backend-manager 5.9.7 → 5.9.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +5 -3
- package/src/cli/commands/setup-tests/bem-config.js +3 -2
- package/src/cli/commands/setup-tests/helpers.js +5 -0
- package/src/cli/commands/setup-tests/project-id-consistency.js +2 -1
- package/src/test/fixtures/firebase-project/.temp/test-mode.json +1 -1
- package/src/test/fixtures/firebase-project/database-debug.log +8 -8
- package/src/test/fixtures/firebase-project/firestore-debug.log +57 -55
- package/src/test/fixtures/firebase-project/pubsub-debug.log +3 -3
- package/templates/_.env +42 -0
- package/templates/_.gitignore +60 -0
- package/templates/backend-manager-config.json +249 -0
- package/templates/database.rules.json +83 -0
- package/templates/firebase.json +66 -0
- package/templates/firestore.indexes.json +4 -0
- package/templates/firestore.rules +112 -0
- package/templates/public/404.html +26 -0
- package/templates/public/index.html +24 -0
- package/templates/remoteconfig.template.json +1 -0
- package/templates/storage-lifecycle-config-1-day.json +9 -0
- package/templates/storage-lifecycle-config-30-days.json +9 -0
- package/templates/storage.rules +8 -0
- package/test/_init/accounts-validation.js +58 -0
- package/test/_legacy/ai/index.js +231 -0
- package/test/_legacy/ai/test.jpg +0 -0
- package/test/_legacy/ai/test.pdf +0 -0
- package/test/_legacy/index.js +31 -0
- package/test/_legacy/payment-resolver/chargebee/orders/refunded.json +0 -0
- package/test/_legacy/payment-resolver/chargebee/orders/unpaid.json +98 -0
- package/test/_legacy/payment-resolver/chargebee/subscriptions/active.json +578 -0
- package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-in-trial.json +38 -0
- package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-skipped-to-active.json +135 -0
- package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active-to-cancelled.json +42 -0
- package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active.json +44 -0
- package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-cancelled.json +39 -0
- package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-refund.json +143 -0
- package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-suspended.json +48 -0
- package/test/_legacy/payment-resolver/coinbase/orders/regular.json +204 -0
- package/test/_legacy/payment-resolver/coinbase/subscriptions/cancelled.json +204 -0
- package/test/_legacy/payment-resolver/coinbase/subscriptions/paid-2.json +125 -0
- package/test/_legacy/payment-resolver/index.js +1558 -0
- package/test/_legacy/payment-resolver/paypal/orders/refunded.json +0 -0
- package/test/_legacy/payment-resolver/paypal/orders/regular.json +120 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/active-refund-previous-stmnt.json +323 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/active.json +192 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-in-trial.json +125 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-not-complete.json +76 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue-2.json +114 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue.json +114 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active-to-cancelled.json +111 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active.json +132 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-cancelled.json +107 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-expired.json +91 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-refund.json +147 -0
