@terreno/api 0.0.11-beta.1 → 0.0.12

package/src/notifiers/slackNotifier.ts

@@ -4,33 +4,44 @@ import axios from "axios";
 import {APIError} from "../errors";
 import {logger} from "../logger";
 // Convenience method to send data to a Slack webhook.
+// If `url` is provided, it will be used directly instead of looking up from environment.
+// DEPRECATED: Looking up webhook URLs from the SLACK_WEBHOOKS environment variable by channel name
+// is deprecated and will be removed in a future version. Please pass the `url` parameter directly.
 export async function sendToSlack(
   text: string,
   {
     slackChannel,
     shouldThrow = false,
     env,
-  }: {slackChannel?: string; shouldThrow?: boolean; env?: string} = {}
+    url,
+  }: {slackChannel?: string; shouldThrow?: boolean; env?: string; url?: string} = {}
 ) {
-  // since Slack now requires a webhook for each channel, we need to store them in the environment
-  // as an object, so we can look them up by channel name.
-  const slackWebhooksString = process.env.SLACK_WEBHOOKS;
-  if (!slackWebhooksString) {
-    logger.debug("You must set SLACK_WEBHOOKS in the environment to use sendToSlack.");
-    return;
-  }
-  const slackWebhooks = JSON.parse(slackWebhooksString ?? "{}");
-
-  const channel = slackChannel ?? "default";
-
-  const slackWebhookUrl = slackWebhooks[channel] ?? slackWebhooks.default;
+  let slackWebhookUrl = url;
 
   if (!slackWebhookUrl) {
-    Sentry.captureException(
-      new Error(`No webhook url set in env for ${channel}. Slack message not sent`)
+    logger.debug(
+      "DEPRECATED: Looking up webhook URLs from SLACK_WEBHOOKS environment variable is deprecated and will be removed in a future version. Please pass the url parameter directly."
     );
-    logger.debug(`No webhook url set in env for ${channel}.`);
-    return;
+    // since Slack now requires a webhook for each channel, we need to store them in the environment
+    // as an object, so we can look them up by channel name.
+    const slackWebhooksString = process.env.SLACK_WEBHOOKS;
+    if (!slackWebhooksString) {
+      logger.debug("You must set SLACK_WEBHOOKS in the environment to use sendToSlack.");
+      return;
+    }
+    const slackWebhooks = JSON.parse(slackWebhooksString ?? "{}");
+
+    const channel = slackChannel ?? "default";
+
+    slackWebhookUrl = slackWebhooks[channel] ?? slackWebhooks.default;
+
+    if (!slackWebhookUrl) {
+      Sentry.captureException(
+        new Error(`No webhook url set in env for ${channel}. Slack message not sent`)
+      );
+      logger.debug(`No webhook url set in env for ${channel}.`);
+      return;
+    }
   }
 
   let formattedText = text;

package/src/permissions.test.ts

@@ -5,7 +5,7 @@ import type TestAgent from "supertest/lib/agent";
 
 import {modelRouter} from "./api";
 import {addAuthRoutes, setupAuth} from "./auth";
-import {Permissions} from "./permissions";
+import {OwnerQueryFilter, Permissions} from "./permissions";
 import {
   authAsUser,
   type Food,
@@ -217,3 +217,72 @@ describe("permissions", () => {
     });
   });
 });
+
+describe("permissions module", () => {
+  describe("OwnerQueryFilter", () => {
+    it("returns ownerId filter when user is provided", () => {
+      const user = {id: "user-123"} as any;
+      const filter = OwnerQueryFilter(user);
+      expect(filter).toEqual({ownerId: "user-123"});
+    });
+
+    it("returns null when user is undefined", () => {
+      const filter = OwnerQueryFilter(undefined);
+      expect(filter).toBeNull();
+    });
+  });
+
+  describe("Permissions.IsAuthenticatedOrReadOnly", () => {
+    it("returns true for authenticated non-anonymous users", () => {
+      const user = {id: "user-123", isAnonymous: false} as any;
+      expect(Permissions.IsAuthenticatedOrReadOnly("create", user)).toBe(true);
+    });
+
+    it("returns true for read methods when user is anonymous", () => {
+      const user = {id: "user-123", isAnonymous: true} as any;
+      expect(Permissions.IsAuthenticatedOrReadOnly("list", user)).toBe(true);
+      expect(Permissions.IsAuthenticatedOrReadOnly("read", user)).toBe(true);
+    });
+
+    it("returns false for write methods when user is anonymous", () => {
+      const user = {id: "user-123", isAnonymous: true} as any;
+      expect(Permissions.IsAuthenticatedOrReadOnly("create", user)).toBe(false);
+      expect(Permissions.IsAuthenticatedOrReadOnly("update", user)).toBe(false);
+      expect(Permissions.IsAuthenticatedOrReadOnly("delete", user)).toBe(false);
+    });
+  });
+
+  describe("Permissions.IsOwnerOrReadOnly", () => {
+    it("returns true when no object is provided", () => {
+      expect(Permissions.IsOwnerOrReadOnly("update", {id: "user-123"} as any, undefined)).toBe(
+        true
+      );
+    });
+
+    it("returns true for admin users", () => {
+      const user = {admin: true, id: "admin-123"} as any;
+      const obj = {ownerId: "other-user"};
+      expect(Permissions.IsOwnerOrReadOnly("update", user, obj)).toBe(true);
+    });
+
+    it("returns true when user is owner", () => {
+      const user = {id: "user-123"} as any;
+      const obj = {ownerId: "user-123"};
+      expect(Permissions.IsOwnerOrReadOnly("update", user, obj)).toBe(true);
+    });
+
+    it("returns true for read methods when not owner", () => {
+      const user = {id: "user-123"} as any;
+      const obj = {ownerId: "other-user"};
+      expect(Permissions.IsOwnerOrReadOnly("list", user, obj)).toBe(true);
+      expect(Permissions.IsOwnerOrReadOnly("read", user, obj)).toBe(true);
+    });
+
+    it("returns false for write methods when not owner", () => {
+      const user = {id: "user-123"} as any;
+      const obj = {ownerId: "other-user"};
+      expect(Permissions.IsOwnerOrReadOnly("update", user, obj)).toBe(false);
+      expect(Permissions.IsOwnerOrReadOnly("delete", user, obj)).toBe(false);
+    });
+  });
+});

