tests/TeamUp.IntegrationTests/SkillRegistryTests.cs

using System.Net;
using System.Net.Http.Headers;
using System.Net.Http.Json;
using Xunit;

namespace TeamUp.IntegrationTests;

/// <summary>
/// M2 skill-registry acceptance: index a SKILL.md, then find it queryable by role; a skill with
/// roles + golden tests publishes, a malformed one is rejected, and the catalogue needs auth.
/// </summary>
public sealed class SkillRegistryTests(PostgresFixture postgres) : IClassFixture<PostgresFixture>
{
    private const string SpecWritingSkill =
        """
        ---
        id: spec-writing
        name: Spec Writing
        version: 1.0.0
        summary: Turn a feature request into a structured spec and child stories.
        roles: [product-owner]
        inputs: A feature request or task.
        outputs: A spec plus proposed child stories.
        actions:
          - name: write-spec
            risk: draft
          - name: create-child-stories
            risk: draft
        tools: []
        context: [house-style]
        visibility: public
        min_tier: free
        golden_tests:
          - input: "Add a logout button"
            expected: "Spec: a logout button in the header that ends the session."
        ---

        # Spec Writing

        Write a clear, testable spec, then propose child stories.
        """;

    private sealed record BootstrapResponse(string Token, Guid MemberId, Guid OrganizationId);

    private sealed record ActionDto(string Name, string Risk);

    private sealed record SkillSummary(
        string SkillKey, string Name, string Version, string? Summary, List<string> Roles,
        string Visibility, string MinTier, string Status, List<ActionDto> Actions);

    private sealed record SkillDetail(
        SkillSummary Skill, string? Inputs, string? Outputs, List<string> Tools,
        List<string> Context, int GoldenTestCount, string Body);

    [Fact]
    public async Task Index_publishes_and_makes_skill_queryable_by_role()
    {
        await using var factory = new TeamUpWebFactory(postgres.ConnectionString);
        using var anon = factory.CreateClient();

        // The catalogue requires auth.
        Assert.Equal(HttpStatusCode.Unauthorized, (await anon.GetAsync("/api/skills/")).StatusCode);

        var bootstrap = await anon.PostAsJsonAsync("/api/identity/bootstrap", new
        {
            organizationName = "AliaSaaS",
            ownerEmail = "owner@alia.test",
            ownerDisplayName = "Owner",
            ownerPassword = "Passw0rd!",
        });
        var owner = await bootstrap.Content.ReadFromJsonAsync<BootstrapResponse>();
        Assert.NotNull(owner);

        using var client = factory.CreateClient();
        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", owner!.Token);

        // Index the SKILL.md.
        var indexResponse = await client.PostAsJsonAsync("/api/skills/index", new { content = SpecWritingSkill });
        Assert.Equal(HttpStatusCode.OK, indexResponse.StatusCode);
        var indexed = await indexResponse.Content.ReadFromJsonAsync<SkillDetail>();
        Assert.NotNull(indexed);
        Assert.Equal("spec-writing", indexed!.Skill.SkillKey);
        Assert.Equal("Published", indexed.Skill.Status); // has roles + a golden test
        Assert.Equal(1, indexed.GoldenTestCount);
        Assert.Contains(indexed.Skill.Actions, a => a.Name == "write-spec" && a.Risk == "Draft");

        // Queryable by its role…
        var forPo = await client.GetFromJsonAsync<List<SkillSummary>>("/api/skills/?role=product-owner");
        Assert.Contains(forPo!, s => s.SkillKey == "spec-writing");

        // …but not under an unrelated role.
        var forQa = await client.GetFromJsonAsync<List<SkillSummary>>("/api/skills/?role=qa");
        Assert.DoesNotContain(forQa!, s => s.SkillKey == "spec-writing");

        // Detail by key.
        var detail = await client.GetFromJsonAsync<List<SkillDetail>>("/api/skills/spec-writing");
        Assert.Single(detail!);
        Assert.Equal("public", detail![0].Skill.Visibility.ToLowerInvariant());

        // Re-indexing the same key+version updates in place (no duplicate).
        await client.PostAsJsonAsync("/api/skills/index", new { content = SpecWritingSkill });
        var afterReindex = await client.GetFromJsonAsync<List<SkillDetail>>("/api/skills/spec-writing");
        Assert.Single(afterReindex!);

        // A malformed SKILL.md (no frontmatter) is rejected.
        var bad = await client.PostAsJsonAsync("/api/skills/index", new { content = "# no frontmatter here" });
        Assert.Equal(HttpStatusCode.BadRequest, bad.StatusCode);
    }
}
M2: skill index — SKILL.md parsing, pgvector index, query by role 2026-06-09 18:01:37 +03:30			`using System.Net;`
			`using System.Net.Http.Headers;`
			`using System.Net.Http.Json;`
			`using Xunit;`

