feat(assistant): extend audit and import parity

2026-03-29 12:56:29 +02:00
parent 47e4d701ff
commit 00b936fa1f
6 changed files with 699 additions and 86 deletions
@@ -0,0 +1,127 @@
+import { describe, expect, it, vi } from "vitest";
+import { PermissionKey, SystemRole } from "@capakraken/shared";
+
+vi.mock("@capakraken/application", async (importOriginal) => {
+  const actual = await importOriginal<typeof import("@capakraken/application")>();
+  return {
+    ...actual,
+    getDashboardBudgetForecast: vi.fn().mockResolvedValue([]),
+    getDashboardPeakTimes: vi.fn().mockResolvedValue([]),
+    listAssignmentBookings: vi.fn().mockResolvedValue([]),
+  };
+});
+
+import { executeTool, type ToolContext } from "../router/assistant-tools.js";
+
+function createToolContext(
+  db: Record<string, unknown>,
+  options?: {
+    permissions?: PermissionKey[];
+    userRole?: SystemRole;
+  },
+): ToolContext {
+  const userRole = options?.userRole ?? SystemRole.ADMIN;
+  return {
+    db: db as ToolContext["db"],
+    userId: "user_1",
+    userRole,
+    permissions: new Set(options?.permissions ?? []),
+    session: {
+      user: { email: "assistant@example.com", name: "Assistant User", image: null },
+      expires: "2026-03-29T00:00:00.000Z",
+    },
+    dbUser: {
+      id: "user_1",
+      systemRole: userRole,
+      permissionOverrides: null,
+    },
+    roleDefaults: null,
+  };
+}
+
+describe("assistant import/export and dispo tools", () => {
+  it("exports resources CSV through the real import/export router path", async () => {
+    const ctx = createToolContext(
+      {
+        resource: {
+          findMany: vi.fn().mockResolvedValue([
+            {
+              eid: "EMP-001",
+              displayName: "Carol Danvers",
+              email: "carol@example.com",
+              chapter: "Delivery",
+              lcrCents: 8000,
+              ucrCents: 12000,
+              currency: "EUR",
+              chargeabilityTarget: 0.8,
+              dynamicFields: {},
+            },
+          ]),
+        },
+        blueprint: {
+          findMany: vi.fn().mockResolvedValue([]),
+        },
+      },
+      { userRole: SystemRole.CONTROLLER },
+    );
+
+    const result = await executeTool("export_resources_csv", "{}", ctx);
+
+    expect(JSON.parse(result.content)).toEqual({
+      format: "csv",
+      lineCount: 2,
+      csv: "eid,displayName,email,chapter,lcrCents,ucrCents,currency,chargeabilityTarget\nEMP-001,Carol Danvers,carol@example.com,Delivery,8000,12000,EUR,0.8",
+    });
+  });
+
+  it("requires importData permission for CSV imports", async () => {
+    const ctx = createToolContext(
+      {
+        auditLog: { create: vi.fn() },
+      },
+      {
+        userRole: SystemRole.MANAGER,
+        permissions: [],
+      },
+    );
+
+    const result = await executeTool(
+      "import_csv_data",
+      JSON.stringify({
+        entityType: "resources",
+        rows: [{ eid: "EMP-001", displayName: "Carol Danvers" }],
+        dryRun: true,
+      }),
+      ctx,
+    );
+
+    expect(JSON.parse(result.content)).toEqual(
+      expect.objectContaining({
+        error: expect.stringContaining(PermissionKey.IMPORT_DATA),
+      }),
+    );
+  });
+
+  it("enforces admin access for dispo batch inspection via the backing router", async () => {
+    const ctx = createToolContext(
+      {
+        importBatch: {
+          findUnique: vi.fn(),
+        },
+      },
+      { userRole: SystemRole.MANAGER },
+    );
+
+    const result = await executeTool(
+      "get_dispo_import_batch",
+      JSON.stringify({ id: "batch_1" }),
+      ctx,
+    );
+
+    expect(JSON.parse(result.content)).toEqual(
+      expect.objectContaining({
+        error: expect.stringContaining("Admin role required"),
+      }),
+    );
+  });
+});