Merge pull request #9 from HasanJaved-Developer/phase-5-webapp

Phase 5 webapp

Author: HasanJaved-Developer

.github/workflows/dotnet-tests.yml

@@ -0,0 +1,30 @@
+name: .NET Tests (collector)
+
+on:
+  push: { branches: [ "main" ] }
+  pull_request: { branches: [ "main" ] }
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: '9.0.x'
+
+      - name: Restore
+        run: dotnet restore
+
+      - name: Test with coverage (collector → LCOV)
+        run: dotnet test --collect:"XPlat Code Coverage" --settings coverlet.runsettings --results-directory ./TestResults
+
+      # Upload all coverage.info files (supports multiple test projects)
+      - name: Upload to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          files: '**/TestResults/**/coverage.info'
+          flags: unit,integration
+          fail_ci_if_error: true
+          verbose: true
+          # token: ${{ secrets.CODECOV_TOKEN }}   # only needed for private repos

CentralizedLoggingMonitoring.sln

@@ -17,6 +17,10 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CentralizedLogging.Sdk", "C
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CentralizedLogging.Contracts", "CentralizedLogging.Contracts\CentralizedLogging.Contracts.csproj", "{FAAAA797-C668-4B08-B5CA-504A21A3917A}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UserManagementApi.Tests.Unit", "UserManagementApi.Tests.Unit\UserManagementApi.Tests.Unit.csproj", "{66616F9C-B71C-45BF-8962-BAA356215BE6}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UserManagementApi.Tests.Integration", "UserManagementApi.Tests.Integration\UserManagementApi.Tests.Integration.csproj", "{DB6B7B64-C22D-474B-87B1-E48016C8633B}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -51,6 +55,14 @@ Global
 		{FAAAA797-C668-4B08-B5CA-504A21A3917A}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{FAAAA797-C668-4B08-B5CA-504A21A3917A}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{FAAAA797-C668-4B08-B5CA-504A21A3917A}.Release|Any CPU.Build.0 = Release|Any CPU
+		{66616F9C-B71C-45BF-8962-BAA356215BE6}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{66616F9C-B71C-45BF-8962-BAA356215BE6}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{66616F9C-B71C-45BF-8962-BAA356215BE6}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{66616F9C-B71C-45BF-8962-BAA356215BE6}.Release|Any CPU.Build.0 = Release|Any CPU
+		{DB6B7B64-C22D-474B-87B1-E48016C8633B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{DB6B7B64-C22D-474B-87B1-E48016C8633B}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{DB6B7B64-C22D-474B-87B1-E48016C8633B}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{DB6B7B64-C22D-474B-87B1-E48016C8633B}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

README.md

@@ -1,5 +1,12 @@
 # Centralized Logging & Monitoring API
 
+[![Build](https://github.com/HasanJaved-Developer/CentralizedLoggingMonitoring/actions/workflows/dotnet-test-coverage.yml/badge.svg)](https://github.com/HasanJaved-Developer/CentralizedLoggingMonitoring/actions/workflows/dotnet-test-coverage.yml)
+[![Docker Build](https://github.com/HasanJaved-Developer/CentralizedLoggingMonitoring/actions/workflows/docker-build.yml/badge.svg)](https://github.com/HasanJaved-Developer/CentralizedLoggingMonitoring/actions/workflows/docker-build.yml)
+[![codecov](https://codecov.io/gh/HasanJaved-Developer/CentralizedLoggingMonitoring/branch/main/graph/badge.svg)](https://codecov.io/gh/HasanJaved-Developer/CentralizedLoggingMonitoring)
+[![License](https://img.shields.io/github/license/HasanJaved-Developer/CentralizedLoggingMonitoring)](./LICENSE.txt)
+![GitHub release (latest by date)](https://img.shields.io/github/v/release/HasanJaved-Developer/CentralizedLoggingMonitoring)
+
+
 A centralized error logging and monitoring API built with **.NET 9**, Entity Framework Core, and SQL Server. This project is designed to serve as a foundation for collecting, storing, and managing error logs from multiple applications. **Phase 5,7&8** have also been complated and the pending **Phase 6** will be developed in a new repository. 
 
