kybernus 3.1.0 → 3.2.0

package/templates/ecommerce/apps/api/src/modules/catalog/__tests__/catalog.routes.integration.test.ts

@@ -0,0 +1,275 @@
+import request from 'supertest';
+import app from '../../../app';
+
+/**
+ * Integration tests for Catalog routes.
+ * Uses in-memory repositories via the catalog.registry module.
+ * An ADMIN JWT is generated with the shared tokenService.
+ */
+
+// ── Helpers ──────────────────────────────────────────────────────────────────
+let adminToken: string;
+let customerToken: string;
+
+const ADMIN_USER = {
+  name: 'Admin User',
+  email: 'admin@ecommerce.com',
+  password: 'admin1234',
+};
+
+const CUSTOMER_USER = {
+  name: 'João Cliente',
+  email: 'joao@ecommerce.com',
+  password: 'cliente1234',
+};
+
+const VALID_PRODUCT = {
+  name: 'Camiseta Básica',
+  description: 'Camiseta de algodão',
+  price: 49.9,
+  categorySlug: 'camisetas',
+  images: [],
+  variants: [
+    { sku: 'CAM-P', size: 'P', color: 'Branco', stock: 5 },
+    { sku: 'CAM-M', size: 'M', color: 'Branco', stock: 10 },
+  ],
+};
+
+// ── Setup ─────────────────────────────────────────────────────────────────────
+beforeAll(async () => {
+  // Register both users
+  await request(app).post('/api/auth/register').send(CUSTOMER_USER);
+
+  // Promote admin via internal registry (since we have no admin-creation endpoint yet)
+  const { catalogRegistry } = await import('../catalog.registry');
+  const { userRepository } = await import('../../auth/auth.registry');
+
+  // Create category for tests
+  await catalogRegistry.categoryRepository.create(
+    (await import('../category.entity')).CategoryEntity.create({
+      name: 'Camisetas',
+      slug: 'camisetas',
+      description: null,
+      parentId: null,
+    }),
+  );
+
+  // Create an admin user directly via the repository
+  const { UserEntity } = await import('../../auth/user.entity');
+  const { hash } = await import('bcryptjs');
+  const adminHash = await hash(ADMIN_USER.password, 10);
+  const adminEntity = UserEntity.create({
+    name: ADMIN_USER.name,
+    email: ADMIN_USER.email,
+    passwordHash: adminHash,
+    role: 'ADMIN',
+  });
+  await userRepository.create(adminEntity);
+
+  // Login both
+  const adminRes = await request(app).post('/api/auth/login').send({
+    email: ADMIN_USER.email,
+    password: ADMIN_USER.password,
+  });
+  adminToken = (adminRes.body as { accessToken: string }).accessToken;
+
+  const customerRes = await request(app).post('/api/auth/login').send({
+    email: CUSTOMER_USER.email,
+    password: CUSTOMER_USER.password,
+  });
+  customerToken = (customerRes.body as { accessToken: string }).accessToken;
+});
+
+// ── Tests ────────────────────────────────────────────────────────────────────
+describe('Catalog Routes — Integration', () => {
+  // ── GET /api/products ─────────────────────────────────────────────────────
+  describe('GET /api/products', () => {
+    it('200: deve listar produtos paginados (público, sem autenticação)', async () => {
+      const res = await request(app).get('/api/products');
+
+      expect(res.status).toBe(200);
+      expect(res.body).toHaveProperty('items');
+      expect(Array.isArray(res.body.items)).toBe(true);
+    });
+
+    it('deve aceitar query params: category, minPrice, maxPrice, q, sortBy', async () => {
+      const res = await request(app)
+        .get('/api/products')
+        .query({ categorySlug: 'camisetas', minPrice: 10, maxPrice: 200, q: 'camiseta', sortBy: 'price_asc' });
+
+      expect(res.status).toBe(200);
+      expect(res.body).toHaveProperty('items');
+    });
+
+    it('deve retornar nextCursor na resposta paginada', async () => {
+      const res = await request(app).get('/api/products').query({ limit: 100 });
+
+      expect(res.status).toBe(200);
