AgileWebs/thalos-dal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(thalos-dal): define identity dal contracts and read ports

Browse Source
This commit is contained in:
José René White Enciso 2026-02-22 04:31:43 -06:00
parent 2e162c376b
commit 2e3752b430
33 changed files with 430 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
docs/architecture/thalos-dal-map.puml
View File

@ -2,6 +2,13 @@
skinparam packageStyle rectangle skinparam packageStyle rectangle
package "thalos-dal" { package "thalos-dal" {
class IdentityPolicyLookupRequest
class IdentityPolicyRecord
class IdentityTokenLookupRequest
class IdentityTokenRecord
class IdentityPermissionSetLookupRequest
class IdentityPermissionRecord
interface IIdentityDalGrpcContractAdapter
interface IUserDataProvider interface IUserDataProvider
interface IRoleDataProvider interface IRoleDataProvider
interface IPermissionDataProvider interface IPermissionDataProvider
@ -10,12 +17,20 @@ package "thalos-dal" {
interface IIdentityRepository interface IIdentityRepository
interface IDalDependencyHealthCheck interface IDalDependencyHealthCheck
IIdentityDalGrpcContractAdapter --> IdentityPolicyLookupRequest
IIdentityDalGrpcContractAdapter --> IdentityTokenLookupRequest
IIdentityRepository --> IUserDataProvider IIdentityRepository --> IUserDataProvider
IIdentityRepository --> IRoleDataProvider IIdentityRepository --> IRoleDataProvider
IIdentityRepository --> IPermissionDataProvider IIdentityRepository --> IPermissionDataProvider
IIdentityRepository --> IModuleDataProvider IIdentityRepository --> IModuleDataProvider
IIdentityRepository --> ITenantDataProvider IIdentityRepository --> ITenantDataProvider
IIdentityRepository --> IDalDependencyHealthCheck IIdentityRepository --> IDalDependencyHealthCheck
IIdentityRepository --> IdentityPolicyLookupRequest
IIdentityRepository --> IdentityPolicyRecord
IIdentityRepository --> IdentityTokenLookupRequest
IIdentityRepository --> IdentityTokenRecord
IIdentityRepository --> IdentityPermissionSetLookupRequest
IIdentityRepository --> IdentityPermissionRecord
} }
package "thalos-service" as ThalosService package "thalos-service" as ThalosService

2
docs/dal/identity-persistence-strategy.md
View File

@ -5,8 +5,10 @@
- DAL repository boundaries coordinate identity aggregate persistence operations. - DAL repository boundaries coordinate identity aggregate persistence operations.
- Dependency health checks are defined inside DAL boundaries. - Dependency health checks are defined inside DAL boundaries.
- Storage and cache dependencies are modeled in DAL-owned contracts. - Storage and cache dependencies are modeled in DAL-owned contracts.
- gRPC translation stays at adapter interfaces and does not include persistence implementation.
## Constraints ## Constraints
- Identity persistence concerns do not leak to non-Thalos repositories. - Identity persistence concerns do not leak to non-Thalos repositories.
- Service layer consumes DAL boundaries without owning persistence details. - Service layer consumes DAL boundaries without owning persistence details.
- This stage defines contracts and ports only; no datastore implementation is introduced.

3
docs/dal/identity-provider-boundaries.md
View File

@ -7,9 +7,12 @@
- `IPermissionDataProvider`: permission aggregate provider boundary. - `IPermissionDataProvider`: permission aggregate provider boundary.
- `IModuleDataProvider`: module aggregate provider boundary. - `IModuleDataProvider`: module aggregate provider boundary.
- `ITenantDataProvider`: tenant aggregate provider boundary. - `ITenantDataProvider`: tenant aggregate provider boundary.
- `IIdentityRepository`: DAL composition boundary for policy, token, and permission-set reads.
- `IIdentityDalGrpcContractAdapter`: gRPC translation boundary for DAL contracts.
## Rules ## Rules
- Providers isolate datastore-specific behavior. - Providers isolate datastore-specific behavior.
- Provider boundaries remain internal to Thalos DAL. - Provider boundaries remain internal to Thalos DAL.
- DAL interfaces expose only transport-neutral contracts and read ports.
- Identity abstractions remain Thalos-owned. - Identity abstractions remain Thalos-owned.

