backend-manager 5.9.7 → 5.9.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (216) hide show
  1. package/package.json +5 -3
  2. package/src/cli/commands/setup-tests/bem-config.js +3 -2
  3. package/src/cli/commands/setup-tests/helpers.js +5 -0
  4. package/src/cli/commands/setup-tests/project-id-consistency.js +2 -1
  5. package/src/test/fixtures/firebase-project/.temp/test-mode.json +1 -1
  6. package/src/test/fixtures/firebase-project/database-debug.log +8 -8
  7. package/src/test/fixtures/firebase-project/firestore-debug.log +57 -55
  8. package/src/test/fixtures/firebase-project/pubsub-debug.log +3 -3
  9. package/templates/_.env +42 -0
  10. package/templates/_.gitignore +60 -0
  11. package/templates/backend-manager-config.json +249 -0
  12. package/templates/database.rules.json +83 -0
  13. package/templates/firebase.json +66 -0
  14. package/templates/firestore.indexes.json +4 -0
  15. package/templates/firestore.rules +112 -0
  16. package/templates/public/404.html +26 -0
  17. package/templates/public/index.html +24 -0
  18. package/templates/remoteconfig.template.json +1 -0
  19. package/templates/storage-lifecycle-config-1-day.json +9 -0
  20. package/templates/storage-lifecycle-config-30-days.json +9 -0
  21. package/templates/storage.rules +8 -0
  22. package/test/_init/accounts-validation.js +58 -0
  23. package/test/_legacy/ai/index.js +231 -0
  24. package/test/_legacy/ai/test.jpg +0 -0
  25. package/test/_legacy/ai/test.pdf +0 -0
  26. package/test/_legacy/index.js +31 -0
  27. package/test/_legacy/payment-resolver/chargebee/orders/refunded.json +0 -0
  28. package/test/_legacy/payment-resolver/chargebee/orders/unpaid.json +98 -0
  29. package/test/_legacy/payment-resolver/chargebee/subscriptions/active.json +578 -0
  30. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-in-trial.json +38 -0
  31. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-skipped-to-active.json +135 -0
  32. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active-to-cancelled.json +42 -0
  33. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active.json +44 -0
  34. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-cancelled.json +39 -0
  35. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-refund.json +143 -0
  36. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-suspended.json +48 -0
  37. package/test/_legacy/payment-resolver/coinbase/orders/regular.json +204 -0
  38. package/test/_legacy/payment-resolver/coinbase/subscriptions/cancelled.json +204 -0
  39. package/test/_legacy/payment-resolver/coinbase/subscriptions/paid-2.json +125 -0
  40. package/test/_legacy/payment-resolver/index.js +1558 -0
  41. package/test/_legacy/payment-resolver/paypal/orders/refunded.json +0 -0
  42. package/test/_legacy/payment-resolver/paypal/orders/regular.json +120 -0
  43. package/test/_legacy/payment-resolver/paypal/subscriptions/active-refund-previous-stmnt.json +323 -0
  44. package/test/_legacy/payment-resolver/paypal/subscriptions/active.json +192 -0
  45. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-in-trial.json +125 -0
  46. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-not-complete.json +76 -0
  47. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue-2.json +114 -0
  48. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue.json +114 -0
  49. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active-to-cancelled.json +111 -0
  50. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active.json +132 -0
  51. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-cancelled.json +107 -0
  52. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-expired.json +91 -0
  53. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-refund.json +147 -0
  54. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-suspended.json +120 -0
  55. package/test/_legacy/payment-resolver/stripe/orders/refunded.json +0 -0
  56. package/test/_legacy/payment-resolver/stripe/orders/regular.json +91 -0
