts

@@ -36,6 +36,7 @@ import {
 
 import { Session, APIQuery, EnduserSession } from "../sdk"
 import { enduser_observations_acknowledge_tests } from "./api_tests/enduser_observations_acknowledge.test"
+import { user_portal_settings_tests } from "./api_tests/user_portal_settings.test"
 import { integrations_redacted_tests } from "./api_tests/integrations_redacted.test"
 import { get_some_projection_tests } from "./api_tests/get_some_projection.test"
 import { mdb_sort_tests } from "./api_tests/mdb_sort.test"
@@ -91,6 +92,8 @@ import { no_access_permission_checks_tests } from "./api_tests/no_access_permiss
 import { field_redaction_tests } from "./api_tests/field_redaction.test";
 import { data_sync_redaction_bypass_tests } from "./api_tests/security/F-0001-data-sync-redaction-bypass.test";
 import { ai_conversations_rbac_tests } from "./api_tests/security/F-0005-ai-conversations-rbac.test";
+import { cascade_role_rename_cross_tenant_tests } from "./api_tests/security/F-0053-cascade-role-rename-cross-tenant.test";
+import { self_admin_role_assignment_tests } from "./api_tests/security/F-0076-self-admin-role-assignment.test";
 import { invite_user_enumeration_tests } from "./api_tests/security/F-0007-invite-user-enumeration.test";
 import { handle_incoming_communication_cross_tenant_tests } from "./api_tests/security/F-0008-handle-incoming-communication-cross-tenant.test";
 import { sanitize_user_html_xss_tests } from "./api_tests/security/F-0013-sanitize-user-html.test";
@@ -14336,6 +14339,8 @@ const ip_address_form_tests = async () => {
     await enduser_login_rate_limits_tests({ sdk, sdkNonAdmin })
     await data_sync_redaction_bypass_tests({ sdk, sdkNonAdmin })
     await ai_conversations_rbac_tests({ sdk, sdkNonAdmin })
+    await cascade_role_rename_cross_tenant_tests({ sdk, sdkNonAdmin })
+    await self_admin_role_assignment_tests({ sdk, sdkNonAdmin })
     await sanitize_user_html_xss_tests()
     await prototype_pollution_tests()
     await automation_trigger_tests()
@@ -14393,6 +14398,7 @@ const ip_address_form_tests = async () => {
     await inbox_threads_loading_tests()
     await load_inbox_data_tests({ sdk, sdkNonAdmin })
     await enduser_observations_acknowledge_tests({ sdk, sdkNonAdmin })
+    await user_portal_settings_tests({ sdk, sdkNonAdmin })
     await create_user_notifications_trigger_tests({ sdk })
     await group_mms_active_tests()
     await auto_reply_tests()