test(logistique) : tests PHPUnit RG-5.01→5.10 + capture contrat JSON (ERP-187) (#137)
Auto Tag Develop / tag (push) Successful in 8s
Auto Tag Develop / tag (push) Successful in 8s
## ERP-187 (1.7) — Tests PHPUnit RG-5.01→5.10 + capture contrat JSON
Couvre les règles de gestion du M5 (tickets de pesée) par des tests PHPUnit et capture la **réponse JSON réelle** (DoD § 4.0.bis) collée dans `spec-back.md` avant les écrans front.
### Tests unitaires (Processor / Normalizer / Callback — sans BDD ni HTTP)
- **NetWeightTest** (RG-5.05) : net = plein − vide, `null` si une pesée manque, recalcul au PATCH.
- **CounterpartyValidationTest** (RG-5.03) : présence du champ requis par branche (propertyPath `client`/`supplier`/`otherLabel`) + exclusivité (null-ification hors-branche).
- **ImmatriculationNormalizationTest** (RG-5.01/5.10) : masque `XX-000-XX`, « Tout format », mapping 422 sur `immatriculation`.
### Tests fonctionnels (API réelle)
- **WeighingTicketNumberingTest** (RG-5.02/5.09) : format `{siteCode}-TP-{NNNN}`, séquence par site, isolation inter-sites, immuabilité numéro/site au PATCH.
- **WeighingTicketSerializationContractTest** (DoD § 4.0.bis) : 4 pièges verts (client embarqué, `plateFreeFormat` présent, `number` formaté, `netWeight` = full − empty) + dump JSON via `WEIGHING_TICKET_DOD_DUMP`.
- **WeighingTicketRBACMatrixTest** (§ 5.2) : admin/bureau/usine OK, compta/commerciale 403, anonyme 401.
> DSD / stub pont bascule / endpoint pesée déjà couverts (ERP-184/185).
### DoD
- `spec-back.md § 4.0.bis` : **JSON réel** (liste + détail) collé, 4 pièges marqués ✅ — feu vert front.
### Vérifications
- `make test` complet **vert** : 848 tests, 6302 assertions (0 échec ; deprecations/notices PHPUnit seuls).
- `make php-cs-fixer-allow-risky` : 0 correction.
Empilée sur ERP-186 (stack M5).
---------
Co-authored-by: Matthieu <contact@malio.fr>
Reviewed-on: #137
This commit was merged in pull request #137.
This commit is contained in:
@@ -0,0 +1,250 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Tests\Module\Logistique\Api;
|
||||
|
||||
use ApiPlatform\Symfony\Bundle\Test\Client;
|
||||
use App\Module\Commercial\Domain\Entity\Client as ClientEntity;
|
||||
use App\Module\Commercial\Domain\Entity\Supplier as SupplierEntity;
|
||||
use App\Module\Core\Domain\Entity\Role;
|
||||
use App\Module\Core\Domain\Entity\User;
|
||||
use App\Module\Sites\Domain\Entity\Site;
|
||||
use App\Tests\Module\Core\Api\AbstractApiTestCase;
|
||||
use Symfony\Contracts\HttpClient\ResponseInterface;
|
||||
|
||||
/**
|
||||
* Base des tests fonctionnels du ticket de pesee (M5). Mutualise le seeding des
|
||||
* dependances (Client cross-module, user manage/view rattache a un site courant),
|
||||
* le payload POST de reference et la purge ciblee (pas de DAMA en local).
|
||||
*
|
||||
* Cloisonnement (§ 2.3) : le POST resout le site depuis le site courant de l'user
|
||||
* (CurrentSiteProvider) ; on positionne donc toujours un site courant avant
|
||||
* d'ecrire. Les Client de test sont prefixes pour une purge sans collision.
