# Resource Limit Tests

### NFT-RES-LIM-01: Maximum Upload File Size (200 MB)

**Summary**: System accepts file uploads at the configured maximum size (200 MB).
**Traces to**: AC-13

**Preconditions**:
- System running with default Kestrel config (MaxRequestBodySize = 200 MB)
- Caller authenticated

**Monitoring**:
- API container memory usage
- Response status code

**Duration**: Single request
**Pass criteria**: HTTP 200 for 200 MB file; API memory stays below 1 GB during upload

---

### NFT-RES-LIM-02: Over-Maximum Upload File Size (201 MB)

**Summary**: System rejects file uploads exceeding the configured maximum size.
**Traces to**: AC-13

**Preconditions**:
- System running with default Kestrel config
- Caller authenticated

**Monitoring**:
- Response status code

**Duration**: Single request
**Pass criteria**: HTTP 413 (Request Entity Too Large) for 201 MB file

---

### NFT-RES-LIM-03: Memory Usage During Large File Encryption

**Summary**: Memory usage during encrypted resource download stays within acceptable bounds.
**Traces to**: AC-14

**Preconditions**:
- 100 MB test file uploaded
- User authenticated with bound hardware

**Monitoring**:
- API container memory usage (docker stats)
- Response time

**Duration**: Single download request
**Pass criteria**: API container memory peak < 500 MB; request completes within 60s

---

### NFT-RES-LIM-04: Concurrent User Connections

**Summary**: System handles multiple simultaneous authenticated requests without errors.
**Traces to**: AC-1, AC-18

**Preconditions**:
- 20 unique users in database

**Monitoring**:
- Response status codes
- Error rate

**Duration**: 60 seconds
**Pass criteria**: 20 concurrent login requests complete with 0% error rate (all HTTP 200)