77 lines
2.6 KiB
TypeScript
77 lines
2.6 KiB
TypeScript
import test from "node:test";
|
|
import assert from "node:assert/strict";
|
|
import fs from "node:fs";
|
|
import path from "node:path";
|
|
import { fileURLToPath } from "node:url";
|
|
|
|
const THIS_FILE = fileURLToPath(import.meta.url);
|
|
const TESTS_DIR = path.dirname(THIS_FILE);
|
|
const REPO_ROOT = path.resolve(TESTS_DIR, "../..");
|
|
const CLI_TOOLS_DIR = path.join(REPO_ROOT, "src", "app", "api", "cli-tools");
|
|
|
|
function listCliToolRouteFiles(dir: string): string[] {
|
|
const entries = fs.readdirSync(dir, { withFileTypes: true });
|
|
const files: string[] = [];
|
|
|
|
for (const entry of entries) {
|
|
const fullPath = path.join(dir, entry.name);
|
|
if (entry.isDirectory()) {
|
|
files.push(...listCliToolRouteFiles(fullPath));
|
|
continue;
|
|
}
|
|
if (entry.isFile() && entry.name === "route.ts") {
|
|
files.push(fullPath);
|
|
}
|
|
}
|
|
|
|
return files;
|
|
}
|
|
test("all cli-tools route handlers require the shared management auth guard", () => {
|
|
const routeFiles = listCliToolRouteFiles(CLI_TOOLS_DIR)
|
|
.map((fullPath) => path.relative(REPO_ROOT, fullPath).replace(/\\/g, "/"))
|
|
.sort();
|
|
|
|
assert.ok(routeFiles.length > 0, "expected at least one cli-tools route");
|
|
|
|
for (const relPath of routeFiles) {
|
|
const fullPath = path.join(REPO_ROOT, relPath);
|
|
const content = fs.readFileSync(fullPath, "utf8");
|
|
const handlerCount = (content.match(/export async function (GET|POST|PUT|DELETE)\(/g) || [])
|
|
.length;
|
|
const authCount = (
|
|
content.match(/const authError = await requireCliToolsAuth\(request\);/g) || []
|
|
).length;
|
|
const returnCount = (content.match(/if \(authError\) return authError;/g) || []).length;
|
|
|
|
assert.ok(handlerCount > 0, `${relPath} should export at least one route handler`);
|
|
assert.ok(
|
|
content.includes('from "@/lib/api/requireCliToolsAuth"'),
|
|
`${relPath} should import requireCliToolsAuth`
|
|
);
|
|
assert.equal(
|
|
authCount,
|
|
handlerCount,
|
|
`${relPath} should guard every exported handler before host access`
|
|
);
|
|
assert.equal(
|
|
returnCount,
|
|
handlerCount,
|
|
`${relPath} should return the auth error from every exported handler`
|
|
);
|
|
}
|
|
});
|
|
|
|
test("cli-tools auth helper delegates to management auth", () => {
|
|
const helperPath = path.join(REPO_ROOT, "src/lib/api/requireCliToolsAuth.ts");
|
|
const content = fs.readFileSync(helperPath, "utf8");
|
|
|
|
assert.ok(
|
|
content.includes('from "@/lib/api/requireManagementAuth"'),
|
|
"requireCliToolsAuth should reuse the shared management auth helper"
|
|
);
|
|
assert.ok(
|
|
content.includes("return requireManagementAuth(request);"),
|
|
"requireCliToolsAuth should delegate directly to requireManagementAuth"
|
|
);
|
|
});
|