284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
32 lines
1.8 KiB
TypeScript
32 lines
1.8 KiB
TypeScript
import { readFileSync } from 'node:fs';
|
|
import path from 'node:path';
|
|
import { describe, expect, it } from 'vitest';
|
|
|
|
const readActionSource = () => readFileSync(path.resolve(__dirname, '../src/actions/quoteActions.ts'), 'utf8');
|
|
|
|
describe('billing quote authorization kernel contracts', () => {
|
|
const source = readActionSource();
|
|
|
|
it('T022: keeps selected quote visibility + approval mutation guards on shared kernel with bundle narrowing', () => {
|
|
expect(source).toContain('export const getQuote = withAuth(async (');
|
|
expect(source).toContain('export const listQuotes = withAuth(async (');
|
|
expect(source).toContain('export const approveQuote = withAuth(async (');
|
|
expect(source).toContain("type: 'billing'");
|
|
expect(source).toContain("action: 'read'");
|
|
expect(source).toContain("action: 'approve'");
|
|
expect(source).toContain("code: 'billing_not_self_approver_denied'");
|
|
expect(source).toContain('bundleProvider: new BundleAuthorizationKernelProvider({');
|
|
expect(source).toContain('return await resolveBundleNarrowingRulesForEvaluation(knex, input);');
|
|
expect(source).toContain('const mutationDecision = await authorizationKernel.authorizeMutation({');
|
|
});
|
|
|
|
it('T023: redacts configured fields on allowed quote records without changing base access decision', () => {
|
|
expect(source).toContain('function applyQuoteRedactions<T extends object>(value: T, redactedFields: string[]): T');
|
|
expect(source).toContain('return applyQuoteRedactions(quote, decision.redactedFields);');
|
|
expect(source).toContain('const redactedData = await Promise.all(');
|
|
expect(source).toContain('authorizedPage.data.map(async (quote) => {');
|
|
expect(source).toContain('return applyQuoteRedactions(quote, decision.redactedFields ?? []);');
|
|
expect(source).toContain('total: authorizedPage.total,');
|
|
});
|
|
});
|