mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-04-04 06:47:19 +02:00
🗑️ chore: Remove Action Test Suite and Update Mock Implementations (#12268)
- Deleted the Action test suite located in `api/models/Action.spec.js` to streamline the codebase. - Updated various test files to reflect changes in model mocks, consolidating mock implementations for user-related actions and enhancing clarity. - Improved consistency in test setups by aligning with the latest model updates and removing redundant mock definitions.
This commit is contained in:
Danny Avila
parent
dd72b7b17e
commit
67db0c1cb3
7 changed files with 40 additions and 311 deletions
|
|
@ -1,250 +0,0 @@
|
|||
const mongoose = require('mongoose');
|
||||
const { MongoMemoryServer } = require('mongodb-memory-server');
|
||||
const { actionSchema } = require('@librechat/data-schemas');
|
||||
const { updateAction, getActions, deleteAction } = require('./Action');
|
||||
|
||||
let mongoServer;
|
||||
|
||||
beforeAll(async () => {
|
||||
mongoServer = await MongoMemoryServer.create();
|
||||
const mongoUri = mongoServer.getUri();
|
||||
if (!mongoose.models.Action) {
|
||||
mongoose.model('Action', actionSchema);
|
||||
}
|
||||
await mongoose.connect(mongoUri);
|
||||
}, 20000);
|
||||
|
||||
afterAll(async () => {
|
||||
await mongoose.disconnect();
|
||||
await mongoServer.stop();
|
||||
});
|
||||
|
||||
beforeEach(async () => {
|
||||
await mongoose.models.Action.deleteMany({});
|
||||
});
|
||||
|
||||
const userId = new mongoose.Types.ObjectId();
|
||||
|
||||
describe('Action ownership scoping', () => {
|
||||
describe('updateAction', () => {
|
||||
it('updates when action_id and agent_id both match', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_1',
|
||||
agent_id: 'agent_A',
|
||||
metadata: { domain: 'example.com' },
|
||||
});
|
||||
|
||||
const result = await updateAction(
|
||||
{ action_id: 'act_1', agent_id: 'agent_A' },
|
||||
{ metadata: { domain: 'updated.com' } },
|
||||
);
|
||||
|
||||
expect(result).not.toBeNull();
|
||||
expect(result.metadata.domain).toBe('updated.com');
|
||||
expect(result.agent_id).toBe('agent_A');
|
||||
});
|
||||
|
||||
it('does not update when agent_id does not match (creates a new doc via upsert)', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_1',
|
||||
agent_id: 'agent_B',
|
||||
metadata: { domain: 'victim.com', api_key: 'secret' },
|
||||
});
|
||||
|
||||
const result = await updateAction(
|
||||
{ action_id: 'act_1', agent_id: 'agent_A' },
|
||||
{ user: userId, metadata: { domain: 'attacker.com' } },
|
||||
);
|
||||
|
||||
expect(result.metadata.domain).toBe('attacker.com');
|
||||
|
||||
const original = await mongoose.models.Action.findOne({
|
||||
action_id: 'act_1',
|
||||
agent_id: 'agent_B',
|
||||
}).lean();
|
||||
expect(original).not.toBeNull();
|
||||
expect(original.metadata.domain).toBe('victim.com');
|
||||
expect(original.metadata.api_key).toBe('secret');
|
||||
});
|
||||
|
||||
it('updates when action_id and assistant_id both match', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_2',
|
||||
assistant_id: 'asst_X',
|
||||
metadata: { domain: 'example.com' },
|
||||
});
|
||||
|
||||
const result = await updateAction(
|
||||
{ action_id: 'act_2', assistant_id: 'asst_X' },
|
||||
{ metadata: { domain: 'updated.com' } },
|
||||
);
|
||||
|
||||
expect(result).not.toBeNull();
|
||||
expect(result.metadata.domain).toBe('updated.com');
|
||||
});
|
||||
|
||||
it('does not overwrite when assistant_id does not match', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_2',
|
||||
assistant_id: 'asst_victim',
|
||||
metadata: { domain: 'victim.com', api_key: 'secret' },
|
||||
});
|
||||
|
||||
await updateAction(
|
||||
{ action_id: 'act_2', assistant_id: 'asst_attacker' },
|
||||
{ user: userId, metadata: { domain: 'attacker.com' } },
|
||||
);
|
||||
|
||||
const original = await mongoose.models.Action.findOne({
|
||||
action_id: 'act_2',
|
||||
assistant_id: 'asst_victim',
|
||||
}).lean();
|
||||
expect(original).not.toBeNull();
|
||||
expect(original.metadata.domain).toBe('victim.com');
|
||||
expect(original.metadata.api_key).toBe('secret');
|
||||
});
|
||||
});
|
||||
|
||||
describe('deleteAction', () => {
|
||||
it('deletes when action_id and agent_id both match', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_del',
|
