dohertj2/scadalink-design
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(notif): NotificationOutboxActor + CentralAuditWriter wired (#23 M4)

Browse Source 
M4 Bundle B (B1) — add the central-only ICentralAuditWriter implementation
and inject it into NotificationOutboxActor so subsequent tasks (B2/B3) can
route attempt + terminal lifecycle events through the direct-write audit path.

- CentralAuditWriter: thin wrapper around IAuditLogRepository.InsertIfNotExistsAsync;
  scope-per-call (matches AuditLogIngestActor / NotificationOutboxActor pattern);
  stamps IngestedAtUtc; swallows all internal failures (alog.md §13).
- Registered as a singleton in AddAuditLog.
- NotificationOutboxActor ctor takes ICentralAuditWriter (validated non-null).
- Host wiring resolves the writer once from the root provider and passes it
  into the singleton's Props.Create call.
- Existing TestKit fixtures updated with a NoOpCentralAuditWriter helper so
  tests that don't exercise audit emission still compile and pass.
This commit is contained in:
Joseph Doherty
2026-05-20 16:04:01 -04:00
parent e4d902753b
commit b31747a632
13 changed files with 383 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
tests/ScadaLink.AuditLog.Tests/AddAuditLogTests.cs
View File

@@ -3,6 +3,7 @@ using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Logging.Abstractions;
using Microsoft.Extensions.Options;
using ScadaLink.AuditLog.Central;
using ScadaLink.AuditLog.Configuration;
using ScadaLink.AuditLog.Site;
using ScadaLink.AuditLog.Site.Telemetry;
@@ -155,6 +156,34 @@ public class AddAuditLogTests
Assert.IsType<NoOpSiteStreamAuditClient>(client);
}
// -- M4 Bundle B (B1) central direct-write audit writer -----------------
[Fact]
public void AddAuditLog_Registers_ICentralAuditWriter_AsCentralAuditWriter()
{
using var provider = BuildProvider(new Dictionary<string, string?>
{
["AuditLog:SiteWriter:DatabasePath"] = ":memory:",
});
var writer = provider.GetService<ICentralAuditWriter>();
Assert.NotNull(writer);
Assert.IsType<CentralAuditWriter>(writer);
}
[Fact]
public void AddAuditLog_ICentralAuditWriter_IsSingleton()
{
using var provider = BuildProvider(new Dictionary<string, string?>
{
["AuditLog:SiteWriter:DatabasePath"] = ":memory:",
});
var w1 = provider.GetService<ICentralAuditWriter>();
var w2 = provider.GetService<ICentralAuditWriter>();
Assert.Same(w1, w2);
}
[Fact]
public void AddAuditLog_Options_Bind_RoundTrip_SqliteWriter()
{

127
tests/ScadaLink.AuditLog.Tests/Central/CentralAuditWriterTests.cs Normal file
View File

