backend-manager 5.6.3 → 5.7.0

package/test/mcp/utils.js

@@ -0,0 +1,245 @@
+/**
+ * Test: MCP utility functions
+ * Tests resolveAuthInfo, filterToolsByRole, loadConsumerTools, buildToolMap
+ *
+ * Run: npx mgr test bem:mcp/utils
+ */
+const path = require('path');
+
+module.exports = {
+  description: 'MCP utility functions',
+  type: 'group',
+
+  tests: [
+    // --- resolveAuthInfo ---
+
+    {
+      name: 'resolveAuthInfo: admin key returns admin role',
+      async run({ assert }) {
+        const { resolveAuthInfo } = require('../../src/mcp/utils.js');
+        const saved = process.env.BACKEND_MANAGER_KEY;
+
+        try {
+          process.env.BACKEND_MANAGER_KEY = 'test-admin-key';
+          const result = resolveAuthInfo('test-admin-key');
+
+          assert.equal(result.role, 'admin', 'Should be admin');
+          assert.equal(result.authType, 'adminKey', 'Should be adminKey type');
+          assert.equal(result.token, 'test-admin-key', 'Token should match');
+        } finally {
+          process.env.BACKEND_MANAGER_KEY = saved;
+        }
+      },
+    },
+
+    {
+      name: 'resolveAuthInfo: non-admin token returns user role',
+      async run({ assert }) {
+        const { resolveAuthInfo } = require('../../src/mcp/utils.js');
+        const result = resolveAuthInfo('some-user-api-key');
+
+        assert.equal(result.role, 'user', 'Should be user');
+        assert.equal(result.authType, 'userToken', 'Should be userToken type');
+      },
+    },
+
+    {
+      name: 'resolveAuthInfo: empty token returns public role',
+      async run({ assert }) {
+        const { resolveAuthInfo } = require('../../src/mcp/utils.js');
+        const result = resolveAuthInfo('');
+
+        assert.equal(result.role, 'public', 'Should be public');
+        assert.equal(result.authType, 'none', 'Should be none type');
+        assert.equal(result.token, '', 'Token should be empty');
+      },
+    },
+
+    {
+      name: 'resolveAuthInfo: null/undefined token returns public role',
+      async run({ assert }) {
+        const { resolveAuthInfo } = require('../../src/mcp/utils.js');
+
+        assert.equal(resolveAuthInfo(null).role, 'public', 'null should be public');
+        assert.equal(resolveAuthInfo(undefined).role, 'public', 'undefined should be public');
+      },
+    },
+
+    {
+      name: 'resolveAuthInfo: returns public when BACKEND_MANAGER_KEY is not set',
+      async run({ assert }) {
+        const { resolveAuthInfo } = require('../../src/mcp/utils.js');
+        const saved = process.env.BACKEND_MANAGER_KEY;
+
+        try {
+          delete process.env.BACKEND_MANAGER_KEY;
+          const result = resolveAuthInfo('any-token');
+
+          assert.equal(result.role, 'user', 'Non-empty token with no config key should be user');
+        } finally {
+          process.env.BACKEND_MANAGER_KEY = saved;
+        }
+      },
+    },
+
+    // --- filterToolsByRole ---
+
+    {
+      name: 'filterToolsByRole: admin sees all roles',
+      async run({ assert }) {
+        const { filterToolsByRole } = require('../../src/mcp/utils.js');
+        const tools = [
+          { name: 'a', role: 'admin' },
+          { name: 'b', role: 'user' },
+          { name: 'c', role: 'public' },
+        ];
+        const result = filterToolsByRole(tools, 'admin');
+
+        assert.equal(result.length, 3, 'Admin should see all 3');
+      },
+    },
+
+    {
+      name: 'filterToolsByRole: user sees user + public only',
+      async run({ assert }) {
+        const { filterToolsByRole } = require('../../src/mcp/utils.js');
+        const tools = [
+          { name: 'a', role: 'admin' },
+          { name: 'b', role: 'user' },
+          { name: 'c', role: 'public' },
+        ];
+        const result = filterToolsByRole(tools, 'user');
+
+        assert.equal(result.length, 2, 'User should see 2');
+        assert.ok(result.some((t) => t.name === 'b'), 'Should include user tool');
+        assert.ok(result.some((t) => t.name === 'c'), 'Should include public tool');
+        assert.ok(!result.some((t) => t.name === 'a'), 'Should exclude admin tool');
+      },
+    },
+
+    {
+      name: 'filterToolsByRole: public sees public only',
+      async run({ assert }) {
+        const { filterToolsByRole } = require('../../src/mcp/utils.js');
+        const tools = [
+          { name: 'a', role: 'admin' },
+          { name: 'b', role: 'user' },
