backend-manager 5.9.5 โ†’ 5.9.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (246) hide show
  1. package/package.json +8 -1
  2. package/src/manager/events/cron/runner.js +0 -1
  3. package/src/manager/libraries/email/data/disposable-domains.json +21 -0
  4. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/metadata.json +14 -0
  5. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.html +486 -0
  6. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.md +41 -0
  7. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.mjml +97 -0
  8. package/{test/email/fixtures/clean.json โ†’ src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/structure.json} +16 -4
  9. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/summary.md +1 -0
  10. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/metadata.json +14 -0
  11. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.html +486 -0
  12. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.md +41 -0
  13. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.mjml +97 -0
  14. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/structure.json +42 -0
  15. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/summary.md +1 -0
  16. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/metadata.json +14 -0
  17. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.html +486 -0
  18. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.md +41 -0
  19. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.mjml +97 -0
  20. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/structure.json +42 -0
  21. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/summary.md +1 -0
  22. package/src/test/fixtures/firebase-project/.temp/test-mode.json +6 -0
  23. package/src/test/fixtures/firebase-project/database-debug.log +12 -0
  24. package/src/test/fixtures/firebase-project/firestore-debug.log +132 -0
  25. package/src/test/fixtures/firebase-project/pubsub-debug.log +17 -0
  26. package/.codeclimate.yml +0 -32
  27. package/.nvmrc +0 -1
  28. package/CHANGELOG.md +0 -1440
  29. package/PROGRESS.md +0 -93
  30. package/TODO-2.md +0 -121
  31. package/TODO-CHARGEBLAST.md +0 -32
  32. package/TODO-WEBHOOK-KEY-LEGACY-REMOVAL.md +0 -15
  33. package/TODO-WEBHOOK-KEY-UPGRADE.md +0 -138
  34. package/TODO-email-auth.md +0 -14
  35. package/TODO.md +0 -187
  36. package/plans/mcp2.md +0 -247
  37. package/plans/suspended-subscription-dead-zone.md +0 -97
  38. package/scripts/test-helper-providers.js +0 -162
  39. package/scripts/update-disposable-domains.js +0 -44
  40. package/templates/_.env +0 -42
  41. package/templates/_.gitignore +0 -60
  42. package/templates/backend-manager-config.json +0 -249
  43. package/templates/database.rules.json +0 -83
  44. package/templates/firebase.json +0 -66
  45. package/templates/firestore.indexes.json +0 -4
  46. package/templates/firestore.rules +0 -112
  47. package/templates/public/404.html +0 -26
  48. package/templates/public/index.html +0 -24
  49. package/templates/remoteconfig.template.json +0 -1
  50. package/templates/storage-lifecycle-config-1-day.json +0 -9
  51. package/templates/storage-lifecycle-config-30-days.json +0 -9
  52. package/templates/storage.rules +0 -8
  53. package/test/_init/accounts-validation.js +0 -58
  54. package/test/_legacy/ai/index.js +0 -231
  55. package/test/_legacy/ai/test.jpg +0 -0
  56. package/test/_legacy/ai/test.pdf +0 -0
  57. package/test/_legacy/index.js +0 -31
  58. package/test/_legacy/payment-resolver/chargebee/orders/refunded.json +0 -0
  59. package/test/_legacy/payment-resolver/chargebee/orders/unpaid.json +0 -98
  60. package/test/_legacy/payment-resolver/chargebee/subscriptions/active.json +0 -578
  61. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-in-trial.json +0 -38
  62. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-skipped-to-active.json +0 -135
  63. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active-to-cancelled.json +0 -42
  64. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active.json +0 -44
  65. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-cancelled.json +0 -39
  66. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-refund.json +0 -143
  67. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-suspended.json +0 -48
  68. package/test/_legacy/payment-resolver/coinbase/orders/regular.json +0 -204
