insforge 1.2.10 → 1.3.0

package/backend/tests/local/test-traditional-rest.sh

@@ -1,209 +1,209 @@
-#!/bin/bash
-
-# Test Traditional REST Response Format
-# This script tests various API endpoints to ensure they follow traditional REST conventions
-
-# Get the directory where this script is located
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-
-# Source the test configuration
-source "$SCRIPT_DIR/../test-config.sh"
-
-# Check requirements
-check_requirements
-
-print_blue "🧪 Testing Traditional REST Response Format..."
-
-# API Configuration
-API_BASE="$TEST_API_BASE"
-TEST_USER_EMAIL="testuser_rest_$(date +%s)@example.com"
-TEST_USER_PASSWORD="TestPass123!"
-AUTH_TOKEN=""
-
-# Function to test response format
-test_response_format() {
-    local test_name="$1"
-    local response="$2"
-    local expected_pattern="$3"
-    local should_not_exist="${4:-false}"
-    
-    if [ "$should_not_exist" == "true" ]; then
-        # Check that pattern does NOT exist
-        if ! echo "$response" | grep -q "$expected_pattern"; then
-            print_success "$test_name"
-            return 0
-        else
-            print_fail "$test_name - found unwanted pattern: $expected_pattern"
-            track_test_failure
-            return 1
-        fi
-    else
-        # Check that pattern exists
-        if echo "$response" | grep -q "$expected_pattern"; then
-            print_success "$test_name"
-            return 0
-        else
-            print_fail "$test_name - missing pattern: $expected_pattern"
-            echo "  Response: $(echo "$response" | head -c 200)..."
-            track_test_failure
-            return 1
-        fi
-    fi
-}
-
-# 1. Test Health Endpoint
-print_info "1. Testing Health Endpoint (Success Response)"
-response=$(curl -s "$API_BASE/health")
-test_response_format "Direct data response" "$response" '"status":"ok"'
-test_response_format "No success wrapper" "$response" '"success":true' "true"
-test_response_format "No data wrapper" "$response" '"data":{' "true"
-
-# 2. Test Authentication Errors
-print_info "2. Testing Authentication Errors"
-response=$(curl -s "$API_BASE/auth/sessions/current")
-test_response_format "Error format" "$response" '"error":"AUTH_INVALID_CREDENTIALS"'
-test_response_format "Message field" "$response" '"message":"No token provided"'
-# JWT auth includes error and message fields
-
-# 3. Test Login Endpoint (Missing Credentials)
-print_info "3. Testing Login Endpoint (Missing Credentials)"
-response=$(curl -s -X POST "$API_BASE/auth/sessions" \
-    -H "Content-Type: application/json" \
-    -d '{}')
-test_response_format "Error response" "$response" '"error":"INVALID_INPUT"'
-test_response_format "Message field" "$response" '"message":"email: Required, password: Required"'
-
-# 4. Test Invalid Endpoint (404)
-print_info "4. Testing Invalid Endpoint (404)"
-response=$(curl -s "$API_BASE/nonexistent")
-test_response_format "404 error" "$response" '"statusCode":404'
-test_response_format "Not found message" "$response" '"error":"NOT_FOUND"'
-
-ADMIN_TOKEN=$(get_admin_token)
-
-# 5. Test with Authentication
-print_info "5. Creating test user for authenticated tests"
-auth_response=$(curl -s -X POST "$API_BASE/auth/users" \
-    -H "Content-Type: application/json" \
-    -d "{
-        \"email\": \"$TEST_USER_EMAIL\",
-        \"password\": \"$TEST_USER_PASSWORD\",
-        \"name\": \"Test User\"
-    }")
-
-# Check if registration was successful
-if echo "$auth_response" | grep -q '"accessToken"'; then
-    AUTH_TOKEN=$(echo "$auth_response" | grep -o '"accessToken":"[^"]*' | cut -d'"' -f4)
-    print_success "User registered successfully"
-    register_test_user "$TEST_USER_EMAIL"
-    
-    # Test authenticated endpoints
-    print_info "6. Testing Database Tables List (Authenticated)"
-    response=$(curl -s "$API_BASE/database/tables" \
-        -H "Authorization: Bearer $ADMIN_TOKEN")
-    test_response_format "Direct array response" "$response" '^\['
-    test_response_format "No wrapper object" "$response" '"data":\[' "true"
-    
-    # Test table creation
-    print_info "7. Testing Create Table (Success Response)"
-    TABLE_NAME="test_rest_table_$(date +%s)"
