dmolinari/SIG-CM2.0
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
57e4cdac01939c68b79b23f3e60f832b18003c57
SIG-CM2.0/tests/SIGCM2.Application.Tests/Infrastructure/RefreshTokenRepositoryTests.cs
dmolinari 34b714750a feat(api): UDT-004 dominio + repositorio + application roles (tdd) 
- Migraciones V003 (tabla Rol + 8 seeds canonicos) y V004 (drop CK + FK Usuario.Rol)
- Dominio: Rol entity + 3 excepciones (RolNotFound/AlreadyExists/InUse)
- Infraestructura: RolRepository (Dapper) con List/Get/ExistsActive/Add/Update/HasActiveUsuarios
- Application: CRUD queries y commands (List, Get, Create, Update, Deactivate) + validators (codigo regex ^[a-z][a-z0-9_]*$)
- Validator UDT-003: whitelist alineada a codigos canonicos (full IRolRepository lookup diferido a Phase 5.1)
- Tests: 169 application + 15 api (todos verdes). Respawn configurado para re-seedear Rol canonical post-reset.
- Estricto TDD: RED/GREEN/TRIANGULATE en todos los handlers nuevos.
2026-04-15 12:31:29 -03:00

201 lines
7.3 KiB
C#
Raw Blame History

using Dapper;
using Microsoft.Data.SqlClient;
using Respawn;
using SIGCM2.Domain.Entities;
using SIGCM2.Infrastructure.Persistence;
namespace SIGCM2.Application.Tests.Infrastructure;
/// <summary>
/// Integration tests for RefreshTokenRepository against SIGCM2_Test.
/// Uses Respawn to reset the DB between test classes; the repository opens its own
/// connections so transaction-scoped isolation would block on FK locks.
/// </summary>
[Collection("Database")]
public class RefreshTokenRepositoryTests : IAsyncLifetime
{
private const string ConnectionString =
"Server=TECNICA3;Database=SIGCM2_Test;User Id=desarrollo;Password=desarrollo2026;TrustServerCertificate=True;";
private SqlConnection _connection = null!;
private Respawner _respawner = null!;
private RefreshTokenRepository _repository = null!;
private int _testUserId;
public async Task InitializeAsync()
{
_connection = new SqlConnection(ConnectionString);
await _connection.OpenAsync();
_respawner = await Respawner.CreateAsync(_connection, new RespawnerOptions
{
DbAdapter = DbAdapter.SqlServer,
// Rol is a lookup table seeded by migration V003 — never wipe or Usuario FK breaks.
TablesToIgnore = [new Respawn.Graph.Table("dbo", "Rol")]
});
await _respawner.ResetAsync(_connection);
await SeedRolCanonicalAsync();
await SeedTestUserAsync();
_testUserId = await _connection.QuerySingleAsync<int>(
"SELECT Id FROM dbo.Usuario WHERE Username = 'test_rt_user'");
var factory = new SqlConnectionFactory(ConnectionString);
_repository = new RefreshTokenRepository(factory);
}
public async Task DisposeAsync()
{
await _respawner.ResetAsync(_connection);
await _connection.CloseAsync();
await _connection.DisposeAsync();
}
private async Task SeedRolCanonicalAsync()
{
const string sql = """
SET QUOTED_IDENTIFIER ON;
MERGE dbo.Rol AS t
USING (VALUES
('admin', N'Administrador', N'Supervisor total'),
('cajero', N'Cajero', N'Mostrador contado'),
('operador_ctacte', N'Operador Cta Cte', N'Cuenta corriente'),
('picadora', N'Picadora/Correctora', N'Edición de textos'),
('jefe_publicidad', N'Jefe de Publicidad', N'Supervisión de pauta'),
('productor', N'Productor', N'Carga restringida'),
('diagramacion', N'Diagramación/Taller', N'Solo lectura pauta'),
('reportes', N'Reportes', N'Solo lectura reportes')
) AS s (Codigo, Nombre, Descripcion)
ON t.Codigo = s.Codigo
WHEN NOT MATCHED BY TARGET THEN
INSERT (Codigo, Nombre, Descripcion, Activo)
VALUES (s.Codigo, s.Nombre, s.Descripcion, 1);
""";
await _connection.ExecuteAsync(sql);
}
private async Task SeedTestUserAsync()
{
await _connection.ExecuteAsync("""
SET QUOTED_IDENTIFIER ON;
IF NOT EXISTS (SELECT 1 FROM dbo.Usuario WHERE Username = 'test_rt_user')
