senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/docs/SMOKE_TEST_V0903.md
senke da20e83e09 docs: complete roadmap documentation v0.703 to v0.903 (v1.0 target) 
Add Release Scope, Implementation Plan, and Smoke Test for 7 versions:
- v0.703: Go Live & Streaming Complet (Phase 7 Finale)
- v0.801: UX/UI Polish, Accessibilite & PWA (Phase 8)
- v0.802: Cloud Complet, Fichiers & Gear Avance (Phase 8)
- v0.803: Securite, Compliance & Outillage Dev (Phase 8)
- v0.901: Marketplace Complet & Analytics Avances (Phase 9)
- v0.902: Social Complet, Chat & Notifications (Phase 9)
- v0.903: Stabilisation v1.0 & Launch Readiness (Phase 9)

21 documents total (3 per version), covering all remaining features
needed to reach v1.0 from v0.702.
2026-02-24 01:32:04 +01:00

245 lines
6.4 KiB
Markdown
Raw Blame History

# Smoke Test v0.903 — Stabilisation v1.0 & Launch Readiness
## Prérequis
- `veza-backend-api` compilé et démarré
- PostgreSQL avec migrations appliquées jusqu'à 134+
- Extensions PostgreSQL : `pg_trgm`, `fuzzystrmatch`
- Redis configuré
- `.env` complet (DATABASE_URL, JWT_SECRET, HCAPTCHA_SECRET, etc.)
- Utilisateur standard + admin avec tokens JWT
- Données suffisantes : tracks, plays, playlists, users, orders
---
## 1. Recherche & Recommandations (ST1)
### 1.1 Recherche phonétique
```bash
curl -s "http://localhost:8080/api/v1/search?q=hiphop" \
-H "Authorization: Bearer {TOKEN}" | jq '.data.results | length'
# Attendu: trouve des résultats pour "hip hop", "hip-hop", "hiphop"
```
### 1.2 "Did you mean"
```bash
curl -s "http://localhost:8080/api/v1/search?q=electrnoic" \
-H "Authorization: Bearer {TOKEN}" | jq '.data.did_you_mean'
# Attendu: "electronic"
```
### 1.3 Saved searches
```bash
curl -s -X POST http://localhost:8080/api/v1/search/saved \
-H "Authorization: Bearer {TOKEN}" \
-H "Content-Type: application/json" \
-d '{"query": "chill beats", "filters": {"genre": "lofi"}}' | jq .
# Attendu: 201, saved search created
curl -s http://localhost:8080/api/v1/search/saved \
-H "Authorization: Bearer {TOKEN}" | jq .
# Attendu: 200, liste des recherches sauvegardées
```
### 1.4 Recommendations
```bash
curl -s http://localhost:8080/api/v1/tracks/recommendations \
-H "Authorization: Bearer {TOKEN}" | jq '.data | length'
# Attendu: >= 10 tracks recommandées (collaborative filtering ou fallback genre/BPM)
```
### 1.5 Auto playlists
```bash
# Frontend: naviguer vers Library
# Vérifier: section "Made for You" avec "Discover Weekly" (30 tracks) et "Your Top Tracks" (20 tracks)
# Vérifier: badge "Auto" sur ces playlists
# Vérifier: playlists en lecture seule
```
---
## 2. Player & Playlists (ST2)
### 2.1 Smart playlist
```bash
curl -s -X POST http://localhost:8080/api/v1/playlists/smart \
-H "Authorization: Bearer {TOKEN}" \
-H "Content-Type: application/json" \
-d '{"name": "Fast Hip Hop", "rules": [{"field":"genre","op":"eq","value":"hip-hop"},{"field":"bpm","op":"gt","value":"120"}], "logic": "AND", "limit": 50}' | jq .
# Attendu: 201, smart playlist created with matching tracks
```
### 2.2 Export M3U
```bash
curl -s http://localhost:8080/api/v1/playlists/{PLAYLIST_ID}/export?format=m3u \
-H "Authorization: Bearer {TOKEN}" -o playlist.m3u
head playlist.m3u
# Attendu: #EXTM3U header, entries with #EXTINF and URLs
```
### 2.3 Merge playlists
```bash
curl -s -X POST http://localhost:8080/api/v1/playlists/merge \
-H "Authorization: Bearer {TOKEN}" \
-H "Content-Type: application/json" \
-d '{"playlist_ids": ["{ID1}", "{ID2}"], "name": "Merged Playlist"}' | jq .
# Attendu: 201, merged playlist with deduplicated tracks
```
