admin/_docs/02_document/tests/test-data.md

# Test Data Management

## Seed Data Sets

| Data Set | Description | Used by Tests | How Loaded | Cleanup |
|----------|-------------|---------------|-----------|---------|
| seed-users | Default admin + uploader users from DDL | All tests requiring auth | SQL init scripts in docker-entrypoint-initdb.d | Fresh container per test run |
| test-resource-file | Small text file (1 KB) for upload/download tests | FT-P-08, FT-P-09, FT-P-10, FT-N-05 | Created by test via upload API | Deleted via ClearFolder API |
| large-resource-file | 200 MB test file for boundary testing | NFT-RES-LIM-01, NFT-RES-LIM-02 | Generated at test start | Deleted after test |

## Data Isolation Strategy

Each test run starts with a fresh Docker Compose environment. The database is initialized from scratch using the SQL scripts in `env/db/`. Tests that create users clean them up via the DELETE API. Tests that upload files clean up via the ClearFolder endpoint.

## Input Data Mapping

| Input Data File | Source Location | Description | Covers Scenarios |
|-----------------|----------------|-------------|-----------------|
| `data_parameters.md` | `_docs/00_problem/input_data/` | DB schema, API request types, config | Reference for all tests |
| `results_report.md` | `_docs/00_problem/input_data/expected_results/` | Input→expected result mapping | All tests |

## Expected Results Mapping

| Test Scenario ID | Input Data | Expected Result | Comparison Method | Tolerance | Expected Result Source |
|-----------------|------------|-----------------|-------------------|-----------|----------------------|
| FT-P-01 | Valid login request | HTTP 200, JWT token in body | exact (status), substring (token) | N/A | results_report.md #1 |
| FT-P-02 | Valid registration request | HTTP 200 | exact | N/A | results_report.md #5 |
| FT-P-03 | JWT token decode | iss, aud, exp claims | exact, numeric_tolerance | exp: ± 60s | results_report.md #4 |
| FT-P-04 | First hardware check | HTTP 200, true | exact | N/A | results_report.md #11 |
| FT-P-05 | Same hardware second check | HTTP 200, true | exact | N/A | results_report.md #12 |
| FT-P-06 | List users with admin JWT | HTTP 200, JSON array >= 1 | exact, threshold_min | N/A | results_report.md #19 |
| FT-P-07 | Filter users by email | HTTP 200, emails contain substring | exact, substring | N/A | results_report.md #20 |
| FT-P-08 | Upload resource file | HTTP 200 | exact | N/A | results_report.md #17 |
| FT-P-09 | Download encrypted resource | HTTP 200, octet-stream, non-empty | exact, threshold_min | N/A | results_report.md #14 |
| FT-P-10 | Decrypt downloaded resource | Byte-equals original | exact | N/A | results_report.md #15 |
| FT-P-11 | Change user role | HTTP 200 | exact | N/A | results_report.md #21 |
| FT-P-12 | Disable user | HTTP 200 | exact | N/A | results_report.md #22 |
| FT-P-13 | Delete user | HTTP 200 | exact | N/A | results_report.md #23 |
| FT-N-01 | Login unknown email | HTTP 409, code 10 | exact | N/A | results_report.md #2 |
| FT-N-02 | Login wrong password | HTTP 409, code 30 | exact | N/A | results_report.md #3 |
| FT-N-03 | Register short email | HTTP 400 | exact | N/A | results_report.md #6 |
| FT-N-04 | Register invalid email | HTTP 400 | exact | N/A | results_report.md #7 |
| FT-N-05 | Upload empty file | HTTP 409, code 70 | exact | N/A | results_report.md #18 |
| FT-N-06 | Hardware mismatch | HTTP 409, code 40 | exact | N/A | results_report.md #13 |
| FT-N-07 | Register duplicate email | HTTP 409, code 20 | exact | N/A | results_report.md #9 |
| FT-N-08 | Register short password | HTTP 400 | exact | N/A | results_report.md #8 |

## External Dependency Mocks

| External Service | Mock/Stub | How Provided | Behavior |
|-----------------|-----------|-------------|----------|
| PostgreSQL | Real instance | Docker container (postgres:16-alpine) | Production-equivalent behavior |
| Filesystem | Docker volume | Mounted volume on system-under-test | Real file I/O |

## Data Validation Rules

| Data Type | Validation | Invalid Examples | Expected System Behavior |
|-----------|-----------|-----------------|------------------------|
| Email | >= 8 chars, valid format | `"short"`, `"notanemail"` | HTTP 400 validation error |
| Password | >= 8 chars | `"short"` | HTTP 400 validation error |
| Hardware string | Not empty | `""` | HTTP 400 validation error |
| File upload | Non-null, <= 200 MB | null, 201 MB file | HTTP 409 (code 70), HTTP 413 |