npm - kybernus - Versions diffs - 3.0.1 → 3.2.0 - Mend

kybernus 3.0.1 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (392) hide show

package/templates/ecommerce/apps/api/src/modules/payment/__tests__/stripe-webhook.unit.test.ts ADDED Viewed

@@ -0,0 +1,330 @@
+/**
+ * StripeWebhookHandler — Unit Tests
+ * Stripe SDK mocked; IOrderRepository mocked; ICouponRepository mocked.
+ */
+jest.mock('stripe');
+import Stripe from 'stripe';
+import { StripeWebhookHandler } from '../stripe-webhook.handler';
+import { IOrderRepository } from '../../checkout/order.repository';
+import { ICouponRepository } from '../../cart/coupon.repository';
+const mockConstructEvent = jest.fn();
+(Stripe as jest.MockedClass<typeof Stripe>).mockImplementation(() => ({
+  webhooks: {
+    constructEvent: mockConstructEvent,
+  },
+} as unknown as Stripe));
+function makeOrderRepo(): jest.Mocked<IOrderRepository> {
+  return {
+    findById: jest.fn(),
+    findByPaymentIntentId: jest.fn(),
+    findByUserId: jest.fn(),
+    findAll: jest.fn(),
+    create: jest.fn(),
+    update: jest.fn(),
+  } as jest.Mocked<IOrderRepository>;
+}
+function makeCouponRepo(): jest.Mocked<ICouponRepository> {
+  return {
+    findByCode: jest.fn(),
+    findById: jest.fn(),
+    save: jest.fn(),
+    findAll: jest.fn(),
+    deleteById: jest.fn(),
+    incrementUsage: jest.fn(),
+  } as jest.Mocked<ICouponRepository>;
+}
+function makeSucceededEvent(piId = 'pi_123') {
+  return {
+    id: `evt_${piId}`,
+    type: 'payment_intent.succeeded',
+    data: { object: { id: piId } as Stripe.PaymentIntent },
+  } as Stripe.Event;
+}
+function makeFailedEvent(piId = 'pi_456') {
+  return {
+    id: `evt_${piId}`,
+    type: 'payment_intent.payment_failed',
+    data: { object: { id: piId } as Stripe.PaymentIntent },
+  } as Stripe.Event;
+}
+describe('StripeWebhookHandler — Unit', () => {
+  let orderRepo: jest.Mocked<IOrderRepository>;
+  let couponRepo: jest.Mocked<ICouponRepository>;
+  let handler: StripeWebhookHandler;
+  beforeEach(() => {
+    jest.clearAllMocks();
+    orderRepo = makeOrderRepo();
+    couponRepo = makeCouponRepo();
+    handler = new StripeWebhookHandler('sk_test_fake', 'whsec_fake', orderRepo, couponRepo);
+  });
+  it('deve processar evento payment_intent.succeeded e atualizar pedido para PAID', async () => {
+    const event = makeSucceededEvent('pi_123');
+    mockConstructEvent.mockReturnValue(event);
+    const { OrderEntity } = await import('../../checkout/order.entity');
+    const order = OrderEntity.create({
+      userId: 'user-1',
+      items: [{ id: 'item-1', variantId: 'v1', productId: 'p1', name: 'T-shirt', sku: 'TS-P', price: 99.9, qty: 1, image: null }],
+      subtotal: 99.9,
+      discount: 0,
+      shippingCost: 18.5,
+      tax: 0,
+      total: 118.4,
+      couponCode: null,
+      paymentIntentId: 'pi_123',
+      shippingAddress: null,
+    });
+    orderRepo.findByPaymentIntentId.mockResolvedValue(order);
+    orderRepo.update.mockImplementation(async (o) => o);
+    await handler.handleEvent(JSON.stringify({}), 'sig');
+    expect(orderRepo.update).toHaveBeenCalled();
+    const updated = orderRepo.update.mock.calls[0]![0];
+    expect(updated.status).toBe('PAID');
+  });
+  it('deve processar evento payment_intent.payment_failed e atualizar pedido para FAILED', async () => {
+    const event = makeFailedEvent('pi_456');
+    mockConstructEvent.mockReturnValue(event);
+    const { OrderEntity } = await import('../../checkout/order.entity');
+    const order = OrderEntity.create({
+      userId: 'user-1',
+      items: [],
+      subtotal: 50,
+      discount: 0,
+      shippingCost: 0,
+      tax: 0,
+      total: 50,
+      couponCode: null,
+      paymentIntentId: 'pi_456',
+      shippingAddress: null,
+    });
+    orderRepo.findByPaymentIntentId.mockResolvedValue(order);
