Overview
src/tenancy/entities/tenant.entity.ts stores userLimit and storageLimit but there is no enforcement of these limits in API handlers. A tenant can create unlimited users or upload unlimited content, violating billing agreements.
Specifications
Features:
- Enforce
userLimit on user creation for a tenant.
- Enforce
storageLimit on content upload for a tenant.
Tasks:
- Create
TenantLimitGuard that injects TenancyService and checks the relevant limit before allowing the operation.
- Apply the guard to user-creation and content-upload endpoints.
- Return 402 Payment Required when limit is exceeded.
- Add unit tests for at-limit and over-limit scenarios.
Impacted Files:
- New
src/tenancy/guards/tenant-limit.guard.ts
- User creation and CDN upload controllers.
Acceptance Criteria
- User creation beyond
userLimit returns 402.
- Storage upload beyond
storageLimit returns 402.
- Tenants at exactly the limit can still create one more (boundary condition tested).
Overview
src/tenancy/entities/tenant.entity.tsstoresuserLimitandstorageLimitbut there is no enforcement of these limits in API handlers. A tenant can create unlimited users or upload unlimited content, violating billing agreements.Specifications
Features:
userLimiton user creation for a tenant.storageLimiton content upload for a tenant.Tasks:
TenantLimitGuardthat injectsTenancyServiceand checks the relevant limit before allowing the operation.Impacted Files:
src/tenancy/guards/tenant-limit.guard.tsAcceptance Criteria
userLimitreturns 402.storageLimitreturns 402.