+      expect(res.body).toHaveProperty('nextCursor');
+    });
+  });
+
+  // ── POST /api/products ────────────────────────────────────────────────────
+  describe('POST /api/products', () => {
+    it('401: deve rejeitar sem token', async () => {
+      const res = await request(app).post('/api/products').send(VALID_PRODUCT);
+
+      expect(res.status).toBe(401);
+    });
+
+    it('403: deve rejeitar token de CUSTOMER', async () => {
+      const res = await request(app)
+        .post('/api/products')
+        .set('Authorization', `Bearer ${customerToken}`)
+        .send(VALID_PRODUCT);
+
+      expect(res.status).toBe(403);
+    });
+
+    it('201: deve criar produto como ADMIN', async () => {
+      const res = await request(app)
+        .post('/api/products')
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send(VALID_PRODUCT);
+
+      expect(res.status).toBe(201);
+      expect(res.body.name).toBe(VALID_PRODUCT.name);
+      expect(res.body.slug).toBe('camiseta-basica');
+      expect(res.body.variants).toHaveLength(2);
+    });
+
+    it('422: deve validar campos obrigatórios (preço negativo)', async () => {
+      const res = await request(app)
+        .post('/api/products')
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ ...VALID_PRODUCT, price: -10 });
+
+      expect(res.status).toBe(422);
+    });
+
+    it('422: deve rejeitar produto sem nome', async () => {
+      const res = await request(app)
+        .post('/api/products')
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ ...VALID_PRODUCT, name: '' });
+
+      expect(res.status).toBe(422);
+    });
+  });
+
+  // ── GET /api/products/:slug ───────────────────────────────────────────────
+  describe('GET /api/products/:slug', () => {
+    beforeAll(async () => {
+      // Ensure product exists
+      await request(app)
+        .post('/api/products')
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ ...VALID_PRODUCT, name: 'Produto Detalhe', variants: [{ sku: 'DET-U', size: 'U', color: 'Preto', stock: 3 }] });
+    });
+
+    it('200: deve retornar produto com variações', async () => {
+      const res = await request(app).get('/api/products/produto-detalhe');
+
+      expect(res.status).toBe(200);
+      expect(res.body.slug).toBe('produto-detalhe');
+      expect(Array.isArray(res.body.variants)).toBe(true);
+    });
+
+    it('404: deve retornar 404 para slug inexistente', async () => {
+      const res = await request(app).get('/api/products/slug-que-nao-existe');
+
+      expect(res.status).toBe(404);
+    });
+  });
+
+  // ── PUT /api/products/:id ─────────────────────────────────────────────────
+  describe('PUT /api/products/:id', () => {
+    it('200: deve atualizar produto como ADMIN', async () => {
+      // Create a product first
+      const createRes = await request(app)
+        .post('/api/products')
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ ...VALID_PRODUCT, name: 'Produto Para Atualizar', variants: [{ sku: 'UPD-U', size: 'U', color: 'Rosa', stock: 1 }] });
+
+      const productId = (createRes.body as { id: string }).id;
+
+      const res = await request(app)
+        .put(`/api/products/${productId}`)
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ name: 'Produto Atualizado', price: 59.9 });
+
+      expect(res.status).toBe(200);
+      expect(res.body.name).toBe('Produto Atualizado');
+    });
+
+    it('404: produto inexistente', async () => {
+      const res = await request(app)
+        .put('/api/products/00000000-0000-4000-8000-000000000099')
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ name: 'X' });
+
+      expect(res.status).toBe(404);
+    });
+  });
+
+  // ── DELETE /api/products/:id ──────────────────────────────────────────────
+  describe('DELETE /api/products/:id', () => {
