backend-manager 5.9.4 โ†’ 5.9.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (251) hide show
  1. package/CLAUDE.md +6 -0
  2. package/package.json +8 -1
  3. package/src/cli/commands/install.js +4 -3
  4. package/src/cli/commands/setup-tests/backend-manager.js +2 -1
  5. package/src/cli/commands/setup-tests/firebase-admin.js +2 -1
  6. package/src/cli/commands/setup-tests/firebase-functions.js +2 -1
  7. package/src/cli/utils/safe-install.js +13 -0
  8. package/src/manager/routes/payments/cancel/post.js +22 -2
  9. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/metadata.json +14 -0
  10. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.html +486 -0
  11. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.md +41 -0
  12. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.mjml +97 -0
  13. package/{test/email/fixtures/clean.json โ†’ src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/structure.json} +16 -4
  14. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/summary.md +1 -0
  15. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/metadata.json +14 -0
  16. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.html +486 -0
  17. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.md +41 -0
  18. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.mjml +97 -0
  19. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/structure.json +42 -0
  20. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/summary.md +1 -0
  21. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/metadata.json +14 -0
  22. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.html +486 -0
  23. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.md +41 -0
  24. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.mjml +97 -0
  25. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/structure.json +42 -0
  26. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/summary.md +1 -0
  27. package/src/test/fixtures/firebase-project/.temp/test-mode.json +6 -0
  28. package/src/test/fixtures/firebase-project/database-debug.log +12 -0
  29. package/src/test/fixtures/firebase-project/firestore-debug.log +136 -0
  30. package/src/test/fixtures/firebase-project/pubsub-debug.log +17 -0
  31. package/src/test/test-accounts.js +9 -0
  32. package/.codeclimate.yml +0 -32
  33. package/.nvmrc +0 -1
  34. package/CHANGELOG.md +0 -1432
  35. package/PROGRESS.md +0 -86
  36. package/TODO-2.md +0 -121
  37. package/TODO-CHARGEBLAST.md +0 -32
  38. package/TODO-WEBHOOK-KEY-LEGACY-REMOVAL.md +0 -15
  39. package/TODO-WEBHOOK-KEY-UPGRADE.md +0 -138
  40. package/TODO-email-auth.md +0 -14
  41. package/TODO.md +0 -187
  42. package/plans/mcp2.md +0 -247
  43. package/scripts/test-helper-providers.js +0 -162
  44. package/scripts/update-disposable-domains.js +0 -44
  45. package/templates/_.env +0 -42
  46. package/templates/_.gitignore +0 -60
  47. package/templates/backend-manager-config.json +0 -249
  48. package/templates/database.rules.json +0 -83
  49. package/templates/firebase.json +0 -66
  50. package/templates/firestore.indexes.json +0 -4
  51. package/templates/firestore.rules +0 -112
  52. package/templates/public/404.html +0 -26
  53. package/templates/public/index.html +0 -24
  54. package/templates/remoteconfig.template.json +0 -1
  55. package/templates/storage-lifecycle-config-1-day.json +0 -9
  56. package/templates/storage-lifecycle-config-30-days.json +0 -9
  57. package/templates/storage.rules +0 -8
  58. package/test/_init/accounts-validation.js +0 -58
  59. package/test/_legacy/ai/index.js +0 -231
  60. package/test/_legacy/ai/test.jpg +0 -0
  61. package/test/_legacy/ai/test.pdf +0 -0
  62. package/test/_legacy/index.js +0 -31
  63. package/test/_legacy/payment-resolver/chargebee/orders/refunded.json +0 -0
  64. package/test/_legacy/payment-resolver/chargebee/orders/unpaid.json +0 -98
  65. package/test/_legacy/payment-resolver/chargebee/subscriptions/active.json +0 -578
  66. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-in-trial.json +0 -38
  67. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-skipped-to-active.json +0 -135
  68. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active-to-cancelled.json +0 -42
  69. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active.json +0 -44
  70. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-cancelled.json +0 -39
  71. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-refund.json +0 -143
  72. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-suspended.json +0 -48
  73. package/test/_legacy/payment-resolver/coinbase/orders/regular.json +0 -204
  74. package/test/_legacy/payment-resolver/coinbase/subscriptions/cancelled.json +0 -204
