Files
wehub-resource-sync d25d482dc2
Publish CLI Package / publish-npm (push) Waiting to run
Publish Python SDK / publish-pypi (push) Waiting to run
Publish TypeScript SDK / publish-npm (push) Waiting to run
CI / Migrate Dev DB (push) Has been skipped
CI / Detect Version (push) Has been cancelled
CI / Migrate DB (push) Has been cancelled
CI / Build Dev ECR (./docker/app.Dockerfile, ECR_APP) (push) Has been cancelled
CI / Build Dev ECR (./docker/db.Dockerfile, ECR_MIGRATIONS) (push) Has been cancelled
CI / Build Dev ECR (./docker/pii.Dockerfile, ECR_PII) (push) Has been cancelled
CI / Build Dev ECR (./docker/realtime.Dockerfile, ECR_REALTIME) (push) Has been cancelled
CI / Deploy Trigger.dev (Dev) (push) Has been cancelled
CI / Build AMD64 (./docker/app.Dockerfile, ECR_APP, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build AMD64 (./docker/db.Dockerfile, ECR_MIGRATIONS, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build AMD64 (./docker/pii.Dockerfile, ECR_PII, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build AMD64 (./docker/realtime.Dockerfile, ECR_REALTIME, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/app.Dockerfile, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/db.Dockerfile, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/pii.Dockerfile, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/realtime.Dockerfile, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Check Docs Changes (push) Has been cancelled
CI / Process Docs (push) Has been cancelled
CI / Create GitHub Release (push) Has been cancelled
CI / Test and Build (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:20:55 +08:00

464 lines
15 KiB
TypeScript

/**
* Tests for knowledge base by ID API route
*
* @vitest-environment node
*/
import { auditMock, authMockFns, createMockRequest, knowledgeApiUtilsMock } from '@sim/testing'
import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'
const { mockDbChain } = vi.hoisted(() => {
const mockDbChain = {
select: vi.fn().mockReturnThis(),
from: vi.fn().mockReturnThis(),
where: vi.fn().mockReturnThis(),
limit: vi.fn().mockReturnThis(),
update: vi.fn().mockReturnThis(),
set: vi.fn().mockReturnThis(),
}
return { mockDbChain }
})
vi.mock('@sim/db', () => ({
db: mockDbChain,
}))
vi.mock('@sim/audit', () => auditMock)
vi.mock('@/lib/knowledge/service', async (importOriginal) => {
const actual = await importOriginal<typeof import('@/lib/knowledge/service')>()
return {
...actual,
getKnowledgeBaseById: vi.fn(),
updateKnowledgeBase: vi.fn(),
deleteKnowledgeBase: vi.fn(),
KnowledgeBasePermissionError: actual.KnowledgeBasePermissionError,
}
})
vi.mock('@/app/api/knowledge/utils', () => knowledgeApiUtilsMock)
import {
deleteKnowledgeBase,
getKnowledgeBaseById,
KnowledgeBasePermissionError,
updateKnowledgeBase,
} from '@/lib/knowledge/service'
import { DELETE, GET, PUT } from '@/app/api/knowledge/[id]/route'
import { checkKnowledgeBaseAccess, checkKnowledgeBaseWriteAccess } from '@/app/api/knowledge/utils'
describe('Knowledge Base By ID API Route', () => {
const mockKnowledgeBase = {
id: 'kb-123',
userId: 'user-123',
name: 'Test Knowledge Base',
description: 'Test description',
tokenCount: 100,
embeddingModel: 'text-embedding-3-small',
embeddingDimension: 1536,
chunkingConfig: { maxSize: 1024, minSize: 100, overlap: 200 },
createdAt: new Date(),
updatedAt: new Date(),
workspaceId: null,
deletedAt: null,
}
const resetMocks = () => {
vi.clearAllMocks()
Object.values(mockDbChain).forEach((fn) => {
if (typeof fn === 'function') {
fn.mockClear().mockReset().mockReturnThis()
}
})
}
beforeEach(() => {
vi.clearAllMocks()
vi.stubGlobal('crypto', {
randomUUID: vi.fn().mockReturnValue('mock-uuid-1234-5678'),
})
})
afterEach(() => {
vi.clearAllMocks()
})
describe('GET /api/knowledge/[id]', () => {
const mockParams = Promise.resolve({ id: 'kb-123' })
it('should retrieve knowledge base successfully for authenticated user', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
vi.mocked(checkKnowledgeBaseAccess).mockResolvedValueOnce({
hasAccess: true,
knowledgeBase: { id: 'kb-123', userId: 'user-123' },
})
vi.mocked(getKnowledgeBaseById).mockResolvedValueOnce(mockKnowledgeBase)
const req = createMockRequest('GET')
const response = await GET(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(200)
expect(data.success).toBe(true)