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
abstract class AbstractWeighingTicketApiTestCase extends AbstractApiTestCase
|
||||
{
|
||||
protected const string LD = 'application/ld+json';
|
||||
protected const string MERGE = 'application/merge-patch+json';
|
||||
|
||||
/** Prefixe companyName des Client seedes par ces tests (purge ciblee). */
|
||||
protected const string TEST_CLIENT_PREFIX = 'ZTESTWTAPI';
|
||||
|
||||
/** Prefixe companyName des Supplier seedes par ces tests (purge ciblee). */
|
||||
protected const string TEST_SUPPLIER_PREFIX = 'ZTESTWTAPISUP';
|
||||
|
||||
protected function tearDown(): void
|
||||
{
|
||||
$em = $this->getEm();
|
||||
|
||||
// Tickets referencant un Client OU un Supplier de test d'abord (FK
|
||||
// client_id / supplier_id RESTRICT) : purge DBAL brute pour liberer la
|
||||
// contrepartie avant de la supprimer. Un ticket FOURNISSEUR a client_id
|
||||
// NULL -> il faut bien purger aussi par supplier_id (sinon ticket orphelin).
|
||||
$em->getConnection()->executeStatement(
|
||||
'DELETE FROM weighing_ticket WHERE client_id IN (SELECT id FROM client WHERE company_name LIKE :p)',
|
||||
['p' => self::TEST_CLIENT_PREFIX.'%'],
|
||||
);
|
||||
$em->getConnection()->executeStatement(
|
||||
'DELETE FROM weighing_ticket WHERE supplier_id IN (SELECT id FROM supplier WHERE company_name LIKE :p)',
|
||||
['p' => self::TEST_SUPPLIER_PREFIX.'%'],
|
||||
);
|
||||
$em->createQuery('DELETE FROM '.SupplierEntity::class.' s WHERE s.companyName LIKE :p')
|
||||
->setParameter('p', self::TEST_SUPPLIER_PREFIX.'%')->execute()
|
||||
;
|
||||
$em->createQuery('DELETE FROM '.ClientEntity::class.' c WHERE c.companyName LIKE :p')
|
||||
->setParameter('p', self::TEST_CLIENT_PREFIX.'%')->execute()
|
||||
;
|
||||
$em->createQuery('DELETE FROM '.User::class.' u WHERE u.username LIKE :p')
|
||||
->setParameter('p', 'testuser_%')->execute()
|
||||
;
|
||||
$em->createQuery('DELETE FROM '.Role::class.' r WHERE r.code LIKE :p')
|
||||
->setParameter('p', 'test_%')->execute()
|
||||
;
|
||||
|
||||
parent::tearDown();
|
||||
}
|
||||
|
||||
/**
|
||||
* Garde-fou ERP-101 (miroir M4) : une 422 doit porter une violation sur le
|
||||
* `propertyPath` attendu, et pas seulement le bon code HTTP.
|
||||
*/
|
||||
protected static function assertViolationOnPath(object $response, string $path): void
|
||||
{
|
||||
/** @var ResponseInterface $response */
|
||||
$paths = array_column($response->toArray(false)['violations'] ?? [], 'propertyPath');
|
||||
|
||||
self::assertContains(
|
||||
$path,
|
||||
$paths,
|
||||
sprintf('Aucune violation sur "%s" (paths: %s).', $path, implode(', ', $paths)),
|
||||
);
|
||||
}
|
||||
|
||||
protected function firstSite(): Site
|
||||
{
|
||||
$site = $this->getEm()->getRepository(Site::class)->findAll()[0] ?? null;
|
||||
self::assertInstanceOf(Site::class, $site, 'Un site fixture est requis (SitesFixtures).');
|
||||
|
||||
return $site;
|
||||
}
|
||||
|
||||
protected function siteByCode(string $code): Site
|
||||
{
|
||||
$site = $this->getEm()->getRepository(Site::class)->findOneBy(['code' => $code]);
|
||||
self::assertInstanceOf(Site::class, $site, sprintf('Le site de code "%s" doit etre seede.', $code));
|
||||
|
||||
return $site;
|
||||
}
|
||||
|
||||
/**
|
||||
* Cree un user non-admin portant view + manage, lui positionne $site comme site
|
||||
* courant (cloisonnement + numerotation) et renvoie un client authentifie.
|
||||
*/
|
||||
protected function authManageOnSite(Site $site): Client
|
||||
{
|
||||
$creds = $this->createUserWithPermissions([
|
||||
'logistique.weighing_tickets.view',
|
||||
'logistique.weighing_tickets.manage',
|
||||
]);
|
||||
|
||||
$this->setCurrentSite($creds['username'], $site);
|
||||
|
||||
return $this->authenticatedClient($creds['username'], $creds['password']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Positionne le site courant d'un user (par username) — persiste en base, donc
|
||||
* survit au reboot du kernel a l'authentification.
