pryv 3.0.0 → 3.0.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pryv",
-  "version": "3.0.0",
+  "version": "3.0.2",
   "description": "Pryv JavaScript library",
   "keywords": [
     "Pryv",

package/src/Connection.js

@@ -6,6 +6,7 @@ const utils = require('./utils.js');
 const jsonParser = require('./lib/json-parser');
 const libGetEventStreamed = require('./lib/getEventStreamed');
 const PryvError = require('./lib/PryvError');
+const buildSearchParams = require('./lib/buildSearchParams');
 
 /**
  * @class Connection
@@ -290,7 +291,7 @@ class Connection {
     path = path || '';
     let queryStr = '';
     if (queryParams && Object.keys(queryParams).length > 0) {
-      queryStr = '?' + new URLSearchParams(queryParams).toString();
+      queryStr = '?' + buildSearchParams(queryParams);
     }
     const response = await fetch(this.endpoint + path + queryStr, {
       headers: {

package/src/lib/buildSearchParams.js

@@ -0,0 +1,26 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+
+/**
+ * Build URL search params string from an object, properly handling arrays.
+ * Arrays are expanded as repeated keys: { a: ['x', 'y'] } => 'a=x&a=y'
+ * @param {Object} params - Query parameters object
+ * @returns {string} - URL encoded query string
+ */
+function buildSearchParams (params) {
+  const searchParams = new URLSearchParams();
+  for (const [key, value] of Object.entries(params)) {
+    if (Array.isArray(value)) {
+      for (const item of value) {
+        searchParams.append(key, item);
+      }
+    } else if (value !== undefined && value !== null) {
+      searchParams.append(key, value);
+    }
+  }
+  return searchParams.toString();
+}
+
+module.exports = buildSearchParams;

package/src/lib/getEventStreamed.js

@@ -4,6 +4,8 @@
  */
 /* global fetch */
 
+const buildSearchParams = require('./buildSearchParams');
+
 module.exports = getEventStreamed;
 
 async function getEventStreamed (conn, queryParam, parser) {
@@ -43,7 +45,7 @@ async function getEventStreamed (conn, queryParam, parser) {
 
   // ------------   fetch ------------------- //
   const url = new URL(conn.endpoint + 'events');
-  url.search = new URLSearchParams(queryParam).toString();
+  url.search = buildSearchParams(queryParam);
   const fetchParams = { method: 'GET', headers: { Accept: 'application/json' } };
   if (conn.token) fetchParams.headers.Authorization = conn.token;
 
@@ -57,7 +59,7 @@ async function getEventStreamed (conn, queryParam, parser) {
   }
 
   if (errResult) {
-    throw new Error(errResult);
+    throw new Error(errResult?.message + ' ' + errResult?.rawResponse);
   }
 
   // We're done!

package/src/utils.js

@@ -4,6 +4,7 @@
  */
 const regexAPIandToken = /(.+):\/\/(.+)@(.+)/gm;
 const regexSchemaAndPath = /(.+):\/\/(.+)/gm;
+const buildSearchParams = require('./lib/buildSearchParams');
 
 /**
  * Utilities to access Pryv API.
@@ -21,7 +22,7 @@ const utils = module.exports = {
   async fetchGet (url, queryParams = {}, headers = {}) {
     let queryStr = '';
     if (queryParams && Object.keys(queryParams).length > 0) {
-      queryStr = '?' + new URLSearchParams(queryParams).toString();
+      queryStr = '?' + buildSearchParams(queryParams);
     }
     const myHeaders = Object.assign({ Accept: 'application/json' }, headers);
     const response = await fetch(url + queryStr, { headers: myHeaders });

