payload-plugin-newsletter 0.3.2 → 0.4.5

package/dist/src/__tests__/integration/endpoints/preferences.test.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../../src/__tests__/integration/endpoints/preferences.test.ts"],"sourcesContent":["import { describe, it, expect, beforeEach, vi } from 'vitest'\nimport { createPreferencesEndpoint } from '../../../endpoints/preferences'\nimport { createPayloadRequestMock, seedCollection, clearCollections, createMockUser, createMockAdminUser } from '../../mocks/payload'\nimport { mockSubscribers } from '../../fixtures/subscribers'\nimport type { NewsletterPluginConfig } from '../../../types'\n\ndescribe('Preferences Endpoint Security', () => {\n  let endpoint: any\n  let mockReq: any\n  let mockRes: any\n  const config: NewsletterPluginConfig = {\n    subscribersSlug: 'subscribers',\n  }\n\n  beforeEach(() => {\n    clearCollections()\n    seedCollection('subscribers', mockSubscribers)\n    \n    endpoint = createPreferencesEndpoint(config)\n    const payloadMock = createPayloadRequestMock()\n    \n    mockReq = {\n      payload: payloadMock.payload,\n      body: {},\n      user: null,\n      method: 'GET',\n    }\n    \n    mockRes = {\n      status: vi.fn().mockReturnThis(),\n      json: vi.fn(),\n    }\n    \n    vi.clearAllMocks()\n  })\n\n  describe('GET - Read Preferences', () => {\n    it('should require authentication', async () => {\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(401)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Authentication required',\n      })\n    })\n\n    it('should allow subscribers to read their own preferences', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(200)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: true,\n        preferences: expect.objectContaining({\n          email: 'active@example.com',\n          emailPreferences: {\n            newsletter: true,\n            announcements: true,\n          },\n        }),\n      })\n    })\n\n    it('should prevent reading other subscribers preferences', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.query = { subscriberId: 'sub-2' }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(403)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'You can only access your own preferences',\n      })\n    })\n\n    it('should allow admins to read any preferences', async () => {\n      mockReq.user = createMockAdminUser()\n      mockReq.query = { subscriberId: 'sub-2' }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(200)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: true,\n        preferences: expect.objectContaining({\n          email: 'pending@example.com',\n        }),\n      })\n    })\n  })\n\n  describe('POST - Update Preferences', () => {\n    beforeEach(() => {\n      mockReq.method = 'POST'\n    })\n\n    it('should require authentication', async () => {\n      mockReq.body = {\n        emailPreferences: {\n          newsletter: false,\n        },\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(401)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Authentication required',\n      })\n    })\n\n    it('should allow subscribers to update their own preferences', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = {\n        emailPreferences: {\n          newsletter: false,\n          announcements: true,\n        },\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockReq.payload.update).toHaveBeenCalledWith({\n        collection: 'subscribers',\n        id: 'sub-1',\n        data: {\n          emailPreferences: {\n            newsletter: false,\n            announcements: true,\n          },\n        },\n        overrideAccess: false,\n        user: mockReq.user,\n      })\n      \n      expect(mockRes.status).toHaveBeenCalledWith(200)\n    })\n\n    it('should prevent updating other subscribers preferences', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = {\n        subscriberId: 'sub-2',\n        emailPreferences: {\n          newsletter: false,\n        },\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(403)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'You can only update your own preferences',\n      })\n    })\n\n    it('should validate preference structure', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = {\n        emailPreferences: {\n          newsletter: 'yes', // Should be boolean\n          unknownField: true, // Should be filtered out\n        },\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(400)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Invalid preference values',\n      })\n    })\n\n    it('should prevent updating protected fields', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = {\n        email: 'newemail@example.com', // Should not be allowed\n        subscriptionStatus: 'active', // Should not be allowed\n        emailPreferences: {\n          newsletter: false,\n        },\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      // Should only update emailPreferences\n      expect(mockReq.payload.update).toHaveBeenCalledWith(\n        expect.objectContaining({\n          data: {\n            emailPreferences: {\n              newsletter: false,\n              announcements: true, // Preserves existing value\n            },\n          },\n        })\n      )\n      \n      // Should not include protected fields\n      const updateData = mockReq.payload.update.mock.calls[0][0].data\n      expect(updateData).not.toHaveProperty('email')\n      expect(updateData).not.toHaveProperty('subscriptionStatus')\n    })\n  })\n\n  describe('Error Handling', () => {\n    it('should handle non-existent subscribers', async () => {\n      mockReq.user = {\n        id: 'sub-999',\n        email: 'ghost@example.com',\n        collection: 'subscribers',\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(404)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Subscriber not found',\n      })\n    })\n\n    it('should handle database errors gracefully', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      \n      mockReq.payload.findByID.mockRejectedValueOnce(new Error('Database error'))\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(500)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Failed to retrieve preferences',\n      })\n    })\n  })\n\n  describe('Unsubscribed Users', () => {\n    it('should allow unsubscribed users to view preferences', async () => {\n      mockReq.user = {\n        id: 'sub-3',\n        email: 'unsubscribed@example.com',\n        collection: 'subscribers',\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(200)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: true,\n        preferences: expect.objectContaining({\n          subscriptionStatus: 'unsubscribed',\n        }),\n      })\n    })\n\n    it('should prevent unsubscribed users from updating preferences', async () => {\n      mockReq.method = 'POST'\n      mockReq.user = {\n        id: 'sub-3',\n        email: 'unsubscribed@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = {\n        emailPreferences: {\n          newsletter: true,\n        },\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(403)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Cannot