  69. package/test/_legacy/payment-resolver/coinbase/subscriptions/cancelled.json +0 -204
  70. package/test/_legacy/payment-resolver/coinbase/subscriptions/paid-2.json +0 -125
  71. package/test/_legacy/payment-resolver/index.js +0 -1558
  72. package/test/_legacy/payment-resolver/paypal/orders/refunded.json +0 -0
  73. package/test/_legacy/payment-resolver/paypal/orders/regular.json +0 -120
  74. package/test/_legacy/payment-resolver/paypal/subscriptions/active-refund-previous-stmnt.json +0 -323
  75. package/test/_legacy/payment-resolver/paypal/subscriptions/active.json +0 -192
  76. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-in-trial.json +0 -125
  77. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-not-complete.json +0 -76
  78. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue-2.json +0 -114
  79. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue.json +0 -114
  80. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active-to-cancelled.json +0 -111
  81. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active.json +0 -132
  82. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-cancelled.json +0 -107
  83. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-expired.json +0 -91
  84. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-refund.json +0 -147
  85. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-suspended.json +0 -120
  86. package/test/_legacy/payment-resolver/stripe/orders/refunded.json +0 -0
  87. package/test/_legacy/payment-resolver/stripe/orders/regular.json +0 -91
  88. package/test/_legacy/payment-resolver/stripe/subscriptions/active.json +0 -421
  89. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-in-trial.json +0 -349
  90. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active-failed-authorization.json +0 -430
  91. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active.json +0 -319
  92. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-cancelled.json +0 -319
  93. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-refund.json +0 -414
  94. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-suspended.json +0 -319
  95. package/test/_legacy/payment-resolver/stripe/subscriptions/unsure.json +0 -339
  96. package/test/_legacy/test-new +0 -1178
  97. package/test/_legacy/test.md +0 -89
  98. package/test/_legacy/usage.js +0 -175
  99. package/test/_legacy/user.js +0 -31
  100. package/test/ai/tools-live.js +0 -170
  101. package/test/boot/emulator-boots.js +0 -37
  102. package/test/content/blog-generate.js +0 -160
  103. package/test/email/campaign-send.js +0 -45
  104. package/test/email/consent-lifecycle.js +0 -257
  105. package/test/email/feedback-and-plain-send.js +0 -52
  106. package/test/email/fixtures/editorial.json +0 -30
  107. package/test/email/fixtures/field-report.json +0 -53
  108. package/test/email/marketing-lifecycle.js +0 -132
  109. package/test/email/newsletter-generate.js +0 -819
  110. package/test/email/newsletter-templates.js +0 -491
  111. package/test/email/templates.js +0 -207
  112. package/test/email/transactional-send.js +0 -34
  113. package/test/email/transactional.js +0 -560
  114. package/test/email/validation.js +0 -710
  115. package/test/events/auth-delete-race.js +0 -201
  116. package/test/events/payments/journey-payments-cancel-endpoint.js +0 -100
  117. package/test/events/payments/journey-payments-cancel.js +0 -182
  118. package/test/events/payments/journey-payments-discount.js +0 -89
  119. package/test/events/payments/journey-payments-failure.js +0 -146
  120. package/test/events/payments/journey-payments-legacy-product.js +0 -149
  121. package/test/events/payments/journey-payments-one-time-failure.js +0 -111
  122. package/test/events/payments/journey-payments-one-time.js +0 -136
  123. package/test/events/payments/journey-payments-plan-change.js +0 -144
  124. package/test/events/payments/journey-payments-refund-webhook.js +0 -180
  125. package/test/events/payments/journey-payments-suspend.js +0 -181
  126. package/test/events/payments/journey-payments-trial-cancel.js +0 -130
  127. package/test/events/payments/journey-payments-trial.js +0 -171
  128. package/test/events/payments/journey-payments-uid-resolution.js +0 -132
  129. package/test/events/payments/journey-payments-upgrade.js +0 -135
  130. package/test/fixtures/chargebee/invoice-one-time.json +0 -27
  131. package/test/fixtures/chargebee/subscription-active.json +0 -44
