@varshylinc/onboarding-consent-engine 0.1.0 → 0.1.1

package/tests/integration/integration.test.ts

@@ -1,162 +0,0 @@
-import { describe, it, expect, beforeAll, afterAll } from 'vitest';
-import { Pool } from 'pg';
-import {
-  runMigrations,
-  seedStandardConsents,
-  createConsentModule,
-} from '../../src/server/index.js';
-
-const describeWithDb = process.env.DATABASE_URL ? describe : describe.skip;
-
-let pool: Pool;
-let consent: ReturnType<typeof createConsentModule>;
-
-describeWithDb('@varshylinc/onboarding-consent-engine — integration', () => {
-  beforeAll(async () => {
-    pool = new Pool({ connectionString: process.env.DATABASE_URL });
-    // Migrations already applied by global-setup; seed again is idempotent
-    await seedStandardConsents(pool, 'TestProduct');
-    consent = createConsentModule({ pool });
-  });
-
-  afterAll(async () => {
-    await pool.end();
-  });
-
-  it('runMigrations is idempotent — second call skips all', async () => {
-    const { applied, skipped } = await runMigrations(pool);
-    expect(applied).toHaveLength(0);
-    expect(skipped).toHaveLength(4);
-  });
-
-  it('oce_consent_definitions has 4 standard rows after seed', async () => {
-    const result = await pool.query('SELECT COUNT(*) FROM oce_consent_definitions');
-    expect(Number(result.rows[0].count)).toBeGreaterThanOrEqual(4);
-  });
-
-  it('recordSignupConsents inserts records for all provided keys', async () => {
-    const userId = `test-user-${Date.now()}`;
-    const records = await consent.recordSignupConsents({
-      userId,
-      consents: [
-        { key: 'terms_of_service', granted: true },
-        { key: 'privacy_policy', granted: true },
-        { key: 'marketing_emails', granted: false },
-      ],
-      ipAddress: '127.0.0.1',
-      userAgent: 'vitest',
-    });
-    expect(records).toHaveLength(3);
-    expect(records.every((r) => r.user_id === userId)).toBe(true);
-  });
-
-  it('hasUserConsented returns true for granted key', async () => {
-    const userId = `huc-${Date.now()}`;
-    await consent.recordSignupConsents({
-      userId,
-      consents: [{ key: 'privacy_policy', granted: true }],
-    });
-    expect(await consent.hasUserConsented(userId, 'privacy_policy')).toBe(true);
-  });
-
-  it('hasUserConsented returns false for un-consented key', async () => {
-    const userId = `huc2-${Date.now()}`;
-    expect(await consent.hasUserConsented(userId, 'terms_of_service')).toBe(false);
-  });
-
-  it('needsConsentUpdate returns required definitions for new user', async () => {
-    const userId = `ncu-${Date.now()}`;
-    const pending = await consent.needsConsentUpdate(userId);
-    // terms_of_service and privacy_policy are required
-    expect(pending.length).toBeGreaterThanOrEqual(2);
-    expect(pending.every((d) => d.required)).toBe(true);
-  });
-
-  it('needsConsentUpdate returns empty after user consents to all required', async () => {
-    const userId = `ncu2-${Date.now()}`;
-    await consent.recordSignupConsents({
-      userId,
-      consents: [
-        { key: 'terms_of_service', granted: true },
-        { key: 'privacy_policy', granted: true },
-      ],
-    });
-    const pending = await consent.needsConsentUpdate(userId);
-    expect(pending).toHaveLength(0);
-  });
-
-  it('getAuditTrail returns all events newest-first', async () => {
-    const userId = `audit-${Date.now()}`;
-    await consent.recordSignupConsents({
-      userId,
-      consents: [
-        { key: 'terms_of_service', granted: true },
-        { key: 'marketing_emails', granted: false },
-      ],
-    });
-    const trail = await consent.getAuditTrail(userId);
-    expect(trail.length).toBeGreaterThanOrEqual(2);
-    expect(trail[0].user_id).toBe(userId);
-  });
-
-  it('getCurrentConsents returns latest state per key', async () => {
-    const userId = `cc-${Date.now()}`;
-    await consent.recordSignupConsents({
-      userId,
-      consents: [
-        { key: 'terms_of_service', granted: true },
-        { key: 'privacy_policy', granted: true },
-      ],
-    });
-    const statuses = await consent.getCurrentConsents(userId);
-    expect(statuses.length).toBeGreaterThanOrEqual(2);
-    expect(statuses.every((s) => s.granted === true)).toBe(true);
-  });
-
-  it('getUserLatestConsents returns a map keyed by user_id', async () => {
-    const uid1 = `bulk-a-${Date.now()}`;
-    const uid2 = `bulk-b-${Date.now()}`;
-    await Promise.all([
-      consent.recordSignupConsents({
-        userId: uid1,
-        consents: [{ key: 'terms_of_service', granted: true }],
-      }),
-      consent.recordSignupConsents({
-        userId: uid2,
-        consents: [{ key: 'privacy_policy', granted: true }],
-      }),
-    ]);
-    const map = await consent.getUserLatestConsents([uid1, uid2]);
-    expect(map.has(uid1)).toBe(true);
-    expect(map.has(uid2)).toBe(true);
-    expect(map.get(uid1)!.some((s) => s.key === 'terms_of_service')).toBe(true);
-  });
-
-  it('recordSignupConsents throws for unknown consent key', async () => {
-    await expect(
-      consent.recordSignupConsents({
-        userId: 'err-user',
-        consents: [{ key: 'nonexistent_key', granted: true }],
-      }),
-    ).rejects.toThrow('Unknown consent key: nonexistent_key');
-  });
-
-  it('onConsentRecorded adapter hook is called', async () => {
-    const calls: Array<{ userId: string; key: string; granted: boolean }> = [];
-    const tracked = createConsentModule({
-      pool,
-      adapter: {
-        onConsentRecorded(userId, key, granted) {
-          calls.push({ userId, key, granted });
-        },
-      },
-    });
-    const userId = `hook-${Date.now()}`;
-    await tracked.recordSignupConsents({
-      userId,
-      consents: [{ key: 'terms_of_service', granted: true }],
-    });
-    expect(calls).toHaveLength(1);
-    expect(calls[0]).toMatchObject({ userId, key: 'terms_of_service', granted: true });
-  });
-});