update preferences for unsubscribed users',\n      })\n    })\n  })\n})"],"names":["describe","it","expect","beforeEach","vi","createPreferencesEndpoint","createPayloadRequestMock","seedCollection","clearCollections","createMockAdminUser","mockSubscribers","endpoint","mockReq","mockRes","config","subscribersSlug","payloadMock","payload","body","user","method","status","fn","mockReturnThis","json","clearAllMocks","handler","toHaveBeenCalledWith","success","error","id","email","collection","preferences","objectContaining","emailPreferences","newsletter","announcements","query","subscriberId","update","data","overrideAccess","unknownField","subscriptionStatus","updateData","mock","calls","not","toHaveProperty","findByID","mockRejectedValueOnce","Error"],"mappings":"AAAA,SAASA,QAAQ,EAAEC,EAAE,EAAEC,MAAM,EAAEC,UAAU,EAAEC,EAAE,QAAQ,SAAQ;AAC7D,SAASC,yBAAyB,QAAQ,iCAAgC;AAC1E,SAASC,wBAAwB,EAAEC,cAAc,EAAEC,gBAAgB,EAAkBC,mBAAmB,QAAQ,sBAAqB;AACrI,SAASC,eAAe,QAAQ,6BAA4B;AAG5DV,SAAS,iCAAiC;IACxC,IAAIW;IACJ,IAAIC;IACJ,IAAIC;IACJ,MAAMC,SAAiC;QACrCC,iBAAiB;IACnB;IAEAZ,WAAW;QACTK;QACAD,eAAe,eAAeG;QAE9BC,WAAWN,0BAA0BS;QACrC,MAAME,cAAcV;QAEpBM,UAAU;YACRK,SAASD,YAAYC,OAAO;YAC5BC,MAAM,CAAC;YACPC,MAAM;YACNC,QAAQ;QACV;QAEAP,UAAU;YACRQ,QAAQjB,GAAGkB,EAAE,GAAGC,cAAc;YAC9BC,MAAMpB,GAAGkB,EAAE;QACb;QAEAlB,GAAGqB,aAAa;IAClB;IAEAzB,SAAS,0BAA0B;QACjCC,GAAG,iCAAiC;YAClC,MAAMU,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEA5B,GAAG,0DAA0D;YAC3DW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YAEA,MAAMrB,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTK,aAAa/B,OAAOgC,gBAAgB,CAAC;oBACnCH,OAAO;oBACPI,kBAAkB;wBAChBC,YAAY;wBACZC,eAAe;oBACjB;gBACF;YACF;QACF;QAEApC,GAAG,wDAAwD;YACzDW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQ0B,KAAK,GAAG;gBAAEC,cAAc;YAAQ;YAExC,MAAM5B,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEA5B,GAAG,+CAA+C;YAChDW,QAAQO,IAAI,GAAGV;YACfG,QAAQ0B,KAAK,GAAG;gBAAEC,cAAc;YAAQ;YAExC,MAAM5B,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTK,aAAa/B,OAAOgC,gBAAgB,CAAC;oBACnCH,OAAO;gBACT;YACF;QACF;IACF;IAEA/B,SAAS,6BAA6B;QACpCG,WAAW;YACTS,QAAQQ,MAAM,GAAG;QACnB;QAEAnB,GAAG,iCAAiC;YAClCW,QAAQM,IAAI,GAAG;gBACbiB,kBAAkB;oBAChBC,YAAY;gBACd;YACF;YAEA,MAAMzB,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEA5B,GAAG,4DAA4D;YAC7DW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBACbiB,kBAAkB;oBAChBC,YAAY;oBACZC,eAAe;gBACjB;YACF;YAEA,MAAM1B,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOU,QAAQK,OAAO,CAACuB,MAAM,EAAEb,oBAAoB,CAAC;gBAClDK,YAAY;gBACZF,IAAI;gBACJW,MAAM;oBACJN,kBAAkB;wBAChBC,YAAY;wBACZC,eAAe;oBACjB;gBACF;gBACAK,gBAAgB;gBAChBvB,MAAMP,QAAQO,IAAI;YACpB;YAEAjB,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;QAC9C;QAEA1B,GAAG,yDAAyD;YAC1DW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBACbqB,cAAc;gBACdJ,kBAAkB;oBAChBC,YAAY;gBACd;YACF;YAEA,MAAMzB,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEA5B,GAAG,wCAAwC;YACzCW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBACbiB,kBAAkB;oBAChBC,YAAY;oBACZO,cAAc;gBAChB;YACF;YAEA,MAAMhC,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEA5B,GAAG,4CAA4C;YAC7CW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBACba,OAAO;gBACPa,oBAAoB;gBACpBT,kBAAkB;oBAChBC,YAAY;gBACd;YACF;YAEA,MAAMzB,SAASe,OAAO,CAACd,SAASC;YAEhC,sCAAsC;YACtCX,OAAOU,QAAQK,OAAO,CAACuB,MAAM,EAAEb,oBAAoB,CACjDzB,OAAOgC,gBAAgB,CAAC;gBACtBO,MAAM;oBACJN,kBAAkB;wBAChBC,YAAY;wBACZC,eAAe;oBACjB;gBACF;YACF;YAGF,sCAAsC;YACtC,MAAMQ,aAAajC,QAAQK,OAAO,CAACuB,MAAM,CAACM,IAAI,CAACC,KAAK,CAAC,EAAE,CAAC,EAAE,CAACN,IAAI;YAC/DvC,OAAO2C,YAAYG,GAAG,CAACC,cAAc,CAAC;YACtC/C,OAAO2C,YAAYG,GAAG,CAACC,cAAc,CAAC;QACxC;IACF;IAEAjD,SAAS,kBAAkB;QACzBC,GAAG,0CAA0C;YAC3CW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YAEA,MAAMrB,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEA5B,GAAG,4CAA4C;YAC7CW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YAEApB,QAAQK,OAAO,CAACiC,QAAQ,CAACC,qBAAqB,CAAC,IAAIC,MAAM;YAEzD,MAAMzC,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;IACF;IAEA7B,SAAS,sBAAsB;QAC7BC,GAAG,uDAAuD;YACxDW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YAEA,MAAMrB,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTK,aAAa/B,OAAOgC,gBAAgB,CAAC;oBACnCU,oBAAoB;gBACtB;YACF;QACF;QAEA3C,GAAG,+DAA+D;YAChEW,QAAQQ,MAAM,GAAG;YACjBR,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBACbiB,kBAAkB;oBAChBC,YAAY;gBACd;YACF;YAEA,MAAMzB,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQQ,MAAM,EAAEM,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQW,IAAI,EAAEG,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;IACF;AACF"}

package/dist/src/__tests__/integration/endpoints/subscribe.test.js

@@ -1,280 +0,0 @@
-import { describe, it, expect, beforeEach, vi } from 'vitest';
-import { createSubscribeEndpoint } from '../../../endpoints/subscribe';
-import { createPayloadRequestMock, seedCollection, clearCollections } from '../../mocks/payload';
-import { mockNewsletterSettings } from '../../fixtures/newsletter-settings';
-import { createResendMock } from '../../mocks/email-providers';
-// Mock email service
-vi.mock('../../../services/email', ()=>({
-        getEmailService: vi.fn()
-    }));
-import { getEmailService } from '../../../services/email';
-describe('Subscribe Endpoint Security', ()=>{
-    let endpoint;
-    let mockReq;
-    let mockRes;
-    let mockEmailService;
-    const config = {
-        subscribersSlug: 'subscribers',
-        settingsSlug: 'newsletter-settings'
-    };
-    beforeEach(()=>{
-        clearCollections();
-        seedCollection('newsletter-settings', [
-            mockNewsletterSettings
-        ]);
-        endpoint = createSubscribeEndpoint(config);
-        const payloadMock = createPayloadRequestMock();
-        mockReq = {
-            payload: payloadMock.payload,
-            body: {},
-            ip: '127.0.0.1'
-        };
-        mockRes = {
-            status: vi.fn().mockReturnThis(),
-            json: vi.fn()
-        };
-        // Setup email service mock
-        mockEmailService = createResendMock();
-        getEmailService.mockResolvedValue(mockEmailService);
-        vi.clearAllMocks();
-    });
-    describe('Input Validation', ()=>{
-        it('should reject requests without email', async ()=>{
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(400);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'Email is required'
-            });
-        });
-        it('should reject invalid email formats', async ()=>{
-            const invalidEmails = [
-                'notanemail',
-                '@example.com',
-                'user@',
-                'user @example.com',
-                'user@example',
-                '<script>alert("xss")</script>@example.com'
-            ];
-            for (const email of invalidEmails){
-                mockReq.body = {
-                    email
-                };
-                await endpoint.handler(mockReq, mockRes);
-                expect(mockRes.status).toHaveBeenCalledWith(400);
-                expect(mockRes.json).toHaveBeenCalledWith({
-                    success: false,
-                    error: 'Invalid email format'
-                });
-            }
-        });
-        it('should sanitize email input', async ()=>{
-            mockReq.body = {