  132. package/test/fixtures/chargebee/subscription-cancelled.json +0 -42
  133. package/test/fixtures/chargebee/subscription-in-trial.json +0 -41
  134. package/test/fixtures/chargebee/subscription-legacy-plan.json +0 -41
  135. package/test/fixtures/chargebee/subscription-non-renewing.json +0 -41
  136. package/test/fixtures/chargebee/subscription-paused.json +0 -42
  137. package/test/fixtures/chargebee/webhook-payment-failed.json +0 -51
  138. package/test/fixtures/chargebee/webhook-subscription-created.json +0 -47
  139. package/test/fixtures/paypal/order-approved.json +0 -62
  140. package/test/fixtures/paypal/order-completed.json +0 -110
  141. package/test/fixtures/paypal/subscription-active.json +0 -76
  142. package/test/fixtures/paypal/subscription-cancelled.json +0 -50
  143. package/test/fixtures/paypal/subscription-suspended.json +0 -65
  144. package/test/fixtures/stripe/checkout-session-completed.json +0 -130
  145. package/test/fixtures/stripe/invoice-payment-failed.json +0 -148
  146. package/test/fixtures/stripe/invoice-subscription-payment-failed.json +0 -28
  147. package/test/fixtures/stripe/subscription-active.json +0 -161
  148. package/test/fixtures/stripe/subscription-canceled.json +0 -161
  149. package/test/fixtures/stripe/subscription-trialing.json +0 -161
  150. package/test/functions/admin/database-read.js +0 -134
  151. package/test/functions/admin/database-write.js +0 -159
  152. package/test/functions/admin/edit-post.js +0 -366
  153. package/test/functions/admin/firestore-query.js +0 -207
  154. package/test/functions/admin/firestore-read.js +0 -129
  155. package/test/functions/admin/firestore-write.js +0 -105
  156. package/test/functions/admin/get-stats.js +0 -115
  157. package/test/functions/admin/send-email.js +0 -119
  158. package/test/functions/admin/send-notification.js +0 -208
  159. package/test/functions/admin/write-repo-content.js +0 -223
  160. package/test/functions/general/add-marketing-contact.js +0 -335
  161. package/test/functions/general/fetch-post.js +0 -54
  162. package/test/functions/general/generate-uuid.js +0 -114
  163. package/test/functions/test/authenticate.js +0 -64
  164. package/test/functions/user/create-custom-token.js +0 -73
  165. package/test/functions/user/delete.js +0 -135
  166. package/test/functions/user/get-active-sessions.js +0 -111
  167. package/test/functions/user/get-subscription-info.js +0 -99
  168. package/test/functions/user/regenerate-api-keys.js +0 -156
  169. package/test/functions/user/resolve.js +0 -52
  170. package/test/functions/user/sign-out-all-sessions.js +0 -94
  171. package/test/functions/user/sign-up.js +0 -252
  172. package/test/functions/user/submit-feedback.js +0 -104
  173. package/test/functions/user/validate-settings.js +0 -82
  174. package/test/helpers/ai-request-payload.js +0 -300
  175. package/test/helpers/ai-test-provider.js +0 -202
  176. package/test/helpers/ai-tools-format.js +0 -383
  177. package/test/helpers/content/blog-auto-publisher.js +0 -484
  178. package/test/helpers/content/feed-parser.js +0 -528
  179. package/test/helpers/content/ghostii-blocks.js +0 -134
  180. package/test/helpers/content/ghostii-feed-integration.js +0 -404
  181. package/test/helpers/content/ghostii-write-article.js +0 -243
  182. package/test/helpers/environment.js +0 -230
  183. package/test/helpers/infer-contact.js +0 -113
  184. package/test/helpers/merge-line-files.js +0 -271
  185. package/test/helpers/payment/chargebee/parse-webhook.js +0 -413
  186. package/test/helpers/payment/chargebee/to-unified-one-time.js +0 -147
  187. package/test/helpers/payment/chargebee/to-unified-subscription.js +0 -648
  188. package/test/helpers/payment/paypal/parse-webhook.js +0 -539
  189. package/test/helpers/payment/paypal/to-unified-one-time.js +0 -382
  190. package/test/helpers/payment/paypal/to-unified-subscription.js +0 -820
  191. package/test/helpers/payment/stripe/parse-webhook.js +0 -447
  192. package/test/helpers/payment/stripe/to-unified-one-time.js +0 -306
  193. package/test/helpers/payment/stripe/to-unified-subscription.js +0 -708
  194. package/test/helpers/sanitize.js +0 -222
  195. package/test/helpers/slugify.js +0 -394
  196. package/test/helpers/storage.js +0 -194
  197. package/test/helpers/user.js +0 -755
  198. package/test/helpers/webhook-forward.js +0 -418
