code: validate,dbal,user (2 files)

dbal/ts/src/core/validation/validate-id.ts

@@ -3,6 +3,12 @@ export function validateId(id: string): string[] {
 
   if (!id || id.trim().length === 0) {
     errors.push('ID cannot be empty')
+    return errors
+  }
+
+  const uuidPattern = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i
+  if (!uuidPattern.test(id.trim())) {
+    errors.push('ID must be a valid UUID')
   }
 
   return errors

dbal/ts/tests/core/validation/validate-user-create.test.ts

@@ -0,0 +1,34 @@
+import { describe, it, expect } from 'vitest'
+import { validateUserCreate } from '../../../src/core/validation/validate-user-create'
+
+describe('validateUserCreate', () => {
+  it.each([
+    {
+      data: {},
+      expected: ['Username is required', 'Email is required', 'Role is required'],
+      description: 'missing required fields',
+    },
+    {
+      data: { username: 'bad name', email: 'user@example.com', role: 'user' },
+      expected: ['Invalid username format (alphanumeric, underscore, hyphen only, 1-50 chars)'],
+      description: 'invalid username',
+    },
+    {
+      data: { username: 'user', email: 'invalid', role: 'user' },
+      expected: ['Invalid email format'],
+      description: 'invalid email',
+    },
+    {
+      data: { username: 'user', email: 'user@example.com', role: 'owner' },
+      expected: ['Invalid role'],
+      description: 'invalid role',
+    },
+    {
+      data: { username: 'user', email: 'user@example.com', role: 'admin' },
+      expected: [],
+      description: 'valid payload',
+    },
+  ])('returns expected errors for $description', ({ data, expected }) => {
+    expect(validateUserCreate(data)).toEqual(expected)
+  })
+})