@stravigor/core 0.1.0

package/src/generators/test_generator.ts

@@ -0,0 +1,1666 @@
+import { join } from 'node:path'
+import { Archetype } from '../schema/types.ts'
+import type { SchemaDefinition } from '../schema/types.ts'
+import type { DatabaseRepresentation, TableDefinition } from '../schema/database_representation.ts'
+import type { FieldDefinition } from '../schema/field_definition.ts'
+import { toSnakeCase, toCamelCase, toPascalCase, pluralize } from '../helpers/strings.ts'
+import type { GeneratedFile } from './model_generator.ts'
+import type { GeneratorConfig, GeneratorPaths } from './config.ts'
+import { resolvePaths, relativeImport, formatAndWrite } from './config.ts'
+import { ApiRouting, toRouteSegment, toChildSegment } from './route_generator.ts'
+import type { ApiRoutingConfig } from './route_generator.ts'
+
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+
+const DEPENDENT_ARCHETYPES: Set<Archetype> = new Set([
+  Archetype.Component,
+  Archetype.Attribute,
+  Archetype.Event,
+  Archetype.Configuration,
+  Archetype.Contribution,
+])
+
+const SYSTEM_COLUMNS = new Set(['id', 'created_at', 'updated_at', 'deleted_at'])
+
+const API_DEFAULTS: ApiRoutingConfig = {
+  routing: ApiRouting.Prefix,
+  prefix: '/api',
+  subdomain: 'api',
+}
+
+// ---------------------------------------------------------------------------
+// TestGenerator
+// ---------------------------------------------------------------------------
+
+/**
+ * Generate integration test files for the API layer.
+ *
+ * Produces:
+ * - `tests/api/setup.ts` — bootstrap, fixtures, request helpers
+ * - `tests/api/auth.test.ts` — authentication smoke tests
+ * - `tests/api/{schema}.test.ts` — per-schema CRUD tests
+ */
+export default class TestGenerator {
+  private apiConfig: ApiRoutingConfig
+  private paths: GeneratorPaths
+  private schemaMap: Map<string, SchemaDefinition>
+
+  constructor(
+    private schemas: SchemaDefinition[],
+    private representation: DatabaseRepresentation,
+    config?: GeneratorConfig,
+    apiConfig?: Partial<ApiRoutingConfig>
+  ) {
+    this.apiConfig = { ...API_DEFAULTS, ...apiConfig }
+    this.paths = resolvePaths(config)
+    this.schemaMap = new Map(schemas.map(s => [s.name, s]))
+  }
+
+  generate(): GeneratedFile[] {
+    const files: GeneratedFile[] = []
+
+    files.push(this.generateSetup())
+    files.push(this.generateAuthTest())
+
+    for (const schema of this.schemas) {
+      if (schema.archetype === Archetype.Association) continue
+      const table = this.representation.tables.find(t => t.name === toSnakeCase(schema.name))
+      if (!table) continue
+      files.push(this.generateSchemaTest(schema, table))
+    }
+
+    return files
+  }
+
+  async writeAll(): Promise<GeneratedFile[]> {
+    const files = this.generate()
+    await formatAndWrite(files)
+    return files
+  }
+
+  // ---------------------------------------------------------------------------
+  // setup.ts
+  // ---------------------------------------------------------------------------
+
+  private generateSetup(): GeneratedFile {
+    const isSubdomain = this.apiConfig.routing === ApiRouting.Subdomain
+    const routesImport = relativeImport(this.paths.tests, this.paths.routes)
+    const userSchema = this.findUserEntity()
+    const userPkName = userSchema ? this.findSchemaPK(userSchema.name) : 'id'
+    const userPkIsUuid = userSchema
+      ? this.getPkType(userSchema) === 'uuid'
+      : true
+
+    const lines: string[] = [
+      '// Generated by Strav — DO NOT EDIT',
+      `import 'reflect-metadata'`,
+      `import { app } from '@stravigor/core/core'`,
+      `import Configuration from '@stravigor/core/config/configuration'`,
+      `import Database from '@stravigor/core/database/database'`,
+      `import Router from '@stravigor/core/http/router'`,
+      `import Logger from '@stravigor/core/logger/logger'`,
+      `import BaseModel from '@stravigor/core/orm/base_model'`,
+      `import Auth from '@stravigor/core/auth/auth'`,
+      `import AccessToken from '@stravigor/core/auth/access_token'`,
+      '',
+      '// ---------------------------------------------------------------------------',
+      '// Bootstrap (mirrors index.ts, minus Server)',
+      '// ---------------------------------------------------------------------------',
+      '',
+      'app.singleton(Configuration)',
+      'app.singleton(Database)',
+      'app.singleton(Router)',
+      'app.singleton(Logger)',
+      'app.singleton(Auth)',
+      '',
+      'const config = app.resolve(Configuration)',
+      'await config.load()',
+      '',
+      'const db = app.resolve(Database)',
+      'new BaseModel(db)',
+      '',
+      'app.resolve(Auth)',
+      'await Auth.ensureTables()',
+      'Auth.useResolver(async id => {',
+    ]
+
+    if (userSchema) {
+      const modelImport = relativeImport(this.paths.tests, this.paths.models)
+      const modelFile = toSnakeCase(userSchema.name)
+      lines.push(`  const { default: ${toPascalCase(userSchema.name)} } = await import('${modelImport}/${modelFile}')`)
+      lines.push(`  return ${toPascalCase(userSchema.name)}.find(id as string)`)
+    } else {
+      lines.push(`  return null`)
+    }
+
+    lines.push('})')
+    lines.push('')
+    lines.push(`// Load routes`)
+    lines.push(`await import('${routesImport}/api_routes')`)
+    lines.push('')
+    lines.push('export const routerInstance = app.resolve(Router)')
+    lines.push('')
+
+    // ---------------------------------------------------------------------------
+    // Test fixtures
+    // ---------------------------------------------------------------------------
+
+    lines.push('// ---------------------------------------------------------------------------')
+    lines.push('// Test fixtures')
+    lines.push('// ---------------------------------------------------------------------------')
+    lines.push('')
+    lines.push('export let testUserPid: string')
+    lines.push('export let token: string')
+    lines.push('')
+
+    // createTestUser
+    lines.push('export async function createTestUser(): Promise<void> {')
+    if (userSchema) {
+      const snakeUser = toSnakeCase(userSchema.name)
+      const pkCol = toSnakeCase(userPkName)
+      const insertCols = [pkCol]
+      const insertVals: string[] = []
+
+      if (userPkIsUuid) {
+        lines.push('  const pid = crypto.randomUUID()')
+        insertVals.push('${pid}')
+      } else {
+        lines.push('  const pid = 1')
+        insertVals.push('${pid}')
+      }
+
+      // Add required non-PK, non-system fields
+      for (const [fieldName, fieldDef] of Object.entries(userSchema.fields)) {
+        if (fieldDef.primaryKey) continue
+        const colName = toSnakeCase(fieldName)
+        if (SYSTEM_COLUMNS.has(colName)) continue
+        if (!fieldDef.required) continue
+
+        insertCols.push(colName)
+        insertVals.push(`\${'${this.fixtureValue(fieldName, fieldDef)}'}`)
+      }
+
+      // Add timestamps
+      insertCols.push('created_at', 'updated_at')
+      insertVals.push('NOW()', 'NOW()')
+
+      lines.push(`  await db.sql\``)
+      lines.push(`    INSERT INTO "${snakeUser}" ("${insertCols.join('", "')}")`)
+
+      const valueParts = insertVals.map(v => {
+        if (v === 'NOW()') return v
+        return v
+      })
+      lines.push(`    VALUES (${valueParts.join(', ')})`)
