MasterMito/work-club-manager
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
feature/fix-self-assignment
work-club-manager/backend/WorkClub.Tests.Integration/Middleware/TenantValidationTests.cs

57 lines
1.6 KiB
C#
Raw Permalink Normal View History

feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
using System.Net;
using System.Text;
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
using WorkClub.Tests.Integration.Infrastructure;
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
using Xunit;
namespace WorkClub.Tests.Integration.Middleware;
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
public class TenantValidationTests : IntegrationTestBase
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
{
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
public TenantValidationTests(CustomWebApplicationFactory<Program> factory) : base(factory)
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
{
}
[Fact]
public async Task Request_WithValidTenantId_Returns200()
{
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
AuthenticateAs("test@test.com", new Dictionary<string, string> { ["club-1"] = "admin" });
SetTenant("club-1");
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
var response = await Client.GetAsync("/api/test");
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
[Fact]
public async Task Request_WithNonMemberTenantId_Returns403()
{
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
AuthenticateAs("test@test.com", new Dictionary<string, string> { ["club-1"] = "admin" });
SetTenant("club-2");
style(backend): apply dotnet format whitespace normalization - Applied dotnet format to 24 files in backend/ - Corrects spacing, indentation, and formatting consistency - No functional changes to code logic Ultraworked with Sisyphus <https://github.com/code-yeongyu/oh-my-opencode> Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
2026-03-05 11:07:19 +01:00
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
var response = await Client.GetAsync("/api/test");
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode);
}
[Fact]
public async Task Request_WithoutTenantIdHeader_Returns400()
{
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
AuthenticateAs("test@test.com", new Dictionary<string, string> { ["club-1"] = "admin" });
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
var response = await Client.GetAsync("/api/test");
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
}
[Fact]
public async Task Request_WithoutAuthentication_Returns401()
{
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
AuthenticateAsUnauthenticated();
SetTenant("club-1");
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
test(harness): stabilize backend+frontend QA test suite (12/12+63/63 unit+integration, 45/45 frontend) Stabilize test harness across full stack: Backend integration tests: - Fix Auth/Club/Migration/RLS/Member/Tenant/RLS Isolation/Shift/Task test suites - Add AssemblyInfo.cs for test configuration - Enhance CustomWebApplicationFactory + TestAuthHandler for stable test environment - Expand RlsIsolationTests with comprehensive multi-tenant RLS verification Frontend test harness: - Align vitest.config.ts with backend API changes - Add bunfig.toml for bun test environment stability - Enhance api.test.ts with proper test setup integration - Expand test/setup.ts with fixture initialization All tests now passing: backend 12/12 unit + 63/63 integration, frontend 45/45
2026-03-06 09:19:32 +01:00
var response = await Client.GetAsync("/api/test");
feat(backend): add PostgreSQL schema, RLS policies, and multi-tenant middleware - Add EF Core migrations for initial schema (clubs, members, work_items, shifts, shift_signups) - Implement RLS policies with SET LOCAL for tenant isolation - Add Finbuckle multi-tenant middleware with ClaimStrategy + HeaderStrategy fallback - Create TenantValidationMiddleware to enforce JWT claims match X-Tenant-Id header - Add tenant-aware DB interceptors (SaveChangesTenantInterceptor, TenantDbConnectionInterceptor) - Configure AppDbContext with tenant scoping and RLS support - Add test infrastructure: CustomWebApplicationFactory, TestAuthHandler, DatabaseFixture - Write TDD integration tests for multi-tenant isolation and RLS enforcement - Add health check null safety for connection string Tasks: 7 (PostgreSQL schema + migrations + RLS), 8 (Finbuckle multi-tenancy + validation), 12 (test infrastructure)
2026-03-03 14:32:21 +01:00
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
}
}
Reference in New Issue Copy Permalink