@@ -0,0 +1,127 @@
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging.Abstractions;
using NSubstitute;
using NSubstitute.ExceptionExtensions;
using ScadaLink.AuditLog.Central;
using ScadaLink.Commons.Entities.Audit;
using ScadaLink.Commons.Interfaces.Repositories;
using ScadaLink.Commons.Interfaces.Services;
using ScadaLink.Commons.Types.Enums;
namespace ScadaLink.AuditLog.Tests.Central;
/// <summary>
/// M4 Bundle B1 — unit tests for <see cref="CentralAuditWriter"/>, the
/// central-only direct-write implementation of <see cref="ICentralAuditWriter"/>.
/// The writer is a thin wrapper around
/// <see cref="IAuditLogRepository.InsertIfNotExistsAsync"/>: it stamps
/// <see cref="AuditEvent.IngestedAtUtc"/>, resolves the (scoped) repository
/// from a fresh DI scope per call, and swallows any thrown exception —
/// audit-write failures NEVER abort the user-facing action (alog.md §13).
/// </summary>
public class CentralAuditWriterTests
{
private static AuditEvent NewEvent(Guid? eventId = null) => new()
{
EventId = eventId ?? Guid.NewGuid(),
OccurredAtUtc = new DateTime(2026, 5, 20, 10, 0, 0, DateTimeKind.Utc),
Channel = AuditChannel.Notification,
Kind = AuditKind.NotifyDeliver,
Status = AuditStatus.Attempted,
CorrelationId = Guid.NewGuid(),
Target = "ops-team",
};
private static (CentralAuditWriter writer, IAuditLogRepository repo) BuildWriter()
{
var repo = Substitute.For<IAuditLogRepository>();
var services = new ServiceCollection();
services.AddScoped(_ => repo);
var provider = services.BuildServiceProvider();
return (new CentralAuditWriter(provider, NullLogger<CentralAuditWriter>.Instance), repo);
}
[Fact]
public async Task WriteAsync_PassesEvent_To_InsertIfNotExistsAsync()
{
var (writer, repo) = BuildWriter();
var evt = NewEvent();
await writer.WriteAsync(evt);
await repo.Received(1).InsertIfNotExistsAsync(
Arg.Is<AuditEvent>(e => e.EventId == evt.EventId),
Arg.Any<CancellationToken>());
}
[Fact]
public async Task WriteAsync_Stamps_IngestedAtUtc_Before_Insert()
{
var (writer, repo) = BuildWriter();
var before = DateTime.UtcNow;
await writer.WriteAsync(NewEvent());
var after = DateTime.UtcNow;
await repo.Received(1).InsertIfNotExistsAsync(
Arg.Is<AuditEvent>(e =>
e.IngestedAtUtc != null &&
e.IngestedAtUtc >= before &&
e.IngestedAtUtc <= after),
Arg.Any<CancellationToken>());
}
[Fact]
public async Task WriteAsync_Repository_Throws_DoesNotPropagate()
{
var repo = Substitute.For<IAuditLogRepository>();
repo.InsertIfNotExistsAsync(Arg.Any<AuditEvent>(), Arg.Any<CancellationToken>())
.ThrowsAsync(new InvalidOperationException("db down"));
var services = new ServiceCollection();
services.AddScoped(_ => repo);
var provider = services.BuildServiceProvider();
var writer = new CentralAuditWriter(provider, NullLogger<CentralAuditWriter>.Instance);
// Must not throw — audit failure NEVER aborts the user-facing action.
await writer.WriteAsync(NewEvent());
}
[Fact]
public async Task WriteAsync_Resolves_Repository_PerCall_From_Fresh_Scope()
{
// Counting factory: every scope opening should resolve a new repo
// (scoped lifetime). We assert at least two distinct instances
// across two WriteAsync calls.
var instances = new List<IAuditLogRepository>();
var services = new ServiceCollection();
services.AddScoped<IAuditLogRepository>(_ =>
{
var r = Substitute.For<IAuditLogRepository>();
instances.Add(r);
return r;
});
var provider = services.BuildServiceProvider();
var writer = new CentralAuditWriter(provider, NullLogger<CentralAuditWriter>.Instance);
await writer.WriteAsync(NewEvent());
await writer.WriteAsync(NewEvent());
Assert.Equal(2, instances.Count);
Assert.NotSame(instances[0], instances[1]);
}
[Fact]
public void Constructor_NullServices_Throws()
{
Assert.Throws<ArgumentNullException>(
() => new CentralAuditWriter(null!, NullLogger<CentralAuditWriter>.Instance));
}
[Fact]
public void Constructor_NullLogger_Throws()
{
var services = new ServiceCollection().BuildServiceProvider();
Assert.Throws<ArgumentNullException>(
() => new CentralAuditWriter(services, null!));
}
}