+
+      // Use ON CONFLICT on unique columns
+      const uniqueField = Object.entries(userSchema.fields).find(
+        ([, fd]) => fd.unique && !fd.primaryKey
+      )
+      if (uniqueField) {
+        lines.push(`    ON CONFLICT ("${toSnakeCase(uniqueField[0])}") DO NOTHING`)
+      }
+
+      lines.push(`  \``)
+      lines.push('  testUserPid = String(pid)')
+    } else {
+      lines.push('  testUserPid = crypto.randomUUID()')
+    }
+
+    lines.push('')
+    lines.push('  const result = await AccessToken.create(testUserPid, \'test-token\')')
+    lines.push('  token = result.token')
+    lines.push('}')
+    lines.push('')
+
+    // cleanup
+    lines.push('export async function cleanup(): Promise<void> {')
+    const deleteOrder = this.cleanupOrder()
+    for (const tableName of deleteOrder) {
+      lines.push(`  await db.sql\`DELETE FROM "${tableName}" WHERE 1=1\``)
+    }
+    lines.push('}')
+    lines.push('')
+
+    // closeDb
+    lines.push('export async function closeDb(): Promise<void> {')
+    lines.push('  await db.close()')
+    lines.push('}')
+    lines.push('')
+
+    // ---------------------------------------------------------------------------
+    // Request helpers
+    // ---------------------------------------------------------------------------
+
+    lines.push('// ---------------------------------------------------------------------------')
+    lines.push('// Request helpers')
+    lines.push('// ---------------------------------------------------------------------------')
+    lines.push('')
+
+    if (isSubdomain) {
+      const sub = this.apiConfig.subdomain
+      lines.push('export async function request(')
+      lines.push('  method: string,')
+      lines.push('  path: string,')
+      lines.push('  body?: Record<string, unknown>')
+      lines.push('): Promise<Response> {')
+      lines.push('  const headers: Record<string, string> = {')
+      lines.push('    Authorization: `Bearer ${token}`,')
+      lines.push(`    Host: '${sub}.localhost',`)
+      lines.push('  }')
+      lines.push('')
+      lines.push('  let requestBody: string | undefined')
+      lines.push('  if (body) {')
+      lines.push(`    headers['Content-Type'] = 'application/json'`)
+      lines.push('    requestBody = JSON.stringify(body)')
+      lines.push('  }')
+      lines.push('')
+      lines.push('  const response = routerInstance.handle(')
+      lines.push(`    new Request(\`http://${sub}.localhost\${path}\`, {`)
+      lines.push('      method,')
+      lines.push('      headers,')
+      lines.push('      body: requestBody,')
+      lines.push('    })')
+      lines.push('  )')
+      lines.push('')
+      lines.push(`  return (await response) ?? new Response('Not Found', { status: 404 })`)
+      lines.push('}')
+      lines.push('')
+
+      lines.push('export async function requestNoAuth(')
+      lines.push('  method: string,')
+      lines.push('  path: string,')
+      lines.push('  body?: Record<string, unknown>')
+      lines.push('): Promise<Response> {')
+      lines.push('  const headers: Record<string, string> = {')
+      lines.push(`    Host: '${sub}.localhost',`)
+      lines.push('  }')
+      lines.push('')
+      lines.push('  let requestBody: string | undefined')
+      lines.push('  if (body) {')
+      lines.push(`    headers['Content-Type'] = 'application/json'`)
+      lines.push('    requestBody = JSON.stringify(body)')
+      lines.push('  }')
+      lines.push('')
+      lines.push('  const response = routerInstance.handle(')
+      lines.push(`    new Request(\`http://${sub}.localhost\${path}\`, {`)
+      lines.push('      method,')
+      lines.push('      headers,')
+      lines.push('      body: requestBody,')
+      lines.push('    })')
+      lines.push('  )')
+      lines.push('')
+      lines.push(`  return (await response) ?? new Response('Not Found', { status: 404 })`)
+      lines.push('}')
+    } else {
+      lines.push('export async function request(')
+      lines.push('  method: string,')
+      lines.push('  path: string,')
+      lines.push('  body?: Record<string, unknown>')
+      lines.push('): Promise<Response> {')
+      lines.push('  const headers: Record<string, string> = {')
+      lines.push('    Authorization: `Bearer ${token}`,')
+      lines.push('  }')
+      lines.push('')
+      lines.push('  let requestBody: string | undefined')
+      lines.push('  if (body) {')
+      lines.push(`    headers['Content-Type'] = 'application/json'`)
+      lines.push('    requestBody = JSON.stringify(body)')
+      lines.push('  }')
+      lines.push('')
+      lines.push('  const response = routerInstance.handle(')
+      lines.push('    new Request(`http://localhost${path}`, {')
+      lines.push('      method,')
+      lines.push('      headers,')
+      lines.push('      body: requestBody,')
+      lines.push('    })')
+      lines.push('  )')
+      lines.push('')
+      lines.push(`  return (await response) ?? new Response('Not Found', { status: 404 })`)
+      lines.push('}')
+      lines.push('')
+
+      lines.push('export async function requestNoAuth(')
+      lines.push('  method: string,')
+      lines.push('  path: string,')
+      lines.push('  body?: Record<string, unknown>')
+      lines.push('): Promise<Response> {')
+      lines.push('  const headers: Record<string, string> = {}')
+      lines.push('')
+      lines.push('  let requestBody: string | undefined')
+      lines.push('  if (body) {')
+      lines.push(`    headers['Content-Type'] = 'application/json'`)
+      lines.push('    requestBody = JSON.stringify(body)')
+      lines.push('  }')
+      lines.push('')
+      lines.push('  const response = routerInstance.handle(')
+      lines.push('    new Request(`http://localhost${path}`, {')
+      lines.push('      method,')
+      lines.push('      headers,')
+      lines.push('      body: requestBody,')
+      lines.push('    })')
+      lines.push('  )')
+      lines.push('')
+      lines.push(`  return (await response) ?? new Response('Not Found', { status: 404 })`)
+      lines.push('}')
+    }
+
+    lines.push('')
+
+    return {
+      path: join(this.paths.tests, 'setup.ts'),
+      content: lines.join('\n'),
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // auth.test.ts
+  // ---------------------------------------------------------------------------
+
+  private generateAuthTest(): GeneratedFile {
+    // Find any root-level resource to use for auth testing
+    const rootSchema = this.schemas.find(
+      s => s.archetype === Archetype.Reference || s.archetype === Archetype.Entity
+    )
+    const testPath = rootSchema ? this.buildRoutePath(rootSchema) : '/api/health'
+
+    const lines: string[] = [
+      '// Generated by Strav — DO NOT EDIT',
+      `import { describe, test, expect, beforeAll, afterAll } from 'bun:test'`,
+      `import { createTestUser, cleanup, request, requestNoAuth, routerInstance } from './setup'`,
+      '',
+      'beforeAll(async () => {',
+      '  await cleanup()',
+      '  await createTestUser()',
+      '})',
+      '',
+      'afterAll(async () => {',
+      '  await cleanup()',
+      '})',
+      '',
+      `describe('bearer token authentication', () => {`,
+      `  test('valid token returns 200', async () => {`,
+      `    const res = await request('GET', '${testPath}')`,
+      `    expect(res.status).toBe(200)`,
