Previously, the system allowed AI-type users to be set as ApplicantUsers on JobApplications, which doesn't align with the business logic where only human users should be able to be job applicants.
Implemented validation to ensure only Human-type users can be ApplicantUsers.
Added a static validation method:
/// <summary>
/// Validates that the applicant user is of type Human.
/// AI users cannot be applicants.
/// </summary>
public static void ValidateApplicantUserType(User user)
{
if (user.Type != UserType.Human)
{
throw new InvalidOperationException($"Only Human users can be applicants. User '{user.DisplayName}' (ID: {user.Id}) is of type {user.Type}.");
}
}Updated the CreateJobApplication endpoint to validate the applicant user type:
// Validate that ApplicantUser exists and is of type Human
var applicantUser = await _context.Users
.FirstOrDefaultAsync(u => u.Id == createJobApplicationDto.ApplicantUserId && u.ArchivedAt == null);
if (applicantUser == null)
{
return BadRequest("Applicant user not found or archived.");
}
// Validate that only Human users can be applicants
try
{
JobApplication.ValidateApplicantUserType(applicantUser);
}
catch (InvalidOperationException ex)
{
return BadRequest(ex.Message);
}Added two new test cases:
- ValidateApplicantUserType_WithHumanUser_DoesNotThrow: Verifies that Human users pass validation
- ValidateApplicantUserType_WithAIUser_ThrowsInvalidOperationException: Verifies that AI users are rejected with an appropriate error message
- All 35 tests passed
- Build succeeded with no errors or warnings
When attempting to create a JobApplication with an AI user as the applicant:
- HTTP Status: 400 Bad Request
- Error Message: "Only Human users can be applicants. User '[Name]' (ID: [GUID]) is of type AI."
- Type Safety: Enforces business logic at the domain level
- Clear Error Messages: Provides detailed feedback when validation fails
- Comprehensive Testing: Validates both success and failure scenarios
- Maintainability: Centralized validation logic that can be reused if needed