144 lines
4.6 KiB
TypeScript
144 lines
4.6 KiB
TypeScript
/**
|
|
* Integration tests — PUT /api/memory/[id]
|
|
* Tests: 200 happy path, 400 invalid body, 404 not found, 401 unauth, error sanitization.
|
|
*/
|
|
|
|
import test from "node:test";
|
|
import assert from "node:assert/strict";
|
|
import fs from "node:fs";
|
|
import os from "node:os";
|
|
import path from "node:path";
|
|
import { mock } from "node:test";
|
|
import {
|
|
makeManagementSessionRequest,
|
|
createManagementSessionHeaders,
|
|
} from "../helpers/managementSession.ts";
|
|
|
|
const TEST_DATA_DIR = fs.mkdtempSync(path.join(os.tmpdir(), "omniroute-memory-put-"));
|
|
process.env.DATA_DIR = TEST_DATA_DIR;
|
|
process.env.API_KEY_SECRET = "test-secret-for-memory-put";
|
|
|
|
const core = await import("../../src/lib/db/core.ts");
|
|
const localDb = await import("../../src/lib/localDb.ts");
|
|
|
|
// ── Dynamic import of route module (after DATA_DIR set) ──
|
|
const memoryIdRoute = await import("../../src/app/api/memory/[id]/route.ts");
|
|
const { PUT, GET, DELETE } = memoryIdRoute;
|
|
|
|
// ── Memory store module ──
|
|
const memoryStore = await import("../../src/lib/memory/store.ts");
|
|
const { createMemory, getMemory } = memoryStore;
|
|
|
|
// ── Helpers ──
|
|
|
|
async function resetStorage() {
|
|
core.resetDbInstance();
|
|
fs.rmSync(TEST_DATA_DIR, { recursive: true, force: true });
|
|
fs.mkdirSync(TEST_DATA_DIR, { recursive: true });
|
|
}
|
|
|
|
function makeParams(id: string) {
|
|
return { params: Promise.resolve({ id }) };
|
|
}
|
|
|
|
async function makeAuthRequest(method: "PUT" | "GET" | "DELETE", body?: unknown) {
|
|
return makeManagementSessionRequest(`http://localhost/api/memory/test-id`, {
|
|
method,
|
|
body: body === undefined ? undefined : body,
|
|
});
|
|
}
|
|
|
|
async function seedMemory() {
|
|
return createMemory({
|
|
content: "Test content",
|
|
key: "test-key",
|
|
type: "factual" as any,
|
|
sessionId: "",
|
|
apiKeyId: "api-key-test",
|
|
metadata: {},
|
|
expiresAt: null,
|
|
});
|
|
}
|
|
|
|
// ── Test lifecycle ──
|
|
|
|
test.beforeEach(async () => {
|
|
await resetStorage();
|
|
await localDb.updateSettings({ requireLogin: false });
|
|
});
|
|
|
|
test.after(async () => {
|
|
await resetStorage();
|
|
fs.rmSync(TEST_DATA_DIR, { recursive: true, force: true });
|
|
});
|
|
|
|
// ── Tests ──
|
|
|
|
test("PUT /api/memory/[id] — happy path: 200 + {success:true}", async () => {
|
|
const memory = await seedMemory();
|
|
const req = await makeAuthRequest("PUT", { content: "Updated content" });
|
|
const res = await PUT(req, makeParams(memory.id));
|
|
|
|
assert.strictEqual(res.status, 200);
|
|
const body = await res.json();
|
|
assert.strictEqual(body.success, true);
|
|
});
|
|
|
|
test("PUT /api/memory/[id] — 400 with invalid body (extra field not in strict schema)", async () => {
|
|
const memory = await seedMemory();
|
|
const req = await makeAuthRequest("PUT", { content: "Updated", unknownField: "bad" });
|
|
const res = await PUT(req, makeParams(memory.id));
|
|
|
|
assert.strictEqual(res.status, 400);
|
|
const body = await res.json();
|
|
assert.ok(body.message || body.error, "should return error");
|
|
});
|
|
|
|
test("PUT /api/memory/[id] — 404 if memory does not exist", async () => {
|
|
const req = await makeAuthRequest("PUT", { content: "Updated" });
|
|
const res = await PUT(req, makeParams("non-existent-id-12345"));
|
|
|
|
assert.strictEqual(res.status, 404);
|
|
const body = await res.json();
|
|
assert.ok(body.error, "should have error field");
|
|
});
|
|
|
|
test("PUT /api/memory/[id] — 401 without auth when requireLogin=true", async () => {
|
|
await localDb.updateSettings({ requireLogin: true, password: "hashed-pw" });
|
|
|
|
const req = new Request("http://localhost/api/memory/test-id", {
|
|
method: "PUT",
|
|
headers: { "Content-Type": "application/json" },
|
|
body: JSON.stringify({ content: "Updated" }),
|
|
});
|
|
const res = await PUT(req, makeParams("any-id"));
|
|
|
|
assert.strictEqual(res.status, 401);
|
|
});
|
|
|
|
test("PUT /api/memory/[id] — error path: no stack trace in response", async () => {
|
|
// Trigger an error by passing invalid JSON to the parse step
|
|
const req = new Request("http://localhost/api/memory/test-id", {
|
|
method: "PUT",
|
|
headers: {},
|
|
body: "not-json{{{",
|
|
});
|
|
|
|
// Even with a parse error, we need auth headers or requireLogin off (already off from beforeEach)
|
|
const headers = await createManagementSessionHeaders();
|
|
const authReq = new Request("http://localhost/api/memory/test-id", {
|
|
method: "PUT",
|
|
headers: Object.fromEntries(headers.entries()),
|
|
body: "not-json{{{",
|
|
});
|
|
|
|
const res = await PUT(authReq, makeParams("any-id"));
|
|
// Should be 400 (invalid JSON) not a crash
|
|
assert.ok(res.status >= 400, "should return error status");
|
|
|
|
const body = await res.json();
|
|
const bodyStr = JSON.stringify(body);
|
|
// Hard Rule #12: no stack trace in response body
|
|
assert.ok(!bodyStr.match(/\sat\s\//), "response must not contain stack trace");
|
|
});
|