backend-manager 5.1.2 → 5.2.0

package/test/routes/payments/dispute-alert.js

@@ -105,9 +105,6 @@ module.exports = {
       async run({ http, assert, firestore }) {
         const alertId = '_test-dispute-valid';
 
-        // Clean up any existing doc
-        await firestore.delete(`payments-disputes/${alertId}`);
-
         const response = await http.as('none').post(`payments/dispute-alert?key=${process.env.BACKEND_MANAGER_KEY}`, {
           id: alertId,
           card: '4242424242424242',
@@ -157,9 +154,6 @@ module.exports = {
         // Verify raw payload is preserved
         assert.ok(doc.raw, 'Raw payload should be preserved');
         assert.equal(doc.raw.id, alertId, 'Raw id should match');
-
-        // Clean up
-        await firestore.delete(`payments-disputes/${alertId}`);
       },
     },
 
@@ -169,9 +163,6 @@ module.exports = {
       async run({ http, assert, firestore }) {
         const alertId = '_test-dispute-alertid-field';
 
-        // Clean up any existing doc
-        await firestore.delete(`payments-disputes/${alertId}`);
-
         // Chargeblast alert.created events use alertId instead of id
         const response = await http.as('none').post(`payments/dispute-alert?key=${process.env.BACKEND_MANAGER_KEY}`, {
           alertId: alertId,
@@ -188,9 +179,6 @@ module.exports = {
         assert.equal(doc.id, alertId, 'Doc ID should match alertId');
         assert.equal(doc.alert.id, alertId, 'Alert id should be set from alertId');
         assert.equal(doc.alert.card.last4, '5805', 'Should extract last4 from masked card');
-
-        // Clean up
-        await firestore.delete(`payments-disputes/${alertId}`);
       },
     },
 
@@ -200,9 +188,6 @@ module.exports = {
       async run({ http, assert, firestore }) {
         const alertId = '_test-dispute-minimal';
 
-        // Clean up any existing doc
-        await firestore.delete(`payments-disputes/${alertId}`);
-
         // Send minimal alert (alert.created shape — no externalOrder, metadata, etc.)
         const response = await http.as('none').post(`payments/dispute-alert?key=${process.env.BACKEND_MANAGER_KEY}`, {
           id: alertId,
@@ -224,9 +209,6 @@ module.exports = {
         assert.equal(doc.alert.reasonCode, null, 'Reason code should be null when not provided');
         assert.equal(doc.alert.subprovider, null, 'Subprovider should be null when not provided');
         assert.equal(doc.alert.isRefunded, false, 'isRefunded should default to false');
-
-        // Clean up
-        await firestore.delete(`payments-disputes/${alertId}`);
       },
     },
 
@@ -236,9 +218,6 @@ module.exports = {
       async run({ http, assert, firestore }) {
         const alertId = '_test-dispute-last4';
 
-        // Clean up any existing doc
-        await firestore.delete(`payments-disputes/${alertId}`);
-
         const response = await http.as('none').post(`payments/dispute-alert?key=${process.env.BACKEND_MANAGER_KEY}`, {
           id: alertId,
           card: '1234',
@@ -251,9 +230,6 @@ module.exports = {
         const doc = await firestore.get(`payments-disputes/${alertId}`);
         assert.equal(doc.alert.card.last4, '1234', 'Should use card value as last4 when already 4 digits');
         assert.equal(doc.alert.processor, 'stripe', 'Processor should default to stripe');
-
-        // Clean up
-        await firestore.delete(`payments-disputes/${alertId}`);
       },
     },
 
@@ -263,9 +239,6 @@ module.exports = {
       async run({ http, assert, firestore }) {
         const alertId = '_test-dispute-duplicate';
 
-        // Clean up any existing doc
-        await firestore.delete(`payments-disputes/${alertId}`);
-
         // Send first alert
         await http.as('none').post(`payments/dispute-alert?key=${process.env.BACKEND_MANAGER_KEY}`, {
           id: alertId,
@@ -284,9 +257,6 @@ module.exports = {
 
         assert.isSuccess(response, 'Duplicate should still return 200');
         assert.equal(response.data.duplicate, true, 'Should indicate duplicate');
-
-        // Clean up
-        await firestore.delete(`payments-disputes/${alertId}`);
       },
     },
 
