 Patrick Plate
|
59b785b8ed
|
test(sprint-11): centralize JaCoCo coverage rules and add bank import + finance test coverage
Deploy to Production / test (push) Failing after 1s
Deploy to Production / deploy (push) Has been skipped
- pom.xml: introduce risk-tiered JaCoCo rules in parent POM
- bundle: 80% line coverage
- bankimport/finance packages: 90% (highest precision)
- api.security: 85%
- scheduler/notification: 70%
- exclude entity/enums/dto/config from coverage measurement
- add Surefire 3.5.2 plugin management
- cannamanage-service/pom.xml: remove obsolete module-local ComplianceService=100% rule
(subsumed by parent package rules), add explicit jackson-databind dep so
ByteBuddy can mock AuditService.METADATA_MAPPER
- Add AbstractServiceTest base class for service-layer tests
- Add FinanceServiceTest
- Add bankimport test suite:
- Mt940ParserTest with malformed input fixtures
(encoding, overflow, truncated, generic)
- PaymentMatchingServiceTest with ParsedTransactionBuilder helper
- CAMT.053 / Sparkasse MT940 sample fixtures
- XXE attack fixtures (billion-laughs, SSRF, generic)
- docs/sprint-11/: analysis, plan, plan-review, testplan
|
2026-06-15 21:37:49 +02:00 |
|
|
Patrick Plate
|
a1d4ba44e3
|
fix(security): re-add dependency version overrides for SCA compliance
|
2026-06-12 11:17:40 +02:00 |
|
|
Patrick Plate
|
2ede872d11
|
feat: Sprint 2 REST API layer — full implementation
- Fix critical Hibernate @Filter activation bug (TenantFilterAspect)
- Rename UserRole.ROLE_MANAGER → ROLE_STAFF (future-proofing)
- SecurityConfig: ADMIN + MEMBER roles only for Sprint 2
- AuthController: POST /auth/login + POST /auth/refresh with JWT
- AuthService: login, refresh token rotation, hashed refresh storage
- MemberController: CRUD (GET/POST/PUT /members)
- DistributionController: list + record distributions (CanG §26)
- StockController: batch management (GET/POST /stock/batches)
- ComplianceController: quota check (GET /compliance/quota/{id})
- OpenAPI/Swagger config with bearer-jwt security scheme
- GlobalExceptionHandler: full RFC 9457 problem+json coverage
- UserRepository: findByEmail, findByEmailAndTenantId
- Flyway V2: role rename migration + login indexes
- Testcontainers + test profile infrastructure (integration tests deferred)
- Parent POM: Testcontainers BOM, entity scan via properties
Controllers use validated DTOs (Jakarta Bean Validation records).
Compliance checks run before distribution recording.
Tenant filter AOP aspect ensures multi-tenant data isolation.
|
2026-06-11 12:05:52 +02:00 |
|
|
Patrick Plate
|
10891e7b89
|
chore: upgrade Spring Boot 3.3.4 → 4.0.6
- Remove manually-pinned versions (Hibernate, Flyway, AssertJ, Mockito)
now managed by Boot 4.0.6 BOM
- Remove @EntityScan and @EnableJpaRepositories — auto-detected via
scanBasePackages covering de.cannamanage hierarchy
- All 25 tests pass, build compiles in 9.6s
|
2026-06-11 10:41:59 +02:00 |
|
|
Patrick Plate
|
fa1eaf64e0
|
feat(sprint-1): CannaManage foundation — compliance engine, JPA entities, tests TC-001→TC-025
- Maven multi-module project (parent + domain + service + api)
- AbstractTenantEntity with Hibernate @Filter for multi-tenancy (explicit getters/setters, Java 25 compatible)
- TenantContext ThreadLocal for request-scoped tenant isolation
- 8 JPA entities: Club, Member, Strain, Batch, Distribution, MonthlyQuota, StockMovement, User
- ComplianceConstants with CanG §19 limits (25g/day adult, 50g/month adult, 30g/month under-21, 10% THC cap)
- ComplianceService: checkDistributionAllowed() with fail-fast sequential CanG checks
- Unit tests TC-001→TC-025: 25/25 passing, 100% line+branch coverage on ComplianceService (JaCoCo 0.8.13)
- Flyway V1__initial_schema.sql: all 8 tables + indexes
- docker-compose.yml: PostgreSQL 16 local dev
- application-local.properties: local profile configuration
Closes #1 #2 #3 #4 #5 #6 #7 #8 #9 #10
|
2026-04-12 20:30:12 +02:00 |
|