+      `  })`,
+      '',
+      `  test('missing Authorization header returns 401', async () => {`,
+      `    const res = await requestNoAuth('GET', '${testPath}')`,
+      `    expect(res.status).toBe(401)`,
+      `    const body = (await res.json()) as any`,
+      `    expect(body.error).toBe('Unauthenticated')`,
+      `  })`,
+      '',
+      `  test('invalid token returns 401', async () => {`,
+      `    const response = routerInstance.handle(`,
+      `      new Request('${this.requestBaseUrl()}${testPath}', {`,
+      `        headers: {`,
+      `          Authorization: 'Bearer totally_invalid_garbage_token_value',`,
+    ]
+
+    if (this.apiConfig.routing === ApiRouting.Subdomain) {
+      lines.push(`          Host: '${this.apiConfig.subdomain}.localhost',`)
+    }
+
+    lines.push(
+      `        },`,
+      `      })`,
+      `    )`,
+      `    const res = (await response)!`,
+      `    expect(res.status).toBe(401)`,
+      `  })`,
+      '',
+      `  test('malformed Authorization header returns 401', async () => {`,
+      `    const response = routerInstance.handle(`,
+      `      new Request('${this.requestBaseUrl()}${testPath}', {`,
+      `        headers: {`,
+      `          Authorization: 'NotBearer some_token',`,
+    )
+
+    if (this.apiConfig.routing === ApiRouting.Subdomain) {
+      lines.push(`          Host: '${this.apiConfig.subdomain}.localhost',`)
+    }
+
+    lines.push(
+      `        },`,
+      `      })`,
+      `    )`,
+      `    const res = (await response)!`,
+      `    expect(res.status).toBe(401)`,
+      `  })`,
+      '})',
+      '',
+    )
+
+    return {
+      path: join(this.paths.tests, 'auth.test.ts'),
+      content: lines.join('\n'),
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Per-schema tests
+  // ---------------------------------------------------------------------------
+
+  private generateSchemaTest(schema: SchemaDefinition, table: TableDefinition): GeneratedFile {
+    switch (schema.archetype) {
+      case Archetype.Entity:
+        return this.generateEntityTest(schema, table)
+      case Archetype.Contribution:
+        return this.generateContributionTest(schema, table)
+      case Archetype.Reference:
+        return this.generateReferenceTest(schema, table)
+      case Archetype.Attribute:
+        return this.generateAttributeTest(schema, table)
+      case Archetype.Component:
+        return this.generateComponentTest(schema, table)
+      case Archetype.Event:
+        return this.generateEventTest(schema, table)
+      case Archetype.Configuration:
+        return this.generateConfigurationTest(schema, table)
+      default:
+        return this.generateEntityTest(schema, table)
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Entity tests
+  // ---------------------------------------------------------------------------
+
+  private generateEntityTest(schema: SchemaDefinition, table: TableDefinition): GeneratedFile {
+    const snakeName = toSnakeCase(schema.name)
+    const displayName = snakeName.replace(/_/g, ' ')
+    const routePath = this.buildRoutePath(schema)
+    const pkName = this.findSchemaPK(schema.name)
+    const hasSoftDelete = this.hasSoftDelete(table)
+    const storePayload = this.buildTestPayload(schema, table, 'store')
+    const updatePayload = this.buildTestPayload(schema, table, 'update')
+    const firstRequiredField = this.findFirstRequiredField(schema)
+
+    const lines: string[] = [
+      '// Generated by Strav — DO NOT EDIT',
+      `import { describe, test, expect, beforeAll, afterAll } from 'bun:test'`,
+      `import { createTestUser, cleanup, request } from './setup'`,
+      '',
+      'beforeAll(async () => {',
+      '  await cleanup()',
+      '  await createTestUser()',
+      '})',
+      '',
+      'afterAll(async () => {',
+      '  await cleanup()',
+      '})',
+      '',
+      `describe('entity archetype: ${snakeName} (full CRUD${hasSoftDelete ? ' + soft delete' : ''})', () => {`,
+      `  let createdId: string | number`,
+      '',
+      `  test('POST ${routePath} → 201 (create)', async () => {`,
+      `    const res = await request('POST', '${routePath}', ${storePayload})`,
+      `    expect(res.status).toBe(201)`,
+      `    const body = (await res.json()) as any`,
+    ]
+
+    // Assert first field value
+    const firstField = this.getFirstFieldForAssertion(schema)
+    if (firstField) {
+      lines.push(`    expect(body.${firstField.camel}).toBe(${firstField.value})`)
+    }
+
+    lines.push(
+      `    expect(body.${toCamelCase(pkName)}).toBeDefined()`,
+      `    createdId = body.${toCamelCase(pkName)}`,
+      `  })`,
+      '',
+      `  test('GET ${routePath} → 200 (list)', async () => {`,
+      `    const res = await request('GET', '${routePath}')`,
+      `    expect(res.status).toBe(200)`,
+      `    const body = (await res.json()) as any[]`,
+      `    expect(Array.isArray(body)).toBe(true)`,
+      `    expect(body.length).toBeGreaterThanOrEqual(1)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 200 (show)', async () => {`,
+      `    const res = await request('GET', \`${routePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `  })`,
+      '',
+    )
+
+    if (Object.keys(updatePayload).length > 0) {
+      lines.push(
+        `  test('PUT ${routePath}/:id → 200 (update)', async () => {`,
+        `    const res = await request('PUT', \`${routePath}/\${createdId}\`, ${updatePayload})`,
+        `    expect(res.status).toBe(200)`,
+        `  })`,
+        '',
+      )
+    }
+
+    lines.push(
+      `  test('DELETE ${routePath}/:id → 200 (${hasSoftDelete ? 'soft ' : ''}delete)', async () => {`,
+      `    const res = await request('DELETE', \`${routePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `    const body = (await res.json()) as any`,
+      `    expect(body.ok).toBe(true)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 404 after ${hasSoftDelete ? 'soft ' : ''}delete', async () => {`,
+      `    const res = await request('GET', \`${routePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '',
+    )
+
+    // Validation test
+    if (firstRequiredField) {
+      lines.push(
+        `  test('POST ${routePath} with missing required fields → 422', async () => {`,
+        `    const res = await request('POST', '${routePath}', {})`,
+        `    expect(res.status).toBe(422)`,
+        `    const body = (await res.json()) as any`,
+        `    expect(body.errors).toBeDefined()`,
+        `  })`,
+        '',
+      )
+    }
+
+    lines.push(
+      `  test('GET ${routePath}/:id with nonexistent id → 404', async () => {`,
+      `    const res = await request('GET', '${routePath}/00000000-0000-0000-0000-000000000000')`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '})',
+      '',
+    )
+
+    return {
+      path: join(this.paths.tests, `${snakeName}.test.ts`),
+      content: lines.join('\n'),
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Contribution tests (dependent, full CRUD + soft delete)
+  // ---------------------------------------------------------------------------
+
+  private generateContributionTest(schema: SchemaDefinition, table: TableDefinition): GeneratedFile {
+    const snakeName = toSnakeCase(schema.name)
+    const displayName = snakeName.replace(/_/g, ' ')
+    const parentName = schema.parent!
