cesnimda/jobtrackingapp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test: add backend security regression test foundation

Browse Source
This commit is contained in:
cesnimda
2026-03-22 14:00:49 +01:00
parent 10e10bb6a7
commit 47c72de283
4 changed files with 93 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
JobTrackerApi.Tests/AttachmentsControllerTests.cs
+23
View File
@@ -0,0 +1,23 @@
using System.Reflection;
using JobTrackerApi.Controllers;
using Xunit;
namespace JobTrackerApi.Tests;
public sealed class AttachmentsControllerTests
{
[Fact]
public void Allowed_extensions_include_common_document_and_image_formats()
{
var field = typeof(AttachmentsController).GetField("AllowedExtensions", BindingFlags.NonPublic | BindingFlags.Static);
Assert.NotNull(field);
var allowed = Assert.IsAssignableFrom<System.Collections.IEnumerable>(field!.GetValue(null));
var values = allowed.Cast<string>().ToHashSet(StringComparer.OrdinalIgnoreCase);
Assert.Contains(".pdf", values);
Assert.Contains(".docx", values);
Assert.Contains(".png", values);
Assert.DoesNotContain(".exe", values);
}
}
JobTrackerApi.Tests/JobTrackerApi.Tests.csproj
+21
View File
@@ -0,0 +1,21 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net9.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<IsPackable>false</IsPackable>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.12.0" />
<PackageReference Include="xunit" Version="2.9.2" />
<PackageReference Include="xunit.runner.visualstudio" Version="2.8.2">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets>
</PackageReference>
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\JobTrackerApi\JobTrackerApi.csproj" />
</ItemGroup>
</Project>
JobTrackerApi.Tests/OwnershipGuardTests.cs
+22
View File
@@ -0,0 +1,22 @@
using System.Reflection;
using JobTrackerApi.Controllers;
using Xunit;
namespace JobTrackerApi.Tests;
public sealed class OwnershipGuardTests
{
[Fact]
public void Attachments_controller_has_owned_attachment_lookup_helper()
{
var method = typeof(AttachmentsController).GetMethod("FindOwnedAttachmentAsync", BindingFlags.NonPublic | BindingFlags.Instance);
Assert.NotNull(method);
}
[Fact]
public void Correspondence_controller_has_owned_message_lookup_helper()
{
var method = typeof(CorrespondenceController).GetMethod("FindOwnedMessageAsync", BindingFlags.NonPublic | BindingFlags.Instance);
Assert.NotNull(method);
}
}