38
src/Thalos.DAL/Adapters/IIdentityDalGrpcContractAdapter.cs Normal file
View File

@ -0,0 +1,38 @@
using Thalos.DAL.Contracts;
using Thalos.DAL.Grpc;
namespace Thalos.DAL.Adapters;
/// <summary>
/// Defines adapter boundary for dal gRPC contract translation.
/// </summary>
public interface IIdentityDalGrpcContractAdapter
{
/// <summary>
/// Maps transport-neutral policy lookup request into gRPC contract shape.
/// </summary>
/// <param name="request">Policy lookup request contract.</param>
/// <returns>gRPC policy contract shape.</returns>
IdentityPolicyDalGrpcContract ToGrpcPolicyRequest(IdentityPolicyLookupRequest request);
/// <summary>
/// Maps gRPC policy contract into transport-neutral policy lookup request.
/// </summary>
/// <param name="contract">gRPC policy contract shape.</param>
/// <returns>Policy lookup request contract.</returns>
IdentityPolicyLookupRequest FromGrpcPolicyRequest(IdentityPolicyDalGrpcContract contract);
/// <summary>
/// Maps transport-neutral token lookup request into gRPC contract shape.
/// </summary>
/// <param name="request">Token lookup request contract.</param>
/// <returns>gRPC token contract shape.</returns>
IdentityTokenDalGrpcContract ToGrpcTokenRequest(IdentityTokenLookupRequest request);
/// <summary>
/// Maps gRPC token contract into transport-neutral token lookup request.
/// </summary>
/// <param name="contract">gRPC token contract shape.</param>
/// <returns>Token lookup request contract.</returns>
IdentityTokenLookupRequest FromGrpcTokenRequest(IdentityTokenDalGrpcContract contract);
}

12
src/Thalos.DAL/Contracts/DalDependencyHealthStatus.cs Normal file
View File

@ -0,0 +1,12 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Contract representing dal dependency health status.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="IsHealthy">Indicates whether dependencies are healthy.</param>
/// <param name="DependencyNames">Dependency boundaries included in health probe.</param>
public sealed record DalDependencyHealthStatus(
IdentityContractEnvelope Envelope,
bool IsHealthy,
IReadOnlyList<string> DependencyNames);

8
src/Thalos.DAL/Contracts/IdentityContractEnvelope.cs Normal file
View File

@ -0,0 +1,8 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Defines transport-neutral envelope metadata for thalos dal contract messages.
/// </summary>
/// <param name="ContractVersion">Contract schema version.</param>
/// <param name="CorrelationId">Correlation identifier for cross-layer tracing.</param>
public sealed record IdentityContractEnvelope(string ContractVersion, string CorrelationId);

8
src/Thalos.DAL/Contracts/IdentityModuleLookupRequest.cs Normal file
View File

@ -0,0 +1,8 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Request contract for module aggregate lookup.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
public sealed record IdentityModuleLookupRequest(IdentityContractEnvelope Envelope, string TenantId);

9
src/Thalos.DAL/Contracts/IdentityModuleRecord.cs Normal file
View File

@ -0,0 +1,9 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Contract representing persisted module metadata for tenant scope.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="ModuleCode">Module code identifier.</param>
/// <param name="IsEnabled">Indicates whether module is enabled.</param>
public sealed record IdentityModuleRecord(IdentityContractEnvelope Envelope, string ModuleCode, bool IsEnabled);

12
src/Thalos.DAL/Contracts/IdentityPermissionRecord.cs Normal file
View File

@ -0,0 +1,12 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Contract representing a persisted permission grant for identity scope.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="PermissionCode">Permission code identifier.</param>
/// <param name="SourceRoleCode">Role code that grants the permission.</param>
public sealed record IdentityPermissionRecord(
IdentityContractEnvelope Envelope,
string PermissionCode,
string SourceRoleCode);

12
src/Thalos.DAL/Contracts/IdentityPermissionSetLookupRequest.cs Normal file
View File

@ -0,0 +1,12 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Request contract for identity permission set lookup.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="SubjectId">Identity subject identifier.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
public sealed record IdentityPermissionSetLookupRequest(
IdentityContractEnvelope Envelope,
string SubjectId,
string TenantId);

