import assert from 'node:assert/strict'; import fs from 'node:fs'; import vm from 'node:vm'; const pluginPath = new URL('../plugins/qdreader/qdreader_sign_autman.js', import.meta.url).pathname; const code = fs.readFileSync(pluginPath, 'utf8'); function fixedDateClass(iso) { const RealDate = Date; return class FixedDate extends RealDate { constructor(...args) { if (args.length === 0) super(iso); else super(...args); } static now() { return new RealDate(iso).getTime(); } static parse(value) { return RealDate.parse(value); } static UTC(...args) { return RealDate.UTC(...args); } }; } function runPlugin({ pluginCode = code, filename = pluginPath, content = '', store = {}, bucketStore = {}, requests = [], userId = 'user-a', listens = [], senderOverrides = {}, globals = {}, admin = true } = {}) { const replies = []; const calls = []; let requestIndex = 0; let listenIndex = 0; const baseSender = { reply: (msg) => replies.push(String(msg)), getMessage: () => content, getContent: () => content, isAdmin: () => admin, getUserID: () => userId, listen: () => (listenIndex < listens.length ? listens[listenIndex++] : 'q'), }; const ctx = { console, Buffer, sender: { ...baseSender, ...senderOverrides }, GetUserID: () => userId, GetContent: () => content, getContent: () => content, get: (key) => store[key] || '', set: (key, value) => { store[key] = String(value); }, bucketGet: (bucket, key) => bucketStore[`${bucket}.${key}`] || '', bucketSet: (bucket, key, value) => { bucketStore[`${bucket}.${key}`] = String(value); }, request: (req) => { calls.push(req); const item = requests[requestIndex++]; if (item instanceof Error) throw item; if (typeof item === 'function') return item(req, calls.length); if (item !== undefined) return item; if (String(req.url).includes('/sign')) return { body: { code: 0, data: { headers: { 'QD-Sign': 'sig' } } } }; return { statusCode: 200, body: { code: 0, msg: '签到成功' } }; }, ...globals, }; vm.createContext(ctx); vm.runInContext(pluginCode, ctx, { filename }); return { replies, calls, store, bucketStore }; } const cookie = 'uid=12345; QDHeader=MTIzNDV8eA==; qdh=qdh; ywguid=guid; qimei=qimei; qimei36=qimei36; sessionyw=s; appId=10'; function test(name, fn) { try { fn(); console.log('ok -', name); } catch (err) { console.error('not ok -', name); throw err; } } test('manual cookie save masks cookie and stores by uid', () => { const r = runPlugin({ content: '启点ck ' + cookie }); assert.match(r.replies.join('\n'), /CK新增成功/); assert.match(r.replies.join('\n'), /uid: 12345/); assert.doesNotMatch(r.replies.join('\n'), /sessionyw=s; appId=10/); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['12345'], cookie); assert.equal(JSON.parse(r.bucketStore['hermes_qidian.qdreader_cookie_json'])['12345'], cookie); assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], 'user-a'); assert.equal(JSON.parse(r.bucketStore['hermes_qidian.qdreader_user_bind_json'])['12345'], 'user-a'); }); test('manual cookie save falls back to ywguid when QDHeader uid is null', () => { const fallbackCookie = 'QDHeader=KG51bGwpfHg=; ywguid=54321; qdh=qdh; sessionyw=s; appId=10'; const r = runPlugin({ content: '启点ck ' + fallbackCookie }); assert.match(r.replies.join('\n'), /CK新增成功/); assert.match(r.replies.join('\n'), /uid: 54321/); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['54321'], fallbackCookie); }); test('manual cookie save accepts upstream JSON map format', () => { const jsonCookie = 'QDHeader=KG51bGwpfHg=; ywguid=54321; qdh=qdh; sessionyw=s; appId=10'; const r = runPlugin({ content: '启点ck ' + JSON.stringify({ '475700975': jsonCookie }) }); assert.match(r.replies.join('\n'), /CK新增成功/); assert.match(r.replies.join('\n'), /uid: 475700975/); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['475700975'], jsonCookie); assert.equal(JSON.parse(r.bucketStore['hermes_qidian.qdreader_user_bind_json'])['475700975'], 'user-a'); }); test('manual cookie save falls back to QDHeader embedded UserId before ywguid', () => { const streamQdheader = 'KG51bGwpfChudWxsKXwxMTc5fDI1NTZ8KG51bGwpfDE2LjEwfDB8aU9TL2lQaG9uZS8obnVsbCl8MHwobnVsbCl8KG51bGwpfDQ3NTcwMDk3NXwxNzc5MDA5MTM2MDAwfDB8KG51bGwpfHx8KG51bGwpfChudWxsKXww'; const streamCookie = `QDHeader=${streamQdheader}; ywguid=120098575768; qdh=qdh; sessionyw=s; appId=12`; const r = runPlugin({ content: '启点ck ' + streamCookie }); assert.match(r.replies.join('\n'), /CK新增成功/); assert.match(r.replies.join('\n'), /uid: 475700975/); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['475700975'], streamCookie); }); test('quick submit prompts remark after saving cookie', () => { const r = runPlugin({ content: '启点ck ' + cookie, userId: 'user-a', listens: ['主号'] }); assert.match(r.replies.join('\n'), /是否为该账号添加备注/); assert.match(r.replies.join('\n'), /备注: 主号/); assert.equal(JSON.parse(r.store.qdreader_remark_json)['12345'], '主号'); }); test('quick submit remark uses saved QDHeader uid instead of ywguid', () => { const streamQdheader = 'KG51bGwpfChudWxsKXwxMTc5fDI1NTZ8KG51bGwpfDE2LjEwfDB8aU9TL2lQaG9uZS8obnVsbCl8MHwobnVsbCl8KG51bGwpfDQ3NTcwMDk3NXwxNzc5MDA5MTM2MDAwfDB8KG51bGwpfHx8KG51bGwpfChudWxsKXww'; const streamCookie = `QDHeader=${streamQdheader}; ywguid=120098575768; qdh=qdh; sessionyw=s; appId=12`; const r = runPlugin({ content: '启点ck ' + streamCookie, userId: 'user-a', listens: ['01'] }); assert.match(r.replies.join('\n'), /uid: 475700975/); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['475700975'], streamCookie); assert.equal(JSON.parse(r.store.qdreader_remark_json)['475700975'], '01'); assert.equal(JSON.parse(r.store.qdreader_remark_json)['120098575768'], undefined); }); test('quick submit can decode QDHeader uid without Buffer or atob', () => { const streamQdheader = 'KG51bGwpfChudWxsKXwxMTc5fDI1NTZ8KG51bGwpfDE2LjEwfDB8aU9TL2lQaG9uZS8obnVsbCl8MHwobnVsbCl8KG51bGwpfDQ3NTcwMDk3NXwxNzc5MDA5MTM2MDAwfDB8KG51bGwpfHx8KG51bGwpfChudWxsKXww'; const streamCookie = `QDHeader=${streamQdheader}; ywguid=120098575768; qdh=qdh; sessionyw=s; appId=12`; const r = runPlugin({ content: '启点ck ' + streamCookie, globals: { Buffer: undefined, atob: undefined }, listens: ['n'] }); assert.match(r.replies.join('\n'), /uid: 475700975/); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['475700975'], streamCookie); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['120098575768'], undefined); }); test('account menu add remark uses saved QDHeader uid instead of ywguid', () => { const streamQdheader = 'KG51bGwpfChudWxsKXwxMTc5fDI1NTZ8KG51bGwpfDE2LjEwfDB8aU9TL2lQaG9uZS8obnVsbCl8MHwobnVsbCl8KG51bGwpfDQ3NTcwMDk3NXwxNzc5MDA5MTM2MDAwfDB8KG51bGwpfHx8KG51bGwpfChudWxsKXww'; const streamCookie = `QDHeader=${streamQdheader}; ywguid=120098575768; qdh=qdh; sessionyw=s; appId=12`; const r = runPlugin({ content: '启点账号', userId: 'user-a', listens: ['2', streamCookie, '01'] }); assert.match(r.replies.join('\n'), /uid: 475700975/); assert.equal(JSON.parse(r.store.qdreader_remark_json)['475700975'], '01'); assert.equal(JSON.parse(r.store.qdreader_remark_json)['120098575768'], undefined); }); test('mis-keyed ywguid remark is migrated to saved uid on account