[AZ-189] [AZ-190] [AZ-191] [AZ-192] [AZ-193] [AZ-194] [AZ-195] Add e2e blackbox test suite

Made-with: Cursor

_docs/02_document/00_discovery.md

@@ -0,0 +1,144 @@
+# Codebase Discovery
+
+## Directory Tree
+
+```
+Azaion.AdminApi.sln
+├── Azaion.AdminApi/          # ASP.NET Core Minimal API (entry point)
+│   ├── Program.cs            # App configuration + all endpoint definitions
+│   └── BusinessExceptionHandler.cs
+├── Azaion.Common/            # Shared library (entities, configs, DB, requests, extensions)
+│   ├── Configs/
+│   │   ├── ConnectionStrings.cs
+│   │   ├── JwtConfig.cs
+│   │   └── ResourcesConfig.cs
+│   ├── Database/
+│   │   ├── AzaionDb.cs
+│   │   ├── AzaionDbShemaHolder.cs
+│   │   └── DbFactory.cs
+│   ├── Entities/
+│   │   ├── User.cs           # User, UserConfig, UserQueueOffsets
+│   │   └── RoleEnum.cs
+│   ├── Extensions/
+│   │   ├── EnumExtensions.cs
+│   │   ├── QueryableExtensions.cs
+│   │   ├── StreamExtensions.cs
+│   │   └── StringExtensions.cs
+│   ├── Requests/
+│   │   ├── GetResourceRequest.cs  # also CheckResourceRequest + validator
+│   │   ├── LoginRequest.cs
+│   │   ├── RegisterUserRequest.cs # also RegisterUserValidator
+│   │   ├── SetHWRequest.cs        # also SetHWRequestValidator
+│   │   └── SetUserQueueOffsetsRequest.cs
+│   └── BusinessException.cs       # also ExceptionEnum
+├── Azaion.Services/          # Business logic layer
+│   ├── AuthService.cs        # JWT token creation, current user resolution
+│   ├── UserService.cs        # User CRUD, hardware validation, role management
+│   ├── ResourcesService.cs   # File storage, encrypted resource delivery
+│   ├── Security.cs           # Hashing, AES encryption/decryption
+│   └── Cache.cs              # In-memory caching wrapper over LazyCache
+├── Azaion.Test/              # xUnit test project
+│   ├── UserServiceTest.cs
+│   └── SecurityTest.cs
+├── env/                      # Infrastructure provisioning scripts
+│   ├── db/                   # PostgreSQL setup + schema DDL
+│   ├── api/                  # API deployment scripts
+│   ├── rabbit/               # RabbitMQ setup (not used by this API)
+│   └── cdn/                  # MinIO object storage setup
+├── docker.test/              # Placeholder test Dockerfile
+├── .woodpecker/              # Woodpecker CI pipeline
+│   └── build-arm.yml
+├── Dockerfile                # Multi-stage build targeting .NET 10.0
+├── deploy.cmd                # Docker build + push to docker.azaion.com
+└── .dockerignore
+```
+
+## Tech Stack
+
+| Category | Technology | Version / Details |
+|----------|-----------|-------------------|
+| Language | C# | .NET 10.0 |
+| Framework | ASP.NET Core Minimal API | net10.0 SDK |
+| Database | PostgreSQL | via linq2db 5.4.1 + Npgsql 10.0.1 |
+| Auth | JWT Bearer | Microsoft.AspNetCore.Authentication.JwtBearer 10.0.3 |
+| Token Generation | System.IdentityModel.Tokens.Jwt | 7.1.2 |
+| Validation | FluentValidation | 11.3.0 (API) / 11.10.0 (Common) |
+| Caching | LazyCache | 2.4.0 |
+| Logging | Serilog | 4.1.0 (Console + File sinks) |
+| API Docs | Swagger / Swashbuckle | 10.1.4 |
+| Encryption | AES-256-CBC | System.Security.Cryptography (built-in) |
+| Password Hashing | SHA-384 | System.Security.Cryptography (built-in) |
+| Serialization | Newtonsoft.Json | 13.0.1 |
+| Testing | xUnit 2.9.2 + FluentAssertions 6.12.2 | Microsoft.NET.Test.Sdk 17.11.1 |
+| CI/CD | Woodpecker CI | ARM64 build pipeline |
+| Container | Docker | Multi-stage, .NET 10.0 base images |
+| Container Registry | docker.azaion.com | Private registry |
+
+## Dependency Graph
+
+### Project-Level
+
+```mermaid
+graph TD
+    Common["Azaion.Common"]
+    Services["Azaion.Services"]
+    AdminApi["Azaion.AdminApi"]
+    Test["Azaion.Test"]
+
+    Services --> Common
+    AdminApi --> Common
+    AdminApi --> Services
+    Test --> Services
+```
+
+### Module-Level (Topological Order)
+
+**Tier 0 — Leaf modules (no internal dependencies):**
+1. `Common/Extensions/EnumExtensions`
+2. `Common/Extensions/StringExtensions`
+3. `Common/Extensions/StreamExtensions`
+4. `Common/Extensions/QueryableExtensions`
+5. `Common/Entities/RoleEnum`
+6. `Common/Configs/ConnectionStrings`
+7. `Common/Configs/JwtConfig`
+8. `Common/Configs/ResourcesConfig`
+9. `Common/Requests/LoginRequest`
+
+**Tier 1 — Depends on Tier 0:**
+10. `Common/Entities/User` → RoleEnum
+11. `Common/BusinessException` → EnumExtensions
+12. `Common/Requests/RegisterUserRequest` → RoleEnum, BusinessException
+13. `Common/Requests/GetResourceRequest` → BusinessException
+14. `Common/Requests/SetHWRequest` → BusinessException
+
+**Tier 2 — Depends on Tier 0-1:**
+15. `Common/Requests/SetUserQueueOffsetsRequest` → User
+16. `Common/Database/AzaionDb` → User
+17. `Common/Database/AzaionDbSchemaHolder` → User, RoleEnum, StringExtensions
+18. `Common/Database/DbFactory` → AzaionDb, AzaionDbSchemaHolder, ConnectionStrings
+
+**Tier 3 — Services (depends on Common):**
+19. `Services/Security` → (standalone cryptographic utilities)
+20. `Services/Cache` → (standalone caching wrapper)
+21. `Services/UserService` → DbFactory, User, BusinessException, Security, Cache, QueryableExtensions, Requests
+22. `Services/AuthService` → JwtConfig, User, IUserService
+23. `Services/ResourcesService` → ResourcesConfig, BusinessException, Security (EncryptTo)
+
+**Tier 4 — API + Exception Handler:**
+24. `AdminApi/BusinessExceptionHandler` → BusinessException
+25. `AdminApi/Program` → all services, configs, entities, requests (entry point)
+
+**Tier 5 — Tests:**
+26. `Test/SecurityTest` → Security, StreamExtensions
+27. `Test/UserServiceTest` → UserService, DbFactory, Cache, ConnectionStrings
+
+## Entry Points
+
+- `Azaion.AdminApi/Program.cs` — single API entry point, top-level statements
+
+## Test Structure
+
+- Framework: xUnit
+- Location: `Azaion.Test/`
+- Tests: `SecurityTest` (encrypt/decrypt round-trip), `UserServiceTest` (hardware hash check against live DB)
+- Coverage: minimal — only Security encryption and one UserService integration test