-                email: '  User@EXAMPLE.com  ',
-                name: '<script>alert("xss")</script>Test User'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            // Check that create was called with sanitized data
-            expect(mockReq.payload.create).toHaveBeenCalledWith(expect.objectContaining({
-                data: expect.objectContaining({
-                    email: 'user@example.com',
-                    name: 'Test User'
-                })
-            }));
-        });
-    });
-    describe('Rate Limiting', ()=>{
-        it('should enforce max subscribers per IP', async ()=>{
-            // Create max subscribers from same IP
-            const maxSubscribers = mockNewsletterSettings.subscriptionSettings.maxSubscribersPerIP;
-            for(let i = 0; i < maxSubscribers; i++){
-                seedCollection('subscribers', [
-                    {
-                        id: `sub-ip-${i}`,
-                        email: `user${i}@example.com`,
-                        ip: '127.0.0.1',
-                        subscriptionStatus: 'active'
-                    }
-                ]);
-            }
-            mockReq.body = {
-                email: 'newuser@example.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(429);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'Too many subscription attempts from this IP address'
-            });
-        });
-        it('should not count unsubscribed users in rate limit', async ()=>{
-            // Create some unsubscribed users
-            for(let i = 0; i < 5; i++){
-                seedCollection('subscribers', [
-                    {
-                        id: `sub-unsub-${i}`,
-                        email: `unsub${i}@example.com`,
-                        ip: '127.0.0.1',
-                        subscriptionStatus: 'unsubscribed'
-                    }
-                ]);
-            }
-            mockReq.body = {
-                email: 'newuser@example.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(200);
-        });
-    });
-    describe('Domain Restrictions', ()=>{
-        it('should enforce allowed domains when configured', async ()=>{
-            // Update settings to restrict domains
-            const restrictedSettings = {
-                ...mockNewsletterSettings,
-                subscriptionSettings: {
-                    ...mockNewsletterSettings.subscriptionSettings,
-                    allowedDomains: [
-                        {
-                            domain: 'allowed.com'
-                        },
-                        {
-                            domain: 'company.com'
-                        }
-                    ]
-                }
-            };
-            clearCollections();
-            seedCollection('newsletter-settings', [
-                restrictedSettings
-            ]);
-            // Test blocked domain
-            mockReq.body = {
-                email: 'user@blocked.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(403);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'Email domain not allowed'
-            });
-            // Test allowed domain
-            mockReq.body = {
-                email: 'user@allowed.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(200);
-        });
-    });
-    describe('Duplicate Prevention', ()=>{
-        it('should handle existing active subscribers', async ()=>{
-            seedCollection('subscribers', [
-                {
-                    id: 'existing-sub',
-                    email: 'existing@example.com',
-                    subscriptionStatus: 'active'
-                }
-            ]);
-            mockReq.body = {
-                email: 'existing@example.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(409);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'This email is already subscribed'
-            });
-        });
-        it('should allow resubscription of unsubscribed users', async ()=>{
-            seedCollection('subscribers', [
-                {
-                    id: 'unsub-user',
-                    email: 'comeback@example.com',
-                    subscriptionStatus: 'unsubscribed'
-                }
-            ]);
-            mockReq.body = {
-                email: 'comeback@example.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockReq.payload.update).toHaveBeenCalledWith(expect.objectContaining({
-                id: 'unsub-user',
-                data: expect.objectContaining({
-                    subscriptionStatus: 'pending',
-                    unsubscribedAt: null
-                })
-            }));
-            expect(mockRes.status).toHaveBeenCalledWith(200);
-        });
-    });
-    describe('Double Opt-In', ()=>{
-        it('should send confirmation email when double opt-in is enabled', async ()=>{
-            mockReq.body = {
-                email: 'newuser@example.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockEmailService.emails.send).toHaveBeenCalledWith(expect.objectContaining({
-                to: [
-                    'newuser@example.com'
-                ],
-                subject: expect.stringContaining('Welcome')
-            }));
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: true,
-                message: 'Please check your email to confirm your subscription',
-                requiresConfirmation: true
-            });
-        });
-        it('should activate immediately when double opt-in is disabled', async ()=>{
-            // Disable double opt-in
-            const noDoubleOptIn = {
-                ...mockNewsletterSettings,
-                subscriptionSettings: {
-                    ...mockNewsletterSettings.subscriptionSettings,
-                    requireDoubleOptIn: false
-                }
-            };
-            clearCollections();
-            seedCollection('newsletter-settings', [
-                noDoubleOptIn
-            ]);
-            mockReq.body = {
-                email: 'instant@example.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockReq.payload.create).toHaveBeenCalledWith(expect.objectContaining({
-                data: expect.objectContaining({
-                    subscriptionStatus: 'active'
-                })
-            }));
-        });
-    });
-    describe('Error Handling', ()=>{
-        it('should handle email service failures gracefully', async ()=>{
-            mockEmailService.emails.send.mockRejectedValueOnce(new Error('Email service down'));
-            mockReq.body = {
-                email: 'test@example.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(500);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'Failed to process subscription. Please try again later.'
-            });
-        });
-        it('should not leak internal errors to users', async ()=>{
-            mockReq.payload.create.mockRejectedValueOnce(new Error('Database connection failed'));
-            mockReq.body = {
-                email: 'test@example.com'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(500);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'Failed to process subscription. Please try again later.'