- package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-suspended.json +120 -0
- package/test/_legacy/payment-resolver/stripe/orders/refunded.json +0 -0
- package/test/_legacy/payment-resolver/stripe/orders/regular.json +91 -0
- package/test/_legacy/payment-resolver/stripe/subscriptions/active.json +421 -0
- package/test/_legacy/payment-resolver/stripe/subscriptions/trial-in-trial.json +349 -0
- package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active-failed-authorization.json +430 -0
- package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active.json +319 -0
- package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-cancelled.json +319 -0
- package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-refund.json +414 -0
- package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-suspended.json +319 -0
- package/test/_legacy/payment-resolver/stripe/subscriptions/unsure.json +339 -0
- package/test/_legacy/test-new +1178 -0
- package/test/_legacy/test.md +89 -0
- package/test/_legacy/usage.js +175 -0
- package/test/_legacy/user.js +31 -0
- package/test/ai/tools-live.js +170 -0
- package/test/boot/emulator-boots.js +37 -0
- package/test/content/blog-generate.js +160 -0
- package/test/email/campaign-send.js +45 -0
- package/test/email/consent-lifecycle.js +257 -0
- package/test/email/feedback-and-plain-send.js +52 -0
- package/test/email/fixtures/clean.json +30 -0
- package/test/email/fixtures/editorial.json +30 -0
- package/test/email/fixtures/field-report.json +53 -0
- package/test/email/marketing-lifecycle.js +132 -0
- package/test/email/newsletter-generate.js +819 -0
- package/test/email/newsletter-templates.js +491 -0
- package/test/email/templates.js +207 -0
- package/test/email/transactional-send.js +34 -0
- package/test/email/transactional.js +560 -0
- package/test/email/validation.js +710 -0
- package/test/events/auth-delete-race.js +201 -0
- package/test/events/payments/journey-payments-cancel-endpoint.js +100 -0
- package/test/events/payments/journey-payments-cancel.js +182 -0
- package/test/events/payments/journey-payments-discount.js +89 -0
- package/test/events/payments/journey-payments-failure.js +146 -0
- package/test/events/payments/journey-payments-legacy-product.js +149 -0
- package/test/events/payments/journey-payments-one-time-failure.js +111 -0
- package/test/events/payments/journey-payments-one-time.js +136 -0
- package/test/events/payments/journey-payments-plan-change.js +144 -0
- package/test/events/payments/journey-payments-refund-webhook.js +180 -0
- package/test/events/payments/journey-payments-suspend.js +181 -0
- package/test/events/payments/journey-payments-trial-cancel.js +130 -0
- package/test/events/payments/journey-payments-trial.js +171 -0
- package/test/events/payments/journey-payments-uid-resolution.js +132 -0
- package/test/events/payments/journey-payments-upgrade.js +135 -0
- package/test/fixtures/chargebee/invoice-one-time.json +27 -0
- package/test/fixtures/chargebee/subscription-active.json +44 -0
- package/test/fixtures/chargebee/subscription-cancelled.json +42 -0
- package/test/fixtures/chargebee/subscription-in-trial.json +41 -0
- package/test/fixtures/chargebee/subscription-legacy-plan.json +41 -0