+    orderRepo.update.mockImplementation(async (o) => o);
+    await handler.handleEvent(JSON.stringify({}), 'sig');
+    const updated = orderRepo.update.mock.calls[0]![0];
+    expect(updated.status).toBe('FAILED');
+  });
+  it('deve rejeitar webhook com assinatura inválida (400)', async () => {
+    mockConstructEvent.mockImplementation(() => {
+      const err = new Error('No signatures found matching the expected signature');
+      Object.assign(err, { type: 'StripeSignatureVerificationError' });
+      throw err;
+    });
+    await expect(handler.handleEvent('{}', 'bad-sig')).rejects.toThrow('assinatura');
+  });
+  it('deve ser idempotente — processar o mesmo evento duas vezes não duplica ação', async () => {
+    const event = makeSucceededEvent('pi_789');
+    mockConstructEvent.mockReturnValue(event);
+    const { OrderEntity } = await import('../../checkout/order.entity');
+    const paid = OrderEntity.create({
+      userId: 'u1', items: [], subtotal: 10, discount: 0, shippingCost: 0, tax: 0, total: 10,
+      couponCode: null, paymentIntentId: 'pi_789', shippingAddress: null,
+    }).pay();
+    orderRepo.findByPaymentIntentId.mockResolvedValue(paid);
+    await handler.handleEvent(JSON.stringify({}), 'sig');
+    // Already PAID → update should NOT have been called again
+    expect(orderRepo.update).not.toHaveBeenCalled();
+  });
+  it('deve ignorar eventos desconhecidos sem lançar erro', async () => {
+    const event = { id: 'evt_x', type: 'customer.created', data: { object: {} } } as Stripe.Event;
+    mockConstructEvent.mockReturnValue(event);
+    await expect(handler.handleEvent(JSON.stringify({}), 'sig')).resolves.toBeUndefined();
+    expect(orderRepo.update).not.toHaveBeenCalled();
+  });
+});
+describe('StripeWebhookHandler — usageCount', () => {
+  let orderRepo: jest.Mocked<IOrderRepository>;
+  let couponRepo: jest.Mocked<ICouponRepository>;
+  let handler: StripeWebhookHandler;
+  beforeEach(() => {
+    jest.clearAllMocks();
+    orderRepo = makeOrderRepo();
+    couponRepo = makeCouponRepo();
+    handler = new StripeWebhookHandler('sk_test_fake', 'whsec_fake', orderRepo, couponRepo);
+  });
+  it('incrementa usageCount do cupom quando payment_intent.succeeded e pedido tem couponCode', async () => {
+    const event = makeSucceededEvent('pi_coupon1');
+    mockConstructEvent.mockReturnValue(event);
+    const { OrderEntity } = await import('../../checkout/order.entity');
+    const order = OrderEntity.create({
+      userId: 'u1',
+      items: [],
+      subtotal: 100,
+      discount: 10,
+      shippingCost: 0,
+      tax: 0,
+      total: 90,
+      couponCode: 'PROMO10',
+      paymentIntentId: 'pi_coupon1',
+      shippingAddress: null,
+    });
+    orderRepo.findByPaymentIntentId.mockResolvedValue(order);
+    orderRepo.update.mockImplementation(async (o) => o);
+    couponRepo.incrementUsage.mockResolvedValue(undefined);
+    await handler.handleEvent(JSON.stringify({}), 'sig');
+    expect(couponRepo.incrementUsage).toHaveBeenCalledWith('PROMO10');
+  });
+  it('não falha se pedido não tiver cupom (couponCode null)', async () => {
+    const event = makeSucceededEvent('pi_nocoupon');
+    mockConstructEvent.mockReturnValue(event);
+    const { OrderEntity } = await import('../../checkout/order.entity');
+    const order = OrderEntity.create({
+      userId: 'u1',
+      items: [],
+      subtotal: 50,
+      discount: 0,
+      shippingCost: 0,
+      tax: 0,
+      total: 50,
+      couponCode: null,
+      paymentIntentId: 'pi_nocoupon',
+      shippingAddress: null,
+    });
+    orderRepo.findByPaymentIntentId.mockResolvedValue(order);
+    orderRepo.update.mockImplementation(async (o) => o);
+    await expect(handler.handleEvent(JSON.stringify({}), 'sig')).resolves.toBeUndefined();
