doudou/telegram-management-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
telegram-management-system/marketing-agent/test/integration/compliance.test.js
你的用户名 237c7802e5
Some checks failed
Deploy / deploy (push) Has been cancelled
Details
Initial commit: Telegram Management System 
Full-stack web application for Telegram management
- Frontend: Vue 3 + Vben Admin
- Backend: NestJS
- Features: User management, group broadcast, statistics

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-04 15:37:50 +08:00

365 lines
11 KiB
JavaScript
Raw Permalink Blame History

// Compliance Integration Tests
const TestEnvironment = require('./setup');
const TestHelpers = require('./helpers');
const apiGatewayApp = require('../../services/api-gateway/src/app');
const complianceGuardApp = require('../../services/compliance-guard/src/app');
describe('Compliance Integration Tests', () => {
let testEnv;
let helpers;
let apiClient;
let testUser;
const SERVICES = {
'api-gateway': { app: apiGatewayApp, port: 13000 },
'compliance-guard': { app: complianceGuardApp, port: 13006 }
};
beforeAll(async () => {
testEnv = new TestEnvironment();
helpers = new TestHelpers(testEnv);
// Setup test environment
await testEnv.setup();
// Setup mocks
helpers.setupMocks();
// Start services
for (const [name, config] of Object.entries(SERVICES)) {
await testEnv.startService(name, config.app, config.port);
}
// Create test user
testUser = await testEnv.createTestUser();
// Create authenticated client
apiClient = await helpers.createAuthenticatedClient(
`http://localhost:${SERVICES['api-gateway'].port}`,
testUser
);
});
afterAll(async () => {
helpers.cleanupMocks();
await testEnv.cleanup();
});
describe('Data Protection', () => {
test('should encrypt sensitive data', async () => {
const sensitiveData = {
userId: testUser.id,
data: {
ssn: '123-45-6789',
creditCard: '4111111111111111',
email: 'test@example.com'
}
};
const response = await apiClient.post(
'/api/v1/compliance/data/encrypt',
sensitiveData
);
const { encrypted } = helpers.expectApiSuccess(response);
expect(encrypted).toBeDefined();
expect(encrypted.data).not.toEqual(sensitiveData.data);
expect(encrypted.data).toContain('encrypted:');
});
test('should decrypt data for authorized users', async () => {
// First encrypt
const originalData = {
message: 'Secret message',
timestamp: new Date().toISOString()
};
const encryptResponse = await apiClient.post(
'/api/v1/compliance/data/encrypt',
{ userId: testUser.id, data: originalData }
);
const { encrypted } = helpers.expectApiSuccess(encryptResponse);
// Then decrypt
const decryptResponse = await apiClient.post(
'/api/v1/compliance/data/decrypt',
{ userId: testUser.id, data: encrypted.data }
);
const { decrypted } = helpers.expectApiSuccess(decryptResponse);
expect(decrypted).toEqual(originalData);
});
test('should prevent unauthorized decryption', async () => {
// Create another user
const otherUser = await testEnv.createTestUser();
const otherClient = await helpers.createAuthenticatedClient(
`http://localhost:${SERVICES['api-gateway'].port}`,
otherUser
);
// Try to decrypt data encrypted by first user
const response = await otherClient.post(
'/api/v1/compliance/data/decrypt',
{ userId: testUser.id, data: 'encrypted:somedata' }
);
helpers.expectApiError(response, 403, 'Unauthorized');
});
});
describe('Privacy Rights', () => {
test('should handle data export request', async () => {
// Create some test data
await helpers.createTestCampaign({ userId: testUser.id });
await helpers.createTestTask({ userId: testUser.id });
const response = await apiClient.post(
'/api/v1/compliance/privacy/export',
{ userId: testUser.id }
);
const { exportId, status } = helpers.expectApiSuccess(response, 202);
expect(exportId).toBeDefined();
expect(status).toBe('processing');
// Wait for export to complete
await helpers.sleep(2000);
// Check export status
const statusResponse = await apiClient.get(
`/api/v1/compliance/privacy/export/${exportId}`
);
const exportData = helpers.expectApiSuccess(statusResponse);
expect(['completed', 'processing']).toContain(exportData.status);
if (exportData.status === 'completed') {
expect(exportData.downloadUrl).toBeDefined();
}
});
test('should handle data deletion request', async () => {
// Create test data
const campaign = await helpers.createTestCampaign({ userId: testUser.id });
// Request deletion
const response = await apiClient.post(
'/api/v1/compliance/privacy/delete',
{
userId: testUser.id,
scope: 'all',
reason: 'User requested account deletion'
}
);
const { deletionId, status } = helpers.expectApiSuccess(response, 202);
expect(deletionId).toBeDefined();
expect(status).toBe('scheduled');
// Wait for deletion
await helpers.sleep(2000);
// Verify data was deleted
const campaignResponse = await apiClient.get(