- package/test/fixtures/chargebee/subscription-non-renewing.json +41 -0
- package/test/fixtures/chargebee/subscription-paused.json +42 -0
- package/test/fixtures/chargebee/webhook-payment-failed.json +51 -0
- package/test/fixtures/chargebee/webhook-subscription-created.json +47 -0
- package/test/fixtures/paypal/order-approved.json +62 -0
- package/test/fixtures/paypal/order-completed.json +110 -0
- package/test/fixtures/paypal/subscription-active.json +76 -0
- package/test/fixtures/paypal/subscription-cancelled.json +50 -0
- package/test/fixtures/paypal/subscription-suspended.json +65 -0
- package/test/fixtures/stripe/checkout-session-completed.json +130 -0
- package/test/fixtures/stripe/invoice-payment-failed.json +148 -0
- package/test/fixtures/stripe/invoice-subscription-payment-failed.json +28 -0
- package/test/fixtures/stripe/subscription-active.json +161 -0
- package/test/fixtures/stripe/subscription-canceled.json +161 -0
- package/test/fixtures/stripe/subscription-trialing.json +161 -0
- package/test/functions/admin/database-read.js +134 -0
- package/test/functions/admin/database-write.js +159 -0
- package/test/functions/admin/edit-post.js +366 -0
- package/test/functions/admin/firestore-query.js +207 -0
- package/test/functions/admin/firestore-read.js +129 -0
- package/test/functions/admin/firestore-write.js +105 -0
- package/test/functions/admin/get-stats.js +115 -0
- package/test/functions/admin/send-email.js +119 -0
- package/test/functions/admin/send-notification.js +208 -0
- package/test/functions/admin/write-repo-content.js +223 -0
- package/test/functions/general/add-marketing-contact.js +335 -0
- package/test/functions/general/fetch-post.js +54 -0
- package/test/functions/general/generate-uuid.js +114 -0
- package/test/functions/test/authenticate.js +64 -0
- package/test/functions/user/create-custom-token.js +73 -0
- package/test/functions/user/delete.js +135 -0
- package/test/functions/user/get-active-sessions.js +111 -0
- package/test/functions/user/get-subscription-info.js +99 -0
- package/test/functions/user/regenerate-api-keys.js +156 -0
- package/test/functions/user/resolve.js +52 -0
- package/test/functions/user/sign-out-all-sessions.js +94 -0
- package/test/functions/user/sign-up.js +252 -0
- package/test/functions/user/submit-feedback.js +104 -0
- package/test/functions/user/validate-settings.js +82 -0
- package/test/helpers/ai-request-payload.js +300 -0
- package/test/helpers/ai-test-provider.js +202 -0
- package/test/helpers/ai-tools-format.js +383 -0
- package/test/helpers/content/blog-auto-publisher.js +484 -0
- package/test/helpers/content/feed-parser.js +528 -0
- package/test/helpers/content/ghostii-blocks.js +134 -0
- package/test/helpers/content/ghostii-feed-integration.js +404 -0
- package/test/helpers/content/ghostii-write-article.js +243 -0
- package/test/helpers/environment.js +230 -0
- package/test/helpers/infer-contact.js +113 -0
- package/test/helpers/merge-line-files.js +271 -0
- package/test/helpers/payment/chargebee/parse-webhook.js +413 -0
- package/test/helpers/payment/chargebee/to-unified-one-time.js +147 -0
- package/test/helpers/payment/chargebee/to-unified-subscription.js +648 -0
- package/test/helpers/payment/paypal/parse-webhook.js +539 -0
- package/test/helpers/payment/paypal/to-unified-one-time.js +382 -0
- package/test/helpers/payment/paypal/to-unified-subscription.js +820 -0