17
tests/ScadaLink.IntegrationTests/NotificationOutboxFlowTests.cs
View File

@@ -8,8 +8,10 @@ using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging.Abstractions;
using NSubstitute;
using ScadaLink.Commons.Entities.Audit;
using ScadaLink.Commons.Entities.Notifications;
using ScadaLink.Commons.Interfaces.Repositories;
using ScadaLink.Commons.Interfaces.Services;
using ScadaLink.Commons.Messages.Notification;
using ScadaLink.Commons.Types.Enums;
using ScadaLink.ConfigurationDatabase;
@@ -172,7 +174,20 @@ public class NotificationOutboxFlowTests : TestKit
};
return Sys.ActorOf(Props.Create(() => new NotificationOutboxActor(
services, options, NullLogger<NotificationOutboxActor>.Instance)));
services,
options,
(ICentralAuditWriter)new NoOpCentralAuditWriter(),
NullLogger<NotificationOutboxActor>.Instance)));
}
/// <summary>
/// Test-only no-op <see cref="ICentralAuditWriter"/>. The integration tests
/// in this file pre-date M4 Bundle B's audit-writer injection; they do not
/// assert on emission, just need a non-null collaborator.
/// </summary>
private sealed class NoOpCentralAuditWriter : ICentralAuditWriter
{
public Task WriteAsync(AuditEvent evt, CancellationToken ct = default) => Task.CompletedTask;
}
private static NotificationSubmit MakeSubmit(string notificationId)

79
tests/ScadaLink.NotificationOutbox.Tests/NotificationOutboxActorAuditInjectionTests.cs Normal file
View File

@@ -0,0 +1,79 @@
using Akka.Actor;
using Akka.TestKit.Xunit2;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging.Abstractions;
using NSubstitute;
using ScadaLink.Commons.Entities.Audit;
using ScadaLink.Commons.Entities.Notifications;
using ScadaLink.Commons.Interfaces.Repositories;
using ScadaLink.Commons.Interfaces.Services;
namespace ScadaLink.NotificationOutbox.Tests;
/// <summary>
/// M4 Bundle B (B1) — verifies <see cref="NotificationOutboxActor"/> accepts an
/// <see cref="ICentralAuditWriter"/> at construction so subsequent bundle tasks
/// (B2/B3) can route attempt + terminal lifecycle events through the central
/// direct-write audit path.
/// </summary>
public class NotificationOutboxActorAuditInjectionTests : TestKit
{
private static IServiceProvider BuildEmptyProvider()
{
var services = new ServiceCollection();
services.AddScoped(_ => Substitute.For<INotificationOutboxRepository>());
services.AddScoped(_ => Substitute.For<INotificationRepository>());
return services.BuildServiceProvider();
}
/// <summary>
/// Inline NoOp writer that records calls — used to assert later tasks emit
/// events without depending on a concrete CentralAuditWriter.
/// </summary>
private sealed class RecordingCentralAuditWriter : ICentralAuditWriter
{
public List<AuditEvent> Events { get; } = new();
public Task WriteAsync(AuditEvent evt, CancellationToken ct = default)
{
lock (Events)
{
Events.Add(evt);
}
return Task.CompletedTask;
}
}
[Fact]
public void Actor_ConstructedWith_ICentralAuditWriter_NoException()
{
var writer = new RecordingCentralAuditWriter();
// Long dispatch interval so PreStart's timer never fires during the test.
var options = new NotificationOutboxOptions { DispatchInterval = TimeSpan.FromHours(1) };
var actor = Sys.ActorOf(Props.Create(() => new NotificationOutboxActor(
BuildEmptyProvider(),
options,
writer,
NullLogger<NotificationOutboxActor>.Instance)));
Assert.NotNull(actor);
// No event has been emitted yet — the writer is purely injected at this stage.
lock (writer.Events)
{
Assert.Empty(writer.Events);
}
}
[Fact]
public void Actor_NullAuditWriter_Throws()
{
var options = new NotificationOutboxOptions { DispatchInterval = TimeSpan.FromHours(1) };
Assert.Throws<ArgumentNullException>(() => new NotificationOutboxActor(
BuildEmptyProvider(),
options,
auditWriter: null!,
NullLogger<NotificationOutboxActor>.Instance));
}
}

2
tests/ScadaLink.NotificationOutbox.Tests/NotificationOutboxActorDispatchTests.cs
View File

