From 5e056b2334573053e01e1fd9ced9017cee4afd37 Mon Sep 17 00:00:00 2001 From: Oleksandr Bezdieniezhnykh Date: Fri, 22 May 2026 17:49:48 +0300 Subject: [PATCH] [AZ-809] Strict validation for POST /api/satellite/route MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Third concrete child of AZ-795 (cycle 8 batch 3). FluentValidation + [JsonRequired] + UnmappedMemberHandling.Disallow combine to reject every malformed payload at the API boundary with RFC 7807 ValidationProblemDetails. Validators (SatelliteProvider.Api/Validators/, all new) - CreateRouteRequestValidator: id non-empty, name/description length, regionSizeMeters/zoomLevel ranges, points count [2, 500], cross-field createTilesZip => requestMaps. Chains RoutePointValidator (per-point) and GeofencePolygonValidator (per-polygon, guarded by When(Geofences != null)). OverridePropertyName("geofences.polygons") on the geofences chain so FluentValidation's default leaf-only key policy doesn't drop the parent path on deep expressions like req.Geofences!.Polygons. - RoutePointValidator: lat/lon ranges; OverridePropertyName("lat"/"lon") chained AFTER InclusiveBetween (the extension is defined on IRuleBuilderOptions, so the generic type is only inferable after the first concrete rule) so error keys match the wire format (`points[i].lat`) rather than the C# property name (`points[i].latitude`). - GeofencePolygonValidator: per-corner range checks via private nested GeoCornerValidator; cross-field NW.Lat > SE.Lat and NW.Lon < SE.Lon invariants emit at errors["geofences.polygons[i].northWest"]. DTOs (SatelliteProvider.Common/DTO/, [JsonRequired] additions only) - CreateRouteRequest: id, name, regionSizeMeters, zoomLevel, points, requestMaps, createTilesZip - RoutePoint: Latitude, Longitude - GeofencePolygon: NorthWest, SouthEast; Geofences: Polygons - GeoPoint: Lat, Lon Tests - Unit: 26 methods total — 16 in CreateRouteRequestValidatorTests, 6 in GeofencePolygonValidatorTests, 4 in RoutePointValidatorTests. Each RuleFor/RuleForEach chain has at least one positive + one negative case. - Integration: CreateRouteValidationTests.cs — 16 methods (happy + 15 failure modes) wired into smoke + full suites. Covers empty body, missing/zero id, empty name, out-of-range regionSizeMeters/zoomLevel, points count < 2, per-point lat/lon out-of-range, geofence invariants, missing requestMaps, cross-field createTilesZip, unknown root field, nested type mismatch. - Manual probe: scripts/probe_route_validation.sh curl-exercises every failure mode end-to-end + happy path. Docs - New contract _docs/02_document/contracts/api/route-creation.md v1.0.0 with nested DTO chain, invariants, per-field test cases table, and advisories on the legacy service-layer RouteValidator + the input/output RoutePoint vs RoutePointDto naming asymmetry. - system-flows.md F4 sequence diagram extended with the validation-filter branch; preconditions + error scenarios reference the new contract. - modules/api_program.md: CreateRoute handler section added; Api/Validators bumped to AZ-808/AZ-809/AZ-811. - modules/common_dtos.md: DTO descriptions updated with [JsonRequired] annotations and constraint summaries. - tests/blackbox-tests.md BT-06/BT-N03/BT-N04/BT-N05 align with the new wire format and named error keys. - tests/security-tests.md SEC-04 references GlobalExceptionHandler's JsonException branch + AZ-353 correlationId. - _docs/03_implementation/batch_03_cycle8_report.md + reviews/batch_03_cycle8_review.md (PASS_WITH_NOTES — F1 Low: OverridePropertyName documented inline, F2 + F3 Info: pre-existing advisories for follow-up). Smoke green (mode=smoke, exit 0). AZ-809 transitioned to In Testing on Jira. Task file moved to _docs/02_tasks/done/. Co-authored-by: Cursor --- SatelliteProvider.Api/Program.cs | 4 + .../Validators/CreateRouteRequestValidator.cs | 90 +++ .../Validators/GeofencePolygonValidator.cs | 72 +++ .../Validators/RoutePointValidator.cs | 40 ++ .../DTO/CreateRouteRequest.cs | 21 +- SatelliteProvider.Common/DTO/GeoPoint.cs | 2 + .../DTO/GeofencePolygon.cs | 3 + SatelliteProvider.Common/DTO/RoutePoint.cs | 2 + .../CreateRouteValidationTests.cs | 511 ++++++++++++++++++ SatelliteProvider.IntegrationTests/Program.cs | 2 + .../CreateRouteRequestValidatorTests.cs | 282 ++++++++++ .../GeofencePolygonValidatorTests.cs | 132 +++++ .../Validators/RoutePointValidatorTests.cs | 86 +++ .../contracts/api/route-creation.md | 213 ++++++++ _docs/02_document/modules/api_program.md | 14 +- _docs/02_document/modules/common_dtos.md | 37 +- _docs/02_document/system-flows.md | 34 +- _docs/02_document/tests/blackbox-tests.md | 31 +- _docs/02_document/tests/security-tests.md | 6 +- .../AZ-809_route_endpoint_validation.md | 0 .../batch_03_cycle8_report.md | 67 +++ .../reviews/batch_03_cycle8_review.md | 134 +++++ _docs/_autodev_state.md | 2 +- scripts/probe_route_validation.sh | 194 +++++++ 24 files changed, 1929 insertions(+), 50 deletions(-) create mode 100644 SatelliteProvider.Api/Validators/CreateRouteRequestValidator.cs create mode 100644 SatelliteProvider.Api/Validators/GeofencePolygonValidator.cs create mode 100644 SatelliteProvider.Api/Validators/RoutePointValidator.cs create mode 100644 SatelliteProvider.IntegrationTests/CreateRouteValidationTests.cs create mode 100644 SatelliteProvider.Tests/Validators/CreateRouteRequestValidatorTests.cs create mode 100644 SatelliteProvider.Tests/Validators/GeofencePolygonValidatorTests.cs create mode 100644 SatelliteProvider.Tests/Validators/RoutePointValidatorTests.cs create mode 100644 _docs/02_document/contracts/api/route-creation.md rename _docs/02_tasks/{todo => done}/AZ-809_route_endpoint_validation.md (100%) create mode 100644 _docs/03_implementation/batch_03_cycle8_report.md create mode 100644 _docs/03_implementation/reviews/batch_03_cycle8_review.md create mode 100755 scripts/probe_route_validation.sh diff --git a/SatelliteProvider.Api/Program.cs b/SatelliteProvider.Api/Program.cs index 1a65cda..3d4894a 100644 --- a/SatelliteProvider.Api/Program.cs +++ b/SatelliteProvider.Api/Program.cs @@ -259,6 +259,10 @@ app.MapGet("/api/satellite/region/{id:guid}", GetRegionStatus) app.MapPost("/api/satellite/route", CreateRoute) .RequireAuthorization() + .WithValidation() + .Accepts("application/json") + .Produces(StatusCodes.Status200OK) + .ProducesProblem(StatusCodes.Status400BadRequest) .WithOpenApi(op => new(op) { Summary = "Create a route with intermediate points", diff --git a/SatelliteProvider.Api/Validators/CreateRouteRequestValidator.cs b/SatelliteProvider.Api/Validators/CreateRouteRequestValidator.cs new file mode 100644 index 0000000..86e4bd7 --- /dev/null +++ b/SatelliteProvider.Api/Validators/CreateRouteRequestValidator.cs @@ -0,0 +1,90 @@ +using FluentValidation; +using SatelliteProvider.Common.DTO; + +namespace SatelliteProvider.Api.Validators; + +// AZ-809: FluentValidation rules for POST /api/satellite/route. Wired +// through ValidationEndpointFilter at endpoint +// registration time (.WithValidation() in Program.cs). +// Failures are converted to RFC 7807 ValidationProblemDetails per +// _docs/02_document/contracts/api/error-shape.md v1.0.0. +// +// Required-field detection is handled at the deserializer level via +// [JsonRequired] on CreateRouteRequest, RoutePoint, GeofencePolygon, and +// GeoPoint, plus JsonSerializerOptions.UnmappedMemberHandling.Disallow +// (AZ-795 global). This validator covers post-deserialization business +// rules: non-zero id, name + description length, range checks on size / +// zoom / points-count, per-point lat/lon ranges (via RoutePointValidator), +// per-polygon corner ranges + NW-of-SE invariant (via GeofencePolygonValidator), +// and the cross-field createTilesZip-implies-requestMaps rule. +public sealed class CreateRouteRequestValidator : AbstractValidator +{ + private const double MinRegionSizeMeters = 100.0; + private const double MaxRegionSizeMeters = 10000.0; + private const int MinZoom = 0; + private const int MaxZoom = 22; + private const int MinPoints = 2; + private const int MaxPoints = 500; + private const int MaxNameLength = 200; + private const int MaxDescriptionLength = 1000; + + public CreateRouteRequestValidator() + { + RuleFor(req => req.Id) + .NotEmpty() + .WithMessage("`id` must be a non-zero GUID (the caller's idempotency key)."); + + RuleFor(req => req.Name) + .NotEmpty() + .WithMessage("`name` is required and must not be empty or whitespace.") + .MaximumLength(MaxNameLength) + .WithMessage($"`name` must be at most {MaxNameLength} characters."); + + RuleFor(req => req.Description) + .MaximumLength(MaxDescriptionLength) + .When(req => req.Description is not null) + .WithMessage($"`description` must be at most {MaxDescriptionLength} characters."); + + RuleFor(req => req.RegionSizeMeters) + .InclusiveBetween(MinRegionSizeMeters, MaxRegionSizeMeters) + .WithMessage($"`regionSizeMeters` must be between {MinRegionSizeMeters} and {MaxRegionSizeMeters} meters."); + + RuleFor(req => req.ZoomLevel) + .InclusiveBetween(MinZoom, MaxZoom) + .WithMessage($"`zoomLevel` must be between {MinZoom} and {MaxZoom} (slippy-map range)."); + + RuleFor(req => req.Points) + .NotNull().WithMessage("`points` is required.") + .Must(p => p is null || p.Count >= MinPoints) + .WithMessage($"`points` must contain at least {MinPoints} entries.") + .Must(p => p is null || p.Count <= MaxPoints) + .WithMessage($"`points` must contain at most {MaxPoints} entries."); + + RuleForEach(req => req.Points) + .SetValidator(new RoutePointValidator()); + + // Geofences are optional; per-polygon rules apply only when present. + // FluentValidation's default property-name policy drops the parent + // chain on deep expressions like `req.Geofences!.Polygons` — it emits + // only the leaf `polygons`. We OverridePropertyName explicitly so the + // wire-format error keys match the JSON path callers actually post: + // `errors["geofences.polygons"]` and `errors["geofences.polygons[i].…"]`. + When(req => req.Geofences is not null, () => + { + RuleFor(req => req.Geofences!.Polygons) + .NotNull().WithMessage("`geofences.polygons` is required when `geofences` is present.") + .NotEmpty().WithMessage("`geofences.polygons` must contain at least 1 polygon when `geofences` is present.") + .OverridePropertyName("geofences.polygons"); + + RuleForEach(req => req.Geofences!.Polygons) + .SetValidator(new GeofencePolygonValidator()) + .OverridePropertyName("geofences.polygons"); + }); + + // Cross-field invariant: cannot zip what wasn't downloaded. + RuleFor(req => req) + .Must(req => !(req.CreateTilesZip && !req.RequestMaps)) + .WithName("createTilesZip") + .WithMessage("`createTilesZip` requires `requestMaps` to be true (can't zip what wasn't downloaded)."); + } +} diff --git a/SatelliteProvider.Api/Validators/GeofencePolygonValidator.cs b/SatelliteProvider.Api/Validators/GeofencePolygonValidator.cs new file mode 100644 index 0000000..98bc8aa --- /dev/null +++ b/SatelliteProvider.Api/Validators/GeofencePolygonValidator.cs @@ -0,0 +1,72 @@ +using FluentValidation; +using SatelliteProvider.Common.DTO; + +namespace SatelliteProvider.Api.Validators; + +// AZ-809: per-polygon validator invoked via RuleForEach on the parent +// CreateRouteRequest (guarded by When(geofences != null) at the parent). +// Enforces both corner-point shape and the "NW is north-of and west-of SE" +// invariant. +// +// Error path: errors keys land at `geofences.polygons[i].northWest.lat` etc. +public sealed class GeofencePolygonValidator : AbstractValidator +{ + private const double MinLat = -90.0; + private const double MaxLat = 90.0; + private const double MinLon = -180.0; + private const double MaxLon = 180.0; + + public GeofencePolygonValidator() + { + // Both corners must be present. Without them no useful range/cross-field + // check can run, so short-circuit via .Cascade(CascadeMode.Stop). + RuleFor(p => p.NorthWest) + .Cascade(CascadeMode.Stop) + .NotNull().WithMessage("`northWest` corner is required.") + .SetValidator(new GeoCornerValidator("northWest")!); + + RuleFor(p => p.SouthEast) + .Cascade(CascadeMode.Stop) + .NotNull().WithMessage("`southEast` corner is required.") + .SetValidator(new GeoCornerValidator("southEast")!); + + // Cross-field invariant: NW must be genuinely north-of (lat greater) + // AND west-of (lon smaller) SE. Only runs when both corners survived + // the NotNull check above; FluentValidation skips the rule if either + // is null (.When(...) guard below). + RuleFor(p => p) + .Must(HaveNorthWestActuallyNorthOfSouthEast) + .When(p => p.NorthWest is not null && p.SouthEast is not null) + .WithName("northWest") + .WithMessage("`northWest.lat` must be greater than `southEast.lat` (NW is north-of SE)."); + + RuleFor(p => p) + .Must(HaveNorthWestActuallyWestOfSouthEast) + .When(p => p.NorthWest is not null && p.SouthEast is not null) + .WithName("northWest") + .WithMessage("`northWest.lon` must be less than `southEast.lon` (NW is west-of SE)."); + } + + private static bool HaveNorthWestActuallyNorthOfSouthEast(GeofencePolygon polygon) + => polygon.NorthWest!.Lat > polygon.SouthEast!.Lat; + + private static bool HaveNorthWestActuallyWestOfSouthEast(GeofencePolygon polygon) + => polygon.NorthWest!.Lon < polygon.SouthEast!.Lon; + + // Inner per-corner validator. Kept private to this file because the + // polygon corners are the only consumer; if a sibling endpoint needs + // point-shape validation, promote and rename. + private sealed class GeoCornerValidator : AbstractValidator + { + public GeoCornerValidator(string cornerLabel) + { + RuleFor(g => g.Lat) + .InclusiveBetween(MinLat, MaxLat) + .WithMessage($"`{cornerLabel}.lat` must be between {MinLat} and {MaxLat}."); + + RuleFor(g => g.Lon) + .InclusiveBetween(MinLon, MaxLon) + .WithMessage($"`{cornerLabel}.lon` must be between {MinLon} and {MaxLon}."); + } + } +} diff --git a/SatelliteProvider.Api/Validators/RoutePointValidator.cs b/SatelliteProvider.Api/Validators/RoutePointValidator.cs new file mode 100644 index 0000000..1cd6228 --- /dev/null +++ b/SatelliteProvider.Api/Validators/RoutePointValidator.cs @@ -0,0 +1,40 @@ +using FluentValidation; +using SatelliteProvider.Common.DTO; + +namespace SatelliteProvider.Api.Validators; + +// AZ-809: per-point validator invoked via RuleForEach on the parent +// CreateRouteRequest. Each route waypoint must declare a valid WGS84 +// coordinate; the parent validator checks min/max count of the points +// collection separately. +// +// Error path: errors keys land at `points[i].lat` / `points[i].lon` per +// FluentValidation's default child-property naming + GlobalValidatorConfig +// camelCase normalization (matches the wire format set by +// [JsonPropertyName("lat"|"lon")] on RoutePoint). +public sealed class RoutePointValidator : AbstractValidator +{ + private const double MinLat = -90.0; + private const double MaxLat = 90.0; + private const double MinLon = -180.0; + private const double MaxLon = 180.0; + + public RoutePointValidator() + { + // `RoutePoint.Latitude` is the C# property name but the wire name is + // `lat` via [JsonPropertyName]. OverridePropertyName chains AFTER the + // first concrete rule (which provides the `TProperty` for the generic + // extension) and aligns the FluentValidation error key with the wire + // format — callers see `errors["points[i].lat"]` matching what they + // posted rather than the camelCased C# name `latitude`. + RuleFor(p => p.Latitude) + .InclusiveBetween(MinLat, MaxLat) + .WithMessage($"`lat` must be between {MinLat} and {MaxLat}.") + .OverridePropertyName("lat"); + + RuleFor(p => p.Longitude) + .InclusiveBetween(MinLon, MaxLon) + .WithMessage($"`lon` must be between {MinLon} and {MaxLon}.") + .OverridePropertyName("lon"); + } +} diff --git a/SatelliteProvider.Common/DTO/CreateRouteRequest.cs b/SatelliteProvider.Common/DTO/CreateRouteRequest.cs index 99bf780..86f8e3e 100644 --- a/SatelliteProvider.Common/DTO/CreateRouteRequest.cs +++ b/SatelliteProvider.Common/DTO/CreateRouteRequest.cs @@ -4,18 +4,35 @@ namespace SatelliteProvider.Common.DTO; public class CreateRouteRequest { + // AZ-809: [JsonRequired] enforces presence at the deserializer; range and + // shape checks live in `SatelliteProvider.Api/Validators/CreateRouteRequestValidator`. + // Description and Geofences remain optional. The legacy in-service + // `RouteValidator` is left in place as defense-in-depth for direct + // service-layer callers (e.g. unit tests). + [JsonRequired] public Guid Id { get; set; } + + [JsonRequired] public string Name { get; set; } = string.Empty; + public string? Description { get; set; } + + [JsonRequired] public double RegionSizeMeters { get; set; } + + [JsonRequired] public int ZoomLevel { get; set; } + [JsonRequired] public List Points { get; set; } = new(); [JsonPropertyName("geofences")] public Geofences? Geofences { get; set; } - public bool RequestMaps { get; set; } = false; - public bool CreateTilesZip { get; set; } = false; + [JsonRequired] + public bool RequestMaps { get; set; } + + [JsonRequired] + public bool CreateTilesZip { get; set; } } diff --git a/SatelliteProvider.Common/DTO/GeoPoint.cs b/SatelliteProvider.Common/DTO/GeoPoint.cs index b1680f7..1ef85eb 100644 --- a/SatelliteProvider.Common/DTO/GeoPoint.cs +++ b/SatelliteProvider.Common/DTO/GeoPoint.cs @@ -6,9 +6,11 @@ public class GeoPoint { const double PRECISION_TOLERANCE = 0.00005; + [JsonRequired] [JsonPropertyName("lat")] public double Lat { get; set; } + [JsonRequired] [JsonPropertyName("lon")] public double Lon { get; set; } diff --git a/SatelliteProvider.Common/DTO/GeofencePolygon.cs b/SatelliteProvider.Common/DTO/GeofencePolygon.cs index c2f548b..f1f83b9 100644 --- a/SatelliteProvider.Common/DTO/GeofencePolygon.cs +++ b/SatelliteProvider.Common/DTO/GeofencePolygon.cs @@ -4,15 +4,18 @@ namespace SatelliteProvider.Common.DTO; public class GeofencePolygon { + [JsonRequired] [JsonPropertyName("northWest")] public GeoPoint? NorthWest { get; set; } + [JsonRequired] [JsonPropertyName("southEast")] public GeoPoint? SouthEast { get; set; } } public class Geofences { + [JsonRequired] [JsonPropertyName("polygons")] public List Polygons { get; set; } = new(); } diff --git a/SatelliteProvider.Common/DTO/RoutePoint.cs b/SatelliteProvider.Common/DTO/RoutePoint.cs index a3d9a08..cc29182 100644 --- a/SatelliteProvider.Common/DTO/RoutePoint.cs +++ b/SatelliteProvider.Common/DTO/RoutePoint.cs @@ -4,9 +4,11 @@ namespace SatelliteProvider.Common.DTO; public class RoutePoint { + [JsonRequired] [JsonPropertyName("lat")] public double Latitude { get; set; } + [JsonRequired] [JsonPropertyName("lon")] public double Longitude { get; set; } } diff --git a/SatelliteProvider.IntegrationTests/CreateRouteValidationTests.cs b/SatelliteProvider.IntegrationTests/CreateRouteValidationTests.cs new file mode 100644 index 0000000..0a8c159 --- /dev/null +++ b/SatelliteProvider.IntegrationTests/CreateRouteValidationTests.cs @@ -0,0 +1,511 @@ +using System.Text; + +namespace SatelliteProvider.IntegrationTests; + +// AZ-809: end-to-end coverage for POST /api/satellite/route strict input +// validation. Each test exercises one rule from the AZ-809 validator triplet +// (CreateRouteRequestValidator + RoutePointValidator + GeofencePolygonValidator) +// and asserts the response body conforms to the RFC 7807 +// ValidationProblemDetails contract in `_docs/02_document/contracts/api/error-shape.md` +// v1.0.0. Required-field detection is enforced at the deserializer layer via +// [JsonRequired] + UnmappedMemberHandling.Disallow (AZ-795). +// +// The route-creation happy path is intentionally `requestMaps=false` here to +// keep this suite fast; the existing RouteCreationTests.cs exercises the +// `requestMaps=true` flow (with background F5 processing). +public static class CreateRouteValidationTests +{ + private const string RoutePath = "/api/satellite/route"; + + public static async Task RunAll(HttpClient httpClient) + { + RouteTestHelpers.PrintTestHeader("Test: POST /api/satellite/route strict validation (AZ-809)"); + + await HappyPath_Returns200(httpClient); + + // Rule 1: body present + await EmptyBody_Returns400(httpClient); + + // Rule 2: id required, non-zero Guid (probe-confirmed gap) + await MissingId_Returns400(httpClient); + await ZeroGuidId_Returns400(httpClient); + + // Rule 3: name required, length [1, 200] + await EmptyName_Returns400(httpClient); + + // Rule 5: regionSizeMeters required, [100, 10000] + await RegionSizeOutOfRange_Returns400(httpClient); + + // Rule 6: zoomLevel required, [0, 22] + await ZoomLevelOutOfRange_Returns400(httpClient); + + // Rule 7: points required, [2, 500] + await PointsTooFew_Returns400(httpClient); + + // Rule 8: per-point lat/lon ranges + await PointLatOutOfRange_Returns400(httpClient); + await PointLonOutOfRange_Returns400(httpClient); + + // Rule 9: geofence corners + NW-of-SE invariant + await GeofenceNwLatNotGreaterThanSeLat_Returns400(httpClient); + + // Rule 10/11: requestMaps + createTilesZip required + await MissingRequestMaps_Returns400(httpClient); + + // Rule 12: cross-field createTilesZip implies requestMaps + await CreateTilesZipWithoutRequestMaps_Returns400(httpClient); + + // Rule 13: unknown root field rejected + await UnknownRootField_Returns400(httpClient); + + // Rule 14: type mismatch (per-point lat) + await PointLatTypeMismatch_Returns400(httpClient); + + Console.WriteLine("✓ Create-route validation tests: PASSED"); + } + + private static async Task HappyPath_Returns200(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 AC-2: well-formed body → HTTP 200 (no background processing — requestMaps=false)"); + + // Arrange + var routeId = Guid.NewGuid(); + var body = BuildValidBody(routeId, requestMaps: false, createTilesZip: false); + + // Act + var response = await PostJsonAsync(httpClient, body); + var status = (int)response.StatusCode; + var bodyText = await response.Content.ReadAsStringAsync(); + + // Assert + if (status != 200) + { + throw new Exception($"AZ-809 happy path: expected HTTP 200, got {status}. Body: {bodyText}"); + } + + Console.WriteLine(" ✓ Well-formed body accepted with HTTP 200"); + } + + private static async Task EmptyBody_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 1: empty body → HTTP 400"); + + // Act + var response = await PostJsonAsync(httpClient, ""); + var status = (int)response.StatusCode; + + // Assert + if (status != 400) + { + throw new Exception($"AZ-809 rule 1: expected HTTP 400, got {status}."); + } + + Console.WriteLine(" ✓ Empty body rejected with HTTP 400"); + } + + private static async Task MissingId_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 2 (probe-confirmed gap): missing `id` → HTTP 400 (no silent zero-Guid coercion)"); + + // Arrange — same exact pattern as the AZ-808 probe finding. + var body = """ + { + "name": "derkachi-flight-1", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false + } + """; + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 missing id"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 missing id"); + ProblemDetailsAssertions.AssertErrorsContainsMention(problem, expectedMention: "id", label: "AZ-809 missing id"); + + Console.WriteLine(" ✓ Missing `id` rejected with HTTP 400 (no silent coercion)"); + } + + private static async Task ZeroGuidId_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 2: zero-Guid `id` → HTTP 400"); + + // Arrange + var body = BuildValidBody(Guid.Empty, requestMaps: false, createTilesZip: false); + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 zero-Guid id"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 zero-Guid id", expectedErrorPath: "id"); + + Console.WriteLine(" ✓ Zero-Guid `id` rejected with errors[\"id\"]"); + } + + private static async Task EmptyName_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 3: empty `name` → HTTP 400"); + + // Arrange + var routeId = Guid.NewGuid(); + var body = $$""" + { + "id": "{{routeId}}", + "name": "", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false + } + """; + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 empty name"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 empty name", expectedErrorPath: "name"); + + Console.WriteLine(" ✓ Empty `name` rejected with errors[\"name\"]"); + } + + private static async Task RegionSizeOutOfRange_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 5: `regionSizeMeters` out of range (100..10000) → HTTP 400"); + + // Arrange — same 1M cap-exceeder as AZ-808. + var routeId = Guid.NewGuid(); + var body = BuildValidBody(routeId, regionSize: 1_000_000, requestMaps: false, createTilesZip: false); + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 regionSize out of range"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 regionSize out of range", expectedErrorPath: "regionSizeMeters"); + + Console.WriteLine(" ✓ `regionSizeMeters=1000000` rejected with errors[\"regionSizeMeters\"]"); + } + + private static async Task ZoomLevelOutOfRange_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 6: `zoomLevel` out of range (0..22) → HTTP 400"); + + // Arrange + var routeId = Guid.NewGuid(); + var body = BuildValidBody(routeId, zoom: 30, requestMaps: false, createTilesZip: false); + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 zoomLevel out of range"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 zoomLevel out of range", expectedErrorPath: "zoomLevel"); + + Console.WriteLine(" ✓ `zoomLevel=30` rejected with errors[\"zoomLevel\"]"); + } + + private static async Task PointsTooFew_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 7: `points` count < 2 → HTTP 400"); + + // Arrange — single point. + var routeId = Guid.NewGuid(); + var body = $$""" + { + "id": "{{routeId}}", + "name": "single-point-route", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 } + ], + "requestMaps": false, + "createTilesZip": false + } + """; + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 points too few"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 points too few", expectedErrorPath: "points"); + + Console.WriteLine(" ✓ `points` count=1 rejected with errors[\"points\"]"); + } + + private static async Task PointLatOutOfRange_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 8: per-point `lat` out of range → HTTP 400 (errors[points[i].lat])"); + + // Arrange + var routeId = Guid.NewGuid(); + var body = $$""" + { + "id": "{{routeId}}", + "name": "out-of-range-lat", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 91.0, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false + } + """; + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 point lat out of range"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 point lat out of range"); + ProblemDetailsAssertions.AssertErrorsContainsMention(problem, expectedMention: "points[1].lat", label: "AZ-809 point lat out of range"); + + Console.WriteLine(" ✓ `points[1].lat=91` rejected with errors[\"points[1].lat\"]"); + } + + private static async Task PointLonOutOfRange_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 8: per-point `lon` out of range → HTTP 400 (errors[points[i].lon])"); + + // Arrange + var routeId = Guid.NewGuid(); + var