- package/test/helpers/payment/stripe/parse-webhook.js +447 -0
- package/test/helpers/payment/stripe/to-unified-one-time.js +306 -0
- package/test/helpers/payment/stripe/to-unified-subscription.js +708 -0
- package/test/helpers/sanitize.js +222 -0
- package/test/helpers/slugify.js +394 -0
- package/test/helpers/storage.js +194 -0
- package/test/helpers/user.js +755 -0
- package/test/helpers/webhook-forward.js +418 -0
- package/test/mcp/discovery.js +53 -0
- package/test/mcp/oauth.js +161 -0
- package/test/mcp/protocol.js +268 -0
- package/test/mcp/roles.js +188 -0
- package/test/mcp/utils.js +245 -0
- package/test/routes/admin/create-post.js +364 -0
- package/test/routes/admin/database.js +131 -0
- package/test/routes/admin/deduplicate-image-alts.js +190 -0
- package/test/routes/admin/email.js +114 -0
- package/test/routes/admin/firestore-query.js +204 -0
- package/test/routes/admin/firestore.js +127 -0
- package/test/routes/admin/infer-contact.js +218 -0
- package/test/routes/admin/notification.js +198 -0
- package/test/routes/admin/post-resize-image.js +184 -0
- package/test/routes/admin/post.js +368 -0
- package/test/routes/admin/repo-content.js +223 -0
- package/test/routes/admin/stats.js +112 -0
- package/test/routes/content/post.js +54 -0
- package/test/routes/general/uuid.js +115 -0
- package/test/routes/marketing/campaign.js +125 -0
- package/test/routes/marketing/contact.js +370 -0
- package/test/routes/marketing/email-preferences.js +292 -0
- package/test/routes/marketing/push-send.js +32 -0
- package/test/routes/marketing/webhook-forward.js +61 -0
- package/test/routes/marketing/webhook.js +639 -0
- package/test/routes/payments/cancel.js +163 -0
- package/test/routes/payments/discount.js +80 -0
- package/test/routes/payments/dispute-alert.js +320 -0
- package/test/routes/payments/intent.js +336 -0
- package/test/routes/payments/portal.js +92 -0
- package/test/routes/payments/refund.js +179 -0
- package/test/routes/payments/trial-eligibility.js +71 -0
- package/test/routes/payments/webhook.js +107 -0
- package/test/routes/test/authenticate.js +59 -0
- package/test/routes/test/schema.js +554 -0
- package/test/routes/test/usage.js +342 -0
- package/test/routes/user/api-keys.js +156 -0
- package/test/routes/user/delete.js +136 -0
- package/test/routes/user/feedback.js +104 -0
- package/test/routes/user/sessions.js +199 -0
- package/test/routes/user/settings-validate.js +82 -0
- package/test/routes/user/signup.js +542 -0
- package/test/routes/user/subscription.js +99 -0
- package/test/routes/user/token.js +73 -0
- package/test/routes/user/user.js +157 -0
- package/test/rules/notifications.js +410 -0
- package/test/rules/payments-carts.js +371 -0
- package/test/rules/user.js +396 -0
|
@@ -0,0 +1,104 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Test: POST /user/feedback
|
|
3
|
+
* Tests the user submit feedback endpoint
|
|
4
|
+
* Requires authentication, saves feedback to Firestore
|
|
5
|
+
* Note: Makes external call to ITW getApp endpoint
|
|
6
|
+
*/
|
|
7
|
+
module.exports = {
|
|
8
|
+
description: 'User submit feedback',
|
|
9
|
+
type: 'group',
|
|
10
|
+
tests: [
|
|
11
|
+
// Test 1: Authenticated user can submit feedback
|
|
12
|
+
{
|
|
13
|
+
name: 'authenticated-user-succeeds',
|
|
14
|
+
auth: 'basic',
|
|
15
|
+
timeout: 30000, // Longer timeout due to external API call