  57. package/test/_legacy/payment-resolver/stripe/subscriptions/active.json +421 -0
  58. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-in-trial.json +349 -0
  59. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active-failed-authorization.json +430 -0
  60. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active.json +319 -0
  61. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-cancelled.json +319 -0
  62. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-refund.json +414 -0
  63. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-suspended.json +319 -0
  64. package/test/_legacy/payment-resolver/stripe/subscriptions/unsure.json +339 -0
  65. package/test/_legacy/test-new +1178 -0
  66. package/test/_legacy/test.md +89 -0
  67. package/test/_legacy/usage.js +175 -0
  68. package/test/_legacy/user.js +31 -0
  69. package/test/ai/tools-live.js +170 -0
  70. package/test/boot/emulator-boots.js +37 -0
  71. package/test/content/blog-generate.js +160 -0
  72. package/test/email/campaign-send.js +45 -0
  73. package/test/email/consent-lifecycle.js +257 -0
  74. package/test/email/feedback-and-plain-send.js +52 -0
  75. package/test/email/fixtures/clean.json +30 -0
  76. package/test/email/fixtures/editorial.json +30 -0
  77. package/test/email/fixtures/field-report.json +53 -0
  78. package/test/email/marketing-lifecycle.js +132 -0
  79. package/test/email/newsletter-generate.js +819 -0
  80. package/test/email/newsletter-templates.js +491 -0
  81. package/test/email/templates.js +207 -0
  82. package/test/email/transactional-send.js +34 -0
  83. package/test/email/transactional.js +560 -0
  84. package/test/email/validation.js +710 -0
  85. package/test/events/auth-delete-race.js +201 -0
  86. package/test/events/payments/journey-payments-cancel-endpoint.js +100 -0
  87. package/test/events/payments/journey-payments-cancel.js +182 -0
  88. package/test/events/payments/journey-payments-discount.js +89 -0
  89. package/test/events/payments/journey-payments-failure.js +146 -0
  90. package/test/events/payments/journey-payments-legacy-product.js +149 -0
  91. package/test/events/payments/journey-payments-one-time-failure.js +111 -0
  92. package/test/events/payments/journey-payments-one-time.js +136 -0
  93. package/test/events/payments/journey-payments-plan-change.js +144 -0
  94. package/test/events/payments/journey-payments-refund-webhook.js +180 -0
  95. package/test/events/payments/journey-payments-suspend.js +181 -0
  96. package/test/events/payments/journey-payments-trial-cancel.js +130 -0
  97. package/test/events/payments/journey-payments-trial.js +171 -0
  98. package/test/events/payments/journey-payments-uid-resolution.js +132 -0
  99. package/test/events/payments/journey-payments-upgrade.js +135 -0
  100. package/test/fixtures/chargebee/invoice-one-time.json +27 -0
  101. package/test/fixtures/chargebee/subscription-active.json +44 -0
  102. package/test/fixtures/chargebee/subscription-cancelled.json +42 -0
  103. package/test/fixtures/chargebee/subscription-in-trial.json +41 -0
  104. package/test/fixtures/chargebee/subscription-legacy-plan.json +41 -0
  105. package/test/fixtures/chargebee/subscription-non-renewing.json +41 -0
  106. package/test/fixtures/chargebee/subscription-paused.json +42 -0
  107. package/test/fixtures/chargebee/webhook-payment-failed.json +51 -0
  108. package/test/fixtures/chargebee/webhook-subscription-created.json +47 -0
  109. package/test/fixtures/paypal/order-approved.json +62 -0
  110. package/test/fixtures/paypal/order-completed.json +110 -0
  111. package/test/fixtures/paypal/subscription-active.json +76 -0
  112. package/test/fixtures/paypal/subscription-cancelled.json +50 -0
  113. package/test/fixtures/paypal/subscription-suspended.json +65 -0
  114. package/test/fixtures/stripe/checkout-session-completed.json +130 -0
  115. package/test/fixtures/stripe/invoice-payment-failed.json +148 -0