  75. package/test/_legacy/payment-resolver/coinbase/subscriptions/paid-2.json +0 -125
  76. package/test/_legacy/payment-resolver/index.js +0 -1558
  77. package/test/_legacy/payment-resolver/paypal/orders/refunded.json +0 -0
  78. package/test/_legacy/payment-resolver/paypal/orders/regular.json +0 -120
  79. package/test/_legacy/payment-resolver/paypal/subscriptions/active-refund-previous-stmnt.json +0 -323
  80. package/test/_legacy/payment-resolver/paypal/subscriptions/active.json +0 -192
  81. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-in-trial.json +0 -125
  82. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-not-complete.json +0 -76
  83. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue-2.json +0 -114
  84. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue.json +0 -114
  85. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active-to-cancelled.json +0 -111
  86. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active.json +0 -132
  87. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-cancelled.json +0 -107
  88. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-expired.json +0 -91
  89. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-refund.json +0 -147
  90. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-suspended.json +0 -120
  91. package/test/_legacy/payment-resolver/stripe/orders/refunded.json +0 -0
  92. package/test/_legacy/payment-resolver/stripe/orders/regular.json +0 -91
  93. package/test/_legacy/payment-resolver/stripe/subscriptions/active.json +0 -421
  94. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-in-trial.json +0 -349
  95. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active-failed-authorization.json +0 -430
  96. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active.json +0 -319
  97. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-cancelled.json +0 -319
  98. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-refund.json +0 -414
  99. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-suspended.json +0 -319
  100. package/test/_legacy/payment-resolver/stripe/subscriptions/unsure.json +0 -339
  101. package/test/_legacy/test-new +0 -1178
  102. package/test/_legacy/test.md +0 -89
  103. package/test/_legacy/usage.js +0 -175
  104. package/test/_legacy/user.js +0 -31
  105. package/test/ai/tools-live.js +0 -170
  106. package/test/boot/emulator-boots.js +0 -37
  107. package/test/content/blog-generate.js +0 -160
  108. package/test/email/campaign-send.js +0 -45
  109. package/test/email/consent-lifecycle.js +0 -257
  110. package/test/email/feedback-and-plain-send.js +0 -52
  111. package/test/email/fixtures/editorial.json +0 -30
  112. package/test/email/fixtures/field-report.json +0 -53
  113. package/test/email/marketing-lifecycle.js +0 -132
  114. package/test/email/newsletter-generate.js +0 -819
  115. package/test/email/newsletter-templates.js +0 -491
  116. package/test/email/templates.js +0 -207
  117. package/test/email/transactional-send.js +0 -34
  118. package/test/email/transactional.js +0 -560
  119. package/test/email/validation.js +0 -710
  120. package/test/events/auth-delete-race.js +0 -201
  121. package/test/events/payments/journey-payments-cancel-endpoint.js +0 -100
  122. package/test/events/payments/journey-payments-cancel.js +0 -182
  123. package/test/events/payments/journey-payments-discount.js +0 -89
  124. package/test/events/payments/journey-payments-failure.js +0 -146
  125. package/test/events/payments/journey-payments-legacy-product.js +0 -149
  126. package/test/events/payments/journey-payments-one-time-failure.js +0 -111
  127. package/test/events/payments/journey-payments-one-time.js +0 -136
  128. package/test/events/payments/journey-payments-plan-change.js +0 -144
  129. package/test/events/payments/journey-payments-refund-webhook.js +0 -180
  130. package/test/events/payments/journey-payments-suspend.js +0 -181
  131. package/test/events/payments/journey-payments-trial-cancel.js +0 -130
  132. package/test/events/payments/journey-payments-trial.js +0 -171
  133. package/test/events/payments/journey-payments-uid-resolution.js +0 -132
  134. package/test/events/payments/journey-payments-upgrade.js +0 -135
  135. package/test/fixtures/chargebee/invoice-one-time.json +0 -27
  136. package/test/fixtures/chargebee/subscription-active.json +0 -44
  137. package/test/fixtures/chargebee/subscription-cancelled.json +0 -42
  138. package/test/fixtures/chargebee/subscription-in-trial.json +0 -41
  139. package/test/fixtures/chargebee/subscription-legacy-plan.json +0 -41
  140. package/test/fixtures/chargebee/subscription-non-renewing.json +0 -41
  141. package/test/fixtures/chargebee/subscription-paused.json +0 -42