-    response=$(curl -s -X POST "$API_BASE/database/tables" \
-        -H "Authorization: Bearer $ADMIN_TOKEN" \
-        -H "Content-Type: application/json" \
-        -d "{
-            \"tableName\": \"$TABLE_NAME\",
-            \"rlsEnabled\": false,
-            \"columns\": [
-                {\"columnName\": \"id\", \"type\": \"uuid\", \"isNullable\": false, \"isUnique\": false, \"defaultValue\": \"gen_random_uuid()\"},
-                {\"columnName\": \"title\", \"type\": \"string\", \"isNullable\": false, \"isUnique\": false}
-            ]
-        }")
-    
-    if echo "$response" | grep -q '"tableName"'; then
-        print_success "Table created"
-        register_test_table "$TABLE_NAME"
-        test_response_format "Direct object response" "$response" "\"tableName\":\"$TABLE_NAME\""
-        test_response_format "No success wrapper" "$response" '"success":true' "true"
-    else
-        print_fail "Table creation failed"
-        echo "Response: $response"
-        track_test_failure
-    fi
-    
-    # Test pagination headers
-    print_info "8. Testing Pagination Headers"
-    # Use -I for headers, but we need both headers and body
-    full_response=$(curl -s -i "$API_BASE/logs/audits?limit=10" \
-        -H "Authorization: Bearer $ADMIN_TOKEN")
-    
-    # Extract headers (everything before empty line)
-    headers=$(echo "$full_response" | awk 'BEGIN{RS="\r\n\r\n"} NR==1')
-    
-    # Test for PostgREST-style Content-Range header (format: start-end/total)
-    test_response_format "Content-Range header" "$headers" 'Content-Range:'
-    test_response_format "Preference-Applied header" "$headers" 'Preference-Applied:'
-    
-else
-    print_fail "Failed to register user"
-    echo "Response: $auth_response"
-    track_test_failure
-fi
-
-# 9. Test Storage API (requires API key)
-print_info "9. Testing Storage API Format"
-# First get admin token if we don't have it
-if [ -z "$AUTH_TOKEN" ]; then
-    admin_token=$(get_admin_token)
-else
-    admin_token="$AUTH_TOKEN"
-fi
-
-# Try to get API key from the API endpoint first
-if [ -n "$admin_token" ]; then
-    api_key_response=$(curl -s "$API_BASE/metadata/api-key" \
-        -H "Authorization: Bearer $admin_token")
-    API_KEY=$(echo "$api_key_response" | grep -o '"apiKey":"[^"]*' | cut -d'"' -f4)
-fi
-
-# If that fails, try the helper function  
-if [ -z "$API_KEY" ]; then
-    API_KEY=$(get_admin_api_key)
-fi
-
-# Export for cleanup
-if [ -n "$API_KEY" ]; then
-    export ACCESS_API_KEY="$API_KEY"
-    # List buckets
-    response=$(curl -s "$API_BASE/storage/buckets" \
-        -H "Authorization: Bearer $API_KEY")
-    test_response_format "Direct array for buckets" "$response" '^\['
-    
-    # Create a test bucket
-    BUCKET_NAME="test-rest-bucket-$(date +%s)"
-    response=$(curl -s -X POST "$API_BASE/storage/buckets" \
-        -H "Content-Type: application/json" \
-        -H "Authorization: Bearer $API_KEY" \
-        -d "{\"bucketName\": \"$BUCKET_NAME\", \"isPublic\": true}")
-    
-    if echo "$response" | grep -q '"bucketName"'; then
-        print_success "Bucket created"
-        register_test_bucket "$BUCKET_NAME"
-        test_response_format "Success message field" "$response" '"message":"Bucket created successfully"'
-        test_response_format "NextAction guidance" "$response" '"nextActions":'
-    else
-        print_fail "Bucket creation failed"
-        echo "Response: $response"
-        track_test_failure
-    fi
-else
-    print_info "Skipping storage tests (no API key available)"
-fi
-
-# Summary
-echo ""
-print_blue "=========================================="
-print_blue "Traditional REST Format Test Complete"
-print_blue "=========================================="
-
-# Exit with proper status
+#!/bin/bash
+
+# Test Traditional REST Response Format
+# This script tests various API endpoints to ensure they follow traditional REST conventions
+
+# Get the directory where this script is located
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+# Source the test configuration
+source "$SCRIPT_DIR/../test-config.sh"
+
+# Check requirements
+check_requirements
+
+print_blue "🧪 Testing Traditional REST Response Format..."