### 2.4 Duplicate playlist
```bash
curl -s -X POST http://localhost:8080/api/v1/playlists/{PLAYLIST_ID}/duplicate \
-H "Authorization: Bearer {TOKEN}" | jq .
# Attendu: 201, "Copy of {original name}"
```
---
## 3. Auth & Sécurité (ST3)
### 3.1 Sessions actives
```bash
curl -s http://localhost:8080/api/v1/auth/sessions \
-H "Authorization: Bearer {TOKEN}" | jq .
# Attendu: 200, liste des sessions avec device, IP, last_active_at
# Attendu: session courante marquée is_current=true
```
### 3.2 Révoquer une session
```bash
curl -s -X DELETE http://localhost:8080/api/v1/auth/sessions/{SESSION_ID} \
-H "Authorization: Bearer {TOKEN}" | jq .
# Attendu: 200, session révoquée
# Vérifier: token de cette session invalide
```
### 3.3 Login history
```bash
curl -s http://localhost:8080/api/v1/auth/login-history \
-H "Authorization: Bearer {TOKEN}" | jq '.data | length'
# Attendu: dernières connexions avec IP, device, date, success/failure
```
### 3.4 CAPTCHA
```bash
# Effectuer 3 tentatives de login échouées
# 4ème tentative: vérifier que le formulaire affiche un CAPTCHA
# Vérifier: login sans CAPTCHA → 400 "CAPTCHA required"
```
### 3.5 Password history
```bash
# Changer mot de passe vers "NewPassword1!"
# Tenter de rechanger vers l'ancien mot de passe
# Attendu: 400, "Cannot reuse recent passwords"
```
### 3.6 Frontend
```bash
# Settings → Security → Sessions
# Vérifier: tableau des devices actifs, bouton Revoke
# Settings → Security → Login History
# Vérifier: historique des connexions
```
---
## 4. Performance (ST4)
### 4.1 k6 load test
```bash
cd tests/load && k6 run auth-flow.js --vus 100 --duration 5m
# Attendu: p95 < 200ms, error rate < 1%
```
### 4.2 Cache Redis
```bash
# Effectuer 2 recherches identiques à 1s d'intervalle
# Vérifier: 2ème réponse significativement plus rapide (cache hit)
```
### 4.3 Cache headers assets
```bash
curl -sI http://localhost:5173/assets/index-*.js | grep cache-control
# Attendu: cache-control: max-age=31536000, immutable
```
---
## 5. Documentation v1.0 (ST5)
- [ ] `docs/API_REFERENCE.md` — tous les endpoints documentés
- [ ] `docs/PRODUCTION_GUIDE.md` — guide déploiement production complet
- [ ] `README.md` — mis à jour avec architecture v1.0, quick start, features
- [ ] `docs/MIGRATION_GUIDE.md` — liste migrations complète, procédure upgrade
---
## 6. E2E Final (REL)
### 6.1 Smoke tests précédents
```bash
# Exécuter les vérifications critiques de chaque version :
# v0.703: GET /live/streams/me/key → 200
# v0.801: curl -sI | grep content-security-policy → present
# v0.802: GET /cloud/files/:id/versions → 200
# v0.803: GET /swagger/index.html → 200
# v0.901: GET /marketplace/wishlist → 200
# v0.902: GET /social/hashtags/trending → 200
```
### 6.2 Security headers
```bash
curl -sI http://localhost:8080/api/v1/health | grep -iE "csp|hsts|x-frame|x-content"
# Attendu: tous les headers de sécurité présents
```
### 6.3 GDPR
```bash
# POST /users/me/export → 202 (export démarré)
# DELETE /users/me → 200 (compte supprimé, données anonymisées)
```
### 6.4 Lighthouse
```bash
# Chrome DevTools → Lighthouse (Mobile)
# Performance: ≥ 85
# Accessibility: ≥ 90
# PWA: ≥ 90
# Best Practices: ≥ 85
# SEO: ≥ 80
```
---
## 7. Release
- [ ] `CHANGELOG.md` contient historique complet v0.101 → v1.0
- [ ] `docs/PROJECT_STATE.md` : Version = v1.0, Phase = Released
- [ ] `docs/FEATURE_STATUS.md` : modules v1.0 finalisés
- [ ] `docs/RETROSPECTIVE_V0903.md` créée
- [ ] `docs/RETROSPECTIVE_V1.md` — rétrospective globale
- [ ] `git tag v0.903` créé
- [ ] `git tag v1.0` créé
Reference in a new issue View git blame Copy permalink