+    it('204: deve soft-delete o produto', async () => {
+      const createRes = await request(app)
+        .post('/api/products')
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ ...VALID_PRODUCT, name: 'Produto Para Deletar', variants: [{ sku: 'DEL-U', size: 'U', color: 'Cinza', stock: 1 }] });
+
+      const productId = (createRes.body as { id: string }).id;
+      const slug = (createRes.body as { slug: string }).slug;
+
+      const deleteRes = await request(app)
+        .delete(`/api/products/${productId}`)
+        .set('Authorization', `Bearer ${adminToken}`);
+
+      expect(deleteRes.status).toBe(204);
+
+      // Deve ocultar produto deletado das listagens públicas
+      const getRes = await request(app).get(`/api/products/${slug}`);
+      expect(getRes.status).toBe(404);
+    });
+  });
+
+  // ── PATCH /api/products/:id/stock ────────────────────────────────────────
+  describe('PATCH /api/products/:id/stock', () => {
+    it('200: deve ajustar estoque por variação', async () => {
+      const createRes = await request(app)
+        .post('/api/products')
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ ...VALID_PRODUCT, name: 'Produto Estoque', variants: [{ sku: 'STK-U', size: 'U', color: 'Azul', stock: 5 }] });
+
+      const productId = (createRes.body as { id: string }).id;
+      const variantId = (createRes.body as { variants: { id: string }[] }).variants[0]!.id;
+
+      const res = await request(app)
+        .patch(`/api/products/${productId}/stock`)
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ variantId, delta: -2 });
+
+      expect(res.status).toBe(200);
+      expect(res.body.stock).toBe(3);
+    });
+
+    it('409: deve rejeitar quando estoque insuficiente', async () => {
+      const createRes = await request(app)
+        .post('/api/products')
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ ...VALID_PRODUCT, name: 'Produto Estoque Zero', variants: [{ sku: 'STK0-U', size: 'U', color: 'Verde', stock: 2 }] });
+
+      const productId = (createRes.body as { id: string }).id;
+      const variantId = (createRes.body as { variants: { id: string }[] }).variants[0]!.id;
+
+      const res = await request(app)
+        .patch(`/api/products/${productId}/stock`)
+        .set('Authorization', `Bearer ${adminToken}`)
+        .send({ variantId, delta: -999 });
+
+      expect(res.status).toBe(409);
+    });
+  });
+});

package/templates/ecommerce/apps/api/src/modules/catalog/__tests__/catalog.service.unit.test.ts

@@ -0,0 +1,223 @@
+import { CatalogService } from '../catalog.service';
+import { ICategoryRepository } from '../category.repository';
+import { IProductRepository } from '../product.repository';
+import { CategoryEntity } from '../category.entity';
+import { ProductEntity, ProductStatus } from '../product.entity';
+
+// ── Helpers ──────────────────────────────────────────────────────────────────
+const makeCategory = (overrides: Partial<{ id: string; name: string; slug: string }> = {}) =>
+  CategoryEntity.reconstitute({
+    id: overrides.id ?? 'cat-1',
+    name: overrides.name ?? 'Camisetas',
+    slug: overrides.slug ?? 'camisetas',
+    description: null,
+    parentId: null,
+    createdAt: new Date(),
+    updatedAt: new Date(),
+  });
+
+const makeProduct = (overrides: Partial<ReturnType<typeof ProductEntity.create>> = {}) =>
+  ProductEntity.reconstitute({
+    id: 'prod-1',
+    name: 'Camiseta Básica',
+    slug: 'camiseta-basica',
+    description: 'Uma camiseta simples',
+    price: 49.9,
+    categoryId: 'cat-1',
+    status: ProductStatus.ACTIVE,
+    images: [],
+    createdAt: new Date(),
+    updatedAt: new Date(),
+    variants: [
+      {
+        id: 'var-1',
+        sku: 'CAM-P',
+        size: 'P',
+        color: 'Branco',
+        stock: 10,
+        price: null,
