azaion/satellite-provider
1
0
Fork 0
mirror of https://github.com/azaion/satellite-provider.git synced 2026-06-21 10:31:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

[AZ-809] Strict validation for POST /api/satellite/route

Browse Source 
Third concrete child of AZ-795 (cycle 8 batch 3). FluentValidation +
[JsonRequired] + UnmappedMemberHandling.Disallow combine to reject every
malformed payload at the API boundary with RFC 7807 ValidationProblemDetails.

Validators (SatelliteProvider.Api/Validators/, all new)
- CreateRouteRequestValidator: id non-empty, name/description length,
  regionSizeMeters/zoomLevel ranges, points count [2, 500], cross-field
  createTilesZip => requestMaps. Chains RoutePointValidator (per-point)
  and GeofencePolygonValidator (per-polygon, guarded by When(Geofences != null)).
  OverridePropertyName("geofences.polygons") on the geofences chain so
  FluentValidation's default leaf-only key policy doesn't drop the parent
  path on deep expressions like req.Geofences!.Polygons.
- RoutePointValidator: lat/lon ranges; OverridePropertyName("lat"/"lon")
  chained AFTER InclusiveBetween (the extension is defined on
  IRuleBuilderOptions<T, TProperty>, so the generic type is only
  inferable after the first concrete rule) so error keys match the
  wire format (`points[i].lat`) rather than the C# property name
  (`points[i].latitude`).
- GeofencePolygonValidator: per-corner range checks via private nested
  GeoCornerValidator; cross-field NW.Lat > SE.Lat and NW.Lon < SE.Lon
  invariants emit at errors["geofences.polygons[i].northWest"].

DTOs (SatelliteProvider.Common/DTO/, [JsonRequired] additions only)
- CreateRouteRequest: id, name, regionSizeMeters, zoomLevel, points,
  requestMaps, createTilesZip
- RoutePoint: Latitude, Longitude
- GeofencePolygon: NorthWest, SouthEast; Geofences: Polygons
- GeoPoint: Lat, Lon

Tests
- Unit: 26 methods total — 16 in CreateRouteRequestValidatorTests, 6 in
  GeofencePolygonValidatorTests, 4 in RoutePointValidatorTests. Each
  RuleFor/RuleForEach chain has at least one positive + one negative case.
- Integration: CreateRouteValidationTests.cs — 16 methods (happy + 15
  failure modes) wired into smoke + full suites. Covers empty body,
  missing/zero id, empty name, out-of-range regionSizeMeters/zoomLevel,
  points count < 2, per-point lat/lon out-of-range, geofence invariants,
  missing requestMaps, cross-field createTilesZip, unknown root field,
  nested type mismatch.
- Manual probe: scripts/probe_route_validation.sh curl-exercises every
  failure mode end-to-end + happy path.

Docs
- New contract _docs/02_document/contracts/api/route-creation.md v1.0.0
  with nested DTO chain, invariants, per-field test cases table, and
  advisories on the legacy service-layer RouteValidator + the
  input/output RoutePoint vs RoutePointDto naming asymmetry.
- system-flows.md F4 sequence diagram extended with the validation-filter
  branch; preconditions + error scenarios reference the new contract.
- modules/api_program.md: CreateRoute handler section added; Api/Validators
  bumped to AZ-808/AZ-809/AZ-811.
- modules/common_dtos.md: DTO descriptions updated with [JsonRequired]
  annotations and constraint summaries.
- tests/blackbox-tests.md BT-06/BT-N03/BT-N04/BT-N05 align with the new
  wire format and named error keys.
- tests/security-tests.md SEC-04 references GlobalExceptionHandler's
  JsonException branch + AZ-353 correlationId.
- _docs/03_implementation/batch_03_cycle8_report.md + reviews/batch_03_cycle8_review.md
  (PASS_WITH_NOTES — F1 Low: OverridePropertyName documented inline,
  F2 + F3 Info: pre-existing advisories for follow-up).

