backend-manager 5.9.5 → 5.9.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (246) hide show
  1. package/package.json +8 -1
  2. package/src/manager/events/cron/runner.js +0 -1
  3. package/src/manager/libraries/email/data/disposable-domains.json +21 -0
  4. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/metadata.json +14 -0
  5. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.html +486 -0
  6. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.md +41 -0
  7. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.mjml +97 -0
  8. package/{test/email/fixtures/clean.json → src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/structure.json} +16 -4
  9. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/summary.md +1 -0
  10. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/metadata.json +14 -0
  11. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.html +486 -0
  12. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.md +41 -0
  13. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.mjml +97 -0
  14. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/structure.json +42 -0
  15. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/summary.md +1 -0
  16. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/metadata.json +14 -0
  17. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.html +486 -0
  18. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.md +41 -0
  19. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.mjml +97 -0
  20. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/structure.json +42 -0
  21. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/summary.md +1 -0
  22. package/src/test/fixtures/firebase-project/.temp/test-mode.json +6 -0
  23. package/src/test/fixtures/firebase-project/database-debug.log +12 -0
  24. package/src/test/fixtures/firebase-project/firestore-debug.log +132 -0
  25. package/src/test/fixtures/firebase-project/pubsub-debug.log +17 -0
  26. package/.codeclimate.yml +0 -32
  27. package/.nvmrc +0 -1
  28. package/CHANGELOG.md +0 -1440
  29. package/PROGRESS.md +0 -93
  30. package/TODO-2.md +0 -121
  31. package/TODO-CHARGEBLAST.md +0 -32
  32. package/TODO-WEBHOOK-KEY-LEGACY-REMOVAL.md +0 -15
  33. package/TODO-WEBHOOK-KEY-UPGRADE.md +0 -138
  34. package/TODO-email-auth.md +0 -14
  35. package/TODO.md +0 -187
  36. package/plans/mcp2.md +0 -247
  37. package/plans/suspended-subscription-dead-zone.md +0 -97
  38. package/scripts/test-helper-providers.js +0 -162
  39. package/scripts/update-disposable-domains.js +0 -44
  40. package/templates/_.env +0 -42
  41. package/templates/_.gitignore +0 -60
  42. package/templates/backend-manager-config.json +0 -249
  43. package/templates/database.rules.json +0 -83
  44. package/templates/firebase.json +0 -66
  45. package/templates/firestore.indexes.json +0 -4
  46. package/templates/firestore.rules +0 -112
  47. package/templates/public/404.html +0 -26
  48. package/templates/public/index.html +0 -24
  49. package/templates/remoteconfig.template.json +0 -1
  50. package/templates/storage-lifecycle-config-1-day.json +0 -9
  51. package/templates/storage-lifecycle-config-30-days.json +0 -9
  52. package/templates/storage.rules +0 -8
  53. package/test/_init/accounts-validation.js +0 -58
  54. package/test/_legacy/ai/index.js +0 -231
  55. package/test/_legacy/ai/test.jpg +0 -0
  56. package/test/_legacy/ai/test.pdf +0 -0
  57. package/test/_legacy/index.js +0 -31
  58. package/test/_legacy/payment-resolver/chargebee/orders/refunded.json +0 -0
  59. package/test/_legacy/payment-resolver/chargebee/orders/unpaid.json +0 -98
  60. package/test/_legacy/payment-resolver/chargebee/subscriptions/active.json +0 -578
  61. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-in-trial.json +0 -38
  62. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-skipped-to-active.json +0 -135
  63. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active-to-cancelled.json +0 -42