+        productId: 'prod-1',
+      },
+    ],
+  });
+
+// ── Mocks ────────────────────────────────────────────────────────────────────
+const makeCategoryRepo = (): jest.Mocked<ICategoryRepository> => ({
+  findById: jest.fn(),
+  findBySlug: jest.fn(),
+  findAll: jest.fn(),
+  create: jest.fn(),
+  update: jest.fn(),
+  delete: jest.fn(),
+});
+
+const makeProductRepo = (): jest.Mocked<IProductRepository> => ({
+  findById: jest.fn(),
+  findBySlug: jest.fn(),
+  findAll: jest.fn(),
+  search: jest.fn(),
+  create: jest.fn(),
+  update: jest.fn(),
+  softDelete: jest.fn(),
+  updateVariantStock: jest.fn(),
+  slugExists: jest.fn(),
+});
+
+// ── Tests ────────────────────────────────────────────────────────────────────
+describe('CatalogService — Unit', () => {
+  let service: CatalogService;
+  let categoryRepo: jest.Mocked<ICategoryRepository>;
+  let productRepo: jest.Mocked<IProductRepository>;
+
+  beforeEach(() => {
+    categoryRepo = makeCategoryRepo();
+    productRepo = makeProductRepo();
+    service = new CatalogService(categoryRepo, productRepo);
+  });
+
+  // ── createProduct ─────────────────────────────────────────────────────────
+  describe('createProduct()', () => {
+    const validInput = {
+      name: 'Camiseta Básica',
+      description: 'Desc',
+      price: 49.9,
+      categoryId: 'cat-1',
+      images: [],
+      variants: [{ sku: 'CAM-P', size: 'P', color: 'Branco', stock: 10 }],
+    };
+
+    it('deve criar produto com variações e estoque iniciais', async () => {
+      categoryRepo.findById.mockResolvedValue(makeCategory());
+      productRepo.slugExists.mockResolvedValue(false);
+      productRepo.create.mockImplementation(async (p) => p);
+
+      const result = await service.createProduct(validInput);
+
+      expect(result.name).toBe('Camiseta Básica');
+      expect(result.variants).toHaveLength(1);
+      expect(result.variants[0]?.stock).toBe(10);
+      expect(productRepo.create).toHaveBeenCalledTimes(1);
+    });
+
+    it('deve lançar erro se categoria não existir', async () => {
+      categoryRepo.findById.mockResolvedValue(null);
+
+      await expect(service.createProduct(validInput)).rejects.toMatchObject({
+        statusCode: 404,
+      });
+    });
+
+    it('deve garantir slug único a partir do nome', async () => {
+      categoryRepo.findById.mockResolvedValue(makeCategory());
+      // First slug attempt exists, second doesn't
+      productRepo.slugExists.mockResolvedValueOnce(true).mockResolvedValueOnce(false);
+      productRepo.create.mockImplementation(async (p) => p);
+
+      const result = await service.createProduct(validInput);
+
+      // Should have a slug derived from name + suffix to avoid collision
+      expect(result.slug).toMatch(/^camiseta-basica/);
+      expect(result.slug).not.toBe('camiseta-basica'); // original was taken
+    });
+
+    it('deve rejeitar preço negativo', async () => {
+      categoryRepo.findById.mockResolvedValue(makeCategory());
+
+      await expect(
+        service.createProduct({ ...validInput, price: -1 }),
+      ).rejects.toMatchObject({ statusCode: 422 });
+    });
+  });
+
+  // ── updateStock ──────────────────────────────────────────────────────────
+  describe('updateStock()', () => {
+    it('deve decrementar estoque de uma variação', async () => {
+      productRepo.findById.mockResolvedValue(makeProduct());
+      productRepo.updateVariantStock.mockResolvedValue(undefined);
+
+      await service.updateStock({ productId: 'prod-1', variantId: 'var-1', delta: -3 });
+
+      expect(productRepo.updateVariantStock).toHaveBeenCalledWith('prod-1', 'var-1', 7);
+    });
+
+    it('deve lançar InsufficientStockError se quantidade > estoque', async () => {
+      productRepo.findById.mockResolvedValue(makeProduct());
+
+      await expect(
