phase 16 implementation
This commit is contained in:
@@ -0,0 +1,30 @@
|
||||
import { analyticsEventRegistry, validateAnalyticsEvent } from '@/lib/analytics/events';
|
||||
import { describe, expect, it } from 'vitest';
|
||||
|
||||
const context = {
|
||||
routeId: 'home',
|
||||
locale: 'en',
|
||||
direction: 'ltr',
|
||||
resolvedTheme: 'light',
|
||||
source: 'hero',
|
||||
} as const;
|
||||
|
||||
describe('analytics contract', () => {
|
||||
it('accepts allowlisted non-personal demo events', () => {
|
||||
expect(validateAnalyticsEvent('demo_open', context)).toEqual({ name: 'demo_open', context });
|
||||
});
|
||||
|
||||
it('rejects unknown events and payload properties', () => {
|
||||
expect(validateAnalyticsEvent('lead_created', context)).toBeNull();
|
||||
expect(
|
||||
validateAnalyticsEvent('demo_open', { ...context, email: 'person@example.test' }),
|
||||
).toBeNull();
|
||||
});
|
||||
|
||||
it('marks every registry entry as non-personal and consent-gated', () => {
|
||||
expect(analyticsEventRegistry.every((event) => !event.personalData)).toBe(true);
|
||||
expect(analyticsEventRegistry.every((event) => event.consentCategory === 'analytics')).toBe(
|
||||
true,
|
||||
);
|
||||
});
|
||||
});
|
||||
@@ -0,0 +1,22 @@
|
||||
import { isApplicationJson } from '@/lib/security/content-type';
|
||||
import { describe, expect, it } from 'vitest';
|
||||
|
||||
describe('demo API content type validation', () => {
|
||||
it.each([
|
||||
'application/json',
|
||||
'application/json; charset=utf-8',
|
||||
' Application/JSON ; charset=UTF-8',
|
||||
])('accepts %s', (value) => {
|
||||
expect(isApplicationJson(value)).toBe(true);
|
||||
});
|
||||
|
||||
it.each([
|
||||
null,
|
||||
'',
|
||||
'text/plain',
|
||||
'application/jsonp',
|
||||
'application/json-patch+json',
|
||||
])('rejects %s', (value) => {
|
||||
expect(isApplicationJson(value)).toBe(false);
|
||||
});
|
||||
});
|
||||
@@ -0,0 +1,46 @@
|
||||
import { demoLeadSchema, demoSubmissionEnvelopeSchema, fleetSizeValues } from '@/lib/demo/schema';
|
||||
import { describe, expect, it } from 'vitest';
|
||||
|
||||
const validLead = {
|
||||
fullName: ' Ada Example ',
|
||||
workEmail: ' ADA@EXAMPLE.TEST ',
|
||||
company: ' Rental Test Labs ',
|
||||
fleetSize: '25-49',
|
||||
market: '',
|
||||
preferredLanguage: 'en',
|
||||
message: ' Reservation workflow ',
|
||||
idempotencyKey: '154249a8-0c3c-4ad8-bda6-91b1ffb361a8',
|
||||
source: 'hero',
|
||||
} as const;
|
||||
|
||||
describe('demo lead schema', () => {
|
||||
it('normalizes approved fields without adding sales-enrichment data', () => {
|
||||
const result = demoLeadSchema.parse(validLead);
|
||||
expect(result).toEqual({
|
||||
...validLead,
|
||||
fullName: 'Ada Example',
|
||||
workEmail: 'ada@example.test',
|
||||
company: 'Rental Test Labs',
|
||||
market: undefined,
|
||||
message: 'Reservation workflow',
|
||||
});
|
||||
});
|
||||
|
||||
it('rejects unknown fields and unsupported fleet sizes', () => {
|
||||
expect(() => demoLeadSchema.parse({ ...validLead, phone: '+1 555 0100' })).toThrow();
|
||||
expect(() => demoLeadSchema.parse({ ...validLead, fleetSize: '5000+' })).toThrow();
|
||||
});
|
||||
|
||||
it('keeps the Phase 9 fleet ranges stable', () => {
|
||||
expect(fleetSizeValues).toEqual(['1-9', '10-24', '25-49', '50-99', '100-249', '250+']);
|
||||
});
|
||||
|
||||
it('rejects transport fields outside the approved envelope', () => {
|
||||
expect(() =>
|
||||
demoSubmissionEnvelopeSchema.parse({
|
||||
lead: validLead,
|
||||
guard: { honeypot: '', startedAtMs: 1, fingerprint: 'nope' },
|
||||
}),
|
||||
).toThrow();
|
||||
});
|
||||
});
|
||||
@@ -0,0 +1,27 @@
|
||||
import { destinationRegistry, resolveDestination } from '@/lib/integrations/destinations';
|
||||
import { describe, expect, it } from 'vitest';
|
||||
|
||||
describe('destination registry', () => {
|
||||
it('activates only the safe local demo destination', () => {
|
||||
const registry = destinationRegistry({ demoSubmissionEnabled: true, demoMode: 'local' });
|
||||
expect(registry['book-demo'].status).toBe('active');
|
||||
expect(registry['contact-sales'].status).toBe('blocked');
|
||||
expect(registry.login.status).toBe('blocked');
|
||||
expect(registry.pricing.status).toBe('placeholder');
|
||||
});
|
||||
|
||||
it('fails the demo destination closed when integration is disabled', () => {
|
||||
const registry = destinationRegistry({ demoSubmissionEnabled: false, demoMode: 'blocked' });
|
||||
expect(registry['book-demo'].status).toBe('blocked');
|
||||
});
|
||||
|
||||
it('resolves approved localized placeholder routes without guessing external URLs', () => {
|
||||
expect(
|
||||
resolveDestination('privacy', 'fr', { demoSubmissionEnabled: false, demoMode: 'blocked' })
|
||||
.href,
|
||||
).toBe('/fr/confidentialite');
|
||||
expect(
|
||||
resolveDestination('login', 'en', { demoSubmissionEnabled: false, demoMode: 'blocked' }).href,
|
||||
).toBeUndefined();
|
||||
});
|
||||
});
|
||||
@@ -0,0 +1,21 @@
|
||||
import { containsSensitiveKey, redactSensitive } from '@/lib/demo/redaction';
|
||||
import { describe, expect, it } from 'vitest';
|
||||
|
||||
describe('privacy-safe diagnostics', () => {
|
||||
it('redacts nested personal fields', () => {
|
||||
expect(
|
||||
redactSensitive({
|
||||
category: 'validation',
|
||||
lead: { workEmail: 'person@example.test', company: 'Example Rentals' },
|
||||
}),
|
||||
).toEqual({
|
||||
category: 'validation',
|
||||
lead: { workEmail: '[REDACTED]', company: '[REDACTED]' },
|
||||
});
|
||||
});
|
||||
|
||||
it('detects sensitive diagnostic structures', () => {
|
||||
expect(containsSensitiveKey({ context: { message: 'private' } })).toBe(true);
|
||||
expect(containsSensitiveKey({ category: 'timeout', correlationId: 'abc' })).toBe(false);
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user