c95bc7fe01
fix(tests): extend Respawn + collection config for UDT-010 temporal tables
...
Follow-up of B1 (V010 migration). Issues found when running the full suite
cross-assembly:
1. Respawn 'Cannot delete rows from a temporal history table' error:
4 per-class Respawner configs in SIGCM2.Application.Tests did not
include the newly-created *_History tables introduced by V010
(Usuario_History / Rol_History / Permiso_History / RolPermiso_History).
The engine rejects direct DELETE on system-versioned history tables.
Extended TablesToIgnore in all 4 configs.
2. FK_RefreshToken_Usuario violation in RolRepositoryTests.InitializeAsync:
Manual 'DELETE FROM Usuario' failed when residual RefreshTokens from
prior suites existed. Added 'DELETE FROM RefreshToken' before the
Usuario cleanup to respect FK order. Latent bug surfaced by a new
test-run ordering — not UDT-010 specific, but fixed in scope.
3. UQ_Usuario_Username duplicate admin race:
TransactionScopeSpikeTests (B0) and V010MigrationTests (B1) were
missing [Collection("ApiIntegration")], causing them to run in
parallel with the rest of SIGCM2.Api.Tests and race on SeedAdmin.
Serialized by adding the Collection attribute.
Suite now passes cross-assembly: 130/130 Api.Tests + 336/336 Application.Tests.
Refs: sdd/udt-010-auditoria-trazabilidad/apply-progress (B1 follow-up)
2026-04-16 13:22:56 -03:00
5fd88b5a9d
feat(infra): IUsuarioRepository.UpdatePermisosJsonAsync + impl Dapper [UDT-009]
2026-04-15 21:33:39 -03:00
fb07a1139a
feat(application): LoginCommandHandler usa PermisoResolver para permisos efectivos [UDT-009]
2026-04-15 21:29:33 -03:00
86310de286
feat(security): remover claim permisos del JWT post-UDT-009 [UDT-009]
2026-04-15 21:28:26 -03:00
54955231bf
feat(infra): V009 migration + Usuario.WithPermisosJson + SqlTestFixture V009 schema [UDT-009]
2026-04-15 21:27:29 -03:00
da1eb83ac1
feat(application): PermisosOverride record + PermisoResolver static helper [UDT-009]
2026-04-15 21:25:09 -03:00
7d96d5ff18
feat(api): ResetPassword admin — TempPasswordGenerator, handler, endpoint POST /{id}/password/reset [UDT-008]
...
Batch 7: POST /api/v1/users/{id}/password/reset (admin only).
- TempPasswordGenerator: RandomNumberGenerator.Fill, 12-char min, full charset diversity, never logs result
- ResetUsuarioPasswordCommandHandler: self-reset guard, 404, hash, mustChangePassword=true, revoke all tokens
- ExceptionFilter: CannotSelfResetException → 400 {error: cannot-self-reset}
- Unit tests: TempPasswordGeneratorTests (8), ResetUsuarioPasswordCommandHandlerTests (5)
- Integration tests: ResetPasswordEndpointTests (6) — 200/length/self-reset/404/401/403
2026-04-15 17:55:45 -03:00
a3bd066f7b
feat(api): ChangeMyPassword — validator, handler, endpoint PUT /me/password [UDT-008]
2026-04-15 17:52:15 -03:00
473566f255
feat(api): Deactivate + Reactivate usuarios — idempotentes, anti-lockout, revoke tokens [UDT-008]
2026-04-15 17:50:54 -03:00
14c385fdb1
feat(api): UpdateUsuario — handler, validator, anti-lockout guard, revoke tokens [UDT-008]
2026-04-15 17:49:19 -03:00
2925336783
feat(api): List + GetById usuarios — handlers, repo, endpoints [UDT-008]
2026-04-15 17:46:23 -03:00
9dcd63543e
feat(auth): extend LoginResponse with username + mustChangePassword + ultimoLogin [UDT-008]
2026-04-15 17:39:48 -03:00
d1f7b3805b
feat(domain): V008 migration + Usuario with-methods + DomainException hierarchy [UDT-008]
2026-04-15 17:36:46 -03:00
0218d8d371
feat(api): migrar controllers admin a RequirePermission [UDT-006]
2026-04-15 16:34:32 -03:00
cdb8dcd03c
feat(api): login response permisos desde RolPermiso [UDT-006]
2026-04-15 16:24:21 -03:00
1a864e9f8b
fix(app): validar formato codigo rol en GetRolPermisos [UDT-005]
...
Agrega GetRolPermisosQueryValidator con regex ^[a-z][a-z0-9_]*$ para
rechazar codigos invalidos con 400 en GET /api/v1/roles/{codigo}/permisos.
2026-04-15 15:56:49 -03:00
be2257a9bf
feat(infra): BATCH 4 - Permiso/RolPermiso repos Dapper + tests integracion [UDT-005]
2026-04-15 15:39:25 -03:00
704794a2e2
feat(app): BATCH 3 - handlers permisos con TDD [UDT-005]
2026-04-15 15:31:26 -03:00
6f999b8fcd
feat(api): UDT-004 controller de roles + refactor validator UDT-003 a lookup dinamico
...