+          { name: 'c', role: 'public' },
+        ];
+        const result = filterToolsByRole(tools, 'public');
+
+        assert.equal(result.length, 1, 'Public should see 1');
+        assert.equal(result[0].name, 'c', 'Should be the public tool');
+      },
+    },
+
+    {
+      name: 'filterToolsByRole: tools without role default to admin',
+      async run({ assert }) {
+        const { filterToolsByRole } = require('../../src/mcp/utils.js');
+        const tools = [{ name: 'no-role' }];
+
+        assert.equal(filterToolsByRole(tools, 'admin').length, 1, 'Admin should see role-less tool');
+        assert.equal(filterToolsByRole(tools, 'user').length, 0, 'User should not see role-less tool');
+        assert.equal(filterToolsByRole(tools, 'public').length, 0, 'Public should not see role-less tool');
+      },
+    },
+
+    {
+      name: 'filterToolsByRole: unknown role treated as public',
+      async run({ assert }) {
+        const { filterToolsByRole } = require('../../src/mcp/utils.js');
+        const tools = [
+          { name: 'a', role: 'admin' },
+          { name: 'b', role: 'user' },
+          { name: 'c', role: 'public' },
+        ];
+        const result = filterToolsByRole(tools, 'garbage');
+
+        assert.equal(result.length, 1, 'Unknown role should see public only');
+      },
+    },
+
+    // --- loadConsumerTools ---
+
+    {
+      name: 'loadConsumerTools: returns empty array when no cwd',
+      async run({ assert }) {
+        const { loadConsumerTools } = require('../../src/mcp/utils.js');
+
+        assert.equal(loadConsumerTools(null).length, 0, 'null cwd');
+        assert.equal(loadConsumerTools('').length, 0, 'empty cwd');
+        assert.equal(loadConsumerTools(undefined).length, 0, 'undefined cwd');
+      },
+    },
+
+    {
+      name: 'loadConsumerTools: returns empty array for non-existent directory',
+      async run({ assert }) {
+        const { loadConsumerTools } = require('../../src/mcp/utils.js');
+        const result = loadConsumerTools('/tmp/does-not-exist-12345');
+
+        assert.equal(result.length, 0, 'Should return empty array');
+      },
+    },
+
+    // --- buildToolMap ---
+
+    {
+      name: 'buildToolMap: consumer tools override built-ins with same name',
+      async run({ assert }) {
+        const { buildToolMap } = require('../../src/mcp/utils.js');
+        const builtin = [{ name: 'tool_a', description: 'original' }];
+        const consumer = [{ name: 'tool_a', description: 'override', _consumer: true }];
+
+        const map = buildToolMap(builtin, consumer);
+        assert.equal(map.get('tool_a').description, 'override', 'Consumer should override');
+        assert.equal(map.get('tool_a')._consumer, true, 'Should be marked as consumer');
+      },
+    },
+
+    {
+      name: 'buildToolMap: merges non-overlapping tools',
+      async run({ assert }) {
+        const { buildToolMap } = require('../../src/mcp/utils.js');
+        const builtin = [{ name: 'a' }, { name: 'b' }];
+        const consumer = [{ name: 'c' }];
+
+        const map = buildToolMap(builtin, consumer);
+        assert.equal(map.size, 3, 'Should have 3 tools total');
+        assert.ok(map.has('a'), 'Should have a');
+        assert.ok(map.has('b'), 'Should have b');
+        assert.ok(map.has('c'), 'Should have c');
+      },
+    },
+
+    // --- Real tools verification ---
+
+    {
+      name: 'all 19 built-in tools have a role assigned',
+      async run({ assert }) {
+        const tools = require('../../src/mcp/tools.js');
+
+        assert.equal(tools.length, 25, 'Should have 25 tools');
+
+        const missing = tools.filter((t) => !t.role);
+        assert.equal(missing.length, 0, `All tools should have roles, missing: ${missing.map((t) => t.name).join(', ')}`);
+      },
+    },
+
+    {
+      name: 'role distribution matches expected counts',
+      async run({ assert }) {
+        const tools = require('../../src/mcp/tools.js');
+
+        const admin = tools.filter((t) => t.role === 'admin');
+        const user = tools.filter((t) => t.role === 'user');
+        const pub = tools.filter((t) => t.role === 'public');
+
+        assert.equal(admin.length, 22, `Should have 22 admin tools, got ${admin.length}`);
+        assert.equal(user.length, 2, `Should have 2 user tools, got ${user.length}`);
+        assert.equal(pub.length, 1, `Should have 1 public tool, got ${pub.length}`);
+      },
+    },
+  ],
+};

