tests/unit/mentor-upload-token.test.ts

import { describe, expect, it, beforeAll } from 'vitest'
import {
  signMentorUploadToken, verifyMentorUploadToken,
  type MentorUploadPayload,
} from '../../src/lib/mentor-upload-token'

const samplePayload: MentorUploadPayload = {
  mentorAssignmentId: 'ma-123',
  projectId: 'proj-789',
  uploaderUserId: 'user-456',
  fileName: 'doc.pdf',
  mimeType: 'application/pdf',
  size: 12345,
  bucket: 'mopc-files',
  objectKey: 'Project/mentorship/123-doc.pdf',
  exp: Math.floor(Date.now() / 1000) + 3600,
}

beforeAll(() => {
  process.env.NEXTAUTH_SECRET = process.env.NEXTAUTH_SECRET || 'test-secret-123'
})

describe('mentor upload token', () => {
  it('round-trips a payload', () => {
    const token = signMentorUploadToken(samplePayload)
    expect(typeof token).toBe('string')
    expect(token.split('.').length).toBe(2) // payload.signature

    const verified = verifyMentorUploadToken(token)
    expect(verified.mentorAssignmentId).toBe('ma-123')
    expect(verified.objectKey).toBe('Project/mentorship/123-doc.pdf')
  })

  it('rejects a tampered payload', () => {
    const token = signMentorUploadToken(samplePayload)
    const [, sig] = token.split('.')
    const tamperedPayload = Buffer.from(JSON.stringify({ ...samplePayload, size: 999999 })).toString('base64url')
    const tampered = `${tamperedPayload}.${sig}`
    expect(() => verifyMentorUploadToken(tampered)).toThrow(/signature/i)
  })

  it('rejects a token with a different signature', () => {
    const token = signMentorUploadToken(samplePayload)
    const [payload] = token.split('.')
    const bad = `${payload}.0000000000000000000000000000000000000000000000000000000000000000`
    expect(() => verifyMentorUploadToken(bad)).toThrow(/signature/i)
  })

  it('rejects an expired token', () => {
    const expired = signMentorUploadToken({
      ...samplePayload,
      exp: Math.floor(Date.now() / 1000) - 60,
    })
    expect(() => verifyMentorUploadToken(expired)).toThrow(/expired/i)
  })

  it('rejects a malformed token', () => {
    expect(() => verifyMentorUploadToken('not-a-token')).toThrow()
    expect(() => verifyMentorUploadToken('one-segment')).toThrow()
  })
})
feat: mentor workspace files end-to-end with secure presign Adds generateMentorObjectKey helper producing <projectName>/mentorship/<timestamp>-<file>. Replaces the client-supplied bucket/objectKey on workspaceUploadFile with an HMAC-signed upload token that binds bucket, objectKey, uploader, and a 1h expiry — paths can no longer be forged from the client. Adds workspaceGetUploadUrl, workspaceGetFiles, workspaceGetFileDownloadUrl, workspaceDeleteFile procedures with mentor-or-team-member auth. Builds <WorkspaceFilesPanel> and wires it into the mentor workspace Files tab and the applicant /applicant/mentor page. Replaces the file-promotion-panel mock array with a real workspaceGetFiles query. Tests cover token sign/verify (5), key construction (5), and end-to-end procedure flow including auth + tampered tokens (7). Spec: docs/superpowers/specs/2026-04-28-mentor-round-readiness-design.md §F.1 Plan: docs/superpowers/plans/2026-04-28-pr2-mentor-workspace-files.md Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-28 13:33:18 +02:00			`import { describe, expect, it, beforeAll } from 'vitest'`
			`import {`
			`signMentorUploadToken, verifyMentorUploadToken,`
			`type MentorUploadPayload,`
			`} from '../../src/lib/mentor-upload-token'`