14
src/Thalos.DAL/Contracts/IdentityPolicyLookupRequest.cs Normal file
View File

@ -0,0 +1,14 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Request contract for identity policy context lookup.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="SubjectId">Identity subject identifier.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
/// <param name="PermissionCode">Permission code to evaluate.</param>
public sealed record IdentityPolicyLookupRequest(
IdentityContractEnvelope Envelope,
string SubjectId,
string TenantId,
string PermissionCode);

14
src/Thalos.DAL/Contracts/IdentityPolicyRecord.cs Normal file
View File

@ -0,0 +1,14 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Response contract representing persisted identity policy context.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="SubjectId">Identity subject identifier.</param>
/// <param name="PermissionCode">Permission code evaluated.</param>
/// <param name="ContextSatisfied">Indicates whether policy context is satisfied.</param>
public sealed record IdentityPolicyRecord(
IdentityContractEnvelope Envelope,
string SubjectId,
string PermissionCode,
bool ContextSatisfied);

9
src/Thalos.DAL/Contracts/IdentityRoleLookupRequest.cs Normal file
View File

@ -0,0 +1,9 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Request contract for role aggregate lookup.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="SubjectId">Identity subject identifier.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
public sealed record IdentityRoleLookupRequest(IdentityContractEnvelope Envelope, string SubjectId, string TenantId);

9
src/Thalos.DAL/Contracts/IdentityRoleRecord.cs Normal file
View File

@ -0,0 +1,9 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Contract representing a persisted identity role assignment.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="RoleCode">Role code identifier.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
public sealed record IdentityRoleRecord(IdentityContractEnvelope Envelope, string RoleCode, string TenantId);

8
src/Thalos.DAL/Contracts/IdentityTenantLookupRequest.cs Normal file
View File

@ -0,0 +1,8 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Request contract for tenant aggregate lookup.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
public sealed record IdentityTenantLookupRequest(IdentityContractEnvelope Envelope, string TenantId);

14
src/Thalos.DAL/Contracts/IdentityTenantRecord.cs Normal file
View File

@ -0,0 +1,14 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Contract representing persisted tenant metadata.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
/// <param name="TenantCode">Tenant code identifier.</param>
/// <param name="IsActive">Indicates whether tenant is active.</param>
public sealed record IdentityTenantRecord(
IdentityContractEnvelope Envelope,
string TenantId,
string TenantCode,
bool IsActive);

9
src/Thalos.DAL/Contracts/IdentityTokenLookupRequest.cs Normal file
View File

@ -0,0 +1,9 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Request contract for identity token record lookup.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="SubjectId">Identity subject identifier.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
public sealed record IdentityTokenLookupRequest(IdentityContractEnvelope Envelope, string SubjectId, string TenantId);

16
src/Thalos.DAL/Contracts/IdentityTokenRecord.cs Normal file
View File

@ -0,0 +1,16 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Response contract representing token issuance persistence data.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="SubjectId">Identity subject identifier.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
/// <param name="Token">Issued access token value.</param>
/// <param name="ExpiresInSeconds">Token expiration in seconds.</param>
public sealed record IdentityTokenRecord(
IdentityContractEnvelope Envelope,
string SubjectId,
string TenantId,
string Token,
int ExpiresInSeconds);

8
src/Thalos.DAL/Contracts/IdentityUserLookupRequest.cs Normal file
View File

@ -0,0 +1,8 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Request contract for user aggregate lookup.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="SubjectId">Identity subject identifier.</param>
public sealed record IdentityUserLookupRequest(IdentityContractEnvelope Envelope, string SubjectId);

14
src/Thalos.DAL/Contracts/IdentityUserRecord.cs Normal file
View File

@ -0,0 +1,14 @@
namespace Thalos.DAL.Contracts;
/// <summary>
/// Contract representing a persisted identity user aggregate.
/// </summary>
/// <param name="Envelope">Contract envelope metadata.</param>
/// <param name="SubjectId">Identity subject identifier.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
/// <param name="Status">Current user status.</param>
public sealed record IdentityUserRecord(
IdentityContractEnvelope Envelope,
string SubjectId,
string TenantId,
string Status);

