Madhura68
9e8f33b96e
Two gaps discovered during the first live grill-session of IDEA-002:
the agent posted a question, but the user had no UI to answer it.
1. Idea-questions only appeared on the Timeline-tab as read-only entries
2. Notifications-bell fetched + handled story-questions only
This fix:
**Inline answer-form in IdeaTimeline** (components/ideas/idea-timeline.tsx)
- Open questions now render an AnswerForm directly under the question text
- Multi-choice options become clickable buttons (one-click submit); free-text
fallback via collapsed details/textarea
- Plain free-text questions render textarea + Verzend
- Calls existing answerQuestion server-action; toast + router.refresh on success
**Notifications-bell extended for idea-questions**
- stores/notifications-store.ts: NotificationQuestion → discriminated union
(kind: 'story' | 'idea'); forYouCount treats idea-questions as always-for-you
(idea is strictly user_id-only — only the owner sees them)
- components/notifications/notifications-bridge.tsx: parallel fetch of
story-questions (productAccessFilter) + idea-questions (idea.user_id ===
session.userId); merged + sorted by created_at
- components/notifications/notifications-sheet.tsx: renders idea_code/title
for kind='idea'
- components/notifications/answer-modal.tsx: header + open-link branch on
kind (idea → /ideas/[id]?tab=timeline; story → existing /sprint link)
- lib/realtime/use-notifications-realtime.ts: idea-question events also
trigger close+reconnect on 'open' (loads fresh detail) and remove(id) on
non-open — same pattern story-questions already use
- components/shared/notifications-bell.tsx: badge counts idea-questions as
for-you regardless of assignee
**Security gap closed (actions/questions.ts answerQuestion)**
Before: accepted any answer if user has product-access.
After: idea-questions require idea.user_id === session.userId; story-
questions keep the existing productAccessFilter path. (Prisma 7 rejects
\`{ not: null }\` in WHERE; routing happens app-level after a single fetch.)
Tests: 546/546 still green.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
143 lines
4.6 KiB
TypeScript
143 lines
4.6 KiB
TypeScript
import { describe, it, expect, vi, beforeEach } from 'vitest'
|
|
|
|
const { mockGetSession } = vi.hoisted(() => ({
|
|
mockGetSession: vi.fn(),
|
|
}))
|
|
|
|
vi.mock('next/cache', () => ({ revalidatePath: vi.fn() }))
|
|
|
|
vi.mock('@/lib/auth', () => ({
|
|
getSession: mockGetSession,
|
|
}))
|
|
|
|
vi.mock('@/lib/prisma', () => ({
|
|
prisma: {
|
|
claudeQuestion: {
|
|
findFirst: vi.fn(),
|
|
updateMany: vi.fn(),
|
|
},
|
|
product: {
|
|
findFirst: vi.fn().mockResolvedValue({ id: 'product-1' }),
|
|
},
|
|
},
|
|
}))
|
|
|
|
import { revalidatePath } from 'next/cache'
|
|
import { prisma } from '@/lib/prisma'
|
|
import { answerQuestion } from '@/actions/questions'
|
|
|
|
const mockPrisma = prisma as unknown as {
|
|
claudeQuestion: {
|
|
findFirst: ReturnType<typeof vi.fn>
|
|
updateMany: ReturnType<typeof vi.fn>
|
|
}
|
|
}
|
|
const mockRevalidate = revalidatePath as ReturnType<typeof vi.fn>
|
|
|
|
const VALID_ID = 'cmohrz0jra1aaaaaaaaaaaaaa'
|
|
const VALID_ANSWER = 'Antwoord van de gebruiker'
|
|
|
|
const SESSION_USER = { userId: 'user-1', isDemo: false }
|
|
const SESSION_DEMO = { userId: 'demo-1', isDemo: true }
|
|
|
|
beforeEach(() => {
|
|
vi.clearAllMocks()
|
|
})
|
|
|
|
describe('actions/questions — answerQuestion', () => {
|
|
it('happy: status pending→answered, revalidatePath geroepen', async () => {
