NIST CSF 2.0 Assessment Platform

Overview Schema Related Servers Score Discussions

assessment.test.ts•4.88 kB

/** * Assessment API Routes Tests * * Comprehensive testing of assessment workflow endpoints. */ import { describe, test, expect, beforeAll, afterAll } from '@jest/globals'; import request from 'supertest'; import express from 'express'; import assessmentRoutes from '../routes/assessment.js'; describe('Assessment API Routes', () => { let app: express.Application; beforeAll(() => { app = express(); // Security: Disable X-Powered-By header to prevent server fingerprinting app.disable('x-powered-by'); app.use(express.json()); app.use('/api/assessments', assessmentRoutes); // Mock error handler app.use((error: any, req: any, res: any, next: any) => { res.status(500).json({ success: false, error: error.message }); }); }); describe('Profile Creation', () => { test('should validate profile creation schema', async () => { const validProfile = { org_name: 'Test Organization', sector: 'Technology', size: 'medium', description: 'Test profile for API validation' }; // This will fail due to MCP connection, but validates routing and schema const response = await request(app) .post('/api/assessments/profiles') .send(validProfile); // Expect either success or MCP connection error (both indicate routing works) expect([200, 201, 500, 503]).toContain(response.status); }); test('should reject invalid profile data', async () => { const invalidProfile = { org_name: '', // Invalid: empty string sector: 'Technology', size: 'invalid_size' // Invalid: not in enum }; const response = await request(app) .post('/api/assessments/profiles') .send(invalidProfile); expect(response.status).toBe(400); }); }); describe('Assessment Workflow', () => { test('should validate assessment start schema', async () => { const validAssessment = { profile_id: '550e8400-e29b-41d4-a716-446655440000', assessment_type: 'comprehensive' }; const response = await request(app) .post('/api/assessments/start') .send(validAssessment); // Routing and validation work regardless of MCP connection expect([200, 201, 404, 500, 503]).toContain(response.status); }); test('should reject invalid UUID format', async () => { const invalidAssessment = { profile_id: 'not-a-uuid', assessment_type: 'comprehensive' }; const response = await request(app) .post('/api/assessments/start') .send(invalidAssessment); expect(response.status).toBe(400); }); }); describe('Question Answering', () => { test('should validate answer submission schema', async () => { const validAnswer = { workflow_id: '550e8400-e29b-41d4-a716-446655440000', question_id: '550e8400-e29b-41d4-a716-446655440001', response_value: 4, confidence_level: 'high' }; const response = await request(app) .post('/api/assessments/test-workflow/answers') .send(validAnswer); expect([200, 404, 500, 503]).toContain(response.status); }); test('should handle both string and numeric responses', async () => { const numericAnswer = { workflow_id: '550e8400-e29b-41d4-a716-446655440000', question_id: '550e8400-e29b-41d4-a716-446655440001', response_value: 3, confidence_level: 'medium' }; const stringAnswer = { workflow_id: '550e8400-e29b-41d4-a716-446655440000', question_id: '550e8400-e29b-41d4-a716-446655440002', response_value: 'Partially Implemented', confidence_level: 'high' }; const numericResponse = await request(app) .post('/api/assessments/test-workflow/answers') .send(numericAnswer); const stringResponse = await request(app) .post('/api/assessments/test-workflow/answers') .send(stringAnswer); expect([200, 404, 500, 503]).toContain(numericResponse.status); expect([200, 404, 500, 503]).toContain(stringResponse.status); }); }); describe('Progress Tracking', () => { test('should handle progress requests', async () => { const response = await request(app) .get('/api/assessments/test-workflow/progress'); expect([200, 404, 500, 503]).toContain(response.status); }); test('should handle pause/resume operations', async () => { const pauseResponse = await request(app) .post('/api/assessments/test-workflow/pause'); const resumeResponse = await request(app) .post('/api/assessments/test-workflow/resume'); expect([200, 404, 500, 503]).toContain(pauseResponse.status); expect([200, 404, 500, 503]).toContain(resumeResponse.status); }); }); });

Loading blob content...

Latest Blog Posts

What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat
MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic Infrastructure
By Om-Shree-0709 on December 15, 2025.
mcp
anthropic
Linux Foundation
Code Execution with MCP: Architecting Agentic Efficiency
By Om-Shree-0709 on December 14, 2025.
mcp
Token bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/rocklambros/nist-csf-2-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

assessment.test.ts•4.88 kB