15
src/Thalos.DAL/Contracts/ThalosDalPackageContract.cs Normal file
View File

@ -0,0 +1,15 @@
using Core.Blueprint.Common.Contracts;
namespace Thalos.DAL.Contracts;
/// <summary>
/// Defines package descriptor metadata for thalos dal contracts.
/// </summary>
public sealed class ThalosDalPackageContract : IBlueprintPackageContract
{
/// <inheritdoc />
public BlueprintPackageDescriptor Descriptor { get; } = new(
"Thalos.DAL.Contracts",
PackageVersionPolicy.Minor,
["Core.Blueprint.Common"]);
}

9
src/Thalos.DAL/Grpc/IdentityPolicyDalGrpcContract.cs Normal file
View File

@ -0,0 +1,9 @@
namespace Thalos.DAL.Grpc;
/// <summary>
/// Defines minimal gRPC contract shape for identity policy dal adapter translation.
/// </summary>
/// <param name="SubjectId">Identity subject identifier.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
/// <param name="PermissionCode">Permission code to evaluate.</param>
public sealed record IdentityPolicyDalGrpcContract(string SubjectId, string TenantId, string PermissionCode);

8
src/Thalos.DAL/Grpc/IdentityTokenDalGrpcContract.cs Normal file
View File

@ -0,0 +1,8 @@
namespace Thalos.DAL.Grpc;
/// <summary>
/// Defines minimal gRPC contract shape for identity token dal adapter translation.
/// </summary>
/// <param name="SubjectId">Identity subject identifier.</param>
/// <param name="TenantId">Tenant scope identifier.</param>
public sealed record IdentityTokenDalGrpcContract(string SubjectId, string TenantId);

8
src/Thalos.DAL/Health/IDalDependencyHealthCheck.cs
View File

@ -1,3 +1,5 @@
using Thalos.DAL.Contracts;
namespace Thalos.DAL.Health; namespace Thalos.DAL.Health;
/// <summary> /// <summary>
@ -5,4 +7,10 @@ namespace Thalos.DAL.Health;
/// </summary> /// </summary>
public interface IDalDependencyHealthCheck public interface IDalDependencyHealthCheck
{ {
/// <summary>
/// Probes dependency health for DAL-owned providers.
/// </summary>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Health status contract for DAL dependency boundaries.</returns>
Task<DalDependencyHealthStatus> CheckAsync(CancellationToken cancellationToken = default);
} }

11
src/Thalos.DAL/Providers/IModuleDataProvider.cs
View File

@ -1,3 +1,5 @@
using Thalos.DAL.Contracts;
namespace Thalos.DAL.Providers; namespace Thalos.DAL.Providers;
/// <summary> /// <summary>
@ -5,4 +7,13 @@ namespace Thalos.DAL.Providers;
/// </summary> /// </summary>
public interface IModuleDataProvider public interface IModuleDataProvider
{ {
/// <summary>
/// Reads module capability metadata for tenant scope.
/// </summary>
/// <param name="request">Module lookup request contract.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Module records matching lookup scope.</returns>
Task<IReadOnlyList<IdentityModuleRecord>> ReadModulesAsync(
IdentityModuleLookupRequest request,
CancellationToken cancellationToken = default);
} }

11
src/Thalos.DAL/Providers/IPermissionDataProvider.cs
View File

@ -1,3 +1,5 @@
using Thalos.DAL.Contracts;
namespace Thalos.DAL.Providers; namespace Thalos.DAL.Providers;
/// <summary> /// <summary>
@ -5,4 +7,13 @@ namespace Thalos.DAL.Providers;
/// </summary> /// </summary>
public interface IPermissionDataProvider public interface IPermissionDataProvider
{ {
/// <summary>
/// Reads permission grants for subject and tenant scope.
/// </summary>
/// <param name="request">Permission lookup request contract.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Permission grant records matching lookup scope.</returns>
Task<IReadOnlyList<IdentityPermissionRecord>> ReadPermissionsAsync(
IdentityPermissionSetLookupRequest request,
CancellationToken cancellationToken = default);
} }