 Each phase of development is preserved in its own branch, culminating in the final **Integration Portal,** which, together with the API projects, forms a **Microservices-inspired architechture** that demonstrates **the Single Service Database Pattern.**

UserManagementApi.Tests.Integration/LoginFlowTests.cs

@@ -0,0 +1,27 @@
+using FluentAssertions;
+using Microsoft.AspNetCore.Mvc.Testing;
+using System.Net;
+using System.Net.Http.Json;
+using UserManagement.Contracts.Auth;
+
+namespace UserManagementApi.Tests.Integration
+{
+    public class LoginFlowTests : IClassFixture<WebApplicationFactory<Program>>
+    {
+        private readonly HttpClient _client;
+        public LoginFlowTests(WebApplicationFactory<Program> factory)
+            => _client = factory.CreateClient();
+
+        [Fact]
+        public async Task Login_ValidCredentials_Returns200AndToken()
+        {
+            var payload = new LoginRequest("bob","bob");
+            var resp = await _client.PostAsJsonAsync("api/users/authenticate", payload);
+
+            resp.StatusCode.Should().Be(HttpStatusCode.OK);
+            var body = await resp.Content.ReadFromJsonAsync<AuthResponse>();
+            body.Should().NotBeNull();
+            body.Token.Should().NotBeNullOrEmpty();
+        }
+    }
+}

UserManagementApi.Tests.Integration/UserManagementApi.Tests.Integration.csproj

@@ -0,0 +1,31 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net9.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <IsPackable>false</IsPackable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="coverlet.collector" Version="6.0.2" />
+    <PackageReference Include="coverlet.msbuild" Version="6.0.4">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="FluentAssertions" Version="8.7.1" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="9.0.9" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.12.0" />
+    <PackageReference Include="xunit" Version="2.9.2" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\UserManagementApi\UserManagementApi.csproj" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <Using Include="Xunit" />
+  </ItemGroup>
+
+</Project>

UserManagementApi.Tests.Unit/LoginControllerTests.cs

@@ -0,0 +1,47 @@
+using FluentAssertions;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Options;
+using Moq;
+using UserManagementApi.Data;
+using UserManagementApi.DTO;
+using UserManagementApi.DTO.Auth;
+
+namespace UserManagementApi.Tests.Unit
+{
+    public class LoginControllerTests
+    {
+        private static AppDbContext NewDb(string name)
+        {
+            var opts = new DbContextOptionsBuilder<AppDbContext>()
+                .UseInMemoryDatabase(name)
+                .Options;
+            return new AppDbContext(opts);
+        }
+
+        [Fact]
+        public async Task Authenticate_WhenMissingUsernameOrPassword_Returns400WithValidationProblem()
+        {
+            using var db = NewDb(nameof(Authenticate_WhenMissingUsernameOrPassword_Returns400WithValidationProblem));
+            var jwtOptions = new JwtOptions
+            {
+                Issuer = "test-issuer",
+                Audience = "test-audience",
+                Key = "supersecretkey1234567890"
+            };
+            var wrapped = Options.Create(jwtOptions); // returns IOptions<JwtOptions>
+
+            var controller = new TestableLoginController(db, wrapped);
+
+            var res = await controller.Authenticate(new LoginRequest("", ""));
+
+            var bad = res.Result.Should().BeOfType<BadRequestObjectResult>().Which;
+            bad.StatusCode.Should().Be(StatusCodes.Status400BadRequest);
+            bad.Value.Should().BeOfType<ValidationProblemDetails>();
+            var v = (ValidationProblemDetails)bad.Value!;
+            v.Errors.Should().ContainKey("userName");
+            v.Errors.Should().ContainKey("password");
+        }
+    }
+}