||||
agent_id: 'agent_A',
|
||||
metadata: { domain: 'example.com' },
|
||||
});
|
||||
|
||||
const result = await deleteAction({ action_id: 'act_del', agent_id: 'agent_A' });
|
||||
expect(result).not.toBeNull();
|
||||
expect(result.action_id).toBe('act_del');
|
||||
|
||||
const remaining = await mongoose.models.Action.countDocuments();
|
||||
expect(remaining).toBe(0);
|
||||
});
|
||||
|
||||
it('returns null and preserves the document when agent_id does not match', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_del',
|
||||
agent_id: 'agent_B',
|
||||
metadata: { domain: 'victim.com' },
|
||||
});
|
||||
|
||||
const result = await deleteAction({ action_id: 'act_del', agent_id: 'agent_A' });
|
||||
expect(result).toBeNull();
|
||||
|
||||
const remaining = await mongoose.models.Action.countDocuments();
|
||||
expect(remaining).toBe(1);
|
||||
});
|
||||
|
||||
it('deletes when action_id and assistant_id both match', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_del_asst',
|
||||
assistant_id: 'asst_X',
|
||||
metadata: { domain: 'example.com' },
|
||||
});
|
||||
|
||||
const result = await deleteAction({ action_id: 'act_del_asst', assistant_id: 'asst_X' });
|
||||
expect(result).not.toBeNull();
|
||||
|
||||
const remaining = await mongoose.models.Action.countDocuments();
|
||||
expect(remaining).toBe(0);
|
||||
});
|
||||
|
||||
it('returns null and preserves the document when assistant_id does not match', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_del_asst',
|
||||
assistant_id: 'asst_victim',
|
||||
metadata: { domain: 'victim.com' },
|
||||
});
|
||||
|
||||
const result = await deleteAction({
|
||||
action_id: 'act_del_asst',
|
||||
assistant_id: 'asst_attacker',
|
||||
});
|
||||
expect(result).toBeNull();
|
||||
|
||||
const remaining = await mongoose.models.Action.countDocuments();
|
||||
expect(remaining).toBe(1);
|
||||
});
|
||||
});
|
||||
|
||||
describe('getActions (unscoped baseline)', () => {
|
||||
it('returns actions by action_id regardless of agent_id', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_shared',
|
||||
agent_id: 'agent_B',
|
||||
metadata: { domain: 'example.com' },
|
||||
});
|
||||
|
||||
const results = await getActions({ action_id: 'act_shared' }, true);
|
||||
expect(results).toHaveLength(1);
|
||||
expect(results[0].agent_id).toBe('agent_B');
|
||||
});
|
||||
|
||||
it('returns actions scoped by agent_id when provided', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_scoped',
|
||||
agent_id: 'agent_A',
|
||||
metadata: { domain: 'a.com' },
|
||||
});
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_other',
|
||||
agent_id: 'agent_B',
|
||||
metadata: { domain: 'b.com' },
|
||||
});
|
||||
|
||||
const results = await getActions({ agent_id: 'agent_A' });
|
||||
expect(results).toHaveLength(1);
|
||||
expect(results[0].action_id).toBe('act_scoped');
|
||||
});
|
||||
});
|
||||
|
||||
describe('cross-type protection', () => {
|
||||
it('updateAction with agent_id filter does not overwrite assistant-owned action', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_cross',
|
||||
assistant_id: 'asst_victim',
|
||||
metadata: { domain: 'victim.com', api_key: 'secret' },
|
||||
});
|
||||
|
||||
await updateAction(
|
||||
{ action_id: 'act_cross', agent_id: 'agent_attacker' },
|
||||
{ user: userId, metadata: { domain: 'evil.com' } },
|
||||
);
|
||||
|
||||
const original = await mongoose.models.Action.findOne({
|
||||
action_id: 'act_cross',
|
||||
assistant_id: 'asst_victim',
|
||||
}).lean();
|
||||
expect(original).not.toBeNull();
|
||||
expect(original.metadata.domain).toBe('victim.com');
|
||||
expect(original.metadata.api_key).toBe('secret');
|
||||
});
|
||||
|
||||
it('deleteAction with agent_id filter does not delete assistant-owned action', async () => {
|
||||
await mongoose.models.Action.create({
|
||||
user: userId,
|
||||
action_id: 'act_cross_del',
|
||||
assistant_id: 'asst_victim',
|
||||
metadata: { domain: 'victim.com' },
|
||||
});
|
||||
|
||||
const result = await deleteAction({ action_id: 'act_cross_del', agent_id: 'agent_attacker' });
|
||||
expect(result).toBeNull();
|
||||
|
||||
const remaining = await mongoose.models.Action.countDocuments();
|
||||
expect(remaining).toBe(1);
|
||||
});
|
||||
});
|
||||
});
|
||||
Loading…
Add table
Add a link
Reference in a new issue