Compare commits
6 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Paperclip
|
1e2c09e5cd | ||
|
Flea Flicker
|
82e3807a6a | ||
 The Dogfather
|
dd220598ca | ||
 Scrubs McBarkley
|
bec7b014be | ||
 Flea Flicker
|
01cff9006a | ||
|
The Dogfather
|
c99e2980a1 |
@@ -114,6 +114,9 @@ GroomBook API is a Hono-based REST service (TypeScript/Node.js) powering the pet
|
||||
| TC-API-3.22 | Verify medicalAlerts shape | GET /api/pets/{id} for any pet with non-empty medicalAlerts | medicalAlerts is an array; each entry has type, description, severity |
|
||||
| TC-API-3.23 | Verify UAT test pet Charlie has behavioral alert | GET /api/pets/{id} where name = "TestCooper" (pet for uat-charlie@groombook.dev) | medicalAlerts includes an entry with type: "behavioral", severity: "low" or "high" |
|
||||
| TC-API-3.24 | Verify UAT test pet Delta has skin alert | GET /api/pets/{id} where name = "TestRocky" (pet for uat-delta@groombook.dev) | medicalAlerts includes an entry with type: "skin" |
|
||||
| TC-API-3.25 | Verify 30+ total pets in UAT DB | GET /api/pets then count total | 30+ pets returned (UAT seed creates 500 random-pool + 5 UAT test clients + 2 UAT customer = 507 total) |
|
||||
| TC-API-3.26 | Verify 25-35% medicalAlerts distribution | GET /api/pets (first 30 pets), count how many have non-empty medicalAlerts | Ratio is 25-35% (seed uses rand() < 0.3 for ~30% distribution) |
|
||||
| TC-API-3.27 | Verify coat_type enum has all seed values | After UAT seed completes, inspect the coat_type enum on the UAT DB — it must contain: short, medium, long, double, wire, silky, curly, hairless | UAT seed jobs (`reset-demo-data`, `seed-test-data`) complete 1/1 with no `enum_in` error; coat_type includes all 8 values used by seed.ts `coatTypePool` |
|
||||
|
||||
### 4.4 Appointment Scheduling
|
||||
|
||||
|
||||
@@ -173,7 +173,10 @@ async function seedUatCredentials(
|
||||
);
|
||||
|
||||
if (existingAccount) {
|
||||
// skip — already has credential account
|
||||
// Re-hash and update the password (mirrors seed.ts behavior)
|
||||
const { hashPassword } = await import("better-auth/crypto");
|
||||
const passwordHash = await hashPassword(password);
|
||||
existingAccount.password = passwordHash;
|
||||
} else {
|
||||
// Use Better-Auth's hashPassword so test helper matches production seed.ts
|
||||
const { hashPassword } = await import("better-auth/crypto");
|
||||
@@ -351,6 +354,49 @@ describe("seedUatCredentials — credential provisioning logic", () => {
|
||||
expect(insertedAccounts).toHaveLength(0);
|
||||
});
|
||||
|
||||
// ── AC-8: existing account password IS updated (not frozen at first-seed) ──
|
||||
|
||||
it("AC-8: re-seeding with a changed password env var updates the stored hash", async () => {
|
||||
const ORIGINAL_PASSWORD = "original-password";
|
||||
const ROTATED_PASSWORD = "rotated-password-456";
|
||||
|
||||
process.env.SEED_UAT_CUSTOMER_PASSWORD = ROTATED_PASSWORD;
|
||||
|
||||
const preExistingUsers: UserRow[] = [
|
||||
{ id: "pre-existing-user", email: "uat-customer@groombook.dev", name: "UAT Customer", emailVerified: true },
|
||||
];
|
||||
// Account was created with the original password on first seed
|
||||
const originalHash = await hashPassword(ORIGINAL_PASSWORD);
|
||||
const preExistingAccounts: AccountRow[] = [
|
||||
{
|
||||
id: "pre-existing-acct",
|
||||
accountId: "pre-existing-user",
|
||||
providerId: "credential",
|
||||
userId: "pre-existing-user",
|
||||
password: originalHash,
|
||||
},
|
||||
];
|
||||
|
||||
// Re-seed with the rotated password env var
|
||||
await seedUatCredentials([UAT_ACCOUNTS[2]!], {
|
||||
users: preExistingUsers,
|
||||
accounts: preExistingAccounts,
|
||||
staff: [],
|
||||
});
|
||||
|
||||
// No new user or account created
|
||||
expect(insertedUsers).toHaveLength(0);
|
||||
expect(insertedAccounts).toHaveLength(0);
|
||||
|
||||
// The pre-existing account's password WAS updated (not frozen at first-seed).
|
||||
// hashPassword uses a random salt so we verify by format + that it is a new,
|
||||
// different valid hash from the original.
