refactor: events to a pure stream instead of being part of topics

NOTE: tests are passing, but the client is broken
2025-11-08 11:55:57 -08:00 · 2025-11-08 11:55:57 -08:00 · a5707e2f81
commit a5707e2f81
parent c34069066d
31 changed files with 934 additions and 686 deletions
--- a/tests/05_update_channel.test.ts
+++ b/tests/05_update_channel.test.ts
@ -0,0 +1,102 @@
+import { api, API_CLIENT } from '../utils/api.ts';
+import * as asserts from '@std/assert';
+import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';
+import { generateTotp } from '../utils/totp.ts';
+
+Deno.test({
+	name: 'API - CHANNELS - Update',
+	permissions: {
+		env: true,
+		read: true,
+		write: true,
+		net: true
+	},
+	fn: async () => {
+		let test_server_info: EPHEMERAL_SERVER | null = null;
+		try {
+			test_server_info = await get_ephemeral_listen_server();
+			const client: API_CLIENT = api({
+				prefix: '/api',
+				hostname: test_server_info.hostname,
+				port: test_server_info.port
+			});
+
+			const info = await get_new_user(client);
+
+			await set_user_permissions(client, info.user, info.session, [...info.user.permissions, 'channels.create']);
+
+			const new_channel = await client.fetch('/channels', {
+				method: 'POST',
+				headers: {
+					'x-session_id': info.session.id,
+					'x-totp': await generateTotp(info.session.secret)
+				},
+				json: {
+					name: 'test update channel'
+				}
+			});
+
+			asserts.assert(new_channel);
+
+			const other_user_info = await get_new_user(client, {}, info);
+
+			try {
+				const _permission_denied_channel = await client.fetch(`/channels/${new_channel.id}`, {
+					method: 'PUT',
+					headers: {
+						'x-session_id': other_user_info.session.id,
+						'x-totp': await generateTotp(other_user_info.session.secret)
+					},
+					json: {
+						name: 'this should not be allowed'
+					}
+				});
+
+				asserts.fail('allowed updating a channel owned by someone else');
+			} catch (error) {
+				asserts.assertEquals((error as Error).cause, 'permission_denied');
+			}
+
+			const updated_by_owner_channel = await client.fetch(`/channels/${new_channel.id}`, {
+				method: 'PUT',
+				headers: {
+					'x-session_id': info.session.id,
+					'x-totp': await generateTotp(info.session.secret)
+				},
+				json: {
+					channel: 'this is a new channel',
+					permissions: {
+						...new_channel.permissions,
+						write: [...new_channel.permissions.write, other_user_info.user.id]
+					}
+				}
+			});
+
+			asserts.assert(updated_by_owner_channel);
+			asserts.assertEquals(updated_by_owner_channel.channel, 'this is a new channel');
+			asserts.assertEquals(updated_by_owner_channel.permissions.write, [info.user.id, other_user_info.user.id]);
+
+			const updated_by_other_user_channel = await client.fetch(`/channels/${new_channel.id}`, {
+				method: 'PUT',
+				headers: {
+					'x-session_id': other_user_info.session.id,
+					'x-totp': await generateTotp(other_user_info.session.secret)
+				},
+				json: {
+					channel: 'this is a newer channel'
+				}
+			});
+
+			asserts.assert(updated_by_other_user_channel);
+			asserts.assertEquals(updated_by_other_user_channel.channel, 'this is a newer channel');
+			asserts.assertEquals(updated_by_other_user_channel.permissions.write, [info.user.id, other_user_info.user.id]);
+
+			await delete_user(client, other_user_info);
+			await delete_user(client, info);
+		} finally {
+			if (test_server_info) {
+				await test_server_info?.server?.stop();
+			}
+		}
+	}
+});