-            });
-        // Should not expose database error details
-        });
-    });
-});
-
-//# sourceMappingURL=subscribe.test.js.map

package/dist/src/__tests__/integration/endpoints/subscribe.test.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../../src/__tests__/integration/endpoints/subscribe.test.ts"],"sourcesContent":["import { describe, it, expect, beforeEach, vi } from 'vitest'\nimport { createSubscribeEndpoint } from '../../../endpoints/subscribe'\nimport { createPayloadRequestMock, seedCollection, clearCollections } from '../../mocks/payload'\nimport { mockNewsletterSettings } from '../../fixtures/newsletter-settings'\nimport { createResendMock } from '../../mocks/email-providers'\nimport type { NewsletterPluginConfig } from '../../../types'\n\n// Mock email service\nvi.mock('../../../services/email', () => ({\n  getEmailService: vi.fn(),\n}))\n\nimport { getEmailService } from '../../../services/email'\n\ndescribe('Subscribe Endpoint Security', () => {\n  let endpoint: any\n  let mockReq: any\n  let mockRes: any\n  let mockEmailService: any\n  const config: NewsletterPluginConfig = {\n    subscribersSlug: 'subscribers',\n    settingsSlug: 'newsletter-settings',\n  }\n\n  beforeEach(() => {\n    clearCollections()\n    seedCollection('newsletter-settings', [mockNewsletterSettings])\n    \n    endpoint = createSubscribeEndpoint(config)\n    const payloadMock = createPayloadRequestMock()\n    \n    mockReq = {\n      payload: payloadMock.payload,\n      body: {},\n      ip: '127.0.0.1',\n    }\n    \n    mockRes = {\n      status: vi.fn().mockReturnThis(),\n      json: vi.fn(),\n    }\n    \n    // Setup email service mock\n    mockEmailService = createResendMock()\n    ;(getEmailService as any).mockResolvedValue(mockEmailService)\n    \n    vi.clearAllMocks()\n  })\n\n  describe('Input Validation', () => {\n    it('should reject requests without email', async () => {\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(400)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Email is required',\n      })\n    })\n\n    it('should reject invalid email formats', async () => {\n      const invalidEmails = [\n        'notanemail',\n        '@example.com',\n        'user@',\n        'user @example.com',\n        'user@example',\n        '<script>alert(\"xss\")</script>@example.com',\n      ]\n\n      for (const email of invalidEmails) {\n        mockReq.body = { email }\n        await endpoint.handler(mockReq, mockRes)\n        \n        expect(mockRes.status).toHaveBeenCalledWith(400)\n        expect(mockRes.json).toHaveBeenCalledWith({\n          success: false,\n          error: 'Invalid email format',\n        })\n      }\n    })\n\n    it('should sanitize email input', async () => {\n      mockReq.body = { \n        email: '  User@EXAMPLE.com  ',\n        name: '<script>alert(\"xss\")</script>Test User',\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      // Check that create was called with sanitized data\n      expect(mockReq.payload.create).toHaveBeenCalledWith(\n        expect.objectContaining({\n          data: expect.objectContaining({\n            email: 'user@example.com', // Trimmed and lowercased\n            name: 'Test User', // XSS stripped\n          }),\n        })\n      )\n    })\n  })\n\n  describe('Rate Limiting', () => {\n    it('should enforce max subscribers per IP', async () => {\n      // Create max subscribers from same IP\n      const maxSubscribers = mockNewsletterSettings.subscriptionSettings.maxSubscribersPerIP\n      \n      for (let i = 0; i < maxSubscribers; i++) {\n        seedCollection('subscribers', [{\n          id: `sub-ip-${i}`,\n          email: `user${i}@example.com`,\n          ip: '127.0.0.1',\n          subscriptionStatus: 'active',\n        }])\n      }\n\n      mockReq.body = { email: 'newuser@example.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(429)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Too many subscription attempts from this IP address',\n      })\n    })\n\n    it('should not count unsubscribed users in rate limit', async () => {\n      // Create some unsubscribed users\n      for (let i = 0; i < 5; i++) {\n        seedCollection('subscribers', [{\n          id: `sub-unsub-${i}`,\n          email: `unsub${i}@example.com`,\n          ip: '127.0.0.1',\n          subscriptionStatus: 'unsubscribed',\n        }])\n      }\n\n      mockReq.body = { email: 'newuser@example.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(200)\n    })\n  })\n\n  describe('Domain Restrictions', () => {\n    it('should enforce allowed domains when configured', async () => {\n      // Update settings to restrict domains\n      const restrictedSettings = {\n        ...mockNewsletterSettings,\n        subscriptionSettings: {\n          ...mockNewsletterSettings.subscriptionSettings,\n          allowedDomains: [\n            { domain: 'allowed.com' },\n            { domain: 'company.com' },\n          ],\n        },\n      }\n      clearCollections()\n      seedCollection('newsletter-settings', [restrictedSettings])\n\n      // Test blocked domain\n      mockReq.body = { email: 'user@blocked.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(403)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Email domain not allowed',\n      })\n\n      // Test allowed domain\n      mockReq.body = { email: 'user@allowed.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(200)\n    })\n  })\n\n  describe('Duplicate Prevention', () => {\n    it('should handle existing active subscribers', async () => {\n      seedCollection('subscribers', [{\n        id: 'existing-sub',\n        email: 'existing@example.com',\n        subscriptionStatus: 'active',\n      }])\n\n      mockReq.body = { email: 'existing@example.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(409)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'This email is already subscribed',\n      })\n    })\n\n    it('should allow resubscription of unsubscribed users', async () => {\n      seedCollection('subscribers', [{\n        id: 'unsub-user',\n        email: 'comeback@example.com',\n        subscriptionStatus: 'unsubscribed',\n      }])\n\n      mockReq.body = { email: 'comeback@example.