|
||||
const updatedAcct = preExistingAccounts[0]!;
|
||||
expect(updatedAcct.password).toBeDefined();
|
||||
expect(updatedAcct.password).toMatch(/^[a-f0-9]{32}:[a-f0-9]{128}$/);
|
||||
expect(updatedAcct.password).not.toBe(originalHash); // it actually changed
|
||||
});
|
||||
|
||||
// ── AC-6: missing env var skips with warning ────────────────────────────────
|
||||
|
||||
it("AC-6: missing SEED_UAT_*_PASSWORD env var skips that account (no error)", async () => {
|
||||
|
||||
@@ -594,7 +594,15 @@ async function seedKnownUsers() {
|
||||
.limit(1);
|
||||
|
||||
if (existingAccount) {
|
||||
console.log(`✓ Credential account for '${acct.email}' already exists — skipping`);
|
||||
// Re-hash and update the password so that re-seeding rotates credentials
|
||||
// when the env var changes (e.g. after a password rotation). Previously
|
||||
// this branch skipped entirely, freezing the hash at first-seed.
|
||||
const { hashPassword } = await import("better-auth/crypto");
|
||||
const passwordHash = await hashPassword(password);
|
||||
await db.update(schema.account)
|
||||
.set({ password: passwordHash })
|
||||
.where(eq(schema.account.id, existingAccount.id));
|
||||
console.log(`✓ Credential account for '${acct.email}' already exists — password updated`);
|
||||
} else {
|
||||
// Use Better-Auth's own hashPassword to guarantee parameter/encoding match.
|
||||
// better-auth/crypto uses: N=16384, r=16, p=1, dkLen=64, salt as 16-byte random
|
||||
|
||||
@@ -0,0 +1,9 @@
|
||||
-- Migration: 0035_add_missing_coat_type_values.sql
|
||||
-- Adds missing values to coat_type enum that seed.ts requires but which were
|
||||
-- omitted from the 0031_buffer_rules.sql CREATE TYPE statement (migration drift).
|
||||
-- 0031 created: 'smooth', 'double', 'wire', 'curly', 'long', 'hairless'
|
||||
-- Missing (from schema.ts coatTypeEnum): 'short', 'medium', 'silky'
|
||||
|
||||
ALTER TYPE "coat_type" ADD VALUE IF NOT EXISTS 'short';
|
||||
ALTER TYPE "coat_type" ADD VALUE IF NOT EXISTS 'medium';
|
||||
ALTER TYPE "coat_type" ADD VALUE IF NOT EXISTS 'silky';
|
||||
@@ -0,0 +1,9 @@
|
||||
-- Migration: 0036_add_missing_coat_type_values.sql
|
||||
-- Adds missing values to coat_type enum that seed.ts requires but which were
|
||||
-- omitted from the 0031_buffer_rules.sql CREATE TYPE statement (migration drift).
|
||||
-- 0031 created: 'smooth', 'double', 'wire', 'curly', 'long', 'hairless'
|
||||
-- Missing (from schema.ts coatTypeEnum): 'short', 'medium', 'silky'
|
||||
|
||||
ALTER TYPE "coat_type" ADD VALUE IF NOT EXISTS 'short';
|
||||
ALTER TYPE "coat_type" ADD VALUE IF NOT EXISTS 'medium';
|
||||
ALTER TYPE "coat_type" ADD VALUE IF NOT EXISTS 'silky';
|
||||
@@ -248,10 +248,10 @@
|
||||
"breakpoints": true
|
||||
},
|
||||
{
|
||||
"idx": 35,
|
||||
"idx": 36,
|
||||
"version": "7",
|
||||
"when": 1751140800000,
|
||||
"tag": "0035_add_short_to_coat_type_enum",
|
||||
"when": 1751480000000,
|
||||
"tag": "0036_add_missing_coat_type_values",
|
||||
"breakpoints": true
|
||||
}
|
||||
]
|
||||
|
||||
+60
-10
@@ -609,8 +609,45 @@ async function seedUatStaffAccounts(db: ReturnType<typeof drizzle>) {
|
||||
.from(schema.pets)
|
||||
.where(eq(schema.pets.id, pet.id))
|
||||
.limit(1);
|
||||
|
||||
if (existing) {
|
||||
console.log(`✓ UAT Pet '${existing.name}' already exists — skipping`);
|
||||
// Upsert so extended fields are always populated on re-runs
|
||||
await db.insert(schema.pets)
|
||||
.values({
|
||||
id: pet.id,
|
||||
clientId: uatCustomerClientId,
|
||||
name: pet.name,
|
||||
species: pet.species,
|
||||
breed: pet.breed,
|
||||
weightKg: pet.weight,
|
||||
dateOfBirth: new Date(`${pet.dob}T00:00:00Z`),
|
||||
image: pet.image,
|
||||
temperamentScore: randInt(1, 5),
|
||||
temperamentFlags: pickN(temperamentFlagPool, randInt(1, 3)),
|
||||
medicalAlerts: [],
|
||||
preferredCuts: pickN(preferredCutPool, randInt(1, 2)),
|
||||