  64. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active.json +0 -44
  65. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-cancelled.json +0 -39
  66. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-refund.json +0 -143
  67. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-suspended.json +0 -48
  68. package/test/_legacy/payment-resolver/coinbase/orders/regular.json +0 -204
  69. package/test/_legacy/payment-resolver/coinbase/subscriptions/cancelled.json +0 -204
  70. package/test/_legacy/payment-resolver/coinbase/subscriptions/paid-2.json +0 -125
  71. package/test/_legacy/payment-resolver/index.js +0 -1558
  72. package/test/_legacy/payment-resolver/paypal/orders/refunded.json +0 -0
  73. package/test/_legacy/payment-resolver/paypal/orders/regular.json +0 -120
  74. package/test/_legacy/payment-resolver/paypal/subscriptions/active-refund-previous-stmnt.json +0 -323
  75. package/test/_legacy/payment-resolver/paypal/subscriptions/active.json +0 -192
  76. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-in-trial.json +0 -125
  77. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-not-complete.json +0 -76
  78. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue-2.json +0 -114
  79. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue.json +0 -114
  80. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active-to-cancelled.json +0 -111
  81. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active.json +0 -132
  82. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-cancelled.json +0 -107
  83. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-expired.json +0 -91
  84. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-refund.json +0 -147
  85. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-suspended.json +0 -120
  86. package/test/_legacy/payment-resolver/stripe/orders/refunded.json +0 -0
  87. package/test/_legacy/payment-resolver/stripe/orders/regular.json +0 -91
  88. package/test/_legacy/payment-resolver/stripe/subscriptions/active.json +0 -421
  89. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-in-trial.json +0 -349
  90. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active-failed-authorization.json +0 -430
  91. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active.json +0 -319
  92. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-cancelled.json +0 -319
  93. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-refund.json +0 -414
  94. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-suspended.json +0 -319
  95. package/test/_legacy/payment-resolver/stripe/subscriptions/unsure.json +0 -339
  96. package/test/_legacy/test-new +0 -1178
  97. package/test/_legacy/test.md +0 -89
  98. package/test/_legacy/usage.js +0 -175
  99. package/test/_legacy/user.js +0 -31
  100. package/test/ai/tools-live.js +0 -170
  101. package/test/boot/emulator-boots.js +0 -37
  102. package/test/content/blog-generate.js +0 -160
  103. package/test/email/campaign-send.js +0 -45
  104. package/test/email/consent-lifecycle.js +0 -257
  105. package/test/email/feedback-and-plain-send.js +0 -52
  106. package/test/email/fixtures/editorial.json +0 -30
  107. package/test/email/fixtures/field-report.json +0 -53
  108. package/test/email/marketing-lifecycle.js +0 -132
  109. package/test/email/newsletter-generate.js +0 -819
  110. package/test/email/newsletter-templates.js +0 -491
  111. package/test/email/templates.js +0 -207
  112. package/test/email/transactional-send.js +0 -34
  113. package/test/email/transactional.js +0 -560
  114. package/test/email/validation.js +0 -710
  115. package/test/events/auth-delete-race.js +0 -201
  116. package/test/events/payments/journey-payments-cancel-endpoint.js +0 -100
  117. package/test/events/payments/journey-payments-cancel.js +0 -182
  118. package/test/events/payments/journey-payments-discount.js +0 -89
