From fb0f4264e219e5c03c5b0f93ca1d5a0153532930 Mon Sep 17 00:00:00 2001 From: Frank Tovar Date: Thu, 5 Feb 2026 19:02:26 +0100 Subject: [PATCH] Update script --- TASKS.md | 39 --------------------------------------- scripts/deploy-ftp.ps1 | 2 +- 2 files changed, 1 insertion(+), 40 deletions(-) delete mode 100644 TASKS.md diff --git a/TASKS.md b/TASKS.md deleted file mode 100644 index 0ac8c19..0000000 --- a/TASKS.md +++ /dev/null @@ -1,39 +0,0 @@ -# TASKS - -## Authentication & Identity -- [x] Cover register success behavior: trims username/display name, enforces 24/16 char caps, issues auth cookie, stores normalized username (no plain passwords). -- [x] Add register/login rejection cases for overlength usernames/display names and ensure login success sets LastLoginAt + fills DisplayName when null. -- [x] Verify admin claim/authorization end-to-end: admin cookie includes claim; non-admin hitting `/api/admin/*` returns 401/403. - -## State & Phase -- [x] Assert `/api/state` payload fields (currentPhase, votesFinal, hasJoker, counts) for authenticated user. -- [x] Test GetPhase alignment: legacy Reveal -> Vote; closing results (resultsOpen false) realigns users from Results to Vote and clears VotesFinal. -- [x] Add `/api/me/phase/next` happy path to Results when resultsOpen=true and ensure VotesFinal clears on advance; cover Suggest->Vote success. -- [x] Ensure `/api/me/phase/prev` clears VotesFinal and respects per-step back transitions; add name limit >16 rejection. - -## Suggestions -- [x] Enforce phase gating on create for non-admins outside Suggest (no joker) and require display name before create. -- [x] Add validation cases: invalid game/youtube URLs, missing/overlong name (>100), player count ranges (min<1, max>32, only one of min/max provided), trimming/truncation of optional fields. -- [x] Verify `/api/suggestions/mine` excludes other players; `/api/suggestions/all` returns ordered list with LinkedIds/LinkedTitles metadata. -- [x] Test DELETE: player can delete own in Suggest only; admin any time; links to children cleared and related votes removed. -- [x] Joker create path should unfinalize all players’ ballots, not just the caller. - -## Votes -- [x] Guard `/api/votes/mine` for auth/phase mismatch; reject negative scores too. -- [x] Cover finalize toggle back to false and phase-change unfinalization; ensure VotesFinal blocks edits and resets correctly. -- [x] Add linked-vote coverage for nested/root-detection cases (e.g., chains) to ensure scores fan out as expected. - -## Results -- [x] Require Results phase and auth even when resultsOpen=true (phase mismatch/unauth 400/401). -- [x] Validate results payload fields: totals/count/average (average=0 when no votes), MyVote, link metadata, ordering by average. - -## Admin Operations -- [x] Cover `/api/admin/results` closing path: moves everyone to Vote, clears VotesFinal, updates UpdatedAt timestamp. -- [x] Extend vote-status tests for mixed finalized vs waiting users and ordering by display/username. -- [x] Add happy-path joker grant in Vote phase; assert VotesFinal resets for that player. -- [x] Exercise link/unlink phase gating and not-found cases; verify linking re-parents groups, deletes group votes, and unfinalizes affected players counts; ensure unlink follows spec vs current NotFound-on-missing behavior. -- [x] Confirm reset clears HasJoker/VotesFinal and closes results; factory-reset re-seeds AppState defaults (ResultsOpen=false, UpdatedAt set). - -## Infrastructure/Helpers -- [x] Expand `IsReachableImageAsync` tests: HEAD success path, redirect rejection, oversized content-length guard, fallback GET with non-image content. -- [x] Add coverage for global exception handler returning JSON 500 and logging. diff --git a/scripts/deploy-ftp.ps1 b/scripts/deploy-ftp.ps1 index c52cd91..4ae6d78 100644 --- a/scripts/deploy-ftp.ps1 +++ b/scripts/deploy-ftp.ps1 @@ -102,7 +102,7 @@ option confirm off open ftp://$($FtpUser):$($Password.Replace('`n','').Replace('`r',''))@$FtpHost lcd $PublishDir cd $RemoteDir -synchronize remote . -delete -filemask="|web.config;App_Data/;logs/" +synchronize remote . -delete -filemask="|web.config;App_Data/;logs/;GameList.Tests/" exit "@ | Set-Content -Path $tempScript -Encoding UTF8