list', () => { const streamQdheader = 'KG51bGwpfChudWxsKXwxMTc5fDI1NTZ8KG51bGwpfDE2LjEwfDB8aU9TL2lQaG9uZS8obnVsbCl8MHwobnVsbCl8KG51bGwpfDQ3NTcwMDk3NXwxNzc5MDA5MTM2MDAwfDB8KG51bGwpfHx8KG51bGwpfChudWxsKXww'; const streamCookie = `QDHeader=${streamQdheader}; ywguid=120098575768; qdh=qdh; sessionyw=s; appId=12`; const store = { qdreader_cookie_json: JSON.stringify({ '475700975': streamCookie }), qdreader_user_bind_json: JSON.stringify({ '475700975': 'user-a' }), qdreader_remark_json: JSON.stringify({ '120098575768': '01' }), }; const r = runPlugin({ content: '启点账号', store, userId: 'user-a', listens: ['1'] }); assert.match(r.replies.join('\n'), /01/); assert.equal(JSON.parse(r.store.qdreader_remark_json)['475700975'], '01'); assert.equal(JSON.parse(r.store.qdreader_remark_json)['120098575768'], undefined); }); test('quick submit can bind user from official global GetUserID', () => { const r = runPlugin({ content: '启点ck ' + cookie, userId: '', senderOverrides: { getUserID: undefined }, globals: { GetUserID: () => 'official-100' }, listens: ['n'], }); assert.match(r.replies.join('\n'), /CK新增成功/); assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], 'official-100'); }); test('quick submit can bind user from alternate Autman sender fields', () => { const r = runPlugin({ content: '启点ck ' + cookie, userId: '', senderOverrides: { getUserID: undefined, getSenderID: () => 'sender-42' }, listens: ['n'], }); assert.match(r.replies.join('\n'), /CK新增成功/); assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], 'sender-42'); }); test('quick submit can re-add cookie when old binding remains but cookie was manually deleted', () => { const store = { qdreader_cookie_json: JSON.stringify({}), qdreader_user_bind_json: JSON.stringify({ '12345': 'old-user' }), }; const r = runPlugin({ content: '启点ck ' + cookie, store, userId: 'user-a', listens: ['n'] }); assert.match(r.replies.join('\n'), /已自动清理残留绑定/); assert.match(r.replies.join('\n'), /CK新增成功/); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['12345'], cookie); assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], 'user-a'); }); test('quick submit still rejects overwrite when cookie and real another owner binding both exist', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': '987654321' }), }; const r = runPlugin({ content: '启点ck ' + cookie.replace('qdh=qdh', 'qdh=newqdh'), store, userId: 'user-a', listens: ['n'] }); assert.match(r.replies.join('\n'), /无权更新 uid: 12345/); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['12345'], cookie); assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], '987654321'); }); test('quick submit can repair legacy fallback owner when admin submits existing cookie', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': 'chickliu' }), }; const r = runPlugin({ content: '启点ck ' + cookie.replace('qdh=qdh', 'qdh=newqdh'), store, userId: 'real-user', admin: true, listens: ['n'] }); assert.match(r.replies.join('\n'), /旧绑定来自历史兜底标识/); assert.match(r.replies.join('\n'), /CK更新成功/); assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], 'real-user'); assert.match(JSON.parse(r.store.qdreader_cookie_json)['12345'], /qdh=newqdh/); }); test('non-admin quick submit still rejects existing cookie bound to legacy fallback owner', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': 'chickliu' }), }; const r = runPlugin({ content: '启点ck ' + cookie.replace('qdh=qdh', 'qdh=newqdh'), store, userId: 'real-user', admin: false, listens: ['n'] }); assert.match(r.replies.join('\n'), /无权更新 uid: 