fix(security): Phase 1 P0 hardening from cross-project audit
Close open uploads, image-proxy SSRF, fail-open AI quotas in production, auth gaps on app routes, and MCP tenant isolation issues. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
@@ -142,7 +142,8 @@ describe('entitlements', () => {
|
||||
expect(result.reason).toBe('FEATURE_NOT_AVAILABLE');
|
||||
});
|
||||
|
||||
it('should fail-open when Redis is down', async () => {
|
||||
it('should fail-open when Redis is down in non-production', async () => {
|
||||
vi.stubEnv('NODE_ENV', 'development');
|
||||
mockActiveSubscription('BASIC');
|
||||
vi.mocked(redis.get).mockRejectedValue(new Error('Connection refused'));
|
||||
|
||||
@@ -150,6 +151,17 @@ describe('entitlements', () => {
|
||||
|
||||
expect(result.allowed).toBe(true);
|
||||
});
|
||||
|
||||
it('should fail-closed when Redis is down in production', async () => {
|
||||
vi.stubEnv('NODE_ENV', 'production');
|
||||
mockActiveSubscription('BASIC');
|
||||
vi.mocked(redis.get).mockRejectedValue(new Error('Connection refused'));
|
||||
|
||||
const result = await canUseFeature('user1', 'semantic_search');
|
||||
|
||||
expect(result.allowed).toBe(false);
|
||||
expect(result.reason).toBe('SERVICE_UNAVAILABLE');
|
||||
});
|
||||
});
|
||||
|
||||
describe('checkEntitlementOrThrow', () => {
|
||||
|
||||
Reference in New Issue
Block a user