| 74 | } |
| 75 | |
| 76 | async function testPolicyLimits() { |
| 77 | console.log('\n--- Policy Limits ---') |
| 78 | try { |
| 79 | const pl = await import('../src/services/policyLimits/index.js') |
| 80 | |
| 81 | // isPolicyAllowed should return true (fail open) when no restrictions loaded |
| 82 | const result = pl.isPolicyAllowed('allow_remote_sessions') |
| 83 | if (result === true) { |
| 84 | pass('isPolicyAllowed (no cache)', 'fails open — returns true') |
| 85 | } else { |
| 86 | fail('isPolicyAllowed (no cache)', `expected true (fail open), got ${result}`) |
| 87 | } |
| 88 | |
| 89 | // isPolicyLimitsEligible should return false without valid auth |
| 90 | const eligible = pl.isPolicyLimitsEligible() |
| 91 | pass('isPolicyLimitsEligible', `returns ${eligible} (expected false in test env)`) |
| 92 | } catch (err: any) { |
| 93 | fail('Policy limits', err.message) |
| 94 | } |
| 95 | } |
| 96 | |
| 97 | async function testRemoteManagedSettings() { |
| 98 | console.log('\n--- Remote Managed Settings ---') |