  142. package/test/fixtures/chargebee/webhook-payment-failed.json +0 -51
  143. package/test/fixtures/chargebee/webhook-subscription-created.json +0 -47
  144. package/test/fixtures/paypal/order-approved.json +0 -62
  145. package/test/fixtures/paypal/order-completed.json +0 -110
  146. package/test/fixtures/paypal/subscription-active.json +0 -76
  147. package/test/fixtures/paypal/subscription-cancelled.json +0 -50
  148. package/test/fixtures/paypal/subscription-suspended.json +0 -65
  149. package/test/fixtures/stripe/checkout-session-completed.json +0 -130
  150. package/test/fixtures/stripe/invoice-payment-failed.json +0 -148
  151. package/test/fixtures/stripe/invoice-subscription-payment-failed.json +0 -28
  152. package/test/fixtures/stripe/subscription-active.json +0 -161
  153. package/test/fixtures/stripe/subscription-canceled.json +0 -161
  154. package/test/fixtures/stripe/subscription-trialing.json +0 -161
  155. package/test/functions/admin/database-read.js +0 -134
  156. package/test/functions/admin/database-write.js +0 -159
  157. package/test/functions/admin/edit-post.js +0 -366
  158. package/test/functions/admin/firestore-query.js +0 -207
  159. package/test/functions/admin/firestore-read.js +0 -129
  160. package/test/functions/admin/firestore-write.js +0 -105
  161. package/test/functions/admin/get-stats.js +0 -115
  162. package/test/functions/admin/send-email.js +0 -119
  163. package/test/functions/admin/send-notification.js +0 -208
  164. package/test/functions/admin/write-repo-content.js +0 -223
  165. package/test/functions/general/add-marketing-contact.js +0 -335
  166. package/test/functions/general/fetch-post.js +0 -54
  167. package/test/functions/general/generate-uuid.js +0 -114
  168. package/test/functions/test/authenticate.js +0 -64
  169. package/test/functions/user/create-custom-token.js +0 -73
  170. package/test/functions/user/delete.js +0 -135
  171. package/test/functions/user/get-active-sessions.js +0 -111
  172. package/test/functions/user/get-subscription-info.js +0 -99
  173. package/test/functions/user/regenerate-api-keys.js +0 -156
  174. package/test/functions/user/resolve.js +0 -52
  175. package/test/functions/user/sign-out-all-sessions.js +0 -94
  176. package/test/functions/user/sign-up.js +0 -252
  177. package/test/functions/user/submit-feedback.js +0 -104
  178. package/test/functions/user/validate-settings.js +0 -82
  179. package/test/helpers/ai-request-payload.js +0 -300
  180. package/test/helpers/ai-test-provider.js +0 -202
  181. package/test/helpers/ai-tools-format.js +0 -383
  182. package/test/helpers/content/blog-auto-publisher.js +0 -484
  183. package/test/helpers/content/feed-parser.js +0 -528
  184. package/test/helpers/content/ghostii-blocks.js +0 -134
  185. package/test/helpers/content/ghostii-feed-integration.js +0 -404
  186. package/test/helpers/content/ghostii-write-article.js +0 -243
  187. package/test/helpers/environment.js +0 -230
  188. package/test/helpers/infer-contact.js +0 -113
  189. package/test/helpers/merge-line-files.js +0 -271
  190. package/test/helpers/payment/chargebee/parse-webhook.js +0 -413
  191. package/test/helpers/payment/chargebee/to-unified-one-time.js +0 -147
  192. package/test/helpers/payment/chargebee/to-unified-subscription.js +0 -648
  193. package/test/helpers/payment/paypal/parse-webhook.js +0 -539
  194. package/test/helpers/payment/paypal/to-unified-one-time.js +0 -382
  195. package/test/helpers/payment/paypal/to-unified-subscription.js +0 -820
  196. package/test/helpers/payment/stripe/parse-webhook.js +0 -447
  197. package/test/helpers/payment/stripe/to-unified-one-time.js +0 -306
  198. package/test/helpers/payment/stripe/to-unified-subscription.js +0 -708
  199. package/test/helpers/sanitize.js +0 -222
  200. package/test/helpers/slugify.js +0 -394
  201. package/test/helpers/storage.js +0 -194
  202. package/test/helpers/user.js +0 -755
  203. package/test/helpers/webhook-forward.js +0 -418
  204. package/test/mcp/discovery.js +0 -53
  205. package/test/mcp/oauth.js +0 -161
  206. package/test/mcp/protocol.js +0 -268
  207. package/test/mcp/roles.js +0 -188
  208. package/test/mcp/utils.js +0 -245
  209. package/test/routes/admin/create-post.js +0 -364
  210. package/test/routes/admin/database.js +0 -131
  211. package/test/routes/admin/deduplicate-image-alts.js +0 -190
  212. package/test/routes/admin/email.js +0 -114
  213. package/test/routes/admin/firestore-query.js +0 -204
  214. package/test/routes/admin/firestore.js +0 -127
  215. package/test/routes/admin/infer-contact.js +0 -218
  216. package/test/routes/admin/notification.js +0 -198
  217. package/test/routes/admin/post-resize-image.js +0 -184
  218. package/test/routes/admin/post.js +0 -368
