dmolinari/SIG-CM2.0
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(api): UDT-003 registro de usuarios — backend completo (Phases 1-6)

Browse Source 
- Domain: Usuario.ForCreation factory, UsernameAlreadyExistsException, IUsuarioRepository extendido
- Application: CreateUsuarioCommand/Validator/Handler, UsuarioCreatedDto, AuthOptions password policy
- Infrastructure: UsuarioRepository.ExistsByUsernameAsync + AddAsync (INSERT OUTPUT INSERTED.Id), RoleClaimType="rol" en TokenValidationParameters
- Api: UsuariosController POST api/v1/users [Authorize(Roles="admin")], ExceptionFilter mapea UsernameAlreadyExistsException + SqlException 2627 → 409
- Tests (unit): 43 tests — 33 validator + 10 handler (107 total, green)
- Tests (integration): 7 tests CreateUsuarioEndpoint — 401/403/400/201/409/race/e2e (green)
- Fix: TestWebAppFactory.ConfigureTestServices reemplaza SqlConnectionFactory singleton con CS de test correcto
This commit is contained in:
dmolinari
2026-04-15 10:47:48 -03:00
parent 023d30fce4
commit 3d598faffc
19 changed files with 1079 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/api/SIGCM2.Application/Usuarios/Create/CreateUsuarioCommand.cs Normal file
View File

@@ -0,0 +1,9 @@
namespace SIGCM2.Application.Usuarios.Create;
public sealed record CreateUsuarioCommand(
string Username,
string Password,
string Nombre,
string Apellido,
string? Email,
string Rol);

52
src/api/SIGCM2.Application/Usuarios/Create/CreateUsuarioCommandHandler.cs Normal file
View File

@@ -0,0 +1,52 @@
using SIGCM2.Application.Abstractions;
using SIGCM2.Application.Abstractions.Persistence;
using SIGCM2.Application.Abstractions.Security;
using SIGCM2.Domain.Entities;
using SIGCM2.Domain.Exceptions;
namespace SIGCM2.Application.Usuarios.Create;
public sealed class CreateUsuarioCommandHandler : ICommandHandler<CreateUsuarioCommand, UsuarioCreatedDto>
{
private readonly IUsuarioRepository _repository;
private readonly IPasswordHasher _hasher;
public CreateUsuarioCommandHandler(
IUsuarioRepository repository,
IPasswordHasher hasher)
{
_repository = repository;
_hasher = hasher;
}
public async Task<UsuarioCreatedDto> Handle(CreateUsuarioCommand command)
{
// Check-then-insert: explicit check gives a clear 409 message.
// SqlException 2627 (UQ violation) acts as race-condition fallback — caught in ExceptionFilter.
var exists = await _repository.ExistsByUsernameAsync(command.Username);
if (exists)
throw new UsernameAlreadyExistsException(command.Username);
var passwordHash = _hasher.Hash(command.Password);
var usuario = Usuario.ForCreation(
username: command.Username,
passwordHash: passwordHash,
nombre: command.Nombre,
apellido: command.Apellido,
email: command.Email,
rol: command.Rol);
// TODO: audit — record which admin created this user (defer to UDT-Audit)
var newId = await _repository.AddAsync(usuario);
return new UsuarioCreatedDto(
Id: newId,
Username: usuario.Username,
Nombre: usuario.Nombre,
Apellido: usuario.Apellido,
Email: usuario.Email,
Rol: usuario.Rol,
Activo: usuario.Activo);
}
}

60
src/api/SIGCM2.Application/Usuarios/Create/CreateUsuarioCommandValidator.cs Normal file
View File

@@ -0,0 +1,60 @@
using FluentValidation;
using SIGCM2.Application.Auth;
namespace SIGCM2.Application.Usuarios.Create;
public sealed class CreateUsuarioCommandValidator : AbstractValidator<CreateUsuarioCommand>
{
private static readonly string[] ValidRoles = ["admin", "vendedor", "tasador", "consulta"];
private const int UsernameMinLength = 3;
private const int UsernameMaxLength = 50;
private const int NombreMaxLength = 100;
private const int ApellidoMaxLength = 100;
private const int EmailMaxLength = 150;
public CreateUsuarioCommandValidator() : this(new AuthOptions()) { }
public CreateUsuarioCommandValidator(AuthOptions authOptions)
{
RuleFor(x => x.Username)
.NotEmpty().WithMessage("El nombre de usuario es requerido.")
.Length(UsernameMinLength, UsernameMaxLength)
.WithMessage($"El username debe tener entre {UsernameMinLength} y {UsernameMaxLength} caracteres.")
.Matches(@"^[a-zA-Z0-9._\-]+$")
.WithMessage("El username solo puede contener letras, dígitos, puntos, guiones y guiones bajos.");
RuleFor(x => x.Password)
.NotEmpty().WithMessage("La contraseña es requerida.")
.MinimumLength(authOptions.PasswordMinLength)
.WithMessage($"La contraseña debe tener al menos {authOptions.PasswordMinLength} caracteres.")
.Must(p => !authOptions.PasswordRequireLetter || ContainsLetter(p))
.WithMessage("La contraseña debe contener al menos una letra.")
.Must(p => !authOptions.PasswordRequireDigit || ContainsDigit(p))
.WithMessage("La contraseña debe contener al menos un dígito.");
RuleFor(x => x.Nombre)
.NotEmpty().WithMessage("El nombre es requerido.")
.MaximumLength(NombreMaxLength).WithMessage($"El nombre no puede superar los {NombreMaxLength} caracteres.");
RuleFor(x => x.Apellido)
.NotEmpty().WithMessage("El apellido es requerido.")
.MaximumLength(ApellidoMaxLength).WithMessage($"El apellido no puede superar los {ApellidoMaxLength} caracteres.");
RuleFor(x => x.Email)
.EmailAddress().WithMessage("El email no tiene un formato válido.")
.MaximumLength(EmailMaxLength).WithMessage($"El email no puede superar los {EmailMaxLength} caracteres.")
.When(x => x.Email is not null);
RuleFor(x => x.Rol)
.NotEmpty().WithMessage("El rol es requerido.")
.Must(r => ValidRoles.Contains(r))
.WithMessage($"El rol debe ser uno de: {string.Join(", ", ValidRoles)}.");
}
private static bool ContainsLetter(string value) =>
value is not null && value.Any(char.IsLetter);
private static bool ContainsDigit(string value) =>
value is not null && value.Any(char.IsDigit);
}

10
src/api/SIGCM2.Application/Usuarios/Create/UsuarioCreatedDto.cs Normal file
View File

@@ -0,0 +1,10 @@
namespace SIGCM2.Application.Usuarios.Create;
public sealed record UsuarioCreatedDto(
int Id,
string Username,
string Nombre,
string Apellido,
string? Email,
string Rol,
bool Activo);