12345/); assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], 'chickliu'); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['12345'], cookie); }); test('quick submit rejects save when Autman JS has no user identity', () => { const r = runPlugin({ content: '启点ck ' + cookie, userId: '', senderOverrides: { getUserID: undefined }, globals: { GetUserID: undefined }, listens: ['n'], }); assert.match(r.replies.join('\n'), /无法识别当前用户/); assert.doesNotMatch(r.replies.join('\n'), /CK新增成功/); assert.equal(r.store.qdreader_user_bind_json, undefined); }); test('midnight cron archives previous run log and clears daily logs without running sign', () => { const previousRun = { runId: '20260518_cron', source: 'cron', startedAt: '2026-05-18T07:15:00.000Z', finishedAt: '2026-05-18T07:15:02.000Z', total: 1, okCount: 1, failCount: 0, items: [{ uid: '12345', ok: true, msg: '昨日签到成功', time: '2026-05-18T07:15:01.000Z' }], }; const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a' }), qdreader_last_run_json: JSON.stringify(previousRun), qdreader_last_result_json: JSON.stringify({ '12345': JSON.stringify({ ok: true, msg: '昨日签到成功' }) }), }; const r = runPlugin({ content: '', store, userId: 'cron', globals: { Date: fixedDateClass('2026-05-19T00:00:00.000+08:00') } }); assert.equal(r.calls.length, 0); assert.match(r.replies[0], /日志归档完成/); const archive = JSON.parse(r.store.qdreader_archive_json); assert.equal(archive['2026-05-18'].runId, '20260518_cron'); assert.equal(archive['2026-05-18'].items[0].msg, '昨日签到成功'); assert.deepEqual(JSON.parse(r.store.qdreader_last_run_json), {}); assert.deepEqual(JSON.parse(r.store.qdreader_last_result_json), {}); }); test('delayed midnight cron still archives instead of signing', () => { const previousRun = { runId: '20260518_cron', source: 'cron', finishedAt: '2026-05-18T07:15:02.000Z', total: 1, okCount: 1, failCount: 0, items: [{ uid: '12345', ok: true, msg: '昨日签到成功' }], }; const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a' }), qdreader_last_run_json: JSON.stringify(previousRun), qdreader_last_result_json: JSON.stringify({ '12345': JSON.stringify({ ok: true, msg: '昨日签到成功' }) }), }; const r = runPlugin({ content: '', store, userId: 'cron', globals: { Date: fixedDateClass('2026-05-19T00:23:00.000+08:00') } }); assert.equal(r.calls.length, 0); assert.match(r.replies[0], /日志归档完成/); assert.equal(JSON.parse(r.store.qdreader_archive_json)['2026-05-18'].runId, '20260518_cron'); }); test('query falls back to archived sign results after daily log was cleared', () => { const archiveRun = { source: 'cron', finishedAt: '2026-05-18T00:00:02.000Z', total: 2, okCount: 1, failCount: 1, items: [ { uid: '12345', ok: true, msg: '签到成功', time: '2026-05-18T00:00:01.000Z' }, { uid: '67890', ok: false, msg: 'Cookie失效', time: '2026-05-18T00:00:01.000Z' }, ], }; const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie, '67890': cookie.replace(/12345/g, '67890') }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a', '67890': 'user-a' }), qdreader_remark_json: JSON.stringify({ '12345': '主号', '67890': '副号' }), qdreader_last_run_json: '{}', qdreader_last_result_json: '{}', qdreader_archive_json: JSON.stringify({ '2026-05-18': archiveRun }), }; const r = runPlugin({ content: '启点查询', store, userId: 'user-a', listens: ['1'] }); assert.match(r.replies[1], /启点最近归档签到记录/); assert.match(r.replies[1], /最近归档:2026-05-18/); assert.match(r.replies[1], /12\*\*\*45(主号):✅ 签到成功/); assert.match(r.replies[1], /67\*\*\*90(副号):❌ Cookie失效/); }); test('manual sign and cron sign both call sign gateway