  119. package/test/events/payments/journey-payments-failure.js +0 -146
  120. package/test/events/payments/journey-payments-legacy-product.js +0 -149
  121. package/test/events/payments/journey-payments-one-time-failure.js +0 -111
  122. package/test/events/payments/journey-payments-one-time.js +0 -136
  123. package/test/events/payments/journey-payments-plan-change.js +0 -144
  124. package/test/events/payments/journey-payments-refund-webhook.js +0 -180
  125. package/test/events/payments/journey-payments-suspend.js +0 -181
  126. package/test/events/payments/journey-payments-trial-cancel.js +0 -130
  127. package/test/events/payments/journey-payments-trial.js +0 -171
  128. package/test/events/payments/journey-payments-uid-resolution.js +0 -132
  129. package/test/events/payments/journey-payments-upgrade.js +0 -135
  130. package/test/fixtures/chargebee/invoice-one-time.json +0 -27
  131. package/test/fixtures/chargebee/subscription-active.json +0 -44
  132. package/test/fixtures/chargebee/subscription-cancelled.json +0 -42
  133. package/test/fixtures/chargebee/subscription-in-trial.json +0 -41
  134. package/test/fixtures/chargebee/subscription-legacy-plan.json +0 -41
  135. package/test/fixtures/chargebee/subscription-non-renewing.json +0 -41
  136. package/test/fixtures/chargebee/subscription-paused.json +0 -42
  137. package/test/fixtures/chargebee/webhook-payment-failed.json +0 -51
  138. package/test/fixtures/chargebee/webhook-subscription-created.json +0 -47
  139. package/test/fixtures/paypal/order-approved.json +0 -62
  140. package/test/fixtures/paypal/order-completed.json +0 -110
  141. package/test/fixtures/paypal/subscription-active.json +0 -76
  142. package/test/fixtures/paypal/subscription-cancelled.json +0 -50
  143. package/test/fixtures/paypal/subscription-suspended.json +0 -65
  144. package/test/fixtures/stripe/checkout-session-completed.json +0 -130
  145. package/test/fixtures/stripe/invoice-payment-failed.json +0 -148
  146. package/test/fixtures/stripe/invoice-subscription-payment-failed.json +0 -28
  147. package/test/fixtures/stripe/subscription-active.json +0 -161
  148. package/test/fixtures/stripe/subscription-canceled.json +0 -161
  149. package/test/fixtures/stripe/subscription-trialing.json +0 -161
  150. package/test/functions/admin/database-read.js +0 -134
  151. package/test/functions/admin/database-write.js +0 -159
  152. package/test/functions/admin/edit-post.js +0 -366
  153. package/test/functions/admin/firestore-query.js +0 -207
  154. package/test/functions/admin/firestore-read.js +0 -129
  155. package/test/functions/admin/firestore-write.js +0 -105
  156. package/test/functions/admin/get-stats.js +0 -115
  157. package/test/functions/admin/send-email.js +0 -119
  158. package/test/functions/admin/send-notification.js +0 -208
  159. package/test/functions/admin/write-repo-content.js +0 -223
  160. package/test/functions/general/add-marketing-contact.js +0 -335
  161. package/test/functions/general/fetch-post.js +0 -54
  162. package/test/functions/general/generate-uuid.js +0 -114
  163. package/test/functions/test/authenticate.js +0 -64
  164. package/test/functions/user/create-custom-token.js +0 -73
  165. package/test/functions/user/delete.js +0 -135
  166. package/test/functions/user/get-active-sessions.js +0 -111
  167. package/test/functions/user/get-subscription-info.js +0 -99
  168. package/test/functions/user/regenerate-api-keys.js +0 -156
  169. package/test/functions/user/resolve.js +0 -52
  170. package/test/functions/user/sign-out-all-sessions.js +0 -94
  171. package/test/functions/user/sign-up.js +0 -252
  172. package/test/functions/user/submit-feedback.js +0 -104
  173. package/test/functions/user/validate-settings.js +0 -82
  174. package/test/helpers/ai-request-payload.js +0 -300
  175. package/test/helpers/ai-test-provider.js +0 -202
  176. package/test/helpers/ai-tools-format.js +0 -383
