user-system/docs/evidence/ops/2026-03-27/quality/COVERAGE_REMEDIATION_20260327-233824.md

# 2026-03-27 Q-004 Coverage Remediation Pass 5

## Scope

- Continue remediating the remaining real `Q-004` gaps after Pass 4.
- This pass focused on:
  - deeper non-network `internal/auth/providers` parsing and error branches
  - low-coverage admin log pages

## Changes

### Frontend

- Added page-level regression coverage in:
  - `frontend/admin/src/pages/admin/LoginLogsPage/LoginLogsPage.test.tsx`
  - `frontend/admin/src/pages/admin/OperationLogsPage/OperationLogsPage.test.tsx`
- Newly covered page behavior includes:
  - initial load
  - filter application
  - reset
  - refresh
  - pagination callback handling
  - detail drawer open/close flow
  - page-level error retry

### Backend

- Added provider non-network transport tests in:
  - `internal/auth/providers/provider_http_roundtrip_test.go`
- The new tests replace live network dependencies with a fake `http.DefaultTransport`.
- Newly covered provider logic includes:
  - `QQProvider.GetOpenID` success and invalid-JSON failure
  - `QQProvider.GetUserInfo` API-error and success branches
  - `WeiboProvider.ValidateToken` error / valid / ambiguous / invalid-JSON branches
  - `WeChatProvider.ValidateToken` success / failure / invalid-JSON branches
  - `GoogleProvider.ValidateToken` success and parse-failure branches
  - `FacebookProvider.GetUserInfo` `error.message` and success branches

## Verified Commands

```powershell
cd D:\project\frontend\admin
npm.cmd run test:run -- src/pages/admin/LoginLogsPage/LoginLogsPage.test.tsx
npm.cmd run test:run -- src/pages/admin/OperationLogsPage/OperationLogsPage.test.tsx
npm.cmd run lint
npm.cmd run build
npm.cmd run test:coverage

cd D:\project
$env:GOCACHE='D:\project\.tmp\gocache'
$env:GOPATH='D:\project\.tmp\go'
$env:GOMODCACHE='D:\project\.tmp\go\pkg\mod'
go test ./internal/auth/providers -run 'Test(QQProviderGetOpenIDAndUserInfoWithDefaultTransport|WeiboProviderValidateTokenWithDefaultTransport|WeChatProviderValidateTokenWithDefaultTransport|GoogleProviderValidateTokenWithDefaultTransport|FacebookProviderGetUserInfoWithDefaultTransport)$' -count=1
go test ./... -count=1
go vet ./...
go build ./cmd/server
go test ./internal/auth/providers ./internal/repository -cover -count=1
```

## Results

### Frontend coverage

- Overall:
  - statements `56.81%`
  - branches `44.67%`
  - functions `57.38%`
  - lines `57.57%`
- Target areas:
  - `services`: `86.2%` statements, `90.9%` branches
  - `src/pages/admin/LoginLogsPage/LoginLogsPage.tsx`: `93.1%` statements, `55.55%` branches
  - `src/pages/admin/OperationLogsPage/OperationLogsPage.tsx`: `91.52%` statements, `68.75%` branches

### Backend coverage

- `internal/auth/providers`: `28.7%`
- `internal/repository`: `37.1%`

## Validation Notes

- `npm.cmd run test:coverage` completed successfully with `28` passing test files and `96` passing tests.
- The same successful coverage run still printed one post-summary jsdom `AggregateError` network-noise line.
  - This did not fail the command.
  - It is still a real residual test-hygiene issue and should be traced separately instead of being ignored or misrepresented as a clean zero-noise run.

## Real Conclusion

- This pass materially reduced two real `Q-004` gaps:
  - admin log pages are no longer among the main uncovered page-level hotspots
  - `internal/auth/providers` improved substantially from the previous `15.2%`, but remains materially under-covered
- `Q-004` still cannot be honestly declared closed.
- The main remaining real gaps are now concentrated in:
  - deeper `internal/auth/providers` paths beyond the new non-network parsing/error coverage
  - still-uncovered admin pages/components such as:
    - `PermissionsPage`
    - `RolesPage`
    - `ProfilePage`
    - multiple admin drawers/modals that still remain near `0%`
- Secondary remaining gap:
  - `internal/repository` has improved, but `37.1%` is still not a closure-grade depth