  199. package/test/mcp/discovery.js +0 -53
  200. package/test/mcp/oauth.js +0 -161
  201. package/test/mcp/protocol.js +0 -268
  202. package/test/mcp/roles.js +0 -188
  203. package/test/mcp/utils.js +0 -245
  204. package/test/routes/admin/create-post.js +0 -364
  205. package/test/routes/admin/database.js +0 -131
  206. package/test/routes/admin/deduplicate-image-alts.js +0 -190
  207. package/test/routes/admin/email.js +0 -114
  208. package/test/routes/admin/firestore-query.js +0 -204
  209. package/test/routes/admin/firestore.js +0 -127
  210. package/test/routes/admin/infer-contact.js +0 -218
  211. package/test/routes/admin/notification.js +0 -198
  212. package/test/routes/admin/post-resize-image.js +0 -184
  213. package/test/routes/admin/post.js +0 -368
  214. package/test/routes/admin/repo-content.js +0 -223
  215. package/test/routes/admin/stats.js +0 -112
  216. package/test/routes/content/post.js +0 -54
  217. package/test/routes/general/uuid.js +0 -115
  218. package/test/routes/marketing/campaign.js +0 -125
  219. package/test/routes/marketing/contact.js +0 -370
  220. package/test/routes/marketing/email-preferences.js +0 -292
  221. package/test/routes/marketing/push-send.js +0 -32
  222. package/test/routes/marketing/webhook-forward.js +0 -61
  223. package/test/routes/marketing/webhook.js +0 -639
  224. package/test/routes/payments/cancel.js +0 -163
  225. package/test/routes/payments/discount.js +0 -80
  226. package/test/routes/payments/dispute-alert.js +0 -320
  227. package/test/routes/payments/intent.js +0 -336
  228. package/test/routes/payments/portal.js +0 -92
  229. package/test/routes/payments/refund.js +0 -179
  230. package/test/routes/payments/trial-eligibility.js +0 -71
  231. package/test/routes/payments/webhook.js +0 -107
  232. package/test/routes/test/authenticate.js +0 -59
  233. package/test/routes/test/schema.js +0 -554
  234. package/test/routes/test/usage.js +0 -342
  235. package/test/routes/user/api-keys.js +0 -156
  236. package/test/routes/user/delete.js +0 -136
  237. package/test/routes/user/feedback.js +0 -104
  238. package/test/routes/user/sessions.js +0 -199
  239. package/test/routes/user/settings-validate.js +0 -82
  240. package/test/routes/user/signup.js +0 -542
  241. package/test/routes/user/subscription.js +0 -99
  242. package/test/routes/user/token.js +0 -73
  243. package/test/routes/user/user.js +0 -157
  244. package/test/rules/notifications.js +0 -410
  245. package/test/rules/payments-carts.js +0 -371
  246. package/test/rules/user.js +0 -396
@@ -1,134 +0,0 @@
1
- /**
2
- * Test: admin:database-read
3
- * Tests the admin Realtime Database read command
4
- * Requires admin authentication
5
- */
6
- const TEST_PATH = '_test/database-read-test';
7
-
8
- module.exports = {
9
- description: 'Admin Realtime Database read operation',
10
- type: 'group',
11
- tests: [
12
- // Test 1: Setup - write test data first
13
- {
14
- name: 'setup-test-data',
15
- auth: 'admin',
16
- timeout: 15000,
17
-
18
- async run({ http, assert }) {
19
- // Write test data to read later
20
- const testData = {
21
- testField: 'database-read-test-value',
22
- timestamp: new Date().toISOString(),
23
- nested: {
24
- field1: 'nested-value',
25
- field2: 123,
26
- },
27
- };
28
-
29
- const writeResponse = await http.command('admin:database-write', {
30
- path: TEST_PATH,
31
- document: testData,
32
- });
33
-
34
- assert.isSuccess(writeResponse, 'Setup: Database write should succeed');
35
- },
36
- },
37
-
38
- // Test 2: Admin can read data
39
- {
40
- name: 'admin-read-succeeds',
41
- auth: 'admin',
42
- timeout: 15000,
43
-
44
- async run({ http, assert }) {
45
- const readResponse = await http.command('admin:database-read', {
46
- path: TEST_PATH,
47
- });
48
-
49
- assert.isSuccess(readResponse, 'Database read should succeed with admin auth');
50
- assert.hasProperty(readResponse, 'data.testField', 'Response should contain test data');
51
- assert.equal(
52
- readResponse.data.testField,
53
- 'database-read-test-value',
54
- 'Read data should match written data'
55
- );
56
- assert.hasProperty(readResponse, 'data.nested.field1', 'Response should contain nested data');
57
- assert.equal(
58
- readResponse.data.nested.field2,
59
- 123,
60
- 'Nested field should match written data'
61
- );
62
- },
63
- },
64
-
65
- // Test 3: Reading non-existent path returns empty/null
66