  116. package/test/fixtures/stripe/invoice-subscription-payment-failed.json +28 -0
  117. package/test/fixtures/stripe/subscription-active.json +161 -0
  118. package/test/fixtures/stripe/subscription-canceled.json +161 -0
  119. package/test/fixtures/stripe/subscription-trialing.json +161 -0
  120. package/test/functions/admin/database-read.js +134 -0
  121. package/test/functions/admin/database-write.js +159 -0
  122. package/test/functions/admin/edit-post.js +366 -0
  123. package/test/functions/admin/firestore-query.js +207 -0
  124. package/test/functions/admin/firestore-read.js +129 -0
  125. package/test/functions/admin/firestore-write.js +105 -0
  126. package/test/functions/admin/get-stats.js +115 -0
  127. package/test/functions/admin/send-email.js +119 -0
  128. package/test/functions/admin/send-notification.js +208 -0
  129. package/test/functions/admin/write-repo-content.js +223 -0
  130. package/test/functions/general/add-marketing-contact.js +335 -0
  131. package/test/functions/general/fetch-post.js +54 -0
  132. package/test/functions/general/generate-uuid.js +114 -0
  133. package/test/functions/test/authenticate.js +64 -0
  134. package/test/functions/user/create-custom-token.js +73 -0
  135. package/test/functions/user/delete.js +135 -0
  136. package/test/functions/user/get-active-sessions.js +111 -0
  137. package/test/functions/user/get-subscription-info.js +99 -0
  138. package/test/functions/user/regenerate-api-keys.js +156 -0
  139. package/test/functions/user/resolve.js +52 -0
  140. package/test/functions/user/sign-out-all-sessions.js +94 -0
  141. package/test/functions/user/sign-up.js +252 -0
  142. package/test/functions/user/submit-feedback.js +104 -0
  143. package/test/functions/user/validate-settings.js +82 -0
  144. package/test/helpers/ai-request-payload.js +300 -0
  145. package/test/helpers/ai-test-provider.js +202 -0
  146. package/test/helpers/ai-tools-format.js +383 -0
  147. package/test/helpers/content/blog-auto-publisher.js +484 -0
  148. package/test/helpers/content/feed-parser.js +528 -0
  149. package/test/helpers/content/ghostii-blocks.js +134 -0
  150. package/test/helpers/content/ghostii-feed-integration.js +404 -0
  151. package/test/helpers/content/ghostii-write-article.js +243 -0
  152. package/test/helpers/environment.js +230 -0
  153. package/test/helpers/infer-contact.js +113 -0
  154. package/test/helpers/merge-line-files.js +271 -0
  155. package/test/helpers/payment/chargebee/parse-webhook.js +413 -0
  156. package/test/helpers/payment/chargebee/to-unified-one-time.js +147 -0
  157. package/test/helpers/payment/chargebee/to-unified-subscription.js +648 -0
  158. package/test/helpers/payment/paypal/parse-webhook.js +539 -0
  159. package/test/helpers/payment/paypal/to-unified-one-time.js +382 -0
  160. package/test/helpers/payment/paypal/to-unified-subscription.js +820 -0
  161. package/test/helpers/payment/stripe/parse-webhook.js +447 -0
  162. package/test/helpers/payment/stripe/to-unified-one-time.js +306 -0
  163. package/test/helpers/payment/stripe/to-unified-subscription.js +708 -0
  164. package/test/helpers/sanitize.js +222 -0
  165. package/test/helpers/slugify.js +394 -0
  166. package/test/helpers/storage.js +194 -0
  167. package/test/helpers/user.js +755 -0
  168. package/test/helpers/webhook-forward.js +418 -0
  169. package/test/mcp/discovery.js +53 -0
  170. package/test/mcp/oauth.js +161 -0
  171. package/test/mcp/protocol.js +268 -0
  172. package/test/mcp/roles.js +188 -0
  173. package/test/mcp/utils.js +245 -0
  174. package/test/routes/admin/create-post.js +364 -0
  175. package/test/routes/admin/database.js +131 -0
  176. package/test/routes/admin/deduplicate-image-alts.js +190 -0
  177. package/test/routes/admin/email.js +114 -0
  178. package/test/routes/admin/firestore-query.js +204 -0
  179. package/test/routes/admin/firestore.js +127 -0
  180. package/test/routes/admin/infer-contact.js +218 -0
  181. package/test/routes/admin/notification.js +198 -0
