backend-manager 5.9.4 → 5.9.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (251) hide show
  1. package/CLAUDE.md +6 -0
  2. package/package.json +8 -1
  3. package/src/cli/commands/install.js +4 -3
  4. package/src/cli/commands/setup-tests/backend-manager.js +2 -1
  5. package/src/cli/commands/setup-tests/firebase-admin.js +2 -1
  6. package/src/cli/commands/setup-tests/firebase-functions.js +2 -1
  7. package/src/cli/utils/safe-install.js +13 -0
  8. package/src/manager/routes/payments/cancel/post.js +22 -2
  9. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/metadata.json +14 -0
  10. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.html +486 -0
  11. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.md +41 -0
  12. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.mjml +97 -0
  13. package/{test/email/fixtures/clean.json → src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/structure.json} +16 -4
  14. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/summary.md +1 -0
  15. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/metadata.json +14 -0
  16. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.html +486 -0
  17. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.md +41 -0
  18. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.mjml +97 -0
  19. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/structure.json +42 -0
  20. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/summary.md +1 -0
  21. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/metadata.json +14 -0
  22. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.html +486 -0
  23. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.md +41 -0
  24. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.mjml +97 -0
  25. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/structure.json +42 -0
  26. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/summary.md +1 -0
  27. package/src/test/fixtures/firebase-project/.temp/test-mode.json +6 -0
  28. package/src/test/fixtures/firebase-project/database-debug.log +12 -0
  29. package/src/test/fixtures/firebase-project/firestore-debug.log +136 -0
  30. package/src/test/fixtures/firebase-project/pubsub-debug.log +17 -0
  31. package/src/test/test-accounts.js +9 -0
  32. package/.codeclimate.yml +0 -32
  33. package/.nvmrc +0 -1
  34. package/CHANGELOG.md +0 -1432
  35. package/PROGRESS.md +0 -86
  36. package/TODO-2.md +0 -121
  37. package/TODO-CHARGEBLAST.md +0 -32
  38. package/TODO-WEBHOOK-KEY-LEGACY-REMOVAL.md +0 -15
  39. package/TODO-WEBHOOK-KEY-UPGRADE.md +0 -138
  40. package/TODO-email-auth.md +0 -14
  41. package/TODO.md +0 -187
  42. package/plans/mcp2.md +0 -247
  43. package/scripts/test-helper-providers.js +0 -162
  44. package/scripts/update-disposable-domains.js +0 -44
  45. package/templates/_.env +0 -42
  46. package/templates/_.gitignore +0 -60
  47. package/templates/backend-manager-config.json +0 -249
  48. package/templates/database.rules.json +0 -83
  49. package/templates/firebase.json +0 -66
  50. package/templates/firestore.indexes.json +0 -4
  51. package/templates/firestore.rules +0 -112
  52. package/templates/public/404.html +0 -26
  53. package/templates/public/index.html +0 -24
  54. package/templates/remoteconfig.template.json +0 -1
  55. package/templates/storage-lifecycle-config-1-day.json +0 -9
  56. package/templates/storage-lifecycle-config-30-days.json +0 -9
  57. package/templates/storage.rules +0 -8
  58. package/test/_init/accounts-validation.js +0 -58
  59. package/test/_legacy/ai/index.js +0 -231
  60. package/test/_legacy/ai/test.jpg +0 -0
  61. package/test/_legacy/ai/test.pdf +0 -0
  62. package/test/_legacy/index.js +0 -31
  63. package/test/_legacy/payment-resolver/chargebee/orders/refunded.json +0 -0
  64. package/test/_legacy/payment-resolver/chargebee/orders/unpaid.json +0 -98
  65. package/test/_legacy/payment-resolver/chargebee/subscriptions/active.json +0 -578