|
|
16
|
+
|
|
17
|
+
async run({ http, assert }) {
|
|
18
|
+
const response = await http.post('backend-manager/user/feedback', {
|
|
19
|
+
rating: 'like',
|
|
20
|
+
like: 'Great app! Works well.',
|
|
21
|
+
dislike: '',
|
|
22
|
+
});
|
|
23
|
+
|
|
24
|
+
assert.isSuccess(response, 'Submit feedback should succeed for authenticated user');
|
|
25
|
+
assert.hasProperty(response, 'data.review', 'Response should contain review decision');
|
|
26
|
+
assert.hasProperty(response, 'data.originalRequest', 'Response should contain original request');
|
|
27
|
+
},
|
|
28
|
+
},
|
|
29
|
+
|
|
30
|
+
// Test 2: Feedback with love rating
|
|
31
|
+
{
|
|
32
|
+
name: 'love-rating-succeeds',
|
|
33
|
+
auth: 'basic',
|
|
34
|
+
timeout: 30000,
|
|
35
|
+
|
|
36
|
+
async run({ http, assert }) {
|
|
37
|
+
const response = await http.post('backend-manager/user/feedback', {
|
|
38
|
+
rating: 'love',
|
|
39
|
+
like: 'Absolutely love this app! Best thing ever! Highly recommend!',
|
|
40
|
+
dislike: '',
|
|
41
|
+
});
|
|
42
|
+
|
|
43
|
+
assert.isSuccess(response, 'Submit feedback with love rating should succeed');
|
|
44
|
+
assert.hasProperty(response, 'data.review.promptReview', 'Response should have promptReview flag');
|
|
45
|
+
assert.ok(
|
|
46
|
+
typeof response.data.review.promptReview === 'boolean',
|
|
47
|
+
'promptReview should be a boolean'
|
|
48
|
+
);
|
|
49
|
+
},
|
|
50
|
+
},
|
|
51
|
+
|
|
52
|
+
// Test 3: Feedback with dislike
|
|
53
|
+
{
|
|
54
|
+
name: 'dislike-feedback-succeeds',
|
|
55
|
+
auth: 'basic',
|
|
56
|
+
timeout: 30000,
|
|
57
|
+
|
|
58
|
+
async run({ http, assert }) {
|
|
59
|
+
const response = await http.post('backend-manager/user/feedback', {
|
|
60
|
+
rating: 'dislike',
|
|
61
|
+
like: '',
|
|
62
|
+
dislike: 'Could use some improvements in the UI',
|
|
63
|
+
});
|
|
64
|
+
|
|
65
|
+
assert.isSuccess(response, 'Submit negative feedback should succeed');
|
|
66
|
+
assert.hasProperty(response, 'data.review', 'Response should contain review decision');
|
|
67
|
+
},
|
|
68
|
+
},
|
|
69
|
+
|
|
70
|
+
// Test 4: Premium user can submit feedback
|
|
71
|
+
{
|
|
72
|
+
name: 'premium-user-succeeds',
|
|
73
|
+
auth: 'premium-active',
|
|
74
|
+
timeout: 30000,
|
|
75
|
+
|
|
76
|
+
async run({ http, assert }) {
|
|
77
|
+
const response = await http.post('backend-manager/user/feedback', {
|
|
78
|
+
rating: 'like',
|
|
79
|
+
like: 'Premium features are great!',
|
|
80
|
+
dislike: '',
|
|
81
|
+
});
|
|
82
|
+
|
|
83
|
+
assert.isSuccess(response, 'Submit feedback should succeed for premium user');
|
|
84
|
+
},
|
|
85
|
+
},
|
|
86
|
+
|
|
87
|
+
// Test 5: Unauthenticated request fails
|
|
88
|
+
{
|
|
89
|
+
name: 'unauthenticated-rejected',
|
|
90
|
+
auth: 'none',
|
|
91
|
+
timeout: 15000,
|
|
92
|
+
|
|
93
|
+
async run({ http, assert }) {
|
|
94
|
+
const response = await http.post('backend-manager/user/feedback', {
|
|
95
|
+
rating: 'like',
|
|
96
|
+
like: 'Test',
|
|
97
|
+
dislike: '',
|
|
98
|
+
});
|
|
99
|
+
|
|
100
|
+
assert.isError(response, 401, 'Submit feedback should fail without authentication');
|
|
101
|
+
},
|
|
102
|
+
},
|
|
103
|
+
],
|
|
104
|
+
};
|
|
@@ -0,0 +1,199 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Test: GET /user/sessions and DELETE /user/sessions
|
|
3
|
+
* Tests the user sessions endpoints
|
|