+    const routePath = this.buildRoutePath(schema)
+    const hasSoftDelete = this.hasSoftDelete(table)
+    const storePayload = this.buildTestPayload(schema, table, 'store')
+    const updatePayload = this.buildTestPayload(schema, table, 'update')
+    const parentChain = this.buildParentChain(schema)
+
+    const lines: string[] = [
+      '// Generated by Strav — DO NOT EDIT',
+      `import { describe, test, expect, beforeAll, afterAll } from 'bun:test'`,
+      `import { createTestUser, cleanup, request, testUserPid } from './setup'`,
+      '',
+    ]
+
+    // Parent chain variable declarations
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push(`let ${p.varName}: string | number`)
+    }
+    if (parentChain.some(p => !p.isTestUser)) lines.push('')
+
+    lines.push(
+      'beforeAll(async () => {',
+      '  await cleanup()',
+      '  await createTestUser()',
+    )
+
+    // Create parent chain
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push('')
+      lines.push(`  // Create ${p.schemaName} to serve as parent`)
+      lines.push(`  const ${p.varName}Res = await request('POST', \`${p.createPath}\`, ${p.createPayload})`)
+      lines.push(`  const ${p.varName}Data = (await ${p.varName}Res.json()) as any`)
+      lines.push(`  ${p.varName} = ${p.varName}Data.${p.pkField}`)
+    }
+
+    lines.push(
+      '})',
+      '',
+      'afterAll(async () => {',
+      '  await cleanup()',
+      '})',
+      '',
+      `describe('contribution archetype: ${snakeName} (full CRUD${hasSoftDelete ? ' + soft delete' : ''}, parent: ${parentName})', () => {`,
+      `  let createdId: string | number`,
+      '',
+    )
+
+    const testRoutePath = this.buildTestRoutePath(schema, parentChain)
+
+    lines.push(
+      `  test('POST ${routePath} → 201 (create with parent FK)', async () => {`,
+      `    const res = await request('POST', \`${testRoutePath}\`, ${storePayload})`,
+      `    expect(res.status).toBe(201)`,
+      `    const data = (await res.json()) as any`,
+    )
+    const firstField = this.getFirstFieldForAssertion(schema)
+    if (firstField) {
+      lines.push(`    expect(data.${firstField.camel}).toBe(${firstField.value})`)
+    }
+    lines.push(
+      `    expect(data.id).toBeDefined()`,
+      `    createdId = data.id`,
+      `  })`,
+      '',
+      `  test('GET ${routePath} → 200 (list by parent)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `    const data = (await res.json()) as any[]`,
+      `    expect(Array.isArray(data)).toBe(true)`,
+      `    expect(data.length).toBeGreaterThanOrEqual(1)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 200 (show)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `  })`,
+      '',
+    )
+
+    if (Object.keys(updatePayload).length > 0) {
+      lines.push(
+        `  test('PUT ${routePath}/:id → 200 (update)', async () => {`,
+        `    const res = await request('PUT', \`${testRoutePath}/\${createdId}\`, ${updatePayload})`,
+        `    expect(res.status).toBe(200)`,
+        `  })`,
+        '',
+      )
+    }
+
+    lines.push(
+      `  test('DELETE ${routePath}/:id → 200 (${hasSoftDelete ? 'soft ' : ''}delete)', async () => {`,
+      `    const res = await request('DELETE', \`${testRoutePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `    const data = (await res.json()) as any`,
+      `    expect(data.ok).toBe(true)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 404 after ${hasSoftDelete ? 'soft ' : ''}delete', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '})',
+      '',
+    )
+
+    return {
+      path: join(this.paths.tests, `${snakeName}.test.ts`),
+      content: lines.join('\n'),
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Reference tests (root-level, full CRUD, no soft delete)
+  // ---------------------------------------------------------------------------
+
+  private generateReferenceTest(schema: SchemaDefinition, table: TableDefinition): GeneratedFile {
+    const snakeName = toSnakeCase(schema.name)
+    const routePath = this.buildRoutePath(schema)
+    const storePayload = this.buildTestPayload(schema, table, 'store')
+    const updatePayload = this.buildTestPayload(schema, table, 'update')
+
+    const lines: string[] = [
+      '// Generated by Strav — DO NOT EDIT',
+      `import { describe, test, expect, beforeAll, afterAll } from 'bun:test'`,
+      `import { createTestUser, cleanup, request } from './setup'`,
+      '',
+      'beforeAll(async () => {',
+      '  await cleanup()',
+      '  await createTestUser()',
+      '})',
+      '',
+      'afterAll(async () => {',
+      '  await cleanup()',
+      '})',
+      '',
+      `describe('reference archetype: ${snakeName} (full CRUD, no soft delete)', () => {`,
+      `  let createdId: string | number`,
+      '',
+      `  test('POST ${routePath} → 201 (create)', async () => {`,
+      `    const res = await request('POST', '${routePath}', ${storePayload})`,
+      `    expect(res.status).toBe(201)`,
+      `    const body = (await res.json()) as any`,
+    ]
+
+    const firstField = this.getFirstFieldForAssertion(schema)
+    if (firstField) {
+      lines.push(`    expect(body.${firstField.camel}).toBe(${firstField.value})`)
+    }
+
+    lines.push(
+      `    expect(body.id).toBeDefined()`,
+      `    createdId = body.id`,
+      `  })`,
+      '',
+      `  test('GET ${routePath} → 200 (list)', async () => {`,
+      `    const res = await request('GET', '${routePath}')`,
+      `    expect(res.status).toBe(200)`,
+      `    const body = (await res.json()) as any[]`,
+      `    expect(Array.isArray(body)).toBe(true)`,
+      `    expect(body.length).toBeGreaterThanOrEqual(1)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 200 (show)', async () => {`,
+      `    const res = await request('GET', \`${routePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `  })`,
+      '',
+    )
+
+    if (Object.keys(updatePayload).length > 0) {
+      lines.push(
+        `  test('PUT ${routePath}/:id → 200 (update)', async () => {`,
+        `    const res = await request('PUT', \`${routePath}/\${createdId}\`, ${updatePayload})`,
+        `    expect(res.status).toBe(200)`,
+        `  })`,
+        '',
+      )
+    }
+
+    lines.push(
+      `  test('DELETE ${routePath}/:id → 200 (hard delete)', async () => {`,
+      `    const res = await request('DELETE', \`${routePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `    const body = (await res.json()) as any`,
+      `    expect(body.ok).toBe(true)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 404 after delete', async () => {`,
+      `    const res = await request('GET', \`${routePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '})',
+      '',
+    )
+
+    return {
+      path: join(this.paths.tests, `${snakeName}.test.ts`),
+      content: lines.join('\n'),
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Attribute tests (dependent, full CRUD)
+  // ---------------------------------------------------------------------------
+
+  private generateAttributeTest(schema: SchemaDefinition, table: TableDefinition): GeneratedFile {
+    const snakeName = toSnakeCase(schema.name)
+    const parentName = schema.parent!