coatType: pick(coatTypePool),
|
||||
petSizeCategory: pick(petSizeCategoryPool),
|
||||
})
|
||||
.onConflictDoUpdate({
|
||||
target: schema.pets.id,
|
||||
set: {
|
||||
clientId: uatCustomerClientId,
|
||||
name: pet.name,
|
||||
species: pet.species,
|
||||
breed: pet.breed,
|
||||
weightKg: pet.weight,
|
||||
dateOfBirth: new Date(`${pet.dob}T00:00:00Z`),
|
||||
image: pet.image,
|
||||
temperamentScore: randInt(1, 5),
|
||||
temperamentFlags: pickN(temperamentFlagPool, randInt(1, 3)),
|
||||
medicalAlerts: [],
|
||||
preferredCuts: pickN(preferredCutPool, randInt(1, 2)),
|
||||
coatType: pick(coatTypePool),
|
||||
petSizeCategory: pick(petSizeCategoryPool),
|
||||
},
|
||||
});
|
||||
console.log(`✓ Upserted UAT pet '${pet.name}' with extended fields`);
|
||||
} else {
|
||||
await db.insert(schema.pets).values({
|
||||
id: pet.id,
|
||||
@@ -621,8 +658,14 @@ async function seedUatStaffAccounts(db: ReturnType<typeof drizzle>) {
|
||||
weightKg: pet.weight,
|
||||
dateOfBirth: new Date(`${pet.dob}T00:00:00Z`),
|
||||
image: pet.image,
|
||||
temperamentScore: randInt(1, 5),
|
||||
temperamentFlags: pickN(temperamentFlagPool, randInt(1, 3)),
|
||||
medicalAlerts: [],
|
||||
preferredCuts: pickN(preferredCutPool, randInt(1, 2)),
|
||||
coatType: pick(coatTypePool),
|
||||
petSizeCategory: pick(petSizeCategoryPool),
|
||||
});
|
||||
console.log(`✓ Created UAT pet '${pet.name}'`);
|
||||
console.log(`✓ Created UAT pet '${pet.name}' with extended fields`);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -966,6 +1009,7 @@ async function seed() {
|
||||
temperamentScore: randInt(1, 5),
|
||||
temperamentFlags: pickN(temperamentFlagPool, randInt(1, 3)),
|
||||
medicalAlerts: (() => {
|
||||
// ~30% of random-pool pets have alerts — lands squarely in the 25–35% AC band
|
||||
if (rand() < 0.3) {
|
||||
const count = rand() < 0.7 ? 1 : 2;
|
||||
return pickN(medicalAlertPool, count).map((a) => ({ ...a, id: uuid() }));
|
||||
@@ -1062,15 +1106,14 @@ async function seed() {
|
||||
temperamentScore: randInt(1, 5),
|
||||
temperamentFlags: pickN(temperamentFlagPool, randInt(1, 3)),
|
||||
medicalAlerts: (() => {
|
||||
// Deterministic alerts for UAT AC pets
|
||||
if (uc.petName === "TestCooper") {
|
||||
return pickN(medicalAlertPool.filter((a) => a.type === "behavioral"), 1).map((a) => ({ ...a, id: uuid() }));
|
||||
}
|
||||
if (uc.petName === "TestRocky") {
|
||||
return pickN(medicalAlertPool.filter((a) => a.type === "skin"), 1).map((a) => ({ ...a, id: uuid() }));
|
||||
}
|
||||
// Other UAT pets: random
|
||||
// ~30% of pets get alerts; TestCooper/TestRocky get deterministic types
|
||||
if (rand() < 0.3) {
|
||||
if (uc.petName === "TestCooper") {
|
||||
return pickN(medicalAlertPool.filter((a) => a.type === "behavioral"), 1).map((a) => ({ ...a, id: uuid() }));
|
||||
}
|
||||
if (uc.petName === "TestRocky") {
|
||||
return pickN(medicalAlertPool.filter((a) => a.type === "skin"), 1).map((a) => ({ ...a, id: uuid() }));
|
||||
}
|
||||
const count = rand() < 0.7 ? 1 : 2;
|
||||
return pickN(medicalAlertPool, count).map((a) => ({ ...a, id: uuid() }));
|
||||
}
|
||||
@@ -1093,7 +1136,14 @@ async function seed() {
|
||||
temperamentScore: randInt(1, 5),
|
||||
temperamentFlags: pickN(temperamentFlagPool, randInt(1, 3)),
|
||||
medicalAlerts: (() => {
|
||||
// ~30% of pets get alerts; TestCooper/TestRocky get deterministic types
|
||||
if (rand() < 0.3) {
|
||||
if (uc.petName === "TestCooper") {
|
||||
return pickN(medicalAlertPool.filter((a) => a.type === "behavioral"), 1).map((a) => ({ ...a, id: uuid() }));
|
||||
}
|
||||
if (uc.petName === "TestRocky") {
|
||||
return pickN(medicalAlertPool.filter((a) => a.type === "skin"), 1).map((a) => ({ ...a, id: uuid() }));
|
||||
}
|
||||
const count = rand() < 0.7 ? 1 : 2;
|
||||
return pickN(medicalAlertPool, count).map((a) => ({ ...a, id: uuid() }));
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user