+    expect(couponRepo.incrementUsage).not.toHaveBeenCalled();
+  });
+});
+// ── Phase 14 — Email transacional no webhook ─────────────────────────────────
+import { IEmailService } from '../../../shared/infra/email/IEmailService';
+import { IUserRepository } from '../../auth/user.repository';
+function makeEmailService(): jest.Mocked<IEmailService> {
+  return { send: jest.fn().mockResolvedValue(undefined) };
+}
+function makeUserRepo(): jest.Mocked<IUserRepository> {
+  return {
+    findByEmail: jest.fn(),
+    findById: jest.fn(),
+    create: jest.fn(),
+    update: jest.fn(),
+    delete: jest.fn(),
+    findAll: jest.fn(),
+  } as jest.Mocked<IUserRepository>;
+}
+describe('StripeWebhookHandler — emails (Phase 14)', () => {
+  let orderRepo: jest.Mocked<IOrderRepository>;
+  let couponRepo: jest.Mocked<ICouponRepository>;
+  let emailService: jest.Mocked<IEmailService>;
+  let userRepo: jest.Mocked<IUserRepository>;
+  let handler: StripeWebhookHandler;
+  beforeEach(async () => {
+    jest.clearAllMocks();
+    orderRepo = makeOrderRepo();
+    couponRepo = makeCouponRepo();
+    emailService = makeEmailService();
+    userRepo = makeUserRepo();
+    handler = new StripeWebhookHandler(
+      'sk_test_fake',
+      'whsec_fake',
+      orderRepo,
+      couponRepo,
+      emailService,
+      userRepo,
+    );
+  });
+  it('chama emailService.send() com subject "Pedido confirmado" em payment_intent.succeeded', async () => {
+    const event = makeSucceededEvent('pi_email1');
+    mockConstructEvent.mockReturnValue(event);
+    const { OrderEntity } = await import('../../checkout/order.entity');
+    const order = OrderEntity.create({
+      userId: 'user-email-1',
+      items: [{ id: 'i1', variantId: 'v1', productId: 'p1', name: 'Camiseta', sku: 'CAM-P', price: 99.9, qty: 2, image: null }],
+      subtotal: 199.8,
+      discount: 0,
+      shippingCost: 15,
+      tax: 0,
+      total: 214.8,
+      couponCode: null,
+      paymentIntentId: 'pi_email1',
+      shippingAddress: null,
+    });
+    orderRepo.findByPaymentIntentId.mockResolvedValue(order);
+    orderRepo.update.mockImplementation(async (o) => o);
+    const { UserEntity } = await import('../../auth/user.entity');
+    const user = UserEntity.create({ name: 'Cliente', email: 'cliente@test.com', passwordHash: 'h', role: 'CUSTOMER' });
+    userRepo.findById.mockResolvedValue(user);
+    await handler.handleEvent(JSON.stringify({}), 'sig');
+    expect(emailService.send).toHaveBeenCalledWith(
+      'cliente@test.com',
+      expect.stringContaining('confirmado'),
+      expect.any(String),
+    );
+  });
+  it('não falha se emailService.send() lançar (erro silencioso para não bloquear webhook)', async () => {
+    const event = makeSucceededEvent('pi_email_err');
+    mockConstructEvent.mockReturnValue(event);
+    const { OrderEntity } = await import('../../checkout/order.entity');
+    const order = OrderEntity.create({
+      userId: 'user-email-2',
+      items: [],
+      subtotal: 50,
+      discount: 0,
+      shippingCost: 0,
+      tax: 0,
+      total: 50,
+      couponCode: null,
+      paymentIntentId: 'pi_email_err',
+      shippingAddress: null,
+    });
+    orderRepo.findByPaymentIntentId.mockResolvedValue(order);
+    orderRepo.update.mockImplementation(async (o) => o);
+    const { UserEntity } = await import('../../auth/user.entity');
+    const user = UserEntity.create({ name: 'Cliente', email: 'err@test.com', passwordHash: 'h', role: 'CUSTOMER' });
+    userRepo.findById.mockResolvedValue(user);
+    // email throws
+    emailService.send.mockRejectedValue(new Error('SMTP down'));
+    // handler must NOT throw
+    await expect(handler.handleEvent(JSON.stringify({}), 'sig')).resolves.toBeUndefined();
+    // order must still have been updated
+    expect(orderRepo.update).toHaveBeenCalled();
+  });
+});