body = $$""" + { + "id": "{{routeId}}", + "name": "out-of-range-lon", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 181.0 } + ], + "requestMaps": false, + "createTilesZip": false + } + """; + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 point lon out of range"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 point lon out of range"); + ProblemDetailsAssertions.AssertErrorsContainsMention(problem, expectedMention: "points[1].lon", label: "AZ-809 point lon out of range"); + + Console.WriteLine(" ✓ `points[1].lon=181` rejected with errors[\"points[1].lon\"]"); + } + + private static async Task GeofenceNwLatNotGreaterThanSeLat_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 9: geofence NW.lat <= SE.lat → HTTP 400 (cross-field invariant)"); + + // Arrange — NW.lat == SE.lat → NW not north-of SE. + var routeId = Guid.NewGuid(); + var body = $$""" + { + "id": "{{routeId}}", + "name": "inverted-geofence", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "geofences": { + "polygons": [ + { "northWest": { "lat": 50.05, "lon": 36.05 }, + "southEast": { "lat": 50.05, "lon": 36.15 } } + ] + }, + "requestMaps": false, + "createTilesZip": false + } + """; + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 NW lat not > SE lat"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 NW lat not > SE lat"); + ProblemDetailsAssertions.AssertErrorsContainsMention(problem, expectedMention: "northWest", label: "AZ-809 NW lat not > SE lat"); + + Console.WriteLine(" ✓ NW.lat <= SE.lat rejected by cross-field invariant"); + } + + private static async Task MissingRequestMaps_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 10: missing `requestMaps` → HTTP 400 (no defaulting)"); + + // Arrange + var routeId = Guid.NewGuid(); + var body = $$""" + { + "id": "{{routeId}}", + "name": "no-requestMaps", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "createTilesZip": false + } + """; + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 missing requestMaps"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 missing requestMaps"); + ProblemDetailsAssertions.AssertErrorsContainsMention(problem, expectedMention: "requestMaps", label: "AZ-809 missing requestMaps"); + + Console.WriteLine(" ✓ Missing `requestMaps` rejected"); + } + + private static async Task CreateTilesZipWithoutRequestMaps_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 12: `createTilesZip=true` AND `requestMaps=false` → HTTP 400 (cross-field invariant)"); + + // Arrange + var routeId = Guid.NewGuid(); + var body = BuildValidBody(routeId, requestMaps: false, createTilesZip: true); + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 createTilesZip without requestMaps"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 createTilesZip without requestMaps", expectedErrorPath: "createTilesZip"); + + Console.WriteLine(" ✓ `createTilesZip=true requestMaps=false` rejected by cross-field invariant"); + } + + private static async Task UnknownRootField_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 13: unknown root field → HTTP 400 (UnmappedMemberHandling.Disallow)"); + + // Arrange + var routeId = Guid.NewGuid(); + var body = $$""" + { + "id": "{{routeId}}", + "name": "with-unknown-field", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false, + "debug": "fingerprint-probe" + } + """; + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 unknown root field"); + + // Assert + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 unknown root field"); + ProblemDetailsAssertions.AssertErrorsContainsMention(problem, expectedMention: "debug", label: "AZ-809 unknown root field"); + + Console.WriteLine(" ✓ Unknown root field `debug` rejected with errors mention"); + } + + private static async Task PointLatTypeMismatch_Returns400(HttpClient httpClient) + { + Console.WriteLine(); + Console.WriteLine("AZ-809 rule 14: nested type mismatch (`points[0].lat` as string) → HTTP 400"); + + // Arrange + var routeId = Guid.NewGuid(); + var body = $$""" + { + "id": "{{routeId}}", + "name": "nested-type-mismatch", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": "fifty", "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false + } + """; + + // Act + var response = await PostJsonAsync(httpClient, body); + var problem = await ProblemDetailsAssertions.ReadProblemDetailsAsync(response, "AZ-809 point lat type mismatch"); + + // Assert — GlobalExceptionHandler converts BadHttpRequestException to + // ValidationProblemDetails when the inner JsonException's Path is set. + ProblemDetailsAssertions.AssertValidationProblem(problem, expectedStatus: 400, label: "AZ-809 point lat type mismatch"); + + Console.WriteLine(" ✓ `points[0].lat:\"fifty\"` rejected with HTTP 400"); + } + + private static string BuildValidBody( + Guid routeId, + double regionSize = 1000.0, + int zoom = 18, + bool requestMaps = false, + bool createTilesZip = false) + { + // Lat/lon picked from gps-denied-onboard AZ-777 Phase 2 probe. + return $$""" + { + "id": "{{routeId}}", + "name": "az-809-integration-test", + "description": "AZ-809 integration test route", + "regionSizeMeters": {{regionSize.ToString(System.Globalization.CultureInfo.InvariantCulture)}}, + "zoomLevel": {{zoom}}, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": {{(requestMaps ? "true" : "false")}}, + "createTilesZip": {{(createTilesZip ? "true" : "false")}} + } + """; + } + + private static Task PostJsonAsync(HttpClient httpClient, string body) + { + var content = new StringContent(body, Encoding.UTF8, "application/json"); + return httpClient.PostAsync(RoutePath, content); + } +} diff --git a/SatelliteProvider.IntegrationTests/Program.cs b/SatelliteProvider.IntegrationTests/Program.cs index b06cafa..b1ac68f 100644 --- a/SatelliteProvider.IntegrationTests/Program.cs +++ b/SatelliteProvider.IntegrationTests/Program.cs @@ -143,6 +143,7 @@ class Program await RegionFieldRenameTests.RunAll(httpClient); await RegionRequestValidationTests.RunAll(httpClient); await GetTileByLatLonValidationTests.RunAll(httpClient); + await CreateRouteValidationTests.RunAll(httpClient); await LeafletPathIndexOnlyTests.RunAll(connectionString); await MigrationTests.RunAll(); } @@ -170,6 +171,7 @@ class Program await RegionFieldRenameTests.RunAll(httpClient); await RegionRequestValidationTests.RunAll(httpClient); await GetTileByLatLonValidationTests.RunAll(httpClient); + await CreateRouteValidationTests.RunAll(httpClient); await LeafletPathIndexOnlyTests.RunAll(connectionString); await MigrationTests.RunAll(); } diff --git a/SatelliteProvider.Tests/Validators/CreateRouteRequestValidatorTests.cs b/SatelliteProvider.Tests/Validators/CreateRouteRequestValidatorTests.cs new file mode 100644 index 0000000..9436b7a --- /dev/null +++ b/SatelliteProvider.Tests/Validators/CreateRouteRequestValidatorTests.cs @@ -0,0 +1,282 @@ +using FluentValidation.TestHelper; +using SatelliteProvider.Api.Validators; +using SatelliteProvider.Common.DTO; + +namespace SatelliteProvider.Tests.Validators; + +// AZ-809: unit tests for CreateRouteRequestValidator. Each RuleFor / +// RuleForEach in the root validator has at least one passing case + one +// failing case. Required-field detection lives at the deserializer layer +// ([JsonRequired] + UnmappedMemberHandling.Disallow), covered separately +// at the integration layer in CreateRouteValidationTests. +public class CreateRouteRequestValidatorTests +{ + private readonly CreateRouteRequestValidator _validator; + + public CreateRouteRequestValidatorTests() + { + GlobalValidatorConfig.ApplyOnce(); + _validator = new CreateRouteRequestValidator(); + } + + private static CreateRouteRequest ValidRequest() + { + return new CreateRouteRequest + { + Id = Guid.NewGuid(), + Name = "derkachi-flight-1", + Description = "AZ-777 Phase 2 seed route", + RegionSizeMeters = 1000.0, + ZoomLevel = 18, + Points = new List + { + new() { Latitude = 50.10, Longitude = 36.10 }, + new() { Latitude = 50.11, Longitude = 36.11 }, + }, + RequestMaps = true, + CreateTilesZip = false, + }; + } + + [Fact] + public void Validate_AllValid_Passes() + { + // Arrange + var request = ValidRequest(); + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldNotHaveAnyValidationErrors(); + } + + [Fact] + public void Validate_IdEmpty_FailsNotEmptyRule() + { + // Arrange — reproduces the 2026-05-22 probe finding (silent zero-Guid). + var request = ValidRequest(); + request.Id = Guid.Empty; + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("id") + .WithErrorMessage("`id` must be a non-zero GUID (the caller's idempotency key)."); + } + + [Theory] + [InlineData("")] + [InlineData(" ")] + public void Validate_NameMissing_FailsNotEmptyRule(string name) + { + // Arrange + var request = ValidRequest(); + request.Name = name; + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("name"); + } + + [Fact] + public void Validate_NameTooLong_FailsLengthRule() + { + // Arrange — name length 201 (cap is 200). + var request = ValidRequest(); + request.Name = new string('a', 201); + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("name"); + } + + [Fact] + public void Validate_DescriptionTooLong_FailsLengthRule() + { + // Arrange — description length 1001 (cap is 1000). + var request = ValidRequest(); + request.Description = new string('d', 1001); + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("description"); + } + + [Theory] + [InlineData(99.999)] + [InlineData(0.0)] + [InlineData(10000.001)] + [InlineData(100000.0)] + public void Validate_RegionSizeMetersOutOfRange_FailsRangeRule(double size) + { + // Arrange + var request = ValidRequest(); + request.RegionSizeMeters = size; + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("regionSizeMeters"); + } + + [Theory] + [InlineData(-1)] + [InlineData(23)] + [InlineData(100)] + public void Validate_ZoomLevelOutOfRange_FailsRangeRule(int zoom) + { + // Arrange + var request = ValidRequest(); + request.ZoomLevel = zoom; + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("zoomLevel"); + } + + [Fact] + public void Validate_PointsTooFew_FailsCountRule() + { + // Arrange — only 1 point; min is 2 (Flow F4 precondition). + var request = ValidRequest(); + request.Points = new List + { + new() { Latitude = 50.10, Longitude = 36.10 }, + }; + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("points"); + } + + [Fact] + public void Validate_PointsTooMany_FailsCountRule() + { + // Arrange — 501 points; max is 500. + var request = ValidRequest(); + request.Points = Enumerable + .Range(0, 501) + .Select(_ => new RoutePoint { Latitude = 50.10, Longitude = 36.10 }) + .ToList(); + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("points"); + } + + [Fact] + public void Validate_PointLatOutOfRange_FailsChildRule() + { + // Arrange — second point's lat is out of range + var request = ValidRequest(); + request.Points[1].Latitude = 91.0; + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("points[1].lat"); + } + + [Fact] + public void Validate_PointLonOutOfRange_FailsChildRule() + { + // Arrange — second point's lon is out of range + var request = ValidRequest(); + request.Points[1].Longitude = 181.0; + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("points[1].lon"); + } + + [Fact] + public void Validate_GeofencePolygonNwSwapped_FailsChildInvariant() + { + // Arrange — NW.Lat <= SE.Lat (NW not north-of SE) + var request = ValidRequest(); + request.Geofences = new Geofences + { + Polygons = new List + { + new() + { + NorthWest = new GeoPoint(50.05, 36.05), + SouthEast = new GeoPoint(50.05, 36.15), + } + } + }; + + // Act + var result = _validator.TestValidate(request); + + // Assert — the GeofencePolygonValidator child-validator's `.WithName("northWest")` + // is prefixed with the RuleForEach path which we OverridePropertyName to + // "geofences.polygons", producing the full wire path + // `geofences.polygons[0].northWest`. + result.ShouldHaveValidationErrorFor("geofences.polygons[0].northWest"); + } + + [Fact] + public void Validate_GeofencesPresentButEmpty_FailsNotEmptyRule() + { + // Arrange — geofences object exists, polygons list is empty + var request = ValidRequest(); + request.Geofences = new Geofences { Polygons = new List() }; + + // Act + var result = _validator.TestValidate(request); + + // Assert — OverridePropertyName makes the empty-list rule fire at the + // wire-format path `geofences.polygons` instead of the leaf-only `polygons`. + result.ShouldHaveValidationErrorFor("geofences.polygons"); + } + + [Fact] + public void Validate_CreateTilesZipWithoutRequestMaps_FailsCrossFieldRule() + { + // Arrange — cannot zip what wasn't downloaded + var request = ValidRequest(); + request.RequestMaps = false; + request.CreateTilesZip = true; + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldHaveValidationErrorFor("createTilesZip") + .WithErrorMessage("`createTilesZip` requires `requestMaps` to be true (can't zip what wasn't downloaded)."); + } + + [Fact] + public void Validate_CreateTilesZipWithRequestMaps_Passes() + { + // Arrange — both true is valid + var request = ValidRequest(); + request.RequestMaps = true; + request.CreateTilesZip = true; + + // Act + var result = _validator.TestValidate(request); + + // Assert + result.ShouldNotHaveValidationErrorFor("createTilesZip"); + } +} diff --git a/SatelliteProvider.Tests/Validators/GeofencePolygonValidatorTests.cs b/SatelliteProvider.Tests/Validators/GeofencePolygonValidatorTests.cs new file mode 100644 index 0000000..caf506e --- /dev/null +++ b/SatelliteProvider.Tests/Validators/GeofencePolygonValidatorTests.cs @@ -0,0 +1,132 @@ +using FluentValidation.TestHelper; +using SatelliteProvider.Api.Validators; +using SatelliteProvider.Common.DTO; + +namespace SatelliteProvider.Tests.Validators; + +// AZ-809: unit tests for GeofencePolygonValidator. Covers (a) presence of +// both corners, (b) range checks per corner, and (c) the cross-field +// invariant `NW north-of SE` AND `NW west-of SE`. +public class GeofencePolygonValidatorTests +{ + private readonly GeofencePolygonValidator _validator; + + public GeofencePolygonValidatorTests() + { + GlobalValidatorConfig.ApplyOnce(); + _validator = new GeofencePolygonValidator(); + } + + private static GeofencePolygon ValidPolygon() => new() + { + NorthWest = new GeoPoint(50.15, 36.05), + SouthEast = new GeoPoint(50.05, 36.15), + }; + + [Fact] + public void Validate_AllValid_Passes() + { + // Arrange + var polygon = ValidPolygon(); + + // Act + var result = _validator.TestValidate(polygon); + + // Assert + result.ShouldNotHaveAnyValidationErrors(); + } + + [Fact] + public void Validate_NorthWestNull_FailsNotNullRule() + { + // Arrange + var polygon = ValidPolygon(); + polygon.NorthWest = null; + + // Act + var result = _validator.TestValidate(polygon); + + // Assert + result.ShouldHaveValidationErrorFor("northWest") + .WithErrorMessage("`northWest` corner is required."); + } + + [Fact] + public void Validate_SouthEastNull_FailsNotNullRule() + { + // Arrange + var polygon = ValidPolygon(); + polygon.SouthEast = null; + + // Act + var result = _validator.TestValidate(polygon); + + // Assert + result.ShouldHaveValidationErrorFor("southEast") + .WithErrorMessage("`southEast` corner is required."); + } + + [Theory] + [InlineData(-90.001)] + [InlineData(90.001)] + public void Validate_NorthWestLatOutOfRange_FailsRangeRule(double lat) + { + // Arrange + var polygon = ValidPolygon(); + polygon.NorthWest = new GeoPoint(lat, 36.05); + + // Act + var result = _validator.TestValidate(polygon); + + // Assert + result.ShouldHaveValidationErrorFor("northWest.lat"); + } + + [Theory] + [InlineData(-180.001)] + [InlineData(180.001)] + public void Validate_SouthEastLonOutOfRange_FailsRangeRule(double lon) + { + // Arrange + var polygon = ValidPolygon(); + polygon.SouthEast = new GeoPoint(50.05, lon); + + // Act + var result = _validator.TestValidate(polygon); + + // Assert + result.ShouldHaveValidationErrorFor("southEast.lon"); + } + + [Fact] + public void Validate_NorthWestLatNotGreaterThanSouthEast_FailsInvariant() + { + // Arrange — NW.Lat <= SE.Lat → invariant violation + var polygon = ValidPolygon(); + polygon.NorthWest = new GeoPoint(50.05, 36.05); + polygon.SouthEast = new GeoPoint(50.05, 36.15); + + // Act + var result = _validator.TestValidate(polygon); + + // Assert + result.ShouldHaveValidationErrorFor("northWest") + .WithErrorMessage("`northWest.lat` must be greater than `southEast.lat` (NW is north-of SE)."); + } + + [Fact] + public void Validate_NorthWestLonNotLessThanSouthEast_FailsInvariant() + { + // Arrange — NW.Lon >= SE.Lon → invariant violation + var polygon = ValidPolygon(); + polygon.NorthWest = new GeoPoint(50.15, 36.15); + polygon.SouthEast = new GeoPoint(50.05, 36.15); + + // Act + var result = _validator.TestValidate(polygon); + + // Assert + result.ShouldHaveValidationErrorFor("northWest") + .WithErrorMessage("`northWest.lon` must be less than `southEast.lon` (NW is west-of SE)."); + } +} diff --git a/SatelliteProvider.Tests/Validators/RoutePointValidatorTests.cs b/SatelliteProvider.Tests/Validators/RoutePointValidatorTests.cs new file mode 100644 index 0000000..d7ad7d7 --- /dev/null +++ b/SatelliteProvider.Tests/Validators/RoutePointValidatorTests.cs @@ -0,0 +1,86 @@ +using FluentValidation.TestHelper; +using SatelliteProvider.Api.Validators; +using SatelliteProvider.Common.DTO; + +namespace SatelliteProvider.Tests.Validators; + +// AZ-809: unit tests for RoutePointValidator. Lat/lon range checks live on +// `RoutePoint.Latitude` / `RoutePoint.Longitude` (C# names); the validator's +// OverridePropertyName aligns FluentValidation error keys with the wire +// format (`lat` / `lon`) so callers see what they posted. +public class RoutePointValidatorTests +{ + private readonly RoutePointValidator _validator; + + public RoutePointValidatorTests() + { + GlobalValidatorConfig.ApplyOnce(); + _validator = new RoutePointValidator(); + } + + [Theory] + [InlineData(-90.001)] + [InlineData(90.001)] + [InlineData(180.0)] + public void Validate_LatOutOfRange_FailsRangeRule(double lat) + { + // Arrange + var point = new RoutePoint { Latitude = lat, Longitude = 37.647063 }; + + // Act + var result = _validator.TestValidate(point); + + // Assert + result.ShouldHaveValidationErrorFor("lat"); + } + + [Theory] + [InlineData(-90.0)] + [InlineData(0.0)] + [InlineData(47.461747)] + [InlineData(90.0)] + public void Validate_LatAtOrInsideBounds_Passes(double lat) + { + // Arrange + var point = new RoutePoint { Latitude = lat, Longitude = 37.647063 }; + + // Act + var result = _validator.TestValidate(point); + + // Assert + result.ShouldNotHaveValidationErrorFor("lat"); + } + + [Theory] + [InlineData(-180.001)] + [InlineData(180.001)] + [InlineData(360.0)] + public void Validate_LonOutOfRange_FailsRangeRule(double lon) + { + // Arrange + var point = new RoutePoint { Latitude = 47.461747, Longitude = lon }; + + // Act + var result = _validator.TestValidate(point); + + // Assert + result.ShouldHaveValidationErrorFor("lon"); + } + + [Theory] + [InlineData(-180.0)] + [InlineData(0.0)] + [InlineData(37.647063)] + [InlineData(180.0)] + public void Validate_LonAtOrInsideBounds_Passes(double lon) + { + // Arrange + var point = new RoutePoint { Latitude = 47.461747, Longitude = lon }; + + // Act + var result = _validator.TestValidate(point); + + // Assert + result.ShouldNotHaveValidationErrorFor("lon"); + } +} diff --git a/_docs/02_document/contracts/api/route-creation.md b/_docs/02_document/contracts/api/route-creation.md new file mode 100644 index 0000000..bbf3463 --- /dev/null +++ b/_docs/02_document/contracts/api/route-creation.md @@ -0,0 +1,213 @@ +# Contract: route-creation + +**Component**: WebApi (`SatelliteProvider.Api`) producing rows via RouteManagement (`SatelliteProvider.Services.RouteManagement`) and feeding the background Route Map Processing flow (Flow F5) +**Producer task**: AZ-809 — `_docs/02_tasks/done/AZ-809_route_endpoint_validation.md` (validator + this contract) +**Consumer tasks**: `gps-denied-onboard` AZ-777 Phase 2 (preferred imagery-seeding path — route-based rather than bbox-based) +**Version**: 1.0.0 +**Status**: frozen +**Last Updated**: 2026-05-22 + +## Purpose + +Defines the HTTP contract for `POST /api/satellite/route` — the route-onboarding endpoint that stores an ordered set of waypoints, interpolates intermediate points every ~200 m, and (optionally, when `requestMaps=true`) enqueues a region request per route point so background processing pre-fetches map tiles for the entire route corridor. Geofence polygons (optional) restrict which intermediate points get region-requests. Callers poll `GET /api/satellite/route/{id}` until `mapsReady=true` (when `requestMaps=true`) or read the response directly (when `requestMaps=false`). + +This is v1.0.0 — published alongside AZ-809's validator landing. There is no prior contract document; the producer-doc surface before AZ-809 was `modules/api_program.md::CreateRoute Handler` + Flow F4 + Flow F5 only. + +## Endpoint + +``` +POST /api/satellite/route +Content-Type: application/json +Authorization: Bearer +``` + +The request MUST carry a valid JWT (AZ-487). No `permissions` claim is required. Anonymous requests are rejected with HTTP 401. + +## Shape + +### Request body + +```jsonc +{ + "id": "8f5e6d3e-1a2b-4c3d-9e8f-0123456789ab", + "name": "derkachi-flight-1", + "description": "AZ-777 Phase 2 seed route", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "geofences": { + "polygons": [ + { "northWest": { "lat": 50.15, "lon": 36.05 }, + "southEast": { "lat": 50.05, "lon": 36.15 } } + ] + }, + "requestMaps": true, + "createTilesZip": false +} +``` + +Per-field constraints: + +| Field | Type | Required | Description | Constraints | +|-------|------|----------|-------------|-------------| +| `id` | UUID | yes (`[JsonRequired]`) | Caller-supplied idempotency key. POSTing twice with the same `id` returns the existing route resource. | Non-zero GUID (validator rejects `00000000-...`). | +| `name` | string | yes (`[JsonRequired]`) | Human-readable route name (used in produced filenames). | Length `[1, 200]`. Empty/whitespace rejected. | +| `description` | string | no | Free-text description. | Length `[0, 1000]` when present. | +| `regionSizeMeters` | number | yes (`[JsonRequired]`) | Side length of the square region requested per route point. | `[100.0, 10000.0]` (aligned with `region-request.md::sizeMeters`). | +| `zoomLevel` | integer | yes (`[JsonRequired]`) | Slippy-map zoom level for region tiles. | `[0, 22]`. | +| `points` | array | yes (`[JsonRequired]`) | Ordered waypoints. Server interpolates additional intermediate points every ~200 m between consecutive originals. | Count `[2, 500]`. | +| `points[i].lat` | number | yes (`[JsonRequired]`) | WGS84 latitude. | `[-90.0, 90.0]`. | +| `points[i].lon` | number | yes (`[JsonRequired]`) | WGS84 longitude. | `[-180.0, 180.0]`. | +| `geofences` | object | no | When present, intermediate points outside ALL polygons get filtered before region enqueue. | See nested shape below. | +| `geofences.polygons` | array | yes (`[JsonRequired]` when `geofences` present) | One or more bbox polygons (NW corner + SE corner). | Non-empty when `geofences` present. | +| `geofences.polygons[i].northWest` | object | yes (`[JsonRequired]`) | Polygon's northwest corner. | See `GeoPoint` shape. | +| `geofences.polygons[i].southEast` | object | yes (`[JsonRequired]`) | Polygon's southeast corner. | See `GeoPoint` shape. | +| `requestMaps` | bool | yes (`[JsonRequired]`) | When `true`, enqueue background region-requests for every route point inside the geofences (or all points if no geofences). | No default — caller must declare intent. | +| `createTilesZip` | bool | yes (`[JsonRequired]`) | When `true`, AFTER all region tiles are ready, package them into a ZIP at `tilesZipPath`. Requires `requestMaps=true` (can't zip what wasn't downloaded). | No default. Cross-field invariant with `requestMaps`. | + +`GeoPoint` shape (used by `northWest` / `southEast`): + +| Field | Type | Required | Constraints | +|-------|------|----------|-------------| +| `lat` | number | yes (`[JsonRequired]`) | `[-90.0, 90.0]`. | +| `lon` | number | yes (`[JsonRequired]`) | `[-180.0, 180.0]`. | + +Polygon corner cross-field invariant (`GeofencePolygonValidator`): +- `northWest.lat > southEast.lat` (NW is genuinely north-of SE). +- `northWest.lon < southEast.lon` (NW is genuinely west-of SE). + +### Response body (post-AC-2 unchanged from pre-AZ-809) + +```jsonc +{ + "id": "8f5e6d3e-1a2b-4c3d-9e8f-0123456789ab", + "name": "derkachi-flight-1", + "description": "AZ-777 Phase 2 seed route", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "totalDistanceMeters": 132.4, + "totalPoints": 3, + "points": [ + { "latitude": 50.10, "longitude": 36.10, "pointType": "original", "sequenceNumber": 0, "segmentIndex": 0, "distanceFromPrevious": null }, + { "latitude": 50.105, "longitude": 36.105, "pointType": "intermediate", "sequenceNumber": 1, "segmentIndex": 0, "distanceFromPrevious": 66.2 }, + { "latitude": 50.11, "longitude": 36.11, "pointType": "original", "sequenceNumber": 2, "segmentIndex": 0, "distanceFromPrevious": 66.2 } + ], + "requestMaps": true, + "mapsReady": false, + "csvFilePath": null, + "summaryFilePath": null, + "stitchedImagePath": null, + "tilesZipPath": null, + "createdAt": "2026-05-22T14:00:00Z", + "updatedAt": "2026-05-22T14:00:00Z" +} +``` + +**Advisory AC-10**: The response echoes points as `{"latitude":..,"longitude":..}` (legacy long form) but the request accepts `{"lat":..,"lon":..