  66. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-in-trial.json +0 -38
  67. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-skipped-to-active.json +0 -135
  68. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active-to-cancelled.json +0 -42
  69. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active.json +0 -44
  70. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-cancelled.json +0 -39
  71. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-refund.json +0 -143
  72. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-suspended.json +0 -48
  73. package/test/_legacy/payment-resolver/coinbase/orders/regular.json +0 -204
  74. package/test/_legacy/payment-resolver/coinbase/subscriptions/cancelled.json +0 -204
  75. package/test/_legacy/payment-resolver/coinbase/subscriptions/paid-2.json +0 -125
  76. package/test/_legacy/payment-resolver/index.js +0 -1558
  77. package/test/_legacy/payment-resolver/paypal/orders/refunded.json +0 -0
  78. package/test/_legacy/payment-resolver/paypal/orders/regular.json +0 -120
  79. package/test/_legacy/payment-resolver/paypal/subscriptions/active-refund-previous-stmnt.json +0 -323
  80. package/test/_legacy/payment-resolver/paypal/subscriptions/active.json +0 -192
  81. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-in-trial.json +0 -125
  82. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-not-complete.json +0 -76
  83. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue-2.json +0 -114
  84. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue.json +0 -114
  85. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active-to-cancelled.json +0 -111
  86. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active.json +0 -132
  87. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-cancelled.json +0 -107
  88. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-expired.json +0 -91
  89. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-refund.json +0 -147
  90. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-suspended.json +0 -120
  91. package/test/_legacy/payment-resolver/stripe/orders/refunded.json +0 -0
  92. package/test/_legacy/payment-resolver/stripe/orders/regular.json +0 -91
  93. package/test/_legacy/payment-resolver/stripe/subscriptions/active.json +0 -421
  94. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-in-trial.json +0 -349
  95. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active-failed-authorization.json +0 -430
  96. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active.json +0 -319
  97. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-cancelled.json +0 -319
  98. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-refund.json +0 -414
  99. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-suspended.json +0 -319
  100. package/test/_legacy/payment-resolver/stripe/subscriptions/unsure.json +0 -339
  101. package/test/_legacy/test-new +0 -1178
  102. package/test/_legacy/test.md +0 -89
  103. package/test/_legacy/usage.js +0 -175
  104. package/test/_legacy/user.js +0 -31
  105. package/test/ai/tools-live.js +0 -170
  106. package/test/boot/emulator-boots.js +0 -37
  107. package/test/content/blog-generate.js +0 -160
  108. package/test/email/campaign-send.js +0 -45
  109. package/test/email/consent-lifecycle.js +0 -257
  110. package/test/email/feedback-and-plain-send.js +0 -52
  111. package/test/email/fixtures/editorial.json +0 -30
  112. package/test/email/fixtures/field-report.json +0 -53
  113. package/test/email/marketing-lifecycle.js +0 -132
  114. package/test/email/newsletter-generate.js +0 -819
  115. package/test/email/newsletter-templates.js +0 -491
  116. package/test/email/templates.js +0 -207
  117. package/test/email/transactional-send.js +0 -34
  118. package/test/email/transactional.js +0 -560
  119. package/test/email/validation.js +0 -710
  120. package/test/events/auth-delete-race.js +0 -201
  121. package/test/events/payments/journey-payments-cancel-endpoint.js +0 -100
