feat(platform): harden access scoping and delivery baseline

2026-03-30 00:27:31 +02:00
parent 00b936fa1f
commit 819345acfa
109 changed files with 26142 additions and 8081 deletions
@@ -0,0 +1,124 @@
+import { SystemRole } from "@capakraken/shared";
+import { describe, expect, it, vi } from "vitest";
+import { auditLogRouter } from "../router/audit-log.js";
+import { createCallerFactory } from "../trpc.js";
+
+const createCaller = createCallerFactory(auditLogRouter);
+
+function createControllerCaller(db: Record<string, unknown>) {
+  return createCaller({
+    session: {
+      user: { email: "controller@example.com", name: "Controller", image: null },
+      expires: "2099-01-01T00:00:00.000Z",
+    },
+    db: db as never,
+    dbUser: {
+      id: "user_1",
+      systemRole: SystemRole.CONTROLLER,
+      permissionOverrides: null,
+    },
+  });
+}
+
+describe("audit log router detail endpoints", () => {
+  it("returns formatted list detail rows with ISO timestamps", async () => {
+    const db = {
+      auditLog: {
+        findMany: vi.fn().mockResolvedValue([
+          {
+            id: "audit_1",
+            entityType: "project",
+            entityId: "project_1",
+            entityName: "Apollo",
+            action: "updated",
+            userId: "user_1",
+            source: "ui",
+            summary: "Changed budget",
+            createdAt: new Date("2026-03-29T12:00:00.000Z"),
+            user: {
+              id: "user_1",
+              name: "Controller User",
+              email: "controller@example.com",
+            },
+          },
+        ]),
+      },
+    };
+
+    const caller = createControllerCaller(db);
+    const result = await caller.listDetail({ limit: 10 });
+
+    expect(result).toEqual({
+      items: [
+        {
+          id: "audit_1",
+          entityType: "project",
+          entityId: "project_1",
+          entityName: "Apollo",
+          action: "updated",
+          userId: "user_1",
+          source: "ui",
+          summary: "Changed budget",
+          createdAt: "2026-03-29T12:00:00.000Z",
+          user: {
+            id: "user_1",
+            name: "Controller User",
+            email: "controller@example.com",
+          },
+        },
+      ],
+      nextCursor: null,
+    });
+  });
+
+  it("returns formatted timeline detail grouped by date", async () => {
+    const db = {
+      auditLog: {
+        findMany: vi.fn().mockResolvedValue([
+          {
+            id: "audit_2",
+            entityType: "resource",
+            entityId: "resource_1",
+            entityName: "Peter Parker",
+            action: "updated",
+            userId: "user_2",
+            source: "assistant",
+            summary: "Updated location",
+            changes: { city: ["Hamburg", "Munich"] },
+            createdAt: new Date("2026-03-30T08:00:00.000Z"),
+            user: {
+              id: "user_2",
+              name: "Audit User",
+              email: "audit@example.com",
+            },
+          },
+        ]),
+      },
+    };
+
+    const caller = createControllerCaller(db);
+    const result = await caller.getTimelineDetail({ limit: 10 });
+
+    expect(result).toEqual({
+      "2026-03-30": [
+        {
+          id: "audit_2",
+          entityType: "resource",
+          entityId: "resource_1",
+          entityName: "Peter Parker",
+          action: "updated",
+          userId: "user_2",
+          source: "assistant",
+          summary: "Updated location",
+          createdAt: "2026-03-30T08:00:00.000Z",
+          changes: { city: ["Hamburg", "Munich"] },
+          user: {
+            id: "user_2",
+            name: "Audit User",
+            email: "audit@example.com",
+          },
+        },
+      ],
+    });
+  });
+});