feat: sales activities, forecast products, catalog categories, member cache, procurement filters, and comprehensive tests

New features: - ActivityController and manager for CW sales activities (CRUD) - ForecastProductController for opportunity forecast/product lines - CW member cache with dual-layer (in-memory + Redis) resolution - Catalog category/subcategory/ecosystem taxonomy module - Quote statuses type definitions with CW mapping - User-defined fields (UDF) module with cache and event refresh - Company sites CW module with serialization - Procurement manager filters (category, ecosystem, manufacturer, price, stock) - Opportunity notes CRUD and product line management via CW API - Opportunity type definitions endpoint Updates: - OpportunityController: CW refresh, company hydration, activities, custom fields - UserController: cwIdentifier field for CW member linking - CatalogItemController: category/subcategory fields from CW - PermissionNodes: sales note/product CRUD nodes, subCategories, collectPermissions - API routes: procurement categories/filters, sales notes/products, opportunity types - Global events: UDF and member refresh intervals on startup Tests (414 passing): - ActivityController, ForecastProductController, OpportunityController unit tests - UserController cwIdentifier tests - catalogCategories, companySites, memberCache, procurement module tests - activityTypes, opportunityTypes, quoteStatuses type tests - permissionNodes subCategories and getAllPermissionNodes tests - Updated test setup with redis mock, API method mocks, and builder helpers
2026-03-01 13:19:00 -06:00
parent 883b648d5e
commit d7b374f8ab
96 changed files with 7752 additions and 205 deletions
@@ -4,12 +4,24 @@ import { describe, test, expect } from "bun:test";
 * Tests for the PermissionNodes type definitions and structure.
 * We import the permission nodes and validate the shape of the data.
 */
-import { PERMISSION_NODES } from "../../src/types/PermissionNodes";
+import {
+  PERMISSION_NODES,
+  getAllPermissionNodes,
+} from "../../src/types/PermissionNodes";
 import type {
  PermissionNode,
  PermissionCategory,
 } from "../../src/types/PermissionNodes";

+/** Recursively collect permissions from a category and its sub-categories. */
+function collectPerms(cat: PermissionCategory): PermissionNode[] {
+  const direct = cat.permissions as PermissionNode[];
+  const nested = cat.subCategories
+    ? Object.values(cat.subCategories).flatMap(collectPerms)
+    : [];
+  return [...direct, ...nested];
+}
+
 describe("PermissionNodes", () => {
  test("PERMISSION_NODES is defined and is an object", () => {
    expect(PERMISSION_NODES).toBeDefined();
@@ -20,6 +32,9 @@ describe("PermissionNodes", () => {
    expect(PERMISSION_NODES).toHaveProperty("global");
    expect(PERMISSION_NODES).toHaveProperty("company");
    expect(PERMISSION_NODES).toHaveProperty("credential");
+    expect(PERMISSION_NODES).toHaveProperty("sales");
+    expect(PERMISSION_NODES).toHaveProperty("procurement");
+    expect(PERMISSION_NODES).toHaveProperty("objectTypes");
  });

  test("each category has name, description, and permissions", () => {
@@ -37,7 +52,7 @@ describe("PermissionNodes", () => {
  test("each permission node has required fields", () => {
    for (const [_key, category] of Object.entries(PERMISSION_NODES)) {
      const cat = category as PermissionCategory;
-      for (const perm of cat.permissions) {
+      for (const perm of collectPerms(cat)) {
        expect(perm).toHaveProperty("node");
        expect(typeof perm.node).toBe("string");
        expect(perm.node.length).toBeGreaterThan(0);
@@ -60,7 +75,7 @@ describe("PermissionNodes", () => {
  test("all permission nodes are non-empty strings", () => {
    for (const [_key, category] of Object.entries(PERMISSION_NODES)) {
      const cat = category as PermissionCategory;
-      for (const perm of cat.permissions) {
+      for (const perm of collectPerms(cat)) {
        expect(typeof perm.node).toBe("string");
        expect(perm.node.length).toBeGreaterThan(0);
      }
@@ -68,11 +83,11 @@ describe("PermissionNodes", () => {
  });

  test("dependencies reference existing permission nodes", () => {
-    // Collect all nodes
+    // Collect all nodes including sub-categories
    const allNodes = new Set<string>();
    for (const [_key, category] of Object.entries(PERMISSION_NODES)) {
      const cat = category as PermissionCategory;
-      for (const perm of cat.permissions) {
+      for (const perm of collectPerms(cat)) {
        allNodes.add(perm.node);
      }
    }
@@ -80,7 +95,7 @@ describe("PermissionNodes", () => {
    // Check all dependencies point to real nodes
    for (const [_key, category] of Object.entries(PERMISSION_NODES)) {
      const cat = category as PermissionCategory;
-      for (const perm of cat.permissions) {
+      for (const perm of collectPerms(cat)) {
        if (perm.dependencies) {
          for (const dep of perm.dependencies) {
            expect(allNodes.has(dep)).toBe(true);
@@ -89,4 +104,49 @@ describe("PermissionNodes", () => {
      }
    }
  });
+
+  test("sales category includes note CRUD permission nodes", () => {
+    const salesPerms = collectPerms(
+      PERMISSION_NODES.sales as PermissionCategory,
+    );
+    const nodes = salesPerms.map((p) => p.node);
+    expect(nodes).toContain("sales.opportunity.note.create");
+    expect(nodes).toContain("sales.opportunity.note.update");
+    expect(nodes).toContain("sales.opportunity.note.delete");
+    expect(nodes).toContain("sales.opportunity.product.update");
+  });
+
+  test("objectTypes category has subCategories", () => {
+    const objTypes = PERMISSION_NODES.objectTypes as PermissionCategory;
+    expect(objTypes.subCategories).toBeDefined();
+    expect(objTypes.subCategories!.company).toBeDefined();
+    expect(objTypes.subCategories!.credential).toBeDefined();
+    expect(objTypes.subCategories!.user).toBeDefined();
+    expect(objTypes.subCategories!.opportunity).toBeDefined();
+    expect(objTypes.subCategories!.catalogItem).toBeDefined();
+  });
+
+  test("getAllPermissionNodes returns all nodes including nested", () => {
+    const allNodes = getAllPermissionNodes();
+    expect(allNodes.length).toBeGreaterThan(0);
+
+    const nodeNames = allNodes.map((p) => p.node);
+    // Should include top-level node
+    expect(nodeNames).toContain("*");
+    // Should include nested objectTypes nodes
+    expect(nodeNames).toContain("obj.company");
+    expect(nodeNames).toContain("obj.user");
+    expect(nodeNames).toContain("obj.opportunity");
+    expect(nodeNames).toContain("obj.catalogItem");
+  });
+
+  test("field-level permissions are listed on objectTypes nodes", () => {
+    const allNodes = getAllPermissionNodes();
+    const objCompany = allNodes.find((p) => p.node === "obj.company");
+    expect(objCompany).toBeDefined();
+    expect(objCompany!.fieldLevelPermissions).toBeDefined();
+    expect(objCompany!.fieldLevelPermissions!.length).toBeGreaterThan(0);
+    expect(objCompany!.fieldLevelPermissions).toContain("obj.company.id");
+    expect(objCompany!.fieldLevelPermissions).toContain("obj.company.name");
+  });
 });