Files
OpenFrontIO/tests/server/Archive.test.ts
T
Evan Pelle 43d07ca85f refactor: rename core-public -> engine-public; fold helpers in; drop shared
Tighten the package model around the determinism invariant: everything the
engine imports must itself be deterministic.

- Rename core-public -> engine-public (package, dir, `engine-public/*` alias,
  all 118 import sites). It is the deterministic public surface the engine
  depends on and that client/server also use.
- Move the pure formatting helpers (renderNumber/renderTroops) from shared
  into engine-public/format — the engine uses them and they're deterministic.
- Drop the now-empty shared package (and its alias). `shared` was intended for
  client/server-shared, engine-forbidden code; there is none yet, so it is
  removed and can be re-added when such code appears.

Final graph: engine-public (leaf) <- engine <- {client, server};
client/server also -> engine-public.

Verified: tsc clean; 1364 + 65 tests pass; prod build succeeds; engine-public
is a leaf; engine has no client/server imports. Lockfile regenerated.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-10 20:32:32 +00:00

175 lines
4.8 KiB
TypeScript

import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
vi.mock("server/ServerEnv", () => ({
ServerEnv: {
jwtIssuer: () => "https://archive.test.invalid",
apiKey: () => "test-key",
gitCommit: () => "DEV",
subdomain: () => "test",
domain: () => "test",
},
}));
vi.mock("server/Logger", () => ({
logger: {
child: () => ({
info: vi.fn(),
warn: vi.fn(),
error: vi.fn(),
}),
},
}));
vi.mock("engine-public/Schemas", async () => {
const actual = (await vi.importActual("engine-public/Schemas")) as any;
return {
...actual,
GameRecordSchema: {
safeParse: (data: any) => ({ success: true, data }),
},
};
});
import { GameType } from "engine/game/Game";
import type { GameRecord } from "engine-public/Schemas";
import { archive } from "server/Archive";
function buildRecord(gameType: GameType, flag: string | undefined): GameRecord {
return {
info: {
gameID: "TEST123456",
config: { gameType } as any,
players: [
{
clientID: "client-1",
username: "Test",
clanTag: null,
persistentID: "persist-1",
stats: {} as any,
cosmetics: flag ? { flag } : undefined,
} as any,
],
} as any,
version: "v0.0.2",
gitCommit: "DEV",
subdomain: "test",
domain: "test",
turns: [],
} as GameRecord;
}
function archivedBody(fetchMock: ReturnType<typeof vi.fn>): any {
expect(fetchMock).toHaveBeenCalledOnce();
return JSON.parse(fetchMock.mock.calls[0][1].body);
}
describe("archive() singleplayer flag sanitization", () => {
let fetchMock: ReturnType<typeof vi.fn>;
beforeEach(() => {
fetchMock = vi.fn().mockResolvedValue({ ok: true, statusText: "OK" });
vi.stubGlobal("fetch", fetchMock);
});
afterEach(() => {
vi.unstubAllGlobals();
});
it("preserves same-origin country flag paths", async () => {
await archive(
buildRecord(GameType.Singleplayer, "/flags/us.svg"),
new Set(),
);
expect(archivedBody(fetchMock).info.players[0].cosmetics.flag).toBe(
"/flags/us.svg",
);
});
it("preserves manifest-resolved asset paths", async () => {
await archive(
buildRecord(GameType.Singleplayer, "/_assets/flags/us-abc123.svg"),
new Set(),
);
expect(archivedBody(fetchMock).info.players[0].cosmetics.flag).toBe(
"/_assets/flags/us-abc123.svg",
);
});
it("preserves cosmetic flag URLs that are in the trusted set", async () => {
const trustedUrl = "https://example.com/cool.png";
await archive(
buildRecord(GameType.Singleplayer, trustedUrl),
new Set([trustedUrl]),
);
expect(archivedBody(fetchMock).info.players[0].cosmetics.flag).toBe(
trustedUrl,
);
});
it("drops attacker-controlled URLs not in the trusted set", async () => {
await archive(
buildRecord(
GameType.Singleplayer,
"https://attacker.example/payload.png",
),
new Set(["https://example.com/cool.png"]),
);
expect(
archivedBody(fetchMock).info.players[0].cosmetics?.flag,
).toBeUndefined();
});
it("drops http URLs regardless of case", async () => {
await archive(
buildRecord(GameType.Singleplayer, "HTTP://attacker.example/x.png"),
new Set(),
);
expect(
archivedBody(fetchMock).info.players[0].cosmetics?.flag,
).toBeUndefined();
});
it("preserves untouched player when no flag is set", async () => {
await archive(buildRecord(GameType.Singleplayer, undefined), new Set());
expect(archivedBody(fetchMock).info.players[0].cosmetics).toBeUndefined();
});
it("drops absolute URLs even when the trusted set is omitted", async () => {
await archive(
buildRecord(GameType.Singleplayer, "https://example.com/cool.png"),
);
expect(
archivedBody(fetchMock).info.players[0].cosmetics?.flag,
).toBeUndefined();
});
});
describe("archive() multiplayer paths skip sanitization", () => {
let fetchMock: ReturnType<typeof vi.fn>;
beforeEach(() => {
fetchMock = vi.fn().mockResolvedValue({ ok: true, statusText: "OK" });
vi.stubGlobal("fetch", fetchMock);
});
afterEach(() => {
vi.unstubAllGlobals();
});
it("does not modify cosmetics for public games", async () => {
const attackerUrl = "https://attacker.example/payload.png";
await archive(buildRecord(GameType.Public, attackerUrl));
expect(archivedBody(fetchMock).info.players[0].cosmetics.flag).toBe(
attackerUrl,
);
});
it("does not modify cosmetics for private games", async () => {
const attackerUrl = "https://attacker.example/payload.png";
await archive(buildRecord(GameType.Private, attackerUrl));
expect(archivedBody(fetchMock).info.players[0].cosmetics.flag).toBe(
attackerUrl,
);
});
});