archetecture security fix
This commit is contained in:
+195
@@ -0,0 +1,195 @@
|
||||
"use strict";
|
||||
var __importDefault = (this && this.__importDefault) || function (mod) {
|
||||
return (mod && mod.__esModule) ? mod : { "default": mod };
|
||||
};
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
exports.createCompanyWithEmployee = createCompanyWithEmployee;
|
||||
exports.createVehicle = createVehicle;
|
||||
exports.createCustomer = createCustomer;
|
||||
exports.createRenter = createRenter;
|
||||
exports.createAdminUser = createAdminUser;
|
||||
exports.createReservation = createReservation;
|
||||
exports.createRentalPayment = createRentalPayment;
|
||||
exports.createSubscriptionInvoice = createSubscriptionInvoice;
|
||||
exports.createCompanyNotification = createCompanyNotification;
|
||||
exports.createRenterNotification = createRenterNotification;
|
||||
exports.signEmployeeToken = signEmployeeToken;
|
||||
exports.signAdminToken = signAdminToken;
|
||||
exports.signRenterToken = signRenterToken;
|
||||
exports.authHeader = authHeader;
|
||||
const bcryptjs_1 = __importDefault(require("bcryptjs"));
|
||||
const prisma_1 = require("../../lib/prisma");
|
||||
const tokens_1 = require("../../security/tokens");
|
||||
let counter = 0;
|
||||
function uid() {
|
||||
return `${Date.now()}-${++counter}-${Math.random().toString(36).slice(2, 7)}`;
|
||||
}
|
||||
async function createCompanyWithEmployee(overrides = {}) {
|
||||
const slug = `test-${uid()}`;
|
||||
const company = await prisma_1.prisma.company.create({
|
||||
data: {
|
||||
name: `Test Company ${slug}`,
|
||||
slug,
|
||||
email: `company-${slug}@test.com`,
|
||||
status: (overrides.companyStatus ?? 'ACTIVE'),
|
||||
subscription: {
|
||||
create: { status: 'TRIALING', plan: 'STARTER' },
|
||||
},
|
||||
},
|
||||
});
|
||||
const employee = await prisma_1.prisma.employee.create({
|
||||
data: {
|
||||
companyId: company.id,
|
||||
clerkUserId: `clerk_${uid()}`,
|
||||
firstName: 'Test',
|
||||
lastName: 'User',
|
||||
email: `employee-${uid()}@test.com`,
|
||||
role: overrides.role ?? 'OWNER',
|
||||
},
|
||||
});
|
||||
return { company, employee };
|
||||
}
|
||||
async function createVehicle(companyId, overrides = {}) {
|
||||
return prisma_1.prisma.vehicle.create({
|
||||
data: {
|
||||
companyId,
|
||||
make: 'Toyota',
|
||||
model: 'Corolla',
|
||||
year: 2022,
|
||||
color: 'White',
|
||||
licensePlate: `PL-${uid()}`,
|
||||
dailyRate: 500,
|
||||
status: 'AVAILABLE',
|
||||
isPublished: true,
|
||||
pickupLocations: ['Casablanca'],
|
||||
allowDifferentDropoff: false,
|
||||
dropoffLocations: [],
|
||||
...overrides,
|
||||
},
|
||||
});
|
||||
}
|
||||
async function createCustomer(companyId, overrides = {}) {
|
||||
return prisma_1.prisma.customer.create({
|
||||
data: {
|
||||
companyId,
|
||||
firstName: 'Jane',
|
||||
lastName: 'Doe',
|
||||
email: `customer-${uid()}@test.com`,
|
||||
...overrides,
|
||||
},
|
||||
});
|
||||
}
|
||||
async function createRenter(overrides = {}) {
|
||||
return prisma_1.prisma.renter.create({
|
||||
data: {
|
||||
firstName: overrides.firstName ?? 'Renter',
|
||||
lastName: overrides.lastName ?? 'User',
|
||||
email: overrides.email ?? `renter-${uid()}@test.com`,
|
||||
passwordHash: await bcryptjs_1.default.hash(overrides.password ?? 'RenterPass123!', 10),
|
||||
isActive: overrides.isActive ?? true,
|
||||
},
|
||||
});
|
||||
}
|
||||
