curo/kite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bd17b4b22fb2098dcca43bf985ebb7806fadfe96
kite/.planning/phases/06.2-close-v1-sharing-cloud-delete-csv-export-gaps/06.2-VALIDATION.md
T
curo1305 77263bd569 docs(phase-06.2): mark validation strategy nyquist-compliant 
All 11 Wave 0 test stubs verified green (50 passed, 4 xfailed).
Updated per-task map, wave 0 checklist, sign-off, and audit trail.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-31 15:44:25 +02:00

107 lines
6.3 KiB
Markdown
Raw Blame History

---
phase: 6.2
slug: close-v1-sharing-cloud-delete-csv-export-gaps
status: complete
nyquist_compliant: true
wave_0_complete: true
created: 2026-05-31
audited: 2026-05-31
---
# Phase 6.2 — Validation Strategy
> Per-phase validation contract for feedback sampling during execution.
---
## Test Infrastructure
| Property | Value |
|----------|-------|
| **Framework** | pytest + pytest-asyncio (backend); Vitest (frontend) |
| **Config file** | `backend/pytest.ini` |
| **Quick run command** | `cd backend && pytest tests/test_shares.py tests/test_audit.py tests/test_documents.py -x -q` |
| **Full suite command** | `cd backend && pytest -v` |
| **Estimated runtime** | ~30 seconds |
---
## Sampling Rate
- **After every task commit:** Run `cd backend && pytest tests/test_shares.py tests/test_audit.py tests/test_documents.py -x -q`
- **After every plan wave:** Run `cd backend && pytest -v`
- **Before `/gsd:verify-work`:** Full suite must be green (excluding pre-existing `test_extractor.py::test_extract_docx` ModuleNotFoundError)
- **Max feedback latency:** 30 seconds
---
## Per-Task Verification Map
| Task ID | Plan | Wave | Requirement | Threat Ref | Secure Behavior | Test Type | Automated Command | File Exists | Status |
|---------|------|------|-------------|------------|-----------------|-----------|-------------------|-------------|--------|
| SHARE-05-fix | 01 | 1 | SHARE-05 | — | `is_shared` drives badge (not `share_count`) | unit | `pytest tests/test_shares.py::test_share_indicator_in_owner_list -x` | ✅ | ✅ green |
| SHARE-03-post | 01 | 1 | SHARE-03 | — | POST /api/shares respects `permission` field | integration | `pytest tests/test_shares.py::test_share_create_with_permission -x` | ✅ | ✅ green |
| SHARE-03-patch | 01 | 1 | SHARE-03 | T-IDOR | PATCH /api/shares/{id} changes permission | integration | `pytest tests/test_shares.py::test_share_patch_permission -x` | ✅ | ✅ green |
| SHARE-03-idor | 01 | 1 | SHARE-03 | T-IDOR | PATCH wrong owner → 404 (not 403) | integration | `pytest tests/test_shares.py::test_share_patch_idor -x` | ✅ | ✅ green |
| CLOUD-del-route | 02 | 1 | CLOUD-del | T-quota | delete_document routes to cloud backend for non-minio | integration | `pytest tests/test_documents.py::test_delete_cloud_document_propagates -x` | ✅ | ✅ green |
| CLOUD-del-fail | 02 | 1 | CLOUD-del | T-cloud | Cloud delete failure returns structured JSON error | integration | `pytest tests/test_documents.py::test_delete_cloud_document_failure -x` | ✅ | ✅ green |
| CLOUD-del-rm | 02 | 1 | CLOUD-del | T-quota | remove_only=true skips cloud, removes DB record only | integration | `pytest tests/test_documents.py::test_delete_cloud_remove_only -x` | ✅ | ✅ green |
| AUDIT-handle | 03 | 2 | ADMIN-06 | — | Audit log response includes user_handle and actor_handle | integration | `pytest tests/test_audit.py::test_audit_log_includes_user_handle -x` | ✅ | ✅ green |