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockReq.payload.update).toHaveBeenCalledWith(\n        expect.objectContaining({\n          id: 'unsub-user',\n          data: expect.objectContaining({\n            subscriptionStatus: 'pending',\n            unsubscribedAt: null,\n          }),\n        })\n      )\n      expect(mockRes.status).toHaveBeenCalledWith(200)\n    })\n  })\n\n  describe('Double Opt-In', () => {\n    it('should send confirmation email when double opt-in is enabled', async () => {\n      mockReq.body = { email: 'newuser@example.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockEmailService.emails.send).toHaveBeenCalledWith(\n        expect.objectContaining({\n          to: ['newuser@example.com'],\n          subject: expect.stringContaining('Welcome'),\n        })\n      )\n      \n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: true,\n        message: 'Please check your email to confirm your subscription',\n        requiresConfirmation: true,\n      })\n    })\n\n    it('should activate immediately when double opt-in is disabled', async () => {\n      // Disable double opt-in\n      const noDoubleOptIn = {\n        ...mockNewsletterSettings,\n        subscriptionSettings: {\n          ...mockNewsletterSettings.subscriptionSettings,\n          requireDoubleOptIn: false,\n        },\n      }\n      clearCollections()\n      seedCollection('newsletter-settings', [noDoubleOptIn])\n\n      mockReq.body = { email: 'instant@example.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockReq.payload.create).toHaveBeenCalledWith(\n        expect.objectContaining({\n          data: expect.objectContaining({\n            subscriptionStatus: 'active',\n          }),\n        })\n      )\n    })\n  })\n\n  describe('Error Handling', () => {\n    it('should handle email service failures gracefully', async () => {\n      mockEmailService.emails.send.mockRejectedValueOnce(new Error('Email service down'))\n\n      mockReq.body = { email: 'test@example.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(500)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Failed to process subscription. Please try again later.',\n      })\n    })\n\n    it('should not leak internal errors to users', async () => {\n      mockReq.payload.create.mockRejectedValueOnce(new Error('Database connection failed'))\n\n      mockReq.body = { email: 'test@example.com' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(500)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Failed to process subscription. Please try again later.',\n      })\n      // Should not expose database error details\n    })\n  })\n})"],"names":["describe","it","expect","beforeEach","vi","createSubscribeEndpoint","createPayloadRequestMock","seedCollection","clearCollections","mockNewsletterSettings","createResendMock","mock","getEmailService","fn","endpoint","mockReq","mockRes","mockEmailService","config","subscribersSlug","settingsSlug","payloadMock","payload","body","ip","status","mockReturnThis","json","mockResolvedValue","clearAllMocks","handler","toHaveBeenCalledWith","success","error","invalidEmails","email","name","create","objectContaining","data","maxSubscribers","subscriptionSettings","maxSubscribersPerIP","i","id","subscriptionStatus","restrictedSettings","allowedDomains","domain","update","unsubscribedAt","emails","send","to","subject","stringContaining","message","requiresConfirmation","noDoubleOptIn","requireDoubleOptIn","mockRejectedValueOnce","Error"],"mappings":"AAAA,SAASA,QAAQ,EAAEC,EAAE,EAAEC,MAAM,EAAEC,UAAU,EAAEC,EAAE,QAAQ,SAAQ;AAC7D,SAASC,uBAAuB,QAAQ,+BAA8B;AACtE,SAASC,wBAAwB,EAAEC,cAAc,EAAEC,gBAAgB,QAAQ,sBAAqB;AAChG,SAASC,sBAAsB,QAAQ,qCAAoC;AAC3E,SAASC,gBAAgB,QAAQ,8BAA6B;AAG9D,qBAAqB;AACrBN,GAAGO,IAAI,CAAC,2BAA2B,IAAO,CAAA;QACxCC,iBAAiBR,GAAGS,EAAE;IACxB,CAAA;AAEA,SAASD,eAAe,QAAQ,0BAAyB;AAEzDZ,SAAS,+BAA+B;IACtC,IAAIc;IACJ,IAAIC;IACJ,IAAIC;IACJ,IAAIC;IACJ,MAAMC,SAAiC;QACrCC,iBAAiB;QACjBC,cAAc;IAChB;IAEAjB,WAAW;QACTK;QACAD,eAAe,uBAAuB;YAACE;SAAuB;QAE9DK,WAAWT,wBAAwBa;QACnC,MAAMG,cAAcf;QAEpBS,UAAU;YACRO,SAASD,YAAYC,OAAO;YAC5BC,MAAM,CAAC;YACPC,IAAI;QACN;QAEAR,UAAU;YACRS,QAAQrB,GAAGS,EAAE,GAAGa,cAAc;YAC9BC,MAAMvB,GAAGS,EAAE;QACb;QAEA,2BAA2B;QAC3BI,mBAAmBP;QACjBE,gBAAwBgB,iBAAiB,CAACX;QAE5Cb,GAAGyB,aAAa;IAClB;IAEA7B,SAAS,oBAAoB;QAC3BC,GAAG,wCAAwC;YACzC,MAAMa,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;YAC5C7B,OAAOc,QAAQW,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEAhC,GAAG,uCAAuC;YACxC,MAAMiC,gBAAgB;gBACpB;gBACA;gBACA;gBACA;gBACA;gBACA;aACD;YAED,KAAK,MAAMC,SAASD,cAAe;gBACjCnB,QAAQQ,IAAI,GAAG;oBAAEY;gBAAM;gBACvB,MAAMrB,SAASgB,OAAO,CAACf,SAASC;gBAEhCd,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;gBAC5C7B,OAAOc,QAAQW,IAAI,EAAEI,oBAAoB,CAAC;oBACxCC,SAAS;oBACTC,OAAO;gBACT;YACF;QACF;QAEAhC,GAAG,+BAA+B;YAChCc,QAAQQ,IAAI,GAAG;gBACbY,OAAO;gBACPC,MAAM;YACR;YAEA,MAAMtB,SAASgB,OAAO,CAACf,SAASC;YAEhC,mDAAmD;YACnDd,OAAOa,QAAQO,OAAO,CAACe,MAAM,EAAEN,oBAAoB,CACjD7B,OAAOoC,gBAAgB,CAAC;gBACtBC,MAAMrC,OAAOoC,gBAAgB,CAAC;oBAC5BH,OAAO;oBACPC,MAAM;gBACR;YACF;QAEJ;IACF;IAEApC,SAAS,iBAAiB;QACxBC,GAAG,yCAAyC;YAC1C,sCAAsC;YACtC,MAAMuC,iBAAiB/B,uBAAuBgC,oBAAoB,CAACC,mBAAmB;YAEtF,IAAK,IAAIC,IAAI,GAAGA,IAAIH,gBAAgBG,IAAK;gBACvCpC,eAAe,eAAe;oBAAC;wBAC7BqC,IAAI,CAAC,OAAO,EAAED,GAAG;wBACjBR,OAAO,CAAC,IAAI,EAAEQ,EAAE,YAAY,CAAC;wBAC7BnB,IAAI;wBACJqB,oBAAoB;oBACtB;iBAAE;YACJ;YAEA9B,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAsB;YAC9C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;YAC5C7B,OAAOc,QAAQW,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEAhC,GAAG,qDAAqD;YACtD,iCAAiC;YACjC,IAAK,IAAI0C,IAAI,GAAGA,IAAI,GAAGA,IAAK;gBAC1BpC,eAAe,eAAe;oBAAC;wBAC7BqC,IAAI,CAAC,UAAU,EAAED,GAAG;wBACpBR,OAAO,CAAC,KAAK,EAAEQ,EAAE,YAAY,CAAC;wBAC9BnB,IAAI;wBACJqB,oBAAoB;oBACtB;iBAAE;YACJ;YAEA9B,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAsB;YAC9C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;QAC9C;IACF;IAEA/B,SAAS,uBAAuB;QAC9BC,GAAG,kDAAkD;YACnD,sCAAsC;YACtC,MAAM6C,qBAAqB;gBACzB,GAAGrC,sBAAsB;gBACzBgC,sBAAsB;oBACpB,GAAGhC,uBAAuBgC,oBAAoB;oBAC9CM,gBAAgB;wBACd;4BAAEC,QAAQ;wBAAc;wBACxB;4BAAEA,QAAQ;wBAAc;qBACzB;gBACH;YACF;YACAxC;YACAD,eAAe,uBAAuB;gBAACuC;aAAmB;YAE1D,sBAAsB;YACtB/B,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAmB;YAC3C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