4
|
+
* GET returns sessions for authenticated users from Realtime Database
|
|
5
|
+
* DELETE signs out all sessions (revokes refresh tokens and clears session data)
|
|
6
|
+
*/
|
|
7
|
+
module.exports = {
|
|
8
|
+
description: 'User sessions (get and sign-out)',
|
|
9
|
+
type: 'group',
|
|
10
|
+
tests: [
|
|
11
|
+
// --- GET /user/sessions tests ---
|
|
12
|
+
|
|
13
|
+
// Test 1: Authenticated user can get sessions
|
|
14
|
+
{
|
|
15
|
+
name: 'get-authenticated-user-succeeds',
|
|
16
|
+
auth: 'basic',
|
|
17
|
+
timeout: 15000,
|
|
18
|
+
|
|
19
|
+
async run({ http, assert }) {
|
|
20
|
+
const response = await http.get('backend-manager/user/sessions', {});
|
|
21
|
+
|
|
22
|
+
assert.isSuccess(response, 'Get active sessions should succeed for authenticated user');
|
|
23
|
+
assert.ok(
|
|
24
|
+
typeof response.data === 'object',
|
|
25
|
+
'Response data should be an object'
|
|
26
|
+
);
|
|
27
|
+
},
|
|
28
|
+
},
|
|
29
|
+
|
|
30
|
+
// Test 2: Default session id is 'app'
|
|
31
|
+
{
|
|
32
|
+
name: 'get-default-session-is-app',
|
|
33
|
+
auth: 'basic',
|
|
34
|
+
timeout: 15000,
|
|
35
|
+
|
|
36
|
+
async run({ http, assert }) {
|
|
37
|
+
// With no id specified, should query sessions/app
|
|
38
|
+
const response = await http.get('backend-manager/user/sessions', {});
|
|
39
|
+
|
|
40
|
+
assert.isSuccess(response, 'Get active sessions should succeed');
|
|
41
|
+
// Response is an object (may be empty if no sessions)
|
|
42
|
+
assert.ok(
|
|
43
|
+
response.data !== undefined,
|
|
44
|
+
'Response should have data'
|
|
45
|
+
);
|
|
46
|
+
},
|
|
47
|
+
},
|
|
48
|
+
|
|
49
|
+
// Test 3: Custom session id
|
|
50
|
+
{
|
|
51
|
+
name: 'get-custom-session-id',
|
|
52
|
+
auth: 'basic',
|
|
53
|
+
timeout: 15000,
|
|
54
|
+
|
|
55
|
+
async run({ http, assert }) {
|
|
56
|
+
const response = await http.get('backend-manager/user/sessions', {
|
|
57
|
+
id: 'custom-session-type',
|
|
58
|
+
});
|
|
59
|
+
|
|
60
|
+
assert.isSuccess(response, 'Get active sessions with custom id should succeed');
|
|
61
|
+
assert.ok(
|
|
62
|
+
typeof response.data === 'object',
|
|
63
|
+
'Response data should be an object'
|
|
64
|
+
);
|
|
65
|
+
},
|
|
66
|
+
},
|
|
67
|
+
|
|
68
|
+
// Test 4: Empty sessions returns empty object
|
|
69
|
+
{
|
|
70
|
+
name: 'get-no-sessions-returns-empty',
|
|
71
|
+
auth: 'basic',
|
|
72
|
+
timeout: 15000,
|
|
73
|
+
|
|
74
|
+
async run({ http, assert }) {
|
|
75
|
+
// Query a session type that definitely doesn't exist
|
|
76
|
+
const response = await http.get('backend-manager/user/sessions', {
|
|
77
|
+
id: 'nonexistent-session-type-12345',
|
|
78
|
+
});
|
|
79
|
+
|
|
80
|
+
assert.isSuccess(response, 'Get sessions for empty type should succeed');
|
|
81
|
+
assert.ok(
|
|
82
|
+
Object.keys(response.data).length === 0,
|
|
83
|
+
'Empty session type should return empty object'
|
|
84
|
+
);
|
|
85
|
+
},
|
|
86
|
+
},
|
|
87
|
+
|
|
88
|
+
// Test 5: Admin can get sessions
|
|
89
|
+
{
|
|
90
|
+
name: 'get-admin-succeeds',
|
|
91
|
+
auth: 'admin',
|
|
92
|
+
timeout: 15000,
|
|
93
|
+
|
|
94
|
+
async run({ http, assert }) {
|
|
95
|
+
const response = await http.get('backend-manager/user/sessions', {});
|
|
96
|
+
|
|
97
|
+
assert.isSuccess(response, 'Get active sessions should succeed for admin');
|
|
98
|
+
},
|
|
99
|
+
},
|
|
100
|
+
|
|
