Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(platform): harden access scoping and delivery baseline

Browse Source
This commit is contained in:
Hartmut Nörenberg
2026-03-30 00:27:31 +02:00
parent 00b936fa1f
commit 819345acfa
109 changed files with 26142 additions and 8081 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/api/src/__tests__/allocation-router.test.ts
+443 -1
View File
@@ -1,7 +1,12 @@
import { AllocationStatus, SystemRole } from "@capakraken/shared";
import { describe, expect, it, vi } from "vitest";
import { beforeEach, describe, expect, it, vi } from "vitest";
import { allocationRouter } from "../router/allocation.js";
import { emitAllocationCreated, emitAllocationDeleted, emitNotificationCreated } from "../sse/event-bus.js";
import { checkBudgetThresholds } from "../lib/budget-alerts.js";
import { generateAutoSuggestions } from "../lib/auto-staffing.js";
import { invalidateDashboardCache } from "../lib/cache.js";
import { logger } from "../lib/logger.js";
import { dispatchWebhooks } from "../lib/webhook-dispatcher.js";
import { createCallerFactory } from "../trpc.js";
vi.mock("../sse/event-bus.js", () => ({
@@ -19,12 +24,29 @@ vi.mock("../lib/cache.js", () => ({
invalidateDashboardCache: vi.fn(),
}));
vi.mock("../lib/auto-staffing.js", () => ({
generateAutoSuggestions: vi.fn(),
}));
vi.mock("../lib/webhook-dispatcher.js", () => ({
dispatchWebhooks: vi.fn().mockResolvedValue(undefined),
}));
vi.mock("../lib/logger.js", () => ({
logger: {
error: vi.fn(),
warn: vi.fn(),
info: vi.fn(),
debug: vi.fn(),
},
}));
const createCaller = createCallerFactory(allocationRouter);
beforeEach(() => {
vi.clearAllMocks();
});
function createManagerCaller(db: Record<string, unknown>) {
return createCaller({
session: {
@@ -112,6 +134,9 @@ describe("allocation entry resolution router", () => {
},
]),
},
vacation: {
findMany: vi.fn().mockResolvedValue([]),
},
};
const caller = createManagerCaller(db);
@@ -134,6 +159,97 @@ describe("allocation entry resolution router", () => {
});
});
it("returns the canonical resource availability summary shape", async () => {
const db = {
resource: {
findUnique: vi.fn().mockResolvedValue({
id: "resource_1",
displayName: "Bruce Banner",
eid: "E-001",
fte: 1,
availability: {
monday: 8,
tuesday: 8,
wednesday: 8,
thursday: 8,
friday: 8,
saturday: 0,
sunday: 0,
},
countryId: "country_de",
federalState: "BY",
metroCityId: null,
country: { dailyWorkingHours: 8, code: "DE" },
metroCity: null,
}),
},
assignment: {
findMany: vi.fn().mockResolvedValue([
{
id: "assignment_1",
startDate: new Date("2026-04-01T00:00:00.000Z"),
endDate: new Date("2026-04-01T00:00:00.000Z"),
hoursPerDay: 4,
status: "CONFIRMED",
project: { name: "Gelddruckmaschine", shortCode: "GDM" },
},
]),
},
vacation: {
findMany: vi.fn().mockResolvedValue([
{
id: "vac_1",
type: "ANNUAL",
status: "APPROVED",
startDate: new Date("2026-04-02T00:00:00.000Z"),
endDate: new Date("2026-04-02T00:00:00.000Z"),
isHalfDay: true,
halfDayPart: "AFTERNOON",
},
]),
},
};
const caller = createManagerCaller(db);
const result = await caller.getResourceAvailabilitySummary({
resourceId: "resource_1",
startDate: new Date("2026-04-01T00:00:00.000Z"),
endDate: new Date("2026-04-02T00:00:00.000Z"),
hoursPerDay: 8,
});
expect(result).toEqual({
resource: "Bruce Banner",
period: "2026-04-01 to 2026-04-02",
fte: null,
workingDays: 2,
periodAvailableHours: 16,
periodBookedHours: 4,
periodRemainingHours: 12,
maxHoursPerDay: 8,
currentBookedHoursPerDay: 2,
availableHoursPerDay: 6,
isFullyAvailable: false,
existingAllocations: [
{
project: "Gelddruckmaschine (GDM)",
hoursPerDay: 4,
status: "CONFIRMED",
start: "2026-04-01",
end: "2026-04-01",
},
],
vacations: [
{
type: "ANNUAL",
start: "2026-04-02",
end: "2026-04-02",
isHalfDay: true,
},
],
});
});
it("creates an open demand through allocation.create without requiring isPlaceholder", async () => {
const createdDemandRequirement = {
id: "demand_1",
@@ -346,6 +462,217 @@ describe("allocation entry resolution router", () => {
expect(emitNotificationCreated).toHaveBeenCalledTimes(2);
});
it("creates a canonical demand draft with router-owned defaults", async () => {
vi.mocked(emitAllocationCreated).mockClear();
vi.mocked(emitNotificationCreated).mockClear();
const createdDemandRequirement = {
id: "demand_draft_1",