;YAC5C7B,OAAOc,QAAQW,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;YAEA,sBAAsB;YACtBlB,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAmB;YAC3C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;QAC9C;IACF;IAEA/B,SAAS,wBAAwB;QAC/BC,GAAG,6CAA6C;YAC9CM,eAAe,eAAe;gBAAC;oBAC7BqC,IAAI;oBACJT,OAAO;oBACPU,oBAAoB;gBACtB;aAAE;YAEF9B,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAuB;YAC/C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;YAC5C7B,OAAOc,QAAQW,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEAhC,GAAG,qDAAqD;YACtDM,eAAe,eAAe;gBAAC;oBAC7BqC,IAAI;oBACJT,OAAO;oBACPU,oBAAoB;gBACtB;aAAE;YAEF9B,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAuB;YAC/C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOa,QAAQO,OAAO,CAAC2B,MAAM,EAAElB,oBAAoB,CACjD7B,OAAOoC,gBAAgB,CAAC;gBACtBM,IAAI;gBACJL,MAAMrC,OAAOoC,gBAAgB,CAAC;oBAC5BO,oBAAoB;oBACpBK,gBAAgB;gBAClB;YACF;YAEFhD,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;QAC9C;IACF;IAEA/B,SAAS,iBAAiB;QACxBC,GAAG,gEAAgE;YACjEc,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAsB;YAC9C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOe,iBAAiBkC,MAAM,CAACC,IAAI,EAAErB,oBAAoB,CACvD7B,OAAOoC,gBAAgB,CAAC;gBACtBe,IAAI;oBAAC;iBAAsB;gBAC3BC,SAASpD,OAAOqD,gBAAgB,CAAC;YACnC;YAGFrD,OAAOc,QAAQW,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTwB,SAAS;gBACTC,sBAAsB;YACxB;QACF;QAEAxD,GAAG,8DAA8D;YAC/D,wBAAwB;YACxB,MAAMyD,gBAAgB;gBACpB,GAAGjD,sBAAsB;gBACzBgC,sBAAsB;oBACpB,GAAGhC,uBAAuBgC,oBAAoB;oBAC9CkB,oBAAoB;gBACtB;YACF;YACAnD;YACAD,eAAe,uBAAuB;gBAACmD;aAAc;YAErD3C,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAsB;YAC9C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOa,QAAQO,OAAO,CAACe,MAAM,EAAEN,oBAAoB,CACjD7B,OAAOoC,gBAAgB,CAAC;gBACtBC,MAAMrC,OAAOoC,gBAAgB,CAAC;oBAC5BO,oBAAoB;gBACtB;YACF;QAEJ;IACF;IAEA7C,SAAS,kBAAkB;QACzBC,GAAG,mDAAmD;YACpDgB,iBAAiBkC,MAAM,CAACC,IAAI,CAACQ,qBAAqB,CAAC,IAAIC,MAAM;YAE7D9C,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAmB;YAC3C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;YAC5C7B,OAAOc,QAAQW,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEAhC,GAAG,4CAA4C;YAC7Cc,QAAQO,OAAO,CAACe,MAAM,CAACuB,qBAAqB,CAAC,IAAIC,MAAM;YAEvD9C,QAAQQ,IAAI,GAAG;gBAAEY,OAAO;YAAmB;YAC3C,MAAMrB,SAASgB,OAAO,CAACf,SAASC;YAEhCd,OAAOc,QAAQS,MAAM,EAAEM,oBAAoB,CAAC;YAC5C7B,OAAOc,QAAQW,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACA,2CAA2C;QAC7C;IACF;AACF"}

package/dist/src/__tests__/integration/endpoints/unsubscribe.test.js

@@ -1,187 +0,0 @@
-import { describe, it, expect, beforeEach, vi } from 'vitest';
-import { createUnsubscribeEndpoint } from '../../../endpoints/unsubscribe';
-import { createPayloadRequestMock, seedCollection, clearCollections, createMockUser } from '../../mocks/payload';
-import { mockSubscribers } from '../../fixtures/subscribers';
-describe('Unsubscribe Endpoint Security', ()=>{
-    let endpoint;
-    let mockReq;
-    let mockRes;
-    const config = {
-        subscribersSlug: 'subscribers'
-    };
-    beforeEach(()=>{
-        clearCollections();
-        seedCollection('subscribers', mockSubscribers);
-        endpoint = createUnsubscribeEndpoint(config);
-        const payloadMock = createPayloadRequestMock();
-        mockReq = {
-            payload: payloadMock.payload,
-            body: {},
-            user: null
-        };
-        mockRes = {
-            status: vi.fn().mockReturnThis(),
-            json: vi.fn()
-        };
-        vi.clearAllMocks();
-    });
-    describe('Authentication Required', ()=>{
-        it('should reject unauthenticated requests', async ()=>{
-            mockReq.body = {
-                subscriberId: 'sub-1'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(401);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'Authentication required'
-            });
-        });
-        it('should reject requests without subscriber ID', async ()=>{
-            mockReq.user = {
-                id: 'sub-1',
-                email: 'active@example.com',
-                collection: 'subscribers'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(400);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'Subscriber ID is required'
-            });
-        });
-    });
-    describe('Access Control', ()=>{
-        it('should allow subscribers to unsubscribe themselves', async ()=>{
-            mockReq.user = {
-                id: 'sub-1',
-                email: 'active@example.com',
-                collection: 'subscribers'
-            };
-            mockReq.body = {
-                subscriberId: 'sub-1'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockReq.payload.update).toHaveBeenCalledWith({
-                collection: 'subscribers',
-                id: 'sub-1',
-                data: {
-                    subscriptionStatus: 'unsubscribed',
-                    unsubscribedAt: expect.any(Date)
-                },
-                overrideAccess: false,
-                user: mockReq.user
-            });
-            expect(mockRes.status).toHaveBeenCalledWith(200);
-        });
-        it('should prevent subscribers from unsubscribing others', async ()=>{
-            mockReq.user = {
-                id: 'sub-1',
-                email: 'active@example.com',
-                collection: 'subscribers'
-            };
-            mockReq.body = {
-                subscriberId: 'sub-2'
-            }; // Trying to unsubscribe someone else
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(403);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'You can only unsubscribe yourself'
-            });
-        });
-        it('should prevent regular users from unsubscribing subscribers', async ()=>{
-            mockReq.user = createMockUser({
-                id: 'user-123'
-            });
-            mockReq.body = {
-                subscriberId: 'sub-1'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(403);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'Invalid user type for this operation'
-            });
-        });
-    });
-    describe('Already Unsubscribed', ()=>{
-        it('should handle already unsubscribed users gracefully', async ()=>{
-            mockReq.user = {
-                id: 'sub-3',