101
|
+
// Test 6: Unauthenticated GET request fails
|
|
102
|
+
{
|
|
103
|
+
name: 'get-unauthenticated-rejected',
|
|
104
|
+
auth: 'none',
|
|
105
|
+
timeout: 15000,
|
|
106
|
+
|
|
107
|
+
async run({ http, assert }) {
|
|
108
|
+
const response = await http.get('backend-manager/user/sessions', {});
|
|
109
|
+
|
|
110
|
+
assert.isError(response, 401, 'Get active sessions should fail without authentication');
|
|
111
|
+
},
|
|
112
|
+
},
|
|
113
|
+
|
|
114
|
+
// --- DELETE /user/sessions tests ---
|
|
115
|
+
|
|
116
|
+
// Test 7: Authenticated user can sign out all sessions
|
|
117
|
+
{
|
|
118
|
+
name: 'delete-authenticated-user-succeeds',
|
|
119
|
+
auth: 'basic',
|
|
120
|
+
timeout: 30000, // Longer timeout due to session cleanup
|
|
121
|
+
|
|
122
|
+
async run({ http, assert }) {
|
|
123
|
+
const response = await http.delete('backend-manager/user/sessions', {});
|
|
124
|
+
|
|
125
|
+
assert.isSuccess(response, 'Sign out all sessions should succeed for authenticated user');
|
|
126
|
+
assert.hasProperty(response, 'data.sessions', 'Response should contain sessions count');
|
|
127
|
+
assert.hasProperty(response, 'data.message', 'Response should contain message');
|
|
128
|
+
assert.ok(
|
|
129
|
+
typeof response.data.sessions === 'number',
|
|
130
|
+
'sessions should be a number'
|
|
131
|
+
);
|
|
132
|
+
assert.ok(
|
|
133
|
+
response.data.sessions >= 0,
|
|
134
|
+
'sessions count should be non-negative'
|
|
135
|
+
);
|
|
136
|
+
},
|
|
137
|
+
},
|
|
138
|
+
|
|
139
|
+
// Test 8: Custom session id for delete
|
|
140
|
+
{
|
|
141
|
+
name: 'delete-custom-session-id',
|
|
142
|
+
auth: 'basic',
|
|
143
|
+
timeout: 30000,
|
|
144
|
+
|
|
145
|
+
async run({ http, assert }) {
|
|
146
|
+
const response = await http.delete('backend-manager/user/sessions', {
|
|
147
|
+
id: 'custom-session-type',
|
|
148
|
+
});
|
|
149
|
+
|
|
150
|
+
assert.isSuccess(response, 'Sign out with custom session id should succeed');
|
|
151
|
+
assert.hasProperty(response, 'data.sessions', 'Response should contain sessions count');
|
|
152
|
+
},
|
|
153
|
+
},
|
|
154
|
+
|
|
155
|
+
// Test 9: Premium user can sign out all sessions
|
|
156
|
+
// Note: backendManagerKey admin doesn't have auth.uid, so we test with premium user instead
|
|
157
|
+
{
|
|
158
|
+
name: 'delete-premium-user-succeeds',
|
|
159
|
+
auth: 'premium-active',
|
|
160
|
+
timeout: 30000,
|
|
161
|
+
|
|
162
|
+
async run({ http, assert }) {
|
|
163
|
+
const response = await http.delete('backend-manager/user/sessions', {});
|
|
164
|
+
|
|
165
|
+
assert.isSuccess(response, 'Sign out all sessions should succeed for premium user');
|
|
166
|
+
assert.hasProperty(response, 'data.sessions', 'Response should contain sessions count');
|
|
167
|
+
},
|
|
168
|
+
},
|
|
169
|
+
|
|
170
|
+
// Test 10: Multiple calls are idempotent
|
|
171
|
+
{
|
|
172
|
+
name: 'delete-idempotent-operation',
|
|
173
|
+
auth: 'basic',
|
|
174
|
+
timeout: 30000,
|
|
175
|
+
|
|
176
|
+
async run({ http, assert }) {
|
|
177
|
+
// Call twice in a row - both should succeed
|
|
178
|
+
const response1 = await http.delete('backend-manager/user/sessions', {});
|
|
179
|
+
const response2 = await http.delete('backend-manager/user/sessions', {});
|
|
180
|
+
|
|
181
|
+
assert.isSuccess(response1, 'First sign out should succeed');
|
|
182
|
+