  219. package/test/routes/admin/repo-content.js +0 -223
  220. package/test/routes/admin/stats.js +0 -112
  221. package/test/routes/content/post.js +0 -54
  222. package/test/routes/general/uuid.js +0 -115
  223. package/test/routes/marketing/campaign.js +0 -125
  224. package/test/routes/marketing/contact.js +0 -370
  225. package/test/routes/marketing/email-preferences.js +0 -292
  226. package/test/routes/marketing/push-send.js +0 -32
  227. package/test/routes/marketing/webhook-forward.js +0 -61
  228. package/test/routes/marketing/webhook.js +0 -639
  229. package/test/routes/payments/cancel.js +0 -140
  230. package/test/routes/payments/discount.js +0 -80
  231. package/test/routes/payments/dispute-alert.js +0 -320
  232. package/test/routes/payments/intent.js +0 -336
  233. package/test/routes/payments/portal.js +0 -92
  234. package/test/routes/payments/refund.js +0 -179
  235. package/test/routes/payments/trial-eligibility.js +0 -71
  236. package/test/routes/payments/webhook.js +0 -107
  237. package/test/routes/test/authenticate.js +0 -59
  238. package/test/routes/test/schema.js +0 -554
  239. package/test/routes/test/usage.js +0 -342
  240. package/test/routes/user/api-keys.js +0 -156
  241. package/test/routes/user/delete.js +0 -136
  242. package/test/routes/user/feedback.js +0 -104
  243. package/test/routes/user/sessions.js +0 -199
  244. package/test/routes/user/settings-validate.js +0 -82
  245. package/test/routes/user/signup.js +0 -542
  246. package/test/routes/user/subscription.js +0 -99
  247. package/test/routes/user/token.js +0 -73
  248. package/test/routes/user/user.js +0 -157
  249. package/test/rules/notifications.js +0 -410
  250. package/test/rules/payments-carts.js +0 -371
  251. package/test/rules/user.js +0 -396
@@ -1,368 +0,0 @@
1
- /**
2
- * Test: PUT /admin/post
3
- * Tests the admin edit post endpoint
4
- * Edits blog post content in a GitHub repository
5
- * Requires admin/blogger role, GitHub API key, and repo_website config
6
- *
7
- * This is a suite because we need to:
8
- * 1. Create a test post file via Octokit
9
- * 2. Wait for GitHub to index it (for code search)
10
- * 3. Edit it via the API
11
- * 4. Clean up the test file
12
- */
13
- const { Octokit } = require('@octokit/rest');
14
-
15
- // Test post configuration
16
- const TEST_POST_SLUG = 'bem-test-post';
17
- const TEST_POST_ID = Date.now();
18
-
19
- // Generate frontmatter for the test post
20
- function generatePostContent(body) {
21
- const frontmatter = `layout: blueprint/blog/post
22
-
23
- meta:
24
- title: BEM Test Post
25
- description: This is a test post created by BEM test suite.
26
- og:image: ''
27
-
28
- post:
29
- title: BEM Test Post
30
- id: ${TEST_POST_ID}
31
- description: This is a test post created by BEM test suite.
32
- author: guest
33
- tags: []
34
- categories: []`;
35
-
36
- return `---\n${frontmatter}\n---\n\n${body}`;
37
- }
38
-
39
- module.exports = {
40
- description: 'Admin edit post on GitHub',
41
- type: 'suite',
42
- timeout: 300000, // 5 minutes total for the suite
43
- skip: !process.env.TEST_EXTENDED_MODE ? 'TEST_EXTENDED_MODE env var not set (skipping GitHub edit tests)' : false,
44
-
45
- tests: [
46
- // Test 1: Missing URL returns 400 error
47
- {
48
- name: 'missing-url-rejected',
49
- auth: 'admin',
50
- timeout: 15000,
51
-
52
- async run({ http, assert }) {
53
- const response = await http.put('backend-manager/admin/post', {
54
- body: 'Test content',
55
- });
56
-
57
- assert.isError(response, 400, 'Missing URL should return 400');
58
- },
59
- },
60
-
61
- // Test 2: Missing body returns 400 error
62
- {
63
- name: 'missing-body-rejected',
64
- auth: 'admin',
65
- timeout: 15000,
66
-
67
- async run({ http, assert }) {
68
- const response = await http.put('backend-manager/admin/post', {
69
- url: 'https://example.com/blog/test-post',
70
- });
71
-
72
- assert.isError(response, 400, 'Missing body should return 400');
73
- },
74
- },
75
-
76
- // Test 3: Non-existent post returns 404
77
- {
78
- name: 'nonexistent-post-returns-404',
79
- auth: 'admin',
80
- timeout: 60000,
81
-
82
- async run({ http, assert, config }) {
83
- const response = await http.put('backend-manager/admin/post', {
84
- url: `https://${config.domain}/blog/nonexistent-test-post-12345`,
85
- body: 'This is test content from BEM test suite.',
86
- });
87
-
88
- assert.isError(response, 404, 'Non-existent post should return 404');
89
- },
90
- },
91
-
92
- // Test 4: Non-existent repo returns 404
93
- // PUT first calls content/post to fetch the existing post; with a unique URL that's never been
94
- // created, the fetch itself returns 404 before we ever try to push to the nonexistent repo.