  182. package/test/routes/admin/post-resize-image.js +184 -0
  183. package/test/routes/admin/post.js +368 -0
  184. package/test/routes/admin/repo-content.js +223 -0
  185. package/test/routes/admin/stats.js +112 -0
  186. package/test/routes/content/post.js +54 -0
  187. package/test/routes/general/uuid.js +115 -0
  188. package/test/routes/marketing/campaign.js +125 -0
  189. package/test/routes/marketing/contact.js +370 -0
  190. package/test/routes/marketing/email-preferences.js +292 -0
  191. package/test/routes/marketing/push-send.js +32 -0
  192. package/test/routes/marketing/webhook-forward.js +61 -0
  193. package/test/routes/marketing/webhook.js +639 -0
  194. package/test/routes/payments/cancel.js +163 -0
  195. package/test/routes/payments/discount.js +80 -0
  196. package/test/routes/payments/dispute-alert.js +320 -0
  197. package/test/routes/payments/intent.js +336 -0
  198. package/test/routes/payments/portal.js +92 -0
  199. package/test/routes/payments/refund.js +179 -0
  200. package/test/routes/payments/trial-eligibility.js +71 -0
  201. package/test/routes/payments/webhook.js +107 -0
  202. package/test/routes/test/authenticate.js +59 -0
  203. package/test/routes/test/schema.js +554 -0
  204. package/test/routes/test/usage.js +342 -0
  205. package/test/routes/user/api-keys.js +156 -0
  206. package/test/routes/user/delete.js +136 -0
  207. package/test/routes/user/feedback.js +104 -0
  208. package/test/routes/user/sessions.js +199 -0
  209. package/test/routes/user/settings-validate.js +82 -0
  210. package/test/routes/user/signup.js +542 -0
  211. package/test/routes/user/subscription.js +99 -0
  212. package/test/routes/user/token.js +73 -0
  213. package/test/routes/user/user.js +157 -0
  214. package/test/rules/notifications.js +410 -0
  215. package/test/rules/payments-carts.js +371 -0
  216. package/test/rules/user.js +396 -0
@@ -0,0 +1,554 @@
1
+ /**
2
+ * Test: POST /test/schema
3
+ * Comprehensive schema validation tests
4
+ * Tests all field types, options, and plan-based variations
5
+ */
6
+ module.exports = {
7
+ description: 'Schema validation',
8
+ type: 'group',
9
+ timeout: 30000,
10
+
11
+ tests: [
12
+ // ===================
13
+ // BASIC TYPES
14
+ // ===================
15
+ {
16
+ name: 'default-values-applied',
17
+ async run({ http, assert }) {
18
+ const response = await http.as('basic').post('backend-manager/test/schema', {
19
+ requiredField: 'provided', // Must provide required field
20
+ });
21
+
22
+ assert.isSuccess(response, 'Request should succeed');
23
+
24
+ const { settings } = response.data;
25
+
26
+ // Check all defaults are applied
27
+ assert.equal(settings.stringField, 'default-string', 'String default');
28
+ assert.equal(settings.numberField, 42, 'Number default');
29
+ assert.equal(settings.booleanField, false, 'Boolean default');
30
+ assert.deepEqual(settings.arrayField, ['a', 'b', 'c'], 'Array default');
31
+ // Note: Object defaults may include schema metadata due to powertools.defaults() behavior
32
+ assert.equal(settings.objectField.key, 'value', 'Object default key');
33
+ },
34
+ },
35
+
36
+ {
37
+ name: 'user-values-override-defaults',
38
+ async run({ http, assert }) {
39
+ const response = await http.as('basic').post('backend-manager/test/schema', {
40
+ requiredField: 'provided',
41
+ stringField: 'custom-string',
42
+ numberField: 100,
43
+ booleanField: true,
44
+ arrayField: ['x', 'y'],
45
+ objectField: { custom: 'data' },
46
+ });
47
+
48
+ assert.isSuccess(response, 'Request should succeed');
49
+
50
+ const { settings } = response.data;
51
+
52
+ assert.equal(settings.stringField, 'custom-string', 'String overridden');
53
+ assert.equal(settings.numberField, 100, 'Number overridden');
54
+ assert.equal(settings.booleanField, true, 'Boolean overridden');
55
+ assert.deepEqual(settings.arrayField, ['x', 'y'], 'Array overridden');
56
+ assert.equal(settings.objectField.custom, 'data', 'Object overridden');