+    const routePath = this.buildRoutePath(schema)
+    const storePayload = this.buildTestPayload(schema, table, 'store')
+    const updatePayload = this.buildTestPayload(schema, table, 'update')
+    const parentChain = this.buildParentChain(schema)
+
+    const lines: string[] = [
+      '// Generated by Strav — DO NOT EDIT',
+      `import { describe, test, expect, beforeAll, afterAll } from 'bun:test'`,
+      `import { createTestUser, cleanup, request, testUserPid } from './setup'`,
+      '',
+    ]
+
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push(`let ${p.varName}: string | number`)
+    }
+    if (parentChain.some(p => !p.isTestUser)) lines.push('')
+
+    lines.push(
+      'beforeAll(async () => {',
+      '  await cleanup()',
+      '  await createTestUser()',
+    )
+
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push('')
+      lines.push(`  // Create a ${p.schemaName} to serve as parent`)
+      lines.push(`  const ${p.varName}Res = await request('POST', \`${p.createPath}\`, ${p.createPayload})`)
+      lines.push(`  const ${p.varName}Data = (await ${p.varName}Res.json()) as any`)
+      lines.push(`  ${p.varName} = ${p.varName}Data.${p.pkField}`)
+    }
+
+    lines.push(
+      '})',
+      '',
+      'afterAll(async () => {',
+      '  await cleanup()',
+      '})',
+      '',
+      `describe('attribute archetype: ${snakeName} (full CRUD, parent: ${parentName})', () => {`,
+      `  let createdId: string | number`,
+      '',
+    )
+
+    const testRoutePath = this.buildTestRoutePath(schema, parentChain)
+
+    lines.push(
+      `  test('POST ${routePath} → 201 (create)', async () => {`,
+      `    const res = await request('POST', \`${testRoutePath}\`, ${storePayload})`,
+      `    expect(res.status).toBe(201)`,
+      `    const data = (await res.json()) as any`,
+      `    expect(data.id).toBeDefined()`,
+      `    createdId = data.id`,
+      `  })`,
+      '',
+      `  test('GET ${routePath} → 200 (list by parent)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `    const data = (await res.json()) as any[]`,
+      `    expect(Array.isArray(data)).toBe(true)`,
+      `    expect(data.length).toBe(1)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 200 (show)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `  })`,
+      '',
+    )
+
+    if (Object.keys(updatePayload).length > 0) {
+      lines.push(
+        `  test('PUT ${routePath}/:id → 200 (update)', async () => {`,
+        `    const res = await request('PUT', \`${testRoutePath}/\${createdId}\`, ${updatePayload})`,
+        `    expect(res.status).toBe(200)`,
+        `  })`,
+        '',
+      )
+    }
+
+    lines.push(
+      `  test('DELETE ${routePath}/:id → 200 (delete)', async () => {`,
+      `    const res = await request('DELETE', \`${testRoutePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `    const data = (await res.json()) as any`,
+      `    expect(data.ok).toBe(true)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 404 after delete', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '})',
+      '',
+    )
+
+    return {
+      path: join(this.paths.tests, `${snakeName}.test.ts`),
+      content: lines.join('\n'),
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Component tests (dependent, index/show/update only)
+  // ---------------------------------------------------------------------------
+
+  private generateComponentTest(schema: SchemaDefinition, table: TableDefinition): GeneratedFile {
+    const snakeName = toSnakeCase(schema.name)
+    const className = toPascalCase(schema.name)
+    const parentName = schema.parent!
+    const routePath = this.buildRoutePath(schema)
+    const updatePayload = this.buildTestPayload(schema, table, 'update')
+    const parentChain = this.buildParentChain(schema)
+    const modelImport = relativeImport(this.paths.tests, this.paths.models)
+
+    const lines: string[] = [
+      '// Generated by Strav — DO NOT EDIT',
+      `import { describe, test, expect, beforeAll, afterAll } from 'bun:test'`,
+      `import { createTestUser, cleanup, request, testUserPid } from './setup'`,
+      '',
+    ]
+
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push(`let ${p.varName}: string | number`)
+    }
+
+    lines.push('let contentId: string | number')
+    lines.push('')
+
+    lines.push(
+      'beforeAll(async () => {',
+      '  await cleanup()',
+      '  await createTestUser()',
+    )
+
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push('')
+      lines.push(`  // Create a ${p.schemaName} to serve as parent`)
+      lines.push(`  const ${p.varName}Res = await request('POST', \`${p.createPath}\`, ${p.createPayload})`)
+      lines.push(`  const ${p.varName}Data = (await ${p.varName}Res.json()) as any`)
+      lines.push(`  ${p.varName} = ${p.varName}Data.${p.pkField}`)
+    }
+
+    // Component has no store route — create via model
+    const directParent = parentChain[parentChain.length - 1]!
+    const parentFkProp = this.getParentFkProp(schema)
+    const createData = this.buildModelCreateData(schema, table, directParent)
+
+    lines.push('')
+    lines.push(`  // Component has no store action, so create via model directly`)
+    lines.push(`  const { default: ${className} } = await import('${modelImport}/${snakeName}')`)
+    lines.push(`  const record = await ${className}.create(${createData})`)
+    lines.push(`  contentId = record.id`)
+
+    lines.push(
+      '})',
+      '',
+      'afterAll(async () => {',
+      '  await cleanup()',
+      '})',
+      '',
+      `describe('component archetype: ${snakeName} (index, show, update only)', () => {`,
+      '',
+    )
+
+    const testRoutePath = this.buildTestRoutePath(schema, parentChain)
+
+    lines.push(
+      `  test('GET ${routePath} → 200 (list by parent)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `    const data = (await res.json()) as any[]`,
+      `    expect(Array.isArray(data)).toBe(true)`,
+      `    expect(data.length).toBe(1)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 200 (show)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}/\${contentId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `  })`,
+      '',
+    )
+
+    if (Object.keys(updatePayload).length > 0) {
+      lines.push(
+        `  test('PUT ${routePath}/:id → 200 (update)', async () => {`,
+        `    const res = await request('PUT', \`${testRoutePath}/\${contentId}\`, ${updatePayload})`,
+        `    expect(res.status).toBe(200)`,
+        `  })`,
+        '',
+      )
+    }
+
+    lines.push(
+      `  test('POST ${routePath} → 404 (no store route)', async () => {`,
+      `    const res = await request('POST', \`${testRoutePath}\`, {})`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '',
+      `  test('DELETE ${routePath}/:id → 404 (no destroy route)', async () => {`,
+      `    const res = await request('DELETE', \`${testRoutePath}/\${contentId}\`)`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '})',
+      '',
+    )
+
+    return {
+      path: join(this.paths.tests, `${snakeName}.test.ts`),
+      content: lines.join('\n'),
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Event tests (dependent, index/show/store — append only)
+  // ---------------------------------------------------------------------------
+
+  private generateEventTest(schema: SchemaDefinition, table: TableDefinition): GeneratedFile {
+    const snakeName = toSnakeCase(schema.name)
+    const parentName = schema.parent!