| AUDIT-filter | 03 | 2 | ADMIN-06 | — | user_handle filter resolves to correct entries | integration | `pytest tests/test_audit.py::test_audit_log_filter_by_handle -x` | ✅ | ✅ green |
| AUDIT-filter-empty | 03 | 2 | ADMIN-06 | — | unknown handle filter returns empty (not error) | integration | `pytest tests/test_audit.py::test_audit_log_filter_unknown_handle -x` | ✅ | ✅ green |
| DAILY-list | 03 | 2 | ADMIN-06 | — | Daily exports list endpoint returns sorted keys | integration | `pytest tests/test_audit.py::test_daily_exports_list -x` | ✅ | ✅ green |
| DAILY-dl | 03 | 2 | ADMIN-06 | T-path | Daily export download returns CSV bytes; date validated against regex | integration | `pytest tests/test_audit.py::test_daily_export_download -x` | ✅ | ✅ green |
*Status: ⬜ pending · ✅ green · ❌ red · ⚠️ flaky*
---
## Wave 0 Requirements
- [x] `tests/test_shares.py::test_share_create_with_permission` — stubs for SHARE-03 POST permission field
- [x] `tests/test_shares.py::test_share_patch_permission` — stubs for SHARE-03 PATCH endpoint
- [x] `tests/test_shares.py::test_share_patch_idor` — stubs for IDOR invariant on PATCH
- [x] `tests/test_documents.py::test_delete_cloud_document_propagates` — stubs for cloud delete routing
- [x] `tests/test_documents.py::test_delete_cloud_document_failure` — stubs for D-03 structured error
- [x] `tests/test_documents.py::test_delete_cloud_remove_only` — stubs for D-02 remove_only path
- [x] `tests/test_audit.py::test_audit_log_includes_user_handle` — stubs for D-11 handle enrichment
- [x] `tests/test_audit.py::test_audit_log_filter_by_handle` — stubs for D-12 handle filter
- [x] `tests/test_audit.py::test_audit_log_filter_unknown_handle` — stubs for D-12 empty result
- [x] `tests/test_audit.py::test_daily_exports_list` — stubs for D-15 listing endpoint
- [x] `tests/test_audit.py::test_daily_export_download` — stubs for D-16 streaming endpoint
---
## Manual-Only Verifications
| Behavior | Requirement | Why Manual | Test Instructions |
|----------|-------------|------------|-------------------|
| CSV export download via fetch+Blob triggers file save in browser | ADMIN-06 | Browser download behavior cannot be automated in pytest | Open admin panel, navigate to Audit Log tab, click "Export CSV", verify browser download dialog/file saved |
| Cloud delete failure warning modal UX | CLOUD-del | Modal interaction requires E2E framework | Delete a cloud document with a simulated provider failure; verify modal appears with "Remove from app" option |
| Daily export date dropdown populates and download triggers | ADMIN-06 | Frontend fetch+Blob download in browser | Open admin panel, verify date dropdown shows available exports, click Download, verify file saved |
| Share permission toggle visible per row in ShareModal | SHARE-03 | Vue component rendering | Open ShareModal for a document with active shares; verify view/edit toggle appears per row |
---
## Validation Sign-Off
- [x] All tasks have `<automated>` verify or Wave 0 dependencies
- [x] Sampling continuity: no 3 consecutive tasks without automated verify
- [x] Wave 0 covers all MISSING references
- [x] No watch-mode flags
- [x] Feedback latency < 30s (suite: ~3.4s for 50 tests)
- [x] `nyquist_compliant: true` set in frontmatter
**Approval:** 2026-05-31 — 50 passed, 4 xfailed, 0 failed
---
## Validation Audit 2026-05-31
| Metric | Count |
|--------|-------|
| Gaps found | 11 |
| Resolved | 11 |
| Escalated | 0 |
| Suite result | 50 passed, 4 xfailed |
Reference in New Issue View Git Blame Copy Permalink