57
+ },
58
+ },
59
+
60
+ // ===================
61
+ // REQUIRED FIELDS
62
+ // ===================
63
+ {
64
+ name: 'required-field-missing-fails',
65
+ async run({ http, assert }) {
66
+ const response = await http.as('basic').post('backend-manager/test/schema', {
67
+ // NOT providing requiredField
68
+ });
69
+
70
+ assert.isError(response, 400, 'Should fail with 400 for missing required field');
71
+ },
72
+ },
73
+
74
+ {
75
+ name: 'required-field-provided-succeeds',
76
+ async run({ http, assert }) {
77
+ const response = await http.as('basic').post('backend-manager/test/schema', {
78
+ requiredField: 'i-am-required',
79
+ });
80
+
81
+ assert.isSuccess(response, 'Should succeed when required field provided');
82
+ assert.equal(response.data.settings.requiredField, 'i-am-required', 'Required field value');
83
+ },
84
+ },
85
+
86
+ {
87
+ name: 'conditional-required-basic-user',
88
+ auth: 'basic',
89
+ async run({ http, assert }) {
90
+ // Basic user - conditionalRequired should NOT be required
91
+ const response = await http.as('basic').post('backend-manager/test/schema', {
92
+ requiredField: 'provided',
93
+ // NOT providing conditionalRequired
94
+ });
95
+
96
+ assert.isSuccess(response, 'Basic user should succeed without conditionalRequired');
97
+ },
98
+ },
99
+
100
+ {
101
+ name: 'conditional-required-premium-user',
102
+ auth: 'premium-active',
103
+ async run({ http, assert }) {
104
+ // Premium user - conditionalRequired SHOULD be required
105
+ const response = await http.as('premium-active').post('backend-manager/test/schema', {
106
+ requiredField: 'provided',
107
+ // NOT providing conditionalRequired
108
+ });
109
+
110
+ assert.isError(response, 400, 'Premium user should fail without conditionalRequired');
111
+ },
112
+ },
113
+
114
+ {
115
+ name: 'conditional-required-premium-provided',
116
+ auth: 'premium-active',
117
+ async run({ http, assert }) {
118
+ const response = await http.as('premium-active').post('backend-manager/test/schema', {
119
+ requiredField: 'provided',
120
+ conditionalRequired: 'also-provided',
121
+ });
122
+
123
+ assert.isSuccess(response, 'Premium user should succeed with conditionalRequired');
124
+ },
125
+ },
126
+
127
+ // ===================
128
+ // FUNCTION DEFAULTS
129
+ // ===================
130
+ {
131
+ name: 'function-default-executed',
132
+ async run({ http, assert }) {
133
+ const response = await http.as('basic').post('backend-manager/test/schema', {
134
+ requiredField: 'provided',
135
+ });
136
+
137
+ assert.isSuccess(response, 'Request should succeed');
138
+
139
+ const { settings } = response.data;
140
+
141
+ // functionDefault should be a generated string
142
+ assert.match(settings.functionDefault, /^generated-\d+$/, 'Function default should be generated');
143
+ },
144
+ },
145
+
146
+ {
147
+ name: 'user-based-default-authenticated',
148
+ async run({ http, assert, accounts }) {
149
+ const response = await http.as('basic').post('backend-manager/test/schema', {
150
+ requiredField: 'provided',
151
+ });
152
+
153
+ assert.isSuccess(response, 'Request should succeed');
154
+
155
+ const { settings } = response.data;
156
+
157
+ // userBasedDefault should be the user's UID
158
+ assert.equal(settings.userBasedDefault, accounts.basic.uid, 'User-based default should be UID');
159
+ },
160
+ },
161
+
162
+ {
163
+ name: 'user-based-default-unauthenticated',
164
+ auth: 'none',
165
+ async run({ http, assert }) {
166
+ const response = await http.as('none').post('backend-manager/test/schema', {
167
+ requiredField: 'provided',
168
+ });
169
+
170
+ assert.isSuccess(response, 'Request should succeed');
171
+
172
+ const { settings } = response.data;
173
+
174
+ // userBasedDefault should be 'anonymous' for unauthenticated users
175
+ assert.equal(settings.userBasedDefault, 'anonymous', 'User-based default should be anonymous');
176
+ },
177
+ },
178
+
179
+ // ===================
180
+ // FORCED VALUE
181