+    const routePath = this.buildRoutePath(schema)
+    const storePayload = this.buildTestPayload(schema, table, 'store')
+    const parentChain = this.buildParentChain(schema)
+
+    const lines: string[] = [
+      '// Generated by Strav — DO NOT EDIT',
+      `import { describe, test, expect, beforeAll, afterAll } from 'bun:test'`,
+      `import { createTestUser, cleanup, request, testUserPid } from './setup'`,
+      '',
+    ]
+
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push(`let ${p.varName}: string | number`)
+    }
+    if (parentChain.some(p => !p.isTestUser)) lines.push('')
+
+    lines.push(
+      'beforeAll(async () => {',
+      '  await cleanup()',
+      '  await createTestUser()',
+    )
+
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push('')
+      lines.push(`  // Create a ${p.schemaName} to serve as parent`)
+      lines.push(`  const ${p.varName}Res = await request('POST', \`${p.createPath}\`, ${p.createPayload})`)
+      lines.push(`  const ${p.varName}Data = (await ${p.varName}Res.json()) as any`)
+      lines.push(`  ${p.varName} = ${p.varName}Data.${p.pkField}`)
+    }
+
+    lines.push(
+      '})',
+      '',
+      'afterAll(async () => {',
+      '  await cleanup()',
+      '})',
+      '',
+      `describe('event archetype: ${snakeName} (index, show, store — append only)', () => {`,
+      `  let createdId: string | number`,
+      '',
+    )
+
+    const testRoutePath = this.buildTestRoutePath(schema, parentChain)
+
+    lines.push(
+      `  test('POST ${routePath} → 201 (append)', async () => {`,
+      `    const res = await request('POST', \`${testRoutePath}\`, ${storePayload})`,
+      `    expect(res.status).toBe(201)`,
+      `    const data = (await res.json()) as any`,
+      `    expect(data.id).toBeDefined()`,
+      `    createdId = data.id`,
+      `  })`,
+      '',
+      `  test('GET ${routePath} → 200 (list by parent)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `    const data = (await res.json()) as any[]`,
+      `    expect(Array.isArray(data)).toBe(true)`,
+      `    expect(data.length).toBeGreaterThanOrEqual(1)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath}/:id → 200 (show)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `  })`,
+      '',
+      `  test('PUT ${routePath}/:id → 404 (no update route)', async () => {`,
+      `    const res = await request('PUT', \`${testRoutePath}/\${createdId}\`, {})`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '',
+      `  test('DELETE ${routePath}/:id → 404 (no destroy route)', async () => {`,
+      `    const res = await request('DELETE', \`${testRoutePath}/\${createdId}\`)`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '})',
+      '',
+    )
+
+    return {
+      path: join(this.paths.tests, `${snakeName}.test.ts`),
+      content: lines.join('\n'),
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Configuration tests (dependent, singleton — show/upsert/reset)
+  // ---------------------------------------------------------------------------
+
+  private generateConfigurationTest(schema: SchemaDefinition, table: TableDefinition): GeneratedFile {
+    const snakeName = toSnakeCase(schema.name)
+    const parentName = schema.parent!
+    const routePath = this.buildRoutePath(schema)
+    const storePayload = this.buildTestPayload(schema, table, 'store')
+    const updatePayload = this.buildTestPayload(schema, table, 'update')
+    const parentChain = this.buildParentChain(schema)
+
+    const lines: string[] = [
+      '// Generated by Strav — DO NOT EDIT',
+      `import { describe, test, expect, beforeAll, afterAll } from 'bun:test'`,
+      `import { createTestUser, cleanup, request, testUserPid } from './setup'`,
+      '',
+    ]
+
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push(`let ${p.varName}: string | number`)
+    }
+    if (parentChain.some(p => !p.isTestUser)) lines.push('')
+
+    lines.push(
+      'beforeAll(async () => {',
+      '  await cleanup()',
+      '  await createTestUser()',
+    )
+
+    for (const p of parentChain) {
+      if (p.isTestUser) continue
+      lines.push('')
+      lines.push(`  // Create a ${p.schemaName} to serve as parent`)
+      lines.push(`  const ${p.varName}Res = await request('POST', \`${p.createPath}\`, ${p.createPayload})`)
+      lines.push(`  const ${p.varName}Data = (await ${p.varName}Res.json()) as any`)
+      lines.push(`  ${p.varName} = ${p.varName}Data.${p.pkField}`)
+    }
+
+    lines.push(
+      '})',
+      '',
+      'afterAll(async () => {',
+      '  await cleanup()',
+      '})',
+      '',
+      `describe('configuration archetype: ${snakeName} (show, upsert, reset — singleton)', () => {`,
+      '',
+    )
+
+    const testRoutePath = this.buildTestRoutePath(schema, parentChain)
+
+    lines.push(
+      `  test('GET ${routePath} → 404 (no config yet)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}\`)`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '',
+      `  test('PUT ${routePath} → 200 (upsert — create)', async () => {`,
+      `    const res = await request('PUT', \`${testRoutePath}\`, ${storePayload})`,
+      `    expect(res.status).toBe(200)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath} → 200 (show after upsert)', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `  })`,
+      '',
+    )
+
+    if (Object.keys(updatePayload).length > 0) {
+      lines.push(
+        `  test('PUT ${routePath} → 200 (upsert — update)', async () => {`,
+        `    const res = await request('PUT', \`${testRoutePath}\`, ${updatePayload})`,
+        `    expect(res.status).toBe(200)`,
+        `  })`,
+        '',
+      )
+    }
+
+    lines.push(
+      `  test('DELETE ${routePath} → 200 (reset)', async () => {`,
+      `    const res = await request('DELETE', \`${testRoutePath}\`)`,
+      `    expect(res.status).toBe(200)`,
+      `    const data = (await res.json()) as any`,
+      `    expect(data.ok).toBe(true)`,
+      `  })`,
+      '',
+      `  test('GET ${routePath} → 404 after reset', async () => {`,
+      `    const res = await request('GET', \`${testRoutePath}\`)`,
+      `    expect(res.status).toBe(404)`,
+      `  })`,
+      '})',
+      '',
+    )
+
+    return {
+      path: join(this.paths.tests, `${snakeName}.test.ts`),
+      content: lines.join('\n'),
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+  // Helpers
+  // ---------------------------------------------------------------------------
+
+  /** Build the route path pattern for display (with :parentId placeholders). */
+  private buildRoutePath(schema: SchemaDefinition): string {
+    const isDependent = DEPENDENT_ARCHETYPES.has(schema.archetype)
+    const prefix = this.apiConfig.routing === ApiRouting.Prefix ? this.apiConfig.prefix : ''
+
+    if (!isDependent || !schema.parent) {
+      return `${prefix}/${toRouteSegment(schema.name)}`
+    }
+
+    const parentSegment = toRouteSegment(schema.parent)
+    const childSegment = toChildSegment(schema.name, schema.parent)
+
+    return `${prefix}/${parentSegment}/:parentId/${childSegment}`
+  }
+
+  /** Build the route path with template literal variables for actual test requests. */
+  private buildTestRoutePath(
+    schema: SchemaDefinition,
+    parentChain: ParentChainEntry[]
+  ): string {
+    const isDependent = DEPENDENT_ARCHETYPES.has(schema.archetype)
+    const prefix = this.apiConfig.routing === ApiRouting.Prefix ? this.apiConfig.prefix : ''
+
+    if (!isDependent || !schema.parent) {
+      return `${prefix}/${toRouteSegment(schema.name)}`
+    }
+
+    const parentSegment = toRouteSegment(schema.parent)
+    const childSegment = toChildSegment(schema.name, schema.parent)
+
+    // Find the correct variable for the direct parent
+    const directParent = parentChain[parentChain.length - 1]!