}` (OSM short form). This input/output asymmetry on the same `RoutePoint` round-trip is documented and intentional for v1.0.0 — fixing it would be a major contract break. A follow-up task can harmonize the response side. + +### Endpoint summary + +| Method | Path | Request | Response | Status codes | +|--------|------|---------|----------|--------------| +| `POST` | `/api/satellite/route` | `CreateRouteRequest` body | `RouteResponse` (route resource snapshot) | 200, 400, 401 | + +## Error shape + +All `400` responses conform to `_docs/02_document/contracts/api/error-shape.md` v1.0.0. Three sources produce identically-shaped `ValidationProblemDetails` bodies: + +1. **Deserializer envelope** (`UnmappedMemberHandling.Disallow` + `[JsonRequired]`) — rejects missing-required fields and unknown root/nested keys with `errors[]` produced via `GlobalExceptionHandler`'s `JsonException` path. +2. **`CreateRouteRequestValidator`** — rejects non-zero-Id, name/description length, range checks on size / zoom / points-count, and the cross-field `createTilesZip ⇒ requestMaps` rule. +3. **`RoutePointValidator` + `GeofencePolygonValidator`** — invoked via `RuleForEach` / `SetValidator`; rejects per-point lat/lon out-of-range, per-polygon corner out-of-range, and the NW-north-of-SE / NW-west-of-SE invariants. + +Example body for a missing-id failure (probe-confirmed pre-AZ-809 silent zero-Guid coercion): + +```jsonc +{ + "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1", + "title": "One or more validation errors occurred.", + "status": 400, + "errors": { + "id": ["The JSON property 'id' is required, but a value was not supplied."] + } +} +``` + +Example body for a nested per-point failure: + +```jsonc +{ + "errors": { + "points[1].lat": ["`lat` must be between -90 and 90."] + } +} +``` + +Example body for a polygon corner invariant failure: + +```jsonc +{ + "errors": { + "geofences.polygons[0].northWest": ["`northWest.lat` must be greater than `southEast.lat` (NW is north-of SE)."] + } +} +``` + +## Invariants + +- **Inv-1**: `id` is a non-zero GUID, supplied by the caller. Re-POST with the same id returns the existing route (idempotent contract per `IdempotentPostTests`). +- **Inv-2**: `points` has at least 2 entries (Flow F4 precondition) and at most 500 entries (cap to prevent runaway region-enqueue). +- **Inv-3**: Every `points[i].lat ∈ [-90, 90]` and `points[i].lon ∈ [-180, 180]`. +- **Inv-4**: `regionSizeMeters ∈ [100, 10000]` (aligned with `region-request.md::sizeMeters`). +- **Inv-5**: `zoomLevel ∈ [0, 22]` (slippy-map range, aligned with `region-request.md` Inv-5 and `tile-inventory.md` Inv-8). +- **Inv-6** (cross-field): `createTilesZip=true ⇒ requestMaps=true` (can't zip what wasn't downloaded). +- **Inv-7** (per-polygon shape): `northWest` AND `southEast` corners both present. +- **Inv-8** (per-polygon invariant): `northWest.lat > southEast.lat` AND `northWest.lon < southEast.lon`. +- **Inv-9**: Unknown root or nested fields → 400 (deserializer's `UnmappedMemberHandling.Disallow`). + +## Non-Goals + +- **Not covered**: route mutation. No PUT / PATCH endpoint exists; routes are immutable post-creation. +- **Not covered**: background processing (Flow F5) — Flow F5 docs cover the region enqueue, tile download, ZIP packaging, and `mapsReady` transition. +- **Not covered**: response field renaming. The input/output naming asymmetry (`points[i].lat` request vs `points[i].latitude` response) is acknowledged in AC-10 advisory and tracked for a future major contract bump. +- **Not covered**: the legacy `RouteValidator` in `SatelliteProvider.Services.RouteManagement` — it remains as defense-in-depth for direct service-layer callers; its checks are now redundant with this contract but a separate cleanup task should consolidate. + +## Versioning Rules + +- **Patch (1.0.x)**: Documentation clarifications, additional invariants that do not change wire behavior. +- **Minor (1.x.0)**: Adding an optional field consumers may safely ignore; relaxing a range; supporting a new geofence shape type alongside the existing bbox. +- **Major (2.0.0)**: Renaming any request or response field; tightening any existing range; harmonizing the response point names to `lat`/`lon` (resolves AC-10); changing the `createTilesZip ⇔ requestMaps` cross-field rule semantics. + +## Test Cases + +| Case | Input | Expected | Notes | +|------|-------|----------|-------| +| happy-path-no-maps | full body with `requestMaps=false` | HTTP 200 + RouteResponse (mapsReady=false, no background processing) | AC-2 | +| happy-path-with-maps | full body with `requestMaps=true` | HTTP 200; background F5 enqueues regions; `GET /api/satellite/route/{id}` shows `mapsReady=true` within ~20s for a 2-point 132m route at z=18 | AC-2 + existing RouteCreationTests | +| empty-body | `""` | HTTP 400 | Rule 1 | +| missing-id | body without `id` | HTTP 400 + `errors[id]` ("required") | Rule 2 (probe-confirmed gap) | +| zero-guid-id | `"id":"00000000-..."` | HTTP 400 + `errors[id]` ("non-zero GUID") | Rule 2 | +| empty-name | `"name":""` | HTTP 400 + `errors[name]` | Rule 3 | +| description-too-long | `"description":<1001 chars>` | HTTP 400 + `errors[description]` | Rule 4 | +| regionSize-out-of-range | `"regionSizeMeters":1000000` | HTTP 400 + `errors[regionSizeMeters]` | Rule 5 | +| zoom-out-of-range | `"zoomLevel":30` | HTTP 400 + `errors[zoomLevel]` | Rule 6 | +| points-too-few | 1-point array | HTTP 400 + `errors[points]` | Rule 7 (Flow F4 precondition) | +| points-too-many | 501-point array | HTTP 400 + `errors[points]` | Rule 7 (cap) | +| point-lat-out-of-range | `"points":[..., {"lat":91,..}]` | HTTP 400 + `errors["points[1].lat"]` | Rule 8 | +| point-lon-out-of-range | `"points":[..., {"lat":..,"lon":181}]` | HTTP 400 + `errors["points[1].lon"]` | Rule 8 | +| geofence-nw-not-north | NW.lat == SE.lat | HTTP 400 + `errors["geofences.polygons[0].northWest"]` | Rule 9 / Inv-8 | +| geofence-nw-not-west | NW.lon == SE.lon | HTTP 400 + `errors["geofences.polygons[0].northWest"]` | Rule 9 / Inv-8 | +| missing-requestMaps | body without `requestMaps` | HTTP 400 + `errors[requestMaps]` | Rule 10 | +| createTilesZip-without-requestMaps | `"requestMaps":false,"createTilesZip":true` | HTTP 400 + `errors[createTilesZip]` | Rule 12 (cross-field) | +| unknown-root-field | extra `"debug":"..."` key | HTTP 400 + `errors[debug]` | Rule 13 (`UnmappedMemberHandling.Disallow`) | +| point-lat-type-mismatch | `"points":[{"lat":"fifty",..}, ..]` | HTTP 400 (nested JSON error) | Rule 14 (`GlobalExceptionHandler`) | +| auth-anonymous | no Bearer token | HTTP 401 | Standard `.RequireAuthorization()` | +| idempotent-replay | re-POST same `id` | HTTP 200 (echoes existing resource) | `IdempotentPostTests` AC-2 | + +## Change Log + +| Version | Date | Change | Author | +|---------|------|--------|--------| +| 1.0.0 | 2026-05-22 | Initial contract for `POST /api/satellite/route`. Publishes the FluentValidation surface (CreateRouteRequestValidator + RoutePointValidator + GeofencePolygonValidator) + the 14 rules in AZ-809, including the probe-confirmed missing-id gap and the cross-field `createTilesZip ⇒ requestMaps` invariant. References `error-shape.md` v1.0.0, `region-request.md` v1.0.0 (F5 enqueue path), and Flows F4/F5 (cross-link). | autodev (Step 10, cycle 8) | diff --git a/_docs/02_document/modules/api_program.md b/_docs/02_document/modules/api_program.md index 8133ab1..5e0a70e 100644 --- a/_docs/02_document/modules/api_program.md +++ b/_docs/02_document/modules/api_program.md @@ -15,7 +15,7 @@ Application entry point. Configures DI container, sets up middleware, defines mi | POST | `/api/satellite/upload` | `UploadUavTileBatch` | UAV tile batch upload (AZ-488) — multipart envelope, 5-rule quality gate, per-source UPSERT with `source='uav'`. Requires the `RequiresGpsPermission` policy. | | POST | `/api/satellite/request` | `RequestRegion` | Queue region for async tile processing | | GET | `/api/satellite/region/{id}` | `GetRegionStatus` | Get region processing status | -| POST | `/api/satellite/route` | `CreateRoute` | Create route with intermediate points | +| POST | `/api/satellite/route` | `CreateRoute` | Create route with intermediate points. AZ-809 (cycle 8) added strict pre-handler validation via `WithValidation()`: non-zero `id`, name length ∈ \[1, 200\], description length ≤ 1000, `regionSizeMeters` ∈ \[100, 10000\], `zoomLevel` ∈ \[0, 22\], `points` count ∈ \[2, 500\] with per-point lat/lon range checks, per-polygon NW-of-SE invariants, and the `createTilesZip ⇒ requestMaps` cross-field rule. Deserializer-layer failures (missing `[JsonRequired]` axes, unknown fields, type mismatches) are caught by `GlobalExceptionHandler` and produce the same RFC 7807 envelope. Contract: `_docs/02_document/contracts/api/route-creation.md` v1.0.0 + `_docs/02_document/contracts/api/error-shape.md` v1.0.0. | | GET | `/api/satellite/route/{id}` | `GetRoute` | Get route with all points | ### Local Records (defined in Program.cs) @@ -23,9 +23,11 @@ Application entry point. Configures DI container, sets up middleware, defines mi - `DownloadTileResponse` — tile download response - `ParameterDescriptionFilter` — Swagger operation filter (AZ-811 cycle 8 trimmed the obsolete `Latitude`/`Longitude`/`ZoomLevel` entries; the surviving `lat`/`lon`/`mgrs`/`squareSideMeters` keys still annotate query-string params) -### Api/Validators (AZ-795 epic, AZ-811 cycle 8) +### Api/Validators (AZ-795 epic, AZ-808/AZ-809/AZ-811 cycle 8) - `RejectUnknownQueryParamsEndpointFilter` — `IEndpointFilter` parameterized by an allowed-keys set; rejects unknown query-string parameters with RFC 7807 `ValidationProblemDetails`. Apply BEFORE `WithValidation()` so unknown-param errors precede range checks against the bound default value. - `GetTileByLatLonQueryValidator` — `AbstractValidator` with `lat`/`lon`/`zoom` rules. Each rule chains `Cascade(CascadeMode.Stop) → NotNull → InclusiveBetween` so a missing param surfaces ONLY as `"\`\` is required."` (no spurious range error against a null sentinel). +- `RegionRequestValidator` (AZ-808 cycle 8) — `AbstractValidator`. Post-deserialization business rules: non-zero `id`, `lat`/`lon` ranges, `sizeMeters` ∈ \[100, 10000\], `zoomLevel` ∈ \[0, 22\]. Required-field detection lives at the deserializer layer (`[JsonRequired]` + `UnmappedMemberHandling.Disallow`). +- `CreateRouteRequestValidator` + `RoutePointValidator` + `GeofencePolygonValidator` (AZ-809 cycle 8) — three FluentValidation validators for the route-creation endpoint. The root validator chains `RuleForEach(req => req.Points).SetValidator(new RoutePointValidator())` for per-point checks and `RuleForEach(req => req.Geofences!.Polygons).SetValidator(new GeofencePolygonValidator()).OverridePropertyName("geofences.polygons")` for per-polygon checks. The `OverridePropertyName` on the geofences chain restores the full wire path (`geofences.polygons[i].northWest`) because FluentValidation's default name policy drops the parent on deep expressions like `req.Geofences!.Polygons`. `RoutePointValidator` uses `OverridePropertyName("lat"/"lon")` after each range rule so error keys match the wire format (`lat`/`lon`) rather than the camelCased C# names (`latitude`/`longitude`). The cross-field rule `createTilesZip ⇒ requestMaps` lives on the root via `Must(req => !(req.CreateTilesZip && !req.RequestMaps)).WithName("createTilesZip")`. ### Api/DTOs (AZ-811 cycle 8) - `GetTileByLatLonQuery` — `record GetTileByLatLonQuery(double? Lat, double? Lon, int? Zoom)` with `[FromQuery(Name="lat"|"lon"|"zoom")]` on each property. Bound via `[AsParameters]` on the `GetTileByLatLon` handler. **Nullable on purpose**: minimal-API binding throws `BadHttpRequestException` for missing non-nullable query params BEFORE endpoint filters run; that short-circuit produces a plain `ProblemDetails` via `GlobalExceptionHandler` with no `errors{}` envelope. Nullable types let binding always succeed so the envelope filter + validator handle the failure surface uniformly per `error-shape.md` v1.0.0. The handler dereferences `.Value` only after the validator filter passes. @@ -104,7 +106,13 @@ Binds `[AsParameters] GetTileByLatLonQuery` (record with nullable `[FromQuery(Na The two filter layers produce identically-shaped ProblemDetails bodies. The `RejectUnknownQueryParamsEndpointFilter` is reusable — register it once per allowed-key set on any future query-string endpoint that needs the same shape-strictness. ### RequestRegion Handler -Validates size (100–10000m), delegates to `IRegionService.RequestRegionAsync`. +AZ-808 (cycle 8) added strict pre-handler validation via `.WithValidation()`: non-zero `id`, `lat`/`lon` ranges, `sizeMeters` ∈ \[100, 10000\], `zoomLevel` ∈ \[0, 22\]. Missing `[JsonRequired]` axes / unknown root fields are caught at the deserializer layer by `GlobalExceptionHandler`. Post-validation, delegates to `IRegionService.RequestRegionAsync`. + +### CreateRoute Handler (AZ-809 cycle 8) +Pre-handler validation via `.WithValidation()`. Layered defence: +1. **Deserializer layer (System.Text.Json + `GlobalExceptionHandler`)** — `[JsonRequired]` markers on `CreateRouteRequest.{Id, Name, RegionSizeMeters, ZoomLevel, Points, RequestMaps, CreateTilesZip}`, on `RoutePoint.{Latitude, Longitude}`, on `Geofences.Polygons`, on `GeofencePolygon.{NorthWest, SouthEast}`, and on `GeoPoint.{Lat, Lon}` catch missing-field payloads; `UnmappedMemberHandling.Disallow` catches unknown root + nested fields; type mismatches surface as `JsonException`. All three surface as HTTP 400 + `ValidationProblemDetails`. +2. **Validator layer (`CreateRouteRequestValidator` + `RoutePointValidator` + `GeofencePolygonValidator`)** — non-zero `id`, name/description length caps, `regionSizeMeters` ∈ \[100, 10000\], `zoomLevel` ∈ \[0, 22\], `points` count ∈ \[2, 500\] with per-point range checks (error keys `points[i].lat` / `points[i].lon`), per-polygon corner ranges + `NW.Lat > SE.Lat` + `NW.Lon < SE.Lon` invariants (error keys `geofences.polygons[i].northWest`), and the `createTilesZip ⇒ requestMaps` cross-field rule. +3. **Handler** — receives a fully-validated `CreateRouteRequest` and delegates to `IRouteService.CreateRouteAsync`. The route service's own legacy `RouteValidator` (in `SatelliteProvider.Services.RouteManagement`) still runs as a defence-in-depth backstop — its checks are now strictly weaker than the validator-layer rules; tracked as an advisory clean-up in `route-creation.md`. Authenticated by `.RequireAuthorization()` (401 before validation runs for anonymous requests). ### UploadUavTileBatch Handler (AZ-488) Buffers each `IFormFile` into memory, packages them as `UavUploadFile` records (filename, content-type, bytes), and delegates to `IUavTileUploadHandler.HandleAsync`. Envelope-level errors (mismatched batch, oversized batch, malformed metadata) are surfaced as HTTP 400 ProblemDetails; per-item rejects are returned in the HTTP 200 response payload. The endpoint is protected by `.RequireAuthorization(SatellitePermissions.UavUploadPolicy)` so 401 (no token) and 403 (no `GPS` permission) are returned before the handler runs. diff --git a/_docs/02_document/modules/common_dtos.md b/_docs/02_document/modules/common_dtos.md index 47bfab3..2dc0c62 100644 --- a/_docs/02_document/modules/common_dtos.md +++ b/_docs/02_document/modules/common_dtos.md @@ -6,9 +6,9 @@ Data transfer objects used across all layers — API requests/responses, inter-s ## Public Interface ### GeoPoint -Geographic coordinate with tolerance-based equality. -- `Lat` (double): latitude, JSON property `"lat"` -- `Lon` (double): longitude, JSON property `"lon"` +Geographic coordinate with tolerance-based equality. AZ-809 (cycle 8) marked both axes `[JsonRequired]` so a polygon corner missing either axis is rejected at the deserializer layer. +- `Lat` (double, `[JsonRequired]`, JSON: `"lat"`) +- `Lon` (double, `[JsonRequired]`, JSON: `"lon"`) - Constructor: `GeoPoint()`, `GeoPoint(double lat, double lon)` - Equality: two points are equal if both coordinates differ by less than `0.00005` (PRECISION_TOLERANCE) - Operator overloads: `==`, `!