expect(data.data.id).toBe('kb-123')
expect(data.data.name).toBe('Test Knowledge Base')
expect(checkKnowledgeBaseAccess).toHaveBeenCalledWith('kb-123', 'user-123')
expect(getKnowledgeBaseById).toHaveBeenCalledWith('kb-123')
})
it('should return unauthorized for unauthenticated user', async () => {
authMockFns.mockGetSession.mockResolvedValue(null)
const req = createMockRequest('GET')
const response = await GET(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(401)
expect(data.error).toBe('Unauthorized')
})
it('should return not found for non-existent knowledge base', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
vi.mocked(checkKnowledgeBaseAccess).mockResolvedValueOnce({
hasAccess: false,
notFound: true,
})
const req = createMockRequest('GET')
const response = await GET(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(404)
expect(data.error).toBe('Knowledge base not found')
})
it('should return unauthorized for knowledge base owned by different user', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
vi.mocked(checkKnowledgeBaseAccess).mockResolvedValueOnce({
hasAccess: false,
notFound: false,
})
const req = createMockRequest('GET')
const response = await GET(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(401)
expect(data.error).toBe('Unauthorized')
})
it('should return not found when service returns null', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
vi.mocked(checkKnowledgeBaseAccess).mockResolvedValueOnce({
hasAccess: true,
knowledgeBase: { id: 'kb-123', userId: 'user-123' },
})
vi.mocked(getKnowledgeBaseById).mockResolvedValueOnce(null)
const req = createMockRequest('GET')
const response = await GET(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(404)
expect(data.error).toBe('Knowledge base not found')
})
it('should handle database errors', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
vi.mocked(checkKnowledgeBaseAccess).mockRejectedValueOnce(new Error('Database error'))
const req = createMockRequest('GET')
const response = await GET(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(500)
expect(data.error).toBe('Failed to fetch knowledge base')
})
})
describe('PUT /api/knowledge/[id]', () => {
const mockParams = Promise.resolve({ id: 'kb-123' })
const validUpdateData = {
name: 'Updated Knowledge Base',
description: 'Updated description',
}
it('should update knowledge base successfully', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
resetMocks()
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: true,
knowledgeBase: { id: 'kb-123', userId: 'user-123' },
})
const updatedKnowledgeBase = { ...mockKnowledgeBase, ...validUpdateData }
vi.mocked(updateKnowledgeBase).mockResolvedValueOnce(updatedKnowledgeBase)
const req = createMockRequest('PUT', validUpdateData)
const response = await PUT(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(200)
expect(data.success).toBe(true)
expect(data.data.name).toBe('Updated Knowledge Base')
expect(checkKnowledgeBaseWriteAccess).toHaveBeenCalledWith('kb-123', 'user-123')
expect(updateKnowledgeBase).toHaveBeenCalledWith(
'kb-123',
{
name: validUpdateData.name,
description: validUpdateData.description,
workspaceId: undefined,
chunkingConfig: undefined,
},
expect.any(String),
{ actorUserId: 'user-123' }
)
})
it('returns 403 when service rejects a cross-workspace transfer', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'attacker', email: 'a@example.com' },
})
resetMocks()
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: true,
knowledgeBase: { id: 'kb-123', userId: 'user-123', workspaceId: 'ws-current' },
})
vi.mocked(updateKnowledgeBase).mockRejectedValueOnce(
new KnowledgeBasePermissionError('User does not have permission on the target workspace')
)
const req = createMockRequest('PUT', { workspaceId: 'ws-target' })
const response = await PUT(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(403)
expect(data.error).toBe('User does not have permission on the target workspace')
})
it('returns 403 when service rejects clearing workspaceId', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
resetMocks()
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: true,
knowledgeBase: { id: 'kb-123', userId: 'user-123', workspaceId: 'ws-current' },
})
vi.mocked(updateKnowledgeBase).mockRejectedValueOnce(
new KnowledgeBasePermissionError('Knowledge base workspace cannot be cleared')