@@ -8,6 +8,7 @@ using ScadaLink.Commons.Interfaces.Repositories;
using ScadaLink.Commons.Types.Enums;
using ScadaLink.NotificationOutbox.Delivery;
using ScadaLink.NotificationOutbox.Messages;
using ScadaLink.NotificationOutbox.Tests.TestSupport;
namespace ScadaLink.NotificationOutbox.Tests;
@@ -81,6 +82,7 @@ public class NotificationOutboxActorDispatchTests : TestKit
return Sys.ActorOf(Props.Create(() => new NotificationOutboxActor(
BuildServiceProvider(adapters),
options ?? new NotificationOutboxOptions { DispatchInterval = TimeSpan.FromHours(1) },
new NoOpCentralAuditWriter(),
NullLogger<NotificationOutboxActor>.Instance)));
}

2
tests/ScadaLink.NotificationOutbox.Tests/NotificationOutboxActorIngestTests.cs
View File

@@ -9,6 +9,7 @@ using ScadaLink.Commons.Interfaces.Repositories;
using ScadaLink.Commons.Messages.Notification;
using ScadaLink.Commons.Types.Enums;
using ScadaLink.NotificationOutbox.Delivery;
using ScadaLink.NotificationOutbox.Tests.TestSupport;
namespace ScadaLink.NotificationOutbox.Tests;
@@ -34,6 +35,7 @@ public class NotificationOutboxActorIngestTests : TestKit
return Sys.ActorOf(Props.Create(() => new NotificationOutboxActor(
BuildServiceProvider(),
new NotificationOutboxOptions(),
new NoOpCentralAuditWriter(),
NullLogger<NotificationOutboxActor>.Instance)));
}

2
tests/ScadaLink.NotificationOutbox.Tests/NotificationOutboxActorPurgeTests.cs
View File

@@ -8,6 +8,7 @@ using ScadaLink.Commons.Interfaces.Repositories;
using ScadaLink.Commons.Types.Enums;
using ScadaLink.NotificationOutbox.Delivery;
using ScadaLink.NotificationOutbox.Messages;
using ScadaLink.NotificationOutbox.Tests.TestSupport;
namespace ScadaLink.NotificationOutbox.Tests;
@@ -46,6 +47,7 @@ public class NotificationOutboxActorPurgeTests : TestKit
DispatchInterval = TimeSpan.FromHours(1),
PurgeInterval = TimeSpan.FromHours(1),
},
new NoOpCentralAuditWriter(),
NullLogger<NotificationOutboxActor>.Instance)));
}

2
tests/ScadaLink.NotificationOutbox.Tests/NotificationOutboxActorQueryTests.cs
View File

@@ -10,6 +10,7 @@ using ScadaLink.Commons.Messages.Notification;
using ScadaLink.Commons.Types.Enums;
using ScadaLink.Commons.Types.Notifications;
using ScadaLink.NotificationOutbox.Delivery;
using ScadaLink.NotificationOutbox.Tests.TestSupport;
namespace ScadaLink.NotificationOutbox.Tests;
@@ -36,6 +37,7 @@ public class NotificationOutboxActorQueryTests : TestKit
BuildServiceProvider(),
// A long dispatch interval keeps the dispatch loop from interfering with these tests.
options ?? new NotificationOutboxOptions { DispatchInterval = TimeSpan.FromHours(1) },
new NoOpCentralAuditWriter(),
NullLogger<NotificationOutboxActor>.Instance)));
}

15
tests/ScadaLink.NotificationOutbox.Tests/TestSupport/NoOpCentralAuditWriter.cs Normal file
View File

@@ -0,0 +1,15 @@
using ScadaLink.Commons.Entities.Audit;
using ScadaLink.Commons.Interfaces.Services;
namespace ScadaLink.NotificationOutbox.Tests.TestSupport;
/// <summary>
/// Test-only no-op <see cref="ICentralAuditWriter"/>. Used by existing
/// NotificationOutboxActor TestKit fixtures whose tests pre-date the M4 Bundle B
/// audit-writer injection — they don't care about audit emission, they just
/// need a non-null collaborator so the actor's constructor succeeds.
/// </summary>
internal sealed class NoOpCentralAuditWriter : ICentralAuditWriter
{
public Task WriteAsync(AuditEvent evt, CancellationToken ct = default) => Task.CompletedTask;
}