+
+# API Configuration
+API_BASE="$TEST_API_BASE"
+TEST_USER_EMAIL="testuser_rest_$(date +%s)@example.com"
+TEST_USER_PASSWORD="TestPass123!"
+AUTH_TOKEN=""
+
+# Function to test response format
+test_response_format() {
+    local test_name="$1"
+    local response="$2"
+    local expected_pattern="$3"
+    local should_not_exist="${4:-false}"
+    
+    if [ "$should_not_exist" == "true" ]; then
+        # Check that pattern does NOT exist
+        if ! echo "$response" | grep -q "$expected_pattern"; then
+            print_success "$test_name"
+            return 0
+        else
+            print_fail "$test_name - found unwanted pattern: $expected_pattern"
+            track_test_failure
+            return 1
+        fi
+    else
+        # Check that pattern exists
+        if echo "$response" | grep -q "$expected_pattern"; then
+            print_success "$test_name"
+            return 0
+        else
+            print_fail "$test_name - missing pattern: $expected_pattern"
+            echo "  Response: $(echo "$response" | head -c 200)..."
+            track_test_failure
+            return 1
+        fi
+    fi
+}
+
+# 1. Test Health Endpoint
+print_info "1. Testing Health Endpoint (Success Response)"
+response=$(curl -s "$API_BASE/health")
+test_response_format "Direct data response" "$response" '"status":"ok"'
+test_response_format "No success wrapper" "$response" '"success":true' "true"
+test_response_format "No data wrapper" "$response" '"data":{' "true"
+
+# 2. Test Authentication Errors
+print_info "2. Testing Authentication Errors"
+response=$(curl -s "$API_BASE/auth/sessions/current")
+test_response_format "Error format" "$response" '"error":"AUTH_INVALID_CREDENTIALS"'
+test_response_format "Message field" "$response" '"message":"No token provided"'
+# JWT auth includes error and message fields
+
+# 3. Test Login Endpoint (Missing Credentials)
+print_info "3. Testing Login Endpoint (Missing Credentials)"
+response=$(curl -s -X POST "$API_BASE/auth/sessions" \
+    -H "Content-Type: application/json" \
+    -d '{}')
+test_response_format "Error response" "$response" '"error":"INVALID_INPUT"'
+test_response_format "Message field" "$response" '"message":"email: Required, password: Required"'
+
+# 4. Test Invalid Endpoint (404)
+print_info "4. Testing Invalid Endpoint (404)"
+response=$(curl -s "$API_BASE/nonexistent")
+test_response_format "404 error" "$response" '"statusCode":404'
+test_response_format "Not found message" "$response" '"error":"NOT_FOUND"'
+
+ADMIN_TOKEN=$(get_admin_token)
+
+# 5. Test with Authentication
+print_info "5. Creating test user for authenticated tests"
+auth_response=$(curl -s -X POST "$API_BASE/auth/users" \
+    -H "Content-Type: application/json" \
+    -d "{
+        \"email\": \"$TEST_USER_EMAIL\",
+        \"password\": \"$TEST_USER_PASSWORD\",
+        \"name\": \"Test User\"
+    }")
+
+# Check if registration was successful
+if echo "$auth_response" | grep -q '"accessToken"'; then
+    AUTH_TOKEN=$(echo "$auth_response" | grep -o '"accessToken":"[^"]*' | cut -d'"' -f4)
+    print_success "User registered successfully"
+    register_test_user "$TEST_USER_EMAIL"
+    
+    # Test authenticated endpoints
+    print_info "6. Testing Database Tables List (Authenticated)"
+    response=$(curl -s "$API_BASE/database/tables" \
+        -H "Authorization: Bearer $ADMIN_TOKEN")
+    test_response_format "Direct array response" "$response" '^\['
+    test_response_format "No wrapper object" "$response" '"data":\[' "true"
+    
+    # Test table creation
+    print_info "7. Testing Create Table (Success Response)"
+    TABLE_NAME="test_rest_table_$(date +%s)"
+    response=$(curl -s -X POST "$API_BASE/database/tables" \
+        -H "Authorization: Bearer $ADMIN_TOKEN" \
+        -H "Content-Type: application/json" \