- {
67
- name: 'read-nonexistent-returns-null',
68
- auth: 'admin',
69
- timeout: 15000,
70
-
71
- async run({ http, assert }) {
72
- const readResponse = await http.command('admin:database-read', {
73
- path: '_test/nonexistent-path-12345',
74
- });
75
-
76
- assert.isSuccess(readResponse, 'Reading non-existent path should succeed');
77
- // Realtime Database returns null for non-existent paths
78
- // However, emulator may return empty object {} in some cases
79
- const data = readResponse.data;
80
- const isEmpty = data === null
81
- || data === undefined
82
- || (typeof data === 'object' && Object.keys(data).length === 0);
83
- assert.ok(
84
- isEmpty,
85
- `Non-existent path should return null, undefined, or empty object, got: ${JSON.stringify(data)}`
86
- );
87
- },
88
- },
89
-
90
- // Test 4: Missing path returns 400 error
91
- {
92
- name: 'missing-path-rejected',
93
- auth: 'admin',
94
- timeout: 15000,
95
-
96
- async run({ http, assert }) {
97
- const readResponse = await http.command('admin:database-read', {});
98
-
99
- assert.isError(readResponse, 400, 'Missing path should return 400');
100
- },
101
- },
102
-
103
- // Test 5: Unauthenticated request fails
104
- {
105
- name: 'unauthenticated-rejected',
106
- auth: 'none',
107
- timeout: 15000,
108
-
109
- async run({ http, assert }) {
110
- const readResponse = await http.command('admin:database-read', {
111
- path: TEST_PATH,
112
- });
113
-
114
- assert.isError(readResponse, 401, 'Database read should fail without authentication');
115
- },
116
- },
117
-
118
- // Test 6: Non-admin user fails
119
- {
120
- name: 'non-admin-rejected',
121
- auth: 'basic',
122
- timeout: 15000,
123
-
124
- async run({ http, assert }) {
125
- const readResponse = await http.command('admin:database-read', {
126
- path: TEST_PATH,
127
- });
128
-
129
- assert.isError(readResponse, 403, 'Database read should fail for non-admin user');
130
- },
131
- },
132
-
133
- ],
134
- };
@@ -1,159 +0,0 @@
1
- /**
2
- * Test: admin:database-write
3
- * Tests the admin Realtime Database write command
4
- * Requires admin authentication
5
- * Note: There's a bug in the API - line 19 checks `if (payload.user.roles.admin)` but should be `if (!payload.user.roles.admin)`
6
- */
7
- const TEST_PATH = '_test/database-write-test';
8
-
9
- module.exports = {
10
- description: 'Admin Realtime Database write operation',
11
- type: 'group',
12
- tests: [
13
- // Test 1: Admin can write data
14
- {
15
- name: 'admin-write-succeeds',
16
- auth: 'admin',
17
- timeout: 15000,
18
-
19
- async run({ http, assert }) {
20
- const testData = {
21
- testField: 'database-write-test-value',
22
- timestamp: new Date().toISOString(),
23
- nested: {
24
- field1: 'nested-value',
25
- field2: 456,
26
- },
27
- };
28
-
29
- const writeResponse = await http.command('admin:database-write', {
30
- path: TEST_PATH,
31
- document: testData,
32
- });
33
-
34
- assert.isSuccess(writeResponse, 'Database write should succeed with admin auth');
35
- assert.hasProperty(writeResponse, 'data.testField', 'Response should contain written data');
36
- assert.equal(
37
- writeResponse.data.testField,
38
- 'database-write-test-value',
39
- 'Response data should match input'
40
- );
41
- },
42
- },
43
-
44
- // Test 2: Verify written data can be read back
45
- {
46
- name: 'verify-write-persisted',
47
- auth: 'admin',
48
- timeout: 15000,
49
-
50
- async run({ http, assert }) {
51
- const readResponse = await http.command('admin:database-read', {
52
- path: TEST_PATH,
53
- });
54
-
55
- assert.isSuccess(readResponse, 'Reading written data should succeed');
56
- assert.equal(
57
- readResponse.data.testField,
58
- 'database-write-test-value',
59
- 'Persisted data should match written data'
60
- );
61
- assert.equal(
62
- readResponse.data.nested.field2,
63
- 456,
64
- 'Nested data should be persisted'
65
- );
66
- },
67
- },
68
-
69
- // Test 3: Can overwrite existing data
70
- {
71
- name: 'overwrite-succeeds',
72
- auth: 'admin',
73
- timeout: 15000,
74
-
75
- async run({ http, assert }) {
76
- const newData = {
77
- testField: 'updated-value',
78
- newField: 'this-is-new',
79
- };
80
-
81
- const writeResponse = await http.command('admin:database-write', {
82
- path: TEST_PATH,
83
- document: newData,
84
- });
85
-
86
- assert.isSuccess(writeResponse, 'Overwrite should succeed');
87
- assert.equal(
88
- writeResponse.data.testField,
