fix: hide exact quota values from account response (#16)

Closes #1 - hide exact quota values from GET /api/account - keep only the approximate quota bucket in the public account payload - add a regression test for the public account response contract - document that completed tasks should end with a PR Co-authored-by: sirily <sirily@git.shararam.party> Reviewed-on: #16
2026-03-10 15:52:16 +03:00
parent 55472de23d
commit 431a60f9c8
7 changed files with 162 additions and 70 deletions
--- a/apps/web/src/account-response.test.ts
+++ b/apps/web/src/account-response.test.ts
@@ -0,0 +1,65 @@
+import test from "node:test";
+import assert from "node:assert/strict";
+import { serializePublicAccountOverview } from "./account-response.js";
+
+test("serializePublicAccountOverview exposes only approximate quota fields", () => {
+  const response = serializePublicAccountOverview({
+    user: {
+      id: "user_1",
+      email: "user@example.com",
+      isAdmin: false,
+      createdAt: new Date("2026-03-10T12:00:00.000Z"),
+    },
+    subscription: {
+      id: "sub_1",
+      status: "active",
+      renewsManually: true,
+      activatedAt: new Date("2026-03-10T12:00:00.000Z"),
+      currentPeriodStart: new Date("2026-03-10T12:00:00.000Z"),
+      currentPeriodEnd: new Date("2026-04-09T12:00:00.000Z"),
+      plan: {
+        id: "plan_1",
+        code: "basic",
+        displayName: "Basic",
+        monthlyPriceUsd: 29,
+        billingCurrency: "USDT",
+        isActive: true,
+      },
+    },
+    quota: {
+      approximateBucket: 80,
+    },
+  });
+
+  assert.deepEqual(response, {
+    user: {
+      id: "user_1",
+      email: "user@example.com",
+      isAdmin: false,
+      createdAt: "2026-03-10T12:00:00.000Z",
+    },
+    subscription: {
+      id: "sub_1",
+      status: "active",
+      renewsManually: true,
+      activatedAt: "2026-03-10T12:00:00.000Z",
+      currentPeriodStart: "2026-03-10T12:00:00.000Z",
+      currentPeriodEnd: "2026-04-09T12:00:00.000Z",
+      plan: {
+        id: "plan_1",
+        code: "basic",
+        displayName: "Basic",
+        monthlyPriceUsd: 29,
+        billingCurrency: "USDT",
+        isActive: true,
+      },
+    },
+    quota: {
+      approximateBucket: 80,
+    },
+  });
+
+  assert.equal("usedSuccessfulRequests" in (response.quota ?? {}), false);
+  assert.equal("monthlyRequestLimit" in (response.quota ?? {}), false);
+  assert.equal("monthlyRequestLimit" in (response.subscription?.plan ?? {}), false);
+});