+        -d "{
+            \"tableName\": \"$TABLE_NAME\",
+            \"rlsEnabled\": false,
+            \"columns\": [
+                {\"columnName\": \"id\", \"type\": \"uuid\", \"isNullable\": false, \"isUnique\": false, \"defaultValue\": \"gen_random_uuid()\"},
+                {\"columnName\": \"title\", \"type\": \"string\", \"isNullable\": false, \"isUnique\": false}
+            ]
+        }")
+    
+    if echo "$response" | grep -q '"tableName"'; then
+        print_success "Table created"
+        register_test_table "$TABLE_NAME"
+        test_response_format "Direct object response" "$response" "\"tableName\":\"$TABLE_NAME\""
+        test_response_format "No success wrapper" "$response" '"success":true' "true"
+    else
+        print_fail "Table creation failed"
+        echo "Response: $response"
+        track_test_failure
+    fi
+    
+    # Test pagination headers
+    print_info "8. Testing Pagination Headers"
+    # Use -I for headers, but we need both headers and body
+    full_response=$(curl -s -i "$API_BASE/logs/audits?limit=10" \
+        -H "Authorization: Bearer $ADMIN_TOKEN")
+    
+    # Extract headers (everything before empty line)
+    headers=$(echo "$full_response" | awk 'BEGIN{RS="\r\n\r\n"} NR==1')
+    
+    # Test for PostgREST-style Content-Range header (format: start-end/total)
+    test_response_format "Content-Range header" "$headers" 'Content-Range:'
+    test_response_format "Preference-Applied header" "$headers" 'Preference-Applied:'
+    
+else
+    print_fail "Failed to register user"
+    echo "Response: $auth_response"
+    track_test_failure
+fi
+
+# 9. Test Storage API (requires API key)
+print_info "9. Testing Storage API Format"
+# First get admin token if we don't have it
+if [ -z "$AUTH_TOKEN" ]; then
+    admin_token=$(get_admin_token)
+else
+    admin_token="$AUTH_TOKEN"
+fi
+
+# Try to get API key from the API endpoint first
+if [ -n "$admin_token" ]; then
+    api_key_response=$(curl -s "$API_BASE/metadata/api-key" \
+        -H "Authorization: Bearer $admin_token")
+    API_KEY=$(echo "$api_key_response" | grep -o '"apiKey":"[^"]*' | cut -d'"' -f4)
+fi
+
+# If that fails, try the helper function  
+if [ -z "$API_KEY" ]; then
+    API_KEY=$(get_admin_api_key)
+fi
+
+# Export for cleanup
+if [ -n "$API_KEY" ]; then
+    export ACCESS_API_KEY="$API_KEY"
+    # List buckets
+    response=$(curl -s "$API_BASE/storage/buckets" \
+        -H "Authorization: Bearer $API_KEY")
+    test_response_format "Direct array for buckets" "$response" '^\['
+    
+    # Create a test bucket
+    BUCKET_NAME="test-rest-bucket-$(date +%s)"
+    response=$(curl -s -X POST "$API_BASE/storage/buckets" \
+        -H "Content-Type: application/json" \
+        -H "Authorization: Bearer $API_KEY" \
+        -d "{\"bucketName\": \"$BUCKET_NAME\", \"isPublic\": true}")
+    
+    if echo "$response" | grep -q '"bucketName"'; then
+        print_success "Bucket created"
+        register_test_bucket "$BUCKET_NAME"
+        test_response_format "Success message field" "$response" '"message":"Bucket created successfully"'
+        test_response_format "NextAction guidance" "$response" '"nextActions":'
+    else
+        print_fail "Bucket creation failed"
+        echo "Response: $response"
+        track_test_failure
+    fi
+else
+    print_info "Skipping storage tests (no API key available)"
+fi
+
+# Summary
+echo ""
+print_blue "=========================================="
+print_blue "Traditional REST Format Test Complete"
+print_blue "=========================================="
+
+# Exit with proper status
 exit_with_status

package/backend/tests/manual/README.md

@@ -1,51 +1,51 @@
-# Manual Tests
-
-This directory contains tests that need to be run manually and are not included in the automated test suite.