95
- {
96
- name: 'nonexistent-repo-returns-404',
97
- auth: 'admin',
98
- timeout: 30000,
99
-
100
- async run({ http, assert }) {
101
- const response = await http.put('backend-manager/admin/post', {
102
- url: `https://example.com/blog/never-created-${Date.now()}`,
103
- body: 'Test content',
104
- githubUser: 'nonexistent-user-12345',
105
- githubRepo: 'nonexistent-repo-12345',
106
- });
107
-
108
- assert.isError(response, 404, 'Non-existent repo or post should return 404');
109
- },
110
- },
111
-
112
- // Test 5: Create a test post via Octokit
113
- {
114
- name: 'create-test-post',
115
- auth: 'admin',
116
- timeout: 60000,
117
- skip: !process.env.GH_TOKEN ? 'GH_TOKEN env var not set' : false,
118
-
119
- async run({ assert, state, config }) {
120
- if (!config.github?.repo_website) {
121
- assert.fail('githubRepoWebsite not configured');
122
- return;
123
- }
124
-
125
- const octokit = new Octokit({ auth: process.env.GH_TOKEN });
126
-
127
- // Parse owner/repo from githubRepoWebsite
128
- const repoMatch = config.github?.repo_website.match(/github\.com\/([^/]+)\/([^/]+)/);
129
- if (!repoMatch) {
130
- assert.fail('Could not parse githubRepoWebsite');
131
- return;
132
- }
133
-
134
- state.owner = repoMatch[1];
135
- state.repo = repoMatch[2];
136
-
137
- // Build the post path (matches the structure expected by fetch-post)
138
- const date = new Date().toISOString().split('T')[0]; // YYYY-MM-DD
139
- const year = date.split('-')[0];
140
- state.postPath = `src/_posts/${year}/guest/${date}-${TEST_POST_SLUG}.md`;
141
- state.postSlug = TEST_POST_SLUG;
142
-
143
- // Create the post content
144
- const originalBody = 'This is the original content of the test post.\n\nIt will be edited by the BEM test suite.';
145
- state.originalBody = originalBody;
146
- const content = generatePostContent(originalBody);
147
-
148
- // Check if the file already exists (from a previous failed run)
149
- let existingSha;
150
- try {
151
- const existing = await octokit.rest.repos.getContent({
152
- owner: state.owner,
153
- repo: state.repo,
154
- path: state.postPath,
155
- });
156
- existingSha = existing.data.sha;
157
- } catch (e) {
158
- // File doesn't exist, that's fine
159
- }
160
-
161
- // Create or update the file via Octokit
162
- const createResult = await octokit.rest.repos.createOrUpdateFileContents({
163
- owner: state.owner,
164
- repo: state.repo,
165
- path: state.postPath,
166
- message: `๐Ÿงช BEM test: create test post for edit-post test`,
167
- content: Buffer.from(content).toString('base64'),
168
- sha: existingSha, // Include SHA if file exists
169
- }).catch(e => e);
170
-
171
- if (createResult instanceof Error) {
172
- assert.fail(`Failed to create test post: ${createResult.message}`);
173
- return;
174
- }
175
-
176
- assert.ok(createResult.data.content.sha, 'Post should be created with a SHA');
177
- state.postSha = createResult.data.content.sha;
178
- },
179
- },
180
-
181
- // Test 6: Verify the file exists via GitHub API (not code search)
182
- {
183
- name: 'verify-file-exists',
184
- auth: 'admin',
185
- timeout: 30000,
186
- skip: !process.env.GH_TOKEN ? 'GH_TOKEN env var not set' : false,
187
-
188
- async run({ assert, state, config }) {
189
- if (!state.postPath) {
190
- return; // Previous test didn't run
191
- }
192
-
193
- state.postUrl = `https://${config.domain}/blog/${state.postSlug}`;
194
-
195
- const octokit = new Octokit({ auth: process.env.GH_TOKEN });
196
-
197
- // Verify the file exists via direct API (not code search)
198
- const { data: fileData } = await octokit.rest.repos.getContent({
199
- owner: state.owner,
200
- repo: state.repo,
201
- path: state.postPath,
202
- });
203
-
204
- assert.ok(fileData.sha, 'File should exist in GitHub repo');
205
- state.currentSha = fileData.sha;
206
- },
207
- },
208
-
209
- // Test 7: Edit the test post via PUT /admin/post
210
- // NOTE: This may fail if GitHub's code search hasn't indexed the file yet
211
- // The edit-post API uses fetch-post which relies on code search
212
- {
213
- name: 'edit-test-post',
214
- auth: 'admin',
215
- timeout: 60000,
216
- skip: !process.env.GH_TOKEN ? 'GH_TOKEN env var not set' : false,
217
-
218
- async run({ http, assert, state }) {
219
- if (!state.postUrl) {
220
- return; // Previous tests didn't run
221
- }
222
-
223
- const newBody = 'This content was EDITED by the BEM test suite.\n\nThe edit was successful!';
224
- state.editedBody = newBody;
225
-
226
- const response = await http.put('backend-manager/admin/post', {
227
- url: state.postUrl,
