letsbe/pn-new-crm
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
cb83b09b2d151fcb158d69821d2226633a3ce87d
pn-new-crm/tests/integration/documents-expired-webhook.test.ts
Matt Ciaccio e2398099c4 test(audit-fixes): cover the new permission and webhook surfaces 
Adds integration coverage for the routes / handlers shipped in the
preceding audit-fix commits, plus refactors two route files to expose
inner handlers from a sibling `handlers.ts` (the pattern used elsewhere
in `src/app/api/v1`) so tests can call them without the
`withAuth(withPermission(…))` wrapper.

New tests (18 cases across 4 files):
- `tests/integration/portal-auth.test.ts` (6) — verifyPortalToken
  rejects tokens missing `aud: 'portal'` or `iss: 'pn-crm'`, with the
  wrong audience (CRM-session-replay shape) or wrong issuer, plus a
  round-trip happy path. Locks in the portal-vs-CRM token isolation.
- `tests/integration/api/saved-views-ownership.test.ts` (6) — patch
  and delete handlers return 403 for a different user, 404 for an
  unknown id or cross-port id, and 200 for the owner. Ownership is
  enforced at the route layer regardless of the service's internal
  filtering.
- `tests/integration/api/berth-reservations-list.test.ts` (3) — the
  new global list returns rows for the current port only and honors
  pagination params. A reservation in a different port never leaks.
- `tests/integration/documents-expired-webhook.test.ts` (3) —
  handleDocumentExpired flips the document to `expired`, also flips
  the linked interest's `eoiStatus`, writes a `documentEvents` row,
  and is a no-op (not a throw) when the documensoId is unknown.

Refactors:
- `src/app/api/v1/saved-views/[id]/route.ts` extracts `patchHandler` /
  `deleteHandler` (and the shared `assertViewOwner`) into
  `handlers.ts`. The route file is now a 4-line `withAuth(handler)`
  wrapper.
- `src/app/api/v1/berth-reservations/route.ts` extracts `listHandler`
  similarly. Tests import directly from `handlers.ts`.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-02 23:17:08 +02:00

93 lines
2.9 KiB
TypeScript
Raw Blame History

/**
* DOCUMENT_EXPIRED webhook handling — locks in fix(documenso). The handler
* was previously defined but never wired to the route's event switch, so
* expired EOIs stayed in `sent` / `partially_signed` forever.
*/
import { describe, expect, it } from 'vitest';
import { eq } from 'drizzle-orm';
import { db } from '@/lib/db';
import { documents, documentEvents } from '@/lib/db/schema/documents';
import { interests } from '@/lib/db/schema/interests';
import { handleDocumentExpired } from '@/lib/services/documents.service';
import { makeBerth, makeClient, makePort } from '../helpers/factories';
describe('handleDocumentExpired', () => {
it('flips a sent EOI to expired and writes a documentEvents row', async () => {
const port = await makePort();
const client = await makeClient({ portId: port.id });
const documensoId = `documenso-test-${Date.now()}`;
const [doc] = await db
.insert(documents)
.values({
portId: port.id,
clientId: client.id,
documentType: 'eoi',
title: 'Expiring EOI',
status: 'sent',
documensoId,
createdBy: 'seed',
})
.returning();
await handleDocumentExpired({ documentId: documensoId });
const after = await db.query.documents.findFirst({
where: eq(documents.id, doc!.id),
});
expect(after?.status).toBe('expired');
const events = await db
.select()
.from(documentEvents)
.where(eq(documentEvents.documentId, doc!.id));
expect(events.map((e) => e.eventType)).toContain('expired');
});
it('also flips the linked interest eoiStatus to expired', async () => {
const port = await makePort();
const client = await makeClient({ portId: port.id });
const berth = await makeBerth({ portId: port.id });
const [interest] = await db
.insert(interests)
.values({
portId: port.id,
clientId: client.id,
berthId: berth.id,
pipelineStage: 'eoi_sent',
leadCategory: 'hot_lead',
eoiStatus: 'sent',
})
.returning();
const documensoId = `documenso-test-${Date.now()}-i`;
await db.insert(documents).values({
portId: port.id,
clientId: client.id,
interestId: interest!.id,
documentType: 'eoi',
title: 'Expiring EOI for interest',
status: 'sent',
documensoId,
createdBy: 'seed',
});
await handleDocumentExpired({ documentId: documensoId });
const updatedInterest = await db.query.interests.findFirst({
where: eq(interests.id, interest!.id),
});
expect(updatedInterest?.eoiStatus).toBe('expired');
});
it('is a no-op when the documensoId does not match any document', async () => {
// Should NOT throw — the handler logs a warning and returns. Verify no
// exception propagates up to the webhook route.
await expect(
handleDocumentExpired({ documentId: 'definitely-not-a-real-doc' }),
).resolves.toBeUndefined();
});
});
Reference in New Issue View Git Blame Copy Permalink