hub-calendar-self-hosted-route.test.mjs
sha256:65ccb454656ea5acdea0a10e559b78bcde1eb6ff753ecc2911bc99d1c3d7cadd
feat(calendar): enforce agent context tiers in retrieval AP…
Human
minor
⚠ breaking
2 days ago
| 1 | /** |
| 2 | * Self-hosted Hub calendar routes — contract tests (Phase 1B). |
| 3 | */ |
| 4 | import { describe, it } from 'node:test'; |
| 5 | import assert from 'node:assert/strict'; |
| 6 | import fs from 'node:fs'; |
| 7 | import path from 'node:path'; |
| 8 | import { fileURLToPath } from 'node:url'; |
| 9 | |
| 10 | const __dirname = path.dirname(fileURLToPath(import.meta.url)); |
| 11 | const repoRoot = path.dirname(__dirname); |
| 12 | |
| 13 | function readRepoFile(relativePath) { |
| 14 | return fs.readFileSync(path.join(repoRoot, relativePath), 'utf8'); |
| 15 | } |
| 16 | |
| 17 | function timelineRouteSource() { |
| 18 | const src = readRepoFile('hub/server.mjs'); |
| 19 | const start = src.indexOf("app.get('/api/v1/calendar/timeline'"); |
| 20 | const end = src.indexOf('// GET /api/v1/calendar/source-calendars', start); |
| 21 | assert.notEqual(start, -1); |
| 22 | assert.notEqual(end, -1); |
| 23 | return src.slice(start, end); |
| 24 | } |
| 25 | |
| 26 | describe('self-hosted Hub calendar timeline route', () => { |
| 27 | it('unit: registers calendar routes behind auth, rate limit, and vault access', () => { |
| 28 | const src = readRepoFile('hub/server.mjs'); |
| 29 | assert.match(src, /app\.use\('\/api\/v1\/calendar', jwtAuth, apiLimiter, requireVaultAccess\)/); |
| 30 | assert.match(src, /buildCalendarTimeline/); |
| 31 | assert.match(src, /listSourceCalendarsForClient/); |
| 32 | assert.match(src, /from '\.\.\/lib\/calendar\/timeline\.mjs'/); |
| 33 | assert.match(src, /app\.get\('\/api\/v1\/calendar\/timeline'/); |
| 34 | assert.match(src, /app\.post\('\/api\/v1\/calendar\/events\/import'/); |
| 35 | }); |
| 36 | |
| 37 | it('integration: timeline route delegates to buildCalendarTimeline only', () => { |
| 38 | const route = timelineRouteSource(); |
| 39 | assert.match(route, /buildCalendarTimeline\(/); |
| 40 | assert.match(route, /req\.vaultPath/); |
| 41 | assert.doesNotMatch(route, /parseIcsToEvents|oauth|google|microsoft/i); |
| 42 | }); |
| 43 | |
| 44 | it('end-to-end: OpenAPI documents calendar timeline and import endpoints', () => { |
| 45 | const api = readRepoFile('docs/openapi.yaml'); |
| 46 | assert.match(api, /\/calendar\/timeline:/); |
| 47 | assert.match(api, /knowtation\.calendar_timeline\/v0/); |
| 48 | assert.match(api, /\/calendar\/events\/import:/); |
| 49 | assert.match(api, /\/calendar\/source-calendars\/\{id\}:/); |
| 50 | assert.match(api, /SourceCalendarPatchRequest/); |
| 51 | }); |
| 52 | |
| 53 | it('security: import route requires editor/admin and never returns oauth_ref', () => { |
| 54 | const src = readRepoFile('hub/server.mjs'); |
| 55 | assert.match(src, /app\.post\('\/api\/v1\/calendar\/events\/import', requireRole\('editor', 'admin'\)/); |
| 56 | assert.match(src, /app\.patch\('\/api\/v1\/calendar\/source-calendars\/:id', requireRole\('editor', 'admin'\)/); |
| 57 | assert.doesNotMatch(src, /oauth_ref/); |
| 58 | }); |
| 59 | }); |
File History
1 commit
sha256:65ccb454656ea5acdea0a10e559b78bcde1eb6ff753ecc2911bc99d1c3d7cadd
feat(calendar): enforce agent context tiers in retrieval AP…
Human
minor
⚠
2 days ago