hamid
765cc632d5
Remove the Order demo (entity/feature/repo/config/gRPC/proto) and the three pre-marketplace migrations; regenerate a fresh InitialBaseline migration. Stand up the REST surface (PingController + System/Ping CQRS) proving the Mediator -> behaviors -> OperationResult -> ApiResult envelope end to end. Close wiring gaps: register LoggingBehavior (outermost) and add the built-in rate limiter (per-IP global + otp/auth/sensitive policies), placed before authentication. Add current-user + audit plumbing: ICurrentUser (HttpContext + null impls), rename BaseEntity audit fields to CreatedAt/ModifiedAt (DateTimeOffset) + CreatedById/ModifiedById, stamped by a new AuditFieldInterceptor. Introduce five cross-cutting seams (IDateTimeProvider, IFieldEncryptor, ICacheService, IObjectStorage, INotificationDispatcher) with in-memory/local mocks registered via AddCrossCuttingSeams. Add Baya.Test.Foundation (encryptor, audit interceptor, ping handler) and update docs, contracts (swagger.v1.json), handoff, report, and mocks registry.
4.6 KiB
4.6 KiB
Mock & integration registry
The master list of every external dependency that is mocked behind a DI seam in this build, and the exact steps to make each one real. Backend lane owns this file; every phase that introduces or touches a seam updates its row. This is the checklist the team works through to go from "MVP with mocks" to "production with real providers".
Status legend: 🔴 not built · 🟡 mocked (seam + fake impl in place) · 🟢 real integration live.
| Seam (interface) | Introduced in | What it fakes | Config keys | Make it real → | Status |
|---|---|---|---|---|---|
ISmsSender |
backend-phase-2 | OTP/SMS delivery — logs the code instead of sending | tbd | Implement a Kavenegar/Ghasedak/SMS.ir client; keep idempotency + rate-limit | 🔴 |
IObjectStorage |
backend-phase-0/6 | File storage — local-disk store under a scratch root (LocalDiskObjectStorage, Baya.Infrastructure.CrossCutting/Seams/) |
Seams:ObjectStorage:RootPath (default: temp dir) |
Point at MinIO/S3/ArvanCloud; presigned upload/download; bucket + creds | 🟡 |
ICacheService |
backend-phase-0 | Caching — in-memory IMemoryCache (MemoryCacheService, Baya.Infrastructure.CrossCutting/Seams/) |
none | Swap to Redis (StackExchange.Redis); keep key/TTL scheme |
🟡 |
IDistributedLock |
backend-phase-10 | Money-path locks — no-op/in-proc | tbd | Redis lock (RedLock); DB constraint remains the backstop | 🔴 |
INurseSearch |
backend-phase-7 | Search — SQL over nurse_search_index |
tbd | Elasticsearch index + feeder; reimplement the interface | 🔴 |
IPaymentProvider |
backend-phase-10 | Card PSP/IPG — deterministic success | tbd | ZarinPal/Sadad/Vandar/Jibit + Shaparak; merchant/terminal/تسهیم | 🔴 |
ISettlementSplitProvider |
backend-phase-10 | تسهیم split — accepts any balanced legs | tbd | Provider split-by-ratio to registered Shebas | 🔴 |
IWebhookVerifier |
backend-phase-10 | Callback auth — always valid | tbd | Per-provider HMAC/signature + server-side re-verify | 🔴 |
IBnplProvider |
backend-phase-12 | BNPL — drives state machine, fake settle/revert | tbd | SnappPay/Digipay OAuth + verb set; encrypted creds in payment_gateways.config_json |
🔴 |
ICurrencyNormalizer |
backend-phase-12 | Toman↔IRR — ×10 | tbd | Config-driven per provider boundary | 🔴 |
IBankTransferProvider |
backend-phase-13 | PAYA/SATNA payout — fake transfer ref | tbd | Jibit/Vandar/Sadad payout; source account; PAYA vs SATNA | 🔴 |
IHolidayCalendar |
backend-phase-1 | Bank holidays — seeded static table | tbd | Iranian banking-holiday feed / sync job | 🔴 |
IShahkarVerifier |
backend-phase-6 | Phone↔national-id match — fake pass | tbd | Real Shahkar/KYC vendor; persist external_response_json |
🔴 |
IIdentityKycProvider |
backend-phase-6 | National-ID + liveness — fake pass | tbd | Finnotech/U-ID/Jibbit/Verify liveness+OCR | 🔴 |
ICredentialVerifier |
backend-phase-6 | MoH/INO/criminal-record — manual/fake | tbd | Manual admin today; API when a portal appears (verification_method=api) |
🔴 |
IBankAccountOwnershipVerifier |
backend-phase-3/6 | استعلام شبا IBAN↔national-id — fake match | tbd | Real KYC vendor; store ownership_vendor_ref |
🔴 |
IGeocoder |
backend-phase-4 | Address→lat/lng — echo/static | tbd | Neshan/Google geocoding | 🔴 |
IMoadianClient |
backend-phase-11 | سامانه مودیان e-invoice — leaves ref pending | tbd | Real مودیان submission → 22-digit ref | 🔴 |
IReviewModerationService |
backend-phase-14 | AI moderation — keyword/pass-through | tbd | Real classifier/LLM endpoint | 🔴 |
IFieldEncryptor |
backend-phase-0 | PII encryption — AES-256-CBC + HMAC hash from a local symmetric key (SymmetricFieldEncryptor, Baya.Infrastructure.CrossCutting/Seams/) |
Seams:FieldEncryption:Key, Seams:FieldEncryption:HashKey |
KMS / column encryption / Key Vault / HSM | 🟡 |
INotificationDispatcher |
backend-phase-0/15 | Notification channels — logs/no-op (LogNotificationDispatcher, Baya.Infrastructure.CrossCutting/Seams/); no write yet |
none | Add the in-app notifications write (b15) + SMS/push (FCM); polling → Redis pub/sub or SignalR later |
🟡 |
ILicenseVerificationService |
backend-phase-15 | eNamad / MoH establishment-permit — manual approve | tbd | Real registry/API | 🔴 |
Exact config keys and file paths get filled in by the phase that builds each seam. Keep the "Make it real →" column actionable enough that a developer can pick up any single row and ship it.