+    const parentVar = directParent.isTestUser ? 'testUserPid' : directParent.varName
+
+    return `${prefix}/${parentSegment}/\${${parentVar}}/${childSegment}`
+  }
+
+  /** Build the base URL for requests (differs between prefix and subdomain mode). */
+  private requestBaseUrl(): string {
+    if (this.apiConfig.routing === ApiRouting.Subdomain) {
+      return `http://${this.apiConfig.subdomain}.localhost`
+    }
+    return 'http://localhost'
+  }
+
+  /** Find the user entity schema (used for test user creation). */
+  private findUserEntity(): SchemaDefinition | undefined {
+    return this.schemas.find(
+      s => s.archetype === Archetype.Entity && s.name === 'user'
+    )
+  }
+
+  /** Find the primary key field name for a schema. */
+  private findSchemaPK(schemaName: string): string {
+    const schema = this.schemaMap.get(schemaName)
+    if (!schema) return 'id'
+    for (const [fieldName, fieldDef] of Object.entries(schema.fields)) {
+      if (fieldDef.primaryKey) return fieldName
+    }
+    return 'id'
+  }
+
+  /** Get the PK type (uuid vs serial vs integer). */
+  private getPkType(schema: SchemaDefinition): string {
+    for (const [, fieldDef] of Object.entries(schema.fields)) {
+      if (fieldDef.primaryKey) return String(fieldDef.pgType)
+    }
+    return 'serial'
+  }
+
+  /** Check if a table has soft deletes (deleted_at column). */
+  private hasSoftDelete(table: TableDefinition): boolean {
+    return table.columns.some(c => c.name === 'deleted_at')
+  }
+
+  /** Get the parent FK prop for a dependent schema. */
+  private getParentFkProp(schema: SchemaDefinition): string {
+    if (!schema.parent) return ''
+    const pkName = this.findSchemaPK(schema.parent)
+    return toCamelCase(`${toSnakeCase(schema.parent)}_${toSnakeCase(pkName)}`)
+  }
+
+  /** Find the first required non-PK field. */
+  private findFirstRequiredField(
+    schema: SchemaDefinition
+  ): { name: string; camel: string } | null {
+    for (const [fieldName, fieldDef] of Object.entries(schema.fields)) {
+      if (fieldDef.primaryKey) continue
+      if (SYSTEM_COLUMNS.has(toSnakeCase(fieldName))) continue
+      if (fieldDef.references) continue
+      if (fieldDef.required) {
+        return { name: fieldName, camel: toCamelCase(fieldName) }
+      }
+    }
+    return null
+  }
+
+  /** Get the first non-system field for assertion in create tests. */
+  private getFirstFieldForAssertion(
+    schema: SchemaDefinition
+  ): { camel: string; value: string } | null {
+    for (const [fieldName, fieldDef] of Object.entries(schema.fields)) {
+      if (fieldDef.primaryKey) continue
+      if (SYSTEM_COLUMNS.has(toSnakeCase(fieldName))) continue
+      if (fieldDef.sensitive) continue
+      if (fieldDef.references) continue
+
+      const camel = toCamelCase(fieldName)
+      const val = this.sampleValue(fieldName, fieldDef, 'js')
+      return { camel, value: val }
+    }
+    return null
+  }
+
+  /**
+   * Generate a fixture value for the test user insert.
+   * Uses a distinct prefix ('Fixture') to avoid collisions with test payloads.
+   */
+  private fixtureValue(fieldName: string, fieldDef: FieldDefinition): string {
+    if (this.isEmailField(fieldName, fieldDef)) {
+      return `fixture@example.com`
+    }
+    if (this.isUrlField(fieldName, fieldDef)) {
+      return `https://example.com/fixture`
+    }
+    if (fieldDef.enumValues?.length) {
+      return fieldDef.enumValues[0]!
+    }
+    if (fieldDef.sensitive) {
+      return 'hashed_fixture'
+    }
+    const label = toPascalCase(fieldName).replace(/([A-Z])/g, ' $1').trim()
+    return `Fixture ${label}`
+  }
+
+  /** Detect whether a field is email-like (by validator or name heuristic). */
+  private isEmailField(fieldName: string, fieldDef: FieldDefinition): boolean {
+    if (fieldDef.validators.some(v => v.type === 'email')) return true
+    const snake = toSnakeCase(fieldName)
+    return snake === 'email' || snake.endsWith('_email')
+  }
+
+  /** Detect whether a field is URL-like (by validator or name heuristic). */
+  private isUrlField(fieldName: string, fieldDef: FieldDefinition): boolean {
+    if (fieldDef.validators.some(v => v.type === 'url')) return true
+    const snake = toSnakeCase(fieldName)
+    return snake === 'url' || snake.endsWith('_url') || snake === 'website' || snake === 'homepage'
+  }
+
+  /** Generate a sample value for a field. */
+  private sampleValue(
+    fieldName: string,
+    fieldDef: FieldDefinition,
+    mode: 'js' | 'literal'
+  ): string {
+    if (this.isEmailField(fieldName, fieldDef)) {
+      const snake = toSnakeCase(fieldName)
+      return mode === 'js' ? `'test-${snake}@example.com'` : `test-${snake}@example.com`
+    }
+
+    if (this.isUrlField(fieldName, fieldDef)) {
+      const snake = toSnakeCase(fieldName)
+      return mode === 'js' ? `'https://example.com/${snake}'` : `https://example.com/${snake}`
+    }
+
+    // Enum values
+    if (fieldDef.enumValues?.length) {
+      return mode === 'js' ? `'${fieldDef.enumValues[0]}'` : fieldDef.enumValues[0]!
+    }
+
+    // Sensitive fields
+    if (fieldDef.sensitive) {
+      return mode === 'js' ? `'hashed_test_value'` : 'hashed_test_value'
+    }
+
+    const pgType = String(fieldDef.pgType)
+
+    switch (pgType) {
+      case 'uuid':
+        return mode === 'js' ? `crypto.randomUUID()` : 'test-uuid'
+      case 'boolean':
+        return mode === 'js' ? 'true' : 'true'
+      case 'integer':
+      case 'smallint':
+      case 'serial':
+      case 'smallserial':
+        return '42'
+      case 'bigint':
+      case 'bigserial':
+        return '42'
+      case 'real':
+      case 'double_precision':
+      case 'decimal':
+      case 'numeric':
+      case 'money':
+        return '9.99'
+      case 'json':
+      case 'jsonb':
+        return mode === 'js' ? `JSON.stringify({ test: true })` : '{"test":true}'
+      case 'varchar':
+      case 'character_varying':
+      case 'char':
+      case 'character':
+      case 'text':
+      default: {
+        const label = toPascalCase(fieldName).replace(/([A-Z])/g, ' $1').trim()
+        return mode === 'js' ? `'Test ${label}'` : `Test ${label}`
+      }
+    }
+  }
+
+  /** Generate an updated sample value (different from store). */
+  private sampleUpdateValue(
+    fieldName: string,
+    fieldDef: FieldDefinition
+  ): string {
+    if (this.isEmailField(fieldName, fieldDef)) {
+      return `'updated-${toSnakeCase(fieldName)}@example.com'`
+    }
+
+    if (this.isUrlField(fieldName, fieldDef)) {
+      return `'https://example.com/updated-${toSnakeCase(fieldName)}'`
+    }
+
+    if (fieldDef.enumValues?.length) {
+      return `'${fieldDef.enumValues[fieldDef.enumValues.length > 1 ? 1 : 0]}'`
+    }
+
+    if (fieldDef.sensitive) return `'updated_hashed_value'`
+
+    const pgType = String(fieldDef.pgType)
+
+    switch (pgType) {
+      case 'boolean':
+        return 'false'
+      case 'integer':
+      case 'smallint':
+      case 'serial':
+      case 'smallserial':
+      case 'bigint':
+      case 'bigserial':