package/tests/setup/global-setup.ts

@@ -1,16 +0,0 @@
-import { Pool } from 'pg';
-
-export async function setup(): Promise<void> {
-  const databaseUrl = process.env.DATABASE_URL;
-  if (!databaseUrl) return;
-  const { runMigrations, seedStandardConsents } = await import(
-    '../../src/server/index.js'
-  );
-  const pool = new Pool({ connectionString: databaseUrl });
-  try {
-    await runMigrations(pool);
-    await seedStandardConsents(pool, 'TestProduct');
-  } finally {
-    await pool.end();
-  }
-}

package/tests/unit/applyProductName.test.ts

@@ -1,20 +0,0 @@
-import { describe, it, expect } from 'vitest';
-import { applyProductName } from '../../src/server/templates/applyProductName.js';
-
-describe('applyProductName', () => {
-  it('replaces {{PRODUCT_NAME}} placeholder', () => {
-    expect(applyProductName('I agree to the {{PRODUCT_NAME}} Terms.', 'ConstructInv')).toBe(
-      'I agree to the ConstructInv Terms.',
-    );
-  });
-
-  it('replaces multiple occurrences', () => {
-    expect(
-      applyProductName('{{PRODUCT_NAME}} is cool. Use {{PRODUCT_NAME}}.', 'DailyLog'),
-    ).toBe('DailyLog is cool. Use DailyLog.');
-  });
-
-  it('leaves strings without placeholder unchanged', () => {
-    expect(applyProductName('No placeholder here.', 'X')).toBe('No placeholder here.');
-  });
-});

package/tests/unit/getAuditTrail.test.ts

@@ -1,33 +0,0 @@
-import { describe, it, expect, vi } from 'vitest';
-import { getAuditTrail } from '../../src/server/lib/getAuditTrail.js';
-import type { Pool } from 'pg';
-
-function makePool(rows: object[]): Pool {
-  return { query: vi.fn().mockResolvedValue({ rows }) } as unknown as Pool;
-}
-
-describe('getAuditTrail', () => {
-  it('returns audit entries for a user', async () => {
-    const entries = [
-      { id: 1, user_id: 'u1', key: 'terms_of_service', version: 1, granted: true },
-      { id: 2, user_id: 'u1', key: 'privacy_policy', version: 1, granted: true },
-    ];
-    const pool = makePool(entries);
-    const result = await getAuditTrail(pool, 'u1');
-    expect(result).toEqual(entries);
-  });
-
-  it('passes limit=50 by default', async () => {
-    const pool = makePool([]);
-    await getAuditTrail(pool, 'u1');
-    const [, params] = (pool.query as ReturnType<typeof vi.fn>).mock.calls[0];
-    expect(params[1]).toBe(50);
-  });
-
-  it('passes custom limit', async () => {
-    const pool = makePool([]);
-    await getAuditTrail(pool, 'u1', 10);
-    const [, params] = (pool.query as ReturnType<typeof vi.fn>).mock.calls[0];
-    expect(params[1]).toBe(10);
-  });
-});