`/api/v1/campaigns/${campaign.campaignId}`
);
helpers.expectApiError(campaignResponse, 404);
});
test('should respect data retention policies', async () => {
const response = await apiClient.get('/api/v1/compliance/retention/policies');
const { policies } = helpers.expectApiSuccess(response);
expect(policies).toBeDefined();
expect(policies).toHaveProperty('messages');
expect(policies).toHaveProperty('userdata');
expect(policies).toHaveProperty('analytics');
expect(policies.messages.retentionDays).toBeGreaterThan(0);
expect(policies.userdata.retentionDays).toBeGreaterThan(0);
});
});
describe('Consent Management', () => {
test('should record user consent', async () => {
const consentData = {
userId: testUser.id,
purposes: [
{
purpose: 'marketing',
granted: true,
timestamp: new Date().toISOString()
},
{
purpose: 'analytics',
granted: true,
timestamp: new Date().toISOString()
},
{
purpose: 'personalization',
granted: false,
timestamp: new Date().toISOString()
}
],
ipAddress: '192.168.1.1',
userAgent: 'Test Client/1.0'
};
const response = await apiClient.post(
'/api/v1/compliance/consent/record',
consentData
);
const { consentId } = helpers.expectApiSuccess(response, 201);
expect(consentId).toBeDefined();
});
test('should check consent before processing', async () => {
// Check consent status
const response = await apiClient.get(
`/api/v1/compliance/consent/check/${testUser.id}`,
{
params: { purpose: 'marketing' }
}
);
const { granted, timestamp } = helpers.expectApiSuccess(response);
expect(typeof granted).toBe('boolean');
if (granted) {
expect(timestamp).toBeDefined();
}
});
test('should update consent preferences', async () => {
const updateData = {
userId: testUser.id,
updates: [
{
purpose: 'marketing',
granted: false,
timestamp: new Date().toISOString()
}
]
};
const response = await apiClient.put(
'/api/v1/compliance/consent/update',
updateData
);
helpers.expectApiSuccess(response);
// Verify update
const checkResponse = await apiClient.get(
`/api/v1/compliance/consent/check/${testUser.id}`,
{
params: { purpose: 'marketing' }
}
);
const { granted } = helpers.expectApiSuccess(checkResponse);
expect(granted).toBe(false);
});
});
describe('Audit Logging', () => {
test('should log compliance events', async () => {
// Perform some compliance actions
await apiClient.post('/api/v1/compliance/data/encrypt', {
userId: testUser.id,
data: { test: 'data' }
});
await apiClient.get(`/api/v1/compliance/consent/check/${testUser.id}`, {
params: { purpose: 'analytics' }
});
// Get audit logs
const response = await apiClient.get('/api/v1/compliance/audit/logs', {
params: {
userId: testUser.id,
startDate: new Date(Date.now() - 3600000).toISOString(),
endDate: new Date().toISOString()
}
});
const { logs, total } = helpers.expectApiSuccess(response);
expect(logs).toBeDefined();
expect(logs.length).toBeGreaterThan(0);
expect(total).toBeGreaterThan(0);
// Verify log structure
const log = logs[0];
expect(log).toHaveProperty('timestamp');
expect(log).toHaveProperty('action');
expect(log).toHaveProperty('userId');
expect(log).toHaveProperty('details');
});
test('should generate compliance reports', async () => {
const response = await apiClient.post('/api/v1/compliance/audit/report', {
type: 'monthly',
month: new Date().getMonth() + 1,
year: new Date().getFullYear()
});
const { reportId, status } = helpers.expectApiSuccess(response, 202);
expect(reportId).toBeDefined();
expect(status).toBe('generating');
});
});
describe('Regulatory Compliance', () => {
test('should validate GDPR compliance', async () => {
const response = await apiClient.get('/api/v1/compliance/regulatory/gdpr/status');
const { compliant, issues } = helpers.expectApiSuccess(response);
expect(typeof compliant).toBe('boolean');
expect(Array.isArray(issues)).toBe(true);
if (!compliant) {
expect(issues.length).toBeGreaterThan(0);
issues.forEach(issue => {
expect(issue).toHaveProperty('category');
expect(issue).toHaveProperty('description');
expect(issue).toHaveProperty('severity');
});
}
});
test('should validate CCPA compliance', async () => {
const response = await apiClient.get('/api/v1/compliance/regulatory/ccpa/status');
const { compliant, issues } = helpers.expectApiSuccess(response);
expect(typeof compliant).toBe('boolean');
expect(Array.isArray(issues)).toBe(true);
});
test('should handle Do Not Sell requests', async () => {
const response = await apiClient.post('/api/v1/compliance/privacy/donotsell', {
userId: testUser.id,
optOut: true
});
helpers.expectApiSuccess(response);
// Verify opt-out status
const statusResponse = await apiClient.get(
`/api/v1/compliance/privacy/donotsell/${testUser.id}`
);
const { optedOut } = helpers.expectApiSuccess(statusResponse);
expect(optedOut).toBe(true);
});
});
});
Reference in New Issue View Git Blame Copy Permalink