import { beforeEach, describe, expect, it, vi } from "vitest" import { DELETE } from "@/app/api/profile/avatar/route" import { getServerSession } from "@/lib/auth-server" import { auth } from "@/lib/auth" import { prisma } from "@/lib/prisma" vi.mock("@/lib/auth-server", () => ({ getServerSession: vi.fn(), })) vi.mock("@/server/convex-client", () => ({ createConvexClient: vi.fn(() => ({ mutation: vi.fn() })), })) vi.mock("@/lib/prisma", () => ({ prisma: { authUser: { update: vi.fn() }, }, })) vi.mock("@/lib/auth", () => ({ auth: { api: { updateUser: vi.fn(), }, }, })) describe("DELETE /api/profile/avatar", () => { beforeEach(() => { vi.resetAllMocks() vi.mocked(getServerSession).mockResolvedValue({ session: { id: "sess-1", expiresAt: Date.now() + 60_000 }, user: { id: "user-1", name: "Agente", email: "agent@example.com", role: "agent", tenantId: null, avatarUrl: "https://cdn.example.com/avatar.png", machinePersona: null, }, }) }) it("propaga Set-Cookie retornado pelo Better Auth (cookieCache)", async () => { const upstreamHeaders = new Headers() upstreamHeaders.append("set-cookie", "better-auth.session_data=abc; Path=/; HttpOnly") upstreamHeaders.append("set-cookie", "better-auth.session_token=def; Path=/; HttpOnly") vi.mocked(auth.api.updateUser).mockResolvedValue( new Response(JSON.stringify({ status: true }), { status: 200, headers: upstreamHeaders }) ) const req = new Request("http://localhost/api/profile/avatar", { method: "DELETE" }) const res = await DELETE(req) expect(res.status).toBe(200) const headersAny = res.headers as Headers & { getSetCookie?: () => string[] | undefined } const setCookies = typeof headersAny.getSetCookie === "function" ? headersAny.getSetCookie() ?? [] : [res.headers.get("set-cookie")].filter(Boolean) expect(setCookies.join("\n")).toContain("better-auth.session_data=abc") expect(setCookies.join("\n")).toContain("better-auth.session_token=def") expect(vi.mocked(prisma.authUser.update)).not.toHaveBeenCalled() }) })