-
-## Better Auth Tests
-
-These tests are for the Better Auth v2 implementation.
-
-### Running Better Auth Tests
-
-Run the Better Auth test:
-```bash
-./tests/manual/test-better-auth.sh
-```
-
-### Prerequisites
-
-- Docker must be running with the InsForge backend on port 7130
-- Admin credentials should be configured in environment variables:
-  - `ADMIN_EMAIL` (default: admin@example.com)
-  - `ADMIN_PASSWORD` (default: change-this-password)
-
-### Example Commands
-
-```bash
-# Run from the backend directory
-cd backend
-
-# Run Better Auth test
-./tests/manual/test-better-auth.sh
-
-# Run with custom admin credentials
-ADMIN_EMAIL=admin@mycompany.com ADMIN_PASSWORD=mysecurepass ./tests/manual/test-better-auth.sh
-```
-
-### Test Coverage
-
-The test covers:
-- Admin authentication (sign-in, wrong password, non-admin email)
-- User registration and sign-in
-- Admin user management (list users with pagination)
-- JWT token verification (admin role and type claims)
-- Authorization checks (admin-only endpoints)
-- Error handling (invalid email format, missing fields)
-
-### Why These Tests Are Manual
-
-These tests are kept separate because:
-1. They use authentication endpoints (`/api/auth/v2/*`) that require specific setup
-2. They test admin-specific functionality that needs manual verification
+# Manual Tests
+
+This directory contains tests that need to be run manually and are not included in the automated test suite.
+
+## Better Auth Tests
+
+These tests are for the Better Auth v2 implementation.
+
+### Running Better Auth Tests
+
+Run the Better Auth test:
+```bash
+./tests/manual/test-better-auth.sh
+```
+
+### Prerequisites
+
+- Docker must be running with the InsForge backend on port 7130
+- Admin credentials should be configured in environment variables:
+  - `ADMIN_EMAIL` (default: admin@example.com)
+  - `ADMIN_PASSWORD` (default: change-this-password)
+
+### Example Commands
+
+```bash
+# Run from the backend directory
+cd backend
+
+# Run Better Auth test
+./tests/manual/test-better-auth.sh
+
+# Run with custom admin credentials
+ADMIN_EMAIL=admin@mycompany.com ADMIN_PASSWORD=mysecurepass ./tests/manual/test-better-auth.sh
+```
+
+### Test Coverage
+
+The test covers:
+- Admin authentication (sign-in, wrong password, non-admin email)
+- User registration and sign-in
+- Admin user management (list users with pagination)
+- JWT token verification (admin role and type claims)
+- Authorization checks (admin-only endpoints)
+- Error handling (invalid email format, missing fields)
+
+### Why These Tests Are Manual
+
+These tests are kept separate because:
+1. They use authentication endpoints (`/api/auth/v2/*`) that require specific setup
+2. They test admin-specific functionality that needs manual verification
 3. They verify JWT token structure and claims that may vary between environments

package/backend/tests/manual/create-large-table-simple.sql

@@ -1,11 +1,11 @@
--- Create large_table with basic structure
-CREATE TABLE IF NOT EXISTS large_table (
-    id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
-    user_id UUID NOT NULL,
-    title TEXT NOT NULL,
-    content TEXT,
-    status VARCHAR(50) DEFAULT 'active',
-    metadata JSONB DEFAULT '{}',
-    created_at TIMESTAMPTZ DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMPTZ DEFAULT CURRENT_TIMESTAMP
+-- Create large_table with basic structure
+CREATE TABLE IF NOT EXISTS large_table (
+    id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
+    user_id UUID NOT NULL,
+    title TEXT NOT NULL,
+    content TEXT,
+    status VARCHAR(50) DEFAULT 'active',
+    metadata JSONB DEFAULT '{}',
+    created_at TIMESTAMPTZ DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMPTZ DEFAULT CURRENT_TIMESTAMP
 );