			`namespace TeamUp.IntegrationTests;`

			`/// <summary>`
			`/// M2 skill-registry acceptance: index a SKILL.md, then find it queryable by role; a skill with`
			`/// roles + golden tests publishes, a malformed one is rejected, and the catalogue needs auth.`
			`/// </summary>`
			`public sealed class SkillRegistryTests(PostgresFixture postgres) : IClassFixture<PostgresFixture>`
			`{`
			`private const string SpecWritingSkill =`
			`"""`
			`---`
			`id: spec-writing`
			`name: Spec Writing`
			`version: 1.0.0`
			`summary: Turn a feature request into a structured spec and child stories.`
			`roles: [product-owner]`
			`inputs: A feature request or task.`
			`outputs: A spec plus proposed child stories.`
			`actions:`
			`- name: write-spec`
			`risk: draft`
			`- name: create-child-stories`
			`risk: draft`
			`tools: []`
			`context: [house-style]`
			`visibility: public`
			`min_tier: free`
			`golden_tests:`
			`- input: "Add a logout button"`
			`expected: "Spec: a logout button in the header that ends the session."`
			`---`

			`# Spec Writing`

			`Write a clear, testable spec, then propose child stories.`
			`""";`

			`private sealed record BootstrapResponse(string Token, Guid MemberId, Guid OrganizationId);`

			`private sealed record ActionDto(string Name, string Risk);`

			`private sealed record SkillSummary(`
			`string SkillKey, string Name, string Version, string? Summary, List<string> Roles,`
			`string Visibility, string MinTier, string Status, List<ActionDto> Actions);`

			`private sealed record SkillDetail(`
			`SkillSummary Skill, string? Inputs, string? Outputs, List<string> Tools,`
			`List<string> Context, int GoldenTestCount, string Body);`

			`[Fact]`
			`public async Task Index_publishes_and_makes_skill_queryable_by_role()`
			`{`
			`await using var factory = new TeamUpWebFactory(postgres.ConnectionString);`
			`using var anon = factory.CreateClient();`

			`// The catalogue requires auth.`
			`Assert.Equal(HttpStatusCode.Unauthorized, (await anon.GetAsync("/api/skills/")).StatusCode);`

			`var bootstrap = await anon.PostAsJsonAsync("/api/identity/bootstrap", new`
			`{`
			`organizationName = "AliaSaaS",`
			`ownerEmail = "owner@alia.test",`
			`ownerDisplayName = "Owner",`
			`ownerPassword = "Passw0rd!",`
			`});`
			`var owner = await bootstrap.Content.ReadFromJsonAsync<BootstrapResponse>();`
			`Assert.NotNull(owner);`

			`using var client = factory.CreateClient();`
			`client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", owner!.Token);`

			`// Index the SKILL.md.`
			`var indexResponse = await client.PostAsJsonAsync("/api/skills/index", new { content = SpecWritingSkill });`
			`Assert.Equal(HttpStatusCode.OK, indexResponse.StatusCode);`
			`var indexed = await indexResponse.Content.ReadFromJsonAsync<SkillDetail>();`
			`Assert.NotNull(indexed);`
			`Assert.Equal("spec-writing", indexed!.Skill.SkillKey);`
			`Assert.Equal("Published", indexed.Skill.Status); // has roles + a golden test`
			`Assert.Equal(1, indexed.GoldenTestCount);`
			`Assert.Contains(indexed.Skill.Actions, a => a.Name == "write-spec" && a.Risk == "Draft");`

			`// Queryable by its role…`
			`var forPo = await client.GetFromJsonAsync<List<SkillSummary>>("/api/skills/?role=product-owner");`
			`Assert.Contains(forPo!, s => s.SkillKey == "spec-writing");`

			`// …but not under an unrelated role.`
			`var forQa = await client.GetFromJsonAsync<List<SkillSummary>>("/api/skills/?role=qa");`
			`Assert.DoesNotContain(forQa!, s => s.SkillKey == "spec-writing");`

			`// Detail by key.`
			`var detail = await client.GetFromJsonAsync<List<SkillDetail>>("/api/skills/spec-writing");`
			`Assert.Single(detail!);`
			`Assert.Equal("public", detail![0].Skill.Visibility.ToLowerInvariant());`

			`// Re-indexing the same key+version updates in place (no duplicate).`
			`await client.PostAsJsonAsync("/api/skills/index", new { content = SpecWritingSkill });`
			`var afterReindex = await client.GetFromJsonAsync<List<SkillDetail>>("/api/skills/spec-writing");`
			`Assert.Single(afterReindex!);`

			`// A malformed SKILL.md (no frontmatter) is rejected.`
			`var bad = await client.PostAsJsonAsync("/api/skills/index", new { content = "# no frontmatter here" });`
			`Assert.Equal(HttpStatusCode.BadRequest, bad.StatusCode);`
			`}`
			`}`