|
||||
*/
|
||||
protected function setCurrentSite(string $username, Site $site): void
|
||||
{
|
||||
$em = $this->getEm();
|
||||
$user = $em->getRepository(User::class)->findOneBy(['username' => $username]);
|
||||
self::assertInstanceOf(User::class, $user);
|
||||
|
||||
$user->setCurrentSite($em->getReference(Site::class, $site->getId()));
|
||||
$em->flush();
|
||||
}
|
||||
|
||||
/**
|
||||
* Seede un Client minimal (companyName prefixe pour la purge). Sert de
|
||||
* contrepartie aux tickets de test.
|
||||
*/
|
||||
protected function seedTestClient(string $label): ClientEntity
|
||||
{
|
||||
$em = $this->getEm();
|
||||
$suffix = substr(bin2hex(random_bytes(3)), 0, 6);
|
||||
|
||||
$client = new ClientEntity();
|
||||
$client->setCompanyName(mb_strtoupper(self::TEST_CLIENT_PREFIX.' '.$label.' '.$suffix, 'UTF-8'));
|
||||
$em->persist($client);
|
||||
$em->flush();
|
||||
|
||||
return $client;
|
||||
}
|
||||
|
||||
protected function clientIri(ClientEntity $client): string
|
||||
{
|
||||
return '/api/clients/'.$client->getId();
|
||||
}
|
||||
|
||||
/**
|
||||
* Seede un Supplier minimal (companyName prefixe pour la purge). Sert de
|
||||
* contrepartie aux tickets de test en branche FOURNISSEUR (RG-5.03).
|
||||
*/
|
||||
protected function seedTestSupplier(string $label): SupplierEntity
|
||||
{
|
||||
$em = $this->getEm();
|
||||
$suffix = substr(bin2hex(random_bytes(3)), 0, 6);
|
||||
|
||||
$supplier = new SupplierEntity();
|
||||
$supplier->setCompanyName(mb_strtoupper(self::TEST_SUPPLIER_PREFIX.' '.$label.' '.$suffix, 'UTF-8'));
|
||||
$em->persist($supplier);
|
||||
$em->flush();
|
||||
|
||||
return $supplier;
|
||||
}
|
||||
|
||||
protected function supplierIri(SupplierEntity $supplier): string
|
||||
{
|
||||
return '/api/suppliers/'.$supplier->getId();
|
||||
}
|
||||
|
||||
/**
|
||||
* Payload POST de reference : contrepartie Client, pesee a vide + a plein en
|
||||
* mode AUTO (le Processor (re)alloue les DSD et calcule le net = 14300 - 7150).
|
||||
*
|
||||
* @return array<string, mixed>
|
||||
*/
|
||||
protected function validClientTicketPayload(ClientEntity $client): array
|
||||
{
|
||||
return [
|
||||
'counterpartyType' => 'CLIENT',
|
||||
'client' => $this->clientIri($client),
|
||||
'immatriculation' => 'AB-123-CD',
|
||||
'plateFreeFormat' => false,
|
||||
'emptyDate' => '2026-06-17T09:00:00+02:00',
|
||||
'emptyWeight' => 7150,
|
||||
'emptyMode' => 'AUTO',
|
||||
'fullDate' => '2026-06-17T09:12:00+02:00',
|
||||
'fullWeight' => 14300,
|
||||
'fullMode' => 'AUTO',
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* Payload POST de reference en branche FOURNISSEUR (RG-5.03) — miroir de
|
||||
* validClientTicketPayload, contrepartie Supplier. Sert a prouver l'embed
|
||||
* symetrique de `supplier` (spec § 4.0.bis piege #1).
|
||||
*
|
||||
* @return array<string, mixed>
|
||||
*/
|
||||
protected function validSupplierTicketPayload(SupplierEntity $supplier): array
|
||||
{
|
||||
return [
|
||||
'counterpartyType' => 'FOURNISSEUR',
|
||||
'supplier' => $this->supplierIri($supplier),
|
||||
'immatriculation' => 'AB-123-CD',
|
||||
'plateFreeFormat' => false,
|
||||
'emptyDate' => '2026-06-17T09:00:00+02:00',
|
||||
'emptyWeight' => 7150,
|
||||
'emptyMode' => 'AUTO',
|
||||
'fullDate' => '2026-06-17T09:12:00+02:00',
|
||||
'fullWeight' => 14300,
|
||||
'fullMode' => 'AUTO',
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* POST un ticket et renvoie la reponse (assertions de statut a la charge de
|
||||
* l'appelant).
