Stage 10 final

test/api/api_admin_tests.erl

@@ -0,0 +1,27 @@
+-module(api_admin_tests).
+-export([test/0]).
+
+test() ->
+  io:format("Testing admin panel API...~n"),
+
+  AdminToken = api_test_runner:get_admin_token(),
+
+  % TEST 1: Admin healthcheck
+  io:format("  TEST 1: Admin healthcheck... "),
+  {ok, {{_, 200, _}, _, _}} = httpc:request(get, {"http://localhost:8445/admin/health", []}, [], []),
+  io:format("OK~n"),
+
+  % TEST 2: Admin stats
+  io:format("  TEST 2: Admin stats... "),
+  {ok, {{_, 200, _}, _, _}} = httpc:request(get,
+    {"http://localhost:8445/admin/stats", [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}]}, [], []),
+  io:format("OK~n"),
+
+  % TEST 3: List users
+  io:format("  TEST 3: List users... "),
+  {ok, {{_, 200, _}, _, _}} = httpc:request(get,
+    {"http://localhost:8445/admin/users", [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}]}, [], []),
+  io:format("OK~n"),
+
+  io:format("~n✅ Admin API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_auth_tests.erl

@@ -0,0 +1,64 @@
+-module(api_auth_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+
+test() ->
+  io:format("Testing authentication API...~n"),
+
+  Email = api_test_runner:unique_email(<<"auth_test">>),
+  Password = <<"test123">>,
+
+  % TEST 1: Register
+  io:format("  TEST 1: Register... "),
+  RegBody = #{email => Email, password => Password},
+  Token = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/register", RegBody), <<"token">>),
+  io:format("OK~n"),
+
+  % TEST 2: Register with existing email
+  io:format("  TEST 2: Register duplicate... "),
+  {ok, {{_, 409, _}, _, _}} = api_test_runner:http_post("/v1/register", RegBody),
+  io:format("OK~n"),
+
+  % TEST 3: Login with correct credentials
+  io:format("  TEST 3: Login... "),
+  LoginBody = #{email => Email, password => Password},
+  RefreshToken = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/login", LoginBody), <<"refresh_token">>),
+  io:format("OK~n"),
+
+  % TEST 4: Login with wrong password
+  io:format("  TEST 4: Login wrong password... "),
+  {ok, {{_, 401, _}, _, _}} = api_test_runner:http_post("/v1/login", #{email => Email, password => <<"wrong">>}),
+  io:format("OK~n"),
+
+  % TEST 5: Get profile with valid token
+  io:format("  TEST 5: Get profile... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/user/me", Token),
+  io:format("OK~n"),
+
+  % TEST 6: Get profile with invalid token
+  io:format("  TEST 6: Get profile invalid token... "),
+  {ok, {{_, 401, _}, _, _}} = api_test_runner:http_get("/v1/user/me", <<"invalid">>),
+  io:format("OK~n"),
+
+  % TEST 7: Refresh token
+  io:format("  TEST 7: Refresh token... "),
+  RefreshBody = #{refresh_token => RefreshToken},
+  NewToken = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/refresh", RefreshBody), <<"token">>),
+  io:format("OK~n"),
+
+  % TEST 8: Refresh with used token (should fail)
+  io:format("  TEST 8: Refresh with used token... "),
+  {ok, {{_, 401, _}, _, _}} = api_test_runner:http_post("/v1/refresh", RefreshBody),
+  io:format("OK~n"),
+
+  % TEST 9: Use new token
+  io:format("  TEST 9: Use new token... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/user/me", NewToken),
+  io:format("OK~n"),
+
+  io:format("~n✅ Authentication API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_booking_tests.erl

@@ -0,0 +1,83 @@
+-module(api_booking_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+
+test() ->
+  io:format("Testing booking API...~n"),
+
+  OwnerEmail = api_test_runner:unique_email(<<"book_owner">>),
+  ParticipantEmail = api_test_runner:unique_email(<<"book_part">>),
+
+  OwnerToken = api_test_runner:register_and_login(OwnerEmail, <<"owner123">>),
+  ParticipantToken = api_test_runner:register_and_login(ParticipantEmail, <<"part123">>),
+
+  % Используем COMMERCIAL календари
+  AutoCalId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars",
+      #{title => <<"Auto">>, type => <<"commercial">>, confirmation => <<"auto">>}, OwnerToken), <<"id">>),
+  ManualCalId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars",
+      #{title => <<"Manual">>, type => <<"commercial">>, confirmation => <<"manual">>}, OwnerToken), <<"id">>),
+
+  % Создаём события
+  AutoEventId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(AutoCalId) ++ "/events",
+      #{title => <<"Auto Event">>, start_time => <<"2026-06-01T10:00:00Z">>, duration => 60}, OwnerToken), <<"id">>),
+  ManualEventId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(ManualCalId) ++ "/events",
+      #{title => <<"Manual Event">>, start_time => <<"2026-06-01T10:00:00Z">>, duration => 60}, OwnerToken), <<"id">>),
+
+  % TEST 1: Auto booking
+  io:format("  TEST 1: Auto booking... "),
+  AutoBookingId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/events/" ++ binary_to_list(AutoEventId) ++ "/bookings", #{}, ParticipantToken), <<"id">>),
+  timer:sleep(200),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/bookings/" ++ binary_to_list(AutoBookingId), ParticipantToken),
+  io:format("OK~n"),
+
+  % TEST 2: Manual booking
+  io:format("  TEST 2: Manual booking... "),
+  ManualBookingId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/events/" ++ binary_to_list(ManualEventId) ++ "/bookings", #{}, ParticipantToken), <<"id">>),
+  io:format("OK~n"),
+
+  % TEST 3: Duplicate booking
+  io:format("  TEST 3: Duplicate booking... "),
+  {ok, {{_, 409, _}, _, _}} = api_test_runner:http_post("/v1/events/" ++ binary_to_list(AutoEventId) ++ "/bookings", #{}, ParticipantToken),
+  io:format("OK~n"),
+
+  % TEST 4: Owner confirms booking
+  io:format("  TEST 4: Owner confirms booking... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_put("/v1/bookings/" ++ binary_to_list(ManualBookingId),
+    #{action => <<"confirm">>}, OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 5: List event bookings
+  io:format("  TEST 5: List event bookings... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/events/" ++ binary_to_list(ManualEventId) ++ "/bookings", OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 6: List user bookings
+  io:format("  TEST 6: List user bookings... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/user/bookings", ParticipantToken),
+  io:format("OK~n"),
+
+  % TEST 7: Cancel booking
+  io:format("  TEST 7: Cancel booking... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_delete("/v1/bookings/" ++ binary_to_list(AutoBookingId), ParticipantToken),
+  io:format("OK~n"),
+
+  % TEST 8: Owner declines booking (новое событие)
+  io:format("  TEST 8: Owner declines booking... "),
+  NewEventId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(ManualCalId) ++ "/events",
+      #{title => <<"Decline Event">>, start_time => <<"2026-06-02T10:00:00Z">>, duration => 60}, OwnerToken), <<"id">>),
+  NewBookingId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/events/" ++ binary_to_list(NewEventId) ++ "/bookings", #{}, ParticipantToken), <<"id">>),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_put("/v1/bookings/" ++ binary_to_list(NewBookingId),
+    #{action => <<"decline">>}, OwnerToken),
+  io:format("OK~n"),
+
+  io:format("~n✅ Booking API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_calendar_tests.erl

