Scott.Idem/OSIT-AE-App-Svelte
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test: add v3 latency probe and modernize api coverage

Browse Source
This commit is contained in:
Scott Idem
2026-05-21 17:48:00 -04:00
parent f5cf1ef398
commit 55d3d49595
4 changed files with 341 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
tests/v3_api_security.modern.test.ts
View File

@@ -37,7 +37,7 @@ test.describe('V3 API Header Integrity (modernized)', () => {
});
});
test('Verify lookup requests include the unauthenticated bypass header', async ({ page }) => {
test('Verify lookup requests use account-scoped headers (no bypass)', async ({ page }) => {
await page.addInitScript((defaults) => {
const testData = { ...defaults, account_id: 'test-account-id', manager_access: true };
window.localStorage.setItem('ae_loc', JSON.stringify(testData));
@@ -50,7 +50,10 @@ test.describe('V3 API Header Integrity (modernized)', () => {
const request = await requestPromise;
const headers = request.headers();
expect(headers['x-no-account-id']).toBe('Nothing to See Here');
// Current lookup policy is account-scoped for these routes.
// The bypass header should not be sent here.
expect(headers['x-no-account-id']).toBeUndefined();
expect(headers['x-account-id']).toBe('test-account-id');
expect(headers['x-aether-api-key']).toBeDefined();
});