|
||||
*/
|
||||
protected function postTicket(Client $http, array $payload): ResponseInterface
|
||||
{
|
||||
return $http->request('POST', '/api/weighing_tickets', [
|
||||
'headers' => ['Content-Type' => self::LD],
|
||||
'json' => $payload,
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrouve un membre d'une collection Hydra par son id.
|
||||
*
|
||||
* @param array<string, mixed> $collection
|
||||
*
|
||||
* @return null|array<string, mixed>
|
||||
*/
|
||||
protected function memberById(array $collection, int $id): ?array
|
||||
{
|
||||
foreach ($collection['member'] ?? [] as $member) {
|
||||
if (($member['id'] ?? null) === $id) {
|
||||
return $member;
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
@@ -29,9 +29,11 @@ final class WeighbridgeReadingApiTest extends AbstractApiTestCase
|
||||
$em = $this->getEm();
|
||||
$em->getConnection()->executeStatement('DELETE FROM weighbridge_dsd_counter');
|
||||
$em->createQuery('DELETE FROM '.User::class.' u WHERE u.username LIKE :p')
|
||||
->setParameter('p', 'testuser_%')->execute();
|
||||
->setParameter('p', 'testuser_%')->execute()
|
||||
;
|
||||
$em->createQuery('DELETE FROM '.Role::class.' r WHERE r.code LIKE :p')
|
||||
->setParameter('p', 'test_%')->execute();
|
||||
->setParameter('p', 'test_%')->execute()
|
||||
;
|
||||
|
||||
parent::tearDown();
|
||||
}
|
||||
@@ -95,24 +97,45 @@ final class WeighbridgeReadingApiTest extends AbstractApiTestCase
|
||||
{
|
||||
$client = $this->manageClientWithCurrentSite();
|
||||
|
||||
$client->request('POST', '/api/weighbridge_readings', [
|
||||
$response = $client->request('POST', '/api/weighbridge_readings', [
|
||||
'headers' => ['Content-Type' => 'application/ld+json'],
|
||||
'json' => ['mode' => 'INVALID'],
|
||||
]);
|
||||
|
||||
// Garde-fou ERP-101 : la 422 doit cibler `mode` (Assert\Choice), pas juste
|
||||
// un bon code HTTP — sinon une violation sur le mauvais champ passerait.
|
||||
self::assertResponseStatusCodeSame(422);
|
||||
self::assertViolationOnPath($response, 'mode');
|
||||
}
|
||||
|
||||
public function testManualWeighingRequiresWeight(): void
|
||||
{
|
||||
$client = $this->manageClientWithCurrentSite();
|
||||
|
||||
$client->request('POST', '/api/weighbridge_readings', [
|
||||
$response = $client->request('POST', '/api/weighbridge_readings', [
|
||||
'headers' => ['Content-Type' => 'application/ld+json'],
|
||||
'json' => ['mode' => 'MANUAL'],
|
||||
]);
|
||||
|
||||
// Garde-fou ERP-101 : la 422 doit cibler `weight` (Callback validateManualWeight).
|
||||
self::assertResponseStatusCodeSame(422);
|
||||
self::assertViolationOnPath($response, 'weight');
|
||||
}
|
||||
|
||||
/**
|
||||
* Garde-fou ERP-101 (miroir AbstractWeighingTicketApiTestCase) : une 422 doit
|
||||
* porter une violation sur le `propertyPath` attendu, consommable inline par
|
||||
* useFormErrors cote front, pas seulement le bon statut HTTP.
|
||||
*/
|
||||
private static function assertViolationOnPath(object $response, string $path): void
|
||||
{
|
||||
$paths = array_column($response->toArray(false)['violations'] ?? [], 'propertyPath');
|
||||
|
||||
self::assertContains(
|
||||
$path,
|
||||
$paths,
|
||||
sprintf('Aucune violation sur "%s" (paths: %s).', $path, implode(', ', $paths)),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -0,0 +1,92 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Tests\Module\Logistique\Api;
|
||||
|
||||
/**
|
||||
* Numerotation des tickets de pesee (RG-5.02 / § 2.5) — tests fonctionnels sur
|
||||
* l'API reelle (compteur DBAL `weighing_ticket_counter`, verrou FOR UPDATE).
|
||||
*
|
||||
* Couvre : format {siteCode}-TP-{NNNN}, sequence incrementale et unique PAR site,
|
||||
* independance des sequences entre sites, immuabilite du numero et du site au PATCH
|
||||
* (RG-5.09 : aucun groupe d'ecriture sur ces champs).
|
||||
*
|
||||
* La serialisation concurrente (FOR UPDATE) est exercee a l'identique par le
|
||||
* DsdAllocator (cf. DsdAllocatorTest) ; un vrai parallelisme n'est pas reproductible
|
||||
* en PHPUnit mono-processus — on valide ici la sequence deterministe.