)
const req = createMockRequest('PUT', { workspaceId: null })
const response = await PUT(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(403)
expect(data.error).toBe('Knowledge base workspace cannot be cleared')
})
it('should return unauthorized for unauthenticated user', async () => {
authMockFns.mockGetSession.mockResolvedValue(null)
const req = createMockRequest('PUT', validUpdateData)
const response = await PUT(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(401)
expect(data.error).toBe('Unauthorized')
})
it('should return not found for non-existent knowledge base', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
resetMocks()
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: false,
notFound: true,
})
const req = createMockRequest('PUT', validUpdateData)
const response = await PUT(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(404)
expect(data.error).toBe('Knowledge base not found')
})
it('should validate update data', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
resetMocks()
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: true,
knowledgeBase: { id: 'kb-123', userId: 'user-123' },
})
const invalidData = {
name: '',
}
const req = createMockRequest('PUT', invalidData)
const response = await PUT(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(400)
expect(data.error).toBe('Validation error')
expect(data.details).toBeDefined()
})
it('should handle database errors during update', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: true,
knowledgeBase: { id: 'kb-123', userId: 'user-123' },
})
vi.mocked(updateKnowledgeBase).mockRejectedValueOnce(new Error('Database error'))
const req = createMockRequest('PUT', validUpdateData)
const response = await PUT(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(500)
expect(data.error).toBe('Failed to update knowledge base')
})
})
describe('DELETE /api/knowledge/[id]', () => {
const mockParams = Promise.resolve({ id: 'kb-123' })
it('should delete knowledge base successfully', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
resetMocks()
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: true,
knowledgeBase: { id: 'kb-123', userId: 'user-123' },
})
vi.mocked(deleteKnowledgeBase).mockResolvedValueOnce(undefined)
const req = createMockRequest('DELETE')
const response = await DELETE(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(200)
expect(data.success).toBe(true)
expect(data.data.message).toBe('Knowledge base deleted successfully')
expect(checkKnowledgeBaseWriteAccess).toHaveBeenCalledWith('kb-123', 'user-123')
expect(deleteKnowledgeBase).toHaveBeenCalledWith('kb-123', expect.any(String))
})
it('should return unauthorized for unauthenticated user', async () => {
authMockFns.mockGetSession.mockResolvedValue(null)
const req = createMockRequest('DELETE')
const response = await DELETE(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(401)
expect(data.error).toBe('Unauthorized')
})
it('should return not found for non-existent knowledge base', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
resetMocks()
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: false,
notFound: true,
})
const req = createMockRequest('DELETE')
const response = await DELETE(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(404)
expect(data.error).toBe('Knowledge base not found')
})
it('should return unauthorized for knowledge base owned by different user', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
resetMocks()
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: false,
notFound: false,
})
const req = createMockRequest('DELETE')
const response = await DELETE(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(401)
expect(data.error).toBe('Unauthorized')
})
it('should handle database errors during delete', async () => {
authMockFns.mockGetSession.mockResolvedValue({
user: { id: 'user-123', email: 'test@example.com' },
})
vi.mocked(checkKnowledgeBaseWriteAccess).mockResolvedValueOnce({
hasAccess: true,
knowledgeBase: { id: 'kb-123', userId: 'user-123' },
})
vi.mocked(deleteKnowledgeBase).mockRejectedValueOnce(new Error('Database error'))
const req = createMockRequest('DELETE')
const response = await DELETE(req, { params: mockParams })
const data = await response.json()
expect(response.status).toBe(500)
expect(data.error).toBe('Failed to delete knowledge base')
})
})
})