azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-04-22 11:16:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

[AZ-189] [AZ-190] [AZ-191] [AZ-192] [AZ-193] [AZ-194] [AZ-195] Add e2e blackbox test suite

Browse Source 
Made-with: Cursor
This commit is contained in:
Oleksandr Bezdieniezhnykh
2026-04-16 06:25:36 +03:00
parent 1b38e888e1
commit d320d6dd59
98 changed files with 6883 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_docs/02_tasks/done/AZ-195_resilience_perf_tests.md
+87
View File
@@ -0,0 +1,87 @@
# Resilience & Performance Tests
**Task**: AZ-195_resilience_perf_tests
**Name**: Resilience & Performance Tests
**Description**: Implement resilience tests (DB recovery, malformed JWT, concurrency) and performance/resource limit tests
**Complexity**: 5 points
**Dependencies**: AZ-189_test_infrastructure, AZ-190_auth_tests
**Component**: Blackbox Tests
**Tracker**: AZ-195
**Epic**: AZ-188
## Problem
The system's behavior under failure conditions, load, and resource limits is untested.
## Outcome
- API survives database outage and recovers (NFT-RES-01)
- Malformed JWT tokens don't crash the system (NFT-RES-02)
- Concurrent hardware binding doesn't corrupt data (NFT-RES-03)
- Login latency stays under threshold (NFT-PERF-01)
- Resource download latency acceptable (NFT-PERF-02, NFT-PERF-03)
- Max file size boundary enforced (NFT-RES-LIM-01, NFT-RES-LIM-02)
- Memory stays bounded during encryption (NFT-RES-LIM-03)
## Scope
### Included
- Database loss/recovery resilience test
- Malformed JWT handling
- Concurrent hardware binding race condition
- Login endpoint performance under load
- Resource download performance (small + large files)
- Upload file size boundary (200 MB / 201 MB)
- Memory usage during large file encryption
### Excluded
- User list performance under high user count (NFT-PERF-04 — deferred, requires bulk seed data)
## Acceptance Criteria
**AC-1: DB recovery**
Given the API is running
When the database container is stopped and restarted
Then the API returns errors during outage but recovers within 10s of DB restoration
**AC-2: Malformed JWT**
Given various invalid Authorization headers
When protected endpoints are called
Then all return HTTP 401, system remains operational
**AC-3: Concurrent hardware**
Given a user with no hardware
When two concurrent hardware check requests arrive
Then no data corruption; subsequent requests behave consistently
**AC-4: Login latency**
Given 10 concurrent login requests
When 100 total requests complete
Then p95 latency < 500ms
**AC-5: Max upload accepted**
Given a 200 MB file
When POST /resources/testfolder
Then HTTP 200
**AC-6: Over-max upload rejected**
Given a 201 MB file
When POST /resources/testfolder
Then HTTP 413
## Blackbox Tests
| AC Ref | Initial Data/Conditions | What to Test | Expected Behavior | NFR References |
|--------|------------------------|-------------|-------------------|----------------|
| AC-1 | Running system | Stop/restart DB | Error then recovery | — |
| AC-2 | Various bad tokens | Protected endpoints | HTTP 401, no crash | — |
| AC-3 | Unbound user | Concurrent /resources/check | Consistent state | — |
| AC-4 | 10 concurrent users | 100 login requests | p95 < 500ms | — |
| AC-5 | 200 MB file | Upload | HTTP 200 | — |
| AC-6 | 201 MB file | Upload | HTTP 413 | — |
## Risks & Mitigation
**Risk 1: Docker container manipulation in tests**
- *Risk*: Tests need to stop/start the DB container programmatically
- *Mitigation*: Use Docker SDK or shell commands from test fixture to control containers