Implement Sprint 1 stories: collections, RBAC, audit logging, load testing

Complete 6 Sprint 1 stories for Epic 1 web migration infrastructure. Portfolio Collection: - Add 7 fields: title, slug, url, image, description, websiteType, tags - Configure R2 storage and authenticated access control Categories Collection: - Add nameEn, order, textColor, backgroundColor fields - Add color picker UI configuration Posts Collection: - Add excerpt with 200 char limit and ogImage for social sharing - Add showInFooter checkbox and status select (draft/review/published) Role-Based Access Control: - Add role field to Users collection (admin/editor) - Create adminOnly and authenticated access functions - Apply access rules to Portfolio, Categories, Posts, Users collections Audit Logging System (NFR9): - Create Audit collection with timestamps for 90-day retention - Add auditLogger utility for login/logout/content change tracking - Add auditChange and auditGlobalChange hooks to all collections and globals - Add cleanupAuditLogs job with 90-day retention policy Load Testing Framework (NFR4): - Add k6 load testing with 3 scripts: public-browsing, admin-operations, api-performance - Configure targets: p95 < 500ms, error rate < 1%, 100 concurrent users - Add verification script and comprehensive documentation Other Changes: - Remove unused Form blocks - Add Header/Footer audit hooks - Regenerate Payload TypeScript types
2026-01-31 17:20:35 +08:00
parent 0846318d6e
commit 7fd73e0e3d
48 changed files with 19497 additions and 5261 deletions
--- a/apps/backend/tests/k6/verify-setup.js
+++ b/apps/backend/tests/k6/verify-setup.js
@@ -0,0 +1,59 @@
+/**
+ * K6 Setup Verification Script
+ * Run this to verify your k6 installation and environment
+ */
+
+import { check } from 'k6';
+import http from 'k6/http';
+
+// Test configuration - minimal load
+export const options = {
+  vus: 1,
+  iterations: 1,
+  thresholds: {
+    http_req_duration: ['p(95) < 1000'], // Relaxed for verification
+    http_req_failed: ['rate < 0.05'],     // Allow some failures during setup
+  },
+};
+
+const baseUrl = __ENV.BASE_URL || 'http://localhost:3000';
+
+export default function () {
+  console.log(`=== K6 Setup Verification ===`);
+  console.log(`Target: ${baseUrl}`);
+
+  // Test 1: Server is reachable
+  const homeRes = http.get(baseUrl);
+  check(homeRes, {
+    'Server is reachable': (r) => r.status !== 0,
+    'Home page responds': (r) => [200, 301, 302, 404].includes(r.status),
+  });
+  console.log(`Home page status: ${homeRes.status}`);
+
+  // Test 2: API endpoint exists
+  const apiRes = http.get(`${baseUrl}/api/global`);
+  check(apiRes, {
+    'API endpoint responds': (r) => r.status !== 0,
+  });
+  console.log(`API status: ${apiRes.status}`);
+
+  // Test 3: Check response times
+  const timeRes = http.get(`${baseUrl}/api/pages`, {
+    tags: { name: 'pages_api' },
+  });
+  console.log(`Pages API response time: ${timeRes.timings.duration}ms`);
+
+  // Summary
+  console.log(`=== Verification Complete ===`);
+  console.log(`If all checks passed, you're ready to run load tests!`);
+  console.log(`Next: k6 run tests/k6/public-browsing.js`);
+}
+
+export function setup() {
+  console.log(`Starting K6 verification...`);
+  console.log(`k6 version: ${__K6_VERSION__ || 'unknown'}`);
+}
+
+export function teardown(data) {
+  console.log(`Verification finished.`);
+}