  177. package/test/helpers/content/blog-auto-publisher.js +0 -484
  178. package/test/helpers/content/feed-parser.js +0 -528
  179. package/test/helpers/content/ghostii-blocks.js +0 -134
  180. package/test/helpers/content/ghostii-feed-integration.js +0 -404
  181. package/test/helpers/content/ghostii-write-article.js +0 -243
  182. package/test/helpers/environment.js +0 -230
  183. package/test/helpers/infer-contact.js +0 -113
  184. package/test/helpers/merge-line-files.js +0 -271
  185. package/test/helpers/payment/chargebee/parse-webhook.js +0 -413
  186. package/test/helpers/payment/chargebee/to-unified-one-time.js +0 -147
  187. package/test/helpers/payment/chargebee/to-unified-subscription.js +0 -648
  188. package/test/helpers/payment/paypal/parse-webhook.js +0 -539
  189. package/test/helpers/payment/paypal/to-unified-one-time.js +0 -382
  190. package/test/helpers/payment/paypal/to-unified-subscription.js +0 -820
  191. package/test/helpers/payment/stripe/parse-webhook.js +0 -447
  192. package/test/helpers/payment/stripe/to-unified-one-time.js +0 -306
  193. package/test/helpers/payment/stripe/to-unified-subscription.js +0 -708
  194. package/test/helpers/sanitize.js +0 -222
  195. package/test/helpers/slugify.js +0 -394
  196. package/test/helpers/storage.js +0 -194
  197. package/test/helpers/user.js +0 -755
  198. package/test/helpers/webhook-forward.js +0 -418
  199. package/test/mcp/discovery.js +0 -53
  200. package/test/mcp/oauth.js +0 -161
  201. package/test/mcp/protocol.js +0 -268
  202. package/test/mcp/roles.js +0 -188
  203. package/test/mcp/utils.js +0 -245
  204. package/test/routes/admin/create-post.js +0 -364
  205. package/test/routes/admin/database.js +0 -131
  206. package/test/routes/admin/deduplicate-image-alts.js +0 -190
  207. package/test/routes/admin/email.js +0 -114
  208. package/test/routes/admin/firestore-query.js +0 -204
  209. package/test/routes/admin/firestore.js +0 -127
  210. package/test/routes/admin/infer-contact.js +0 -218
  211. package/test/routes/admin/notification.js +0 -198
  212. package/test/routes/admin/post-resize-image.js +0 -184
  213. package/test/routes/admin/post.js +0 -368
  214. package/test/routes/admin/repo-content.js +0 -223
  215. package/test/routes/admin/stats.js +0 -112
  216. package/test/routes/content/post.js +0 -54
  217. package/test/routes/general/uuid.js +0 -115
  218. package/test/routes/marketing/campaign.js +0 -125
  219. package/test/routes/marketing/contact.js +0 -370
  220. package/test/routes/marketing/email-preferences.js +0 -292
  221. package/test/routes/marketing/push-send.js +0 -32
  222. package/test/routes/marketing/webhook-forward.js +0 -61
  223. package/test/routes/marketing/webhook.js +0 -639
  224. package/test/routes/payments/cancel.js +0 -163
  225. package/test/routes/payments/discount.js +0 -80
  226. package/test/routes/payments/dispute-alert.js +0 -320
  227. package/test/routes/payments/intent.js +0 -336
  228. package/test/routes/payments/portal.js +0 -92
  229. package/test/routes/payments/refund.js +0 -179
  230. package/test/routes/payments/trial-eligibility.js +0 -71
  231. package/test/routes/payments/webhook.js +0 -107
  232. package/test/routes/test/authenticate.js +0 -59
  233. package/test/routes/test/schema.js +0 -554
  234. package/test/routes/test/usage.js +0 -342
  235. package/test/routes/user/api-keys.js +0 -156
  236. package/test/routes/user/delete.js +0 -136
  237. package/test/routes/user/feedback.js +0 -104
  238. package/test/routes/user/sessions.js +0 -199
  239. package/test/routes/user/settings-validate.js +0 -82
  240. package/test/routes/user/signup.js +0 -542
  241. package/test/routes/user/subscription.js +0 -99
  242. package/test/routes/user/token.js +0 -73
  243. package/test/routes/user/user.js +0 -157
  244. package/test/rules/notifications.js +0 -410
  245. package/test/rules/payments-carts.js +0 -371