then qidian checkin', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a' }), }; const manual = runPlugin({ content: '启点签到', store: { ...store } }); assert.equal(manual.calls.length, 2); assert.match(manual.calls[0].url, /api\.120399\.xyz\/qdreader\/sign$/); assert.match(manual.calls[1].url, /h5\.if\.qidian\.com\/argus\/api\/v3\/checkin\/checkin$/); assert.match(manual.replies[0], /✅ 12\*\*\*45/); assert.match(manual.replies[0], /记录时间:/); assert.equal(JSON.parse(manual.store.qdreader_last_run_json).source, 'manual'); assert.equal(JSON.parse(manual.store.qdreader_last_run_json).okCount, 1); assert.equal(JSON.parse(JSON.parse(manual.store.qdreader_last_result_json)['12345']).source, 'manual'); const payload = JSON.parse(manual.calls[0].body); assert.equal(payload.qdh, 'qdh'); assert.equal(payload.qdheader, 'MTIzNDV8eA=='); const cron = runPlugin({ content: '', store: { ...store }, globals: { Date: fixedDateClass('2026-05-19T07:15:00.000+08:00') } }); assert.equal(cron.calls.length, 2); assert.match(cron.replies[0], /启点读书签到结果/); assert.equal(JSON.parse(cron.store.qdreader_last_run_json).source, 'cron'); assert.equal(cron.store.qdreader_archive_json, undefined); }); test('bucketGet/bucketSet fallback rejects when user identity is absent', () => { const replies = []; const bucketStore = {}; const ctx = { console, Buffer, sender: { reply: (msg) => replies.push(String(msg)), getMessage: () => '启点ck ' + cookie, listen: () => 'n' }, bucketGet: (bucket, key) => bucketStore[`${bucket}.${key}`] || '', bucketSet: (bucket, key, value) => { bucketStore[`${bucket}.${key}`] = String(value); }, request: () => ({ body: { code: 0, data: { headers: {} } } }), }; vm.createContext(ctx); vm.runInContext(code, ctx, { filename: pluginPath }); assert.match(replies.join('\n'), /无法识别当前用户/); assert.equal(bucketStore['hermes_qidian.qdreader_cookie_json'], undefined); assert.equal(bucketStore['hermes_qidian.qdreader_user_bind_json'], undefined); }); test('hermes_qidian bucket values are read and written without legacy bucket fallback', () => { const bucketStore = { 'hermes_qidian.qdreader_cookie_json': JSON.stringify({ '12345': cookie }), 'hermes_qidian.qdreader_user_bind_json': JSON.stringify({ '12345': 'user-a' }), }; const r = runPlugin({ content: '启点账号', bucketStore, userId: 'user-a', listens: ['3', '1', '主号'] }); assert.match(r.replies.join('\n'), /已更新备注/); assert.equal(JSON.parse(r.bucketStore['hermes_qidian.qdreader_remark_json'])['12345'], '主号'); }); test('qidian request retries transient request errors', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a' }), qdreader_retry_count: '2' }; const r = runPlugin({ content: '启点签到', store, requests: [ { body: { code: 0, data: { headers: { 'QD-Sign': 'sig' } } } }, new Error('timeout'), { statusCode: 200, body: { code: 0, msg: '重试后成功' } }, ], }); assert.equal(r.calls.length, 3); assert.match(r.replies[0], /重试后成功/); }); test('account command shows only current user bound accounts without cookies', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie, '67890': cookie.replace(/12345/g, '67890') }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a', '67890': 'user-b' }), qdreader_remark_json: JSON.stringify({ '12345': '主号', '67890': '副号' }), }; const r = runPlugin({ content: '启点账号', store, userId: 'user-a', listens: ['1'] }); assert.match(r.replies[0], /启点账号管理/); assert.match(r.replies[1], /当前用户共 1 个账号/); assert.match(r.replies[1], /12\*\*\*45/); assert.match(r.replies[1], /主号/); assert.doesNotMatch(r.replies[1], /67\*\*\*90/); assert.doesNotMatch(r.replies[1], /QDHeader=/); }); test('query