Unit/Mock Test - Tests the composable security architecture using completely mocked components. This test should always pass as it doesn't depend on external modules.

Purpose: Validate the composition logic and security interface compatibility
Dependencies: None (uses mocks)
Usage: node test/composable-security.test.js or node composable-security.test.js (from test dir)

`integration.test.js`

Integration Test - Tests the composable security system with real authorization enhancer modules. This test will fail if the required modules are not installed.

Purpose: Validate that the system works with actual authorization enhancers
Dependencies: Requires wiki-plugin-useraccesstokens and wiki-plugin-ratelimit to be installed
Usage: node test/integration.test.js

Running Tests

# Run the mock test (should always pass)
npm test  # or node test/composable-security.test.js

# Run the integration test (requires real modules)
node test/integration.test.js

Test Structure

Both tests validate:

Module loading and configuration parsing
Route registration from base handler and enhancers
Owner management functionality
Security interface methods (getUser, isAuthorized, isAdmin)
Request handling with different authentication scenarios

The main difference is that the integration test uses real modules while the unit test uses mocks.