UserManagementApi.Tests.Unit/TestableLoginController.cs

@@ -0,0 +1,39 @@
+using Microsoft.Extensions.Options;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using UserManagementApi.Contracts.Models;
+using UserManagementApi.Controllers;
+using UserManagementApi.Data;
+using UserManagementApi.DTO;
+using UserManagementApi.DTO.Auth;
+
+namespace UserManagementApi.Tests.Unit
+{
+    public sealed class TestableLoginController :UsersController
+    {
+        private readonly string _jwtToReturn;
+        private readonly DateTime _expToReturn;
+        private readonly UserPermissionsDto _permToReturn;
+
+        public TestableLoginController(AppDbContext db,
+                                       IOptions<JwtOptions> jwtopts)
+            : base(db, jwtopts)
+        {
+            _jwtToReturn = "fake-jwt";
+            _expToReturn = DateTime.UtcNow.AddHours(1);
+            _permToReturn = new UserPermissionsDto(0, "abc", new List<CategoryDto>());
+
+        }
+        protected override Task<UserPermissionsDto> BuildPermissionsForUser(int userId)
+            => Task.FromResult(_permToReturn);
+
+        protected override string GenerateJwt(AppUser user, List<CategoryDto> Categories, out DateTime expiresAtUtc)
+        {
+            expiresAtUtc = _expToReturn;
+            return _jwtToReturn;
+        }
+    }
+}

UserManagementApi.Tests.Unit/UserManagementApi.Tests.Unit.csproj

@@ -0,0 +1,33 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net9.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <IsPackable>false</IsPackable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="coverlet.collector" Version="6.0.2" />
+    <PackageReference Include="coverlet.msbuild" Version="6.0.4">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="FluentAssertions" Version="8.7.1" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="9.0.9" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.12.0" />
+    <PackageReference Include="Moq" Version="4.20.72" />
+    <PackageReference Include="xunit" Version="2.9.2" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\UserManagement.Contracts\UserManagement.Contracts.csproj" />
+    <ProjectReference Include="..\UserManagementApi\UserManagementApi.csproj" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <Using Include="Xunit" />
+  </ItemGroup>
+
+</Project>

UserManagementApi/Controllers/UsersController.cs

@@ -70,10 +70,7 @@ public async Task<ActionResult<AuthResponse>> Authenticate([FromBody] DTO.LoginR
             var dto = await BuildPermissionsForUser(user.Id);
 
             var token = GenerateJwt(user, dto.Categories, out var expiresAtUtc);
-
-            // Get the same permissions tree you already expose
-            var permissions = await BuildPermissionsForUser(user.Id);
-
+                       
             return Ok(new AuthResponse(user.Id, user.UserName, token, expiresAtUtc));
         }
 
@@ -95,7 +92,7 @@ public async Task<ActionResult<UserPermissionsDto>> GetPermissions(int userId)
 
         // ----- helpers -----
 
-        private async Task<UserPermissionsDto> BuildPermissionsForUser(int userId)
+        protected virtual async Task<UserPermissionsDto> BuildPermissionsForUser(int userId)
         {
             // Fetch the user (for name in DTO)
             var user = await _db.Users.AsNoTracking().FirstAsync(u => u.Id == userId);
@@ -153,7 +150,7 @@ on rf.FunctionId equals f.Id
             return new UserPermissionsDto(user.Id, user.UserName, categoryDtos);
         }
 
-        private string GenerateJwt(AppUser user, List<CategoryDto> Categories, out DateTime expiresAtUtc)
+        protected virtual string GenerateJwt(AppUser user, List<CategoryDto> Categories, out DateTime expiresAtUtc)
         {
             var keyBase64 = _jwt.Key;
             var keyPlain = Encoding.UTF8.GetString(Convert.FromBase64String(keyBase64));

UserManagementApi/Program.cs

@@ -152,3 +152,4 @@ await app.MigrateAndSeedWithSqlLockAsync<AppDbContext>(
 
 
 app.Run();
+public partial class Program { }  // make Program discoverable for tests