package/test/Accesses.test.js

@@ -0,0 +1,126 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, after, expect, pryv, testData */
+
+const { createId: cuid } = require('@paralleldrive/cuid2');
+
+let conn = null;
+const testStreamId = 'acc-' + cuid().slice(0, 8);
+let createdAccessId = null;
+let createdAccessToken = null;
+
+describe('[ACSX] Accesses', () => {
+  before(async function () {
+    this.timeout(15000);
+    await testData.prepare();
+    conn = new pryv.Connection(testData.apiEndpointWithToken);
+
+    // Create a test stream for permissions
+    await conn.api([{
+      method: 'streams.create',
+      params: { id: testStreamId, name: 'Access Test Stream' }
+    }]);
+  });
+
+  describe('[ACRX] accesses.create', function () {
+    it('[ACRA] create a shared access', async () => {
+      const res = await conn.api([{
+        method: 'accesses.create',
+        params: {
+          name: 'test-shared-' + cuid().slice(0, 8),
+          type: 'shared',
+          permissions: [{ streamId: testStreamId, level: 'read' }]
+        }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].access).to.exist;
+      expect(res[0].access.token).to.exist;
+      expect(res[0].access.type).to.equal('shared');
+      createdAccessId = res[0].access.id;
+      createdAccessToken = res[0].access.token;
+    });
+
+    it('[ACRB] create an app access', async () => {
+      const res = await conn.api([{
+        method: 'accesses.create',
+        params: {
+          name: 'test-app-' + cuid().slice(0, 8),
+          type: 'app',
+          permissions: [{ streamId: testStreamId, level: 'contribute' }]
+        }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].access).to.exist;
+      expect(res[0].access.type).to.equal('app');
+    });
+
+    it('[ACRC] reject access with invalid permission level', async () => {
+      const res = await conn.api([{
+        method: 'accesses.create',
+        params: {
+          name: 'bad-access',
+          type: 'shared',
+          permissions: [{ streamId: testStreamId, level: 'bogus' }]
+        }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].error).to.exist;
+    });
+  });
+
+  describe('[AGTX] accesses.get', function () {
+    it('[AGTA] list accesses', async () => {
+      const res = await conn.api([{
+        method: 'accesses.get',
+        params: {}
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].accesses).to.exist;
+      expect(Array.isArray(res[0].accesses)).to.equal(true);
+      expect(res[0].accesses.length).to.be.gt(0);
+    });
+
+    it('[AGTB] created access is in the list', async () => {
+      const res = await conn.api([{
+        method: 'accesses.get',
+        params: {}
+      }]);
+      const found = res[0].accesses.find(a => a.id === createdAccessId);
+      expect(found).to.exist;
+      expect(found.token).to.equal(createdAccessToken);
+    });
+  });
+
+  describe('[ADLX] accesses.delete', function () {
+    it('[ADLA] delete (revoke) an access', async () => {
+      expect(createdAccessId).to.exist;
+      const res = await conn.api([{
+        method: 'accesses.delete',
+        params: { id: createdAccessId }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].accessDeletion).to.exist;
+      expect(res[0].accessDeletion.id).to.equal(createdAccessId);
+    });
+
+    it('[ADLB] deleted access is no longer in the list', async () => {
+      const res = await conn.api([{
+        method: 'accesses.get',
+        params: {}
+      }]);
+      const found = res[0].accesses.find(a => a.id === createdAccessId);
+      expect(found).to.not.exist;
+    });
+  });
+
+  // Cleanup
+  after(async () => {
+    if (!conn) return;
+    await conn.api([
+      { method: 'streams.delete', params: { id: testStreamId } },
+      { method: 'streams.delete', params: { id: testStreamId } }
+    ]);
+  });
+});