228
- body: newBody,
229
- });
230
-
231
- // If fetch-post can't find the file (not indexed yet), it returns 404
232
- // This is a known limitation - the file exists but code search hasn't indexed it
233
- if (response.status === 404 && response.error?.includes('not found')) {
234
- state.editSkipped = true;
235
- assert.ok(true, 'Edit skipped - GitHub code search has not indexed the file yet (this is expected for new files)');
236
- return;
237
- }
238
-
239
- assert.isSuccess(response, 'Edit post should succeed');
240
- assert.hasProperty(response, 'data.url', 'Response should have url');
241
- },
242
- },
243
-
244
- // Test 8: Verify the edit was applied (using Octokit directly)
245
- {
246
- name: 'verify-edit',
247
- auth: 'admin',
248
- timeout: 30000,
249
- skip: !process.env.GH_TOKEN ? 'GH_TOKEN env var not set' : false,
250
-
251
- async run({ assert, state }) {
252
- if (!state.postPath || state.editSkipped) {
253
- assert.ok(true, 'Skipping verify - edit was not performed');
254
- return;
255
- }
256
-
257
- const octokit = new Octokit({ auth: process.env.GH_TOKEN });
258
-
259
- // Fetch the file directly from GitHub
260
- const { data: fileData } = await octokit.rest.repos.getContent({
261
- owner: state.owner,
262
- repo: state.repo,
263
- path: state.postPath,
264
- });
265
-
266
- // Decode the content
267
- const content = Buffer.from(fileData.content, 'base64').toString();
268
-
269
- assert.ok(
270
- content.includes('EDITED by the BEM test suite'),
271
- 'Post content should contain the edited text'
272
- );
273
- },
274
- },
275
-
276
- // --- Auth rejection tests (at end per convention) ---
277
- {
278
- name: 'unauthenticated-rejected',
279
- auth: 'none',
280
- timeout: 15000,
281
-
282
- async run({ http, assert }) {
283
- const response = await http.put('backend-manager/admin/post', {
284
- url: 'https://example.com/blog/test-post',
285
- body: 'Test content',
286
- });
287
-
288
- assert.isError(response, 401, 'Edit post should fail without authentication');
289
- },
290
- },
291
-
292
- {
293
- name: 'non-admin-rejected',
294
- auth: 'basic',
295
- timeout: 15000,
296
-
297
- async run({ http, assert }) {
298
- const response = await http.put('backend-manager/admin/post', {
299
- url: 'https://example.com/blog/test-post',
300
- body: 'Test content',
301
- });
302
-
303
- assert.isError(response, 403, 'Edit post should fail for non-admin user');
304
- },
305
- },
306
-
307
- // Cleanup - delete test post and cancel workflows
308
- {
309
- name: 'cleanup',
310
- auth: 'admin',
311
- timeout: 60000,
312
-
313
- async run({ state }) {
314
- if (!process.env.GH_TOKEN || !state.postPath) {
315
- return;
316
- }
317
-
318
- const octokit = new Octokit({ auth: process.env.GH_TOKEN });
319
-
320
- // Get the current SHA (may have changed after edit)
321
- try {
322
- const { data: fileData } = await octokit.rest.repos.getContent({
323
- owner: state.owner,
324
- repo: state.repo,
325
- path: state.postPath,
326
- });
327
-
328
- // Delete the test post
329
- await octokit.rest.repos.deleteFile({
330
- owner: state.owner,
331
- repo: state.repo,
332
- path: state.postPath,
333
- message: `๐Ÿงน BEM test cleanup: delete test post`,
334
- sha: fileData.sha,
335
- });
336
- } catch (e) {
337
- // File might not exist, ignore
338
- }
339
-
340
- // Cancel any running workflows triggered by our test commits
341
- try {
342
- const { data: runs } = await octokit.rest.actions.listWorkflowRunsForRepo({
343
- owner: state.owner,
344
- repo: state.repo,
345
- status: 'in_progress',
346
- per_page: 10,
347
- });
348
-
349
- for (const run of runs.workflow_runs) {
350
- if (run.head_commit?.message?.includes('BEM test')) {
351
- try {
352
- await octokit.rest.actions.cancelWorkflowRun({
353
- owner: state.owner,
354
- repo: state.repo,
355
- run_id: run.id,
356
- });
357
- } catch (e) {
358
- // May already be completed, ignore
359
- }
360
- }
361
- }
362
- } catch (e) {
363
- // Workflow cancellation failed, not critical
364
- }
365
- },
366
- },
367
- ],
368
- };
@@ -1,223 +0,0 @@
1
- /**
2
- * Test: POST /admin/repo/content
3
- * Tests the admin write repo content endpoint
4
- * Writes arbitrary content to a GitHub repository
5
- * Requires admin/blogger role, GitHub API key, and repo_website config
6
- *
7
- * IMPORTANT: These tests require GH_TOKEN and github.repo_website to be configured.
8
- * If GitHub is not configured, the tests will fail.
9
- *
10
- * This is a suite because we need to clean up created files and cancel workflows after tests.