|
|
mockGetSession.mockResolvedValue(SESSION_USER)
|
|
mockPrisma.claudeQuestion.findFirst.mockResolvedValueOnce({
|
|
id: VALID_ID,
|
|
story_id: 'story-1',
|
|
idea_id: null,
|
|
product_id: 'product-1',
|
|
idea: null,
|
|
})
|
|
mockPrisma.claudeQuestion.updateMany.mockResolvedValueOnce({ count: 1 })
|
|
|
|
const res = await answerQuestion(VALID_ID, VALID_ANSWER)
|
|
expect(res).toEqual({ ok: true })
|
|
|
|
const updateArg = mockPrisma.claudeQuestion.updateMany.mock.calls[0][0]
|
|
expect(updateArg.where).toMatchObject({
|
|
id: VALID_ID,
|
|
status: 'open',
|
|
})
|
|
expect(updateArg.where.expires_at).toMatchObject({ gt: expect.any(Date) })
|
|
expect(updateArg.data).toMatchObject({
|
|
status: 'answered',
|
|
answer: VALID_ANSWER,
|
|
answered_by: 'user-1',
|
|
})
|
|
|
|
expect(mockRevalidate).toHaveBeenCalledWith('/', 'layout')
|
|
})
|
|
|
|
it('demo-user wordt geblokkeerd, geen DB-call', async () => {
|
|
mockGetSession.mockResolvedValue(SESSION_DEMO)
|
|
const res = await answerQuestion(VALID_ID, VALID_ANSWER)
|
|
expect(res).toEqual({ ok: false, error: 'Niet beschikbaar in demo-modus' })
|
|
expect(mockPrisma.claudeQuestion.findFirst).not.toHaveBeenCalled()
|
|
expect(mockPrisma.claudeQuestion.updateMany).not.toHaveBeenCalled()
|
|
expect(mockRevalidate).not.toHaveBeenCalled()
|
|
})
|
|
|
|
it('user zonder product-access: error, geen update', async () => {
|
|
mockGetSession.mockResolvedValue(SESSION_USER)
|
|
mockPrisma.claudeQuestion.findFirst.mockResolvedValueOnce(null)
|
|
|
|
const res = await answerQuestion(VALID_ID, VALID_ANSWER)
|
|
expect(res).toEqual({ ok: false, error: 'Vraag niet gevonden of geen toegang' })
|
|
expect(mockPrisma.claudeQuestion.updateMany).not.toHaveBeenCalled()
|
|
})
|
|
|
|
it('al-answered: race-error met begrijpelijke melding', async () => {
|
|
mockGetSession.mockResolvedValue(SESSION_USER)
|
|
mockPrisma.claudeQuestion.findFirst.mockResolvedValueOnce({
|
|
id: VALID_ID,
|
|
story_id: 'story-1',
|
|
idea_id: null,
|
|
product_id: 'product-1',
|
|
idea: null,
|
|
})
|
|
mockPrisma.claudeQuestion.updateMany.mockResolvedValueOnce({ count: 0 })
|
|
mockPrisma.claudeQuestion.findFirst.mockResolvedValueOnce({
|
|
status: 'answered',
|
|
expires_at: new Date(Date.now() + 60_000),
|
|
})
|
|
|
|
const res = await answerQuestion(VALID_ID, VALID_ANSWER)
|
|
expect(res).toEqual({ ok: false, error: 'Vraag is al answered' })
|
|
expect(mockRevalidate).not.toHaveBeenCalled()
|
|
})
|
|
|
|
it('verlopen: updateMany count=0, nog open status maar voorbij expiry', async () => {
|
|
mockGetSession.mockResolvedValue(SESSION_USER)
|
|
mockPrisma.claudeQuestion.findFirst.mockResolvedValueOnce({
|
|
id: VALID_ID,
|
|
story_id: 'story-1',
|
|
idea_id: null,
|
|
product_id: 'product-1',
|
|
idea: null,
|
|
})
|
|
mockPrisma.claudeQuestion.updateMany.mockResolvedValueOnce({ count: 0 })
|
|
mockPrisma.claudeQuestion.findFirst.mockResolvedValueOnce({
|
|
status: 'open',
|
|
expires_at: new Date(Date.now() - 60_000),
|
|
})
|
|
|
|
const res = await answerQuestion(VALID_ID, VALID_ANSWER)
|
|
expect(res).toEqual({ ok: false, error: 'Vraag is verlopen' })
|
|
})
|
|
|
|
it('lege answer: Zod-validatie faalt', async () => {
|
|
mockGetSession.mockResolvedValue(SESSION_USER)
|
|
const res = await answerQuestion(VALID_ID, '')
|
|
expect(res.ok).toBe(false)
|
|
if (!res.ok) {
|
|
expect(res.error.toLowerCase()).toMatch(/string|character|leeg|empty|small/i)
|
|
}
|
|
expect(mockPrisma.claudeQuestion.findFirst).not.toHaveBeenCalled()
|
|
})
|
|
})
|