fix(app): validar formato codigo rol en GetRolPermisos [UDT-005]

Agrega GetRolPermisosQueryValidator con regex ^[a-z][a-z0-9_]*$ para rechazar codigos invalidos con 400 en GET /api/v1/roles/{codigo}/permisos.
2026-04-15 15:56:49 -03:00
parent 885a8cef17
commit 1a864e9f8b
4 changed files with 72 additions and 3 deletions
--- a/tests/SIGCM2.Application.Tests/Permisos/GetByRol/GetRolPermisosQueryHandlerTests.cs
+++ b/tests/SIGCM2.Application.Tests/Permisos/GetByRol/GetRolPermisosQueryHandlerTests.cs
@@ -1,3 +1,4 @@
+using FluentValidation;
 using NSubstitute;
 using SIGCM2.Application.Abstractions.Persistence;
 using SIGCM2.Application.Permisos.GetByRol;
@@ -89,3 +90,33 @@ public class GetRolPermisosQueryHandlerTests
        Assert.Equal(18, result.Count);
    }
 }
+
+public class GetRolPermisosQueryValidatorTests
+{
+    private readonly IValidator<GetRolPermisosQuery> _validator =
+        new GetRolPermisosQueryValidator();
+
+    [Theory]
+    [InlineData("ROL-INVALIDO")]
+    [InlineData("ROL:INVALIDO")]
+    [InlineData("123abc")]
+    [InlineData("UPPER")]
+    [InlineData("con espacio")]
+    [InlineData("")]
+    public async Task Validate_InvalidCodigoFormat_ReturnsInvalid(string codigo)
+    {
+        var result = await _validator.ValidateAsync(new GetRolPermisosQuery(codigo));
+        Assert.False(result.IsValid);
+    }
+
+    [Theory]
+    [InlineData("admin")]
+    [InlineData("cajero")]
+    [InlineData("rol_valido")]
+    [InlineData("abc123")]
+    public async Task Validate_ValidCodigoFormat_ReturnsValid(string codigo)
+    {
+        var result = await _validator.ValidateAsync(new GetRolPermisosQuery(codigo));
+        Assert.True(result.IsValid);
+    }
+}