mirror of
https://github.com/we-promise/sure.git
synced 2026-04-09 07:14:47 +00:00
5b0ddd06a4
* Add post-trial inactive family cleanup with data archival Families that expire their trial without subscribing now get cleaned up daily. Empty families (no accounts) are destroyed immediately after a 14-day grace period. Families with meaningful data (12+ transactions, some recent) get their data exported as NDJSON/ZIP to an ArchivedExport record before deletion, downloadable via a token-based URL for 90 days. - Add InactiveFamilyCleanerJob (scheduled daily at 4 AM, managed mode only) - Add ArchivedExport model with token-based downloads - Add inactive_trial_for_cleanup scope and requires_data_archive? to Family - Extend DataCleanerJob to purge expired archived exports - Add ArchivedExportsController for unauthenticated token downloads https://claude.ai/code/session_01LR3Vo83R5s5SczYe6T33dQ * Fix Brakeman redirect warning in ArchivedExportsController Use rails_blob_path instead of redirecting directly to the ActiveStorage attachment, which avoids the allow_other_host: true open redirect. https://claude.ai/code/session_01LR3Vo83R5s5SczYe6T33dQ * Update schema.rb with archived_exports table Add the archived_exports table definition to schema.rb to match the pending migration, unblocking CI tests. https://claude.ai/code/session_01LR3Vo83R5s5SczYe6T33dQ * Fix broken CI tests for ArchivedExports and InactiveFamilyCleaner - ArchivedExportsController 404 test: use assert_response :not_found instead of assert_raises since Rails rescues RecordNotFound in integration tests and returns a 404 response. - InactiveFamilyCleanerJob test: remove assert_no_difference on Family.count since the inactive_trial fixture gets cleaned up by the job. The test intent is to verify the active family survives, which is checked by assert Family.exists?. https://claude.ai/code/session_01LR3Vo83R5s5SczYe6T33dQ * Wrap ArchivedExport creation in a transaction Ensure the ArchivedExport record and its file attachment succeed atomically. If the attach fails, the transaction rolls back so no orphaned record is left without an export file. https://claude.ai/code/session_01LR3Vo83R5s5SczYe6T33dQ * Store only a digest of the download token for ArchivedExport Replace plaintext download_token column with download_token_digest (SHA-256 hex). The raw token is generated via SecureRandom on create, exposed transiently via attr_reader for use in emails/logs, and only its digest is persisted. Lookup uses find_by_download_token! which digests the incoming token before querying. https://claude.ai/code/session_01LR3Vo83R5s5SczYe6T33dQ * Remove raw download token from cleanup job logs Log a truncated digest prefix instead of the raw token, which is the sole credential for the unauthenticated download endpoint. https://claude.ai/code/session_01LR3Vo83R5s5SczYe6T33dQ * Fix empty assert_no_difference block in cleaner job test Wrap the perform_now call with both assertions so the ArchivedExport.count check actually exercises the job. https://claude.ai/code/session_01LR3Vo83R5s5SczYe6T33dQ --------- Co-authored-by: Claude <noreply@anthropic.com>
58 lines
1.5 KiB
Ruby
58 lines
1.5 KiB
Ruby
require "test_helper"
|
|
|
|
class ArchivedExportsControllerTest < ActionDispatch::IntegrationTest
|
|
test "redirects to file with valid token" do
|
|
archive = ArchivedExport.create!(
|
|
email: "test@example.com",
|
|
family_name: "Test",
|
|
expires_at: 30.days.from_now
|
|
)
|
|
archive.export_file.attach(
|
|
io: StringIO.new("test zip content"),
|
|
filename: "test.zip",
|
|
content_type: "application/zip"
|
|
)
|
|
|
|
get archived_export_path(token: archive.download_token)
|
|
assert_response :redirect
|
|
end
|
|
|
|
test "returns 410 gone for expired token" do
|
|
archive = ArchivedExport.create!(
|
|
email: "test@example.com",
|
|
family_name: "Test",
|
|
expires_at: 1.day.ago
|
|
)
|
|
archive.export_file.attach(
|
|
io: StringIO.new("test zip content"),
|
|
filename: "test.zip",
|
|
content_type: "application/zip"
|
|
)
|
|
|
|
get archived_export_path(token: archive.download_token)
|
|
assert_response :gone
|
|
end
|
|
|
|
test "returns 404 for invalid token" do
|
|
get archived_export_path(token: "nonexistent-token")
|
|
assert_response :not_found
|
|
end
|
|
|
|
test "does not require authentication" do
|
|
archive = ArchivedExport.create!(
|
|
email: "test@example.com",
|
|
family_name: "Test",
|
|
expires_at: 30.days.from_now
|
|
)
|
|
archive.export_file.attach(
|
|
io: StringIO.new("test zip content"),
|
|
filename: "test.zip",
|
|
content_type: "application/zip"
|
|
)
|
|
|
|
# No sign_in call - should still work
|
|
get archived_export_path(token: archive.download_token)
|
|
assert_response :redirect
|
|
end
|
|
end
|