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
final class WeighingTicketNumberingTest extends AbstractWeighingTicketApiTestCase
|
||||
{
|
||||
public function testNumberFormatAndSequentialPerSite(): void
|
||||
{
|
||||
$site = $this->siteByCode('86');
|
||||
$http = $this->authManageOnSite($site);
|
||||
$client = $this->seedTestClient('Num');
|
||||
|
||||
$first = $this->postTicket($http, $this->validClientTicketPayload($client));
|
||||
self::assertResponseStatusCodeSame(201);
|
||||
$second = $this->postTicket($http, $this->validClientTicketPayload($client));
|
||||
self::assertResponseStatusCodeSame(201);
|
||||
|
||||
$n1 = (string) $first->toArray()['number'];
|
||||
$n2 = (string) $second->toArray()['number'];
|
||||
|
||||
self::assertMatchesRegularExpression('/^86-TP-\d{4}$/', $n1);
|
||||
self::assertMatchesRegularExpression('/^86-TP-\d{4}$/', $n2);
|
||||
self::assertNotSame($n1, $n2, 'Deux tickets du meme site portent des numeros distincts (unicite).');
|
||||
|
||||
// Sequence : le second numero = premier + 1 (compteur par site).
|
||||
self::assertSame($this->suffix($n1) + 1, $this->suffix($n2));
|
||||
}
|
||||
|
||||
public function testNumberingIsIsolatedPerSite(): void
|
||||
{
|
||||
$client = $this->seedTestClient('IsoSite');
|
||||
|
||||
$http86 = $this->authManageOnSite($this->siteByCode('86'));
|
||||
$http17 = $this->authManageOnSite($this->siteByCode('17'));
|
||||
|
||||
$n86 = (string) $this->postTicket($http86, $this->validClientTicketPayload($client))->toArray()['number'];
|
||||
$n17 = (string) $this->postTicket($http17, $this->validClientTicketPayload($client))->toArray()['number'];
|
||||
|
||||
// Chaque site encode son propre code dans le numero ; sequences disjointes.
|
||||
self::assertStringStartsWith('86-TP-', $n86);
|
||||
self::assertStringStartsWith('17-TP-', $n17);
|
||||
}
|
||||
|
||||
public function testNumberAndSiteAreImmutableOnPatch(): void
|
||||
{
|
||||
$site = $this->siteByCode('86');
|
||||
$http = $this->authManageOnSite($site);
|
||||
$client = $this->seedTestClient('Immutable');
|
||||
|
||||
$created = $this->postTicket($http, $this->validClientTicketPayload($client))->toArray();
|
||||
$id = (int) $created['id'];
|
||||
$number = (string) $created['number'];
|
||||
|
||||
// Tentative de re-ecriture du numero et du site (aucun groupe d'ecriture) +
|
||||
// changement legitime de la pesee a plein -> net recalcule.
|
||||
$patched = $http->request('PATCH', '/api/weighing_tickets/'.$id, [
|
||||
'headers' => ['Content-Type' => self::MERGE],
|
||||
'json' => [
|
||||
'number' => 'HACK-TP-9999',
|
||||
'site' => '/api/sites/'.$this->siteByCode('17')->getId(),
|
||||
'fullWeight' => 20000,
|
||||
],
|
||||
])->toArray();
|
||||
|
||||
self::assertSame($number, $patched['number'], 'Le numero est immuable (RG-5.02 / RG-5.09).');
|
||||
self::assertSame('86', $patched['site']['code'], 'Le site est immuable (RG-5.09).');
|
||||
// Net recalcule : 20000 - 7150 = 12850 (RG-5.05).
