feat(security): extend rate limits on sync, tests, evidence and reports [FASE-3.4]

backend/tests/test_rate_limits.py

@@ -0,0 +1,25 @@
+"""Smoke tests for extended rate-limit decorators (SEC-003)."""
+
+import inspect
+
+from app.routers import evidence, professional_reports, system, tests
+
+
+def test_sync_mitre_has_hourly_limit():
+    source = inspect.getsource(system.trigger_mitre_sync)
+    assert "2/hour" in source
+
+
+def test_create_test_has_per_minute_limit():
+    source = inspect.getsource(tests.create_test)
+    assert "30/minute" in source
+
+
+def test_upload_evidence_has_per_minute_limit():
+    source = inspect.getsource(evidence.upload_evidence)
+    assert "10/minute" in source
+
+
+def test_report_endpoints_have_per_minute_limit():
+    source = inspect.getsource(professional_reports.generate_coverage_report)
+    assert "5/minute" in source