  122. package/test/events/payments/journey-payments-cancel.js +0 -182
  123. package/test/events/payments/journey-payments-discount.js +0 -89
  124. package/test/events/payments/journey-payments-failure.js +0 -146
  125. package/test/events/payments/journey-payments-legacy-product.js +0 -149
  126. package/test/events/payments/journey-payments-one-time-failure.js +0 -111
  127. package/test/events/payments/journey-payments-one-time.js +0 -136
  128. package/test/events/payments/journey-payments-plan-change.js +0 -144
  129. package/test/events/payments/journey-payments-refund-webhook.js +0 -180
  130. package/test/events/payments/journey-payments-suspend.js +0 -181
  131. package/test/events/payments/journey-payments-trial-cancel.js +0 -130
  132. package/test/events/payments/journey-payments-trial.js +0 -171
  133. package/test/events/payments/journey-payments-uid-resolution.js +0 -132
  134. package/test/events/payments/journey-payments-upgrade.js +0 -135
  135. package/test/fixtures/chargebee/invoice-one-time.json +0 -27
  136. package/test/fixtures/chargebee/subscription-active.json +0 -44
  137. package/test/fixtures/chargebee/subscription-cancelled.json +0 -42
  138. package/test/fixtures/chargebee/subscription-in-trial.json +0 -41
  139. package/test/fixtures/chargebee/subscription-legacy-plan.json +0 -41
  140. package/test/fixtures/chargebee/subscription-non-renewing.json +0 -41
  141. package/test/fixtures/chargebee/subscription-paused.json +0 -42
  142. package/test/fixtures/chargebee/webhook-payment-failed.json +0 -51
  143. package/test/fixtures/chargebee/webhook-subscription-created.json +0 -47
  144. package/test/fixtures/paypal/order-approved.json +0 -62
  145. package/test/fixtures/paypal/order-completed.json +0 -110
  146. package/test/fixtures/paypal/subscription-active.json +0 -76
  147. package/test/fixtures/paypal/subscription-cancelled.json +0 -50
  148. package/test/fixtures/paypal/subscription-suspended.json +0 -65
  149. package/test/fixtures/stripe/checkout-session-completed.json +0 -130
  150. package/test/fixtures/stripe/invoice-payment-failed.json +0 -148
  151. package/test/fixtures/stripe/invoice-subscription-payment-failed.json +0 -28
  152. package/test/fixtures/stripe/subscription-active.json +0 -161
  153. package/test/fixtures/stripe/subscription-canceled.json +0 -161
  154. package/test/fixtures/stripe/subscription-trialing.json +0 -161
  155. package/test/functions/admin/database-read.js +0 -134
  156. package/test/functions/admin/database-write.js +0 -159
  157. package/test/functions/admin/edit-post.js +0 -366
  158. package/test/functions/admin/firestore-query.js +0 -207
  159. package/test/functions/admin/firestore-read.js +0 -129
  160. package/test/functions/admin/firestore-write.js +0 -105
  161. package/test/functions/admin/get-stats.js +0 -115
  162. package/test/functions/admin/send-email.js +0 -119
  163. package/test/functions/admin/send-notification.js +0 -208
  164. package/test/functions/admin/write-repo-content.js +0 -223
  165. package/test/functions/general/add-marketing-contact.js +0 -335
  166. package/test/functions/general/fetch-post.js +0 -54
  167. package/test/functions/general/generate-uuid.js +0 -114
  168. package/test/functions/test/authenticate.js +0 -64
  169. package/test/functions/user/create-custom-token.js +0 -73
  170. package/test/functions/user/delete.js +0 -135
  171. package/test/functions/user/get-active-sessions.js +0 -111
  172. package/test/functions/user/get-subscription-info.js +0 -99
  173. package/test/functions/user/regenerate-api-keys.js +0 -156
  174. package/test/functions/user/resolve.js +0 -52
  175. package/test/functions/user/sign-out-all-sessions.js +0 -94
  176. package/test/functions/user/sign-up.js +0 -252
  177. package/test/functions/user/submit-feedback.js +0 -104
  178. package/test/functions/user/validate-settings.js +0 -82