package/test/Account.test.js

@@ -0,0 +1,73 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, expect, pryv, testData */
+
+let conn = null;
+
+describe('[ACTX] Account', () => {
+  before(async function () {
+    this.timeout(15000);
+    await testData.prepare();
+    conn = new pryv.Connection(testData.apiEndpointWithToken);
+  });
+
+  describe('[AINX] account.get', function () {
+    it('[AINA] get account info', async () => {
+      const res = await conn.api([{
+        method: 'account.get',
+        params: {}
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].account).to.exist;
+      expect(res[0].account.username).to.equal(testData.username);
+      expect(res[0].account.email).to.exist;
+    });
+  });
+
+  describe('[ASUX] account.get storageUsed', function () {
+    it('[ASUA] storageUsed has expected fields', async () => {
+      const res = await conn.api([{
+        method: 'account.get',
+        params: {}
+      }]);
+      const account = res[0].account;
+      expect(account.storageUsed).to.exist;
+      expect(account.storageUsed.dbDocuments).to.be.a('number');
+      expect(account.storageUsed.attachedFiles).to.be.a('number');
+    });
+  });
+
+  describe('[ACPX] account.changePassword', function () {
+    it('[ACPA] change password and change back', async () => {
+      const oldPassword = testData.password;
+      const newPassword = oldPassword + '-new';
+
+      // Change to new password
+      const res1 = await conn.api([{
+        method: 'account.changePassword',
+        params: { oldPassword, newPassword }
+      }]);
+      expect(res1[0]).to.exist;
+      expect(res1[0].error).to.not.exist;
+
+      // Change back to original
+      const res2 = await conn.api([{
+        method: 'account.changePassword',
+        params: { oldPassword: newPassword, newPassword: oldPassword }
+      }]);
+      expect(res2[0]).to.exist;
+      expect(res2[0].error).to.not.exist;
+    });
+
+    it('[ACPB] reject wrong old password', async () => {
+      const res = await conn.api([{
+        method: 'account.changePassword',
+        params: { oldPassword: 'wrong-password', newPassword: 'new-password' }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].error).to.exist;
+    });
+  });
+});