+ // ===================
182
+ {
183
+ name: 'forced-value-overrides-user-input',
184
+ async run({ http, assert }) {
185
+ const response = await http.as('basic').post('backend-manager/test/schema', {
186
+ requiredField: 'provided',
187
+ forcedValue: 'user-tried-to-set-this',
188
+ });
189
+
190
+ assert.isSuccess(response, 'Request should succeed');
191
+
192
+ const { settings } = response.data;
193
+
194
+ // forcedValue should always be the schema's value, not user input
195
+ assert.equal(settings.forcedValue, 'always-this-value', 'Forced value should override user input');
196
+ },
197
+ },
198
+
199
+ // ===================
200
+ // MIN/MAX FOR NUMBERS
201
+ // ===================
202
+ {
203
+ name: 'min-number-enforced',
204
+ async run({ http, assert }) {
205
+ const response = await http.as('basic').post('backend-manager/test/schema', {
206
+ requiredField: 'provided',
207
+ minNumber: -5, // Below min of 1
208
+ });
209
+
210
+ assert.isSuccess(response, 'Request should succeed');
211
+
212
+ const { settings } = response.data;
213
+
214
+ // Should be clamped to min
215
+ assert.equal(settings.minNumber, 1, 'Number should be clamped to min');
216
+ },
217
+ },
218
+
219
+ {
220
+ name: 'max-number-enforced',
221
+ async run({ http, assert }) {
222
+ const response = await http.as('basic').post('backend-manager/test/schema', {
223
+ requiredField: 'provided',
224
+ maxNumber: 500, // Above max of 100
225
+ });
226
+
227
+ assert.isSuccess(response, 'Request should succeed');
228
+
229
+ const { settings } = response.data;
230
+
231
+ // Should be clamped to max
232
+ assert.equal(settings.maxNumber, 100, 'Number should be clamped to max');
233
+ },
234
+ },
235
+
236
+ {
237
+ name: 'clamped-number-within-range',
238
+ async run({ http, assert }) {
239
+ const response = await http.as('basic').post('backend-manager/test/schema', {
240
+ requiredField: 'provided',
241
+ clampedNumber: 75, // Within range 10-100
242
+ });
243
+
244
+ assert.isSuccess(response, 'Request should succeed');
245
+
246
+ const { settings } = response.data;
247
+
248
+ assert.equal(settings.clampedNumber, 75, 'Number within range should be unchanged');
249
+ },
250
+ },
251
+
252
+ {
253
+ name: 'clamped-number-below-range',
254
+ async run({ http, assert }) {
255
+ const response = await http.as('basic').post('backend-manager/test/schema', {
256
+ requiredField: 'provided',
257
+ clampedNumber: 5, // Below min of 10
258
+ });
259
+
260
+ assert.isSuccess(response, 'Request should succeed');
261
+
262
+ const { settings } = response.data;
263
+
264
+ assert.equal(settings.clampedNumber, 10, 'Number should be clamped to min');
265
+ },
266
+ },
267
+
268
+ {
269
+ name: 'clamped-number-above-range',
270
+ async run({ http, assert }) {
271
+ const response = await http.as('basic').post('backend-manager/test/schema', {
272
+ requiredField: 'provided',
273
+ clampedNumber: 200, // Above max of 100
274
+ });
275
+
276
+ assert.isSuccess(response, 'Request should succeed');
277
+
278
+ const { settings } = response.data;
279
+
280
+ assert.equal(settings.clampedNumber, 100, 'Number should be clamped to max');
281
+ },
282
+ },
283
+
284
+ // ===================
285
+ // MIN/MAX FOR STRINGS
286
+ // ===================
287
+ {
288
+ name: 'max-length-string-truncated',
289
+ async run({ http, assert }) {
290
+ const response = await http.as('basic').post('backend-manager/test/schema', {
291
+ requiredField: 'provided',
292
+ maxLengthString: 'this-is-way-too-long-for-the-limit', // max is 10
293
+ });
294
+
295
+ assert.isSuccess(response, 'Request should succeed');
296
+
297
+ const { settings } = response.data;
298
+
299
+ assert.equal(settings.maxLengthString.length, 10, 'String should be truncated to max length');
300
+ assert.equal(settings.maxLengthString, 'this-is-wa', 'String should be truncated correctly');
301
+ },
302
+ },
303
+
304
+ // ===================
305
+ // MIN/MAX FOR ARRAYS
306
+ // ===================