			`const samplePayload: MentorUploadPayload = {`
			`mentorAssignmentId: 'ma-123',`
feat(mentor-workspace): re-scope files from assignment to project for team-wide visibility - MentorFile.projectId is the new access boundary; mentorAssignmentId stays as informational audit FK (nullable). - uploadFile derives projectId from the assignment; getFiles takes projectId directly; deleteFile/addFileComment auth checks any mentor on the project OR a project team member. - HMAC upload token now binds to projectId (in addition to assignmentId). - promoteFile reads file.projectId directly (no more mentorAssignment null navigation). - Removes 3 placeholder NOT_FOUND guards added in Task 4. 2026-05-22 16:53:07 +02:00			`projectId: 'proj-789',`
feat: mentor workspace files end-to-end with secure presign Adds generateMentorObjectKey helper producing <projectName>/mentorship/<timestamp>-<file>. Replaces the client-supplied bucket/objectKey on workspaceUploadFile with an HMAC-signed upload token that binds bucket, objectKey, uploader, and a 1h expiry — paths can no longer be forged from the client. Adds workspaceGetUploadUrl, workspaceGetFiles, workspaceGetFileDownloadUrl, workspaceDeleteFile procedures with mentor-or-team-member auth. Builds <WorkspaceFilesPanel> and wires it into the mentor workspace Files tab and the applicant /applicant/mentor page. Replaces the file-promotion-panel mock array with a real workspaceGetFiles query. Tests cover token sign/verify (5), key construction (5), and end-to-end procedure flow including auth + tampered tokens (7). Spec: docs/superpowers/specs/2026-04-28-mentor-round-readiness-design.md §F.1 Plan: docs/superpowers/plans/2026-04-28-pr2-mentor-workspace-files.md Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-28 13:33:18 +02:00			`uploaderUserId: 'user-456',`
			`fileName: 'doc.pdf',`
			`mimeType: 'application/pdf',`
			`size: 12345,`
			`bucket: 'mopc-files',`
			`objectKey: 'Project/mentorship/123-doc.pdf',`
			`exp: Math.floor(Date.now() / 1000) + 3600,`
			`}`

			`beforeAll(() => {`
			`process.env.NEXTAUTH_SECRET = process.env.NEXTAUTH_SECRET \|\| 'test-secret-123'`
			`})`

			`describe('mentor upload token', () => {`
			`it('round-trips a payload', () => {`
			`const token = signMentorUploadToken(samplePayload)`
			`expect(typeof token).toBe('string')`
			`expect(token.split('.').length).toBe(2) // payload.signature`

			`const verified = verifyMentorUploadToken(token)`
			`expect(verified.mentorAssignmentId).toBe('ma-123')`
			`expect(verified.objectKey).toBe('Project/mentorship/123-doc.pdf')`
			`})`

			`it('rejects a tampered payload', () => {`
			`const token = signMentorUploadToken(samplePayload)`
			`const [, sig] = token.split('.')`
			`const tamperedPayload = Buffer.from(JSON.stringify({ ...samplePayload, size: 999999 })).toString('base64url')`
			const tampered = `${tamperedPayload}.${sig}`
			`expect(() => verifyMentorUploadToken(tampered)).toThrow(/signature/i)`
			`})`

			`it('rejects a token with a different signature', () => {`
			`const token = signMentorUploadToken(samplePayload)`
			`const [payload] = token.split('.')`
			const bad = `${payload}.0000000000000000000000000000000000000000000000000000000000000000`
			`expect(() => verifyMentorUploadToken(bad)).toThrow(/signature/i)`
			`})`

			`it('rejects an expired token', () => {`
			`const expired = signMentorUploadToken({`
			`...samplePayload,`
			`exp: Math.floor(Date.now() / 1000) - 60,`
			`})`
			`expect(() => verifyMentorUploadToken(expired)).toThrow(/expired/i)`
			`})`

			`it('rejects a malformed token', () => {`
			`expect(() => verifyMentorUploadToken('not-a-token')).toThrow()`
			`expect(() => verifyMentorUploadToken('one-segment')).toThrow()`
			`})`
			`})`