feat: ticketmaster API completa#13
Merged
Merged
Conversation
) * docs: swagger completo en todos los controllers y DTOs (#9) - ApiResponse (200/201/400/401/403/404) en Auth, Events, Categories, Orders - ApiParam en todos los endpoints con params UUID - ApiQuery en GET /events paginado - Descriptions y examples en todos los DTOs - UpdateEventStatusDto con descripción de cada estado - RefreshDto, ChangeRoleDto, RegisterDto, LoginDto con descriptions - poster field con format: binary en CreateEventDto * fix: security audit, architecture refactor and test fixes Security fixes: - CategoriesController: add RolesGuard + @roles(ADMIN) on POST and DELETE - CategoriesModule: add PrismaModule import (app crashed on startup) - WebhooksController: validate stripe-signature header before calling Stripe - STRIPE_SECRET_KEY: throw on startup if not defined in OrdersService and WebhooksService - handlePaymentSucceeded: guard against EXPIRED->PAID on late webhooks Bug fixes: - Stripe rollback: delete orphaned Ticket records when PaymentIntent creation fails - stripeClientSecret: throw BadRequestException if Stripe returns null - auth.service: include name in JWT payload (user.name was undefined in emails) - refresh token: use deleteMany + count check to handle race condition Consistency fixes: - CheckoutDto: raise @max from 10 to 20 to match maxTicketsPerUser upper bound - EventsService.findOne: add publicOnly flag to hide DRAFT events from public endpoint Architecture: - Extract QueuesModule to decouple EventsModule and WebhooksModule from OrdersModule - Move emitStockForEvent to WebsocketGateway as single source of truth - WebsocketGateway: read WEBSOCKET_CORS_ORIGIN from env instead of hardcoded wildcard - RedisModule + BullMQ: support optional REDIS_PASSWORD for production - WebsocketModule: import PrismaModule for gateway dependency Postman: - Fix Get Event By ID test order: move after PUBLISHED update to avoid 404 Made-with: Cursor * chore: remove temp commit message file Made-with: Cursor
* docs: swagger completo en todos los controllers y DTOs (#9) - ApiResponse (200/201/400/401/403/404) en Auth, Events, Categories, Orders - ApiParam en todos los endpoints con params UUID - ApiQuery en GET /events paginado - Descriptions y examples en todos los DTOs - UpdateEventStatusDto con descripción de cada estado - RefreshDto, ChangeRoleDto, RegisterDto, LoginDto con descriptions - poster field con format: binary en CreateEventDto * fix: security audit, architecture refactor and test fixes Security fixes: - CategoriesController: add RolesGuard + @roles(ADMIN) on POST and DELETE - CategoriesModule: add PrismaModule import (app crashed on startup) - WebhooksController: validate stripe-signature header before calling Stripe - STRIPE_SECRET_KEY: throw on startup if not defined in OrdersService and WebhooksService - handlePaymentSucceeded: guard against EXPIRED->PAID on late webhooks Bug fixes: - Stripe rollback: delete orphaned Ticket records when PaymentIntent creation fails - stripeClientSecret: throw BadRequestException if Stripe returns null - auth.service: include name in JWT payload (user.name was undefined in emails) - refresh token: use deleteMany + count check to handle race condition Consistency fixes: - CheckoutDto: raise @max from 10 to 20 to match maxTicketsPerUser upper bound - EventsService.findOne: add publicOnly flag to hide DRAFT events from public endpoint Architecture: - Extract QueuesModule to decouple EventsModule and WebhooksModule from OrdersModule - Move emitStockForEvent to WebsocketGateway as single source of truth - WebsocketGateway: read WEBSOCKET_CORS_ORIGIN from env instead of hardcoded wildcard - RedisModule + BullMQ: support optional REDIS_PASSWORD for production - WebsocketModule: import PrismaModule for gateway dependency Postman: - Fix Get Event By ID test order: move after PUBLISHED update to avoid 404 Made-with: Cursor * chore: remove temp commit message file Made-with: Cursor
* test: complete unit test coverage for all services - EmailService: 0% → 100% stmts/funcs, all 5 email types + error paths - StorageService: 0% → 100% funcs, upload/delete AWS + MinIO + error handling - WebsocketGateway: 0% → 100% funcs, emitStockUpdate + emitStockForEvent - OrdersService: add findMyOrders + findOne, cover lines 342-400 - QueuesService: remove duplicate tests, clean delay branch coverage - Global functions threshold: 76.92% → 100% (was failing CI) * feat: k6 load tests + ACID fix + throttle config - 5 escenarios k6: ramp-up, spike, soak, ACID, rate limit - Fix sobreventa: UPDATE atómico en checkout - Throttle configurable: global, checkout, login - README k6 con resultados y guía dev/prod - orders.service.spec.ts: agregar \ al tx mock (atomic stock decrement) - email.service.spec.ts: configurar ConfigService mock antes de createTestingModule
* ci: GitHub Actions workflows + fix colección Postman - ci.yml: lint, typecheck, jest en cada PR - newman.yml: integration tests con postgres y redis - k6-smoke.yml: smoke test 10 VUs en cada PR - postman: email único por ejecución (fix 409 en Register Customer) * docs: README profesional completo - Descripción del proyecto y stack tecnológico - Diagramas Mermaid: arquitectura y flujo de checkout - Guía de instalación con Docker, MinIO y Stripe CLI - Tabla completa de endpoints - Explicación ACID y prevención de sobreventa - Resultados k6 y referencia a escenarios - Sección producción MinIO → AWS S3 - Badges de CI/CD * fix: add dummy DATABASE_URL for prisma generate on pnpm install in CI * fix: use pnpm exec jest directly to pass CI flags correctly * fix: add MinIO service, bucket setup and nohup API start in CI * fix: wait for MinIO health before creating bucket * fix: run MinIO manually via docker run instead of services (command not supported in GH Actions services) * fix: verify dist/ exists after build and use node dist/main directly * fix: run prisma generate before nest build in CI (generated client not in git) * fix: write real DATABASE_URL to .env before build for prisma.config.ts dotenv import * fix: use node dist/src/main (NestJS compiles to dist/src/ per nest-cli.json sourceRoot) * fix: move body-parser to dependencies (required at runtime, was only in devDependencies)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Merge development → main con el proyecto completo. Ver README para detalles.