package/test/AuthController.test.js

@@ -0,0 +1,193 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, after, expect, JSDOM, testData */
+
+const AuthController = require('../src/Auth/AuthController');
+const AuthStates = require('../src/Auth/AuthStates');
+const Service = require('../src/Service');
+
+describe('[ACNX] AuthController', function () {
+  this.timeout(15000);
+
+  let service;
+  let cleanupDom = false;
+
+  before(async function () {
+    await testData.prepare();
+    service = new Service(testData.serviceInfoUrl);
+    await service.info();
+  });
+
+  before(async () => {
+    if (typeof document !== 'undefined') return;
+    cleanupDom = true;
+    const dom = new JSDOM('<!DOCTYPE html>', {
+      url: 'http://localhost/'
+    });
+    global.document = dom.window.document;
+    global.window = dom.window;
+    global.location = dom.window.location;
+    global.navigator = { userAgent: 'Safari' };
+  });
+
+  after(async () => {
+    if (!cleanupDom) return;
+    delete global.document;
+    delete global.window;
+    delete global.location;
+  });
+
+  describe('[ACVX] Validation', function () {
+    it('[ACVA] throws error when settings is null', function () {
+      expect(() => new AuthController(null, service)).to.throw('settings cannot be null');
+    });
+
+    it('[ACVB] throws error when authRequest is missing', function () {
+      expect(() => new AuthController({}, service)).to.throw('Missing settings.authRequest');
+    });
+
+    it('[ACVC] throws error when requestingAppId is missing', function () {
+      expect(() => new AuthController({
+        authRequest: { requestedPermissions: [] }
+      }, service)).to.throw('Missing settings.authRequest.requestingAppId');
+    });
+
+    it('[ACVD] throws error when requestedPermissions is missing', function () {
+      expect(() => new AuthController({
+        authRequest: { requestingAppId: 'test-app' }
+      }, service)).to.throw('Missing settings.authRequest.requestedPermissions');
+    });
+  });
+
+  describe('[ACLX] Listeners', function () {
+    it('[ACLA] calls onStateChange listener when state changes', async function () {
+      const stateChanges = [];
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        },
+        onStateChange: (state) => stateChanges.push(state)
+      }, service);
+
+      await auth.init();
+      expect(stateChanges.length).to.be.greaterThan(0);
+      expect(stateChanges[0].status).to.equal(AuthStates.LOADING);
+    });
+
+    it('[ACLB] handles listener errors gracefully', async function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        },
+        onStateChange: () => { throw new Error('Listener error'); }
+      }, service);
+
+      // Should not throw
+      await auth.init();
+      expect(auth.state).to.exist;
+    });
+  });
+
+  describe('[ACHX] handleClick', function () {
+    it('[ACHA] triggers SIGNOUT when authorized', async function () {
+      const stateChanges = [];
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        },
+        onStateChange: (state) => stateChanges.push(state)
+      }, service);
+
+      await auth.init();
+
+      // Simulate authorized state
+      auth._state = { status: AuthStates.AUTHORIZED };
+
+      await auth.handleClick();
+      const lastState = stateChanges[stateChanges.length - 1];
+      expect(lastState.status).to.equal(AuthStates.SIGNOUT);
+    });
+
+    it('[ACHB] handles NEED_SIGNIN click (reopens popup)', async function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      await auth.init();
+
+      // Simulate NEED_SIGNIN state
+      const needSigninState = { status: AuthStates.NEED_SIGNIN, authUrl: 'http://test.url' };
+      auth._state = needSigninState;
+
+      await auth.handleClick();
+      // Should trigger state change with same state
+      expect(auth.state.status).to.equal(AuthStates.NEED_SIGNIN);
+    });
+  });
+
+  describe('[ACSX] stopAuthRequest', function () {
+    it('[ACSA] sets error state with message', async function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      await auth.init();
+      auth.stopAuthRequest('Test error message');
+
+      expect(auth.state.status).to.equal(AuthStates.ERROR);
+      expect(auth.state.message).to.equal('Test error message');
+    });
+  });
+
+  describe('[ACRX] returnURL', function () {
+    it('[ACRA] throws on invalid returnURL trailer', function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      expect(() => auth.getReturnURL('http://example.com')).to.throw('Last character');
+    });
+
+    it('[ACRB] handles null/undefined returnURL', function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      // Desktop browser (Safari) returns false for auto mode
+      const result = auth.getReturnURL(undefined, 'http://test.com', { userAgent: 'Safari' });
+      expect(result).to.equal(false);
+    });
+  });
+
+  describe('[AIST] State', function () {
+    it('[AISA] state getter and setter work correctly', async function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      auth.state = { status: AuthStates.LOADING };
+      expect(auth.state.status).to.equal(AuthStates.LOADING);
+      expect(auth.state.id).to.equal(AuthStates.LOADING); // retro-compatibility
+    });
+  });
+});

package/test/Browser.AuthController.test.js

@@ -8,7 +8,7 @@ const utils = require('../src/utils.js');
 const Service = require('../src/Service');
 const AuthController = require('../src/Auth/AuthController.js');
 
-describe('Browser.LoginButton', function () {
+describe('[AUTX] Browser.LoginButton', function () {
   this.timeout(15000);
 
   let auth;
@@ -43,7 +43,7 @@ describe('Browser.LoginButton', function () {
     await auth.init();
   });
 
-  it('getReturnURL()', async function () {
+  it('[AUTA] getReturnURL()', async function () {
     const myUrl = 'https://mysite.com/bobby';
     let error = null;
     try {
@@ -71,12 +71,12 @@ describe('Browser.LoginButton', function () {
     expect(auth.getReturnURL('self?', myUrl, fakeNavigator)).to.equal(myUrl + '?');
   });
 
-  it('browserIsMobileOrTablet()', async function () {
+  it('[AUTB] browserIsMobileOrTablet()', async function () {
     expect(utils.browserIsMobileOrTablet({ userAgent: 'android' })).to.be.true;
     expect(utils.browserIsMobileOrTablet({ userAgent: 'Safari' })).to.be.false;
   });
 