@@ -0,0 +1,61 @@
+-module(api_calendar_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+
+test() ->
+  io:format("Testing calendar API...~n"),
+
+  OwnerEmail = api_test_runner:unique_email(<<"cal_owner">>),
+  OtherEmail = api_test_runner:unique_email(<<"cal_other">>),
+
+  OwnerToken = api_test_runner:register_and_login(OwnerEmail, <<"owner123">>),
+  OtherToken = api_test_runner:register_and_login(OtherEmail, <<"other123">>),
+
+  % TEST 1: Create personal calendar
+  io:format("  TEST 1: Create personal calendar... "),
+  CalId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars",
+      #{title => <<"Personal">>, type => <<"personal">>}, OwnerToken), <<"id">>),
+  io:format("OK~n"),
+
+  % TEST 2: Create commercial calendar
+  io:format("  TEST 2: Create commercial calendar... "),
+  CommId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars",
+      #{title => <<"Commercial">>, type => <<"commercial">>}, OwnerToken), <<"id">>),
+  io:format("OK~n"),
+
+  % TEST 3: List calendars
+  io:format("  TEST 3: List calendars... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/calendars", OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 4: Get personal calendar (owner)
+  io:format("  TEST 4: Get personal calendar... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/calendars/" ++ binary_to_list(CalId), OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 5: Get personal calendar (other - denied)
+  io:format("  TEST 5: Get personal calendar (other)... "),
+  {ok, {{_, 403, _}, _, _}} = api_test_runner:http_get("/v1/calendars/" ++ binary_to_list(CalId), OtherToken),
+  io:format("OK~n"),
+
+  % TEST 6: Get commercial calendar (other - allowed)
+  io:format("  TEST 6: Get commercial calendar (other)... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/calendars/" ++ binary_to_list(CommId), OtherToken),
+  io:format("OK~n"),
+
+  % TEST 7: Update calendar
+  io:format("  TEST 7: Update calendar... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_put("/v1/calendars/" ++ binary_to_list(CalId),
+    #{title => <<"Updated">>}, OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 8: Delete calendar
+  io:format("  TEST 8: Delete calendar... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_delete("/v1/calendars/" ++ binary_to_list(CalId), OwnerToken),
+  io:format("OK~n"),
+
+  io:format("~n✅ Calendar API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_event_tests.erl

@@ -0,0 +1,70 @@
+-module(api_event_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+
+test() ->
+  io:format("Testing event API...~n"),
+
+  OwnerEmail = api_test_runner:unique_email(<<"ev_owner">>),
+  OwnerToken = api_test_runner:register_and_login(OwnerEmail, <<"owner123">>),
+
+  CalId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars", #{title => <<"Test">>}, OwnerToken), <<"id">>),
+
+  % TEST 1: Create single event
+  io:format("  TEST 1: Create single event... "),
+  EventId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(CalId) ++ "/events",
+      #{title => <<"Test Event">>, start_time => <<"2026-06-01T10:00:00Z">>, duration => 60}, OwnerToken), <<"id">>),
+  io:format("OK~n"),
+
+  % TEST 2: Create event in past (should fail)
+  io:format("  TEST 2: Create past event... "),
+  {ok, {{_, 400, _}, _, _}} = api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(CalId) ++ "/events",
+    #{title => <<"Past Event">>, start_time => <<"2020-01-01T10:00:00Z">>, duration => 60}, OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 3: Create recurring event
+  io:format("  TEST 3: Create recurring event... "),
+  RecurringId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(CalId) ++ "/events",
+      #{title => <<"Weekly Meeting">>, start_time => <<"2026-06-01T10:00:00Z">>, duration => 60,
+        recurrence => #{freq => <<"WEEKLY">>, interval => 1}}, OwnerToken), <<"id">>),
+  io:format("OK~n"),
+
+  % TEST 4: List events
+  io:format("  TEST 4: List events... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/calendars/" ++ binary_to_list(CalId) ++ "/events", OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 5: Get event
+  io:format("  TEST 5: Get event... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/events/" ++ binary_to_list(EventId), OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 6: Update event
+  io:format("  TEST 6: Update event... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_put("/v1/events/" ++ binary_to_list(EventId),
+    #{title => <<"Updated Event">>}, OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 7: Get occurrences
+  io:format("  TEST 7: Get occurrences... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get(
+    "/v1/events/" ++ binary_to_list(RecurringId) ++ "/occurrences?from=2026-06-01T00:00:00Z&to=2026-06-30T00:00:00Z", OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 8: Cancel occurrence
+  io:format("  TEST 8: Cancel occurrence... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_delete(
+    "/v1/events/" ++ binary_to_list(RecurringId) ++ "/occurrences/2026-06-08T10:00:00Z", OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 9: Delete event
+  io:format("  TEST 9: Delete event... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_delete("/v1/events/" ++ binary_to_list(EventId), OwnerToken),
+  io:format("OK~n"),
+
+  io:format("~n✅ Event API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_moderation_tests.erl

@@ -0,0 +1,54 @@
+-module(api_moderation_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+
+test() ->
+  io:format("Testing moderation API...~n"),
+
+  AdminToken = api_test_runner:get_admin_token(),
+  UserToken = api_test_runner:get_user_token(),
+
+  % Создаём календарь и событие
+  CalId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars", #{title => <<"Mod Cal">>}, UserToken), <<"id">>),
+  EventId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(CalId) ++ "/events",
+      #{title => <<"Mod Event">>, start_time => <<"2026-06-01T10:00:00Z">>, duration => 60}, UserToken), <<"id">>),
+
+  % TEST 1: Create report
+  io:format("  TEST 1: Create report... "),
+  ReportId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/reports",
+      #{target_type => <<"event">>, target_id => EventId, reason => <<"Inappropriate">>}, UserToken), <<"id">>),
+  io:format("OK~n"),
+
+  % TEST 2: Admin views reports
+  io:format("  TEST 2: Admin views reports... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/admin/reports", AdminToken),
+  io:format("OK~n"),
+
+  % TEST 3: Admin resolves report
+  io:format("  TEST 3: Admin resolves report... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_put("/v1/admin/reports/" ++ binary_to_list(ReportId),
+    #{action => <<"review">>}, AdminToken),
+  io:format("OK~n"),
+
+  % TEST 4: Add banned word
+  io:format("  TEST 4: Add banned word... "),
+  {ok, {{_, 201, _}, _, _}} = api_test_runner:http_post("/v1/admin/banned-words",
+    #{word => <<"badword">>}, AdminToken),
+  io:format("OK~n"),
+
+  % TEST 5: List banned words
+  io:format("  TEST 5: List banned words... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/admin/banned-words", AdminToken),
+  io:format("OK~n"),
+
+  % TEST 6: Remove banned word
+  io:format("  TEST 6: Remove banned word... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_delete("/v1/admin/banned-words/badword", AdminToken),
+  io:format("OK~n"),
+
+  io:format("~n✅ Moderation API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_reviews_tests.erl

@@ -0,0 +1,58 @@
+-module(api_reviews_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+
+test() ->
+  io:format("Testing reviews API...~n"),
+
+  OwnerEmail = api_test_runner:unique_email(<<"rev_owner">>),
+  ParticipantEmail = api_test_runner:unique_email(<<"rev_part">>),
+
+  OwnerToken = api_test_runner:register_and_login(OwnerEmail, <<"owner123">>),
+  ParticipantToken = api_test_runner:register_and_login(ParticipantEmail, <<"part123">>),
+
+  CalId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars", #{title => <<"Review Cal">>}, OwnerToken), <<"id">>),
+
+  EventId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(CalId) ++ "/events",
+      #{title => <<"Review Event">>, start_time => <<"2026-06-01T10:00:00Z">>, duration => 60}, OwnerToken), <<"id">>),
+
+  % Создаём и подтверждаем бронирование
+  BookingId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/events/" ++ binary_to_list(EventId) ++ "/bookings", #{}, ParticipantToken), <<"id">>),
+  api_test_runner:http_put("/v1/bookings/" ++ binary_to_list(BookingId), #{action => <<"confirm">>}, OwnerToken),
+
+  % TEST 1: Create review
+  io:format("  TEST 1: Create review... "),
+  ReviewId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/reviews",
+      #{target_type => <<"event">>, target_id => EventId, rating => 5, comment => <<"Great!">>},
+      ParticipantToken), <<"id">>),
+  io:format("OK~n"),
+
+  % TEST 2: Duplicate review
+  io:format("  TEST 2: Duplicate review... "),
+  {ok, {{_, 409, _}, _, _}} = api_test_runner:http_post("/v1/reviews",
+    #{target_type => <<"event">>, target_id => EventId, rating => 4, comment => <<"Again">>}, ParticipantToken),
+  io:format("OK~n"),
+
+  % TEST 3: Get event reviews
+  io:format("  TEST 3: Get event reviews... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/reviews?target_type=event&target_id=" ++ binary_to_list(EventId), ParticipantToken),
+  io:format("OK~n"),
+
+  % TEST 4: Update review
+  io:format("  TEST 4: Update review... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_put("/v1/reviews/" ++ binary_to_list(ReviewId),
+    #{rating => 4}, ParticipantToken),
+  io:format("OK~n"),
+
+  % TEST 5: Delete review
+  io:format("  TEST 5: Delete review... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_delete("/v1/reviews/" ++ binary_to_list(ReviewId), ParticipantToken),
+  io:format("OK~n"),
+
+  io:format("~n✅ Reviews API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_search_tests.erl