package/templates/ecommerce/apps/api/src/modules/payment/__tests__/stripe.adapter.unit.test.ts ADDED Viewed

@@ -0,0 +1,84 @@
+/**
+ * StripeAdapter — Unit Tests
+ * Stripe SDK is mocked so these tests run without any network access.
+ */
+// Mock must be hoisted before import
+jest.mock('stripe');
+import Stripe from 'stripe';
+import { StripeAdapter } from '../adapters/stripe.adapter';
+import { PaymentError } from '../payment.port';
+const mockCreate = jest.fn();
+const mockConfirm = jest.fn();
+// Mock the Stripe constructor to return a controlled instance
+(Stripe as jest.MockedClass<typeof Stripe>).mockImplementation(() => ({
+  paymentIntents: {
+    create: mockCreate,
+    confirm: mockConfirm,
+  },
+} as unknown as Stripe));
+describe('StripeAdapter — Unit', () => {
+  let adapter: StripeAdapter;
+  beforeEach(() => {
+    jest.clearAllMocks();
+    adapter = new StripeAdapter('sk_test_fake');
+  });
+  it('deve criar PaymentIntent com amount e currency corretos', async () => {
+    mockCreate.mockResolvedValue({ id: 'pi_1', client_secret: 'pi_1_secret_abc' });
+    await adapter.createPaymentIntent(199.9, 'brl', { orderId: 'ord-1' });
+    expect(mockCreate).toHaveBeenCalledWith(
+      expect.objectContaining({ amount: 19990, currency: 'brl' }),
+    );
+  });
+  it('deve retornar clientSecret do PaymentIntent criado', async () => {
+    mockCreate.mockResolvedValue({ id: 'pi_1', client_secret: 'pi_1_secret_abc' });
+    const result = await adapter.createPaymentIntent(100, 'brl', {});
+    expect(result.clientSecret).toBe('pi_1_secret_abc');
+    expect(result.id).toBe('pi_1');
+  });
+  it('deve converter valor de reais para centavos (R$10,00 → 1000)', async () => {
+    mockCreate.mockResolvedValue({ id: 'pi_2', client_secret: 'secret' });
+    await adapter.createPaymentIntent(10, 'brl', {});
+    expect(mockCreate).toHaveBeenCalledWith(
+      expect.objectContaining({ amount: 1000 }),
+    );
+  });
+  it('deve lançar PaymentError se Stripe retornar erro de cartão recusado', async () => {
+    const stripeErr = Object.assign(new Error('Your card was declined.'), {
+      type: 'StripeCardError',
+      code: 'card_declined',
+    });
+    mockCreate.mockRejectedValue(stripeErr);
+    await expect(adapter.createPaymentIntent(100, 'brl', {})).rejects.toThrow(PaymentError);
+  });
+  it('deve lançar PaymentError se Stripe retornar erro de autenticação', async () => {
+    const stripeErr = Object.assign(new Error('No such API key.'), {
+      type: 'StripeAuthenticationError',
+    });
+    mockCreate.mockRejectedValue(stripeErr);
+    await expect(adapter.createPaymentIntent(100, 'brl', {})).rejects.toThrow(PaymentError);
+  });
+  it('deve construir instância com secretKey fornecida', () => {
+    const adapterWithKey = new StripeAdapter('sk_test_mykey');
+    expect(adapterWithKey).toBeInstanceOf(StripeAdapter);
+  });
+});

package/templates/ecommerce/apps/api/src/modules/payment/adapters/stripe.adapter.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from '../../../infrastructure/services/payment/stripe.adapter';

package/templates/ecommerce/apps/api/src/modules/payment/payment.port.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from '../../application/ports/payment.port';

package/templates/ecommerce/apps/api/src/modules/payment/stripe-webhook.handler.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from '../../infrastructure/services/payment/stripe-webhook.handler';

package/templates/ecommerce/apps/api/src/modules/profile/__tests__/profile.routes.integration.test.ts ADDED Viewed