-                email: 'unsubscribed@example.com',
-                collection: 'subscribers'
-            };
-            mockReq.body = {
-                subscriberId: 'sub-3'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(200);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: true,
-                message: 'Already unsubscribed'
-            });
-            // Should not call update
-            expect(mockReq.payload.update).not.toHaveBeenCalled();
-        });
-    });
-    describe('Non-existent Subscribers', ()=>{
-        it('should handle non-existent subscriber IDs', async ()=>{
-            mockReq.user = {
-                id: 'sub-999',
-                email: 'ghost@example.com',
-                collection: 'subscribers'
-            };
-            mockReq.body = {
-                subscriberId: 'sub-999'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockRes.status).toHaveBeenCalledWith(404);
-            expect(mockRes.json).toHaveBeenCalledWith({
-                success: false,
-                error: 'Subscriber not found'
-            });
-        });
-    });
-    describe('Data Integrity', ()=>{
-        it('should set unsubscribedAt timestamp', async ()=>{
-            const beforeTime = new Date();
-            mockReq.user = {
-                id: 'sub-1',
-                email: 'active@example.com',
-                collection: 'subscribers'
-            };
-            mockReq.body = {
-                subscriberId: 'sub-1'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            const updateCall = mockReq.payload.update.mock.calls[0][0];
-            const unsubscribedAt = new Date(updateCall.data.unsubscribedAt);
-            const afterTime = new Date();
-            // Verify timestamp is between test start and end
-            expect(unsubscribedAt.getTime()).toBeGreaterThanOrEqual(beforeTime.getTime());
-            expect(unsubscribedAt.getTime()).toBeLessThanOrEqual(afterTime.getTime());
-        });
-        it('should clear email preferences on unsubscribe', async ()=>{
-            mockReq.user = {
-                id: 'sub-1',
-                email: 'active@example.com',
-                collection: 'subscribers'
-            };
-            mockReq.body = {
-                subscriberId: 'sub-1'
-            };
-            await endpoint.handler(mockReq, mockRes);
-            expect(mockReq.payload.update).toHaveBeenCalledWith(expect.objectContaining({
-                data: expect.objectContaining({
-                    emailPreferences: {
-                        newsletter: false,
-                        announcements: false
-                    }
-                })
-            }));
-        });
-    });
-});
-
-//# sourceMappingURL=unsubscribe.test.js.map

package/dist/src/__tests__/integration/endpoints/unsubscribe.test.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../../src/__tests__/integration/endpoints/unsubscribe.test.ts"],"sourcesContent":["import { describe, it, expect, beforeEach, vi } from 'vitest'\nimport { createUnsubscribeEndpoint } from '../../../endpoints/unsubscribe'\nimport { createPayloadRequestMock, seedCollection, clearCollections, createMockUser } from '../../mocks/payload'\nimport { mockSubscribers } from '../../fixtures/subscribers'\nimport type { NewsletterPluginConfig } from '../../../types'\n\ndescribe('Unsubscribe Endpoint Security', () => {\n  let endpoint: any\n  let mockReq: any\n  let mockRes: any\n  const config: NewsletterPluginConfig = {\n    subscribersSlug: 'subscribers',\n  }\n\n  beforeEach(() => {\n    clearCollections()\n    seedCollection('subscribers', mockSubscribers)\n    \n    endpoint = createUnsubscribeEndpoint(config)\n    const payloadMock = createPayloadRequestMock()\n    \n    mockReq = {\n      payload: payloadMock.payload,\n      body: {},\n      user: null,\n    }\n    \n    mockRes = {\n      status: vi.fn().mockReturnThis(),\n      json: vi.fn(),\n    }\n    \n    vi.clearAllMocks()\n  })\n\n  describe('Authentication Required', () => {\n    it('should reject unauthenticated requests', async () => {\n      mockReq.body = { subscriberId: 'sub-1' }\n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(401)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Authentication required',\n      })\n    })\n\n    it('should reject requests without subscriber ID', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(400)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Subscriber ID is required',\n      })\n    })\n  })\n\n  describe('Access Control', () => {\n    it('should allow subscribers to unsubscribe themselves', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = { subscriberId: 'sub-1' }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockReq.payload.update).toHaveBeenCalledWith({\n        collection: 'subscribers',\n        id: 'sub-1',\n        data: {\n          subscriptionStatus: 'unsubscribed',\n          unsubscribedAt: expect.any(Date),\n        },\n        overrideAccess: false,\n        user: mockReq.user,\n      })\n      \n      expect(mockRes.status).toHaveBeenCalledWith(200)\n    })\n\n    it('should prevent subscribers from unsubscribing others', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = { subscriberId: 'sub-2' } // Trying to unsubscribe someone else\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(403)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'You can only unsubscribe yourself',\n      })\n    })\n\n    it('should prevent regular users from unsubscribing subscribers', async () => {\n      mockReq.user = createMockUser({ id: 'user-123' })\n      mockReq.body = { subscriberId: 'sub-1' }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(403)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Invalid user type for this operation',\n      })\n    })\n  })\n\n  describe('Already Unsubscribed', () => {\n    it('should handle already unsubscribed users gracefully', async () => {\n      mockReq.user = {\n        id: 'sub-3', // Already unsubscribed\n        email: 'unsubscribed@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = { subscriberId: 'sub-3' }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(200)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: true,\n        message: 