  179. package/test/helpers/ai-request-payload.js +0 -300
  180. package/test/helpers/ai-test-provider.js +0 -202
  181. package/test/helpers/ai-tools-format.js +0 -383
  182. package/test/helpers/content/blog-auto-publisher.js +0 -484
  183. package/test/helpers/content/feed-parser.js +0 -528
  184. package/test/helpers/content/ghostii-blocks.js +0 -134
  185. package/test/helpers/content/ghostii-feed-integration.js +0 -404
  186. package/test/helpers/content/ghostii-write-article.js +0 -243
  187. package/test/helpers/environment.js +0 -230
  188. package/test/helpers/infer-contact.js +0 -113
  189. package/test/helpers/merge-line-files.js +0 -271
  190. package/test/helpers/payment/chargebee/parse-webhook.js +0 -413
  191. package/test/helpers/payment/chargebee/to-unified-one-time.js +0 -147
  192. package/test/helpers/payment/chargebee/to-unified-subscription.js +0 -648
  193. package/test/helpers/payment/paypal/parse-webhook.js +0 -539
  194. package/test/helpers/payment/paypal/to-unified-one-time.js +0 -382
  195. package/test/helpers/payment/paypal/to-unified-subscription.js +0 -820
  196. package/test/helpers/payment/stripe/parse-webhook.js +0 -447
  197. package/test/helpers/payment/stripe/to-unified-one-time.js +0 -306
  198. package/test/helpers/payment/stripe/to-unified-subscription.js +0 -708
  199. package/test/helpers/sanitize.js +0 -222
  200. package/test/helpers/slugify.js +0 -394
  201. package/test/helpers/storage.js +0 -194
  202. package/test/helpers/user.js +0 -755
  203. package/test/helpers/webhook-forward.js +0 -418
  204. package/test/mcp/discovery.js +0 -53
  205. package/test/mcp/oauth.js +0 -161
  206. package/test/mcp/protocol.js +0 -268
  207. package/test/mcp/roles.js +0 -188
  208. package/test/mcp/utils.js +0 -245
  209. package/test/routes/admin/create-post.js +0 -364
  210. package/test/routes/admin/database.js +0 -131
  211. package/test/routes/admin/deduplicate-image-alts.js +0 -190
  212. package/test/routes/admin/email.js +0 -114
  213. package/test/routes/admin/firestore-query.js +0 -204
  214. package/test/routes/admin/firestore.js +0 -127
  215. package/test/routes/admin/infer-contact.js +0 -218
  216. package/test/routes/admin/notification.js +0 -198
  217. package/test/routes/admin/post-resize-image.js +0 -184
  218. package/test/routes/admin/post.js +0 -368
  219. package/test/routes/admin/repo-content.js +0 -223
  220. package/test/routes/admin/stats.js +0 -112
  221. package/test/routes/content/post.js +0 -54
  222. package/test/routes/general/uuid.js +0 -115
  223. package/test/routes/marketing/campaign.js +0 -125
  224. package/test/routes/marketing/contact.js +0 -370
  225. package/test/routes/marketing/email-preferences.js +0 -292
  226. package/test/routes/marketing/push-send.js +0 -32
  227. package/test/routes/marketing/webhook-forward.js +0 -61
  228. package/test/routes/marketing/webhook.js +0 -639
  229. package/test/routes/payments/cancel.js +0 -140
  230. package/test/routes/payments/discount.js +0 -80
  231. package/test/routes/payments/dispute-alert.js +0 -320
  232. package/test/routes/payments/intent.js +0 -336
  233. package/test/routes/payments/portal.js +0 -92
  234. package/test/routes/payments/refund.js +0 -179
  235. package/test/routes/payments/trial-eligibility.js +0 -71
  236. package/test/routes/payments/webhook.js +0 -107
  237. package/test/routes/test/authenticate.js +0 -59
  238. package/test/routes/test/schema.js +0 -554
  239. package/test/routes/test/usage.js +0 -342
  240. package/test/routes/user/api-keys.js +0 -156
  241. package/test/routes/user/delete.js +0 -136
  242. package/test/routes/user/feedback.js +0 -104
  243. package/test/routes/user/sessions.js +0 -199
  244. package/test/routes/user/settings-validate.js +0 -82
  245. package/test/routes/user/signup.js +0 -542
  246. package/test/routes/user/subscription.js +0 -99
  247. package/test/routes/user/token.js +0 -73
  248. package/test/routes/user/user.js +0 -157