307
+ {
308
+ name: 'max-length-array-truncated',
309
+ async run({ http, assert }) {
310
+ const response = await http.as('basic').post('backend-manager/test/schema', {
311
+ requiredField: 'provided',
312
+ maxLengthArray: ['a', 'b', 'c', 'd', 'e'], // max is 3
313
+ });
314
+
315
+ assert.isSuccess(response, 'Request should succeed');
316
+
317
+ const { settings } = response.data;
318
+
319
+ assert.equal(settings.maxLengthArray.length, 3, 'Array should be truncated to max length');
320
+ assert.deepEqual(settings.maxLengthArray, ['a', 'b', 'c'], 'Array should be truncated correctly');
321
+ },
322
+ },
323
+
324
+ // ===================
325
+ // PLAN-BASED LIMITS
326
+ // ===================
327
+ {
328
+ name: 'plan-based-limit-basic-user',
329
+ auth: 'basic',
330
+ async run({ http, assert }) {
331
+ const response = await http.as('basic').post('backend-manager/test/schema', {
332
+ requiredField: 'provided',
333
+ planBasedLimit: 500, // Basic max is 100
334
+ });
335
+
336
+ assert.isSuccess(response, 'Request should succeed');
337
+
338
+ const { settings } = response.data;
339
+
340
+ assert.equal(settings.planBasedLimit, 100, 'Basic user should be clamped to 100');
341
+ },
342
+ },
343
+
344
+ {
345
+ name: 'plan-based-limit-premium-user',
346
+ auth: 'premium-active',
347
+ async run({ http, assert }) {
348
+ const response = await http.as('premium-active').post('backend-manager/test/schema', {
349
+ requiredField: 'provided',
350
+ conditionalRequired: 'provided', // Required for premium
351
+ planBasedLimit: 500, // Premium max is 1000
352
+ });
353
+
354
+ assert.isSuccess(response, 'Request should succeed');
355
+
356
+ const { settings } = response.data;
357
+
358
+ assert.equal(settings.planBasedLimit, 500, 'Premium user should allow 500');
359
+ },
360
+ },
361
+
362
+ // ===================
363
+ // MULTIPLE TYPES
364
+ // ===================
365
+ {
366
+ name: 'multi-type-accepts-string',
367
+ async run({ http, assert }) {
368
+ const response = await http.as('basic').post('backend-manager/test/schema', {
369
+ requiredField: 'provided',
370
+ multiType: 'hello',
371
+ });
372
+
373
+ assert.isSuccess(response, 'Request should succeed');
374
+
375
+ const { settings } = response.data;
376
+
377
+ assert.equal(settings.multiType, 'hello', 'Should accept string');
378
+ assert.isType(settings.multiType, 'string', 'Should be string type');
379
+ },
380
+ },
381
+
382
+ {
383
+ name: 'multi-type-accepts-number',
384
+ async run({ http, assert }) {
385
+ const response = await http.as('basic').post('backend-manager/test/schema', {
386
+ requiredField: 'provided',
387
+ multiType: 123,
388
+ });
389
+
390
+ assert.isSuccess(response, 'Request should succeed');
391
+
392
+ const { settings } = response.data;
393
+
394
+ assert.equal(settings.multiType, 123, 'Should accept number');
395
+ assert.isType(settings.multiType, 'number', 'Should be number type');
396
+ },
397
+ },
398
+
399
+ // ===================
400
+ // ANY TYPE
401
+ // ===================
402
+ {
403
+ name: 'any-type-accepts-anything',
404
+ async run({ http, assert }) {
405
+ const response = await http.as('basic').post('backend-manager/test/schema', {
406
+ requiredField: 'provided',
407
+ anyType: { complex: { nested: ['data', 123, true] } },
408
+ });
409
+
410
+ assert.isSuccess(response, 'Request should succeed');
411
+
412
+ const { settings } = response.data;
413
+
414
+ assert.deepEqual(settings.anyType, { complex: { nested: ['data', 123, true] } }, 'Should accept any type');
415
+ },
416
+ },
417
+
418
+ // ===================
419
+ // CLEAN (REGEX)
420
+ // ===================
421
+ {
422
+ name: 'clean-regex-removes-characters',
423
+ async run({ http, assert }) {
424
+ const response = await http.as('basic').post('backend-manager/test/schema', {
425
+ requiredField: 'provided',
426
+ cleanedString: 'hello@world!123#test',
427
+ });
428
+
429
+ assert.isSuccess(response, 'Request should succeed');