package/tests/unit/hasUserConsented.test.ts

@@ -1,24 +0,0 @@
-import { describe, it, expect, vi } from 'vitest';
-import { hasUserConsented } from '../../src/server/lib/hasUserConsented.js';
-import type { Pool } from 'pg';
-
-function makePool(rows: object[]): Pool {
-  return { query: vi.fn().mockResolvedValue({ rows }) } as unknown as Pool;
-}
-
-describe('hasUserConsented', () => {
-  it('returns true when latest record is granted=true', async () => {
-    const pool = makePool([{ granted: true }]);
-    expect(await hasUserConsented(pool, 'u1', 'terms_of_service')).toBe(true);
-  });
-
-  it('returns false when latest record is granted=false', async () => {
-    const pool = makePool([{ granted: false }]);
-    expect(await hasUserConsented(pool, 'u1', 'terms_of_service')).toBe(false);
-  });
-
-  it('returns false when no record exists', async () => {
-    const pool = makePool([]);
-    expect(await hasUserConsented(pool, 'u1', 'terms_of_service')).toBe(false);
-  });
-});

package/tests/unit/needsConsentUpdate.test.ts

@@ -1,24 +0,0 @@
-import { describe, it, expect, vi } from 'vitest';
-import { needsConsentUpdate } from '../../src/server/lib/needsConsentUpdate.js';
-import type { Pool } from 'pg';
-
-function makePool(rows: object[]): Pool {
-  return { query: vi.fn().mockResolvedValue({ rows }) } as unknown as Pool;
-}
-
-describe('needsConsentUpdate', () => {
-  it('returns definitions that still need consent', async () => {
-    const missing = [
-      { id: 1, key: 'terms_of_service', version: 2, required: true, display_text: 'ToS' },
-    ];
-    const pool = makePool(missing);
-    const result = await needsConsentUpdate(pool, 'u1');
-    expect(result).toEqual(missing);
-  });
-
-  it('returns empty array when user has all current consents', async () => {
-    const pool = makePool([]);
-    const result = await needsConsentUpdate(pool, 'u1');
-    expect(result).toHaveLength(0);
-  });
-});

package/tests/unit/recordConsent.test.ts

@@ -1,41 +0,0 @@
-import { describe, it, expect, vi } from 'vitest';
-import { recordConsent } from '../../src/server/lib/recordConsent.js';
-import type { Pool } from 'pg';
-
-function makePool(rows: object[]): Pool {
-  return { query: vi.fn().mockResolvedValue({ rows }) } as unknown as Pool;
-}
-
-describe('recordConsent', () => {
-  it('inserts a consent record and returns it', async () => {
-    const expected = {
-      id: 1,
-      user_id: '42',
-      definition_id: 3,
-      version: 1,
-      granted: true,
-      ip_address: '127.0.0.1',
-      user_agent: 'vitest',
-      consented_at: new Date(),
-    };
-    const pool = makePool([expected]);
-    const result = await recordConsent(pool, {
-      userId: '42',
-      definitionId: 3,
-      version: 1,
-      granted: true,
-      ipAddress: '127.0.0.1',
-      userAgent: 'vitest',
-    });
-    expect(result).toEqual(expected);
-    expect(pool.query).toHaveBeenCalledOnce();
-  });
-
-  it('passes null for missing ipAddress and userAgent', async () => {
-    const pool = makePool([{ id: 1 }]);
-    await recordConsent(pool, { userId: 'u1', definitionId: 1, version: 1, granted: false });
-    const [, params] = (pool.query as ReturnType<typeof vi.fn>).mock.calls[0];
-    expect(params[4]).toBeNull();
-    expect(params[5]).toBeNull();
-  });
-});

package/tsconfig.client.json

@@ -1,15 +0,0 @@
-{
-  "compilerOptions": {
-    "target": "ES2020",
-    "module": "ESNext",
-    "moduleResolution": "Bundler",
-    "lib": ["ES2020", "DOM", "DOM.Iterable"],
-    "jsx": "react-jsx",
-    "strict": true,
-    "noEmit": true,
-    "esModuleInterop": true,
-    "skipLibCheck": true
-  },
-  "include": ["src/client/**/*", "src/shared/**/*"],
-  "exclude": ["node_modules", "dist"]
-}

package/tsconfig.json

@@ -1,19 +0,0 @@
-{
-  "compilerOptions": {
-    "target": "ES2022",
-    "module": "NodeNext",
-    "moduleResolution": "NodeNext",
-    "lib": ["ES2022"],
-    "outDir": "./dist",
-    "rootDir": "./src",
-    "declaration": true,
-    "declarationMap": true,
-    "sourceMap": true,
-    "strict": true,
-    "esModuleInterop": true,
-    "skipLibCheck": true,
-    "resolveJsonModule": true
-  },
-  "include": ["src/index.ts", "src/server/**/*", "src/shared/**/*"],
-  "exclude": ["node_modules", "dist", "src/client/**/*"]
-}

package/vitest.config.ts

@@ -1,9 +0,0 @@
-import { defineConfig } from 'vitest/config';
-
-export default defineConfig({
-  test: {
-    environment: 'node',
-    globalSetup: 'tests/setup/global-setup.ts',
-    include: ['tests/**/*.test.ts', 'tests/**/*.test.tsx'],
-  },
-});