responses-proxy 0.1.0

package/dist/telegram-bot/commands/renew-user.test.js

@@ -0,0 +1,184 @@
+import assert from "node:assert/strict";
+import { mkdtempSync, rmSync } from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import test from "node:test";
+import { BillingRepository } from "../../billing.js";
+import { CustomerKeyRepository } from "../../customer-keys.js";
+import { AuditLogRepository } from "../../audit-log.js";
+import { BotIdentityRepository } from "../bot-identity-repository.js";
+import { registerRenewUserCommand } from "./renew-user.js";
+import { CustomerWorkspaceRepository } from "../customer-workspace-repository.js";
+import { grantCustomerAccess } from "../grants.js";
+function createConfig(overrides = {}) {
+    return {
+        telegramBotToken: "token",
+        allowedUserIds: new Set(),
+        allowedChatIds: new Set(),
+        ownerUserIds: new Set(["1"]),
+        adminUserIds: new Set(),
+        botMode: "polling",
+        proxyAdminBaseUrl: "http://127.0.0.1:8318",
+        defaultModel: "gpt-5.5",
+        publicSignupEnabled: true,
+        requireAdminApproval: false,
+        defaultCustomerRoute: "customers",
+        publicResponsesBaseUrl: "http://127.0.0.1:8318/v1",
+        proxyRequestTimeoutMs: 30_000,
+        sessionDbPath: ":memory:",
+        sessionTtlMs: 900_000,
+        rateLimitWindowMs: 60_000,
+        rateLimitMaxRequests: 12,
+        logLevel: "info",
+        ...overrides,
+    };
+}
+function createMockProxyClient() {
+    let routeKeys = [];
+    return {
+        client: {
+            async getClientConfigs() {
+                return {
+                    clientRoutes: [{ key: "customers", apiKeys: [...routeKeys] }],
+                };
+            },
+            async setClientRouteApiKeys(input) {
+                if (input.client === "customers") {
+                    routeKeys = [...input.apiKeys];
+                }
+                return { ok: true };
+            },
+        },
+    };
+}
+function createBotHarness() {
+    const handlers = new Map();
+    return {
+        bot: {
+            command(name, handler) {
+                handlers.set(name, handler);
+            },
+        },
+        handler(name) {
+            const handler = handlers.get(name);
+            assert.ok(handler);
+            return handler;
+        },
+    };
+}
+function createContext(input) {
+    const replies = [];
+    const sentMessages = [];
+    const sentDocuments = [];
+    const ctx = {
+        from: { id: input.fromId, is_bot: false, first_name: "User" },
+        chat: input.chatType === "private"
+            ? { id: input.chatId, type: "private", first_name: "User" }
+            : { id: input.chatId, type: "group", title: "Ops" },
+        message: {
+            message_id: 1,
+            date: 0,
+            chat: input.chatType === "private"
+                ? { id: input.chatId, type: "private", first_name: "User" }
+                : { id: input.chatId, type: "group", title: "Ops" },
+            text: `/renewuser ${input.match}`.trim(),
+        },
+        match: input.match,
+        replies,
+        sentMessages,
+        sentDocuments,
+        reply(text) {
+            replies.push(text);
+            return Promise.resolve({});
+        },
+        api: {
+            async sendMessage(chatId, text) {
+                sentMessages.push({ chatId, text });
+                if (input.sendMessageImpl) {
+                    await input.sendMessageImpl(chatId, text);
+                }
+                return {};
+            },
+            async sendDocument(chatId, document) {
+                sentDocuments.push({
+                    chatId,
+                    filename: document.filename,
+                    content: document.fileData ? Buffer.from(document.fileData).toString("utf8") : "",
+                });
+                return {};
+            },
+        },
+    };
+    return ctx;
+}
+async function withRepos(fn) {
+    const dir = mkdtempSync(path.join(os.tmpdir(), "renew-user-command-"));
+    try {
+        const dbFile = path.join(dir, "bot.sqlite");
+        const proxy = createMockProxyClient();
+        await fn({
+            identities: BotIdentityRepository.create(dbFile),
+            workspaces: CustomerWorkspaceRepository.create(dbFile),
+            customerKeys: CustomerKeyRepository.create(dbFile),
+            billing: BillingRepository.create(dbFile),
+            auditLog: AuditLogRepository.create(dbFile),
+            deps: {
+                config: createConfig({ sessionDbPath: dbFile }),
+                proxyClient: proxy.client,
+            },
+        });
+    }
+    finally {
+        rmSync(dir, { recursive: true, force: true });
+    }
+}
+test("renewuser is admin-only", async () => {
+    await withRepos(async ({ identities, workspaces, customerKeys, billing, auditLog, deps }) => {
+        const harness = createBotHarness();
+        registerRenewUserCommand(harness.bot, deps, identities, workspaces, customerKeys, billing, auditLog);
+        const ctx = createContext({
+            fromId: 2,
+            chatId: 2,
+            chatType: "private",
+            match: "1283361952 basic 30",
+        });
+        await harness.handler("renewuser")(ctx);
+        assert.equal(ctx.replies[0], "Only admins can renew customer access.");
+    });
+});
+test("renewuser replace-key does not print the new key into a group chat", async () => {
+    await withRepos(async ({ identities, workspaces, customerKeys, billing, auditLog, deps }) => {
+        await grantCustomerAccess({
+            telegramUserId: "1283361952",
+            planId: "basic",
+            days: 30,
+            defaultClientRoute: deps.config.defaultCustomerRoute,
+            identities,
+            workspaces,
+            customerKeys,
+            billing,
+            proxyClient: deps.proxyClient,
+            auditLog,
+            actor: { type: "admin", id: "1" },
+        });
+        const harness = createBotHarness();
+        registerRenewUserCommand(harness.bot, deps, identities, workspaces, customerKeys, billing, auditLog);
+        const ctx = createContext({
+            fromId: 1,
+            chatId: -1001,
+            chatType: "group",
+            match: "1283361952 basic 30 replace-key",
+        });
+        await harness.handler("renewuser")(ctx);
+        assert.equal(ctx.replies.length >= 1, true);
+        assert.equal(ctx.replies[0].includes("api_key:"), false);
+        assert.equal(ctx.replies[0].includes("Full key: replacement key is shown only in private chat"), true);
+        assert.equal(ctx.sentMessages.length, 1);
+        assert.equal(ctx.sentMessages[0]?.chatId, 1283361952);
+        assert.equal(ctx.sentMessages[0]?.text.includes("api_key:"), false);
+        assert.deepEqual(ctx.sentDocuments.map((document) => document.filename), ["config.toml", "auth.json"]);
+        assert.match(ctx.sentDocuments[0]?.content ?? "", /base_url = "http:\/\/127\.0\.0\.1:8318\/v1"/);
+        assert.match(ctx.sentDocuments[0]?.content ?? "", /api_key = "sk-/);
+        assert.match(ctx.sentDocuments[1]?.content ?? "", /"OPENAI_API_KEY": "sk-/);
+    });
+});