+        service.updateStock({ productId: 'prod-1', variantId: 'var-1', delta: -999 }),
+      ).rejects.toMatchObject({ statusCode: 409 });
+    });
+
+    it('deve lançar erro 404 quando produto não existir', async () => {
+      productRepo.findById.mockResolvedValue(null);
+
+      await expect(
+        service.updateStock({ productId: 'nope', variantId: 'var-1', delta: -1 }),
+      ).rejects.toMatchObject({ statusCode: 404 });
+    });
+  });
+
+  // ── searchProducts ────────────────────────────────────────────────────────
+  describe('searchProducts()', () => {
+    const products = [makeProduct()];
+
+    it('deve filtrar por categoria', async () => {
+      productRepo.search.mockResolvedValue({ items: products, nextCursor: null });
+
+      const result = await service.searchProducts({ categoryId: 'cat-1' });
+
+      expect(productRepo.search).toHaveBeenCalledWith(
+        expect.objectContaining({ categoryId: 'cat-1' }),
+      );
+      expect(result.items).toHaveLength(1);
+    });
+
+    it('deve filtrar por faixa de preço', async () => {
+      productRepo.search.mockResolvedValue({ items: products, nextCursor: null });
+
+      const result = await service.searchProducts({ minPrice: 10, maxPrice: 100 });
+
+      expect(productRepo.search).toHaveBeenCalledWith(
+        expect.objectContaining({ minPrice: 10, maxPrice: 100 }),
+      );
+      expect(result.items).toBeDefined();
+    });
+
+    it('deve buscar por nome (full-text via q)', async () => {
+      productRepo.search.mockResolvedValue({ items: products, nextCursor: null });
+
+      await service.searchProducts({ q: 'camiseta' });
+
+      expect(productRepo.search).toHaveBeenCalledWith(
+        expect.objectContaining({ q: 'camiseta' }),
+      );
+    });
+
+    it('deve paginar corretamente com cursor', async () => {
+      productRepo.search.mockResolvedValue({ items: products, nextCursor: 'abc123' });
+
+      const result = await service.searchProducts({ cursor: 'prev-cursor', limit: 10 });
+
+      expect(result.nextCursor).toBe('abc123');
+    });
+
+    it('deve ordenar por preço asc/desc e por mais recente', async () => {
+      productRepo.search.mockResolvedValue({ items: [], nextCursor: null });
+
+      await service.searchProducts({ sortBy: 'price_asc' });
+      expect(productRepo.search).toHaveBeenCalledWith(
+        expect.objectContaining({ sortBy: 'price_asc' }),
+      );
+
+      await service.searchProducts({ sortBy: 'price_desc' });
+      expect(productRepo.search).toHaveBeenCalledWith(
+        expect.objectContaining({ sortBy: 'price_desc' }),
+      );
+
+      await service.searchProducts({ sortBy: 'newest' });
+      expect(productRepo.search).toHaveBeenCalledWith(
+        expect.objectContaining({ sortBy: 'newest' }),
+      );
+    });
+  });
+});

package/templates/ecommerce/apps/api/src/modules/catalog/__tests__/product.image.integration.test.ts

@@ -0,0 +1,130 @@
+import request from 'supertest';
+import app from '../../../app';
+import { UserEntity } from '../../auth/user.entity';
+import { hash } from 'bcryptjs';
+
+/**
+ * Integration tests for POST /api/products/:id/image
+ * Uses in-memory repos + in-memory storage (no S3 needed)
+ */
+
+let adminToken: string;
+let productId: string;
+
+const ADMIN_USER = {
+  name: 'Admin Image',
+  email: 'admin.image@test.com',
+  password: 'admin1234',
+};
+
+const VALID_PRODUCT = {
+  name: 'Tênis de Upload',
+  description: 'Para testar upload',
+  price: 199.9,
+  categorySlug: 'calcados',
+  images: [],
+  variants: [{ sku: 'TEI-40', size: '40', color: 'Preto', stock: 5 }],
+};
+
+beforeAll(async () => {
+  const { catalogRegistry } = await import('../catalog.registry');
+  const { userRepository } = await import('../../auth/auth.registry');
+
+  // Seed category