package/src/populate.test.ts

@@ -63,3 +63,61 @@ describe("populate functions", () => {
     expect(populated.likesIds[1].userId.name).toBeUndefined();
   });
 });
+
+describe("unpopulate edge cases", () => {
+  it("throws error when path is empty", () => {
+    const doc = {name: "test"};
+    expect(() => unpopulate(doc as any, "")).toThrow("path is required");
+  });
+
+  it("unpopulates single populated field", () => {
+    const doc = {
+      name: "test",
+      ownerId: {_id: "owner-123", email: "owner@test.com"},
+    };
+    const result = unpopulate(doc as any, "ownerId") as any;
+    expect(result.ownerId).toBe("owner-123");
+  });
+
+  it("unpopulates array of populated fields", () => {
+    const doc = {
+      items: [{_id: "item-1", name: "Item 1"}, {_id: "item-2", name: "Item 2"}, "item-3"],
+      name: "test",
+    };
+    const result = unpopulate(doc as any, "items") as any;
+    expect(result.items).toEqual(["item-1", "item-2", "item-3"]);
+  });
+
+  it("handles nested paths", () => {
+    const doc = {
+      name: "test",
+      nested: {
+        items: [
+          {_id: "item-1", name: "Item 1"},
+          {_id: "item-2", name: "Item 2"},
+        ],
+      },
+    };
+    const result = unpopulate(doc as any, "nested.items") as any;
+    expect(result.nested.items).toEqual(["item-1", "item-2"]);
+  });
+
+  it("returns original doc when path does not exist", () => {
+    const doc = {name: "test"};
+    const result = unpopulate(doc as any, "nonexistent") as any;
+    expect(result).toEqual(doc);
+  });
+
+  it("handles nested array paths", () => {
+    const doc = {
+      containers: [
+        {items: [{_id: "item-1"}, {_id: "item-2"}]},
+        {items: [{_id: "item-3"}, {_id: "item-4"}]},
+      ],
+      name: "test",
+    };
+    const result = unpopulate(doc as any, "containers.items") as any;
+    expect(result.containers[0].items).toEqual(["item-1", "item-2"]);
+    expect(result.containers[1].items).toEqual(["item-3", "item-4"]);
+  });
+});

package/src/utils.test.ts

@@ -1,7 +1,7 @@
 import {describe, expect, it, spyOn} from "bun:test";
 import mongoose from "mongoose";
 
-import {checkModelsStrict, isValidObjectId} from "./utils";
+import {checkModelsStrict, isValidObjectId, timeout} from "./utils";
 
 describe("utils", () => {
   describe("isValidObjectId", () => {
@@ -191,4 +191,29 @@ describe("utils", () => {
       }
     });
   });
+
+  describe("timeout", () => {
+    it("resolves after specified time", async () => {
+      const start = Date.now();
+      await timeout(50);
+      const elapsed = Date.now() - start;
+      expect(elapsed).toBeGreaterThanOrEqual(40);
+    });
+  });
+
+  describe("isValidObjectId additional cases", () => {
+    it("returns true for valid ObjectId strings", () => {
+      expect(isValidObjectId("507f1f77bcf86cd799439011")).toBe(true);
+    });
+
+    it("returns false for invalid ObjectId strings", () => {
+      expect(isValidObjectId("invalid-id")).toBe(false);
+      expect(isValidObjectId("12345")).toBe(false);
+      expect(isValidObjectId("")).toBe(false);
+    });
+
+    it("returns false for 12-character strings that are not valid ObjectIds", () => {
+      expect(isValidObjectId("123456789012")).toBe(false);
+    });
+  });
 });