89
- 'updated-value',
90
- 'Response should have updated value'
91
- );
92
-
93
- // Verify the data was actually overwritten (not merged)
94
- const readResponse = await http.command('admin:database-read', {
95
- path: TEST_PATH,
96
- });
97
-
98
- assert.isSuccess(readResponse, 'Reading overwritten data should succeed');
99
- assert.equal(
100
- readResponse.data.testField,
101
- 'updated-value',
102
- 'Data should be updated'
103
- );
104
- assert.ok(
105
- !readResponse.data.nested,
106
- 'Previous nested data should be gone (set replaces, not merges)'
107
- );
108
- },
109
- },
110
-
111
- // Test 4: Missing path returns 400 error
112
- {
113
- name: 'missing-path-rejected',
114
- auth: 'admin',
115
- timeout: 15000,
116
-
117
- async run({ http, assert }) {
118
- const writeResponse = await http.command('admin:database-write', {
119
- document: { test: 'data' },
120
- });
121
-
122
- assert.isError(writeResponse, 400, 'Missing path should return 400');
123
- },
124
- },
125
-
126
- // Test 5: Unauthenticated request fails
127
- {
128
- name: 'unauthenticated-rejected',
129
- auth: 'none',
130
- timeout: 15000,
131
-
132
- async run({ http, assert }) {
133
- const writeResponse = await http.command('admin:database-write', {
134
- path: TEST_PATH,
135
- document: { test: 'should-fail' },
136
- });
137
-
138
- assert.isError(writeResponse, 401, 'Database write should fail without authentication');
139
- },
140
- },
141
-
142
- // Test 6: Non-admin user fails
143
- {
144
- name: 'non-admin-rejected',
145
- auth: 'basic',
146
- timeout: 15000,
147
-
148
- async run({ http, assert }) {
149
- const writeResponse = await http.command('admin:database-write', {
150
- path: TEST_PATH,
151
- document: { test: 'should-fail' },
152
- });
153
-
154
- assert.isError(writeResponse, 403, 'Database write should fail for non-admin user');
155
- },
156
- },
157
-
158
- ],
159
- };
@@ -1,366 +0,0 @@
1
- /**
2
- * Test: admin:edit-post
3
- * Tests the admin edit post command
4
- * Edits blog post content in a GitHub repository
5
- * Requires admin/blogger role, GitHub API key, and repo_website config
6
- *
7
- * This is a suite because we need to:
8
- * 1. Create a test post file via Octokit
9
- * 2. Wait for GitHub to index it (for code search)
10
- * 3. Edit it via the API
11
- * 4. Clean up the test file
12
- */
13
- const { Octokit } = require('@octokit/rest');
14
-
15
- // Test post configuration
16
- const TEST_POST_SLUG = 'bem-test-post';
17
- const TEST_POST_ID = Date.now();
18
-
19
- // Generate frontmatter for the test post
20
- function generatePostContent(body) {
21
- const frontmatter = `layout: blueprint/blog/post
22
-
23
- meta:
24
- title: BEM Test Post
25
- description: This is a test post created by BEM test suite.
26
- og:image: ''
27
-
28
- post:
29
- title: BEM Test Post
30
- id: ${TEST_POST_ID}
31
- description: This is a test post created by BEM test suite.
32
- author: guest
33
- tags: []
34
- categories: []`;
35
-
36
- return `---\n${frontmatter}\n---\n\n${body}`;
37
- }
38
-
39
- module.exports = {
40
- description: 'Admin edit post on GitHub',
41
- type: 'suite',
42
- timeout: 300000, // 5 minutes total for the suite
43
- skip: !process.env.TEST_EXTENDED_MODE ? 'TEST_EXTENDED_MODE env var not set (skipping GitHub edit tests)' : false,
44
-
45
- tests: [
46
- // Test 1: Missing URL returns 400 error
47
- {
48
- name: 'missing-url-rejected',
49
- auth: 'admin',
50
- timeout: 15000,
51
-
52
- async run({ http, assert }) {
53
- const response = await http.command('admin:edit-post', {
54
- body: 'Test content',
55
- });
56
-
57
- assert.isError(response, 400, 'Missing URL should return 400');
58
- },
59
- },
60
-
61
- // Test 4: Missing body returns 400 error
62
- {
63
- name: 'missing-body-rejected',
64
- auth: 'admin',
65
- timeout: 15000,
66
-
67
- async run({ http, assert }) {
68
- const response = await http.command('admin:edit-post', {
69
- url: 'https://example.com/blog/test-post',
70
- });
71
-
72
- assert.isError(response, 400, 'Missing body should return 400');
73
- },
74
- },
75
-
76
- // Test 5: Non-existent post returns 404
77
- {
78
- name: 'nonexistent-post-returns-404',
79
- auth: 'admin',
80
- timeout: 60000,
81
-
82
- async run({ http, assert, config }) {
83
- const response = await http.command('admin:edit-post', {
84
- url: `https://${config.domain}/blog/nonexistent-test-post-12345`,