11
src/Thalos.DAL/Providers/IRoleDataProvider.cs
View File

@ -1,3 +1,5 @@
using Thalos.DAL.Contracts;
namespace Thalos.DAL.Providers; namespace Thalos.DAL.Providers;
/// <summary> /// <summary>
@ -5,4 +7,13 @@ namespace Thalos.DAL.Providers;
/// </summary> /// </summary>
public interface IRoleDataProvider public interface IRoleDataProvider
{ {
/// <summary>
/// Reads identity role records for subject and tenant scope.
/// </summary>
/// <param name="request">Role lookup request contract.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Role records matching the lookup scope.</returns>
Task<IReadOnlyList<IdentityRoleRecord>> ReadRolesAsync(
IdentityRoleLookupRequest request,
CancellationToken cancellationToken = default);
} }

11
src/Thalos.DAL/Providers/ITenantDataProvider.cs
View File

@ -1,3 +1,5 @@
using Thalos.DAL.Contracts;
namespace Thalos.DAL.Providers; namespace Thalos.DAL.Providers;
/// <summary> /// <summary>
@ -5,4 +7,13 @@ namespace Thalos.DAL.Providers;
/// </summary> /// </summary>
public interface ITenantDataProvider public interface ITenantDataProvider
{ {
/// <summary>
/// Reads tenant scope metadata for identity policy and token decisions.
/// </summary>
/// <param name="request">Tenant lookup request contract.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Tenant record when found; otherwise null.</returns>
Task<IdentityTenantRecord?> ReadTenantAsync(
IdentityTenantLookupRequest request,
CancellationToken cancellationToken = default);
} }

11
src/Thalos.DAL/Providers/IUserDataProvider.cs
View File

@ -1,3 +1,5 @@
using Thalos.DAL.Contracts;
namespace Thalos.DAL.Providers; namespace Thalos.DAL.Providers;
/// <summary> /// <summary>
@ -5,4 +7,13 @@ namespace Thalos.DAL.Providers;
/// </summary> /// </summary>
public interface IUserDataProvider public interface IUserDataProvider
{ {
/// <summary>
/// Reads an identity user record by subject identifier.
/// </summary>
/// <param name="request">User lookup request contract.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>User record when found; otherwise null.</returns>
Task<IdentityUserRecord?> ReadUserAsync(
IdentityUserLookupRequest request,
CancellationToken cancellationToken = default);
} }

31
src/Thalos.DAL/Repositories/IIdentityRepository.cs
View File

@ -1,3 +1,5 @@
using Thalos.DAL.Contracts;
namespace Thalos.DAL.Repositories; namespace Thalos.DAL.Repositories;
/// <summary> /// <summary>
@ -5,4 +7,33 @@ namespace Thalos.DAL.Repositories;
/// </summary> /// </summary>
public interface IIdentityRepository public interface IIdentityRepository
{ {
/// <summary>
/// Reads token issuance record data for a subject and tenant scope.
/// </summary>
/// <param name="request">Token lookup request contract.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Token record when found; otherwise null.</returns>
Task<IdentityTokenRecord?> ReadIdentityTokenAsync(
IdentityTokenLookupRequest request,
CancellationToken cancellationToken = default);
/// <summary>
/// Reads policy context data required for authorization checks.
/// </summary>
/// <param name="request">Policy lookup request contract.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Policy record when found; otherwise null.</returns>
Task<IdentityPolicyRecord?> ReadIdentityPolicyAsync(
IdentityPolicyLookupRequest request,
CancellationToken cancellationToken = default);
/// <summary>
/// Reads permission set data for subject and tenant scope.
/// </summary>
/// <param name="request">Permission set lookup request contract.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Permission records for the requested scope.</returns>
Task<IReadOnlyList<IdentityPermissionRecord>> ReadPermissionSetAsync(
IdentityPermissionSetLookupRequest request,
CancellationToken cancellationToken = default);
} }

3
src/Thalos.DAL/Thalos.DAL.csproj
View File

@ -4,4 +4,7 @@
<ImplicitUsings>enable</ImplicitUsings> <ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable> <Nullable>enable</Nullable>
</PropertyGroup> </PropertyGroup>
<ItemGroup>
<ProjectReference Include="..\..\..\blueprint-platform\src\Core.Blueprint.Common\Core.Blueprint.Common.csproj" />
</ItemGroup>
</Project> </Project>