+        return '99'
+      case 'real':
+      case 'double_precision':
+      case 'decimal':
+      case 'numeric':
+      case 'money':
+        return '19.99'
+      default: {
+        const label = toPascalCase(fieldName).replace(/([A-Z])/g, ' $1').trim()
+        return `'Updated ${label}'`
+      }
+    }
+  }
+
+  /** Build a JS object literal string for store or update payloads. */
+  private buildTestPayload(
+    schema: SchemaDefinition,
+    table: TableDefinition,
+    mode: 'store' | 'update'
+  ): string {
+    const entries: string[] = []
+    const parentFkCol = schema.parent
+      ? `${toSnakeCase(schema.parent)}_${toSnakeCase(this.findSchemaPK(schema.parent))}`
+      : null
+
+    for (const [fieldName, fieldDef] of Object.entries(schema.fields)) {
+      if (fieldDef.primaryKey) continue
+      const colName = toSnakeCase(fieldName)
+      if (SYSTEM_COLUMNS.has(colName)) continue
+      if (parentFkCol && colName === parentFkCol) continue
+
+      // For references, use the FK column name
+      if (fieldDef.references) {
+        const refPK = this.findSchemaPK(fieldDef.references)
+        const fkColName = `${toSnakeCase(fieldName)}_${toSnakeCase(refPK)}`
+        if (parentFkCol && fkColName === parentFkCol) continue
+
+        const camelFk = toCamelCase(fkColName)
+        if (mode === 'store' || fieldDef.required) {
+          entries.push(`${camelFk}: testUserPid`)
+        }
+        continue
+      }
+
+      const camelName = toCamelCase(fieldName)
+
+      if (mode === 'store') {
+        if (fieldDef.required || !fieldDef.defaultValue) {
+          entries.push(`${camelName}: ${this.sampleValue(fieldName, fieldDef, 'js')}`)
+        }
+      } else {
+        // For update, include a subset of fields with different values
+        if (!fieldDef.sensitive) {
+          entries.push(`${camelName}: ${this.sampleUpdateValue(fieldName, fieldDef)}`)
+        }
+      }
+    }
+
+    if (entries.length === 0) return '{}'
+
+    return `{\n      ${entries.join(',\n      ')},\n    }`
+  }
+
+  /** Build model create data for components (which have no store route). */
+  private buildModelCreateData(
+    schema: SchemaDefinition,
+    table: TableDefinition,
+    directParent: ParentChainEntry
+  ): string {
+    const entries: string[] = []
+    const parentFkProp = this.getParentFkProp(schema)
+    const parentVar = directParent.isTestUser ? 'testUserPid' : directParent.varName
+
+    entries.push(`${parentFkProp}: ${parentVar}`)
+
+    for (const [fieldName, fieldDef] of Object.entries(schema.fields)) {
+      if (fieldDef.primaryKey) continue
+      const colName = toSnakeCase(fieldName)
+      if (SYSTEM_COLUMNS.has(colName)) continue
+      if (fieldDef.references) continue
+
+      const camelName = toCamelCase(fieldName)
+      entries.push(`${camelName}: ${this.sampleValue(fieldName, fieldDef, 'js')}`)
+    }
+
+    return `{ ${entries.join(', ')} }`
+  }
+
+  /**
+   * Build the parent chain for a dependent schema.
+   * Returns entries from root to direct parent.
+   */
+  private buildParentChain(schema: SchemaDefinition): ParentChainEntry[] {
+    const chain: ParentChainEntry[] = []
+    let current = schema.parent
+
+    while (current) {
+      const parentSchema = this.schemaMap.get(current)
+      if (!parentSchema) break
+
+      const isUserEntity = parentSchema.archetype === Archetype.Entity && parentSchema.name === 'user'
+      const pkName = this.findSchemaPK(parentSchema.name)
+
+      chain.unshift({
+        schemaName: parentSchema.name,
+        varName: `${toCamelCase(parentSchema.name)}Id`,
+        pkField: toCamelCase(pkName),
+        isTestUser: isUserEntity,
+        createPath: '', // filled below
+        createPayload: '', // filled below
+      })
+
+      current = parentSchema.parent
+    }
+
+    // Now compute createPath and createPayload for each non-testUser entry
+    for (let i = 0; i < chain.length; i++) {
+      const entry = chain[i]!
+      if (entry.isTestUser) continue
+
+      const parentSchema = this.schemaMap.get(entry.schemaName)!
+      const table = this.representation.tables.find(t => t.name === toSnakeCase(entry.schemaName))
+
+      // Build the path to create this parent
+      if (DEPENDENT_ARCHETYPES.has(parentSchema.archetype) && parentSchema.parent) {
+        const grandParent = chain[i - 1]
+        const grandParentVar = grandParent?.isTestUser ? 'testUserPid' : grandParent?.varName ?? 'testUserPid'
+        const parentSegment = toRouteSegment(parentSchema.parent)
+        const childSegment = toChildSegment(parentSchema.name, parentSchema.parent)
+        const prefix = this.apiConfig.routing === ApiRouting.Prefix ? this.apiConfig.prefix : ''
+        entry.createPath = `${prefix}/${parentSegment}/\${${grandParentVar}}/${childSegment}`
+      } else {
+        const prefix = this.apiConfig.routing === ApiRouting.Prefix ? this.apiConfig.prefix : ''
+        entry.createPath = `${prefix}/${toRouteSegment(parentSchema.name)}`
+      }
+
+      // Build payload for creating this parent
+      if (table) {
+        entry.createPayload = this.buildTestPayload(parentSchema, table, 'store')
+      } else {
+        entry.createPayload = '{}'
+      }
+    }
+
+    return chain
+  }
+
+  /**
+   * Compute the cleanup order: tables sorted so children come before parents.
+   * Associations first, then dependents, then root-level entities.
+   */
+  private cleanupOrder(): string[] {
+    const associations: string[] = []
+    const dependents: string[] = []
+    const roots: string[] = []
+
+    for (const schema of this.schemas) {
+      const tableName = toSnakeCase(schema.name)
+
+      if (schema.archetype === Archetype.Association) {
+        associations.push(tableName)
+      } else if (DEPENDENT_ARCHETYPES.has(schema.archetype)) {
+        dependents.push(tableName)
+      } else {
+        roots.push(tableName)
+      }
+    }
+
+    // Sort dependents so deeper children come first
+    const depthMap = new Map<string, number>()
+    for (const schema of this.schemas) {
+      depthMap.set(toSnakeCase(schema.name), this.schemaDepth(schema))
+    }
+    dependents.sort((a, b) => (depthMap.get(b) ?? 0) - (depthMap.get(a) ?? 0))
+
+    return [
+      ...associations,
+      ...dependents,
+      '_strav_access_tokens',
+      ...roots,
+    ]
+  }
+
+  /** Compute the nesting depth of a schema (0 for root, 1 for direct child, etc.). */
+  private schemaDepth(schema: SchemaDefinition): number {
+    let depth = 0
+    let current = schema.parent
+    while (current) {
+      depth++
+      const parent = this.schemaMap.get(current)
+      current = parent?.parent
+    }
+    return depth
+  }
+}
+
+// ---------------------------------------------------------------------------
+// Internal types
+// ---------------------------------------------------------------------------
+
+interface ParentChainEntry {
+  schemaName: string
+  varName: string
+  pkField: string
+  isTestUser: boolean
+  createPath: string
+  createPayload: string
+}