85
- body: 'This is test content from BEM test suite.',
86
- });
87
-
88
- assert.isError(response, 404, 'Non-existent post should return 404');
89
- },
90
- },
91
-
92
- // Test 6: Non-existent repo returns 404
93
- {
94
- name: 'nonexistent-repo-returns-404',
95
- auth: 'admin',
96
- timeout: 30000,
97
-
98
- async run({ http, assert }) {
99
- const response = await http.command('admin:edit-post', {
100
- url: 'https://example.com/blog/test-post',
101
- body: 'Test content',
102
- githubUser: 'nonexistent-user-12345',
103
- githubRepo: 'nonexistent-repo-12345',
104
- });
105
-
106
- assert.isError(response, 404, 'Non-existent repo should return 404');
107
- },
108
- },
109
-
110
- // Test 7: Create a test post via Octokit
111
- {
112
- name: 'create-test-post',
113
- auth: 'admin',
114
- timeout: 60000,
115
- skip: !process.env.GH_TOKEN ? 'GH_TOKEN env var not set' : false,
116
-
117
- async run({ assert, state, config }) {
118
- if (!config.github?.repo_website) {
119
- assert.fail('githubRepoWebsite not configured');
120
- return;
121
- }
122
-
123
- const octokit = new Octokit({ auth: process.env.GH_TOKEN });
124
-
125
- // Parse owner/repo from githubRepoWebsite
126
- const repoMatch = config.github?.repo_website.match(/github\.com\/([^/]+)\/([^/]+)/);
127
- if (!repoMatch) {
128
- assert.fail('Could not parse githubRepoWebsite');
129
- return;
130
- }
131
-
132
- state.owner = repoMatch[1];
133
- state.repo = repoMatch[2];
134
-
135
- // Build the post path (matches the structure expected by fetch-post)
136
- const date = new Date().toISOString().split('T')[0]; // YYYY-MM-DD
137
- const year = date.split('-')[0];
138
- state.postPath = `src/_posts/${year}/guest/${date}-${TEST_POST_SLUG}.md`;
139
- state.postSlug = TEST_POST_SLUG;
140
-
141
- // Create the post content
142
- const originalBody = 'This is the original content of the test post.\n\nIt will be edited by the BEM test suite.';
143
- state.originalBody = originalBody;
144
- const content = generatePostContent(originalBody);
145
-
146
- // Check if the file already exists (from a previous failed run)
147
- let existingSha;
148
- try {
149
- const existing = await octokit.rest.repos.getContent({
150
- owner: state.owner,
151
- repo: state.repo,
152
- path: state.postPath,
153
- });
154
- existingSha = existing.data.sha;
155
- } catch (e) {
156
- // File doesn't exist, that's fine
157
- }
158
-
159
- // Create or update the file via Octokit
160
- const createResult = await octokit.rest.repos.createOrUpdateFileContents({
161
- owner: state.owner,
162
- repo: state.repo,
163
- path: state.postPath,
164
- message: `๐Ÿงช BEM test: create test post for edit-post test`,
165
- content: Buffer.from(content).toString('base64'),
166
- sha: existingSha, // Include SHA if file exists
167
- }).catch(e => e);
168
-
169
- if (createResult instanceof Error) {
170
- assert.fail(`Failed to create test post: ${createResult.message}`);
171
- return;
172
- }
173
-
174
- assert.ok(createResult.data.content.sha, 'Post should be created with a SHA');
175
- state.postSha = createResult.data.content.sha;
176
- },
177
- },
178
-
179
- // Test 8: Verify the file exists via GitHub API (not code search)
180
- {
181
- name: 'verify-file-exists',
182
- auth: 'admin',
183
- timeout: 30000,
184
- skip: !process.env.GH_TOKEN ? 'GH_TOKEN env var not set' : false,
185
-
186
- async run({ assert, state, config }) {
187
- if (!state.postPath) {
188
- return; // Previous test didn't run
189
- }
190
-
191
- state.postUrl = `https://${config.domain}/blog/${state.postSlug}`;
192
-
193
- const octokit = new Octokit({ auth: process.env.GH_TOKEN });
194
-
195
- // Verify the file exists via direct API (not code search)
196
- const { data: fileData } = await octokit.rest.repos.getContent({
197
- owner: state.owner,
198
- repo: state.repo,
199
- path: state.postPath,
200
- });
201
-
202
- assert.ok(fileData.sha, 'File should exist in GitHub repo');
203
- state.currentSha = fileData.sha;
204
- },
205
- },
206
-
207
- // Test 9: Edit the test post via admin:edit-post
208
- // NOTE: This may fail if GitHub's code search hasn't indexed the file yet
209
- // The edit-post API uses fetch-post which relies on code search
210
- {
211
- name: 'edit-test-post',
212
- auth: 'admin',
213
- timeout: 60000,
214
- skip: !process.env.GH_TOKEN ? 'GH_TOKEN env var not set' : false,
215
-
216
