azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-04-22 22:26:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5c19c27153d88db5a93477ac44ec5a344f84548c
admin/_docs/02_document/tests/resilience-tests.md
T
Oleksandr Bezdieniezhnykh d320d6dd59 [AZ-189] [AZ-190] [AZ-191] [AZ-192] [AZ-193] [AZ-194] [AZ-195] Add e2e blackbox test suite 
Made-with: Cursor
2026-04-16 06:25:36 +03:00

72 lines
2.3 KiB
Markdown
Raw Blame History

# Resilience Tests
### NFT-RES-01: Database Connection Loss Recovery
**Summary**: API returns appropriate errors when database is unavailable, and recovers when it comes back.
**Traces to**: AC-1, AC-9
**Preconditions**:
- System running normally with database connected
**Fault injection**:
- Stop the PostgreSQL container
**Steps**:
| Step | Action | Expected Behavior |
|------|--------|------------------|
| 1 | Stop test-db container | Database unavailable |
| 2 | Send POST /login request | HTTP 500 (database error, not crash) |
| 3 | Verify API process is still running | Process alive, accepting connections |
| 4 | Restart test-db container | Database available |
| 5 | Wait 5 seconds for connection recovery | — |
| 6 | Send POST /login request | HTTP 200 or HTTP 409 (normal behavior) |
**Pass criteria**: API does not crash on DB loss; recovers within 10s of DB restoration
---
### NFT-RES-02: Invalid JWT Token Handling
**Summary**: API rejects malformed JWT tokens gracefully without crashing.
**Traces to**: AC-18
**Preconditions**:
- System running normally
**Fault injection**:
- Send requests with malformed Authorization headers
**Steps**:
| Step | Action | Expected Behavior |
|------|--------|------------------|
| 1 | Send GET /users with `Authorization: Bearer invalid-token` | HTTP 401 |
| 2 | Send GET /users with `Authorization: Bearer ` (empty) | HTTP 401 |
| 3 | Send GET /users with `Authorization: NotBearer token` | HTTP 401 |
| 4 | Send normal login request | HTTP 200 (system unaffected) |
**Pass criteria**: All malformed tokens return HTTP 401; system remains operational
---
### NFT-RES-03: Concurrent Hardware Binding Attempt
**Summary**: Two simultaneous hardware check requests for the same user do not corrupt data.
**Traces to**: AC-10, AC-11
**Preconditions**:
- User with no hardware bound
**Fault injection**:
- Race condition: two concurrent POST /resources/check with same hardware
**Steps**:
| Step | Action | Expected Behavior |
|------|--------|------------------|
| 1 | Send two POST /resources/check simultaneously with same hardware | Both return HTTP 200 or one returns 200 and other returns 409 |
| 2 | Send a third POST /resources/check with same hardware | HTTP 200 (consistent state) |
**Pass criteria**: No database corruption; subsequent requests behave consistently
Reference in New Issue View Git Blame Copy Permalink