@@ -320,9 +290,6 @@ module.exports = {
           doc.status === 'pending' || doc.status === 'processing',
           'Status should be pending or processing after retry',
         );
-
-        // Clean up
-        await firestore.delete(`payments-disputes/${alertId}`);
       },
     },
 
@@ -332,9 +299,6 @@ module.exports = {
       async run({ http, assert, firestore }) {
         const alertId = '_test-dispute-default-provider';
 
-        // Clean up any existing doc
-        await firestore.delete(`payments-disputes/${alertId}`);
-
         // Send without provider query param
         const response = await http.as('none').post(`payments/dispute-alert?key=${process.env.BACKEND_MANAGER_KEY}`, {
           id: alertId,
@@ -347,9 +311,6 @@ module.exports = {
 
         const doc = await firestore.get(`payments-disputes/${alertId}`);
         assert.equal(doc.provider, 'chargeblast', 'Provider should default to chargeblast');
-
-        // Clean up
-        await firestore.delete(`payments-disputes/${alertId}`);
       },
     },
   ],

package/test/routes/payments/refund.js

@@ -133,10 +133,12 @@ module.exports = {
             && userDoc?.subscription?.status === 'active';
         }, 15000, 500);
 
-        // Step 2: Cancel the subscription first (refund requires cancellation)
+        // Step 2: Cancel the subscription first (refund requires cancellation).
+        // skipGuards bypasses the 24-hour subscription-age guard on the cancel route.
         const cancelResponse = await http.as('route-refund-success').post('payments/cancel', {
           confirmed: true,
           reason: 'Too expensive',
+          skipGuards: true,
         });
 
         assert.isSuccess(cancelResponse, 'Cancel should succeed');

package/test/routes/payments/webhook.js

@@ -50,9 +50,6 @@ module.exports = {
       async run({ http, assert, firestore }) {
         const eventId = '_test-evt-valid-webhook';
 
-        // Clean up any existing doc
-        await firestore.delete(`payments-webhooks/${eventId}`);
-
         const response = await http.as('none').post(`payments/webhook?processor=stripe&key=${process.env.BACKEND_MANAGER_KEY}`, {
           id: eventId,
           type: 'customer.subscription.updated',
@@ -76,9 +73,6 @@ module.exports = {
           doc.status === 'pending' || doc.status === 'processing' || doc.status === 'completed' || doc.status === 'failed',
           'Status should be pending, processing, completed, or failed',
         );
-
-        // Clean up
-        await firestore.delete(`payments-webhooks/${eventId}`);
       },
     },
 
@@ -88,11 +82,9 @@ module.exports = {
       async run({ http, assert, firestore }) {
         const eventId = '_test-evt-duplicate';
 
-        // Clean up any existing doc
-        await firestore.delete(`payments-webhooks/${eventId}`);
-
-        // Send first webhook
-        await http.as('none').post(`payments/webhook?processor=stripe&key=${process.env.BACKEND_MANAGER_KEY}`, {
+        // Use the test processor so the on-write trigger doesn't require STRIPE_SECRET_KEY
+        // (a failed first webhook would let the dedup-retry branch fire instead of returning duplicate=true)
+        const send = () => http.as('none').post(`payments/webhook?processor=test&key=${process.env.BACKEND_MANAGER_KEY}`, {
           id: eventId,
           type: 'customer.subscription.updated',
           data: {
@@ -104,24 +96,11 @@ module.exports = {
           },
         });
 
