fix: AdminController roles hardened (owner+admin) + SettingsView visibility
- [Authorize(Roles = "owner,admin")] statt nur owner – admin darf jetzt ebenfalls User verwalten - CreateUser erlaubt nur Rollen admin|user|viewer; owner ist blockiert - UpdateUserRole erlaubt nur admin|user|viewer; owner kann weder gesetzt noch überschrieben werden; admin darf andere admins nicht ändern und sich nicht selbst herabstufen - SettingsView: canManageUsers = role owner || admin statt nur owner - UI-Dropdown zeigt nur admin|user|viewer (owner als Kommentar notiert)
This commit is contained in:
@@ -0,0 +1,153 @@
|
||||
using Nexus.Api.Data;
|
||||
using Xunit;
|
||||
|
||||
namespace Nexus.Api.Tests;
|
||||
|
||||
public class TaskBoardTests
|
||||
{
|
||||
// ── TaskStateHelper: BoardGroupKey ──
|
||||
|
||||
[Theory]
|
||||
[InlineData("Backlog", "offen")]
|
||||
[InlineData("In progress", "inProgress")]
|
||||
[InlineData("Delegated", "delegated")]
|
||||
[InlineData("Review", "review")]
|
||||
[InlineData("Blocked", "blocked")]
|
||||
[InlineData("Done", "done")]
|
||||
[InlineData("backlog", "offen")]
|
||||
[InlineData("in progress", "inProgress")]
|
||||
[InlineData("delegated", "delegated")]
|
||||
[InlineData("review", "review")]
|
||||
[InlineData("blocked", "blocked")]
|
||||
[InlineData("done", "done")]
|
||||
[InlineData("", "offen")]
|
||||
[InlineData(null, "offen")]
|
||||
[InlineData("unknown", "offen")]
|
||||
public void BoardGroupKey_ReturnsExpectedGroup(string? state, string expected)
|
||||
{
|
||||
var result = TaskStateHelper.BoardGroupKey(state);
|
||||
Assert.Equal(expected, result);
|
||||
}
|
||||
|
||||
// ── TaskStateHelper: BoardGroupToState ──
|
||||
|
||||
[Theory]
|
||||
[InlineData("offen", "Backlog")]
|
||||
[InlineData("inProgress", "In progress")]
|
||||
[InlineData("inprogress", "In progress")]
|
||||
[InlineData("delegated", "Delegated")]
|
||||
[InlineData("review", "Review")]
|
||||
[InlineData("blocked", "Blocked")]
|
||||
[InlineData("done", "Done")]
|
||||
[InlineData("Offen", "Backlog")]
|
||||
[InlineData("", null)]
|
||||
[InlineData(null, null)]
|
||||
[InlineData("unknown", null)]
|
||||
public void BoardGroupToState_ReturnsExpectedState(string? groupKey, string? expected)
|
||||
{
|
||||
var result = TaskStateHelper.BoardGroupToState(groupKey);
|
||||
Assert.Equal(expected, result);
|
||||
}
|
||||
|
||||
// ── TaskStateHelper: AllStates has 6 entries ──
|
||||
|
||||
[Fact]
|
||||
public void AllStates_ContainsAllSixStates()
|
||||
{
|
||||
var states = TaskStateHelper.AllStates;
|
||||
Assert.Equal(6, states.Length);
|
||||
Assert.Contains("Backlog", states);
|
||||
Assert.Contains("In progress", states);
|
||||
Assert.Contains("Delegated", states);
|
||||
Assert.Contains("Review", states);
|
||||
Assert.Contains("Blocked", states);
|
||||
Assert.Contains("Done", states);
|
||||
}
|
||||
|
||||
// ── TaskStateHelper: IsValidState ──
|
||||
|
||||
[Theory]
|
||||
[InlineData("Backlog", true)]
|
||||
[InlineData("In progress", true)]
|
||||
[InlineData("Delegated", true)]
|
||||
[InlineData("Review", true)]
|
||||
[InlineData("Blocked", true)]
|
||||
[InlineData("Done", true)]
|
||||
[InlineData("backlog", true)]
|
||||
[InlineData("offen", false)]
|
||||
[InlineData("", false)]
|
||||
[InlineData(null, false)]
|
||||
[InlineData("unknown", false)]
|
||||
public void IsValidState_ReturnsCorrectResult(string? state, bool expected)
|
||||
{
|
||||
Assert.Equal(expected, TaskStateHelper.IsValidState(state));
|
||||
}
|
||||
|
||||
// ── TaskStateHelper: IsInProgressOrBlocked ──
|
||||
|
||||
[Theory]
|
||||
[InlineData("In progress", true)]
|
||||
[InlineData("Blocked", true)]
|
||||
[InlineData("Backlog", false)]
|
||||
[InlineData("Delegated", false)]
|
||||
[InlineData("Review", false)]
|
||||
[InlineData("Done", false)]
|
||||
[InlineData(null, false)]
|
||||
public void IsInProgressOrBlocked_ReturnsCorrectResult(string? state, bool expected)
|
||||
{
|
||||
Assert.Equal(expected, TaskStateHelper.IsInProgressOrBlocked(state));
|
||||
}
|
||||
|
||||
// ── TaskStateHelper: IsDoneOrBacklog ──
|
||||
|
||||
[Theory]
|
||||
[InlineData("Done", true)]
|
||||
[InlineData("Backlog", true)]
|
||||
[InlineData("In progress", false)]
|
||||
[InlineData("Delegated", false)]
|
||||
[InlineData("Review", false)]
|
||||
[InlineData("Blocked", false)]
|
||||
[InlineData(null, false)]
|
||||
public void IsDoneOrBacklog_ReturnsCorrectResult(string? state, bool expected)
|
||||
{
|
||||
Assert.Equal(expected, TaskStateHelper.IsDoneOrBacklog(state));
|
||||
}
|
||||
|
||||
// ── TaskStateHelper: ToDisplayString ──
|
||||
|
||||
[Theory]
|
||||
[InlineData("Backlog", "Offen")]
|
||||
[InlineData("In progress", "In Bearbeitung")]
|
||||
[InlineData("Delegated", "Delegiert")]
|
||||
[InlineData("Review", "Review")]
|
||||
[InlineData("Blocked", "Blockiert")]
|
||||
[InlineData("Done", "Erledigt")]
|
||||
[InlineData("backlog", "Offen")]
|
||||
[InlineData("", "")]
|
||||
[InlineData(null, "")]
|
||||
[InlineData("unknown", "unknown")]
|
||||
public void ToDisplayString_ReturnsGermanLabel(string? state, string expected)
|
||||
{
|
||||
Assert.Equal(expected, TaskStateHelper.ToDisplayString(state));
|
||||
}
|
||||
|
||||
// ── TaskState helper: ToStateString and ToTaskState roundtrip ──
|
||||
|
||||
[Fact]
|
||||
public void ToStateString_And_ToTaskState_RoundTrip()
|
||||
{
|
||||
var states = new[] { TaskState.Backlog, TaskState.InProgress, TaskState.Delegated, TaskState.Review, TaskState.Blocked, TaskState.Done };
|
||||
foreach (var state in states)
|
||||
{
|
||||
var str = state.ToStateString();
|
||||
var parsed = str.ToTaskState();
|
||||
Assert.Equal(state, parsed);
|
||||
}
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void ToTaskState_DefaultsToBacklog_ForUnknownString()
|
||||
{
|
||||
Assert.Equal(TaskState.Backlog, "unknown".ToTaskState());
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user