430
+
431
+ const { settings } = response.data;
432
+
433
+ assert.equal(settings.cleanedString, 'helloworld123test', 'Non-alphanumeric should be removed');
434
+ },
435
+ },
436
+
437
+ // ===================
438
+ // CLEAN (FUNCTION)
439
+ // ===================
440
+ {
441
+ name: 'clean-function-transforms-value',
442
+ async run({ http, assert }) {
443
+ const response = await http.as('basic').post('backend-manager/test/schema', {
444
+ requiredField: 'provided',
445
+ cleanedFunction: ' HELLO WORLD ',
446
+ });
447
+
448
+ assert.isSuccess(response, 'Request should succeed');
449
+
450
+ const { settings } = response.data;
451
+
452
+ assert.equal(settings.cleanedFunction, 'hello world', 'Should be lowercased and trimmed');
453
+ },
454
+ },
455
+
456
+ // ===================
457
+ // NESTED OBJECTS
458
+ // ===================
459
+ {
460
+ name: 'nested-defaults-applied',
461
+ async run({ http, assert }) {
462
+ const response = await http.as('basic').post('backend-manager/test/schema', {
463
+ requiredField: 'provided',
464
+ });
465
+
466
+ assert.isSuccess(response, 'Request should succeed');
467
+
468
+ const { settings } = response.data;
469
+
470
+ assert.hasProperty(settings, 'nested.level1', 'Nested property should exist');
471
+ assert.equal(settings.nested.level1, 'nested-default', 'Nested default should be applied');
472
+ },
473
+ },
474
+
475
+ {
476
+ name: 'nested-values-overridden',
477
+ async run({ http, assert }) {
478
+ const response = await http.as('basic').post('backend-manager/test/schema', {
479
+ requiredField: 'provided',
480
+ nested: {
481
+ level1: 'custom-nested',
482
+ },
483
+ });
484
+
485
+ assert.isSuccess(response, 'Request should succeed');
486
+
487
+ const { settings } = response.data;
488
+
489
+ assert.equal(settings.nested.level1, 'custom-nested', 'Nested value should be overridden');
490
+ },
491
+ },
492
+
493
+ // ===================
494
+ // UNAUTHENTICATED
495
+ // ===================
496
+ {
497
+ name: 'unauthenticated-request',
498
+ auth: 'none',
499
+ async run({ http, assert }) {
500
+ const response = await http.as('none').post('backend-manager/test/schema', {
501
+ requiredField: 'provided',
502
+ });
503
+
504
+ assert.isSuccess(response, 'Unauthenticated request should succeed');
505
+
506
+ const { user } = response.data;
507
+
508
+ assert.equal(user.authenticated, false, 'Should be unauthenticated');
509
+ assert.equal(user.subscription, 'basic', 'Should default to basic subscription');
510
+ },
511
+ },
512
+
513
+ // ===================
514
+ // AVAILABILITY
515
+ // ===================
516
+ {
517
+ name: 'premium-only-field-basic-user',
518
+ auth: 'basic',
519
+ async run({ http, assert }) {
520
+ const response = await http.as('basic').post('backend-manager/test/schema', {
521
+ requiredField: 'provided',
522
+ premiumOnlyField: 'trying-to-use-premium-feature',
523
+ });
524
+
525
+ assert.isSuccess(response, 'Request should succeed');
526
+
527
+ const { settings } = response.data;
528
+
529
+ // Basic user should NOT have access to premiumOnlyField
530
+ assert.ok(!('premiumOnlyField' in settings), 'Basic user should not have premiumOnlyField');
531
+ },
532
+ },
533
+
534
+ {
535
+ name: 'premium-only-field-premium-user',
536
+ auth: 'premium-active',
537
+ async run({ http, assert }) {
538
+ const response = await http.as('premium-active').post('backend-manager/test/schema', {
539
+ requiredField: 'provided',
540
+ conditionalRequired: 'provided',
541
+ premiumOnlyField: 'using-premium-feature',
542
+ });
543
+
544
+ assert.isSuccess(response, 'Request should succeed');
545
+
546
+ const { settings } = response.data;
547
+
548
+ // Premium user SHOULD have access to premiumOnlyField
549
+ assert.ok('premiumOnlyField' in settings, 'Premium user should have premiumOnlyField');
550
+ assert.equal(settings.premiumOnlyField, 'using-premium-feature', 'Premium user can set value');
551
+ },
552
+ },
553
+ ],
554
+ };