async function createAdminUser(overrides = {}) {
|
||||
return prisma_1.prisma.adminUser.create({
|
||||
data: {
|
||||
email: overrides.email ?? `admin-${uid()}@test.com`,
|
||||
firstName: overrides.firstName ?? 'Admin',
|
||||
lastName: overrides.lastName ?? 'User',
|
||||
passwordHash: await bcryptjs_1.default.hash(overrides.password ?? 'AdminPass123!', 10),
|
||||
role: (overrides.role ?? 'ADMIN'),
|
||||
isActive: overrides.isActive ?? true,
|
||||
totpEnabled: overrides.totpEnabled ?? false,
|
||||
totpSecret: overrides.totpSecret ?? null,
|
||||
},
|
||||
});
|
||||
}
|
||||
async function createReservation(companyId, vehicleId, customerId, overrides = {}) {
|
||||
return prisma_1.prisma.reservation.create({
|
||||
data: {
|
||||
companyId,
|
||||
vehicleId,
|
||||
customerId,
|
||||
startDate: new Date(Date.now() + 24 * 60 * 60 * 1000),
|
||||
endDate: new Date(Date.now() + 4 * 24 * 60 * 60 * 1000),
|
||||
dailyRate: 500,
|
||||
totalDays: 3,
|
||||
totalAmount: 1500,
|
||||
depositAmount: 300,
|
||||
status: 'CONFIRMED',
|
||||
paymentStatus: 'UNPAID',
|
||||
paidAmount: 0,
|
||||
...overrides,
|
||||
},
|
||||
});
|
||||
}
|
||||
async function createRentalPayment(companyId, reservationId, overrides = {}) {
|
||||
return prisma_1.prisma.rentalPayment.create({
|
||||
data: {
|
||||
companyId,
|
||||
reservationId,
|
||||
amount: 500,
|
||||
currency: 'MAD',
|
||||
status: 'SUCCEEDED',
|
||||
type: 'CHARGE',
|
||||
paymentProvider: 'AMANPAY',
|
||||
amanpayTransactionId: `aman-${uid()}`,
|
||||
paidAt: new Date(),
|
||||
...overrides,
|
||||
},
|
||||
});
|
||||
}
|
||||
async function createSubscriptionInvoice(companyId, subscriptionId, overrides = {}) {
|
||||
return prisma_1.prisma.subscriptionInvoice.create({
|
||||
data: {
|
||||
companyId,
|
||||
subscriptionId,
|
||||
amount: 2990,
|
||||
currency: 'MAD',
|
||||
status: 'PENDING',
|
||||
paymentProvider: 'AMANPAY',
|
||||
amanpayTransactionId: `sub-${uid()}`,
|
||||
...overrides,
|
||||
},
|
||||
});
|
||||
}
|
||||
async function createCompanyNotification(companyId, employeeId, overrides = {}) {
|
||||
return prisma_1.prisma.notification.create({
|
||||
data: {
|
||||
companyId,
|
||||
employeeId,
|
||||
type: 'PAYMENT_RECEIVED',
|
||||
title: 'Payment received',
|
||||
body: 'A payment was recorded.',
|
||||
channel: 'IN_APP',
|
||||
status: 'PENDING',
|
||||
...overrides,
|
||||
},
|
||||
});
|
||||
}
|
||||
async function createRenterNotification(renterId, overrides = {}) {
|
||||
return prisma_1.prisma.notification.create({
|
||||
data: {
|
||||
renterId,
|
||||
type: 'BOOKING_CONFIRMED',
|
||||
title: 'Booking confirmed',
|
||||
body: 'Your booking is confirmed.',
|
||||
channel: 'IN_APP',
|
||||
status: 'PENDING',
|
||||
...overrides,
|
||||
},
|
||||
});
|
||||
}
|
||||
function signEmployeeToken(employeeId, _companyId, _role = 'OWNER') {
|
||||
return (0, tokens_1.signActorToken)(employeeId, 'employee', { expiresIn: '1h' });
|
||||
}
|
||||
function signAdminToken(adminId) {
|
||||
return (0, tokens_1.signActorToken)(adminId, 'admin', { expiresIn: '1h', last2faAt: Date.now() });
|
||||
}
|
||||
function signRenterToken(renterId) {
|
||||
return (0, tokens_1.signActorToken)(renterId, 'renter', { expiresIn: '1h' });
|
||||
}
|
||||
function authHeader(token) {
|
||||
return { Authorization: `Bearer ${token}` };
|
||||
}
|
||||
//# sourceMappingURL=fixtures.js.map
|
||||
Reference in New Issue
Block a user