=` @@ -50,20 +50,27 @@ Response DTO for region status queries. - `TilesDownloaded`, `TilesReused` (int), `CreatedAt`, `UpdatedAt` (DateTime) ### RoutePoint -Input point in a route creation request. -- `Latitude` (double, JSON: `"lat"`), `Longitude` (double, JSON: `"lon"`) +Input point in a route creation request. AZ-809 (cycle 8) marked both axes `[JsonRequired]` so the System.Text.Json deserializer rejects missing-axis payloads with HTTP 400 + `ValidationProblemDetails` via `GlobalExceptionHandler` BEFORE the FluentValidation layer runs. +- `Latitude` (double, `[JsonRequired]`, JSON: `"lat"`) +- `Longitude` (double, `[JsonRequired]`, JSON: `"lon"`) ### RoutePointDto Output point in a route response (includes computed fields). - `Latitude`, `Longitude` (double), `PointType` (string: "start"/"end"/"action"/"intermediate") - `SequenceNumber`, `SegmentIndex` (int), `DistanceFromPrevious` (double?) +- **Naming asymmetry**: input wire uses short OSM `lat`/`lon` (`RoutePoint`); response wire uses long `latitude`/`longitude` (`RoutePointDto`). Pre-existing — AZ-809 documented but did not change this. Tracked as a follow-up advisory in `_docs/02_document/contracts/api/route-creation.md`. ### CreateRouteRequest -API request body for route creation. -- `Id` (Guid), `Name` (string), `Description` (string?) -- `RegionSizeMeters` (double), `ZoomLevel` (int) -- `Points` (List\), `Geofences` (Geofences?) -- `RequestMaps` (bool), `CreateTilesZip` (bool) +API request body for route creation. AZ-809 (cycle 8) added `[JsonRequired]` to every non-optional axis so missing fields are caught at the deserializer layer (uniform with AZ-808 region-request and AZ-795 inventory). +- `Id` (Guid, `[JsonRequired]`) — caller-supplied idempotency key; non-zero GUID +- `Name` (string, `[JsonRequired]`) — length \[1, 200\] +- `Description` (string?) — optional, length ≤ 1000 when present +- `RegionSizeMeters` (double, `[JsonRequired]`) — \[100, 10000\] +- `ZoomLevel` (int, `[JsonRequired]`) — \[0, 22\] slippy-map range +- `Points` (List\, `[JsonRequired]`) — count ∈ \[2, 500\] +- `Geofences` (Geofences?) — optional; when present, each polygon validated +- `RequestMaps` (bool, `[JsonRequired]`) — no default; missing → 400 +- `CreateTilesZip` (bool, `[JsonRequired]`) — no default; cross-field invariant requires `requestMaps=true` when `true` ### RouteResponse API response for route queries. @@ -71,12 +78,14 @@ API response for route queries. - `MapsReady` (bool), `TilesZipPath` (string?) ### GeofencePolygon -Axis-aligned bounding box defined by NW and SE corners. -- `NorthWest` (GeoPoint?), `SouthEast` (GeoPoint?) +Axis-aligned bounding box defined by NW and SE corners. AZ-809 (cycle 8) marked both corners `[JsonRequired]` so a partially-specified polygon (just `northWest`, no `southEast`, or vice-versa) is rejected at the deserializer layer. +- `NorthWest` (GeoPoint?, `[JsonRequired]`, JSON: `"northWest"`) +- `SouthEast` (GeoPoint?, `[JsonRequired]`, JSON: `"southEast"`) +- Cross-corner invariants (enforced by `GeofencePolygonValidator`): `NW.Lat > SE.Lat` (NW is north-of SE) and `NW.Lon < SE.Lon` (NW is west-of SE). Equal corners fail both invariants with `errors["geofences.polygons[i].northWest"]`. ### Geofences -Container for multiple geofence polygons. -- `Polygons` (List\) +Container for multiple geofence polygons. AZ-809 (cycle 8) marked `Polygons` `[JsonRequired]` so an empty `geofences: {}` envelope is rejected. +- `Polygons` (List\, `[JsonRequired]`, JSON: `"polygons"`) — at least 1 polygon when `geofences` is present (validator rule, not deserializer rule). ### UavTileMetadata (added AZ-488, extended AZ-503) Per-tile metadata payload inside a UAV batch upload (`POST /api/satellite/upload`). Indexed-correlated with the multipart `IFormFileCollection`. diff --git a/_docs/02_document/system-flows.md b/_docs/02_document/system-flows.md index a7cf97a..9dd6d21 100644 --- a/_docs/02_document/system-flows.md +++ b/_docs/02_document/system-flows.md @@ -177,12 +177,13 @@ sequenceDiagram ### Description -Client submits a route (ordered waypoints + optional geofence polygons). The service interpolates intermediate points every ~200m and persists the full point set. +Client submits a route (ordered waypoints + optional geofence polygons). The service interpolates intermediate points every ~200m and persists the full point set. The wire-format contract is `_docs/02_document/contracts/api/route-creation.md` v1.0.0; failure responses follow `error-shape.md` v1.0.0. ### Preconditions -- At least 2 waypoints provided -- Valid geofence polygons (if provided) +- JWT in `Authorization: Bearer ` validates against the API's signing key, issuer, and audience (`.RequireAuthorization()`). +- Request body deserializes successfully: all `[JsonRequired]` axes present (`id`, `name`, `regionSizeMeters`, `zoomLevel`, `points`, `requestMaps`, `createTilesZip`, plus per-point `lat`/`lon`, per-polygon `northWest`/`southEast`, per-corner `lat`/`lon`, `geofences.polygons` when `geofences` present); no unknown root or nested fields (`UnmappedMemberHandling.Disallow`). +- `CreateRouteRequestValidator` rules pass: non-zero `id`, name length \[1, 200\], description length ≤ 1000, `regionSizeMeters` ∈ \[100, 10000\], `zoomLevel` ∈ \[0, 22\], `points` count ∈ \[2, 500\] with each point's lat/lon in range, per-polygon corner ranges + NW-of-SE invariants, `createTilesZip ⇒ requestMaps`. ### Sequence Diagram @@ -190,26 +191,33 @@ Client submits a route (ordered waypoints + optional geofence polygons). The ser sequenceDiagram participant Client participant WebApi + participant ValidationFilter participant RouteService participant RouteRepo participant GeoUtils - Client->>WebApi: POST /api/satellite/route {points, geofences, options} - WebApi->>RouteService: CreateRoute(request) - RouteService->>GeoUtils: Interpolate points between waypoints - GeoUtils-->>RouteService: All points (original + intermediate) - RouteService->>RouteRepo: InsertRoute(RouteEntity) - RouteService->>RouteRepo: InsertPoints(RoutePointEntities) - RouteService-->>WebApi: RouteResponse - WebApi-->>Client: 200 OK {route_id, total_points, total_distance} + Client->>WebApi: POST /api/satellite/route {id, name, points, geofences?, ...} + WebApi->>ValidationFilter: .WithValidation() + alt validation fails + ValidationFilter-->>Client: 400 ValidationProblemDetails (errors{path→msg}) + else validation passes + WebApi->>RouteService: CreateRoute(request) + RouteService->>GeoUtils: Interpolate points between waypoints + GeoUtils-->>RouteService: All points (original + intermediate) + RouteService->>RouteRepo: InsertRoute(RouteEntity) + RouteService->>RouteRepo: InsertPoints(RoutePointEntities) + RouteService-->>WebApi: RouteResponse + WebApi-->>Client: 200 OK {id, totalPoints, totalDistanceMeters, ...} + end ``` ### Error Scenarios | Error | Where | Detection | Recovery | |-------|-------|-----------|----------| -| Invalid points (< 2) | Validation | Count check | Return 400 | -| DB insert failure | Persist step | Exception | Return 500 | +| Missing `[JsonRequired]` axis / unknown field / type mismatch | Deserializer | `JsonException` → `GlobalExceptionHandler` | Return 400 `ValidationProblemDetails` (per `error-shape.md` v1.0.0) | +| Validator rule violation (range, count, cross-field) | `ValidationEndpointFilter` | `CreateRouteRequestValidator` + nested `RoutePointValidator` / `GeofencePolygonValidator` | Return 400 with `errors{path→msg}` map | +| DB insert failure | Persist step | Exception | Return 500 (sanitised body + correlationId per AZ-353) | --- diff --git a/_docs/02_document/tests/blackbox-tests.md b/_docs/02_document/tests/blackbox-tests.md index aec7652..060cc58 100644 --- a/_docs/02_document/tests/blackbox-tests.md +++ b/_docs/02_document/tests/blackbox-tests.md @@ -37,9 +37,9 @@ ## BT-06: Simple Route Creation (2 points) -**Trigger**: POST /api/satellite/route with 2 waypoints (48.276067,37.384458) → (48.270740,37.374029), regionSize=500, zoom=18 -**Expected**: Route created with interpolated intermediate points -**Pass criterion**: totalPoints > 2; every point spacing ≤ 200m; first point type="original"; last point type="original"; intermediates type="intermediate" +**Trigger**: POST /api/satellite/route with id=``, name=``, 2 waypoints (48.276067,37.384458) → (48.270740,37.374029), regionSizeMeters=500, zoomLevel=18, requestMaps=false, createTilesZip=false. Post-AZ-809 (cycle 8) every `[JsonRequired]` axis must be present — see `_docs/02_document/contracts/api/route-creation.md` v1.0.0. +**Expected**: HTTP 200 + route created with interpolated intermediate points. +**Pass criterion**: totalPoints > 2; every point spacing ≤ 200m; first point type="original"; last point type="original"; intermediates type="intermediate". ## BT-07: Route Retrieval by ID @@ -98,21 +98,24 @@ ## BT-N03: Route with < 2 Points -**Trigger**: POST /api/satellite/route with only 1 point -**Expected**: Validation error -**Pass criterion**: HTTP 400 or validation error message +**Trigger**: POST /api/satellite/route with only 1 point (post-AZ-809 wire format: `id`/`name`/`regionSizeMeters`/`zoomLevel`/`points`/`requestMaps`/`createTilesZip`). +**Expected**: HTTP 400 + `ValidationProblemDetails` per `error-shape.md` v1.0.0; `errors["points"]` map entry from `CreateRouteRequestValidator`. +**Pass criterion**: HTTP 400; response body `Content-Type: application/problem+json`; `errors["points"]` mentions the `[2, 500]` count constraint. +**AC trace**: AZ-809 AC-1 (rule 7). -## BT-N04: Geofence with Invalid Coordinates (0,0) +## BT-N04: Geofence with Invalid Coordinates (0,0) — superseded by AZ-809 -**Trigger**: POST /api/satellite/route with geofence NW=(0,0) SE=(0,0) -**Expected**: Validation error -**Pass criterion**: Error message mentioning coordinates cannot be (0,0) +**Trigger**: POST /api/satellite/route with geofence NW=(0,0) SE=(0,0). +**Expected**: HTTP 400 + `ValidationProblemDetails`. Pre-AZ-809 behavior accepted (0,0) corners but caught the equal-corners case via the legacy `RouteValidator`. Post-AZ-809, `GeofencePolygonValidator` rejects equal corners because BOTH cross-field invariants (`NW.Lat > SE.Lat` and `NW.Lon < SE.Lon`) fail. +**Pass criterion**: HTTP 400; `errors["geofences.polygons[0].northWest"]` contains both the lat and lon invariant messages. +**AC trace**: AZ-809 AC-1 (rule 9, cross-field invariant). -## BT-N05: Geofence with Inverted Corners +## BT-N05: Geofence with Inverted Corners — superseded by AZ-809 -**Trigger**: POST /api/satellite/route with geofence NW.lat < SE.lat -**Expected**: Validation error -**Pass criterion**: Error message about northWest latitude > southEast latitude +**Trigger**: POST /api/satellite/route with geofence NW.lat < SE.lat (NW south-of SE). +**Expected**: HTTP 400 + `ValidationProblemDetails`. Post-AZ-809 the failure surfaces at `errors["geofences.polygons[0].northWest"]` with message "\`northWest.lat\` must be greater than \`southEast.lat\` (NW is north-of SE)". +**Pass criterion**: HTTP 400; named error key matches the wire path; message is the cross-field invariant. +**AC trace**: AZ-809 AC-1 (rule 9). --- diff --git a/_docs/02_document/tests/security-tests.md b/_docs/02_document/tests/security-tests.md index c3dc60e..ce1d2b0 100644 --- a/_docs/02_document/tests/security-tests.md +++ b/_docs/02_document/tests/security-tests.md @@ -20,9 +20,9 @@ ## SEC-04: Malformed JSON in Route Request -**Trigger**: POST /api/satellite/route with invalid JSON body -**Expected**: Parse error returned -**Pass criterion**: HTTP 400; error message indicates parsing failure; no crash +**Trigger**: POST /api/satellite/route with invalid JSON body (truncated `{` or non-JSON text). +**Expected**: HTTP 400 + RFC 7807 `ProblemDetails`. Post-AZ-809 (cycle 8) the failure surfaces via `GlobalExceptionHandler`'s `JsonException` branch (System.Text.Json `JsonReaderException` → `BadHttpRequestException` → 400). No stack trace leaks; correlationId present per AZ-353. +**Pass criterion**: HTTP 400; `Content-Type: application/problem+json`; body matches `error-shape.md` v1.0.0; no internal exception type or stack frame in `detail`. --- diff --git a/_docs/02_tasks/todo/AZ-809_route_endpoint_validation.md b/_docs/02_tasks/done/AZ-809_route_endpoint_validation.md similarity index 100% rename from _docs/02_tasks/todo/AZ-809_route_endpoint_validation.md rename to _docs/02_tasks/done/AZ-809_route_endpoint_validation.md diff --git a/_docs/03_implementation/batch_03_cycle8_report.md