'Already unsubscribed',\n      })\n      \n      // Should not call update\n      expect(mockReq.payload.update).not.toHaveBeenCalled()\n    })\n  })\n\n  describe('Non-existent Subscribers', () => {\n    it('should handle non-existent subscriber IDs', async () => {\n      mockReq.user = {\n        id: 'sub-999',\n        email: 'ghost@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = { subscriberId: 'sub-999' }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockRes.status).toHaveBeenCalledWith(404)\n      expect(mockRes.json).toHaveBeenCalledWith({\n        success: false,\n        error: 'Subscriber not found',\n      })\n    })\n  })\n\n  describe('Data Integrity', () => {\n    it('should set unsubscribedAt timestamp', async () => {\n      const beforeTime = new Date()\n      \n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = { subscriberId: 'sub-1' }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      const updateCall = mockReq.payload.update.mock.calls[0][0]\n      const unsubscribedAt = new Date(updateCall.data.unsubscribedAt)\n      const afterTime = new Date()\n      \n      // Verify timestamp is between test start and end\n      expect(unsubscribedAt.getTime()).toBeGreaterThanOrEqual(beforeTime.getTime())\n      expect(unsubscribedAt.getTime()).toBeLessThanOrEqual(afterTime.getTime())\n    })\n\n    it('should clear email preferences on unsubscribe', async () => {\n      mockReq.user = {\n        id: 'sub-1',\n        email: 'active@example.com',\n        collection: 'subscribers',\n      }\n      mockReq.body = { subscriberId: 'sub-1' }\n      \n      await endpoint.handler(mockReq, mockRes)\n      \n      expect(mockReq.payload.update).toHaveBeenCalledWith(\n        expect.objectContaining({\n          data: expect.objectContaining({\n            emailPreferences: {\n              newsletter: false,\n              announcements: false,\n            },\n          }),\n        })\n      )\n    })\n  })\n})"],"names":["describe","it","expect","beforeEach","vi","createUnsubscribeEndpoint","createPayloadRequestMock","seedCollection","clearCollections","createMockUser","mockSubscribers","endpoint","mockReq","mockRes","config","subscribersSlug","payloadMock","payload","body","user","status","fn","mockReturnThis","json","clearAllMocks","subscriberId","handler","toHaveBeenCalledWith","success","error","id","email","collection","update","data","subscriptionStatus","unsubscribedAt","any","Date","overrideAccess","message","not","toHaveBeenCalled","beforeTime","updateCall","mock","calls","afterTime","getTime","toBeGreaterThanOrEqual","toBeLessThanOrEqual","objectContaining","emailPreferences","newsletter","announcements"],"mappings":"AAAA,SAASA,QAAQ,EAAEC,EAAE,EAAEC,MAAM,EAAEC,UAAU,EAAEC,EAAE,QAAQ,SAAQ;AAC7D,SAASC,yBAAyB,QAAQ,iCAAgC;AAC1E,SAASC,wBAAwB,EAAEC,cAAc,EAAEC,gBAAgB,EAAEC,cAAc,QAAQ,sBAAqB;AAChH,SAASC,eAAe,QAAQ,6BAA4B;AAG5DV,SAAS,iCAAiC;IACxC,IAAIW;IACJ,IAAIC;IACJ,IAAIC;IACJ,MAAMC,SAAiC;QACrCC,iBAAiB;IACnB;IAEAZ,WAAW;QACTK;QACAD,eAAe,eAAeG;QAE9BC,WAAWN,0BAA0BS;QACrC,MAAME,cAAcV;QAEpBM,UAAU;YACRK,SAASD,YAAYC,OAAO;YAC5BC,MAAM,CAAC;YACPC,MAAM;QACR;QAEAN,UAAU;YACRO,QAAQhB,GAAGiB,EAAE,GAAGC,cAAc;YAC9BC,MAAMnB,GAAGiB,EAAE;QACb;QAEAjB,GAAGoB,aAAa;IAClB;IAEAxB,SAAS,2BAA2B;QAClCC,GAAG,0CAA0C;YAC3CW,QAAQM,IAAI,GAAG;gBAAEO,cAAc;YAAQ;YACvC,MAAMd,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQO,MAAM,EAAEO,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQU,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEA5B,GAAG,gDAAgD;YACjDW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YAEA,MAAMrB,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQO,MAAM,EAAEO,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQU,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;IACF;IAEA7B,SAAS,kBAAkB;QACzBC,GAAG,sDAAsD;YACvDW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBAAEO,cAAc;YAAQ;YAEvC,MAAMd,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOU,QAAQK,OAAO,CAACgB,MAAM,EAAEN,oBAAoB,CAAC;gBAClDK,YAAY;gBACZF,IAAI;gBACJI,MAAM;oBACJC,oBAAoB;oBACpBC,gBAAgBlC,OAAOmC,GAAG,CAACC;gBAC7B;gBACAC,gBAAgB;gBAChBpB,MAAMP,QAAQO,IAAI;YACpB;YAEAjB,OAAOW,QAAQO,MAAM,EAAEO,oBAAoB,CAAC;QAC9C;QAEA1B,GAAG,wDAAwD;YACzDW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBAAEO,cAAc;YAAQ,GAAE,qCAAqC;YAE9E,MAAMd,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQO,MAAM,EAAEO,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQU,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;QAEA5B,GAAG,+DAA+D;YAChEW,QAAQO,IAAI,GAAGV,eAAe;gBAAEqB,IAAI;YAAW;YAC/ClB,QAAQM,IAAI,GAAG;gBAAEO,cAAc;YAAQ;YAEvC,MAAMd,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQO,MAAM,EAAEO,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQU,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;IACF;IAEA7B,SAAS,wBAAwB;QAC/BC,GAAG,uDAAuD;YACxDW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBAAEO,cAAc;YAAQ;YAEvC,MAAMd,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQO,MAAM,EAAEO,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQU,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTY,SAAS;YACX;YAEA,yBAAyB;YACzBtC,OAAOU,QAAQK,OAAO,CAACgB,MAAM,EAAEQ,GAAG,CAACC,gBAAgB;QACrD;IACF;IAEA1C,SAAS,4BAA4B;QACnCC,GAAG,6CAA6C;YAC9CW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBAAEO,cAAc;YAAU;YAEzC,MAAMd,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOW,QAAQO,MAAM,EAAEO,oBAAoB,CAAC;YAC5CzB,OAAOW,QAAQU,IAAI,EAAEI,oBAAoB,CAAC;gBACxCC,SAAS;gBACTC,OAAO;YACT;QACF;IACF;IAEA7B,SAAS,kBAAkB;QACzBC,GAAG,uCAAuC;YACxC,MAAM0C,aAAa,IAAIL;YAEvB1B,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBAAEO,cAAc;YAAQ;YAEvC,MAAMd,SAASe,OAAO,CAACd,SAASC;YAEhC,MAAM+B,aAAahC,QAAQK,OAAO,CAACgB,MAAM,CAACY,IAAI,CAACC,KAAK,CAAC,EAAE,CAAC,EAAE;YAC1D,MAAMV,iBAAiB,IAAIE,KAAKM,WAAWV,IAAI,CAACE,cAAc;YAC9D,MAAMW,YAAY,IAAIT;YAEtB,iDAAiD;YACjDpC,OAAOkC,eAAeY,OAAO,IAAIC,sBAAsB,CAACN,WAAWK,OAAO;YAC1E9C,OAAOkC,eAAeY,OAAO,IAAIE,mBAAmB,CAACH,UAAUC,OAAO;QACxE;QAEA/C,GAAG,iDAAiD;YAClDW,QAAQO,IAAI,GAAG;gBACbW,IAAI;gBACJC,OAAO;gBACPC,YAAY;YACd;YACApB,QAAQM,IAAI,GAAG;gBAAEO,cAAc;YAAQ;YAEvC,MAAMd,SAASe,OAAO,CAACd,SAASC;YAEhCX,OAAOU,QAAQK,OAAO,CAACgB,MAAM,EAAEN,oBAAoB,CACjDzB,OAAOiD,gBAAgB,CAAC;gBACtBjB,MAAMhC,OAAOiD,gBAAgB,CAAC;oBAC5BC,kBAAkB;wBAChBC,YAAY;wBACZC,eAAe;oBACjB;gBACF;YACF;QAEJ;IACF;AACF"}