@@ -0,0 +1,180 @@
+import request from 'supertest';
+import app from '../../../app';
+/**
+ * Integration tests for Profile routes (/api/me).
+ * Uses the full Express app with in-memory repositories (NODE_ENV=test-inmemory).
+ */
+// ── Helpers ──────────────────────────────────────────────────────────────────
+const VALID_USER = {
+  name: 'Profile User',
+  email: 'profile@email.com',
+  password: 'senha1234',
+};
+async function registerAndLogin(user = VALID_USER) {
+  await request(app).post('/api/auth/register').send(user);
+  const res = await request(app).post('/api/auth/login').send({
+    email: user.email,
+    password: user.password,
+  });
+  return (res.body as { accessToken: string }).accessToken;
+}
+// ── Tests ────────────────────────────────────────────────────────────────────
+describe('Profile Routes — Integration', () => {
+  // ── GET /api/me ───────────────────────────────────────────────────────────
+  describe('GET /api/me', () => {
+    it('200: deve retornar perfil do usuário autenticado', async () => {
+      const token = await registerAndLogin();
+      const res = await request(app)
+        .get('/api/me')
+        .set('Authorization', `Bearer ${token}`);
+      expect(res.status).toBe(200);
+      expect(res.body).toMatchObject({ email: VALID_USER.email, name: VALID_USER.name });
+      expect((res.body as Record<string, unknown>)['passwordHash']).toBeUndefined();
+    });
+    it('401: deve rejeitar requisição sem token', async () => {
+      const res = await request(app).get('/api/me');
+      expect(res.status).toBe(401);
+    });
+  });
+  // ── PATCH /api/me ─────────────────────────────────────────────────────────
+  describe('PATCH /api/me', () => {
+    it('200: deve atualizar o nome', async () => {
+      const token = await registerAndLogin({
+        name: 'Old Name',
+        email: 'patchname@email.com',
+        password: 'senha1234',
+      });
+      const res = await request(app)
+        .patch('/api/me')
+        .set('Authorization', `Bearer ${token}`)
+        .send({ name: 'New Name' });
+      expect(res.status).toBe(200);
+      expect(res.body).toMatchObject({ name: 'New Name' });
+    });
+    it('400: deve rejeitar body sem campos', async () => {
+      const token = await registerAndLogin({
+        name: 'Someone',
+        email: 'patchnobody@email.com',
+        password: 'senha1234',
+      });
+      const res = await request(app)
+        .patch('/api/me')
+        .set('Authorization', `Bearer ${token}`)
+        .send({});
+      expect(res.status).toBe(400);
+    });
+    it('401: deve rejeitar requisição sem token', async () => {
+      const res = await request(app).patch('/api/me').send({ name: 'New Name' });
+      expect(res.status).toBe(401);
+    });
+  });
+  // ── PATCH /api/me/password ────────────────────────────────────────────────
+  describe('PATCH /api/me/password', () => {
+    it('204: deve trocar a senha com credenciais corretas', async () => {
+      const token = await registerAndLogin({
+        name: 'Pass User',
+        email: 'passchange@email.com',
+        password: 'senha1234',
+      });
+      const res = await request(app)
+        .patch('/api/me/password')
+        .set('Authorization', `Bearer ${token}`)
+        .send({ currentPassword: 'senha1234', newPassword: 'novasenha5678' });
+      expect(res.status).toBe(204);
+    });
+    it('401: deve rejeitar senha atual incorreta', async () => {
+      const token = await registerAndLogin({
+        name: 'Pass User 2',
+        email: 'passchange2@email.com',
+        password: 'senha1234',
+      });
+      const res = await request(app)
+        .patch('/api/me/password')
+        .set('Authorization', `Bearer ${token}`)
+        .send({ currentPassword: 'wrongpass', newPassword: 'novasenha5678' });
+      expect(res.status).toBe(401);
+    });
+    it('400: deve rejeitar nova senha muito curta', async () => {
+      const token = await registerAndLogin({
+        name: 'Pass User 3',
+        email: 'passchange3@email.com',
+        password: 'senha1234',
+      });
+      const res = await request(app)
+        .patch('/api/me/password')
+        .set('Authorization', `Bearer ${token}`)
+        .send({ currentPassword: 'senha1234', newPassword: '123' });
+      expect(res.status).toBe(400);
+    });
+    it('401: deve rejeitar requisição sem token', async () => {
+      const res = await request(app)
+        .patch('/api/me/password')
+        .send({ currentPassword: 'senha1234', newPassword: 'novasenha5678' });
+      expect(res.status).toBe(401);
+    });
+  });
+  // ── DELETE /api/me ────────────────────────────────────────────────────────
+  describe('DELETE /api/me', () => {
+    it('204: deve deletar a conta com senha correta', async () => {
+      const token = await registerAndLogin({
+        name: 'Delete Me',
+        email: 'deleteme@email.com',
+        password: 'senha1234',
+      });
+      const res = await request(app)
+        .delete('/api/me')
+        .set('Authorization', `Bearer ${token}`)
+        .send({ password: 'senha1234' });
+      expect(res.status).toBe(204);
+    });
+    it('401: deve rejeitar senha incorreta', async () => {
+      const token = await registerAndLogin({
+        name: 'No Delete',
+        email: 'nodelete@email.com',
+        password: 'senha1234',
+      });
+      const res = await request(app)
+        .delete('/api/me')
+        .set('Authorization', `Bearer ${token}`)
+        .send({ password: 'wrongpassword' });
+      expect(res.status).toBe(401);
+    });
+    it('401: deve rejeitar requisição sem token', async () => {
+      const res = await request(app)
+        .delete('/api/me')
+        .send({ password: 'senha1234' });
+      expect(res.status).toBe(401);
+    });
+  });
+});