23
tests/Thalos.DAL.UnitTests/BoundaryShapeTests.cs
View File

@ -1,6 +1,7 @@
using Thalos.DAL.Health; using Thalos.DAL.Health;
using Thalos.DAL.Providers; using Thalos.DAL.Providers;
using Thalos.DAL.Repositories; using Thalos.DAL.Repositories;
using System.Reflection;
namespace Thalos.DAL.UnitTests; namespace Thalos.DAL.UnitTests;
@ -22,4 +23,26 @@ public class BoundaryShapeTests
Assert.True(typeof(IIdentityRepository).IsInterface); Assert.True(typeof(IIdentityRepository).IsInterface);
Assert.True(typeof(IDalDependencyHealthCheck).IsInterface); Assert.True(typeof(IDalDependencyHealthCheck).IsInterface);
} }
[Fact]
public void IdentityRepository_WhenReflected_ExposesContractMethodsOnly()
{
var methods = typeof(IIdentityRepository).GetMethods(BindingFlags.Public | BindingFlags.Instance);
var methodNames = methods.Select(method => method.Name).OrderBy(name => name).ToArray();
Assert.Equal(
["ReadIdentityPolicyAsync", "ReadIdentityTokenAsync", "ReadPermissionSetAsync"],
methodNames);
}
[Fact]
public void ProviderBoundaries_WhenReflected_ExposeReadOnlyMethods()
{
Assert.Equal("ReadUserAsync", typeof(IUserDataProvider).GetMethods().Single().Name);
Assert.Equal("ReadRolesAsync", typeof(IRoleDataProvider).GetMethods().Single().Name);
Assert.Equal("ReadPermissionsAsync", typeof(IPermissionDataProvider).GetMethods().Single().Name);
Assert.Equal("ReadModulesAsync", typeof(IModuleDataProvider).GetMethods().Single().Name);
Assert.Equal("ReadTenantAsync", typeof(ITenantDataProvider).GetMethods().Single().Name);
Assert.Equal("CheckAsync", typeof(IDalDependencyHealthCheck).GetMethods().Single().Name);
}
} }

44
tests/Thalos.DAL.UnitTests/ContractShapeTests.cs Normal file
View File

@ -0,0 +1,44 @@
using Core.Blueprint.Common.Contracts;
using Thalos.DAL.Contracts;
namespace Thalos.DAL.UnitTests;
public class ContractShapeTests
{
[Fact]
public void IdentityPolicyLookupRequest_WhenCreated_StoresTransportNeutralData()
{
var envelope = new IdentityContractEnvelope("1.0.0", "corr-123");
var request = new IdentityPolicyLookupRequest(envelope, "user-1", "tenant-1", "identity.token.issue");
Assert.Equal("1.0.0", request.Envelope.ContractVersion);
Assert.Equal("corr-123", request.Envelope.CorrelationId);
Assert.Equal("user-1", request.SubjectId);
Assert.Equal("tenant-1", request.TenantId);
Assert.Equal("identity.token.issue", request.PermissionCode);
}
[Fact]
public void IdentityTokenRecord_WhenCreated_StoresTransportNeutralData()
{
var envelope = new IdentityContractEnvelope("1.0.0", "corr-123");
var record = new IdentityTokenRecord(envelope, "user-1", "tenant-1", "token-xyz", 1800);
Assert.Equal("1.0.0", record.Envelope.ContractVersion);
Assert.Equal("corr-123", record.Envelope.CorrelationId);
Assert.Equal("user-1", record.SubjectId);
Assert.Equal("tenant-1", record.TenantId);
Assert.Equal("token-xyz", record.Token);
Assert.Equal(1800, record.ExpiresInSeconds);
}
[Fact]
public void ThalosDalPackageContract_WhenCreated_UsesBlueprintDescriptorContract()
{
IBlueprintPackageContract contract = new ThalosDalPackageContract();
Assert.Equal("Thalos.DAL.Contracts", contract.Descriptor.PackageId);
Assert.Equal(PackageVersionPolicy.Minor, contract.Descriptor.VersionPolicy);
Assert.Contains("Core.Blueprint.Common", contract.Descriptor.DependencyPackageIds);
}
}