@@ -0,0 +1,54 @@
+-module(api_search_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+
+test() ->
+  io:format("Testing search API...~n"),
+
+  OwnerEmail = api_test_runner:unique_email(<<"search_owner">>),
+  OwnerToken = api_test_runner:register_and_login(OwnerEmail, <<"owner123">>),
+
+  CalId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars", #{title => <<"Search Cal">>}, OwnerToken), <<"id">>),
+
+  % Создаём события с тегами
+  api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(CalId) ++ "/events",
+      #{title => <<"Python Workshop">>, start_time => <<"2026-06-01T10:00:00Z">>, duration => 60,
+        tags => [<<"python">>, <<"workshop">>]}, OwnerToken), <<"id">>),
+
+  api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(CalId) ++ "/events",
+      #{title => <<"JavaScript">>, start_time => <<"2026-06-15T10:00:00Z">>, duration => 60,
+        tags => [<<"javascript">>]}, OwnerToken), <<"id">>),
+
+  timer:sleep(500),
+
+  % TEST 1: Text search
+  io:format("  TEST 1: Text search... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/search?type=event&q=Python", OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 2: Tag search
+  io:format("  TEST 2: Tag search... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/search?type=event&tags=workshop", OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 3: Combined search
+  io:format("  TEST 3: Combined search... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/search?type=event&q=Python&tags=workshop", OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 4: Pagination
+  io:format("  TEST 4: Pagination... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/search?type=event&limit=2", OwnerToken),
+  io:format("OK~n"),
+
+  % TEST 5: Search calendars
+  io:format("  TEST 5: Search calendars... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/search?type=calendar", OwnerToken),
+  io:format("OK~n"),
+
+  io:format("~n✅ Search API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_subscription_tests.erl

@@ -0,0 +1,36 @@
+-module(api_subscription_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+
+test() ->
+  io:format("Testing subscription API...~n"),
+
+  UserEmail = api_test_runner:unique_email(<<"sub_user">>),
+  UserToken = api_test_runner:register_and_login(UserEmail, <<"user123">>),
+
+  % TEST 1: Get subscription (free)
+  io:format("  TEST 1: Get subscription (free)... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/subscription", UserToken),
+  io:format("OK~n"),
+
+  % TEST 2: Create commercial calendar (auto-activates trial)
+  io:format("  TEST 2: Create commercial calendar... "),
+  api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars",
+      #{title => <<"Commercial">>, type => <<"commercial">>}, UserToken), <<"id">>),
+  io:format("OK~n"),
+
+  % TEST 3: Get subscription (trial)
+  io:format("  TEST 3: Get subscription (trial)... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/subscription", UserToken),
+  io:format("OK~n"),
+
+  % TEST 4: Activate paid subscription
+  io:format("  TEST 4: Activate paid subscription... "),
+  {ok, {{_, 201, _}, _, _}} = api_test_runner:http_post("/v1/subscription",
+    #{action => <<"activate">>, plan => <<"monthly">>, payment_info => #{card => <<"4242">>}}, UserToken),
+  io:format("OK~n"),
+
+  io:format("~n✅ Subscription API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_test_runner.erl