command shows last sign log not account management', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie, '67890': cookie.replace(/12345/g, '67890') }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a', '67890': 'user-b' }), qdreader_remark_json: JSON.stringify({ '12345': '主号', '67890': '副号' }), qdreader_last_result_json: JSON.stringify({ '12345': JSON.stringify({ ok: true, msg: '签到成功', time: '2026-05-17T00:00:00.000Z', source: 'cron', runId: 'r1' }), '67890': JSON.stringify({ ok: false, msg: '失败', time: '2026-05-17T00:00:00.000Z', source: 'cron', runId: 'r1' }), }), qdreader_last_run_json: JSON.stringify({ source: 'cron', finishedAt: '2026-05-17T00:00:01.000Z', okCount: 1, failCount: 1, total: 2 }), }; const r = runPlugin({ content: '启点查询', store, userId: 'user-a', listens: ['1'] }); assert.match(r.replies[0], /启点查询/); assert.match(r.replies[1], /启点最近签到记录/); assert.match(r.replies[1], /最近批次:定时任务/); assert.match(r.replies[1], /12\*\*\*45/); assert.match(r.replies[1], /主号/); assert.match(r.replies[1], /签到成功/); assert.doesNotMatch(r.replies[1], /67\*\*\*90/); }); test('query menu can inspect a single bound account', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie, '67890': cookie.replace(/12345/g, '67890') }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a', '67890': 'user-a' }), qdreader_remark_json: JSON.stringify({ '12345': '主号', '67890': '副号' }), qdreader_last_result_json: JSON.stringify({ '12345': JSON.stringify({ ok: true, msg: '签到成功', time: '2026-05-17T00:00:00.000Z', source: 'cron', runId: 'r1' }), '67890': JSON.stringify({ ok: false, msg: '失败', time: '2026-05-17T00:00:00.000Z', source: 'cron', runId: 'r1' }), }), qdreader_last_run_json: JSON.stringify({ source: 'cron', finishedAt: '2026-05-17T00:00:01.000Z', okCount: 1, failCount: 1, total: 2 }), }; const r = runPlugin({ content: '启点查询', store, userId: 'user-a', listens: ['2', '2'] }); assert.match(r.replies[0], /启点查询/); assert.match(r.replies[1], /请选择要查询的账号/); assert.match(r.replies[1], /1\. 12\*\*\*45/); assert.match(r.replies[1], /2\. 67\*\*\*90/); assert.match(r.replies[2], /启点单账号最近签到记录/); assert.match(r.replies[2], /67\*\*\*90/); assert.match(r.replies[2], /副号/); assert.doesNotMatch(r.replies[2], /12\*\*\*45/); }); test('account menu prompts remark after add and can edit from detail', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a' }), }; const add = runPlugin({ content: '启点账号', store: {}, userId: 'user-a', listens: ['2', cookie, '主号'] }); assert.match(add.replies.join('\n'), /是否为该账号添加备注/); assert.equal(JSON.parse(add.store.qdreader_remark_json)['12345'], '主号'); const clear = runPlugin({ content: '启点账号', store: add.store, userId: 'user-a', listens: ['3', '1', '清空'] }); assert.match(clear.replies.join('\n'), /请选择要查看\/修改备注的账号/); assert.match(clear.replies.join('\n'), /启点账号详情/); assert.equal(JSON.parse(clear.store.qdreader_remark_json)['12345'], undefined); }); test('failed sign exceptions are written to last execution log', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a' }), }; const r = runPlugin({ content: '启点签到', store, userId: 'user-a', requests: [new Error('sign api down'), new Error('sign api down')] }); assert.match(r.replies[0], /sign api down/); const lastRun = JSON.parse(r.store.qdreader_last_run_json); assert.equal(lastRun.failCount, 1); assert.equal(lastRun.items[0].error, true); const lastResult = JSON.parse(JSON.parse(r.store.qdreader_last_result_json)['12345']); assert.equal(lastResult.ok, false); assert.equal(lastResult.msg, 