feat(audit): enchufar audit en handlers de Rol (UDT-010 B8)

4 command handlers del módulo Roles + Permisos ahora auditan: | Handler | Action | |--------------------------------------|------------------------| | CreateRolCommandHandler | rol.create | | UpdateRolCommandHandler | rol.update | | DeactivateRolCommandHandler | rol.deactivate | | AssignPermisosToRolCommandHandler | rol.permisos_update | Mismo patrón que B7 (using block + post-commit reads outside scope). Metadata: - rol.create: after={Codigo, Nombre, Descripcion} - rol.update: {before, after} diff - rol.permisos_update: {before, after} con arrays de codigos ordenados AssignPermisosToRolCommandHandler captura 'before' leyendo GetByRolCodigoAsync antes del TransactionScope para poder emitir el diff. 4 test classes actualizados con mock de IAuditLogger. Suite: 378/378 Application.Tests + 141/141 Api.Tests = 519/519 passing. Refs: sdd/udt-010-auditoria-trazabilidad/{spec#REQ-RM-AUD, design, tasks#B8}
2026-04-16 13:54:47 -03:00
parent 26efb74c22
commit a3f01bc6c9
8 changed files with 114 additions and 20 deletions
--- a/src/api/SIGCM2.Application/Roles/Deactivate/DeactivateRolCommandHandler.cs
+++ b/src/api/SIGCM2.Application/Roles/Deactivate/DeactivateRolCommandHandler.cs
@@ -1,5 +1,7 @@
+using System.Transactions;
 using SIGCM2.Application.Abstractions;
 using SIGCM2.Application.Abstractions.Persistence;
+using SIGCM2.Application.Audit;
 using SIGCM2.Application.Roles.Dtos;
 using SIGCM2.Domain.Exceptions;

@@ -8,10 +10,12 @@ namespace SIGCM2.Application.Roles.Deactivate;
 public sealed class DeactivateRolCommandHandler : ICommandHandler<DeactivateRolCommand, RolDto>
 {
    private readonly IRolRepository _repository;
+    private readonly IAuditLogger _audit;

-    public DeactivateRolCommandHandler(IRolRepository repository)
+    public DeactivateRolCommandHandler(IRolRepository repository, IAuditLogger audit)
    {
        _repository = repository;
+        _audit = audit;
    }

    public async Task<RolDto> Handle(DeactivateRolCommand command)
@@ -23,10 +27,23 @@ public sealed class DeactivateRolCommandHandler : ICommandHandler<DeactivateRolC
        if (await _repository.HasActiveUsuariosAsync(command.Codigo))
            throw new RolInUseException(command.Codigo);

-        var updated = await _repository.UpdateAsync(
-            existing.Codigo, existing.Nombre, existing.Descripcion, activo: false);
-        if (!updated)
-            throw new RolNotFoundException(command.Codigo);
+        using (var tx = new TransactionScope(
+            TransactionScopeOption.Required,
+            new TransactionOptions { IsolationLevel = IsolationLevel.ReadCommitted },
+            TransactionScopeAsyncFlowOption.Enabled))
+        {
+            var updated = await _repository.UpdateAsync(
+                existing.Codigo, existing.Nombre, existing.Descripcion, activo: false);
+            if (!updated)
+                throw new RolNotFoundException(command.Codigo);
+
+            await _audit.LogAsync(
+                action: "rol.deactivate",
+                targetType: "Rol",
+                targetId: existing.Id.ToString());
+
+            tx.Complete();
+        }

        var rol = await _repository.GetByCodigoAsync(command.Codigo)
            ?? throw new RolNotFoundException(command.Codigo);