|
||||
self::assertSame(12850, $patched['netWeight']);
|
||||
}
|
||||
|
||||
/** Suffixe numerique {NNNN} d'un numero {siteCode}-TP-{NNNN}. */
|
||||
private function suffix(string $number): int
|
||||
{
|
||||
return (int) substr($number, strrpos($number, '-') + 1);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,121 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Tests\Module\Logistique\Api;
|
||||
|
||||
use App\Module\Core\Infrastructure\DataFixtures\RbacDemoFixtures;
|
||||
use Symfony\Bundle\FrameworkBundle\Console\Application;
|
||||
use Symfony\Component\Console\Input\ArrayInput;
|
||||
use Symfony\Component\Console\Output\NullOutput;
|
||||
|
||||
/**
|
||||
* Matrice RBAC du ticket de pesee par role metier (spec-back M5 § 5.2). Jumeau de
|
||||
* {@see \App\Tests\Module\Transport\Api\CarrierRBACMatrixTest}.
|
||||
*
|
||||
* Matrice § 5.2 (V0.2) :
|
||||
* - admin / bureau / usine : view + manage (200 lecture, 201 creation)
|
||||
* - compta / commerciale : AUCUN acces (403 sur view ET manage)
|
||||
* - anonyme : 401
|
||||
*
|
||||
* La creation (POST -> 201) suppose un site courant (numerotation + cloisonnement,
|
||||
* § 2.3) : on le positionne pour chaque role autorise a ecrire.
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
final class WeighingTicketRBACMatrixTest extends AbstractWeighingTicketApiTestCase
|
||||
{
|
||||
private const string PWD = RbacDemoFixtures::DEMO_PASSWORD;
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
// Seed idempotent des roles metier + matrice § 5.2 + comptes demo (meme
|
||||
// chemin qu'en recette).
|
||||
self::bootKernel();
|
||||
$application = new Application(self::$kernel);
|
||||
$application->setAutoExit(false);
|
||||
$exit = $application->run(
|
||||
new ArrayInput([
|
||||
'command' => 'app:seed-rbac',
|
||||
'--with-demo-users' => true,
|
||||
'--password' => self::PWD,
|
||||
]),
|
||||
new NullOutput(),
|
||||
);
|
||||
self::assertSame(
|
||||
0,
|
||||
$exit,
|
||||
'app:seed-rbac a echoue : les permissions logistique.weighing_tickets.* sont-elles synchronisees (app:sync-permissions) ?',
|
||||
);
|
||||
|
||||
self::ensureKernelShutdown();
|
||||
}
|
||||
|
||||
public function testAdminCanViewAndManage(): void
|
||||
{
|
||||
$this->assertCanViewAndManage('admin', 'admin');
|
||||
}
|
||||
|
||||
public function testBureauCanViewAndManage(): void
|
||||
{
|
||||
$this->assertCanViewAndManage('bureau', self::PWD);
|
||||
}
|
||||
|
||||
public function testUsineCanViewAndManage(): void
|
||||
{
|
||||
$this->assertCanViewAndManage('usine', self::PWD);
|
||||
}
|
||||
|
||||
public function testComptaHasNoAccess(): void
|
||||
{
|
||||
$this->assertHasNoAccess('compta');
|
||||
}
|
||||
|
||||
public function testCommercialeHasNoAccess(): void
|
||||
{
|
||||
$this->assertHasNoAccess('commerciale');
|
||||
}
|
||||
|
||||
public function testAnonymousIsUnauthorized(): void
|
||||
{
|
||||
$client = self::createClient();
|
||||
$client->request('GET', '/api/weighing_tickets', ['headers' => ['Accept' => self::LD]]);
|
||||
self::assertResponseStatusCodeSame(401);
|
||||
}
|
||||
|
||||
/**
|
||||
* Role autorise : GET 200 (view) + POST 201 (manage). Le site courant est
|
||||
* positionne avant le POST pour permettre la numerotation.
|
||||
*/
|
||||
private function assertCanViewAndManage(string $username, string $password): void
|
||||
{
|
||||
$site = $this->firstSite();
|
||||
$this->setCurrentSite($username, $site);
|
||||
|
||||
$clientEntity = $this->seedTestClient('Rbac '.$username);
|
||||
$http = $this->authenticatedClient($username, $password);
|
||||
|
||||
$http->request('GET', '/api/weighing_tickets', ['headers' => ['Accept' => self::LD]]);
|
||||
self::assertResponseStatusCodeSame(200);
|
||||
|
||||
$this->postTicket($http, $this->validClientTicketPayload($clientEntity));
|
||||
self::assertResponseStatusCodeSame(201);
|
||||
}
|
||||
|
||||
/**
|
||||
* Role sans acces : 403 en lecture (view absent) ET en ecriture (manage absent).
