Backend test coverage #49
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Kevin Stanley <[email protected]>
Add integration tests for UserRepo, TenantRepo, and ServiceRepo that cover complex JOIN queries used for permission aggregation and tenant relationships. Tests added: - UserRepoTest: 35+ tests covering getTenantPermissionsFor(), isServiceAvailable(), existsByEmailAndTenantId(), findAllByTenantId(), getUserRolesByUserId(), and more - TenantRepoTest: 13 tests covering findAllByUserEmail() and CRUD operations - ServiceRepoTest: 12 tests covering findByTenantId() and CRUD operations Testing also uncovered that some queries return duplicate rows when users have multiple roles in the same tenant. This behavior is documented in the tests and tracked in Issue #43. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> Signed-off-by: Kevin Stanley <[email protected]>
Tests cover JWT token expiration handling, JWK key rotation support with dual-key validation, CORS configuration documentation, and various authorization edge cases including malformed tokens and missing claims. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> Signed-off-by: Kevin Stanley <[email protected]>
Add 6 new security tests to protect against common JWT attack vectors: - Token signed with unknown RSA key (forged tokens) - Algorithm "none" attack (CVE-2015-9235) - Payload modification with original signature - Algorithm confusion attack (HS256 vs RS256) - Large claims handling (DoS prevention) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> Signed-off-by: Kevin Stanley <[email protected]>
Add comprehensive unit tests for PermissionsService covering: - Permission filtering by scope (SYSTEM, TENANT, SUBTENANT) - Tenant-specific permission checks - Cross-tenant permission validation - Edge cases and boundary conditions Also adds mockito-core dependency for mocking UserRepo. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> Signed-off-by: Kevin Stanley <[email protected]>
- Create application-test.yml with CORS settings to enable preflight request testing - Enable previously disabled CORS tests in SecurityEdgeCasesTest - Add CORS documentation to README.md Fixes #47 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> Signed-off-by: Kevin Stanley <[email protected]>
Ensures tests always run in the 'test' environment regardless of MICRONAUT_ENVIRONMENTS shell variable. This prevents conflicts when developers have sourced setenv.sh (which sets MICRONAUT_ENVIRONMENTS=local). Fixes #47 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> Signed-off-by: Kevin Stanley <[email protected]>
Documents Java 21 requirement, SDKMAN setup, and how to run tests and the application locally. Signed-off-by: Kevin Stanley <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Created additional tests for UnityAuth. Found a few issues during testing and added them to Github.