assert.isSuccess(response2, 'Second sign out should succeed (idempotent)');
|
|
183
|
+
},
|
|
184
|
+
},
|
|
185
|
+
|
|
186
|
+
// Test 11: Unauthenticated DELETE request fails
|
|
187
|
+
{
|
|
188
|
+
name: 'delete-unauthenticated-rejected',
|
|
189
|
+
auth: 'none',
|
|
190
|
+
timeout: 15000,
|
|
191
|
+
|
|
192
|
+
async run({ http, assert }) {
|
|
193
|
+
const response = await http.delete('backend-manager/user/sessions', {});
|
|
194
|
+
|
|
195
|
+
assert.isError(response, 401, 'Sign out all sessions should fail without authentication');
|
|
196
|
+
},
|
|
197
|
+
},
|
|
198
|
+
],
|
|
199
|
+
};
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Test: POST /user/settings/validate
|
|
3
|
+
* Tests the user validate settings endpoint
|
|
4
|
+
* Requires authentication and validates settings against schema
|
|
5
|
+
*
|
|
6
|
+
* SKIPPED: Requires project-specific defaults.js file which BEM test environment doesn't have
|
|
7
|
+
*/
|
|
8
|
+
module.exports = {
|
|
9
|
+
description: 'User validate settings',
|
|
10
|
+
skip: 'Requires project-specific defaults.js file',
|
|
11
|
+
type: 'group',
|
|
12
|
+
tests: [
|
|
13
|
+
// Test 1: Authenticated user can validate settings
|
|
14
|
+
{
|
|
15
|
+
name: 'authenticated-user-succeeds',
|
|
16
|
+
auth: 'basic',
|
|
17
|
+
timeout: 15000,
|
|
18
|
+
|
|
19
|
+
async run({ http, assert }) {
|
|
20
|
+
const response = await http.post('backend-manager/user/settings/validate', {
|
|
21
|
+
existingSettings: {},
|
|
22
|
+
newSettings: {},
|
|
23
|
+
});
|
|
24
|
+
|
|
25
|
+
assert.isSuccess(response, 'Validate settings should succeed for authenticated user');
|
|
26
|
+
},
|
|
27
|
+
},
|
|
28
|
+
|
|
29
|
+
// Test 2: With existing settings
|
|
30
|
+
{
|
|
31
|
+
name: 'with-existing-settings',
|
|
32
|
+
auth: 'basic',
|
|
33
|
+
timeout: 15000,
|
|
34
|
+
|
|
35
|
+
async run({ http, assert }) {
|
|
36
|
+
const response = await http.post('backend-manager/user/settings/validate', {
|
|
37
|
+
existingSettings: {
|
|
38
|
+
theme: 'dark',
|
|
39
|
+
notifications: true,
|
|
40
|
+
},
|
|
41
|
+
newSettings: {
|
|
42
|
+
theme: 'light',
|
|
43
|
+
},
|
|
44
|
+
});
|
|
45
|
+
|
|
46
|
+
assert.isSuccess(response, 'Validate settings with data should succeed');
|
|
47
|
+
},
|
|
48
|
+
},
|
|
49
|
+
|
|
50
|
+
// Test 3: Premium user can validate settings
|
|
51
|
+
{
|
|
52
|
+
name: 'premium-user-succeeds',
|
|
53
|
+
auth: 'premium-active',
|
|
54
|
+
timeout: 15000,
|
|
55
|
+
|
|
56
|
+
async run({ http, assert }) {
|
|
57
|
+
const response = await http.post('backend-manager/user/settings/validate', {
|
|
58
|
+
existingSettings: {},
|
|
59
|
+
newSettings: {},
|
|
60
|
+
});
|
|
61
|
+
|
|
62
|
+
assert.isSuccess(response, 'Validate settings should succeed for premium user');
|
|
63
|
+
},
|
|
64
|
+
},
|
|
65
|
+
|
|
66
|
+
// Test 4: Unauthenticated request fails
|
|
67
|
+
{
|
|
68
|
+
name: 'unauthenticated-rejected',
|
|
69
|
+
auth: 'none',
|
|
70
|
+
timeout: 15000,
|
|
71
|
+
|
|
72
|
+
async run({ http, assert }) {
|
|
73
|
+
const response = await http.post('backend-manager/user/settings/validate', {
|
|
74
|
+
existingSettings: {},
|
|
75
|
+
newSettings: {},
|
|
76
|
+
});
|
|
77
|
+
|
|
78
|
+
assert.isError(response, 401, 'Validate settings should fail without authentication');
|
|
79
|
+
},
|
|
80
|
+
},
|
|
81
|
+
],
|
|
82
|
+
};
|