  246. package/test/rules/user.js +0 -396
@@ -1,104 +0,0 @@
1
- /**
2
- * Test: POST /user/feedback
3
- * Tests the user submit feedback endpoint
4
- * Requires authentication, saves feedback to Firestore
5
- * Note: Makes external call to ITW getApp endpoint
6
- */
7
- module.exports = {
8
- description: 'User submit feedback',
9
- type: 'group',
10
- tests: [
11
- // Test 1: Authenticated user can submit feedback
12
- {
13
- name: 'authenticated-user-succeeds',
14
- auth: 'basic',
15
- timeout: 30000, // Longer timeout due to external API call
16
-
17
- async run({ http, assert }) {
18
- const response = await http.post('backend-manager/user/feedback', {
19
- rating: 'like',
20
- like: 'Great app! Works well.',
21
- dislike: '',
22
- });
23
-
24
- assert.isSuccess(response, 'Submit feedback should succeed for authenticated user');
25
- assert.hasProperty(response, 'data.review', 'Response should contain review decision');
26
- assert.hasProperty(response, 'data.originalRequest', 'Response should contain original request');
27
- },
28
- },
29
-
30
- // Test 2: Feedback with love rating
31
- {
32
- name: 'love-rating-succeeds',
33
- auth: 'basic',
34
- timeout: 30000,
35
-
36
- async run({ http, assert }) {
37
- const response = await http.post('backend-manager/user/feedback', {
38
- rating: 'love',
39
- like: 'Absolutely love this app! Best thing ever! Highly recommend!',
40
- dislike: '',
41
- });
42
-
43
- assert.isSuccess(response, 'Submit feedback with love rating should succeed');
44
- assert.hasProperty(response, 'data.review.promptReview', 'Response should have promptReview flag');
45
- assert.ok(
46
- typeof response.data.review.promptReview === 'boolean',
47
- 'promptReview should be a boolean'
48
- );
49
- },
50
- },
51
-
52
- // Test 3: Feedback with dislike
53
- {
54
- name: 'dislike-feedback-succeeds',
55
- auth: 'basic',
56
- timeout: 30000,
57
-
58
- async run({ http, assert }) {
59
- const response = await http.post('backend-manager/user/feedback', {
60
- rating: 'dislike',
61
- like: '',
62
- dislike: 'Could use some improvements in the UI',
63
- });
64
-
65
- assert.isSuccess(response, 'Submit negative feedback should succeed');
66
- assert.hasProperty(response, 'data.review', 'Response should contain review decision');
67
- },
68
- },
69
-
70
- // Test 4: Premium user can submit feedback
71
- {
72
- name: 'premium-user-succeeds',
73
- auth: 'premium-active',
74
- timeout: 30000,
75
-
76
- async run({ http, assert }) {
77
- const response = await http.post('backend-manager/user/feedback', {
78
- rating: 'like',
79
- like: 'Premium features are great!',
80
- dislike: '',
81
- });
82
-
83
- assert.isSuccess(response, 'Submit feedback should succeed for premium user');
84
- },
85
- },
86
-
87
- // Test 5: Unauthenticated request fails
88
- {
89
- name: 'unauthenticated-rejected',
90
- auth: 'none',
91
- timeout: 15000,
92
-
93
- async run({ http, assert }) {
94
- const response = await http.post('backend-manager/user/feedback', {
95
- rating: 'like',
96
- like: 'Test',
97
- dislike: '',
98
- });
99
-
100
- assert.isError(response, 401, 'Submit feedback should fail without authentication');
101
- },
102
- },
103
- ],
104
- };
@@ -1,199 +0,0 @@
1
- /**
2
- * Test: GET /user/sessions and DELETE /user/sessions
3
- * Tests the user sessions endpoints
4
- * GET returns sessions for authenticated users from Realtime Database
5
- * DELETE signs out all sessions (revokes refresh tokens and clears session data)
6
- */
7
- module.exports = {
8
- description: 'User sessions (get and sign-out)',
9
- type: 'group',
10
- tests: [
11
- // --- GET /user/sessions tests ---
12
-
13
- // Test 1: Authenticated user can get sessions
14
- {
15
- name: 'get-authenticated-user-succeeds',
16
- auth: 'basic',
17
- timeout: 15000,
18
-
19
- async run({ http, assert }) {
20
- const response = await http.get('backend-manager/user/sessions', {});
21
-
22