package/test/routes/marketing/webhook.js

@@ -18,8 +18,12 @@
  *   - Silent skip when email doesn't map to a user (shared SendGrid account scenario)
  *   - Batched events processed independently
  *   - Unsupported event types ignored
+ *
+ * All revoke-event tests target the dedicated `journey-webhook-revoke` account: they
+ * leave it with consent.marketing.status='revoked' (persistent side-effect data), which
+ * must never land on the shared `basic` account — revoked consent persists for the rest
+ * of the run and trips the email library's consent gate for later syncs of that account.
  */
-const { TEST_ACCOUNTS } = require('../../../src/test/test-accounts.js');
 
 // Helper — generate a unique sg_event_id per test
 function sgEventId(name) {
@@ -105,8 +109,8 @@ module.exports = {
       name: 'sendgrid-group-unsubscribe-writes-consent',
       auth: 'none',
       async run({ http, firestore, assert, accounts }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('group-unsub');
         const eventTimestamp = Math.floor(Date.now() / 1000);
 
@@ -130,8 +134,8 @@ module.exports = {
       name: 'sendgrid-unsubscribe-event-handled',
       auth: 'none',
       async run({ http, firestore, assert, accounts }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('unsub');
 
         const response = await http.as('none').post(
@@ -152,8 +156,8 @@ module.exports = {
       name: 'sendgrid-spamreport-event-handled',
       auth: 'none',
       async run({ http, firestore, assert, accounts }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('spamreport');
 
         const response = await http.as('none').post(
@@ -173,8 +177,8 @@ module.exports = {
       name: 'sendgrid-hard-bounce-event-handled',
       auth: 'none',
       async run({ http, firestore, assert, accounts }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('hard-bounce');
 
         // Only hard bounces (bounce_classification='Invalid Address') revoke consent.
@@ -195,8 +199,8 @@ module.exports = {
       name: 'sendgrid-dropped-hard-bounce-handled',
       auth: 'none',
       async run({ http, firestore, assert, accounts }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('dropped');
 
         // 'dropped' follows the same classification filter as 'bounce'.
@@ -219,7 +223,7 @@ module.exports = {
       name: 'sendgrid-technical-bounce-ignored',
       auth: 'none',
       async run({ http, assert, accounts }) {
-        const email = accounts.basic.email;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('technical-bounce');
 
         // Technical bounces (DMARC, TLS, DNS) are sender-side issues — the recipient's
@@ -239,7 +243,7 @@ module.exports = {
       name: 'sendgrid-bounce-without-classification-ignored',
       auth: 'none',
       async run({ http, assert, accounts }) {
-        const email = accounts.basic.email;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('unclassified-bounce');
 
         // No bounce_classification — can't confirm a hard bounce, so skip.
@@ -258,7 +262,7 @@ module.exports = {
       name: 'sendgrid-delivered-event-ignored',
       auth: 'none',
       async run({ http, firestore, assert, accounts }) {
-        const email = accounts.basic.email;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('delivered');
 
         const response = await http.as('none').post(
@@ -276,7 +280,7 @@ module.exports = {
       name: 'sendgrid-open-event-ignored',
       auth: 'none',
       async run({ http, assert, accounts }) {
-        const email = accounts.basic.email;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('open');
 
         const response = await http.as('none').post(
@@ -317,8 +321,8 @@ module.exports = {
       name: 'sendgrid-batched-events-processed-independently',
       auth: 'none',
       async run({ http, firestore, assert, accounts }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const e1 = sgEventId('batch-1');
         const e2 = sgEventId('batch-2');
         const e3 = sgEventId('batch-3');
@@ -348,8 +352,8 @@ module.exports = {
       name: 'sendgrid-duplicate-event-reprocessed-idempotently',
       auth: 'none',
       async run({ http, firestore, assert, accounts }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = sgEventId('duplicate');
 