11
- */
12
- const { Octokit } = require('@octokit/rest');
13
-
14
- // Test file paths that will be created and need cleanup
15
- const TEST_FILES = [
16
- '_test/bem-write-test.txt',
17
- '_test/type-test.txt',
18
- ];
19
-
20
- module.exports = {
21
- description: 'Admin write content to GitHub repo',
22
- type: 'suite',
23
- timeout: 120000,
24
- skip: !process.env.TEST_EXTENDED_MODE ? 'TEST_EXTENDED_MODE env var not set (skipping GitHub write tests)' : false,
25
-
26
- tests: [
27
- // Test 1: Missing path returns 400 error
28
- {
29
- name: 'missing-path-rejected',
30
- auth: 'admin',
31
- timeout: 15000,
32
-
33
- async run({ http, assert }) {
34
- const response = await http.post('backend-manager/admin/repo/content', {
35
- content: 'Test content',
36
- });
37
-
38
- assert.isError(response, 400, 'Missing path should return 400');
39
- },
40
- },
41
-
42
- // Test 2: Missing content returns 400 error
43
- {
44
- name: 'missing-content-rejected',
45
- auth: 'admin',
46
- timeout: 15000,
47
-
48
- async run({ http, assert }) {
49
- const response = await http.post('backend-manager/admin/repo/content', {
50
- path: '_test/bem-test-file.txt',
51
- });
52
-
53
- assert.isError(response, 400, 'Missing content should return 400');
54
- },
55
- },
56
-
57
- // Test 3: Admin can write content
58
- {
59
- name: 'admin-can-write-content',
60
- auth: 'admin',
61
- timeout: 60000,
62
-
63
- async run({ http, assert, state }) {
64
- const uniqueContent = `BEM Test - ${new Date().toISOString()}`;
65
- const response = await http.post('backend-manager/admin/repo/content', {
66
- path: '_test/bem-write-test.txt',
67
- content: uniqueContent,
68
- });
69
-
70
- assert.isSuccess(response, 'Admin should be able to write content');
71
- assert.hasProperty(response, 'data.path', 'Response should contain path');
72
- assert.equal(response.data.path, '_test/bem-write-test.txt', 'Path should match');
73
-
74
- // Store for cleanup
75
- state.filesCreated = state.filesCreated || [];
76
- state.filesCreated.push('_test/bem-write-test.txt');
77
- },
78
- },
79
-
80
- // Test 4: Content type defaults to text
81
- {
82
- name: 'content-type-default',
83
- auth: 'admin',
84
- timeout: 30000,
85
-
86
- async run({ http, assert, state }) {
87
- const response = await http.post('backend-manager/admin/repo/content', {
88
- path: '_test/type-test.txt',
89
- content: 'Test content with default type',
90
- });
91
-
92
- assert.isSuccess(response, 'Write with default type should succeed');
93
- assert.hasProperty(response, 'data.type', 'Response should contain type');
94
- assert.equal(response.data.type, 'text', 'Default type should be text');
95
-
96
- // Store for cleanup
97
- state.filesCreated = state.filesCreated || [];
98
- state.filesCreated.push('_test/type-test.txt');
99
- },
100
- },
101
-
102
- // Test 5: Non-existent repo returns 404
103
- {
104
- name: 'nonexistent-repo-returns-404',
105
- auth: 'admin',
106
- timeout: 30000,
107
-
108
- async run({ http, assert }) {
109
- const response = await http.post('backend-manager/admin/repo/content', {
110
- path: '_test/custom-repo-test.txt',
111
- content: 'Test content',
112
- githubUser: 'nonexistent-user-12345',
113
- githubRepo: 'nonexistent-repo-12345',
114
- });
115
-
116
- assert.isError(response, 404, 'Non-existent repo should return 404');
117
- },
118
- },
119
-
120
- // --- Auth rejection tests (at end per convention) ---
121
- {
122
- name: 'unauthenticated-rejected',
123
- auth: 'none',
124
- timeout: 15000,
125
-
126
- async run({ http, assert }) {
127
- const response = await http.post('backend-manager/admin/repo/content', {
128
- path: '_test/bem-test-file.txt',
129
- content: 'Test content',
130
- });
131
-
132
- assert.isError(response, 401, 'Write repo content should fail without authentication');
133
- },
134
- },
135
-
136
- {
137
- name: 'non-admin-rejected',
138
- auth: 'basic',
139
- timeout: 15000,
140
-
141
- async run({ http, assert }) {
142
- const response = await http.post('backend-manager/admin/repo/content', {
143
- path: '_test/bem-test-file.txt',
144
- content: 'Test content',
145
- });
146
-
147
- assert.isError(response, 403, 'Write repo content should fail for non-admin user');
148
- },
149
- },
150
-
151
- // Cleanup - delete test files and cancel workflows
152
- {
153
- name: 'cleanup',
154
- auth: 'admin',
155
- timeout: 60000,
156
-
157
- async run({ state, config }) {
158
- if (!process.env.GH_TOKEN || !config.github?.repo_website) {
159
- return;
160
- }
161
-
162
- const octokit = new Octokit({ auth: process.env.GH_TOKEN });
163
-
164
- // Parse owner/repo from githubRepoWebsite (e.g., 'https://github.com/owner/repo')