  249. package/test/rules/notifications.js +0 -410
  250. package/test/rules/payments-carts.js +0 -371
  251. package/test/rules/user.js +0 -396
@@ -1,104 +0,0 @@
1
- /**
2
- * Test: POST /user/feedback
3
- * Tests the user submit feedback endpoint
4
- * Requires authentication, saves feedback to Firestore
5
- * Note: Makes external call to ITW getApp endpoint
6
- */
7
- module.exports = {
8
- description: 'User submit feedback',
9
- type: 'group',
10
- tests: [
11
- // Test 1: Authenticated user can submit feedback
12
- {
13
- name: 'authenticated-user-succeeds',
14
- auth: 'basic',
15
- timeout: 30000, // Longer timeout due to external API call
16
-
17
- async run({ http, assert }) {
18
- const response = await http.post('backend-manager/user/feedback', {
19
- rating: 'like',
20
- like: 'Great app! Works well.',
21
- dislike: '',
22
- });
23
-
24
- assert.isSuccess(response, 'Submit feedback should succeed for authenticated user');
25
- assert.hasProperty(response, 'data.review', 'Response should contain review decision');
26
- assert.hasProperty(response, 'data.originalRequest', 'Response should contain original request');
27
- },
28
- },
29
-
30
- // Test 2: Feedback with love rating
31
- {
32
- name: 'love-rating-succeeds',
33
- auth: 'basic',
34
- timeout: 30000,
35
-
36
- async run({ http, assert }) {
37
- const response = await http.post('backend-manager/user/feedback', {
38
- rating: 'love',
39
- like: 'Absolutely love this app! Best thing ever! Highly recommend!',
40
- dislike: '',
41
- });
42
-
43
- assert.isSuccess(response, 'Submit feedback with love rating should succeed');
44
- assert.hasProperty(response, 'data.review.promptReview', 'Response should have promptReview flag');
45
- assert.ok(
46
- typeof response.data.review.promptReview === 'boolean',
47
- 'promptReview should be a boolean'
48
- );
49
- },
50
- },
51
-
52
- // Test 3: Feedback with dislike
53
- {
54
- name: 'dislike-feedback-succeeds',
55
- auth: 'basic',
56
- timeout: 30000,
57
-
58
- async run({ http, assert }) {
59
- const response = await http.post('backend-manager/user/feedback', {
60
- rating: 'dislike',
61
- like: '',
62
- dislike: 'Could use some improvements in the UI',
63
- });
64
-
65
- assert.isSuccess(response, 'Submit negative feedback should succeed');
66
- assert.hasProperty(response, 'data.review', 'Response should contain review decision');
67
- },
68
- },
69
-
70
- // Test 4: Premium user can submit feedback
71
- {
72
- name: 'premium-user-succeeds',
73
- auth: 'premium-active',
74
- timeout: 30000,
75
-
76
- async run({ http, assert }) {
77
- const response = await http.post('backend-manager/user/feedback', {
78
- rating: 'like',
79
- like: 'Premium features are great!',
80
- dislike: '',
81
- });
82
-
83
- assert.isSuccess(response, 'Submit feedback should succeed for premium user');
84
- },
85
- },
86
-
87
- // Test 5: Unauthenticated request fails
88
- {
89
- name: 'unauthenticated-rejected',
90
- auth: 'none',
91
- timeout: 15000,
92
-
93
- async run({ http, assert }) {
94
- const response = await http.post('backend-manager/user/feedback', {
95
- rating: 'like',
96
- like: 'Test',
97
- dislike: '',
98
- });
99
-
100
- assert.isError(response, 401, 'Submit feedback should fail without authentication');
101
- },
102
- },
103
- ],
104
- };
@@ -1,199 +0,0 @@
1
- /**
2
- * Test: GET /user/sessions and DELETE /user/sessions
3
- * Tests the user sessions endpoints
4
- * GET returns sessions for authenticated users from Realtime Database
5
- * DELETE signs out all sessions (revokes refresh tokens and clears session data)
6
- */
7
- module.exports = {
8
- description: 'User sessions (get and sign-out)',
9
- type: 'group',
10
- tests: [
11
- // --- GET /user/sessions tests ---
12
-
13
- // Test 1: Authenticated user can get sessions
14
- {
15
- name: 'get-authenticated-user-succeeds',
16
- auth: 'basic',
17
- timeout: 15000,
18
-
19
- async run({ http, assert }) {
20