@@ -0,0 +1,216 @@
+-module(api_test_runner).
+-export([run_all/0, run/1]).
+-export([http_post/2, http_post/3, http_get/1, http_get/2, http_put/3, http_delete/2]).
+-export([extract_json/2, extract_json/3, assert_status/2]).
+-export([unique_email/1, register_and_login/2, create_calendar/2, create_event/3]).
+-export([get_admin_token/0, get_admin_id/0, get_user_token/0, get_user_id/0]).
+-export([wait_for_server/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+-define(ADMIN_URL, "http://localhost:8445").
+
+%% ============ Глобальные переменные для тестов ============
+-define(ADMIN_EMAIL, <<"global_admin@test.com">>).
+-define(ADMIN_PASSWORD, <<"admin123">>).
+-define(USER_EMAIL, <<"global_user@test.com">>).
+-define(USER_PASSWORD, <<"user123">>).
+
+%% ============ Инициализация ============
+init_global_users() ->
+  case get(admin_token) of
+    undefined ->
+      io:format("~n=== Initializing global test users ===~n"),
+
+      % Создаём или логиним админа
+      AdminToken = register_and_login(?ADMIN_EMAIL, ?ADMIN_PASSWORD),
+      {ok, {{_, 200, _}, _, MeResp}} = http_get("/v1/user/me", AdminToken),
+      #{<<"id">> := AdminId, <<"role">> := Role} = jsx:decode(list_to_binary(MeResp), [return_maps]),
+
+      io:format("Admin ID: ~s, Current role: ~s~n", [AdminId, Role]),
+
+      % Проверяем, что админ действительно админ
+      case Role of
+        <<"admin">> ->
+          io:format("✓ Admin already has admin role~n"),
+          ok;
+        _ ->
+          io:format("⚠ Admin role is '~s', attempting to promote...~n", [Role]),
+          promote_to_admin(AdminToken, AdminId)
+      end,
+
+      put(admin_token, AdminToken),
+      put(admin_id, AdminId),
+
+      % Создаём или логиним обычного пользователя
+      UserToken = register_and_login(?USER_EMAIL, ?USER_PASSWORD),
+      {ok, {{_, 200, _}, _, UserMeResp}} = http_get("/v1/user/me", UserToken),
+      #{<<"id">> := UserId} = jsx:decode(list_to_binary(UserMeResp), [return_maps]),
+
+      put(user_token, UserToken),
+      put(user_id, UserId),
+
+      io:format("User ID: ~s~n", [UserId]),
+      io:format("=== Global users initialized ===~n~n"),
+      ok;
+    _ ->
+      io:format("Global users already initialized.~n"),
+      ok
+  end.
+
+%% Попытка повысить роль через разные методы
+promote_to_admin(AdminToken, AdminId) ->
+  io:format("Attempting to promote user ~s to admin...~n", [AdminId]),
+
+  % Метод 1: Прямое обновление через core_user (если доступно)
+  try
+    {ok, _User} = core_user:get_by_id(AdminId),
+    core_user:update(AdminId, [{role, admin}]),
+    io:format("✓ Promoted via core_user~n")
+  catch
+    _:_ ->
+      io:format("  Method 1 (core_user) failed~n")
+  end,
+
+  % Проверяем, сработало ли
+  {ok, {{_, 200, _}, _, CheckResp}} = http_get("/v1/user/me", AdminToken),
+  #{<<"role">> := NewRole} = jsx:decode(list_to_binary(CheckResp), [return_maps]),
+
+  case NewRole of
+    <<"admin">> ->
+      io:format("✓ User is now admin~n");
+    _ ->
+      io:format("⚠ WARNING: User still has role '~s'~n", [NewRole]),
+      io:format("  Some admin tests may fail~n")
+  end.
+
+get_admin_token() ->
+  init_global_users(),
+  get(admin_token).
+
+get_admin_id() ->
+  init_global_users(),
+  get(admin_id).
+
+get_user_token() ->
+  init_global_users(),
+  get(user_token).
+
+get_user_id() ->
+  init_global_users(),
+  get(user_id).
+
+%% ============ Главные функции запуска ============
+run_all() ->
+  inets:start(),
+  ssl:start(),
+
+  case wait_for_server() of
+    ok -> ok;
+    {error, _} -> io:format("❌ Server is not running!~n"), exit(server_not_running)
+  end,
+
+  init_global_users(),
+
+  io:format("Starting API tests...~n"),
+  Modules = [
+    api_auth_tests,
+    api_calendar_tests,
+    api_event_tests,
+    api_booking_tests,
+    api_search_tests,
+    api_reviews_tests,
+    api_moderation_tests,
+    api_tickets_tests,
+    api_subscription_tests,
+    api_admin_tests
+  ],
+  lists:foreach(fun(M) -> M:test() end, Modules).
+
+run(Module) ->
+  inets:start(),
+  ssl:start(),
+  init_global_users(),
+  Module:test().
+
+%% ============ HTTP запросы ============
+http_post(Url, Body) -> http_post(Url, Body, undefined).
+http_post(Url, Body, Token) ->
+  Headers = case Token of
+              undefined -> [{"Content-Type", "application/json"}];
+              _ -> [{"Content-Type", "application/json"}, {"Authorization", "Bearer " ++ binary_to_list(Token)}]
+            end,
+  httpc:request(post, {?BASE_URL ++ Url, Headers, "application/json", jsx:encode(Body)}, [], []).
+
+http_get(Url) -> http_get(Url, undefined).
+http_get(Url, Token) ->
+  Headers = case Token of
+              undefined -> [];
+              _ -> [{"Authorization", "Bearer " ++ binary_to_list(Token)}]
+            end,
+  httpc:request(get, {?BASE_URL ++ Url, Headers}, [], []).
+
+http_put(Url, Body, Token) ->
+  Headers = [{"Content-Type", "application/json"}, {"Authorization", "Bearer " ++ binary_to_list(Token)}],
+  httpc:request(put, {?BASE_URL ++ Url, Headers, "application/json", jsx:encode(Body)}, [], []).
+
+http_delete(Url, Token) ->
+  Headers = [{"Authorization", "Bearer " ++ binary_to_list(Token)}],
+  httpc:request(delete, {?BASE_URL ++ Url, Headers}, [], []).
+
+%% ============ Утилиты ============
+
+extract_json({ok, {{_, 200, _}, _, Body}}, Field) ->
+  Map = jsx:decode(list_to_binary(Body), [return_maps]),
+  maps:get(Field, Map);
+extract_json({ok, {{_, 201, _}, _, Body}}, Field) ->
+  Map = jsx:decode(list_to_binary(Body), [return_maps]),
+  maps:get(Field, Map);
+extract_json(Response, _Field) ->
+  error({unexpected_response, Response}).
+
+extract_json(Response, Field, ExpectedStatus) ->
+  case Response of
+    {ok, {{_, ExpectedStatus, _}, _, Body}} ->
+      Map = jsx:decode(list_to_binary(Body), [return_maps]),
+      maps:get(Field, Map);
+    _ ->
+      error({unexpected_response, Response})
+  end.
+
+assert_status(Status, {ok, {{_, Status, _}, _, _}}) -> ok;
+assert_status(Expected, {ok, {{_, Got, _}, _, _}}) ->
+  error({expected_status, Expected, got, Got}).
+
+unique_email(Prefix) ->
+  list_to_binary([Prefix, "_", integer_to_binary(os:system_time(millisecond)), "@test.com"]).
+
+register_and_login(Email, Password) ->
+  RegBody = #{email => Email, password => Password},
+  case http_post("/v1/register", RegBody) of
+    {ok, {{_, 201, _}, _, RegResp}} ->
+      Map = jsx:decode(list_to_binary(RegResp), [return_maps]),
+      maps:get(<<"token">>, Map);
+    {ok, {{_, 409, _}, _, _}} ->
+      % Уже существует - логинимся
+      LoginBody = #{email => Email, password => Password},
+      {ok, {{_, 200, _}, _, LoginResp}} = http_post("/v1/login", LoginBody),
+      Map = jsx:decode(list_to_binary(LoginResp), [return_maps]),
+      maps:get(<<"token">>, Map)
+  end.
+
+create_calendar(Token, Params) ->
+  Id = extract_json(http_post("/v1/calendars", Params, Token), <<"id">>),
+  Id.
+
+create_event(Token, CalId, Params) ->
+  Url = "/v1/calendars/" ++ binary_to_list(CalId) ++ "/events",
+  Id = extract_json(http_post(Url, Params, Token), <<"id">>),
+  Id.
+
+wait_for_server() -> wait_for_server(30).
+wait_for_server(0) -> {error, timeout};
+wait_for_server(Attempts) ->
+  case httpc:request(get, {?BASE_URL ++ "/health", []}, [], [{timeout, 1000}]) of
+    {ok, {{_, 200, _}, _, _}} -> ok;
+    _ -> timer:sleep(1000), wait_for_server(Attempts - 1)
+  end.

test/api/api_tickets_tests.erl

@@ -0,0 +1,37 @@
+-module(api_tickets_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+
+test() ->
+  io:format("Testing tickets API...~n"),
+
+  AdminToken = api_test_runner:get_admin_token(),
+  UserToken = api_test_runner:get_user_token(),
+
+  % TEST 1: Report error
+  io:format("  TEST 1: Report error... "),
+  TicketId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/tickets",
+      #{error_message => <<"Test bug">>, stacktrace => <<"line 1">>}, UserToken), <<"id">>),
+  io:format("OK~n"),
+
+  % TEST 2: Admin views tickets
+  io:format("  TEST 2: Admin views tickets... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/admin/tickets", AdminToken),
+  io:format("OK~n"),
+
+  % TEST 3: Update ticket status
+  io:format("  TEST 3: Update ticket status... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_put("/v1/admin/tickets/" ++ binary_to_list(TicketId),
+    #{action => <<"status">>, status => <<"in_progress">>}, AdminToken),
+  io:format("OK~n"),
+
+  % TEST 4: Close ticket
+  io:format("  TEST 4: Close ticket... "),
+  {ok, {{_, 200, _}, _, _}} = api_test_runner:http_put("/v1/admin/tickets/" ++ binary_to_list(TicketId),
+    #{action => <<"close">>}, AdminToken),
+  io:format("OK~n"),
+
+  io:format("~n✅ Tickets API tests passed!~n"),
+  {?MODULE, ok}.