-        // Send duplicate
-        const response = await http.as('none').post(`payments/webhook?processor=stripe&key=${process.env.BACKEND_MANAGER_KEY}`, {
-          id: eventId,
-          type: 'customer.subscription.updated',
-          data: {
-            object: {
-              id: 'sub_test_dup',
-              metadata: { uid: TEST_ACCOUNTS.basic.uid },
-              status: 'active',
-            },
-          },
-        });
+        await send();
+        const response = await send();
 
         assert.isSuccess(response, 'Duplicate should still return 200');
         assert.equal(response.data.duplicate, true, 'Should indicate duplicate');
-
-        // Clean up
-        await firestore.delete(`payments-webhooks/${eventId}`);
       },
     },
   ],

package/test/routes/test/usage.js

@@ -258,12 +258,12 @@ module.exports = {
               const doc = await firestore.get(`users/${accounts.basic.uid}`);
               return doc?.usage?.requests?.daily === 0;
             },
-            10000,
+            15000,
             500
           );
           assert.ok(true, 'Daily counter was reset to 0 by cron');
         } catch (error) {
-          assert.fail('Daily counter should be reset to 0 within 10s');
+          assert.fail('Daily counter should be reset to 0 within 15s');
         }
       },
     },

package/test/routes/user/signup.js

@@ -234,6 +234,120 @@ module.exports = {
       },
     },
 
+    // --- Consent capture tests ---
+    {
+      name: 'consent-granted-both-records-canonical-shape',
+      async run({ http, firestore, assert, accounts }) {
+        const consentText = {
+          legal: 'I agree to the Terms of Service and Privacy Policy.',
+          marketing: 'Send me product updates and newsletters. You can unsubscribe anytime.',
+        };
+
+        // Use absurdly-old client timestamp to prove server time wins (defense vs clock skew)
+        const beforeMs = Date.now();
+
+        const signupResponse = await http.as('consent-granted').post('user/signup', {
+          consent: {
+            legal: { granted: true, text: consentText.legal, timestamp: '2000-01-01T00:00:00.000Z' },
+            marketing: { granted: true, text: consentText.marketing, timestamp: '2000-01-01T00:00:00.000Z' },
+          },
+        });
+
+        assert.isSuccess(signupResponse, `Signup should succeed: ${JSON.stringify(signupResponse, null, 2)}`);
+
+        const afterMs = Date.now();
+        const userDoc = await firestore.get(`users/${accounts['consent-granted'].uid}`);
+
+        // Legal
+        assert.equal(userDoc?.consent?.legal?.status, 'granted', 'consent.legal.status should be granted');
+        assert.equal(userDoc?.consent?.legal?.grantedAt?.source, 'signup', 'legal grantedAt.source should be signup-form');
+        assert.equal(userDoc?.consent?.legal?.grantedAt?.text, consentText.legal, 'legal grantedAt.text should match client payload');
+        assert.ok(userDoc?.consent?.legal?.grantedAt?.timestamp, 'legal grantedAt.timestamp should be set');
+        assert.equal(typeof userDoc?.consent?.legal?.grantedAt?.timestampUNIX, 'number', 'legal grantedAt.timestampUNIX should be number');
+
+        // Server time MUST be used (the client-supplied 2000-01-01 should NOT appear)
+        const legalUNIX = userDoc.consent.legal.grantedAt.timestampUNIX;
+        const beforeUNIX = Math.floor(beforeMs / 1000);
+        const afterUNIX = Math.floor(afterMs / 1000);
+        assert.ok(
+          legalUNIX >= beforeUNIX && legalUNIX <= afterUNIX,
+          `legal grantedAt.timestampUNIX (${legalUNIX}) must be server time, not client time. expected between ${beforeUNIX} and ${afterUNIX}`
+        );
+
+        // Marketing
+        assert.equal(userDoc?.consent?.marketing?.status, 'granted', 'consent.marketing.status should be granted');
+        assert.equal(userDoc?.consent?.marketing?.grantedAt?.source, 'signup', 'marketing grantedAt.source should be signup-form');
+        assert.equal(userDoc?.consent?.marketing?.grantedAt?.text, consentText.marketing, 'marketing grantedAt.text should match client payload');
+        assert.equal(typeof userDoc?.consent?.marketing?.grantedAt?.timestampUNIX, 'number', 'marketing grantedAt.timestampUNIX should be number');
+
+        // revokedAt should be all-null sibling object (NOT undefined, NOT missing)