Smoke green (mode=smoke, exit 0). AZ-809 transitioned to In Testing on Jira.
Task file moved to _docs/02_tasks/done/.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Oleksandr Bezdieniezhnykh
2026-05-22 17:49:48 +03:00
parent 34ee1e0b83
commit 5e056b2334
24 changed files with 1929 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SatelliteProvider.Api/Validators/CreateRouteRequestValidator.cs
+90
View File
@@ -0,0 +1,90 @@
using FluentValidation;
using SatelliteProvider.Common.DTO;
namespace SatelliteProvider.Api.Validators;
// AZ-809: FluentValidation rules for POST /api/satellite/route. Wired
// through ValidationEndpointFilter<CreateRouteRequest> at endpoint
// registration time (.WithValidation<CreateRouteRequest>() in Program.cs).
// Failures are converted to RFC 7807 ValidationProblemDetails per
// _docs/02_document/contracts/api/error-shape.md v1.0.0.
//
// Required-field detection is handled at the deserializer level via
// [JsonRequired] on CreateRouteRequest, RoutePoint, GeofencePolygon, and
// GeoPoint, plus JsonSerializerOptions.UnmappedMemberHandling.Disallow
// (AZ-795 global). This validator covers post-deserialization business
// rules: non-zero id, name + description length, range checks on size /
// zoom / points-count, per-point lat/lon ranges (via RoutePointValidator),
// per-polygon corner ranges + NW-of-SE invariant (via GeofencePolygonValidator),
// and the cross-field createTilesZip-implies-requestMaps rule.
public sealed class CreateRouteRequestValidator : AbstractValidator<CreateRouteRequest>
{
private const double MinRegionSizeMeters = 100.0;
private const double MaxRegionSizeMeters = 10000.0;
private const int MinZoom = 0;
private const int MaxZoom = 22;
private const int MinPoints = 2;
private const int MaxPoints = 500;
private const int MaxNameLength = 200;
private const int MaxDescriptionLength = 1000;
public CreateRouteRequestValidator()
{
RuleFor(req => req.Id)
.NotEmpty()
.WithMessage("`id` must be a non-zero GUID (the caller's idempotency key).");
RuleFor(req => req.Name)
.NotEmpty()
.WithMessage("`name` is required and must not be empty or whitespace.")
.MaximumLength(MaxNameLength)
.WithMessage($"`name` must be at most {MaxNameLength} characters.");
RuleFor(req => req.Description)
.MaximumLength(MaxDescriptionLength)
.When(req => req.Description is not null)
.WithMessage($"`description` must be at most {MaxDescriptionLength} characters.");
RuleFor(req => req.RegionSizeMeters)
.InclusiveBetween(MinRegionSizeMeters, MaxRegionSizeMeters)
.WithMessage($"`regionSizeMeters` must be between {MinRegionSizeMeters} and {MaxRegionSizeMeters} meters.");
RuleFor(req => req.ZoomLevel)
.InclusiveBetween(MinZoom, MaxZoom)
.WithMessage($"`zoomLevel` must be between {MinZoom} and {MaxZoom} (slippy-map range).");
RuleFor(req => req.Points)
.NotNull().WithMessage("`points` is required.")
.Must(p => p is null || p.Count >= MinPoints)
.WithMessage($"`points` must contain at least {MinPoints} entries.")
.Must(p => p is null || p.Count <= MaxPoints)
.WithMessage($"`points` must contain at most {MaxPoints} entries.");
RuleForEach(req => req.Points)
.SetValidator(new RoutePointValidator());
// Geofences are optional; per-polygon rules apply only when present.
// FluentValidation's default property-name policy drops the parent
// chain on deep expressions like `req.Geofences!.Polygons` — it emits
// only the leaf `polygons`. We OverridePropertyName explicitly so the
// wire-format error keys match the JSON path callers actually post:
// `errors["geofences.polygons"]` and `errors["geofences.polygons[i].…"]`.
When(req => req.Geofences is not null, () =>
{
RuleFor(req => req.Geofences!.Polygons)
.NotNull().WithMessage("`geofences.polygons` is required when `geofences` is present.")
.NotEmpty().WithMessage("`geofences.polygons` must contain at least 1 polygon when `geofences` is present.")
.OverridePropertyName("geofences.polygons");
RuleForEach(req => req.Geofences!.Polygons)
.SetValidator(new GeofencePolygonValidator())
.OverridePropertyName("geofences.polygons");
});
// Cross-field invariant: cannot zip what wasn't downloaded.
RuleFor(req => req)
.Must(req => !(req.CreateTilesZip && !req.RequestMaps))
.WithName("createTilesZip")
.WithMessage("`createTilesZip` requires `requestMaps` to be true (can't zip what wasn't downloaded).");
}
}