- const response = await http.get('backend-manager/user/sessions', {});
21
-
22
- assert.isSuccess(response, 'Get active sessions should succeed for authenticated user');
23
- assert.ok(
24
- typeof response.data === 'object',
25
- 'Response data should be an object'
26
- );
27
- },
28
- },
29
-
30
- // Test 2: Default session id is 'app'
31
- {
32
- name: 'get-default-session-is-app',
33
- auth: 'basic',
34
- timeout: 15000,
35
-
36
- async run({ http, assert }) {
37
- // With no id specified, should query sessions/app
38
- const response = await http.get('backend-manager/user/sessions', {});
39
-
40
- assert.isSuccess(response, 'Get active sessions should succeed');
41
- // Response is an object (may be empty if no sessions)
42
- assert.ok(
43
- response.data !== undefined,
44
- 'Response should have data'
45
- );
46
- },
47
- },
48
-
49
- // Test 3: Custom session id
50
- {
51
- name: 'get-custom-session-id',
52
- auth: 'basic',
53
- timeout: 15000,
54
-
55
- async run({ http, assert }) {
56
- const response = await http.get('backend-manager/user/sessions', {
57
- id: 'custom-session-type',
58
- });
59
-
60
- assert.isSuccess(response, 'Get active sessions with custom id should succeed');
61
- assert.ok(
62
- typeof response.data === 'object',
63
- 'Response data should be an object'
64
- );
65
- },
66
- },
67
-
68
- // Test 4: Empty sessions returns empty object
69
- {
70
- name: 'get-no-sessions-returns-empty',
71
- auth: 'basic',
72
- timeout: 15000,
73
-
74
- async run({ http, assert }) {
75
- // Query a session type that definitely doesn't exist
76
- const response = await http.get('backend-manager/user/sessions', {
77
- id: 'nonexistent-session-type-12345',
78
- });
79
-
80
- assert.isSuccess(response, 'Get sessions for empty type should succeed');
81
- assert.ok(
82
- Object.keys(response.data).length === 0,
83
- 'Empty session type should return empty object'
84
- );
85
- },
86
- },
87
-
88
- // Test 5: Admin can get sessions
89
- {
90
- name: 'get-admin-succeeds',
91
- auth: 'admin',
92
- timeout: 15000,
93
-
94
- async run({ http, assert }) {
95
- const response = await http.get('backend-manager/user/sessions', {});
96
-
97
- assert.isSuccess(response, 'Get active sessions should succeed for admin');
98
- },
99
- },
100
-
101
- // Test 6: Unauthenticated GET request fails
102
- {
103
- name: 'get-unauthenticated-rejected',
104
- auth: 'none',
105
- timeout: 15000,
106
-
107
- async run({ http, assert }) {
108
- const response = await http.get('backend-manager/user/sessions', {});
109
-
110
- assert.isError(response, 401, 'Get active sessions should fail without authentication');
111
- },
112
- },
113
-
114
- // --- DELETE /user/sessions tests ---
115
-
116
- // Test 7: Authenticated user can sign out all sessions
117
- {
118
- name: 'delete-authenticated-user-succeeds',
119
- auth: 'basic',
120
- timeout: 30000, // Longer timeout due to session cleanup
121
-
122
- async run({ http, assert }) {
123
- const response = await http.delete('backend-manager/user/sessions', {});
124
-
125
- assert.isSuccess(response, 'Sign out all sessions should succeed for authenticated user');
126
- assert.hasProperty(response, 'data.sessions', 'Response should contain sessions count');
127
- assert.hasProperty(response, 'data.message', 'Response should contain message');
128
- assert.ok(
129
- typeof response.data.sessions === 'number',
130
- 'sessions should be a number'
131
- );
132
- assert.ok(
133
- response.data.sessions >= 0,
134
- 'sessions count should be non-negative'
135
- );
136
- },
137
- },
138
-
139
- // Test 8: Custom session id for delete
140
- {
141
- name: 'delete-custom-session-id',
142
- auth: 'basic',
143
- timeout: 30000,
144
-
145
- async run({ http, assert }) {
146
- const response = await http.delete('backend-manager/user/sessions', {
147
- id: 'custom-session-type',
148
- });
149
-
150
- assert.isSuccess(response, 'Sign out with custom session id should succeed');
151