+        assert.ok(userDoc?.consent?.marketing?.revokedAt, 'marketing.revokedAt object should exist (not null)');
+        assert.equal(userDoc?.consent?.marketing?.revokedAt?.timestamp, null, 'marketing revokedAt.timestamp should be null');
+        assert.equal(userDoc?.consent?.marketing?.revokedAt?.source, null, 'marketing revokedAt.source should be null');
+      },
+    },
+
+    {
+      name: 'consent-marketing-declined-records-revokedAt',
+      async run({ http, firestore, assert, accounts }) {
+        const legalText = 'I agree to the Terms of Service and Privacy Policy.';
+
+        const signupResponse = await http.as('consent-declined').post('user/signup', {
+          consent: {
+            legal: { granted: true, text: legalText },
+            marketing: { granted: false, text: 'Send me updates.' },
+          },
+        });
+
+        assert.isSuccess(signupResponse, `Signup should succeed: ${JSON.stringify(signupResponse, null, 2)}`);
+
+        const userDoc = await firestore.get(`users/${accounts['consent-declined'].uid}`);
+
+        // Legal — granted normally
+        assert.equal(userDoc?.consent?.legal?.status, 'granted', 'legal.status should be granted');
+        assert.equal(userDoc?.consent?.legal?.grantedAt?.source, 'signup', 'legal grantedAt.source should be signup-form');
+
+        // Marketing — revoked at signup
+        assert.equal(userDoc?.consent?.marketing?.status, 'revoked', 'marketing.status should be revoked');
+
+        // grantedAt MUST be all-null (never granted, even though client passed text)
+        assert.equal(userDoc?.consent?.marketing?.grantedAt?.timestamp, null, 'marketing grantedAt.timestamp should be null');
+        assert.equal(userDoc?.consent?.marketing?.grantedAt?.source, null, 'marketing grantedAt.source should be null');
+        assert.equal(userDoc?.consent?.marketing?.grantedAt?.text, null, 'marketing grantedAt.text should be null (declined)');
+
+        // revokedAt MUST have signup-form-declined source + server time
+        assert.equal(userDoc?.consent?.marketing?.revokedAt?.source, 'signup', 'marketing revokedAt.source should be signup-form-declined');
+        assert.ok(userDoc?.consent?.marketing?.revokedAt?.timestamp, 'marketing revokedAt.timestamp should be set');
+        assert.equal(typeof userDoc?.consent?.marketing?.revokedAt?.timestampUNIX, 'number', 'marketing revokedAt.timestampUNIX should be number');
+        assert.equal(userDoc?.consent?.marketing?.revokedAt?.text, null, 'marketing revokedAt.text should be null (decline has no message)');
+      },
+    },
+
+    {
+      name: 'consent-missing-defaults-to-revoked',
+      async run({ http, firestore, assert, accounts }) {
+        // Client sends NO consent field at all (legacy or malformed payload).
+        // Expected: both legal + marketing default to revoked. No crash, no marketing sync.
+        const signupResponse = await http.as('consent-missing').post('user/signup', {});
+
+        assert.isSuccess(signupResponse, `Signup should succeed even with no consent: ${JSON.stringify(signupResponse, null, 2)}`);
+
+        const userDoc = await firestore.get(`users/${accounts['consent-missing'].uid}`);
+
+        assert.ok(userDoc?.consent, 'consent object should exist');
+        assert.equal(userDoc?.consent?.legal?.status, 'revoked', 'legal.status should default to revoked');
+        assert.equal(userDoc?.consent?.legal?.grantedAt?.timestamp, null, 'legal grantedAt.timestamp should be null');
+        assert.equal(userDoc?.consent?.legal?.grantedAt?.source, null, 'legal grantedAt.source should be null');
+
+        assert.equal(userDoc?.consent?.marketing?.status, 'revoked', 'marketing.status should default to revoked');
+        assert.equal(userDoc?.consent?.marketing?.grantedAt?.timestamp, null, 'marketing grantedAt.timestamp should be null');
+
+        // Even when consent is missing entirely, the revokedAt block gets stamped with signup-form-declined.
+        // This ensures the user doc has a recorded decline event for audit.
+        assert.equal(userDoc?.consent?.marketing?.revokedAt?.source, 'signup', 'marketing revokedAt.source should be signup-form-declined when consent missing');
+      },
+    },
+
     // --- Auth rejection test (at end per convention) ---
     {
       name: 'unauthenticated-rejected',