test(sms): regression tests for code-review fixes

Lock the behaviors changed by the review-fix commit + the security invariants:

- ManagementActorTests: UpdateSms/SmtpConfig now require Administrator (updated the
  existing success cases from Designer); + UpdateSmsConfig_WithDesignerRole_Returns
  Unauthorized and _WithEmptyAuthToken_PreservesExistingToken regression tests.
- SecretEncryptionTests: SmsConfiguration.AuthToken stored-encrypted round-trip +
  null round-trip (AccountSid stays plaintext) — guards ApplySecretColumnEncryption.
- ArtifactDiffTests: CompareSmsConfiguration New/Identical/Modified + the secret
  presence-only invariant (value never echoed, presence-flip shows <present> only).
- UpdateCommandContractTests: notification sms update core fields Required, --auth-token optional.
- NotificationListsPageTests: SMS recipient badge shows phone, not "Name <>".
- NotificationOutboxActorDispatchTests: SMS-typed notification routes to the SMS
  adapter (StubAdapter.Type made configurable), not the Email adapter.
- NotificationRecipientTests (new): ForEmail/ForSms + public-ctor invariants.

tests/ZB.MOM.WW.ScadaBridge.ManagementService.Tests/ManagementActorTests.cs

@@ -1293,7 +1293,7 @@ public class ManagementActorTests : TestKit, IDisposable
         var actor = CreateActor();
         var envelope = Envelope(
             new UpdateSmtpConfigCommand(1, "new.example.com", 465, "Basic", "new@example.com", "SSL", "user:pass"),
-            "Designer");
+            "Administrator");
 
         actor.Tell(envelope);
 
@@ -1323,7 +1323,7 @@ public class ManagementActorTests : TestKit, IDisposable
         var actor = CreateActor();
         var envelope = Envelope(
             new UpdateSmtpConfigCommand(1, "new.example.com", 465, "Basic", "new@example.com"),
-            "Designer");
+            "Administrator");
 
         actor.Tell(envelope);
 
@@ -1534,7 +1534,7 @@ public class ManagementActorTests : TestKit, IDisposable
         var envelope = Envelope(
             new UpdateSmsConfigCommand(1, "ACnew", "+15551110000", "MGnew",
                 "https://new.example.com", "new-secret"),
-            "Designer");
+            "Administrator");
 
         actor.Tell(envelope);
 
@@ -1565,7 +1565,7 @@ public class ManagementActorTests : TestKit, IDisposable
         // AuthToken + ApiBaseUrl omitted -> preserve-if-null.
         var envelope = Envelope(
             new UpdateSmsConfigCommand(1, "ACnew", "+15551110000"),
-            "Designer");
+            "Administrator");
 
         actor.Tell(envelope);
 
@@ -1601,7 +1601,7 @@ public class ManagementActorTests : TestKit, IDisposable
         var actor = CreateActor();
         var envelope = Envelope(
             new UpdateSmsConfigCommand(1, "ACnew", "+15551110000", AuthToken: "super-secret-token"),
-            "Designer");
+            "Administrator");
 
         actor.Tell(envelope);
 
@@ -1643,8 +1643,9 @@ public class ManagementActorTests : TestKit, IDisposable
     [Fact]
     public void UpdateSmsConfig_WithViewerRole_ReturnsUnauthorized()
     {
-        // Mirrors UpdateSmtpConfig gating: mutating the SMS config is a Designer
-        // operation; a read-only role cannot rotate the secret.
+        // MgmtSvc-021: mutating the SMS provider config rotates the Twilio secret and
+        // is Admin-only (the /notifications/sms page is RequireAdmin). A read-only role
+        // cannot reach it.
         var actor = CreateActor();
         var envelope = Envelope(
             new UpdateSmsConfigCommand(1, "ACnew", "+15551110000"),
@@ -1653,7 +1654,55 @@ public class ManagementActorTests : TestKit, IDisposable
         actor.Tell(envelope);
 
         var response = ExpectMsg<ManagementUnauthorized>(TimeSpan.FromSeconds(5));
-        Assert.Contains("Designer", response.Message);
+        Assert.Contains("Administrator", response.Message);
+    }
+
+    [Fact]
+    public void UpdateSmsConfig_WithDesignerRole_ReturnsUnauthorized()
+    {
+        // MgmtSvc-021 regression: a Designer is blocked from the /notifications/sms UI
+        // (RequireAdmin), so the actor gate must reject them too — otherwise a Designer
+        // could rotate a production Twilio Auth Token via the CLI/Management API.
+        var actor = CreateActor();
+        var envelope = Envelope(
+            new UpdateSmsConfigCommand(1, "ACnew", "+15551110000", AuthToken: "rotate-me"),
+            "Designer");
+
+        actor.Tell(envelope);
+
+        var response = ExpectMsg<ManagementUnauthorized>(TimeSpan.FromSeconds(5));
+        Assert.Contains("Administrator", response.Message);
+    }
+
+    [Fact]
+    public void UpdateSmsConfig_WithEmptyAuthToken_PreservesExistingToken()
+    {
+        // MgmtSvc-021 regression: an explicit empty/whitespace AuthToken must be treated
+        // as "omitted" (preserve the stored secret), never as "clear it" — a Twilio token
+        // is always required, so clearing it would 401 every subsequent send.
+        var notifRepo = Substitute.For<INotificationRepository>();
+        var existing = new Commons.Entities.Notifications.SmsConfiguration("ACold", "+15550000000")
+        {
+            Id = 1,
+            AuthToken = "old-secret",
+        };
+        notifRepo.GetAllSmsConfigurationsAsync(Arg.Any<CancellationToken>())
+            .Returns(new List<Commons.Entities.Notifications.SmsConfiguration> { existing });
+        _services.AddScoped(_ => notifRepo);
+
+        var actor = CreateActor();
+        var envelope = Envelope(
+            new UpdateSmsConfigCommand(1, "ACnew", "+15551110000", AuthToken: "   "),
+            "Administrator");
+
+        actor.Tell(envelope);
+
+        var response = ExpectMsg<ManagementSuccess>(TimeSpan.FromSeconds(5));
+        Assert.Equal(envelope.CorrelationId, response.CorrelationId);
+        // The blank token was ignored; the stored secret survives.
+        Assert.Equal("old-secret", existing.AuthToken);
+        // Non-secret fields still updated.
+        Assert.Equal("ACnew", existing.AccountSid);
     }
 
     [Fact]