dmolinari
1c79dfa0a4
Applied to SIGCM2 (dev) and SIGCM2_Test.
V010__audit_infrastructure.sql (idempotent, ~280 LoC):
- Filegroups AUDIT_HOT + AUDIT_COLD with physical files (per-DB logical names
via DB_NAME() prefix to avoid collision in dev/test).
- pf/ps_AuditEvent_Monthly + pf/ps_SecurityEvent_Monthly (RANGE RIGHT,
DATETIME2(3), 14 boundaries 2026-01..2027-02 → 15 partitions). Job extends
forward monthly in B11.
- dbo.AuditEvent (partitioned, clustered PK on OccurredAt+Id) + 4 indexes
(Actor/Target/Action/Correlation) with PAGE compression.
- dbo.SecurityEvent (partitioned) + 3 indexes (Actor/Action_Result/Ip_Failure).
- CHECK constraints: Action LIKE '%.%', ISJSON(Metadata), Result IN (success|failure).
- SYSTEM_VERSIONING ON in Usuario/Rol/Permiso/RolPermiso with 10 YEARS retention +
PAGE compression in history tables.
- No hard FK on ActorUserId → Usuario.Id (soft FK — audit must survive user deletion).
V010_ROLLBACK.sql: emergency reversal (WARNING: destroys all audit history).
database/README.md: migration order + V010 prod-apply notes.
tests/SIGCM2.TestSupport/SqlTestFixture.cs:
- EnsureV010SchemaAsync() validates audit infra is applied (fails fast with
clear message if not — migration itself requires ALTER DATABASE privileges
and is applied manually via sqlcmd).
- Respawn TablesToIgnore extended with *_History (engine rejects direct DELETE
on system-versioned history tables).
tests/SIGCM2.Api.Tests/Audit/V010MigrationTests.cs — 5 smoke tests:
- AuditEvent insert+roundtrip with CorrelationId.
- CK_AuditEvent_Action rejects Action without '.'.
- CK_AuditEvent_Metadata rejects non-JSON.
- CK_SecurityEvent_Result rejects invalid Result.
- Usuario SYSTEM_VERSIONING: temporal query FOR SYSTEM_TIME AS OF returns
pre-update state + Usuario_History populated.
Suite: 130/130 passing (previous 124 + spike B0 + 5 new B1). No regressions.
Refs: sdd/udt-010-auditoria-trazabilidad/{spec#REQ-AUD-1,2, #REQ-SEC-1,
design#D-4, tasks}
SIG-CM 2.0
Sistema de gestión comercial — migración del sistema legacy (VB6) a una plataforma web moderna.
Stack
- Backend: .NET 10 · C# 13 · ASP.NET Core · Clean Architecture · Dapper 2.x · SQL Server 2022 · JWT RS256 · Serilog · FluentValidation · xUnit + NSubstitute
- Frontend: React 19 · TypeScript 5 strict · Vite 6 · Tailwind 4 · Zustand · React Router 7 · TanStack Query · Axios · Vitest + RTL
- Infra: Docker · Gitea Actions · Obsidian (documentación interna) · SQL Server
Estructura
src/api/ # Backend .NET (Clean Architecture)
SIGCM2.Api/ controllers, filters, Program.cs
SIGCM2.Application/ commands, handlers, validators, abstractions
SIGCM2.Domain/ entities, exceptions, domain security
SIGCM2.Infrastructure/ persistence (Dapper), security, DI
src/web/ # Frontend React 19 (Vite + TS strict)
src/features/ feature modules (auth, users, …)
src/components/ shared UI + layout
src/tests/ Vitest suites
database/
migrations/ .sql con orden Vxxx
seeds/ datos iniciales
schemas/ definiciones auxiliares
tests/
SIGCM2.Api.Tests/ integration (TestWebAppFactory + SQL Server)
SIGCM2.Application.Tests/ unit (handlers, validators)
SIGCM2.TestSupport/ fixtures compartidas
Obsidian/ # Source of truth funcional (IGNORADO por git)
STATUS.md roadmap y estado de UDTs
INSTRUCCIONES_IA.md SOP del agente de IA
02-ARQUITECTURA.../ specs por módulo
Cómo correr
Requisitos
- .NET 10 SDK
- Node 20+
- SQL Server 2019+ (local o remoto)
Backend
cd src/api/SIGCM2.Api
dotnet run
Config en appsettings.json (DB: SIGCM2, usuario desarrollo, server TECNICA3). Para tests de integración se usa SIGCM2_Test.
Frontend
cd src/web
npm install
npm run dev
Tests
# Backend
dotnet test tests/SIGCM2.Application.Tests # unit
dotnet test tests/SIGCM2.Api.Tests # integration (requiere SIGCM2_Test)
# Frontend
cd src/web && npx vitest run
Convenciones
- Ramas:
feature/UDT-XXXdesdemain. - Commits:
tipo(módulo): descripción—feat,fix,docs,refactor,test,chore,security. - Orden de trabajo por UDT: BD → Backend → Frontend.
- Desarrollo guiado por Spec-Driven Development (SDD) + Strict TDD.
- Follow-ups / deuda técnica se registran como issues de Gitea con label
followup.