+  const { CategoryEntity } = await import('../category.entity');
+  await catalogRegistry.categoryRepository.create(
+    CategoryEntity.create({ name: 'Calçados', slug: 'calcados', description: null, parentId: null }),
+  );
+
+  // Create admin directly
+  const adminHash = await hash(ADMIN_USER.password, 10);
+  await userRepository.create(
+    UserEntity.create({ name: ADMIN_USER.name, email: ADMIN_USER.email, passwordHash: adminHash, role: 'ADMIN' }),
+  );
+
+  // Login
+  const loginRes = await request(app).post('/api/auth/login').send({
+    email: ADMIN_USER.email,
+    password: ADMIN_USER.password,
+  });
+  adminToken = (loginRes.body as { accessToken: string }).accessToken;
+
+  // Create a product to upload to
+  const productRes = await request(app)
+    .post('/api/products')
+    .set('Authorization', `Bearer ${adminToken}`)
+    .send(VALID_PRODUCT);
+  productId = (productRes.body as { id: string }).id;
+});
+
+describe('POST /api/products/:id/image', () => {
+  it('401: deve rejeitar sem autenticação', async () => {
+    await request(app)
+      .post(`/api/products/${productId}/image`)
+      .attach('image', Buffer.from('fake'), { filename: 'foto.jpg', contentType: 'image/jpeg' })
+      .expect(401);
+  });
+
+  it('403: deve rejeitar se não for ADMIN', async () => {
+    // Register a customer
+    await request(app).post('/api/auth/register').send({
+      name: 'Cliente',
+      email: 'cliente.img@test.com',
+      password: 'cliente1234',
+    });
+    const loginRes = await request(app).post('/api/auth/login').send({
+      email: 'cliente.img@test.com',
+      password: 'cliente1234',
+    });
+    const customerToken = (loginRes.body as { accessToken: string }).accessToken;
+
+    await request(app)
+      .post(`/api/products/${productId}/image`)
+      .set('Authorization', `Bearer ${customerToken}`)
+      .attach('image', Buffer.from('fake'), { filename: 'foto.jpg', contentType: 'image/jpeg' })
+      .expect(403);
+  });
+
+  it('400: deve rejeitar arquivo não-imagem', async () => {
+    await request(app)
+      .post(`/api/products/${productId}/image`)
+      .set('Authorization', `Bearer ${adminToken}`)
+      .attach('image', Buffer.from('text content'), { filename: 'doc.txt', contentType: 'text/plain' })
+      .expect(400);
+  });
+
+  it('400: deve rejeitar arquivo maior que 5MB', async () => {
+    const bigBuffer = Buffer.alloc(6 * 1024 * 1024);
+    await request(app)
+      .post(`/api/products/${productId}/image`)
+      .set('Authorization', `Bearer ${adminToken}`)
+      .attach('image', bigBuffer, { filename: 'big.jpg', contentType: 'image/jpeg' })
+      .expect(400);
+  });
+
+  it('200: deve fazer upload e retornar URL pública da imagem', async () => {
+    const res = await request(app)
+      .post(`/api/products/${productId}/image`)
+      .set('Authorization', `Bearer ${adminToken}`)
+      .attach('image', Buffer.from('fake-image-data'), { filename: 'foto.jpg', contentType: 'image/jpeg' })
+      .expect(200);
+
+    const body = res.body as { images: string[] };
+    expect(body.images).toBeDefined();
+    expect(body.images.length).toBeGreaterThan(0);
+    expect(typeof body.images[0]).toBe('string');
+  });
+
+  it('deve atualizar campo images no produto após upload', async () => {
+    // Upload
+    await request(app)
+      .post(`/api/products/${productId}/image`)
+      .set('Authorization', `Bearer ${adminToken}`)
+      .attach('image', Buffer.from('image-bytes'), { filename: 'produto.png', contentType: 'image/png' });
+
+    // Fetch product and check images
+    const getRes = await request(app).get(`/api/products/tenis-de-upload`).expect(200);
+    const product = getRes.body as { images: string[] };
+    expect(product.images.length).toBeGreaterThanOrEqual(1);
+  });
+});