INSERT INTO dbo.Usuario (Username, PasswordHash, Nombre, Apellido, Rol, PermisosJson, Activo)
VALUES ('test_rt_user', '$2a$12$testhash', 'Test', 'User', 'admin', '["*"]', 1);
""");
}
private static RefreshToken BuildToken(int usuarioId, string hash = "test_hash_abc123xyz", bool expired = false)
{
var now = DateTime.UtcNow;
var ttl = expired ? TimeSpan.FromSeconds(1) : TimeSpan.FromDays(7);
return RefreshToken.IssueForNewFamily(usuarioId, hash, now.AddHours(-1), ttl, "10.0.0.1", "TestAgent");
}
[Fact]
public async Task AddAsync_PersistsAndReturnsId()
{
var token = BuildToken(_testUserId, "unique_hash_persist_" + Guid.NewGuid().ToString("N")[..8]);
var id = await _repository.AddAsync(token);
Assert.True(id > 0);
}
[Fact]
public async Task AddAsync_DuplicateHash_Throws()
{
var hash = "duplicate_hash_" + Guid.NewGuid().ToString("N")[..8];
var token1 = BuildToken(_testUserId, hash);
var token2 = BuildToken(_testUserId, hash);
await _repository.AddAsync(token1);
await Assert.ThrowsAnyAsync<Exception>(() => _repository.AddAsync(token2));
}
[Fact]
public async Task GetByHashAsync_RoundTripsAllFields()
{
var hash = "roundtrip_hash_" + Guid.NewGuid().ToString("N")[..8];
var token = BuildToken(_testUserId, hash);
await _repository.AddAsync(token);
var retrieved = await _repository.GetByHashAsync(hash);
Assert.NotNull(retrieved);
Assert.Equal(_testUserId, retrieved.UsuarioId);
Assert.Equal(hash, retrieved.TokenHash);
Assert.Equal(token.FamilyId, retrieved.FamilyId);
Assert.Null(retrieved.RevokedAt);
Assert.Null(retrieved.ReplacedById);
}
[Fact]
public async Task GetByHashAsync_NonExistentHash_ReturnsNull()
{
var result = await _repository.GetByHashAsync("does_not_exist_hash_abc");
Assert.Null(result);
}
[Fact]
public async Task RevokeAsync_SetsRevokedAtAndReplacedById()
{
var hash = "revoke_test_" + Guid.NewGuid().ToString("N")[..8];
var token = BuildToken(_testUserId, hash);
var id = await _repository.AddAsync(token);
var revokedAt = DateTime.UtcNow;
await _repository.RevokeAsync(id, replacedById: null, revokedAt: revokedAt);
var retrieved = await _repository.GetByHashAsync(hash);
Assert.NotNull(retrieved?.RevokedAt);
Assert.Null(retrieved.ReplacedById);
}
[Fact]
public async Task RevokeFamilyAsync_OnlyAffectsMatchingFamily()
{
var hash1 = "family_a_" + Guid.NewGuid().ToString("N")[..8];
var hash2 = "family_b_" + Guid.NewGuid().ToString("N")[..8];
var tokenA = BuildToken(_testUserId, hash1);
var tokenB = BuildToken(_testUserId, hash2);
await _repository.AddAsync(tokenA);
await _repository.AddAsync(tokenB);
var count = await _repository.RevokeFamilyAsync(tokenA.FamilyId, DateTime.UtcNow);
Assert.Equal(1, count);
var retrievedA = await _repository.GetByHashAsync(hash1);
var retrievedB = await _repository.GetByHashAsync(hash2);
Assert.NotNull(retrievedA?.RevokedAt);
Assert.Null(retrievedB?.RevokedAt);
}
[Fact]
public async Task RevokeAllActiveForUserAsync_DoesNotTouchAlreadyRevoked()
{
var hash1 = "user_active_" + Guid.NewGuid().ToString("N")[..8];
var hash2 = "user_revoked_" + Guid.NewGuid().ToString("N")[..8];
var tokenActive = BuildToken(_testUserId, hash1);
var tokenAlreadyRevoked = BuildToken(_testUserId, hash2);
var idActive = await _repository.AddAsync(tokenActive);
var idRevoked = await _repository.AddAsync(tokenAlreadyRevoked);
await _repository.RevokeAsync(idRevoked, null, DateTime.UtcNow.AddMinutes(-5));
var count = await _repository.RevokeAllActiveForUserAsync(_testUserId, DateTime.UtcNow);
Assert.Equal(1, count);
var retrievedActive = await _repository.GetByHashAsync(hash1);
Assert.NotNull(retrievedActive?.RevokedAt);
}
}
Reference in New Issue View Git Blame Copy Permalink