-  it('cleanURLFromPrYvParams()', async function () {
+  it('[AUTC] cleanURLFromPrYvParams()', async function () {
     expect('https://my.Url.com/?bobby=2').to.equal(utils.cleanURLFromPrYvParams(
       'https://my.Url.com/?bobby=2&prYvZoutOu=1&prYvstatus=2jsadh'));
 

package/test/Browser.test.js

@@ -17,7 +17,7 @@ function genSettings () {
   };
 }
 
-describe('Browser', function () {
+describe('[BRWX] Browser', function () {
   this.timeout(15000);
 
   before(async function () {
@@ -46,7 +46,7 @@ describe('Browser', function () {
     delete global.location;
   });
 
-  it('setupAuth()', async () => {
+  it('[BRWA] setupAuth()', async () => {
     const settings = genSettings();
     let AuthLoaded = false;
     settings.onStateChange = function (state) {
@@ -70,7 +70,7 @@ describe('Browser', function () {
     }
   });
 
-  it('serviceInfoFromUrl()', async () => {
+  it('[BRWB] serviceInfoFromUrl()', async () => {
     expect('https://zou.zou/service/info').to.equal(pryv.Browser.serviceInfoFromUrl());
   });
 });

package/test/Connection.edge-cases.test.js

@@ -0,0 +1,102 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, expect, pryv, testData */
+
+describe('[CECX] Connection Edge Cases', function () {
+  this.timeout(15000);
+
+  let conn;
+
+  before(async function () {
+    await testData.prepare();
+    conn = new pryv.Connection(testData.apiEndpointWithToken);
+  });
+
+  describe('[CERX] Error handling', function () {
+    it('[CERA] api() throws on non-array input', async function () {
+      let error = null;
+      try {
+        await conn.api({ method: 'events.get' });
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+      expect(error.message).to.include('array');
+    });
+
+    it('[CERB] apiOne() throws on error response', async function () {
+      let error = null;
+      try {
+        await conn.apiOne('invalid.method', {});
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+    });
+
+    it('[CERC] constructor throws on invalid service param', function () {
+      let error = null;
+      try {
+        const _conn = new pryv.Connection(testData.apiEndpointWithToken, { notAService: true });
+        expect(_conn).to.not.exist; // Should not reach here
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+      expect(error.message).to.include('Invalid service');
+    });
+
+    it('[CERD] _handleMeta throws on missing meta', async function () {
+      let error = null;
+      try {
+        conn._handleMeta({}, Date.now() / 1000);
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+      expect(error.message).to.include('meta');
+    });
+
+    it('[CERE] _handleMeta throws on missing serverTime', async function () {
+      let error = null;
+      try {
+        conn._handleMeta({ meta: {} }, Date.now() / 1000);
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+      expect(error.message).to.include('serverTime');
+    });
+  });
+
+  describe('[CSCX] Service getter', function () {
+    it('[CSCA] creates service when not provided', function () {
+      const conn2 = new pryv.Connection(testData.apiEndpoint);
+      const service = conn2.service;
+      expect(service).to.exist;
+      // Second access returns same instance
+      expect(conn2.service).to.equal(service);
+    });
+
+    it('[CSCB] uses provided service', async function () {
+      const service = new pryv.Service(testData.serviceInfoUrl);
+      await service.info();
+      const conn2 = new pryv.Connection(testData.apiEndpoint, service);
+      expect(conn2.service).to.equal(service);
+    });
+  });
+
+  describe('[CGEX] get() method', function () {
+    it('[CGEA] get() without query params', async function () {
+      const result = await conn.get('access-info');
+      expect(result).to.exist;
+    });
+
+    it('[CGEB] get() with null query params', async function () {
+      const result = await conn.get('access-info', null);
+      expect(result).to.exist;
+    });
+  });
+});