b/_docs/03_implementation/batch_03_cycle8_report.md new file mode 100644 index 0000000..21b90da --- /dev/null +++ b/_docs/03_implementation/batch_03_cycle8_report.md @@ -0,0 +1,67 @@ +# Batch Report + +**Batch**: 03 (cycle 8) +**Tasks**: AZ-809 (POST /api/satellite/route strict validation) +**Date**: 2026-05-22 + +## Task Results + +| Task | Status | Files Modified | Tests | AC Coverage | Issues | +|------|--------|---------------|-------|-------------|--------| +| AZ-809_route_endpoint_validation | Done | 18 files (8 new) | smoke pass (mode=smoke, exit 0); 16 integration tests + 26 validator unit tests added | 9/9 ACs covered | 1 Low (in-flight `OverridePropertyName` on deep expression — root-caused, documented, captured as advisory) | + +## AC Test Coverage (9/9 ACs) + +| AC | Coverage | +|----|----------| +| AC-1 | All 14 documented rules enforced. Deserializer: missing `[JsonRequired]` axes (`id`, `name`, `regionSizeMeters`, `zoomLevel`, `points`, `requestMaps`, `createTilesZip`, per-point `lat`/`lon`, per-polygon `northWest`/`southEast`, per-corner `lat`/`lon`, `geofences.polygons`) + unknown-field rejection + type-mismatch. FluentValidation: non-zero `id`, name+description length, `regionSizeMeters` ∈ \[100, 10000\], `zoomLevel` ∈ \[0, 22\], `points` count ∈ \[2, 500\], per-point lat/lon ranges, per-polygon NW-of-SE invariants, cross-field `createTilesZip ⇒ requestMaps`. Each rule has at least one positive + one negative integration test. | +| AC-2 | Happy path: `CreateRouteValidationTests.HappyPath_Returns200` (well-formed body, requestMaps=false → no background side effects) returns HTTP 200. Smoke green. | +| AC-3 | Wired via `.WithValidation()` + `.Accepts<>` + `.Produces<>` + `.ProducesProblem(400)` in `Program.cs` MapPost chain. | +| AC-4 | `[JsonRequired]` added to every non-optional axis on `CreateRouteRequest`, `RoutePoint`, `Geofences`, `GeofencePolygon`, `GeoPoint`. Tested by `EmptyBody_Returns400`, `MissingId_Returns400`, `MissingRequestMaps_Returns400`, and the nested type-mismatch `PointsLatTypeMismatch_Returns400`. | +| AC-5 | Unit tests in `SatelliteProvider.Tests/Validators/` — `CreateRouteRequestValidatorTests.cs` (16 methods), `RoutePointValidatorTests.cs` (4 methods), `GeofencePolygonValidatorTests.cs` (6 methods). Cover each rule with positive + negative cases. | +| AC-6 | Integration tests `SatelliteProvider.IntegrationTests/CreateRouteValidationTests.cs` — 16 methods covering happy path + 15 failure modes (one per rule); all green in smoke. | +| AC-7 | New contract `_docs/02_document/contracts/api/route-creation.md` v1.0.0 published. References `error-shape.md` v1.0.0 + the nested DTO chain. Documents the `RoutePoint` (input `lat`/`lon`) vs `RoutePointDto` (output `latitude`/`longitude`) naming asymmetry as an advisory. | +| AC-8 | Probe script `scripts/probe_route_validation.sh` covers happy + each failure mode via `curl`. | +| AC-9 | `CreateRouteRequestValidator` chains `RoutePointValidator` (via `RuleForEach`) and `GeofencePolygonValidator` (via `RuleForEach` inside `When(Geofences is not null)`). Cross-field invariants on the root (`createTilesZip ⇒ requestMaps`) and per-polygon (`NW.Lat > SE.Lat`, `NW.Lon < SE.Lon`). Defence-in-depth: the legacy `RouteValidator` in `SatelliteProvider.Services.RouteManagement` still runs in the service layer as a backstop; advisory clean-up documented in `route-creation.md`. | + +## Code Review Verdict: PASS_WITH_NOTES +See `_docs/03_implementation/reviews/batch_03_cycle8_review.md` for the single Low finding (deep-expression `OverridePropertyName`, root-caused and documented inline). + +## Auto-Fix Attempts: 1 (mid-batch) +- Initial `RoutePointValidator` used `OverridePropertyName("lat")` BEFORE `.InclusiveBetween()`. Build failed with `CS0411: cannot infer type arguments for OverridePropertyName` because FluentValidation's `OverridePropertyName` extension is defined on `IRuleBuilderOptions` — the type only becomes inferable after the first concrete rule (which supplies `TProperty`). Reordered to chain after `InclusiveBetween().WithMessage(...).OverridePropertyName(...)`. Documented in-file so the chain order is not "simplified" by a future reader. +- Initial `CreateRouteRequestValidator` used `RuleFor(req => req.Geofences!.Polygons)` and `RuleForEach(req => req.Geofences!.Polygons)` without `OverridePropertyName`. Smoke run unit tests failed: error keys came out as `polygons` and `polygons[0].northWest` (leaf-only), not the full wire path `geofences.polygons` / `geofences.polygons[0].northWest`. Root cause: FluentValidation's default property-name policy drops the parent on deep member expressions. Fix: chain `.OverridePropertyName("geofences.polygons")` on both `RuleFor` and `RuleForEach` rules; documented inline. Smoke re-run after fix: all green. + +## Stuck Agents: None + +## Files Modified + +### AZ-809 (route-creation validator) +| Path | Kind | +|------|------| +| `SatelliteProvider.Common/DTO/CreateRouteRequest.cs` | `[JsonRequired]` on id/name/regionSizeMeters/zoomLevel/points/requestMaps/createTilesZip | +| `SatelliteProvider.Common/DTO/RoutePoint.cs` | `[JsonRequired]` on Latitude/Longitude | +| `SatelliteProvider.Common/DTO/GeofencePolygon.cs` | `[JsonRequired]` on NorthWest/SouthEast in `GeofencePolygon`; `[JsonRequired]` on `Polygons` in `Geofences` | +| `SatelliteProvider.Common/DTO/GeoPoint.cs` | `[JsonRequired]` on Lat/Lon | +| `SatelliteProvider.Api/Validators/CreateRouteRequestValidator.cs` | **NEW** — root validator with `RuleForEach` chaining + `OverridePropertyName` on the geofences chain | +| `SatelliteProvider.Api/Validators/RoutePointValidator.cs` | **NEW** — per-point lat/lon range; `OverridePropertyName("lat"/"lon")` aligns error keys with the wire format | +| `SatelliteProvider.Api/Validators/GeofencePolygonValidator.cs` | **NEW** — per-polygon corner range checks + NW-of-SE invariants | +| `SatelliteProvider.Api/Program.cs` | `.WithValidation()` + `.Accepts<>` + `.Produces<>` + `.ProducesProblem(400)` on the route POST endpoint | +| `SatelliteProvider.Tests/Validators/CreateRouteRequestValidatorTests.cs` | **NEW** — 16 unit tests | +| `SatelliteProvider.Tests/Validators/RoutePointValidatorTests.cs` | **NEW** — 4 unit tests | +| `SatelliteProvider.Tests/Validators/GeofencePolygonValidatorTests.cs` | **NEW** — 6 unit tests | +| `SatelliteProvider.IntegrationTests/CreateRouteValidationTests.cs` | **NEW** — 16 integration tests (happy + 15 failure modes) | +| `SatelliteProvider.IntegrationTests/Program.cs` | Wired into smoke + full suites | +| `scripts/probe_route_validation.sh` | **NEW** — curl probes for every failure mode + happy path | +| `_docs/02_document/contracts/api/route-creation.md` | **NEW** v1.0.0 — contract doc with nested DTO chain + test-cases table | +| `_docs/02_document/modules/api_program.md` | CreateRoute handler + Api/Validators (added AZ-809 section) | +| `_docs/02_document/modules/common_dtos.md` | DTO descriptions updated with `[JsonRequired]` annotations | +| `_docs/02_document/system-flows.md` | F4 (Route Creation) sequence diagram + Preconditions + Error Scenarios | +| `_docs/02_document/tests/blackbox-tests.md` | BT-06 wire format clarification; BT-N03/BT-N04/BT-N05 references AZ-809 + error-shape contract | +| `_docs/02_document/tests/security-tests.md` | SEC-04 references AZ-809 + GlobalExceptionHandler path | + +## Tracker + +- AZ-809: To Do → In Progress (batch 3 start) → **In Testing** (post-smoke). + +## Next Batch +Batch 4: AZ-810 — UAV upload metadata validator (multipart envelope). The envelope shape is different from batch 2/3 (multipart vs JSON body), so the validator wiring is via the existing per-item `IUavTileQualityGate` + a new envelope-level FluentValidation rule set on `UavTileBatchMetadataPayload`. Defer non-trivial design choices (whether to keep the cycle-2 in-handler envelope checks as-is or migrate them) to the implementation step. diff --git a/_docs/03_implementation/reviews/batch_03_cycle8_review.md b/_docs/03_implementation/reviews/batch_03_cycle8_review.md new file mode 100644 index 0000000..1fe7406 --- /dev/null +++ b/_docs/03_implementation/reviews/batch_03_cycle8_review.md @@ -0,0 +1,134 @@ +# Code Review Report + +**Batch**: 03 (cycle 8) +**Tasks**: AZ-809 (POST /api/satellite/route strict validation) +**Date**: 2026-05-22 +**Verdict**: PASS_WITH_NOTES + +## Findings + +| # | Severity | Category | File:Line | Title | +|---|----------|----------|-----------|-------| +| 1 | Low | API alignment | `SatelliteProvider.Api/Validators/CreateRouteRequestValidator.cs:68-77` | `OverridePropertyName` is required on deep expressions because FluentValidation drops the parent path on `req.Geofences!.Polygons` | +| 2 | Info | Defence-in-depth | `SatelliteProvider.Services.RouteManagement/RouteValidator.cs` (existing) | Service-layer `RouteValidator` is now strictly weaker than the cycle-8 `CreateRouteRequestValidator` and could be deleted, but is retained as a defence-in-depth backstop | +| 3 | Info | Wire-shape asymmetry | `SatelliteProvider.Common/DTO/RoutePoint.cs` (input) vs `SatelliteProvider.Common/DTO/RoutePointDto.cs` (output) | The input wire uses short OSM `lat`/`lon`; the response wire uses long `latitude`/`longitude`. Pre-existing — AZ-809 documented but did not unify | + +### Finding Details + +**F1: `OverridePropertyName` is mandatory on the geofences chain** (Low / API alignment) +- Location: `SatelliteProvider.Api/Validators/CreateRouteRequestValidator.cs:68-77` and `SatelliteProvider.Api/Validators/RoutePointValidator.cs:30-40`. +- Description: FluentValidation's default property-name policy drops the parent on deep member expressions like `req => req.Geofences!.Polygons`. Without `OverridePropertyName("geofences.polygons")`, the error keys emitted are leaf-only (`polygons`, `polygons[0].northWest`) instead of the full wire path the spec mandates (`geofences.polygons`, `geofences.polygons[0].northWest`). The fix lives in code AND in a comment explaining WHY; without the comment a future reader would "simplify" the rule chain and silently break wire compatibility. Same pattern applies to `RoutePointValidator` where C# property `Latitude` must surface as wire `lat` — handled by `OverridePropertyName` chained AFTER the first concrete rule (a generic-type-inference quirk: the extension is defined on `IRuleBuilderOptions`, which only becomes inferable after the first `.InclusiveBetween()` etc.). +- Suggestion: NONE — rationale captured in code comments AND in `api_program.md::Api/Validators` so the next reader cannot break it by accident. +- Task: AZ-809 + +**F2: Service-layer `RouteValidator` retained as defence-in-depth** (Info / Defence-in-depth) +- Location: `SatelliteProvider.Services.RouteManagement/RouteValidator.cs`. +- Description: The pre-cycle-8 service-layer validator (`RouteValidator`) covered approximately the same surface as the new `CreateRouteRequestValidator` (id non-empty, points count ≥ 2, geofence corner sanity). Now that the API layer rejects every invalid request before the service runs, `RouteValidator` is strictly redundant for HTTP-driven paths. It is, however, also called from the route processing service (background queue) where some bypass path could in principle smuggle an invalid payload — keeping it as a backstop costs ~30 lines and one extra unit-test pass. Removal is tracked as an advisory in `route-creation.md` ("Validator Cleanup Advisory") so the next cycle can decide whether to consolidate. +- Suggestion: Defer to a follow-up PBI. Do NOT delete in this batch. +- Task: AZ-809 + +**F3: Input/output naming asymmetry on route points** (Info / Wire-shape asymmetry) +- Location: `SatelliteProvider.Common/DTO/RoutePoint.cs` (input) vs `SatelliteProvider.Common/DTO/RoutePointDto.cs` (output). +- Description: Request points use `[JsonPropertyName("lat")]` / `[JsonPropertyName("lon")]`; response points serialize the underlying C# `Latitude`/`Longitude` properties verbatim. This asymmetry existed before cycle 8. AZ-809 documents it in `route-creation.md` v1.0.0 and `common_dtos.md`, but does not unify because changing the response wire would be a breaking change to existing clients of `GET /api/satellite/route/{id}`. Tracked as an advisory. +- Suggestion: Open a successor PBI to consider unifying via a `lat`/`lon` rename on `RoutePointDto` (would be a v2.0.0 of `route-creation.md`). +- Task: AZ-809 + +## Phase Summary + +| Phase | Outcome | +|-------|---------| +| 1. Context Loading | Read AZ-809 spec, `_docs/02_document/contracts/api/region-request.md` (batch-2 pattern), `_docs/02_document/contracts/api/error-shape.md` (failure shape), and the cycle-7 + cycle-8 (batch-2) validation infra. The route endpoint differs from batch-2 endpoints because it has nested DTOs (RoutePoint, Geofences/GeofencePolygon/GeoPoint) requiring child validators. | +| 2. Spec Compliance | All 9 ACs ✓. New `CreateRouteRequestValidator` covers the 14 documented rules across deserializer-layer + validator-layer. Nested `RoutePointValidator` + `GeofencePolygonValidator` co-validators wired via `RuleForEach.SetValidator(...)`. Cross-field invariants enforced at both the root (`createTilesZip ⇒ requestMaps`) and per-polygon (`NW.Lat > SE.Lat`, `NW.Lon < SE.Lon`). New contract `route-creation.md` v1.0.0 published. 