- assert.isSuccess(response, 'Get active sessions should succeed for authenticated user');
23
- assert.ok(
24
- typeof response.data === 'object',
25
- 'Response data should be an object'
26
- );
27
- },
28
- },
29
-
30
- // Test 2: Default session id is 'app'
31
- {
32
- name: 'get-default-session-is-app',
33
- auth: 'basic',
34
- timeout: 15000,
35
-
36
- async run({ http, assert }) {
37
- // With no id specified, should query sessions/app
38
- const response = await http.get('backend-manager/user/sessions', {});
39
-
40
- assert.isSuccess(response, 'Get active sessions should succeed');
41
- // Response is an object (may be empty if no sessions)
42
- assert.ok(
43
- response.data !== undefined,
44
- 'Response should have data'
45
- );
46
- },
47
- },
48
-
49
- // Test 3: Custom session id
50
- {
51
- name: 'get-custom-session-id',
52
- auth: 'basic',
53
- timeout: 15000,
54
-
55
- async run({ http, assert }) {
56
- const response = await http.get('backend-manager/user/sessions', {
57
- id: 'custom-session-type',
58
- });
59
-
60
- assert.isSuccess(response, 'Get active sessions with custom id should succeed');
61
- assert.ok(
62
- typeof response.data === 'object',
63
- 'Response data should be an object'
64
- );
65
- },
66
- },
67
-
68
- // Test 4: Empty sessions returns empty object
69
- {
70
- name: 'get-no-sessions-returns-empty',
71
- auth: 'basic',
72
- timeout: 15000,
73
-
74
- async run({ http, assert }) {
75
- // Query a session type that definitely doesn't exist
76
- const response = await http.get('backend-manager/user/sessions', {
77
- id: 'nonexistent-session-type-12345',
78
- });
79
-
80
- assert.isSuccess(response, 'Get sessions for empty type should succeed');
81
- assert.ok(
82
- Object.keys(response.data).length === 0,
83
- 'Empty session type should return empty object'
84
- );
85
- },
86
- },
87
-
88
- // Test 5: Admin can get sessions
89
- {
90
- name: 'get-admin-succeeds',
91
- auth: 'admin',
92
- timeout: 15000,
93
-
94
- async run({ http, assert }) {
95
- const response = await http.get('backend-manager/user/sessions', {});
96
-
97
- assert.isSuccess(response, 'Get active sessions should succeed for admin');
98
- },
99
- },
100
-
101
- // Test 6: Unauthenticated GET request fails
102
- {
103
- name: 'get-unauthenticated-rejected',
104
- auth: 'none',
105
- timeout: 15000,
106
-
107
- async run({ http, assert }) {
108
- const response = await http.get('backend-manager/user/sessions', {});
109
-
110
- assert.isError(response, 401, 'Get active sessions should fail without authentication');
111
- },
112
- },
113
-
114
- // --- DELETE /user/sessions tests ---
115
-
116
- // Test 7: Authenticated user can sign out all sessions
117
- {
118
- name: 'delete-authenticated-user-succeeds',
119
- auth: 'basic',
120
- timeout: 30000, // Longer timeout due to session cleanup
121
-
122
- async run({ http, assert }) {
123
- const response = await http.delete('backend-manager/user/sessions', {});
124
-
125
- assert.isSuccess(response, 'Sign out all sessions should succeed for authenticated user');
126
- assert.hasProperty(response, 'data.sessions', 'Response should contain sessions count');
127
- assert.hasProperty(response, 'data.message', 'Response should contain message');
128
- assert.ok(
129
- typeof response.data.sessions === 'number',
130
- 'sessions should be a number'
131
- );
132
- assert.ok(
133
- response.data.sessions >= 0,
134
- 'sessions count should be non-negative'
135
- );
136
- },
137
- },
138
-
139
- // Test 8: Custom session id for delete
140
- {
141
- name: 'delete-custom-session-id',
142
- auth: 'basic',
143
- timeout: 30000,
144
-
145
- async run({ http, assert }) {
146
- const response = await http.delete('backend-manager/user/sessions', {
147
- id: 'custom-session-type',
148
- });
149
-
150
- assert.isSuccess(response, 'Sign out with custom session id should succeed');
151