projectId: "project_1",
startDate: new Date("2026-04-01"),
endDate: new Date("2026-04-15"),
hoursPerDay: 6,
percentage: 75,
role: "Designer",
roleId: "role_design",
headcount: 2,
status: AllocationStatus.PROPOSED,
metadata: {},
createdAt: new Date("2026-03-13"),
updatedAt: new Date("2026-03-13"),
project: { id: "project_1", name: "Project One", shortCode: "PRJ" },
roleEntity: { id: "role_design", name: "Designer", color: "#0099FF" },
};
const db = createDemandWorkflowDb({
demandRequirement: {
create: vi.fn().mockResolvedValue(createdDemandRequirement),
},
}) as Record<string, unknown>;
Object.assign(db, {
$transaction: vi.fn(async (callback: (tx: unknown) => unknown) => callback(db)),
});
const caller = createManagerCaller(db);
const result = await caller.createDemand({
projectId: "project_1",
role: "Designer",
roleId: "role_design",
headcount: 2,
hoursPerDay: 6,
startDate: new Date("2026-04-01"),
endDate: new Date("2026-04-15"),
});
expect(result.id).toBe("demand_draft_1");
expect(db.demandRequirement.create).toHaveBeenCalledWith(
expect.objectContaining({
data: expect.objectContaining({
headcount: 2,
percentage: 75,
status: AllocationStatus.PROPOSED,
metadata: {},
}),
}),
);
expect(emitAllocationCreated).toHaveBeenCalledWith({
id: "demand_draft_1",
projectId: "project_1",
resourceId: null,
});
});
it("logs and swallows background side-effect failures during demand creation", async () => {
vi.mocked(invalidateDashboardCache).mockRejectedValueOnce(new Error("redis unavailable"));
vi.mocked(checkBudgetThresholds).mockRejectedValueOnce(new Error("budget alerts unavailable"));
vi.mocked(generateAutoSuggestions).mockRejectedValueOnce(new Error("auto suggestions unavailable"));
const createdDemandRequirement = {
id: "demand_safe_1",
projectId: "project_1",
startDate: new Date("2026-04-01"),
endDate: new Date("2026-04-15"),
hoursPerDay: 6,
percentage: 75,
role: "Designer",
roleId: "role_design",
headcount: 2,
status: AllocationStatus.PROPOSED,
metadata: {},
createdAt: new Date("2026-03-13"),
updatedAt: new Date("2026-03-13"),
project: { id: "project_1", name: "Project One", shortCode: "PRJ" },
roleEntity: { id: "role_design", name: "Designer", color: "#0099FF" },
};
const db = createDemandWorkflowDb({
demandRequirement: {
create: vi.fn().mockResolvedValue(createdDemandRequirement),
},
}) as Record<string, unknown>;
Object.assign(db, {
$transaction: vi.fn(async (callback: (tx: unknown) => unknown) => callback(db)),
});
const caller = createManagerCaller(db);
const result = await caller.createDemand({
projectId: "project_1",
role: "Designer",
roleId: "role_design",
headcount: 2,
hoursPerDay: 6,
startDate: new Date("2026-04-01"),
endDate: new Date("2026-04-15"),
});
await Promise.resolve();
await Promise.resolve();
expect(result.id).toBe("demand_safe_1");
expect(vi.mocked(logger.error)).toHaveBeenCalledWith(
expect.objectContaining({ effectName: "invalidateDashboardCache" }),
"Allocation background side effect failed",
);
expect(vi.mocked(logger.error)).toHaveBeenCalledWith(
expect.objectContaining({ effectName: "checkBudgetThresholds", projectId: "project_1" }),
"Allocation background side effect failed",
);
expect(vi.mocked(logger.error)).toHaveBeenCalledWith(
expect.objectContaining({ effectName: "generateAutoSuggestions", demandRequirementId: "demand_safe_1" }),
"Allocation background side effect failed",
);
});
it("logs and swallows background webhook failures during allocation creation", async () => {
vi.mocked(dispatchWebhooks).mockRejectedValueOnce(new Error("webhook unavailable"));
const createdAssignment = {
id: "assignment_safe_1",
demandRequirementId: null,
resourceId: "resource_1",
projectId: "project_1",
startDate: new Date("2026-03-16"),
endDate: new Date("2026-03-20"),
hoursPerDay: 8,
percentage: 100,
role: "Compositor",
roleId: "role_comp",
dailyCostCents: 40000,
status: AllocationStatus.ACTIVE,
metadata: {},
createdAt: new Date("2026-03-13"),
updatedAt: new Date("2026-03-13"),
resource: {
id: "resource_1",
displayName: "Alice",
eid: "E-001",
lcrCents: 5000,
},
project: { id: "project_1", name: "Project One", shortCode: "PRJ" },
roleEntity: { id: "role_comp", name: "Compositor", color: "#111111" },
demandRequirement: null,
};
const db = {
project: {
findUnique: vi.fn().mockResolvedValue({ id: "project_1" }),
},
resource: {