         // First delivery
@@ -380,8 +384,8 @@ module.exports = {
       name: 'sendgrid-event-without-eventId-processed',
       auth: 'none',
       async run({ http, firestore, assert, accounts }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
 
         const response = await http.as('none').post(
           `backend-manager/marketing/webhook?provider=sendgrid&key=${process.env.BACKEND_MANAGER_WEBHOOK_KEY}`,
@@ -404,8 +408,8 @@ module.exports = {
       name: 'beehiiv-subscription-unsubscribed-writes-consent',
       auth: 'none',
       async run({ http, firestore, assert, accounts, config, skip }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = `_test-bh-unsub-${Date.now()}`;
         const eventISO = new Date().toISOString();
         const publicationId = config.marketing?.newsletter?.publicationId;
@@ -439,8 +443,8 @@ module.exports = {
       name: 'beehiiv-subscription-deleted-handled',
       auth: 'none',
       async run({ http, firestore, assert, accounts, config }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = `_test-bh-deleted-${Date.now()}`;
         const publicationId = config.marketing?.newsletter?.publicationId;
 
@@ -468,8 +472,8 @@ module.exports = {
       name: 'beehiiv-subscription-paused-handled',
       auth: 'none',
       async run({ http, firestore, assert, accounts, config }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = `_test-bh-paused-${Date.now()}`;
         const publicationId = config.marketing?.newsletter?.publicationId;
 
@@ -499,13 +503,13 @@ module.exports = {
         // Send an event with a publication_id that does NOT match this brand's pub.
         // Simulates the shared-devbeans scenario where the parent forwarder fans
         // an event to brands that don't share the publication — they silent-skip.
-        const email = accounts.basic.email;
+        const email = accounts['journey-webhook-revoke'].email;
         const eventId = `_test-bh-pubmismatch-${Date.now()}`;
 
         // Snapshot revokedAt BEFORE the request so we can prove the pub-mismatch
         // handler didn't write anything new. (The basic account may already have
         // a beehiiv-sourced revoke from a prior test that legitimately fired.)
-        const beforeDoc = await firestore.get(`users/${accounts.basic.uid}`);
+        const beforeDoc = await firestore.get(`users/${accounts['journey-webhook-revoke'].uid}`);
         const beforeRevokedAt = beforeDoc?.consent?.marketing?.revokedAt || null;
 
         const response = await http.as('none').post(
@@ -527,7 +531,7 @@ module.exports = {
 
         // Reload the user doc and verify revokedAt is byte-equivalent to before —
         // pub-mismatch must not write a new revoke entry.
-        const afterDoc = await firestore.get(`users/${accounts.basic.uid}`);
+        const afterDoc = await firestore.get(`users/${accounts['journey-webhook-revoke'].uid}`);
         const afterRevokedAt = afterDoc?.consent?.marketing?.revokedAt || null;
 
         assert.deepEqual(
@@ -568,7 +572,7 @@ module.exports = {
       auth: 'none',
       async run({ http, assert, accounts, config }) {
         // 'subscription.created' (new signup) is NOT a revoke — should be ignored.
-        const email = accounts.basic.email;
+        const email = accounts['journey-webhook-revoke'].email;
         const publicationId = config.marketing?.newsletter?.publicationId;
         const eventId = `_test-bh-created-${Date.now()}`;
 
@@ -593,8 +597,8 @@ module.exports = {
       name: 'beehiiv-duplicate-event-reprocessed-idempotently',
       auth: 'none',
       async run({ http, firestore, assert, accounts, config, skip }) {
-        const uid = accounts.basic.uid;
-        const email = accounts.basic.email;
+        const uid = accounts['journey-webhook-revoke'].uid;
+        const email = accounts['journey-webhook-revoke'].email;
         const publicationId = config.marketing?.newsletter?.publicationId;
         const eventId = `_test-bh-dup-${Date.now()}`;
 

package/.claude/settings.local.json

@@ -1,12 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "Bash(grep -B2 -A20 \"Generate a newsletter preview\" /tmp/bem-test-run-3.log | head -50)",
-      "Bash(sed 's/\\\\x1b\\\\[[0-9;]*m//g')",
-      "Read(//tmp/**)",
-      "Bash(TEST_EXTENDED_MODE=1 npx mgr test 2>&1 | sed 's/\\\\x1b\\\\[[0-9;]*m//g' > /tmp/bem-run-6.log; grep -E \"passing|failing|skipped\" /tmp/bem-run-6.log | tail -5)",
-      "Bash(awk -F'`' '{print $2}')",
-      "Bash(TEST_EXTENDED_MODE=1 npx mgr test 2>&1 | sed 's/\\\\x1b\\\\[[0-9;]*m//g' > /tmp/bem-cleanup-run2.log; grep -E \"\\(passing|failing|skipped\\)\" /tmp/bem-cleanup-run2.log | tail -5)"
-    ]
-  }
-}