- assert.hasProperty(response, 'data.sessions', 'Response should contain sessions count');
152
- },
153
- },
154
-
155
- // Test 9: Premium user can sign out all sessions
156
- // Note: backendManagerKey admin doesn't have auth.uid, so we test with premium user instead
157
- {
158
- name: 'delete-premium-user-succeeds',
159
- auth: 'premium-active',
160
- timeout: 30000,
161
-
162
- async run({ http, assert }) {
163
- const response = await http.delete('backend-manager/user/sessions', {});
164
-
165
- assert.isSuccess(response, 'Sign out all sessions should succeed for premium user');
166
- assert.hasProperty(response, 'data.sessions', 'Response should contain sessions count');
167
- },
168
- },
169
-
170
- // Test 10: Multiple calls are idempotent
171
- {
172
- name: 'delete-idempotent-operation',
173
- auth: 'basic',
174
- timeout: 30000,
175
-
176
- async run({ http, assert }) {
177
- // Call twice in a row - both should succeed
178
- const response1 = await http.delete('backend-manager/user/sessions', {});
179
- const response2 = await http.delete('backend-manager/user/sessions', {});
180
-
181
- assert.isSuccess(response1, 'First sign out should succeed');
182
- assert.isSuccess(response2, 'Second sign out should succeed (idempotent)');
183
- },
184
- },
185
-
186
- // Test 11: Unauthenticated DELETE request fails
187
- {
188
- name: 'delete-unauthenticated-rejected',
189
- auth: 'none',
190
- timeout: 15000,
191
-
192
- async run({ http, assert }) {
193
- const response = await http.delete('backend-manager/user/sessions', {});
194
-
195
- assert.isError(response, 401, 'Sign out all sessions should fail without authentication');
196
- },
197
- },
198
- ],
199
- };
@@ -1,82 +0,0 @@
1
- /**
2
- * Test: POST /user/settings/validate
3
- * Tests the user validate settings endpoint
4
- * Requires authentication and validates settings against schema
5
- *
6
- * SKIPPED: Requires project-specific defaults.js file which BEM test environment doesn't have
7
- */
8
- module.exports = {
9
- description: 'User validate settings',
10
- skip: 'Requires project-specific defaults.js file',
11
- type: 'group',
12
- tests: [
13
- // Test 1: Authenticated user can validate settings
14
- {
15
- name: 'authenticated-user-succeeds',
16
- auth: 'basic',
17
- timeout: 15000,
18
-
19
- async run({ http, assert }) {
20
- const response = await http.post('backend-manager/user/settings/validate', {
21
- existingSettings: {},
22
- newSettings: {},
23
- });
24
-
25
- assert.isSuccess(response, 'Validate settings should succeed for authenticated user');
26
- },
27
- },
28
-
29
- // Test 2: With existing settings
30
- {
31
- name: 'with-existing-settings',
32
- auth: 'basic',
33
- timeout: 15000,
34
-
35
- async run({ http, assert }) {
36
- const response = await http.post('backend-manager/user/settings/validate', {
37
- existingSettings: {
38
- theme: 'dark',
39
- notifications: true,
40
- },
41
- newSettings: {
42
- theme: 'light',
43
- },
44
- });
45
-
46
- assert.isSuccess(response, 'Validate settings with data should succeed');
47
- },
48
- },
49
-
50
- // Test 3: Premium user can validate settings
51
- {
52
- name: 'premium-user-succeeds',
53
- auth: 'premium-active',
54
- timeout: 15000,
55
-
56
- async run({ http, assert }) {
57
- const response = await http.post('backend-manager/user/settings/validate', {
58
- existingSettings: {},
59
- newSettings: {},
60
- });
61
-
62
- assert.isSuccess(response, 'Validate settings should succeed for premium user');
63
- },
64
- },
65
-
66
- // Test 4: Unauthenticated request fails
67
- {
68
- name: 'unauthenticated-rejected',
69
- auth: 'none',
70
- timeout: 15000,
71
-
72
- async run({ http, assert }) {
73
- const response = await http.post('backend-manager/user/settings/validate', {
74
- existingSettings: {},
75
- newSettings: {},
76
- });
77
-
78
- assert.isError(response, 401, 'Validate settings should fail without authentication');
79
- },
80
- },
81
- ],
82
- };