|
||||
*/
|
||||
private function assertHasNoAccess(string $username): void
|
||||
{
|
||||
$clientEntity = $this->seedTestClient('Rbac '.$username);
|
||||
$http = $this->authenticatedClient($username, self::PWD);
|
||||
|
||||
$http->request('GET', '/api/weighing_tickets', ['headers' => ['Accept' => self::LD]]);
|
||||
self::assertResponseStatusCodeSame(403);
|
||||
|
||||
$this->postTicket($http, $this->validClientTicketPayload($clientEntity));
|
||||
self::assertResponseStatusCodeSame(403);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,140 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Tests\Module\Logistique\Api;
|
||||
|
||||
/**
|
||||
* Contrat de serialisation du ticket de pesee (M5, spec-back § 4.0 / § 4.0.bis).
|
||||
* Jumeau du test de contrat M4 CarrierSerializationContractTest (module Transport,
|
||||
* reference en prose pour ne pas materialiser d'import inter-module).
|
||||
*
|
||||
* Capture le JSON REEL (liste + detail) via un ticket cree par l'API (numerotation
|
||||
* serveur reelle) et reverifie les 4 pieges du RETEX M1 transposes au M5 :
|
||||
* #1 : `client` (et `supplier`) sortent en OBJET embarque, pas en IRI nu
|
||||
* (read-groups client:read / supplier:read).
|
||||
* #2 : booleen `plateFreeFormat` present dans le JSON (getter + SerializedName).
|
||||
* #3 : `number` present, formate {siteCode}-TP-{NNNN}.
|
||||
* #4 : `netWeight` coherent = full - empty (plein - vide, RG-5.05).
|
||||
*
|
||||
* REGLE D'OR : on asserte sur le CORPS JSON reel, jamais sur les annotations.
|
||||
* DoD (§ 4.0.bis) : avec WEIGHING_TICKET_DOD_DUMP positionnee, ecrit les corps
|
||||
* liste + detail sous /tmp pour les coller dans la spec avant les ecrans front.
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
final class WeighingTicketSerializationContractTest extends AbstractWeighingTicketApiTestCase
|
||||
{
|
||||
public function testListAndDetailSerializationContract(): void
|
||||
{
|
||||
$site = $this->siteByCode('86');
|
||||
$http = $this->authManageOnSite($site);
|
||||
$clientEntity = $this->seedTestClient('Negoce');
|
||||
|
||||
$created = $this->postTicket($http, $this->validClientTicketPayload($clientEntity));
|
||||
self::assertResponseStatusCodeSame(201);
|
||||
$createdBody = $created->toArray();
|
||||
|
||||
$id = (int) $createdBody['id'];
|
||||
$number = (string) $createdBody['number'];
|
||||
|
||||
$detail = $http->request('GET', '/api/weighing_tickets/'.$id, ['headers' => ['Accept' => self::LD]])->toArray();
|
||||
$list = $http->request('GET', '/api/weighing_tickets?search='.$number, ['headers' => ['Accept' => self::LD]])->toArray();
|
||||
|
||||
// Enveloppe Hydra AP4 (member/totalItems sans prefixe hydra:).
|
||||
self::assertArrayHasKey('member', $list);
|
||||
self::assertArrayNotHasKey('hydra:member', $list);
|
||||
|
||||
$row = $this->memberById($list, $id);
|
||||
self::assertNotNull($row, 'Le ticket cree doit apparaitre dans la liste filtree.');
|
||||
|
||||
// === Piege #1 : relations embarquees en OBJET (pas IRI nu) ===
|
||||
self::assertIsArray($row['client'], 'client doit etre un objet embarque (client:read), pas un IRI nu.');
|
||||
self::assertArrayHasKey('companyName', $row['client']);
|
||||
// supplier null sur une contrepartie Client (cle potentiellement omise par
|
||||
// skip_null_values — tolerant aux deux cas, jamais un IRI nu).
|
||||
self::assertNull($row['supplier'] ?? null);
|
||||
|
||||
// === Piege #2 : booleen plateFreeFormat present ===
|
||||
self::assertArrayHasKey('plateFreeFormat', $row);
|
||||
self::assertFalse($row['plateFreeFormat']);
|
||||
|
||||
// === Piege #3 : number formate {siteCode}-TP-{NNNN} ===
|
||||
self::assertArrayHasKey('number', $row);
|
||||
self::assertMatchesRegularExpression('/^86-TP-\d{4}$/', $row['number']);
|
||||
|
||||
// === Piege #4 : netWeight = full - empty (14300 - 7150) ===
|
||||
self::assertSame(7150, $row['netWeight']);
|
||||
|
||||
// displayDate (date du ticket = fullDate ?? emptyDate) expose en liste.
