backend/tests/utils.test.ts

/**
 * Utils Tests - shared utility functions
 */
import { describe, it, expect } from "vitest";
import { sanitizeName, docPath, DATA_DIR } from "../src/utils.js";
import { join } from "path";

describe("sanitizeName", () => {
  it("passes through clean names", () => {
    expect(sanitizeName("default")).toBe("default");
    expect(sanitizeName("my-doc_123")).toBe("my-doc_123");
  });

  it("replaces special characters with underscore", () => {
    expect(sanitizeName("my doc!@#")).toBe("my_doc___");
    expect(sanitizeName("hello world")).toBe("hello_world");
  });

  it("replaces path traversal characters", () => {
    const result = sanitizeName("../../../etc/passwd");
    expect(result).not.toContain("/");
    expect(result).not.toContain(".");
  });

  it("handles empty string", () => {
    expect(sanitizeName("")).toBe("");
  });
});

describe("docPath", () => {
  it("returns path within DATA_DIR with .yjs extension", () => {
    const result = docPath("default");
    expect(result).toBe(join(DATA_DIR, "default.yjs"));
  });

  it("sanitizes the name in the path", () => {
    const result = docPath("my doc!");
    expect(result).toBe(join(DATA_DIR, "my_doc_.yjs"));
  });
});