- assert.hasProperty(response, 'data.sessions', 'Response should contain sessions count');
152
- },
153
- },
154
-
155
- // Test 9: Premium user can sign out all sessions
156
- // Note: backendManagerKey admin doesn't have auth.uid, so we test with premium user instead
157
- {
158
- name: 'delete-premium-user-succeeds',
159
- auth: 'premium-active',
160
- timeout: 30000,
161
-
162
- async run({ http, assert }) {
163
- const response = await http.delete('backend-manager/user/sessions', {});
164
-
165
- assert.isSuccess(response, 'Sign out all sessions should succeed for premium user');
166
- assert.hasProperty(response, 'data.sessions', 'Response should contain sessions count');
167
- },
168
- },
169
-
170
- // Test 10: Multiple calls are idempotent
171
- {
172
- name: 'delete-idempotent-operation',
173
- auth: 'basic',
174
- timeout: 30000,
175
-
176
- async run({ http, assert }) {
177
- // Call twice in a row - both should succeed
178
- const response1 = await http.delete('backend-manager/user/sessions', {});
179
- const response2 = await http.delete('backend-manager/user/sessions', {});
180
-
181
- assert.isSuccess(response1, 'First sign out should succeed');
182
- assert.isSuccess(response2, 'Second sign out should succeed (idempotent)');
183
- },
184
- },
185
-
186
- // Test 11: Unauthenticated DELETE request fails
187
- {
188
- name: 'delete-unauthenticated-rejected',
189
- auth: 'none',
190
- timeout: 15000,
191
-
192
- async run({ http, assert }) {
193
- const response = await http.delete('backend-manager/user/sessions', {});
194
-
195
- assert.isError(response, 401, 'Sign out all sessions should fail without authentication');
196
- },
197
- },
198
- ],
199
- };
@@ -1,82 +0,0 @@
1
- /**
2
- * Test: POST /user/settings/validate
3
- * Tests the user validate settings endpoint
4
- * Requires authentication and validates settings against schema
5
- *
6
- * SKIPPED: Requires project-specific defaults.js file which BEM test environment doesn't have
7
- */
8
- module.exports = {
9
- description: 'User validate settings',
10
- skip: 'Requires project-specific defaults.js file',
11
- type: 'group',
12
- tests: [
13
- // Test 1: Authenticated user can validate settings
14
- {
15
- name: 'authenticated-user-succeeds',
16
- auth: 'basic',
17
- timeout: 15000,
18
-
19
- async run({ http, assert }) {
20
- const response = await http.post('backend-manager/user/settings/validate', {
21
- existingSettings: {},
22
- newSettings: {},
23
- });
24
-
25
- assert.isSuccess(response, 'Validate settings should succeed for authenticated user');
26
- },
27
- },
28
-
29
- // Test 2: With existing settings
30
- {
31
- name: 'with-existing-settings',
32
- auth: 'basic',
33
- timeout: 15000,
34
-
35
- async run({ http, assert }) {
36
- const response = await http.post('backend-manager/user/settings/validate', {
37
- existingSettings: {
38
- theme: 'dark',
39
- notifications: true,
40
- },
41
- newSettings: {
42
- theme: 'light',
43
- },
44
- });
45
-
46
- assert.isSuccess(response, 'Validate settings with data should succeed');
47
- },
48
- },
49
-
50
- // Test 3: Premium user can validate settings
51
- {
52
- name: 'premium-user-succeeds',
53
- auth: 'premium-active',
54
- timeout: 15000,
55
-
56
- async run({ http, assert }) {
57
- const response = await http.post('backend-manager/user/settings/validate', {
58
- existingSettings: {},
59
- newSettings: {},
60
- });
61
-
62
- assert.isSuccess(response, 'Validate settings should succeed for premium user');
63
- },
64
- },
65
-
66
- // Test 4: Unauthenticated request fails
67
- {
68
- name: 'unauthenticated-rejected',
69
- auth: 'none',
70
- timeout: 15000,
71
-
72
- async run({ http, assert }) {
73
- const response = await http.post('backend-manager/user/settings/validate', {
74
- existingSettings: {},
75
- newSettings: {},
76
- });
77
-
78
- assert.isError(response, 401, 'Validate settings should fail without authentication');
79
- },
80
- },
81
- ],
82
- };