test/api/api_websocket_tests.erl

@@ -0,0 +1,238 @@
+-module(api_websocket_tests).
+-export([test/0]).
+
+-define(BASE_URL, "http://localhost:8080").
+-define(WS_URL, "ws://localhost:8081/ws").
+-define(ADMIN_WS_URL, "ws://localhost:8446/admin/ws").
+
+test() ->
+  ct:pal("Testing WebSocket API..."),
+
+  % Запускаем gun
+  application:ensure_all_started(gun),
+
+  % Используем глобальных пользователей
+  AdminToken = api_test_runner:get_admin_token(),
+  UserToken = api_test_runner:get_user_token(),
+
+  ct:pal("  AdminToken: ~s...", [binary_part(AdminToken, 0, 30)]),
+  ct:pal("  UserToken: ~s...", [binary_part(UserToken, 0, 30)]),
+
+  % Создаём календарь и событие для тестов
+  CalId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars",
+      #{title => <<"WS Test Calendar">>, type => <<"commercial">>},
+      UserToken), <<"id">>, 201),
+  ct:pal("  CalId: ~s", [CalId]),
+
+  EventId = api_test_runner:extract_json(
+    api_test_runner:http_post("/v1/calendars/" ++ binary_to_list(CalId) ++ "/events",
+      #{title => <<"WS Test Event">>,
+        start_time => <<"2026-06-01T10:00:00Z">>,
+        duration => 60},
+      UserToken), <<"id">>, 201),
+  ct:pal("  EventId: ~s", [EventId]),
+
+  % TEST 1: Connect to WebSocket with valid token
+  ct:pal("  TEST 1: Connect WebSocket with valid token..."),
+  ct:pal("    URL: ~s", [?WS_URL]),
+  ct:pal("    Token: ~s...", [binary_part(UserToken, 0, 30)]),
+
+  case test_ws_connect_debug(?WS_URL, UserToken) of
+    {ok, WS} ->
+      ct:pal("    OK - Connected"),
+
+      % TEST 2: Subscribe to calendar updates
+      ct:pal("  TEST 2: Subscribe to calendar..."),
+      SubMsg = #{action => <<"subscribe">>, calendar_id => CalId},
+      ct:pal("    Sending: ~p", [SubMsg]),
+      ok = test_ws_send(WS, SubMsg),
+
+      case test_ws_recv(WS) of
+        {ok, #{<<"status">> := <<"subscribed">>}} ->
+          ct:pal("    OK - Subscribed");
+        {ok, Other} ->
+          ct:pal("    ERROR: Unexpected response: ~p", [Other]),
+          error({unexpected_response, Other});
+        {error, timeout} ->
+          ct:pal("    ERROR: Timeout waiting for response"),
+          error(timeout)
+      end,
+
+      % Закрываем соединение
+      test_ws_close(WS);
+    {error, Reason} ->
+      ct:pal("    ERROR: ~p", [Reason]),
+      error({websocket_connect_failed, Reason})
+  end,
+
+  ct:pal("~n✅ WebSocket API tests passed!"),
+
+% ============ ТЕСТЫ АДМИНСКОГО WEBSOCKET ============
+  ct:pal("~n=== ADMIN WEBSOCKET TESTS ==="),
+
+  % TEST 6: Admin WebSocket connection
+  ct:pal("  TEST 6: Admin WebSocket connect..."),
+  {ok, AdminWS} = test_ws_connect_debug(?ADMIN_WS_URL, AdminToken),
+  ct:pal("    OK - Admin connected"),
+
+  % TEST 7: Admin subscribe to reports channel
+  ct:pal("  TEST 7: Admin subscribe to reports channel..."),
+  ok = test_ws_send(AdminWS, #{action => <<"subscribe">>, channel => <<"reports">>}),
+  {ok, #{<<"status">> := <<"subscribed">>}} = test_ws_recv(AdminWS),
+  ct:pal("    OK - Subscribed to reports"),
+
+  % TEST 8: Admin subscribe to tickets channel
+  ct:pal("  TEST 8: Admin subscribe to tickets channel..."),
+  ok = test_ws_send(AdminWS, #{action => <<"subscribe">>, channel => <<"tickets">>}),
+  {ok, #{<<"status">> := <<"subscribed">>}} = test_ws_recv(AdminWS),
+  ct:pal("    OK - Subscribed to tickets"),
+
+  % TEST 9: Admin receives report notification
+  ct:pal("  TEST 9: Admin receives report notification..."),
+  % Создаём жалобу через HTTP
+  api_test_runner:http_post("/v1/reports",
+  #{target_type => <<"event">>, target_id => EventId, reason => <<"Test report">>},
+  UserToken),
+  {ok, #{<<"type">> := <<"report_created">>}} = test_ws_recv(AdminWS, 5000),
+  ct:pal("    OK - Received report notification"),
+
+  % TEST 10: Admin Ping/Pong
+  ct:pal("  TEST 10: Admin Ping/Pong..."),
+  ok = test_ws_send(AdminWS, #{action => <<"ping">>}),
+  {ok, #{<<"status">> := <<"pong">>}} = test_ws_recv(AdminWS),
+  ct:pal("    OK - Admin Ping/Pong"),
+
+  % TEST 11: Admin unsubscribe
+  ct:pal("  TEST 11: Admin unsubscribe from reports..."),
+  ok = test_ws_send(AdminWS, #{action => <<"unsubscribe">>, channel => <<"reports">>}),
+  {ok, #{<<"status">> := <<"unsubscribed">>}} = test_ws_recv(AdminWS),
+  ct:pal("    OK - Unsubscribed"),
+
+  test_ws_close(AdminWS),
+
+  % TEST 12: Admin WebSocket with user token (should fail)
+  ct:pal("  TEST 12: Admin WS with user token..."),
+  {error, {403, _}} = test_ws_connect_debug(?ADMIN_WS_URL, UserToken),
+  ct:pal("    OK - Rejected"),
+
+  % TEST 13: Admin WebSocket with invalid token
+  ct:pal("  TEST 13: Admin WS with invalid token..."),
+  Chars = <<"abcdefghijklmnopqrstuvwxyz0123456789">>,
+  InvalidToken = << <<(binary:at(Chars, rand:uniform(byte_size(Chars)) - 1))>> || _ <- lists:seq(1, 30) >>,
+  {error, {401, _}} = test_ws_connect_debug(?ADMIN_WS_URL, InvalidToken),
+  ct:pal("    OK - Rejected"),
+
+  ct:pal("~n✅ Admin WebSocket API tests passed!"),
+  {?MODULE, ok}.
+
+%% ============ WebSocket хелперы с отладкой ============
+
+test_ws_connect_debug(Url, Token) ->
+  Path = case string:split(Url, "://", trailing) of
+           [_, Rest] ->
+             case string:split(Rest, "/", leading) of
+               [_HostPort, WsPath] ->
+                 "/" ++ WsPath ++ "?token=" ++ binary_to_list(Token);
+               _ ->
+                 "/ws?token=" ++ binary_to_list(Token)
+             end;
+           _ ->
+             "/ws?token=" ++ binary_to_list(Token)
+         end,
+
+  Port = ws_port(Url),
+  Host = "localhost",
+
+  ct:pal("    Host: ~s", [Host]),
+  ct:pal("    Port: ~p", [Port]),
+  ct:pal("    Path: ~s", [Path]),
+
+  {ok, ConnPid} = gun:open(Host, Port, #{protocols => [http]}),
+  {ok, http} = gun:await_up(ConnPid, 5000),
+
+  Headers = [
+    {<<"host">>, list_to_binary(Host ++ ":" ++ integer_to_list(Port))}
+  ],
+  StreamRef = gun:ws_upgrade(ConnPid, Path, Headers),
+
+  % Ожидаем ответ
+  receive
+    {gun_upgrade, ConnPid, StreamRef, [<<"websocket">>], _} ->
+      ct:pal("    WebSocket upgrade OK"),
+      {ok, ConnPid};
+    {gun_response, ConnPid, StreamRef, fin, 401, _} ->
+      ct:pal("    ERROR: HTTP 401 Unauthorized"),
+      gun:close(ConnPid),
+      {error, {401, <<"Invalid token">>}};
+    {gun_response, ConnPid, StreamRef, fin, 403, _} ->
+      ct:pal("    ERROR: HTTP 403 Forbidden"),
+      gun:close(ConnPid),
+      {error, {403, <<"Admin access required">>}};
+    {gun_response, ConnPid, StreamRef, nofin, 403, _} ->
+      ct:pal("    ERROR: HTTP 403 Forbidden (nofin)"),
+      gun:close(ConnPid),
+      {error, {403, <<"Admin access required">>}};
+    {gun_response, ConnPid, StreamRef, fin, Status, _} ->
+      ct:pal("    ERROR: HTTP ~p", [Status]),
+      gun:close(ConnPid),
+      {error, {Status, <<"WebSocket upgrade failed">>}};
+    {gun_response, ConnPid, StreamRef, nofin, Status, _} ->
+      ct:pal("    ERROR: HTTP ~p (nofin)", [Status]),
+      gun:close(ConnPid),
+      {error, {Status, <<"WebSocket upgrade failed">>}};
+    {gun_error, ConnPid, Reason} ->
+      ct:pal("    ERROR: ~p", [Reason]),
+      gun:close(ConnPid),
+      {error, Reason}
+  after 5000 ->
+    ct:pal("    ERROR: Timeout"),
+    gun:close(ConnPid),
+    {error, timeout}
+  end.
+
+test_ws_send(ConnPid, Data) ->
+  Msg = jsx:encode(Data),
+  ct:pal("    Sending: ~s", [Msg]),
+  case catch gun:ws_send(ConnPid, {text, Msg}) of
+    ok -> ok;
+    {'EXIT', {undef, _}} ->
+      % Пробуем альтернативный синтаксис
+      gun:ws_send(ConnPid, fin, {text, Msg});
+    Other ->
+      ct:pal("    ERROR sending: ~p", [Other]),
+      error({ws_send_failed, Other})
+  end.
+
+test_ws_recv(ConnPid) ->
+  test_ws_recv(ConnPid, 3000).
+
+test_ws_recv(ConnPid, Timeout) ->
+  receive
+    {gun_ws, ConnPid, _StreamRef, {text, Msg}} ->
+      ct:pal("    Received (with StreamRef): ~s", [Msg]),
+      {ok, jsx:decode(Msg, [return_maps])};
+    {gun_ws, ConnPid, {text, Msg}} ->
+      ct:pal("    Received: ~s", [Msg]),
+      {ok, jsx:decode(Msg, [return_maps])};
+    {gun_ws, ConnPid, _StreamRef, Frame} ->
+      ct:pal("    Received frame: ~p", [Frame]),
+      {ok, Frame};
+    {gun_ws, ConnPid, Frame} ->
+      ct:pal("    Received: ~p", [Frame]),
+      {ok, Frame};
+    {gun_error, ConnPid, Reason} ->
+      ct:pal("    ERROR: gun_error ~p", [Reason]),
+      {error, Reason};
+    Other ->
+      ct:pal("    Received unexpected: ~p", [Other]),
+      test_ws_recv(ConnPid, Timeout)
+  after Timeout ->
+    {error, timeout}
+  end.
+
+test_ws_close(ConnPid) ->
+  gun:close(ConnPid).
+
+ws_port("ws://localhost:8081" ++ _) -> 8081;
+ws_port("ws://localhost:8446" ++ _) -> 8446.