- async run({ http, assert, state }) {
217
- if (!state.postUrl) {
218
- return; // Previous tests didn't run
219
- }
220
-
221
- const newBody = 'This content was EDITED by the BEM test suite.\n\nThe edit was successful!';
222
- state.editedBody = newBody;
223
-
224
- const response = await http.command('admin:edit-post', {
225
- url: state.postUrl,
226
- body: newBody,
227
- });
228
-
229
- // If fetch-post can't find the file (not indexed yet), it returns 404
230
- // This is a known limitation - the file exists but code search hasn't indexed it
231
- if (response.status === 404 && response.error?.includes('not found')) {
232
- state.editSkipped = true;
233
- assert.ok(true, 'Edit skipped - GitHub code search has not indexed the file yet (this is expected for new files)');
234
- return;
235
- }
236
-
237
- assert.isSuccess(response, 'Edit post should succeed');
238
- assert.hasProperty(response, 'data.url', 'Response should have url');
239
- },
240
- },
241
-
242
- // Test 10: Verify the edit was applied (using Octokit directly)
243
- {
244
- name: 'verify-edit',
245
- auth: 'admin',
246
- timeout: 30000,
247
- skip: !process.env.GH_TOKEN ? 'GH_TOKEN env var not set' : false,
248
-
249
- async run({ assert, state }) {
250
- if (!state.postPath || state.editSkipped) {
251
- assert.ok(true, 'Skipping verify - edit was not performed');
252
- return;
253
- }
254
-
255
- const octokit = new Octokit({ auth: process.env.GH_TOKEN });
256
-
257
- // Fetch the file directly from GitHub
258
- const { data: fileData } = await octokit.rest.repos.getContent({
259
- owner: state.owner,
260
- repo: state.repo,
261
- path: state.postPath,
262
- });
263
-
264
- // Decode the content
265
- const content = Buffer.from(fileData.content, 'base64').toString();
266
-
267
- assert.ok(
268
- content.includes('EDITED by the BEM test suite'),
269
- 'Post content should contain the edited text'
270
- );
271
- },
272
- },
273
-
274
- // --- Auth rejection tests (at end per convention) ---
275
- {
276
- name: 'unauthenticated-rejected',
277
- auth: 'none',
278
- timeout: 15000,
279
-
280
- async run({ http, assert }) {
281
- const response = await http.command('admin:edit-post', {
282
- url: 'https://example.com/blog/test-post',
283
- body: 'Test content',
284
- });
285
-
286
- assert.isError(response, 401, 'Edit post should fail without authentication');
287
- },
288
- },
289
-
290
- {
291
- name: 'non-admin-rejected',
292
- auth: 'basic',
293
- timeout: 15000,
294
-
295
- async run({ http, assert }) {
296
- const response = await http.command('admin:edit-post', {
297
- url: 'https://example.com/blog/test-post',
298
- body: 'Test content',
299
- });
300
-
301
- assert.isError(response, 403, 'Edit post should fail for non-admin user');
302
- },
303
- },
304
-
305
- // Cleanup - delete test post and cancel workflows
306
- {
307
- name: 'cleanup',
308
- auth: 'admin',
309
- timeout: 60000,
310
-
311
- async run({ state }) {
312
- if (!process.env.GH_TOKEN || !state.postPath) {
313
- return;
314
- }
315
-
316
- const octokit = new Octokit({ auth: process.env.GH_TOKEN });
317
-
318
- // Get the current SHA (may have changed after edit)
319
- try {
320
- const { data: fileData } = await octokit.rest.repos.getContent({
321
- owner: state.owner,
322
- repo: state.repo,
323
- path: state.postPath,
324
- });
325
-
326
- // Delete the test post
327
- await octokit.rest.repos.deleteFile({
328
- owner: state.owner,
329
- repo: state.repo,
330
- path: state.postPath,
331
- message: `๐Ÿงน BEM test cleanup: delete test post`,
332
- sha: fileData.sha,
333
- });
334
- } catch (e) {
335
- // File might not exist, ignore
336
- }
337
-
338
- // Cancel any running workflows triggered by our test commits
339
- try {
340
- const { data: runs } = await octokit.rest.actions.listWorkflowRunsForRepo({
341
- owner: state.owner,
342
- repo: state.repo,
343
- status: 'in_progress',
344
- per_page: 10,
345
- });
346
-
347
- for (const run of runs.workflow_runs) {
348
- if (run.head_commit?.message?.includes('BEM test')) {
349
- try {
350
- await octokit.rest.actions.cancelWorkflowRun({
351
- owner: state.owner,
352
- repo: state.repo,
353
- run_id: run.id,
354
- });
355
- } catch (e) {
356
- // May already be completed, ignore
357
- }
358
- }
359
- }
360
- } catch (e) {
361
- // Workflow cancellation failed, not critical
362
- }
363
- },
364
- },
365
- ],
366
- };