- RolesController /api/v1/roles CRUD admin-only: GET list, GET {codigo}, POST, PUT, DELETE (soft-delete con guard 409)
- ExceptionFilter: mapea RolNotFound (404), RolAlreadyExists (409), RolInUse (409)
- DI: registra 5 handlers de Roles (Application) y IRolRepository/RolRepository (Infrastructure)
- CreateUsuarioCommandValidator: reemplaza whitelist hardcoded por IRolRepository.ExistsActiveByCodigoAsync via MustAsync; constructor recibe (AuthOptions, IRolRepository)
- Tests: 202 verdes (173 application + 29 api). Nuevas: RolesEndpointTests (13 integration), CreateUsuarioCommandValidatorTests reescrito con NSubstitute mock, CreateUsuario_WithInactiveRol_Returns400 en Api.Tests
- Fix: ApiIntegration pasa de IClassFixture (N factories) a ICollectionFixture (1 factory shared) — evitaba ObjectDisposedException sobre RSABCrypt al compartir coleccion con multiples test classes
- tests/tests.runsettings: MaxCpuCount=1 para evitar race entre assemblies sobre SIGCM2_Test
2026-04-15 12:50:24 -03:00
34b714750a
feat(api): UDT-004 dominio + repositorio + application roles (tdd)
...
- Migraciones V003 (tabla Rol + 8 seeds canonicos) y V004 (drop CK + FK Usuario.Rol)
- Dominio: Rol entity + 3 excepciones (RolNotFound/AlreadyExists/InUse)
- Infraestructura: RolRepository (Dapper) con List/Get/ExistsActive/Add/Update/HasActiveUsuarios
- Application: CRUD queries y commands (List, Get, Create, Update, Deactivate) + validators (codigo regex ^[a-z][a-z0-9_]*$)
- Validator UDT-003: whitelist alineada a codigos canonicos (full IRolRepository lookup diferido a Phase 5.1)
- Tests: 169 application + 15 api (todos verdes). Respawn configurado para re-seedear Rol canonical post-reset.
- Estricto TDD: RED/GREEN/TRIANGULATE en todos los handlers nuevos.
2026-04-15 12:31:29 -03:00
3d598faffc
feat(api): UDT-003 registro de usuarios — backend completo (Phases 1-6)
...
- Domain: Usuario.ForCreation factory, UsernameAlreadyExistsException, IUsuarioRepository extendido
- Application: CreateUsuarioCommand/Validator/Handler, UsuarioCreatedDto, AuthOptions password policy
- Infrastructure: UsuarioRepository.ExistsByUsernameAsync + AddAsync (INSERT OUTPUT INSERTED.Id), RoleClaimType="rol" en TokenValidationParameters
- Api: UsuariosController POST api/v1/users [Authorize(Roles="admin")], ExceptionFilter mapea UsernameAlreadyExistsException + SqlException 2627 → 409
- Tests (unit): 43 tests — 33 validator + 10 handler (107 total, green)
- Tests (integration): 7 tests CreateUsuarioEndpoint — 401/403/400/201/409/race/e2e (green)
- Fix: TestWebAppFactory.ConfigureTestServices reemplaza SqlConnectionFactory singleton con CS de test correcto
2026-04-15 10:47:48 -03:00
f1d4ea0047
fix(test): RefreshTokenRepository tests use Respawn pattern instead of transaction isolation
...
Transaction-scoped tests conflicted with the repository opening its own connection,
blocking on FK locks for the uncommitted seeded user and causing timeouts.
Switched to the Respawn pattern used by UsuarioRepositoryTests ([Collection("Database")])
which commits seed data and resets between test classes.
2026-04-14 13:45:53 -03:00
e405c0453b
test(infra): add RefreshTokenRepository integration tests RED
2026-04-14 13:28:28 -03:00
2806e8dfa6
test(infra): add RefreshTokenGenerator tests RED
2026-04-14 13:28:24 -03:00
a363e3658d
test(infra): add GetPrincipalFromExpiredToken tests for JwtService RED
2026-04-14 13:28:20 -03:00
b79efc778a
test(app): extend LoginCommandHandler tests with refresh token persistence cases RED
2026-04-14 13:28:15 -03:00
15a7687e4c
test(app): add LogoutCommandHandler tests RED
2026-04-14 13:28:10 -03:00
25639398c2
test(app): add RefreshCommandHandler tests RED
2026-04-14 13:28:02 -03:00
22aff10330
test(domain): add TokenHasher tests RED
2026-04-14 13:16:43 -03:00
2efe4115c4
test(domain): add RefreshToken entity tests RED
2026-04-14 13:16:36 -03:00
b657dc0d2a
test(udt-001): backend unit and integration tests (30 tests)
2026-04-13 21:36:09 -03:00