test/api_SUITE.erl

@@ -0,0 +1,98 @@
+-module(api_SUITE).
+-include_lib("common_test/include/ct.hrl").
+
+-export([all/0, init_per_suite/1, end_per_suite/1]).
+-export([auth_test/1, calendar_test/1, event_test/1, booking_test/1]).
+-export([search_test/1, reviews_test/1, moderation_test/1]).
+-export([tickets_test/1, subscription_test/1, admin_test/1]).
+-export([websocket_test/1]).
+
+all() -> [
+  auth_test,
+  calendar_test,
+  event_test,
+  booking_test,
+  search_test,
+  reviews_test,
+  moderation_test,
+  tickets_test,
+  subscription_test,
+  admin_test,
+  websocket_test
+].
+
+init_per_suite(Config) ->
+  % Очищаем Mnesia перед тестами
+  io:format("~n=== Cleaning Mnesia for fresh test run ===~n"),
+  os:cmd("rm -rf Mnesia.* 2>/dev/null || true"),
+  timer:sleep(2000),
+  % Запускаем сервер
+  io:format("Starting server...~n"),
+  {ok, _Apps} = application:ensure_all_started(eventhub),
+
+  % Компилируем модули из test/api/
+  code:add_patha("_build/test/lib/eventhub/ebin"),
+  code:add_patha("test/api"),
+
+  % Компилируем все файлы в test/api/
+  compile_api_modules(),
+
+  inets:start(),
+  ssl:start(),
+
+  %% Perform healthcheck (simplified)
+  Url = "http://localhost:8080",
+  case httpc:request(get, {Url ++ "/health", []}, [], []) of
+    {ok, {{_Version, 200, _Reason}, _Headers, _Body}} ->
+      ok; %% Healthcheck passed
+    _Error ->
+      ct:log("Healthcheck failed for: ~p", [Url]),
+      error(healthcheck_failed)
+  end,
+  Config.
+
+end_per_suite(_Config) ->
+  application:stop(eventhub),
+  ok.
+
+compile_api_modules() ->
+  Files = filelib:wildcard("test/api/*.erl"),
+  lists:foreach(fun(File) ->
+    compile:file(File, [report, {outdir, "test/api"}])
+                end, Files),
+  code:add_patha("test/api").
+
+%% ============ ТЕСТЫ-ПРОКСИ ============
+
+auth_test(_Config) ->
+  api_auth_tests:test().
+
+calendar_test(_Config) ->
+  api_calendar_tests:test().
+
+event_test(_Config) ->
+  api_event_tests:test().
+
+booking_test(_Config) ->
+  api_booking_tests:test().
+
+search_test(_Config) ->
+  api_search_tests:test().
+
+reviews_test(_Config) ->
+  api_reviews_tests:test().
+
+moderation_test(_Config) ->
+  api_moderation_tests:test().
+
+tickets_test(_Config) ->
+  api_tickets_tests:test().
+
+subscription_test(_Config) ->
+  api_subscription_tests:test().
+
+admin_test(_Config) ->
+  api_admin_tests:test().
+
+websocket_test(_Config) ->
+  api_websocket_tests:test().