'sign api down'); }); test('legacy ck query points to separated commands', () => { const r = runPlugin({ content: '启点ck 查询' }); assert.match(r.replies[0], /请使用一级菜单:启点账号 或 启点查询/); }); test('delete account uses numbered selection instead of uid input', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie, '67890': cookie.replace(/12345/g, '67890') }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a', '67890': 'user-a' }), qdreader_remark_json: JSON.stringify({ '12345': '主号', '67890': '副号' }), }; const r = runPlugin({ content: '启点账号', store, userId: 'user-a', listens: ['4', '2'] }); assert.match(r.replies[1], /请选择要删除的账号/); assert.match(r.replies[1], /1\. 12\*\*\*45/); assert.match(r.replies[1], /2\. 67\*\*\*90/); assert.match(r.replies[2], /已删除 uid: 67890/); assert.deepEqual(JSON.parse(r.store.qdreader_cookie_json), { '12345': cookie }); }); test('delete all command clears only current user saved cookies', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie, '67890': cookie.replace(/12345/g, '67890') }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a', '67890': 'user-b' }), qdreader_remark_json: JSON.stringify({ '12345': '主号', '67890': '副号' }), }; const r = runPlugin({ content: '启点账号', store, userId: 'user-a', listens: ['5'] }); assert.match(r.replies[0], /启点账号管理/); assert.match(r.replies[1], /已删除全部/); assert.deepEqual(JSON.parse(r.store.qdreader_cookie_json), { '67890': cookie.replace(/12345/g, '67890') }); assert.deepEqual(JSON.parse(r.store.qdreader_user_bind_json), { '67890': 'user-b' }); assert.deepEqual(JSON.parse(r.store.qdreader_remark_json), { '67890': '副号' }); }); test('manual sign only runs current user accounts while cron runs all accounts', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie, '67890': cookie.replace(/12345/g, '67890') }), qdreader_user_bind_json: JSON.stringify({ '12345': 'user-a', '67890': 'user-b' }), }; const manual = runPlugin({ content: '启点签到', store: { ...store }, userId: 'user-a' }); assert.equal(manual.calls.length, 2); assert.match(manual.replies[0], /总计 1/); const cron = runPlugin({ content: '', store: { ...store }, userId: 'cron', globals: { Date: fixedDateClass('2026-05-19T07:15:00.000+08:00') } }); assert.equal(cron.calls.length, 4); assert.match(cron.replies[0], /总计 2/); }); test('unbound global cookies are not visible or usable by normal users', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }) }; const account = runPlugin({ content: '启点账号', store: { ...store }, userId: 'user-a', listens: ['1'] }); assert.match(account.replies.join('\n'), /当前用户还没有保存启点读书CK/); const manual = runPlugin({ content: '启点签到', store: { ...store }, userId: 'user-a' }); assert.equal(manual.calls.length, 0); assert.match(manual.replies[0], /还没有保存启点读书CK/); const cron = runPlugin({ content: '', store: { ...store }, userId: 'cron', globals: { Date: fixedDateClass('2026-05-19T07:15:00.000+08:00') } }); assert.equal(cron.calls.length, 2); assert.match(cron.replies[0], /总计 1/); }); test('user cannot overwrite another user bound cookie', () => { const store = { qdreader_cookie_json: JSON.stringify({ '12345': cookie }), qdreader_user_bind_json: JSON.stringify({ '12345': '987654321' }), }; const newCookie = cookie.replace('sessionyw=s', 'sessionyw=changed'); const r = runPlugin({ content: '启点ck ' + newCookie, store, userId: 'user-b' }); assert.match(r.replies.join('\n'), /无权更新 uid: 12345/); assert.equal(JSON.parse(r.store.qdreader_cookie_json)['12345'], cookie); assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], '987654321'); });