|
||||
self::assertArrayHasKey('displayDate', $row);
|
||||
|
||||
// === DETAIL : site embarque (avec code), immatriculation, les 2 pesees ===
|
||||
self::assertIsArray($detail['site']);
|
||||
self::assertSame('86', $detail['site']['code']);
|
||||
self::assertSame('AB-123-CD', $detail['immatriculation']);
|
||||
self::assertSame(7150, $detail['emptyWeight']);
|
||||
self::assertSame(14300, $detail['fullWeight']);
|
||||
self::assertSame(7150, $detail['netWeight']);
|
||||
self::assertIsArray($detail['client']);
|
||||
self::assertArrayHasKey('companyName', $detail['client']);
|
||||
|
||||
$this->dumpDodIfRequested($list, $detail);
|
||||
}
|
||||
|
||||
/**
|
||||
* Piege #1 symetrique (spec § 4.0.bis) : sur une contrepartie FOURNISSEUR,
|
||||
* `supplier` doit sortir en OBJET embarque (supplier:read) et `client` etre
|
||||
* null (jamais un IRI nu). Le cas Client est couvert ci-dessus ; ce test
|
||||
* verrouille l'autre branche pour qu'un drift de read-group cote Supplier ne
|
||||
* passe pas inapercu.
|
||||
*/
|
||||
public function testSupplierCounterpartyEmbedsSupplier(): void
|
||||
{
|
||||
$site = $this->siteByCode('86');
|
||||
$http = $this->authManageOnSite($site);
|
||||
$supplierEntity = $this->seedTestSupplier('Ferraille');
|
||||
|
||||
$created = $this->postTicket($http, $this->validSupplierTicketPayload($supplierEntity));
|
||||
self::assertResponseStatusCodeSame(201);
|
||||
$createdBody = $created->toArray();
|
||||
|
||||
$id = (int) $createdBody['id'];
|
||||
$number = (string) $createdBody['number'];
|
||||
|
||||
$detail = $http->request('GET', '/api/weighing_tickets/'.$id, ['headers' => ['Accept' => self::LD]])->toArray();
|
||||
$list = $http->request('GET', '/api/weighing_tickets?search='.$number, ['headers' => ['Accept' => self::LD]])->toArray();
|
||||
|
||||
$row = $this->memberById($list, $id);
|
||||
self::assertNotNull($row, 'Le ticket fournisseur cree doit apparaitre dans la liste filtree.');
|
||||
|
||||
// Liste : supplier embarque en objet, client omis/null (skip_null_values).
|
||||
self::assertIsArray($row['supplier'], 'supplier doit etre un objet embarque (supplier:read), pas un IRI nu.');
|
||||
self::assertArrayHasKey('companyName', $row['supplier']);
|
||||
self::assertNull($row['client'] ?? null);
|
||||
self::assertSame('FOURNISSEUR', $row['counterpartyType']);
|
||||
|
||||
// Detail : meme contrat cote item.
|
||||
self::assertIsArray($detail['supplier']);
|
||||
self::assertArrayHasKey('companyName', $detail['supplier']);
|
||||
self::assertNull($detail['client'] ?? null);
|
||||
}
|
||||
|
||||
/**
|
||||
* DoD (§ 4.0.bis) : ecrit les corps JSON reels sous /tmp si WEIGHING_TICKET_DOD_DUMP
|
||||
* est positionnee (sinon no-op). A coller dans spec-back.md § 4.0.bis.
|
||||
*
|
||||
* @param array<string, mixed> $list
|
||||
* @param array<string, mixed> $detail
|
||||
*/
|
||||
private function dumpDodIfRequested(array $list, array $detail): void
|
||||
{
|
||||
if (false === getenv('WEIGHING_TICKET_DOD_DUMP')) {
|
||||
return;
|
||||
}
|
||||
|
||||
$flags = JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES;
|
||||
file_put_contents('/tmp/weighing-ticket-dod-list.json', json_encode($list, $flags));
|
||||
file_put_contents('/tmp/weighing-ticket-dod-detail.json', json_encode($detail, $flags));
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user