test/scripts/test_websocket_api.sh

@@ -0,0 +1,313 @@
+#!/bin/bash
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+BLUE='\033[0;34m'
+YELLOW='\033[1;33m'
+CYAN='\033[0;36m'
+NC='\033[0m'
+
+BASE_URL="http://localhost:8080"
+WS_URL="ws://localhost:8081/ws"
+ADMIN_WS_URL="ws://localhost:8446/admin/ws"
+
+DEBUG=${DEBUG:-false}
+
+log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
+log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
+log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
+log_warning() { echo -e "${YELLOW}[WARNING]${NC} $1"; }
+log_debug() {
+    if [ "$DEBUG" = "true" ]; then
+        echo -e "${CYAN}[DEBUG]${NC} $1"
+    fi
+}
+
+extract_json() {
+    echo "$1" | grep -o "\"$2\":\"[^\"]*\"" | head -1 | sed "s/\"$2\":\"//;s/\"$//"
+}
+
+http_post() {
+    local url=$1; local data=$2; local token=$3
+    log_debug "POST $url"
+    if [ -n "$token" ]; then
+        curl -s -X POST "$url" -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d "$data"
+    else
+        curl -s -X POST "$url" -H "Content-Type: application/json" -d "$data"
+    fi
+}
+
+http_get() {
+    local url=$1; local token=$2
+    log_debug "GET $url"
+    if [ -n "$token" ]; then
+        curl -s -X GET "$url" -H "Authorization: Bearer $token"
+    else
+        curl -s -X GET "$url"
+    fi
+}
+
+http_put() {
+    local url=$1; local data=$2; local token=$3
+    log_debug "PUT $url"
+    curl -s -X PUT "$url" -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d "$data"
+}
+
+# Проверка curl WebSocket (ручная проверка заголовков)
+test_ws_curl() {
+    local url=$1
+    local token=$2
+    local full_url="${url}?token=${token}"
+
+    log_debug "Testing WebSocket with curl: $full_url"
+
+    # Используем --include для заголовков, --no-buffer для немедленного вывода
+    response=$(curl -s --include --no-buffer \
+        -H "Connection: Upgrade" \
+        -H "Upgrade: websocket" \
+        -H "Sec-WebSocket-Key: x3JJHMbDL1EzLkh9GBhXDw==" \
+        -H "Sec-WebSocket-Version: 13" \
+        --max-time 2 \
+        "$full_url" 2>&1)
+
+    log_debug "Response: $(echo "$response" | head -5)"
+
+    if echo "$response" | grep -q "101"; then
+        log_debug "Got 101 Switching Protocols"
+        return 0
+    elif echo "$response" | grep -q "401"; then
+        log_debug "Got 401 Unauthorized"
+        return 1
+    elif echo "$response" | grep -q "403"; then
+        log_debug "Got 403 Forbidden"
+        return 2
+    elif echo "$response" | grep -q "404"; then
+        log_debug "Got 404 Not Found"
+        return 4
+    elif echo "$response" | grep -q "Invalid token"; then
+        log_debug "Got 'Invalid token' message"
+        return 1
+    else
+        log_debug "Unknown response"
+        return 3
+    fi
+}
+
+# Проверка наличия websocat
+check_websocat() {
+    if ! command -v websocat &> /dev/null; then
+        log_warning "websocat не установлен"
+        echo "Установите websocat:"
+        echo "  cargo install websocat"
+        echo "  или скачайте с https://github.com/vi/websocat/releases"
+        return 1
+    fi
+    log_debug "websocat found: $(which websocat)"
+    return 0
+}
+
+echo "============================================================"
+echo "          EVENTHUB WEBSOCKET API TEST SCRIPT"
+echo "============================================================"
+echo ""
+
+if [ "$DEBUG" = "true" ]; then
+    log_info "DEBUG MODE ENABLED"
+fi
+
+log_info "Checking if servers are running..."
+if ! curl -s "$BASE_URL/health" | grep -q "ok"; then
+    log_error "Main server is not running on port 8080"
+    exit 1
+fi
+log_success "Main server is running"
+
+if ! curl -s "http://localhost:8445/admin/health" | grep -q "ok"; then
+    log_warning "Admin server is not running on port 8445"
+else
+    log_success "Admin server is running"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "STEP 1: Create test users"
+log_info "============================================================"
+
+# Админ
+ADMIN_EMAIL="ws_admin_$(date +%s)@example.com"
+ADMIN_PASSWORD="admin123"
+
+log_info "Creating admin user..."
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$ADMIN_EMAIL\",\"password\":\"$ADMIN_PASSWORD\"}" "")
+log_debug "Register response: $response"
+ADMIN_TOKEN=$(extract_json "$response" "token")
+ADMIN_ID=$(extract_json "$response" "id")
+log_success "Admin created: $ADMIN_EMAIL"
+log_debug "Admin token: ${ADMIN_TOKEN:0:30}..."
+
+# Обычный пользователь
+USER_EMAIL="ws_user_$(date +%s)@example.com"
+USER_PASSWORD="user123"
+
+log_info "Creating regular user..."
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$USER_EMAIL\",\"password\":\"$USER_PASSWORD\"}" "")
+USER_TOKEN=$(extract_json "$response" "token")
+USER_ID=$(extract_json "$response" "id")
+log_success "User created: $USER_EMAIL"
+log_debug "User token: ${USER_TOKEN:0:30}..."
+
+echo ""
+log_info "============================================================"
+log_info "STEP 2: Create calendar and event"
+log_info "============================================================"
+
+log_info "Creating calendar..."
+response=$(http_post "$BASE_URL/v1/calendars" \
+    "{\"title\":\"WS Test Calendar\"}" "$USER_TOKEN")
+CALENDAR_ID=$(extract_json "$response" "id")
+log_success "Calendar created: $CALENDAR_ID"
+log_debug "Calendar ID: $CALENDAR_ID"
+
+log_info "Creating event..."
+EVENT_START="2026-06-01T10:00:00Z"
+response=$(http_post "$BASE_URL/v1/calendars/$CALENDAR_ID/events" \
+    "{\"title\":\"WS Test Event\",\"start_time\":\"$EVENT_START\",\"duration\":60,\"capacity\":10}" "$USER_TOKEN")
+EVENT_ID=$(extract_json "$response" "id")
+log_success "Event created: $EVENT_ID"
+log_debug "Event ID: $EVENT_ID"
+
+echo ""
+log_info "============================================================"
+log_info "TEST 1: Connect to WebSocket with valid token (curl test)"
+log_info "============================================================"
+
+test_ws_curl "$WS_URL" "$USER_TOKEN"
+CURL_RESULT=$?
+
+case $CURL_RESULT in
+    0)
+        log_success "WebSocket upgrade successful (101 Switching Protocols)"
+        ;;
+    1)
+        log_error "WebSocket authentication failed (401 Unauthorized)"
+        log_debug "Token might be invalid or expired"
+        ;;
+    2)
+        log_error "WebSocket access denied (403 Forbidden)"
+        ;;
+    *)
+        log_error "WebSocket connection failed (unknown error)"
+        log_debug "Check if WebSocket server is running on port 8081"
+        ;;
+esac
+
+echo ""
+log_info "============================================================"
+log_info "TEST 2: Connect with invalid token (curl test)"
+log_info "============================================================"
+
+test_ws_curl "$WS_URL" "invalid.token.here"
+CURL_RESULT=$?
+
+if [ $CURL_RESULT -eq 1 ]; then
+    log_success "Invalid token correctly rejected (401 Unauthorized)"
+else
+    log_error "Invalid token should be rejected with 401"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 3: Admin WebSocket with valid token (curl test)"
+log_info "============================================================"
+
+test_ws_curl "$ADMIN_WS_URL" "$ADMIN_TOKEN"
+CURL_RESULT=$?
+
+case $CURL_RESULT in
+    0)
+        log_success "Admin WebSocket upgrade successful"
+        ;;
+    1)
+        log_error "Admin WebSocket authentication failed"
+        ;;
+    2)
+        log_error "Admin WebSocket access denied (not admin)"
+        log_debug "Check if token has admin role"
+        ;;
+    *)
+        log_error "Admin WebSocket connection failed"
+        ;;
+esac
+
+echo ""
+log_info "============================================================"
+log_info "TEST 4: Admin WebSocket with user token (should fail)"
+log_info "============================================================"
+
+test_ws_curl "$ADMIN_WS_URL" "$USER_TOKEN"
+CURL_RESULT=$?
+
+if [ $CURL_RESULT -eq 2 ]; then
+    log_success "User token correctly rejected for admin WebSocket (403 Forbidden)"
+elif [ $CURL_RESULT -eq 1 ]; then
+    log_warning "User token rejected with 401 instead of 403"
+else
+    log_error "User token should be rejected"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "WEBSOCKET API TESTS (curl validation) COMPLETED!"
+log_info "============================================================"
+
+# Опциональные тесты с websocat
+if check_websocat; then
+    echo ""
+    log_info "============================================================"
+    log_info "OPTIONAL: Testing with websocat"
+    log_info "============================================================"
+
+    WS_URL_WITH_TOKEN="${WS_URL}?token=${USER_TOKEN}"
+    log_debug "WebSocket URL: $WS_URL_WITH_TOKEN"
+
+    TEMP_FILE=$(mktemp)
+    log_debug "Temp file: $TEMP_FILE"
+
+    # Запускаем websocat в фоне
+    log_info "Connecting with websocat..."
+    timeout 3 websocat "$WS_URL_WITH_TOKEN" > "$TEMP_FILE" 2>&1 &
+    WS_PID=$!
+    log_debug "WebSocket PID: $WS_PID"
+    sleep 1
+
+    if kill -0 $WS_PID 2>/dev/null; then
+        log_success "WebSocket connection established with websocat"
+
+        # Отправляем ping
+        echo '{"action":"ping"}' | timeout 2 websocat "$WS_URL_WITH_TOKEN" > "$TEMP_FILE" 2>&1
+        if grep -q "pong" "$TEMP_FILE"; then
+            log_success "Ping-pong successful"
+        fi
+
+        kill $WS_PID 2>/dev/null
+    else
+        log_warning "Websocket connection failed"
+    fi
+
+    rm -f "$TEMP_FILE"
+fi
+
+echo ""
+echo "============================================================"
+log_success "ALL WEBSOCKET TESTS COMPLETED!"
+echo "============================================================"
+echo ""
+echo "Summary:"
+echo "  Admin: $ADMIN_EMAIL"
+echo "  User: $USER_EMAIL"
+echo "  Calendar: $CALENDAR_ID"
+echo "  Event: $EVENT_ID"
+echo ""
+echo "Run with DEBUG=true for more details:"
+echo "  DEBUG=true ./test/scripts/test_websocket_api.sh"
+echo ""

