// Shared test bootstrap. Sets up an isolated temp SQLite database and storage // dirs BEFORE any application module (which reads config at import time) is // loaded, then migrates + seeds a fresh schema. Import this first, then use // `load()` to dynamically import the modules under test. import os from 'node:os'; import path from 'path'; import fs from 'node:fs'; import crypto from 'node:crypto'; const tmpRoot = fs.mkdtempSync(path.join(os.tmpdir(), 'poshm-test-')); process.env.NODE_ENV = 'test'; process.env.DATABASE_PATH = path.join(tmpRoot, 'test.sqlite'); process.env.LOG_DIR = path.join(tmpRoot, 'logs'); process.env.FILE_LOCKER_DIR = path.join(tmpRoot, 'filelocker'); process.env.JWT_SECRET = `test-${crypto.randomBytes(8).toString('hex')}`; process.env.CREDENTIAL_STORE_KEY = `cred-${crypto.randomBytes(8).toString('hex')}`; // Leave entra/origin/allow_script_execution env unset so tests exercise the // unpinned editable-default code paths. Tests never invoke PowerShell. const dbModule = await import('../db.js'); dbModule.migrate(); dbModule.seed(); export const db = dbModule.db; export async function load(modulePath) { return import(modulePath); } export function adminUserId() { return db.prepare('SELECT id FROM users WHERE role = ? LIMIT 1').get('admin').id; } export function makeUser({ email, role = 'user' } = {}) { const id = `usr_test_${crypto.randomBytes(5).toString('hex')}`; db.prepare(` INSERT INTO users (id, email, display_name, password_hash, auth_provider, role, created_at) VALUES (?, ?, ?, NULL, 'local', ?, ?) `).run(id, email || `${id}@test.local`, id, role, new Date().toISOString()); return id; }