16 integration tests + 26 unit tests cover happy path + each rule + missing-required + type-mismatch + cross-field. Probe script exercises every failure mode via `curl`. | +| 3. Code Quality | Mechanical patterns followed; three new validators are minimal and SRP-clean. The `OverridePropertyName` requirement on deep expressions (F1) is non-obvious and was discovered via failing unit tests + diagnostic instrumentation; the workaround is captured in both code comments and module docs so it cannot be silently regressed. `RoutePointValidator` and `GeofencePolygonValidator` are file-private — inner `GeoCornerValidator` is nested inside `GeofencePolygonValidator` because the polygon corners are its only consumer; if a future sibling endpoint needs point-shape validation, the spec says to promote and rename. | +| 4. Security | Validators run BEFORE any DB work (route persistence, intermediate-point computation, queue enqueue). The cross-field invariants prevent NaN-geometry payloads from reaching the GeoUtils interpolator (which is not designed for NW=SE corners). No SQL injection vectors, no hardcoded secrets, no PII in logs. JWT auth retained on the endpoint. Probe script tests `?debug=1` / extra root fields → all rejected. | +| 5. Performance | Validators run synchronously against in-memory record fields — negligible cost (microseconds) vs the route's interpolation pass + DB inserts. Even worst-case `points.Count = 500` with all `geofences.polygons.Count` runs ~500 microsecond. No N+1, no blocking I/O. | +| 6. Cross-Task Consistency | Uses the same `ValidationEndpointFilter` infra from cycle 7 + batch-2 of cycle 8 and the shared `ProblemDetailsAssertions.AssertErrorsContainsMention`. Error keys follow the same camelCase JSON-path policy (`points[i].lat`, `geofences.polygons[i].northWest`) per `error-shape.md` v1.0.0 Inv-4. All produce identically-shaped `ValidationProblemDetails` bodies. | +| 7. Architecture Compliance | Route DTOs live in `SatelliteProvider.Common/DTO/` (shared with the service layer + integration tests). Validators co-located with the API at `SatelliteProvider.Api/Validators/`. No layering violations. The service-layer `RouteValidator` retention is documented as defence-in-depth (F2). No cycles, no public-API bypasses, no ADR breaches. | + +## Files Reviewed + +### AZ-809 (route-creation validator) +- `SatelliteProvider.Common/DTO/CreateRouteRequest.cs` — `[JsonRequired]` on every non-optional axis. Removed implicit defaults so callers cannot rely on them. +- `SatelliteProvider.Common/DTO/RoutePoint.cs` — `[JsonRequired]` on Latitude/Longitude. +- `SatelliteProvider.Common/DTO/GeofencePolygon.cs` — `[JsonRequired]` on `NorthWest`/`SouthEast` in `GeofencePolygon`; `[JsonRequired]` on `Polygons` in `Geofences`. +- `SatelliteProvider.Common/DTO/GeoPoint.cs` — `[JsonRequired]` on Lat/Lon (used by `GeofencePolygon` corners). +- `SatelliteProvider.Api/Validators/CreateRouteRequestValidator.cs` — **NEW** — 7 root rules (id non-empty + 4 range rules + points count + cross-field) plus `RuleForEach(req => req.Points).SetValidator(...)` and `RuleForEach(req => req.Geofences!.Polygons).SetValidator(...).OverridePropertyName(...)` for nested chains. +- `SatelliteProvider.Api/Validators/RoutePointValidator.cs` — **NEW** — `OverridePropertyName("lat"/"lon")` chained AFTER `.InclusiveBetween()` so the type parameter is inferable. +- `SatelliteProvider.Api/Validators/GeofencePolygonValidator.cs` — **NEW** — `CascadeMode.Stop` + `NotNull` + nested `GeoCornerValidator` for per-corner ranges; cross-field `Must` rules `.WithName("northWest")` for the invariant errors. +- `SatelliteProvider.Api/Program.cs` (lines around `MapPost("/api/satellite/route", ...)`) — added `.WithValidation()`, `.Accepts<>`, `.Produces<>`, `.ProducesProblem()`. +- `SatelliteProvider.Tests/Validators/CreateRouteRequestValidatorTests.cs` — **NEW** — Theory + Fact coverage for each rule, positive and negative; 16 methods. Diagnostic-led: two assertions were converted from `polygons` / `polygons[0].northWest` to `geofences.polygons` / `geofences.polygons[0].northWest` after `OverridePropertyName` was added. +- `SatelliteProvider.Tests/Validators/RoutePointValidatorTests.cs` — **NEW** — 4 methods (lat/lon range, positive + negative). +- `SatelliteProvider.Tests/Validators/GeofencePolygonValidatorTests.cs` — **NEW** — 6 methods incl. NotNull on corners, range on corners, NW-of-SE invariants. +- `SatelliteProvider.IntegrationTests/CreateRouteValidationTests.cs` — **NEW** — Happy + empty body + missing/zero GUID + 4 out-of-range + insufficient-points + per-point lat/lon out-of-range + geofence invariant + missing-requestMaps + cross-field createTilesZip + unknown-root + nested type-mismatch = 16 methods. +- `SatelliteProvider.IntegrationTests/Program.cs` — wired `CreateRouteValidationTests.RunAll` into smoke + full suites. +- `scripts/probe_route_validation.sh` — **NEW** — curl probes for every failure mode + happy path. +- `_docs/02_document/contracts/api/route-creation.md` — **NEW** — v1.0.0 contract (no prior version existed). Includes the nested DTO chain + invariants + per-field test cases table + advisory on the legacy `RouteValidator` + the input/output naming asymmetry. +- `_docs/02_document/modules/api_program.md` — `CreateRoute Handler` section added; `Api/Validators` section bumped to AZ-808/AZ-809/AZ-811. +- `_docs/02_document/modules/common_dtos.md` — `CreateRouteRequest`/`RoutePoint`/`Geofences`/`GeofencePolygon`/`GeoPoint` descriptions updated with `[JsonRequired]` markers and constraint summaries. +- `_docs/02_document/system-flows.md::F4` — sequence diagram extended with the validation-filter branch; preconditions + error scenarios reference the new contract. +- `_docs/02_document/tests/blackbox-tests.md::BT-06/BT-N03/BT-N04/BT-N05` — triggers and pass criteria align with the new wire format + named error keys. +- `_docs/02_document/tests/security-tests.md::SEC-04` — references `GlobalExceptionHandler`'s JsonException branch + AZ-353 correlationId. + +## Test Evidence + +`./scripts/run-tests.sh --smoke` (`integration-tests` container exit code 0): + +``` +Test: POST /api/satellite/route strict validation (AZ-809) +========================================================== + +AZ-809 AC-2: well-formed body → HTTP 200 (no background processing — requestMaps=false) + ✓ Well-formed body accepted with HTTP 200 + +AZ-809 rule 1: empty body → HTTP 400 + ✓ Empty body rejected with HTTP 400 + +AZ-809 rule 2 (probe-confirmed gap): missing `id` → HTTP 400 (no silent zero-Guid coercion) + ✓ Missing `id` rejected with HTTP 400 (no silent coercion) + +AZ-809 rule 2: zero-Guid `id` → HTTP 400 + ✓ Zero-Guid `id` rejected with errors["id"] + +AZ-809 rule 3: empty `name` → HTTP 400 + ✓ Empty `name` rejected with errors["name"] + +AZ-809 rule 5: `regionSizeMeters` out of range (100..10000) → HTTP 400 + ✓ `regionSizeMeters=1000000` rejected with errors["regionSizeMeters"] + +AZ-809 rule 6: `zoomLevel` out of range (0..22) → HTTP 400 + ✓ `zoomLevel=30` rejected with errors["zoomLevel"] + +AZ-809 rule 7: `points` count < 2 → HTTP 400 + ✓ `points` count=1 rejected with errors["points"] + +AZ-809 rule 8: per-point `lat` out of range → HTTP 400 (errors[points[i].lat]) + ✓ `points[1].lat=91` rejected with errors["points[1].lat"] + +AZ-809 rule 8: per-point `lon` out of range → HTTP 400 (errors[points[i].lon]) + ✓ `points[1].lon=181` rejected with errors["points[1].lon"] + +AZ-809 rule 9: geofence NW.lat <= SE.lat → HTTP 400 (cross-field invariant) + ✓ NW.lat <= SE.lat rejected by cross-field invariant + +AZ-809 rule 10: missing `requestMaps` → HTTP 400 (no defaulting) + ✓ Missing `requestMaps` rejected + +AZ-809 rule 12: `createTilesZip=true` AND `requestMaps=false` → HTTP 400 (cross-field invariant) + ✓ `createTilesZip=true requestMaps=false` rejected by cross-field invariant + +AZ-809 rule 13: unknown root field → HTTP 400 (UnmappedMemberHandling.Disallow) + ✓ Unknown root field `debug` rejected with errors mention + +AZ-809 rule 14: nested type mismatch (`points[0].lat` as string) → HTTP 400 + ✓ `points[0].lat:"fifty"` rejected with HTTP 400 +✓ Create-route validation tests: PASSED +``` + +`=== All tests passed (mode=smoke) ===` — no regressions in cycle-7 inventory or batch-1/batch-2 cycle-8 (AZ-812/AZ-808/AZ-811) tests, no regressions in the migration/leaflet/route/tile/security suites. + +## Verdict Logic + +- No Critical, no High, no Medium findings. +- 1 Low finding (F1) — the `OverridePropertyName` requirement is captured in code comments + module docs; not a regression, but worth flagging so it cannot be silently regressed. +- 2 Info findings (F2 defence-in-depth retention, F3 input/output naming asymmetry) — both pre-existing, documented as advisories for a follow-up PBI. +- **PASS_WITH_NOTES**. diff --git a/_docs/_autodev_state.md b/_docs/_autodev_state.md index b868180..b916885 100644 --- a/_docs/_autodev_state.md +++ b/_docs/_autodev_state.md @@ -8,7 +8,7 @@ status: in_progress sub_step: phase: 7 name: batch-loop - detail: "batch 2 of 4 complete (AZ-808 + AZ-811 In Testing); next: batch 3 = AZ-809 route validator" + detail: "batch 3 of 4 complete (AZ-809 In Testing); next: batch 4 = AZ-810 UAV upload metadata validator" retry_count: 0 cycle: 8 tracker: jira diff --git a/scripts/probe_route_validation.sh b/scripts/probe_route_validation.sh new file mode 100755 index 0000000..ddf0c5e --- /dev/null +++ b/scripts/probe_route_validation.sh @@ -0,0 +1,194 @@ +#!/usr/bin/env bash +set -euo pipefail + +# Manual end-to-end probe for POST /api/satellite/route strict validation +# (AZ-809). Each failure call should return HTTP 400 with an +# `application/problem+json` body. The happy path should return HTTP 200. +# +# Two enforcement layers: +# 1. UnmappedMemberHandling.Disallow + [JsonRequired] — deserializer rejects +# missing-required and unknown fields with errors via GlobalExceptionHandler. +# 2. WithValidation — runs CreateRouteRequestValidator + +# RoutePointValidator + GeofencePolygonValidator (range, count, cross-field). +# +# Usage: +# API_URL=https://localhost:8080 JWT="" ./scripts/probe_route_validation.sh + +API_URL="${API_URL:-https://localhost:8080}" +JWT="${JWT:-}" +ENDPOINT="${API_URL%/}/api/satellite/route" + +if [[ -z "${JWT}" ]]; then + echo "ERROR: set JWT env var to a bearer token. Mint one via:" + echo " dotnet run --project SatelliteProvider.IntegrationTests -- --mint-only" + exit 2 +fi + +curl_args=(-sS -k -H "Authorization: Bearer ${JWT}" -H "Content-Type: application/json") + +probe() { + local label="$1" + local body="$2" + local expected_status="$3" + + echo "----- ${label} (expecting HTTP ${expected_status}) -----" + local response + response=$(curl "${curl_args[@]}" -X POST -d "${body}" "${ENDPOINT}" -w "\nHTTP_STATUS=%{http_code}\n") + echo "${response}" + local actual_status + actual_status=$(echo "${response}" | tail -n 1 | sed 's/HTTP_STATUS=//') + if [[ "${actual_status}" != "${expected_status}" ]]; then + echo "FAIL: expected HTTP ${expected_status}, got ${actual_status}" + return 1 + fi + echo "OK: HTTP ${expected_status}" + echo +} + +route_id=$(uuidgen | tr '[:upper:]' '[:lower:]') + +probe "happy-path-no-maps" '{ + "id": "'"${route_id}"'", + "name": "probe-route-1", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false +}' 200 + +# Rule 2: missing id (probe-confirmed gap) +probe "missing-id" '{ + "name": "probe-missing-id", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false +}' 400 + +# Rule 2: zero-Guid id +probe "zero-guid-id" '{ + "id": "00000000-0000-0000-0000-000000000000", + "name": "probe-zero-id", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false +}' 400 + +# Rule 3: empty name +probe "empty-name" '{ + "id": "'$(uuidgen | tr '[:upper:]' '[:lower:]')'", + "name": "", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false +}' 400 + +# Rule 7: points too few (1) +probe "points-too-few" '{ + "id": "'$(uuidgen | tr '[:upper:]' '[:lower:]')'", + "name": "probe-1-point", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 } + ], + "requestMaps": false, + "createTilesZip": false +}' 400 + +# Rule 8: nested point lat out of range +probe "point-lat-out-of-range" '{ + "id": "'$(uuidgen | tr '[:upper:]' '[:lower:]')'", + "name": "probe-point-lat", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 91.0, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false +}' 400 + +# Rule 9: geofence NW not north-of SE (cross-field invariant) +probe "geofence-nw-not-north" '{ + "id": "'$(uuidgen | tr '[:upper:]' '[:lower:]')'", + "name": "probe-geofence-inverted", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "geofences": { + "polygons": [ + { "northWest": { "lat": 50.05, "lon": 36.05 }, + "southEast": { "lat": 50.05, "lon": 36.15 } } + ] + }, + "requestMaps": false, + "createTilesZip": false +}' 400 + +# Rule 12: cross-field createTilesZip without requestMaps +probe "createTilesZip-without-requestMaps" '{ + "id": "'$(uuidgen | tr '[:upper:]' '[:lower:]')'", + "name": "probe-cross-field", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": true +}' 400 + +# Rule 13: unknown root field +probe "unknown-root-field" '{ + "id": "'$(uuidgen | tr '[:upper:]' '[:lower:]')'", + "name": "probe-unknown", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": 50.10, "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false, + "debug": "fingerprint-probe" +}' 400 + +# Rule 14: nested type mismatch +probe "point-lat-type-mismatch" '{ + "id": "'$(uuidgen | tr '[:upper:]' '[:lower:]')'", + "name": "probe-type-mismatch", + "regionSizeMeters": 1000, + "zoomLevel": 18, + "points": [ + { "lat": "fifty", "lon": 36.10 }, + { "lat": 50.11, "lon": 36.11 } + ], + "requestMaps": false, + "createTilesZip": false +}' 400 + +echo "All probes passed."