test/unit/admin_ws_handler_tests.erl

@@ -0,0 +1,34 @@
+-module(admin_ws_handler_tests).
+-include_lib("eunit/include/eunit.hrl").
+
+-record(state, {
+  admin_id :: binary() | undefined
+}).
+
+setup() ->
+  pg:start_link(),
+  ok.
+
+cleanup(_) ->
+  ok.
+
+admin_ws_handler_test_() ->
+  {foreach,
+    fun setup/0,
+    fun cleanup/1,
+    [
+      {"Admin WebSocket info notification", fun test_admin_websocket_info/0}
+    ]}.
+
+test_admin_websocket_info() ->
+  State = #state{admin_id = <<"admin123">>},
+  Data = #{report_id => <<"rep123">>, reason => <<"Spam">>},
+  Msg = {admin_notification, report_created, Data},
+
+  case admin_ws_handler:websocket_info(Msg, State) of
+    {reply, {text, Reply}, _} ->
+      Decoded = jsx:decode(Reply, [return_maps]),
+      ?assertEqual(<<"report_created">>, maps:get(<<"type">>, Decoded)),
+      ?assertEqual(<<"rep123">>, maps:get(<<"report_id">>, maps:get(<<"data">>, Decoded)));
+    _ -> ?assert(false, "Expected reply")
+  end.

test/unit/logic_notification_tests.erl

@@ -0,0 +1,108 @@
+-module(logic_notification_tests).
+-include_lib("eunit/include/eunit.hrl").
+-include("records.hrl").
+
+setup() ->
+  pg:start_link(),
+  mnesia:start(),
+  mnesia:create_table(booking, [{attributes, record_info(fields, booking)}, {ram_copies, [node()]}]),
+  mnesia:create_table(calendar, [{attributes, record_info(fields, calendar)}, {ram_copies, [node()]}]),
+  mnesia:create_table(event, [{attributes, record_info(fields, event)}, {ram_copies, [node()]}]),
+  ok.
+
+cleanup(_) ->
+  mnesia:delete_table(event),
+  mnesia:delete_table(calendar),
+  mnesia:delete_table(booking),
+  mnesia:stop(),
+  ok.
+
+logic_notification_test_() ->
+  {foreach,
+    fun setup/0,
+    fun cleanup/1,
+    [
+      {"Notify booking", fun test_notify_booking/0},
+      {"Notify calendar update", fun test_notify_calendar_update/0},
+      {"Notify event update", fun test_notify_event_update/0},
+      {"Notify admin", fun test_notify_admin/0}
+    ]}.
+
+create_test_booking() ->
+  Booking = #booking{
+    id = base64:encode(crypto:strong_rand_bytes(16), #{mode => urlsafe, padding => false}),
+    event_id = <<"event123">>,
+    user_id = <<"user123">>,
+    status = pending,
+    confirmed_at = undefined,
+    created_at = calendar:universal_time(),
+    updated_at = calendar:universal_time()
+  },
+  mnesia:dirty_write(Booking),
+  Booking.
+
+create_test_calendar() ->
+  Calendar = #calendar{
+    id = base64:encode(crypto:strong_rand_bytes(16), #{mode => urlsafe, padding => false}),
+    owner_id = <<"owner123">>,
+    title = <<"Test Calendar">>,
+    description = <<"">>,
+    tags = [],
+    type = personal,
+    confirmation = manual,
+    rating_avg = 0.0,
+    rating_count = 0,
+    status = active,
+    created_at = calendar:universal_time(),
+    updated_at = calendar:universal_time()
+  },
+  mnesia:dirty_write(Calendar),
+  Calendar.
+
+create_test_event() ->
+  Event = #event{
+    id = base64:encode(crypto:strong_rand_bytes(16), #{mode => urlsafe, padding => false}),
+    calendar_id = <<"cal123">>,
+    title = <<"Test Event">>,
+    description = <<"">>,
+    event_type = single,
+    start_time = {{2026, 6, 1}, {10, 0, 0}},
+    duration = 60,
+    recurrence_rule = undefined,
+    master_id = undefined,
+    is_instance = false,
+    specialist_id = undefined,
+    location = undefined,
+    tags = [],
+    capacity = undefined,
+    online_link = undefined,
+    status = active,
+    rating_avg = 0.0,
+    rating_count = 0,
+    created_at = calendar:universal_time(),
+    updated_at = calendar:universal_time()
+  },
+  mnesia:dirty_write(Event),
+  Event.
+
+test_notify_booking() ->
+  Booking = create_test_booking(),
+  UserId = <<"user123">>,
+
+  % Функция возвращает список пидов (может быть пустым)
+  Result = logic_notification:notify_booking(UserId, Booking),
+  ?assert(is_list(Result)).
+
+test_notify_calendar_update() ->
+  Calendar = create_test_calendar(),
+  Result = logic_notification:notify_calendar_update(Calendar),
+  ?assert(is_list(Result)).
+
+test_notify_event_update() ->
+  Event = create_test_event(),
+  Result = logic_notification:notify_event_update(Event),
+  ?assert(is_list(Result)).
+
+test_notify_admin() ->
+  Result = logic_notification:notify_admin(report_created, #{report_id => <<"rep123">>}),
+  ?assertEqual(ok, Result).

test/unit/ws_handler_tests.erl

@@ -0,0 +1,61 @@
+-module(ws_handler_tests).
+-include_lib("eunit/include/eunit.hrl").
+
+-record(state, {
+  user_id :: binary() | undefined,
+  subscriptions = [] :: [binary()]
+}).
+
+setup() ->
+  pg:start_link(),
+  ok.
+
+cleanup(_) ->
+  ok.
+
+ws_handler_test_() ->
+  {foreach,
+    fun setup/0,
+    fun cleanup/1,
+    [
+      {"WebSocket info notification - booking", fun test_websocket_info_booking/0},
+      {"WebSocket info notification - calendar", fun test_websocket_info_calendar/0},
+      {"WebSocket info notification - event", fun test_websocket_info_event/0}
+    ]}.
+
+test_websocket_info_booking() ->
+  State = #state{user_id = <<"user123">>, subscriptions = []},
+  Data = #{booking_id => <<"book123">>, event_id => <<"ev123">>, status => confirmed},
+  Msg = {notification, booking_update, Data},
+
+  case ws_handler:websocket_info(Msg, State) of
+    {reply, {text, Reply}, _} ->
+      Decoded = jsx:decode(Reply, [return_maps]),
+      ?assertEqual(<<"booking_update">>, maps:get(<<"type">>, Decoded)),
+      ?assertEqual(<<"book123">>, maps:get(<<"booking_id">>, maps:get(<<"data">>, Decoded)));
+    _ -> ?assert(false, "Expected reply")
+  end.
+
+test_websocket_info_calendar() ->
+  State = #state{user_id = <<"user123">>, subscriptions = [<<"cal123">>]},
+  Data = #{calendar_id => <<"cal123">>, title => <<"Updated">>},
+  Msg = {notification, calendar_update, Data},
+
+  case ws_handler:websocket_info(Msg, State) of
+    {reply, {text, Reply}, _} ->
+      Decoded = jsx:decode(Reply, [return_maps]),
+      ?assertEqual(<<"calendar_update">>, maps:get(<<"type">>, Decoded));
+    _ -> ?assert(false, "Expected reply")
+  end.
+
+test_websocket_info_event() ->
+  State = #state{user_id = <<"user123">>, subscriptions = []},
+  Data = #{event_id => <<"ev123">>, title => <<"Updated Event">>},
+  Msg = {notification, event_update, Data},
+
+  case ws_handler:websocket_info(Msg, State) of
+    {reply, {text, Reply}, _} ->
+      Decoded = jsx:decode(Reply, [return_maps]),
+      ?assertEqual(<<"event_update">>, maps:get(<<"type">>, Decoded));
+    _ -> ?assert(false, "Expected reply")
+  end.