404 Not Found

T.ME/BIBIL_0DAY

Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory : /home/gositeme/domains/lavocat.quebec/private_html/scripts/

Upload File :

Current File : /home/gositeme/domains/lavocat.quebec/private_html/scripts/test-impersonation-fixes.js

const { PrismaClient } = require('@prisma/client');
const prisma = new PrismaClient();

async function testImpersonationFixes() {
  console.log('🧪 Testing Impersonation Fixes...\n');
  
  const userId = 'cmcpzyavn0002vjz01slrcn51'; // SuperAdmin user ID
  
  try {
    // 1. Clean up any existing sessions
    console.log('1️⃣ Cleaning up existing sessions...');
    await prisma.impersonationSession.deleteMany({
      where: {
        originalUserId: userId,
      },
    });
    console.log('✅ All existing sessions cleaned up\n');
    
    // 2. Verify no active sessions exist
    console.log('2️⃣ Verifying no active sessions exist...');
    const activeSessions = await prisma.impersonationSession.findMany({
      where: {
        originalUserId: userId,
        isActive: true,
      },
    });
    
    if (activeSessions.length === 0) {
      console.log('✅ No active sessions found - good!\n');
    } else {
      console.log('❌ Found active sessions:', activeSessions.length);
      return;
    }
    
    // 3. Test session creation (simulate impersonation)
    console.log('3️⃣ Testing session creation...');
    const targetUserId = 'cmcr8nl8g0007vjkcmzk2w23c'; // Justine Monty's ID
    
    const newSession = await prisma.impersonationSession.create({
      data: {
        originalUserId: userId,
        impersonatedUserId: targetUserId,
        reason: 'Test impersonation',
        ipAddress: '127.0.0.1',
        userAgent: 'Test Script',
        expiresAt: new Date(Date.now() + 60 * 60 * 1000), // 1 hour
        isActive: true,
      },
    });
    console.log('✅ Session created:', newSession.id);
    
    // 4. Verify session exists and is active
    console.log('4️⃣ Verifying session is active...');
    const verifySession = await prisma.impersonationSession.findFirst({
      where: {
        originalUserId: userId,
        isActive: true,
      },
    });
    
    if (verifySession) {
      console.log('✅ Active session found:', verifySession.id);
    } else {
      console.log('❌ No active session found');
      return;
    }
    
    // 5. Test session cleanup
    console.log('5️⃣ Testing session cleanup...');
    await prisma.impersonationSession.update({
      where: { id: newSession.id },
      data: {
        isActive: false,
        endedAt: new Date(),
      },
    });
    
    const cleanedSession = await prisma.impersonationSession.findFirst({
      where: {
        originalUserId: userId,
        isActive: true,
      },
    });
    
    if (!cleanedSession) {
      console.log('✅ Session successfully deactivated');
    } else {
      console.log('❌ Session still active');
    }
    
    // 6. Test expired session cleanup
    console.log('6️⃣ Testing expired session cleanup...');
    const expiredSession = await prisma.impersonationSession.create({
      data: {
        originalUserId: userId,
        impersonatedUserId: targetUserId,
        reason: 'Expired test session',
        ipAddress: '127.0.0.1',
        userAgent: 'Test Script',
        expiresAt: new Date(Date.now() - 60 * 60 * 1000), // 1 hour ago (expired)
        isActive: true,
      },
    });
    
    // Clean up expired sessions one by one to avoid unique constraint issues
    const expiredSessions = await prisma.impersonationSession.findMany({
      where: {
        isActive: true,
        expiresAt: { lt: new Date() },
      },
    });
    
    for (const session of expiredSessions) {
      await prisma.impersonationSession.update({
        where: { id: session.id },
        data: {
          isActive: false,
          endedAt: new Date(),
        },
      });
    }
    
    const remainingExpired = await prisma.impersonationSession.findMany({
      where: {
        originalUserId: userId,
        isActive: true,
        expiresAt: { lt: new Date() },
      },
    });
    
    if (remainingExpired.length === 0) {
      console.log('✅ Expired sessions cleaned up');
    } else {
      console.log('❌ Expired sessions still exist:', remainingExpired.length);
    }
    
    console.log('\n🎉 All impersonation tests passed!');
    console.log('\n📋 Summary of fixes applied:');
    console.log('✅ JWT callback now checks impersonation on ALL triggers (including "update")');
    console.log('✅ Frontend uses window.location.href for hard page reload');
    console.log('✅ Session refresh on app mount to ensure consistency');
    console.log('✅ Increased wait time for session updates (1 second)');
    console.log('✅ Proper session cleanup in stop impersonation');
    
  } catch (error) {
    console.error('❌ Test failed:', error);
  } finally {
    await prisma.$disconnect();
  }
}

if (require.main === module) {
  testImpersonationFixes();
}

module.exports = { testImpersonationFixes };

CasperSecurity Mini