Phase 1 WP-11–22: Host infrastructure, Blazor Server UI, and integration tests

Host infrastructure (WP-11–17): - StartupValidator with 19 validation rules - /health/ready endpoint with DB + Akka health checks - Akka.NET bootstrap via AkkaHostedService (HOCON config, cluster, remoting, SBR) - Serilog with SiteId/NodeHostname/NodeRole enrichment - DeadLetterMonitorActor with count tracking - CoordinatedShutdown wiring (no Environment.Exit) - Windows Service support (UseWindowsService) Central UI (WP-18–21): - Blazor Server shell with Bootstrap 5, role-aware NavMenu - Login/logout flow (LDAP auth → JWT → HTTP-only cookie) - CookieAuthenticationStateProvider with idle timeout - LDAP group mapping CRUD page (Admin role) - Route guards with Authorize attributes per role - SignalR reconnection overlay for failover Integration tests (WP-22): - Startup validation, auth flow, audit transactions, readiness gating 186 tests pass (1 skipped: LDAP integration), zero warnings.
2026-03-16 19:50:59 -04:00
parent cafb7d2006
commit d38356efdb
47 changed files with 2436 additions and 71 deletions
--- a/tests/ScadaLink.IntegrationTests/AuditTransactionTests.cs
+++ b/tests/ScadaLink.IntegrationTests/AuditTransactionTests.cs
@@ -0,0 +1,84 @@
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+using ScadaLink.Commons.Entities.Security;
+using ScadaLink.Commons.Interfaces.Repositories;
+using ScadaLink.Commons.Interfaces.Services;
+using ScadaLink.ConfigurationDatabase;
+
+namespace ScadaLink.IntegrationTests;
+
+/// <summary>
+/// WP-22: Audit transactional guarantee — entity change + audit log in same transaction.
+/// </summary>
+public class AuditTransactionTests : IClassFixture<ScadaLinkWebApplicationFactory>
+{
+    private readonly ScadaLinkWebApplicationFactory _factory;
+
+    public AuditTransactionTests(ScadaLinkWebApplicationFactory factory)
+    {
+        _factory = factory;
+    }
+
+    [Fact]
+    public async Task AuditLog_IsCommittedWithEntityChange_InSameTransaction()
+    {
+        using var scope = _factory.Services.CreateScope();
+        var securityRepo = scope.ServiceProvider.GetRequiredService<ISecurityRepository>();
+        var auditService = scope.ServiceProvider.GetRequiredService<IAuditService>();
+        var dbContext = scope.ServiceProvider.GetRequiredService<ScadaLinkDbContext>();
+
+        // Add a mapping and an audit log entry in the same unit of work
+        var mapping = new LdapGroupMapping("test-group-audit", "Admin");
+        await securityRepo.AddMappingAsync(mapping);
+
+        await auditService.LogAsync(
+            user: "test-user",
+            action: "Create",
+            entityType: "LdapGroupMapping",
+            entityId: "0", // ID not yet assigned
+            entityName: "test-group-audit",
+            afterState: new { Group = "test-group-audit", Role = "Admin" });
+
+        // Both should be in the change tracker before saving
+        var trackedEntities = dbContext.ChangeTracker.Entries().Count(e => e.State == EntityState.Added);
+        Assert.True(trackedEntities >= 2, "Both entity and audit log should be tracked before SaveChanges");
+
+        // Single SaveChangesAsync commits both
+        await securityRepo.SaveChangesAsync();
+
+        // Verify both were persisted
+        var mappings = await securityRepo.GetAllMappingsAsync();
+        Assert.Contains(mappings, m => m.LdapGroupName == "test-group-audit");
+
+        var auditEntries = await dbContext.AuditLogEntries.ToListAsync();
+        Assert.Contains(auditEntries, a => a.EntityName == "test-group-audit" && a.Action == "Create");
+    }
+
+    [Fact]
+    public async Task AuditLog_IsNotPersistedWhenSaveNotCalled()
+    {
+        // Create a separate scope so we have a fresh DbContext
+        using var scope1 = _factory.Services.CreateScope();
+        var securityRepo = scope1.ServiceProvider.GetRequiredService<ISecurityRepository>();
+        var auditService = scope1.ServiceProvider.GetRequiredService<IAuditService>();
+
+        // Add entity + audit but do NOT call SaveChangesAsync
+        var mapping = new LdapGroupMapping("orphan-group", "Design");
+        await securityRepo.AddMappingAsync(mapping);
+        await auditService.LogAsync("test", "Create", "LdapGroupMapping", "0", "orphan-group", null);
+
+        // Dispose scope without saving — simulates a failed transaction
+        scope1.Dispose();
+
+        // In a new scope, verify nothing was persisted
+        using var scope2 = _factory.Services.CreateScope();
+        var securityRepo2 = scope2.ServiceProvider.GetRequiredService<ISecurityRepository>();
+        var dbContext2 = scope2.ServiceProvider.GetRequiredService<ScadaLinkDbContext>();
+
+        var mappings = await securityRepo2.GetAllMappingsAsync();
+        Assert.DoesNotContain(mappings, m => m.LdapGroupName == "orphan-group");
+
+        var auditEntries = await dbContext2.AuditLogEntries.ToListAsync();
+        Assert.DoesNotContain(auditEntries, a => a.EntityName == "orphan-group");
+    }
+}