165
- const repoMatch = config.github?.repo_website.match(/github\.com\/([^/]+)\/([^/]+)/);
166
- if (!repoMatch) {
167
- return;
168
- }
169
- const owner = repoMatch[1];
170
- const repo = repoMatch[2];
171
-
172
- // Delete test files
173
- const filesToDelete = state.filesCreated || TEST_FILES;
174
- for (const filePath of filesToDelete) {
175
- try {
176
- const { data: fileData } = await octokit.rest.repos.getContent({
177
- owner,
178
- repo,
179
- path: filePath,
180
- });
181
-
182
- await octokit.rest.repos.deleteFile({
183
- owner,
184
- repo,
185
- path: filePath,
186
- message: `๐Ÿงน BEM test cleanup: ${filePath}`,
187
- sha: fileData.sha,
188
- });
189
- } catch (e) {
190
- // File might not exist, ignore
191
- }
192
- }
193
-
194
- // Cancel running workflows triggered by our test commits
195
- try {
196
- const { data: runs } = await octokit.rest.actions.listWorkflowRunsForRepo({
197
- owner,
198
- repo,
199
- status: 'in_progress',
200
- per_page: 10,
201
- });
202
-
203
- for (const run of runs.workflow_runs) {
204
- if (run.head_commit?.message?.includes('admin:write-repo-content')
205
- || run.head_commit?.message?.includes('BEM test cleanup')) {
206
- try {
207
- await octokit.rest.actions.cancelWorkflowRun({
208
- owner,
209
- repo,
210
- run_id: run.id,
211
- });
212
- } catch (e) {
213
- // May already be completed, ignore
214
- }
215
- }
216
- }
217
- } catch (e) {
218
- // Workflow cancellation failed, not critical
219
- }
220
- },
221
- },
222
- ],
223
- };
@@ -1,112 +0,0 @@
1
- /**
2
- * Test: GET /admin/stats
3
- * Tests the admin get stats endpoint
4
- * Requires admin authentication
5
- */
6
- module.exports = {
7
- description: 'Admin get stats operation',
8
- type: 'group',
9
- tests: [
10
- // Test 1: Admin can get stats
11
- {
12
- name: 'admin-get-stats-succeeds',
13
- auth: 'admin',
14
- timeout: 30000,
15
-
16
- async run({ http, assert }) {
17
- const response = await http.get('backend-manager/admin/stats', {});
18
-
19
- assert.isSuccess(response, 'Get stats should succeed with admin auth');
20
- assert.ok(
21
- typeof response.data === 'object',
22
- 'Response data should be an object'
23
- );
24
- },
25
- },
26
-
27
- // Test 2: Stats contains users field
28
- {
29
- name: 'stats-contains-users',
30
- auth: 'admin',
31
- timeout: 30000,
32
-
33
- async run({ http, assert }) {
34
- const response = await http.get('backend-manager/admin/stats', {});
35
-
36
- assert.isSuccess(response, 'Get stats should succeed');
37
- assert.hasProperty(response, 'data.users', 'Stats should contain users field');
38
- assert.hasProperty(response, 'data.users.total', 'Users should have total field');
39
- assert.ok(
40
- typeof response.data.users.total === 'number',
41
- 'users.total should be a number'
42
- );
43
- },
44
- },
45
-
46
- // Test 3: Stats with update flag refreshes data
47
- {
48
- name: 'stats-with-update',
49
- auth: 'admin',
50
- timeout: 60000,
51
-
52
- async run({ http, assert }) {
53
- const response = await http.get('backend-manager/admin/stats', {
54
- update: { users: true },
55
- });
56
-
57
- assert.isSuccess(response, 'Get stats with update should succeed');
58
- assert.hasProperty(response, 'data.users.total', 'Updated stats should have users.total');
59
- assert.ok(
60
- response.data.users.total >= 0,
61
- 'users.total should be a non-negative number'
62
- );
63
- },
64
- },
65
-
66
- // Test 4: Stats contains metadata
67
- {
68
- name: 'stats-has-metadata',
69
- auth: 'admin',
70
- timeout: 30000,
71
-
72
- async run({ http, assert }) {
73
- await http.get('backend-manager/admin/stats', {
74
- update: { users: true },
75
- });
76
-
77
- const response = await http.get('backend-manager/admin/stats', {});
78
-
79
- assert.isSuccess(response, 'Get stats should succeed');
80
- if (response.data.metadata) {
81
- assert.hasProperty(response, 'data.metadata.updated', 'Metadata should have updated timestamp');
82
- }
83
- },
84
- },
85
-
86
- // Test 5: Unauthenticated request fails
87
- {
88
- name: 'unauthenticated-rejected',
89
- auth: 'none',
90
- timeout: 15000,
91
-
92
- async run({ http, assert }) {
93
- const response = await http.get('backend-manager/admin/stats', {});
94
-
95
- assert.isError(response, 401, 'Get stats should fail without authentication');
96
- },
97
- },
98
-
99
- // Test 6: Non-admin user fails
100
- {
101
- name: 'non-admin-rejected',
102
- auth: 'user',
103
- timeout: 15000,
104
-
105
- async run({ http, assert }) {
106
- const response = await http.get('backend-manager/admin/stats', {});
107
-
108
- assert.isError(response, 403, 'Get stats should fail for non-admin user');
109
- },
110
- },
111
- ],
112
- };