findUnique: vi.fn().mockResolvedValue({
id: "resource_1",
lcrCents: 5000,
availability: {
monday: 8,
tuesday: 8,
wednesday: 8,
thursday: 8,
friday: 8,
saturday: 0,
sunday: 0,
},
}),
},
allocation: {
findMany: vi.fn().mockResolvedValue([]),
create: vi.fn(),
},
assignment: {
findMany: vi.fn().mockResolvedValue([]),
create: vi.fn().mockResolvedValue(createdAssignment),
},
vacation: {
findMany: vi.fn().mockResolvedValue([]),
},
auditLog: {
create: vi.fn().mockResolvedValue({}),
},
$transaction: vi.fn(async (callback: (tx: unknown) => unknown) => callback(db)),
};
const caller = createManagerCaller(db);
const result = await caller.create({
resourceId: "resource_1",
projectId: "project_1",
startDate: new Date("2026-03-16"),
endDate: new Date("2026-03-20"),
hoursPerDay: 8,
percentage: 100,
role: "Compositor",
roleId: "role_comp",
status: AllocationStatus.ACTIVE,
metadata: {},
});
await Promise.resolve();
await Promise.resolve();
expect(result.id).toBe("assignment_safe_1");
expect(vi.mocked(logger.error)).toHaveBeenCalledWith(
expect.objectContaining({ effectName: "dispatchWebhooks", event: "allocation.created" }),
"Allocation background side effect failed",
);
});
it("creates an explicit assignment without dual-writing a legacy allocation row", async () => {
vi.mocked(emitAllocationCreated).mockClear();
@@ -442,6 +769,121 @@ describe("allocation entry resolution router", () => {
});
});
it("assigns a resource to demand and returns the hydrated demand view", async () => {
const demandView = {
id: "demand_1",
projectId: "project_1",
startDate: new Date("2026-05-01T00:00:00.000Z"),
endDate: new Date("2026-05-15T00:00:00.000Z"),
hoursPerDay: 6,
percentage: 75,
role: "Designer",
roleId: "role_1",
headcount: 1,
status: AllocationStatus.PROPOSED,
metadata: {},
project: { id: "project_1", name: "Project One", shortCode: "PRJ" },
roleEntity: { id: "role_1", name: "Designer", color: "#00AAFF" },
assignments: [],
};
const createdAssignment = {
id: "assignment_1",
demandRequirementId: "demand_1",
resourceId: "resource_1",
projectId: "project_1",
startDate: new Date("2026-05-01T00:00:00.000Z"),
endDate: new Date("2026-05-15T00:00:00.000Z"),
hoursPerDay: 6,
percentage: 75,
role: "Designer",
roleId: "role_1",
dailyCostCents: 42000,
status: AllocationStatus.PROPOSED,
metadata: {},
createdAt: new Date("2026-03-13"),
updatedAt: new Date("2026-03-13"),
resource: {
id: "resource_1",
displayName: "Alice",
eid: "E-001",
lcrCents: 7000,
},
project: { id: "project_1", name: "Project One", shortCode: "PRJ" },
roleEntity: { id: "role_1", name: "Designer", color: "#00AAFF" },
demandRequirement: demandView,
};
const db = {
project: {
findUnique: vi.fn().mockResolvedValue({ id: "project_1" }),
},
resource: {
findUnique: vi.fn().mockResolvedValue({
id: "resource_1",
lcrCents: 7000,
availability: {
monday: 8,
tuesday: 8,
wednesday: 8,
thursday: 8,
friday: 8,
saturday: 0,
sunday: 0,
},
}),
},
demandRequirement: {
findUnique: vi.fn()
.mockResolvedValueOnce({
id: "demand_1",
projectId: "project_1",
startDate: new Date("2026-05-01T00:00:00.000Z"),
endDate: new Date("2026-05-15T00:00:00.000Z"),
hoursPerDay: 6,
role: "Designer",
roleId: "role_1",
headcount: 1,
status: AllocationStatus.PROPOSED,
metadata: {},
})
.mockResolvedValueOnce({
id: "demand_1",
projectId: "project_1",
})
.mockResolvedValueOnce(demandView),
update: vi.fn().mockResolvedValue({
id: "demand_1",
projectId: "project_1",
headcount: 1,
status: AllocationStatus.COMPLETED,
}),
},
assignment: {
findMany: vi.fn().mockResolvedValue([]),
create: vi.fn().mockResolvedValue(createdAssignment),
},
vacation: {
findMany: vi.fn().mockResolvedValue([]),
},
auditLog: {
create: vi.fn().mockResolvedValue({}),
},
$transaction: vi.fn(async (callback: (tx: unknown) => unknown) => callback(db)),
};
const caller = createManagerCaller(db);
const result = await caller.assignResourceToDemand({
demandRequirementId: "demand_1",
resourceId: "resource_1",
});
expect(result.assignment.id).toBe("assignment_1");
expect(result.demandRequirement.project.shortCode).toBe("PRJ");
expect(result.demandRequirement.roleEntity?.name).toBe("Designer");
expect(db.assignment.create).toHaveBeenCalledTimes(1);
});
it("deletes an explicit demand requirement without routing through allocation.delete", async () => {
vi.mocked(emitAllocationDeleted).mockClear();