# Test Data Management

## Seed Data Sets

| Data Set | Description | Used by Tests | How Loaded | Cleanup |
|----------|-------------|---------------|-----------|---------|
| mock-api-responses | Canned responses for mock Azaion Resource API (JWT, resources, key fragments) | All FT-P, FT-N tests | Mock server config | Container restart |
| mock-cdn-data | Pre-uploaded `.big` files on MinIO | FT-P-04, FT-P-05, FT-N-04 | MinIO CLI seed script | Container restart |
| test-resource | Small binary blob for encrypt/decrypt round-trip | FT-P-04, FT-P-05 | File on consumer volume | N/A (read-only) |
| test-archive | Small encrypted `.enc` file + key fragment for unlock tests | FT-P-06, FT-P-07, FT-N-05 | File on SUT volume | Container restart |

## Data Isolation Strategy

Each test run starts with fresh container state. No shared mutable state between tests — mock API and CDN are reset per run.

## Input Data Mapping

| Input Data File | Source Location | Description | Covers Scenarios |
|-----------------|----------------|-------------|-----------------|
| data_parameters.md | `_docs/00_problem/input_data/data_parameters.md` | API request/response schemas | All tests (schema reference) |
| results_report.md | `_docs/00_problem/input_data/expected_results/results_report.md` | Expected results mapping | All tests (expected outcomes) |

## Expected Results Mapping

| Test Scenario ID | Input Data | Expected Result | Comparison Method | Tolerance | Source |
|-----------------|------------|-----------------|-------------------|-----------|--------|
| FT-P-01 | GET /health | HTTP 200, `{"status": "healthy"}` | exact | N/A | inline |
| FT-P-02 | GET /status (no login) | HTTP 200, authenticated=false | exact | N/A | inline |
| FT-P-03 | POST /login valid creds | HTTP 200, `{"status": "ok"}` | exact | N/A | inline |
| FT-P-04 | POST /load/testfile | HTTP 200, binary content | exact (status), threshold_min (length > 0) | N/A | inline |
| FT-P-05 | POST /upload/testfile | HTTP 200, `{"status": "ok"}` | exact | N/A | inline |
| FT-P-06 | POST /unlock valid creds | HTTP 200, state transition | exact | N/A | inline |
| FT-P-07 | GET /unlock/status | HTTP 200, state + error fields | schema | N/A | inline |
| FT-N-01 | POST /login invalid creds | HTTP 401 | exact (status) | N/A | inline |
| FT-N-02 | POST /login empty body | HTTP 422 | exact (status) | N/A | inline |
| FT-N-03 | POST /upload no file | HTTP 422 | exact (status) | N/A | inline |
| FT-N-04 | POST /load nonexistent | HTTP 500 | exact (status) | N/A | inline |
| FT-N-05 | POST /unlock no archive | HTTP 404 | exact (status) | N/A | inline |

## External Dependency Mocks

| External Service | Mock/Stub | How Provided | Behavior |
|-----------------|-----------|-------------|----------|
| Azaion Resource API | Custom Python HTTP server | Docker service (mock-api) | Returns canned JWT on /login; encrypted test data on /resources/get; key fragment on /binary-split/key-fragment |
| S3 CDN | MinIO | Docker service (mock-cdn) | S3-compatible storage with pre-seeded test `.big` files |
| Docker daemon | Real Docker (via socket) | Mounted volume | Required for unlock flow tests |

## Data Validation Rules

| Data Type | Validation | Invalid Examples | Expected System Behavior |
|-----------|-----------|-----------------|------------------------|
| email | String, non-empty | `""`, missing field | HTTP 422 |
| password | String, non-empty | `""`, missing field | HTTP 422 |
| filename | String, non-empty | `""` | HTTP 422 or 500 |
| upload file | Binary, non-empty | Missing file | HTTP 422 |