ScadaBridge

dohertj2/ScadaBridge

Fork 0

Commit Graph

Author	SHA1	Message	Date
Joseph Doherty	9cd62aa5b4	test(configdb): M2.10 review fix — catch bracketed AuditLog identifiers; document EF/multi-line scan limits (#18 ) Extends ContainsAuditLogMutation regex to match T-SQL bracketed forms ([AuditLog], [dbo].[AuditLog]) that SSMS-generated SQL produces; the prior optional-schema pattern only matched bare/dbo-prefixed names, silently missing these real violation forms. Changes: - Schema sub-pattern (?:dbo\.)? → (?:\[?dbo\]?\.)? (matches dbo. and [dbo].) - Table sub-pattern AuditLog\b → \[?AuditLog\]?\b (matches AuditLog and [AuditLog]) - Pattern compiled as static readonly Regex field for clarity/performance - Adds 4 new planted-positive cases: UPDATE [dbo].[AuditLog], UPDATE [AuditLog], DELETE FROM [dbo].[AuditLog], DELETE FROM [AuditLog] - Retains all existing negatives; adds DELETE FROM [dbo].[Notifications] negative - Fixes misleading "reverse order" comment on the comment-prefix positive case - Documents scan limitations (EF Core bulk methods; multi-line DML) in class XML doc	2026-06-16 05:55:27 -04:00
Joseph Doherty	e7b6fe33a4	test(configdb): guard test for AuditLog append-only invariant (M2.10, #18 ) Adds AuditLogAppendOnlyGuardTests.cs to tests/ZB.MOM.WW.ScadaBridge.ConfigurationDatabase.Tests/ — a code-level backstop for the DB-role DENY UPDATE / DENY DELETE control established in migration 20260602174346_CollapseAuditLogToCanonical. The guard scans every non-Designer, non-Snapshot .cs file in the ConfigurationDatabase source tree and fails the test run if any line matches the DML-syntax pattern: UPDATE\s+(?:dbo\.)?AuditLog\b DELETE\s+(?:FROM\s+)?(?:dbo\.)?AuditLog\b The tight DML-syntax pattern naturally excludes false positives without extra exclusion checks: DENY UPDATE ON dbo.AuditLog is not matched (UPDATE is followed by ON, not the table name); ALTER TABLE … SWITCH and TRUNCATE contain no UPDATE/ DELETE keyword; comments with UPDATE/AuditLog in separate clauses are not matched. Self-verifying unit tests (ContainsAuditLogMutation_) prove the helper: - returns false on clean-source lines (INSERT, SELECT, DENY DDL, ALTER SWITCH, TRUNCATE, DELETE FROM Notifications); - returns TRUE on planted violations (UPDATE AuditLog SET …, DELETE FROM dbo.AuditLog WHERE …, lower-case variants); - returns false on the exact DENY/GRANT/partition-switch strings from the production migration files. All 256 ConfigurationDatabase.Tests pass; solution builds 0 W / 0 E.	2026-06-16 05:49:51 -04:00

Author

SHA1

Message

Date

Joseph Doherty

9cd62aa5b4

test(configdb): M2.10 review fix — catch bracketed AuditLog identifiers; document EF/multi-line scan limits (#18 )

Extends ContainsAuditLogMutation regex to match T-SQL bracketed forms
([AuditLog], [dbo].[AuditLog]) that SSMS-generated SQL produces; the
prior optional-schema pattern only matched bare/dbo-prefixed names,
silently missing these real violation forms.

Changes:
- Schema sub-pattern (?:dbo\.)? → (?:\[?dbo\]?\.)? (matches dbo. and [dbo].)
- Table sub-pattern AuditLog\b → \[?AuditLog\]?\b (matches AuditLog and [AuditLog])
- Pattern compiled as static readonly Regex field for clarity/performance
- Adds 4 new planted-positive cases: UPDATE [dbo].[AuditLog], UPDATE [AuditLog],
  DELETE FROM [dbo].[AuditLog], DELETE FROM [AuditLog]
- Retains all existing negatives; adds DELETE FROM [dbo].[Notifications] negative
- Fixes misleading "reverse order" comment on the comment-prefix positive case
- Documents scan limitations (EF Core bulk methods; multi-line DML) in class XML doc

2026-06-16 05:55:27 -04:00

Joseph Doherty

e7b6fe33a4

test(configdb): guard test for AuditLog append-only invariant (M2.10, #18 )

Adds AuditLogAppendOnlyGuardTests.cs to
tests/ZB.MOM.WW.ScadaBridge.ConfigurationDatabase.Tests/ — a code-level backstop
for the DB-role DENY UPDATE / DENY DELETE control established in migration
20260602174346_CollapseAuditLogToCanonical.

The guard scans every non-Designer, non-Snapshot *.cs file in the
ConfigurationDatabase source tree and fails the test run if any line matches the
DML-syntax pattern:

    UPDATE\s+(?:dbo\.)?AuditLog\b
    DELETE\s+(?:FROM\s+)?(?:dbo\.)?AuditLog\b

The tight DML-syntax pattern naturally excludes false positives without extra
exclusion checks: DENY UPDATE ON dbo.AuditLog is not matched (UPDATE is followed
by ON, not the table name); ALTER TABLE … SWITCH and TRUNCATE contain no UPDATE/
DELETE keyword; comments with UPDATE/AuditLog in separate clauses are not matched.

Self-verifying unit tests (ContainsAuditLogMutation_*) prove the helper:
- returns false on clean-source lines (INSERT, SELECT, DENY DDL, ALTER SWITCH,
  TRUNCATE, DELETE FROM Notifications);
- returns TRUE on planted violations (UPDATE AuditLog SET …, DELETE FROM
  dbo.AuditLog WHERE …, lower-case variants);
- returns false on the exact DENY/GRANT/partition-switch strings from the
  production migration files.

All 256 ConfigurationDatabase.Tests pass; solution builds 0 W / 0 E.

2026-06-16 05:49:51 -04:00

2 Commits