niuniu/lijiaoqiao
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
89104bd0db04c4b403a8b847c5774cb7a8f912bf
lijiaoqiao/supply-api/internal/iam/model/user_role_test.go

255 lines
6.5 KiB
Go
Raw Normal View History

feat(P1/P2): 完成TDD开发及P1/P2设计文档 ## 设计文档 - multi_role_permission_design: 多角色权限设计 (CONDITIONAL GO) - audit_log_enhancement_design: 审计日志增强 (CONDITIONAL GO) - routing_strategy_template_design: 路由策略模板 (CONDITIONAL GO) - sso_saml_technical_research: SSO/SAML调研 (CONDITIONAL GO) - compliance_capability_package_design: 合规能力包设计 (CONDITIONAL GO) ## TDD开发成果 - IAM模块: supply-api/internal/iam/ (111个测试) - 审计日志模块: supply-api/internal/audit/ (40+测试) - 路由策略模块: gateway/internal/router/ (33+测试) - 合规能力包: gateway/internal/compliance/ + scripts/ci/compliance/ ## 规范文档 - parallel_agent_output_quality_standards: 并行Agent产出质量规范 - project_experience_summary: 项目经验总结 (v2) - 2026-04-02-p1-p2-tdd-execution-plan: TDD执行计划 ## 评审报告 - 5个CONDITIONAL GO设计文档评审报告 - fix_verification_report: 修复验证报告 - full_verification_report: 全面质量验证报告 - tdd_module_quality_verification: TDD模块质量验证 - tdd_execution_summary: TDD执行总结 依据: Superpowers执行框架 + TDD规范
2026-04-02 23:35:53 +08:00
package model
import (
"testing"
"time"
"github.com/stretchr/testify/assert"
)
// TestUserRoleMapping_AssignRole 测试分配角色
func TestUserRoleMapping_AssignRole(t *testing.T) {
// arrange
userID := int64(100)
roleID := int64(1)
tenantID := int64(1)
// act
userRole := NewUserRoleMapping(userID, roleID, tenantID)
// assert
assert.Equal(t, userID, userRole.UserID)
assert.Equal(t, roleID, userRole.RoleID)
assert.Equal(t, tenantID, userRole.TenantID)
assert.True(t, userRole.IsActive)
assert.NotEmpty(t, userRole.RequestID)
assert.Equal(t, 1, userRole.Version)
}
// TestUserRoleMapping_HasRole 测试用户是否拥有角色
func TestUserRoleMapping_HasRole(t *testing.T) {
// arrange
userID := int64(100)
role := NewRole("org_admin", "组织管理员", RoleTypePlatform, 50)
role.ID = 1
// act
userRole := NewUserRoleMapping(userID, role.ID, 0) // 0 表示全局角色
// assert
assert.True(t, userRole.HasRole(role.ID))
assert.False(t, userRole.HasRole(999)) // 不存在的角色ID
}
// TestUserRoleMapping_GlobalRole 测试全局角色tenantID为0
func TestUserRoleMapping_GlobalRole(t *testing.T) {
// arrange
userID := int64(100)
roleID := int64(1)
// act - 全局角色
userRole := NewUserRoleMapping(userID, roleID, 0)
// assert
assert.Equal(t, int64(0), userRole.TenantID)
assert.True(t, userRole.IsGlobalRole())
}
// TestUserRoleMapping_TenantRole 测试租户角色
func TestUserRoleMapping_TenantRole(t *testing.T) {
// arrange
userID := int64(100)
roleID := int64(1)
tenantID := int64(123)
// act
userRole := NewUserRoleMapping(userID, roleID, tenantID)
// assert
assert.Equal(t, tenantID, userRole.TenantID)
assert.False(t, userRole.IsGlobalRole())
}
// TestUserRoleMapping_WithGrantInfo 测试带授权信息的分配
func TestUserRoleMapping_WithGrantInfo(t *testing.T) {
// arrange
userID := int64(100)
roleID := int64(1)
tenantID := int64(1)
grantedBy := int64(1)
expiresAt := time.Now().Add(24 * time.Hour)
// act
userRole := NewUserRoleMappingWithGrant(userID, roleID, tenantID, grantedBy, &expiresAt)
// assert
assert.Equal(t, userID, userRole.UserID)
assert.Equal(t, roleID, userRole.RoleID)
assert.Equal(t, grantedBy, userRole.GrantedBy)
assert.NotNil(t, userRole.ExpiresAt)
assert.NotNil(t, userRole.GrantedAt)
}
// TestUserRoleMapping_Expired 测试过期角色
func TestUserRoleMapping_Expired(t *testing.T) {
// arrange
userID := int64(100)
roleID := int64(1)
expiresAt := time.Now().Add(-1 * time.Hour) // 已过期
// act
userRole := NewUserRoleMappingWithGrant(userID, roleID, 0, 1, &expiresAt)
// assert
assert.True(t, userRole.IsExpired())
}
// TestUserRoleMapping_NotExpired 测试未过期角色
func TestUserRoleMapping_NotExpired(t *testing.T) {
// arrange
userID := int64(100)
roleID := int64(1)
expiresAt := time.Now().Add(24 * time.Hour) // 未过期
// act
userRole := NewUserRoleMappingWithGrant(userID, roleID, 0, 1, &expiresAt)
// assert
assert.False(t, userRole.IsExpired())
}
// TestUserRoleMapping_NoExpiration 测试永不过期角色
func TestUserRoleMapping_NoExpiration(t *testing.T) {
// arrange
userID := int64(100)
roleID := int64(1)
// act
userRole := NewUserRoleMapping(userID, roleID, 0)
// assert
assert.Nil(t, userRole.ExpiresAt)
assert.False(t, userRole.IsExpired())
}
// TestUserRoleMapping_Revoke 测试撤销角色
func TestUserRoleMapping_Revoke(t *testing.T) {
// arrange
userRole := NewUserRoleMapping(100, 1, 0)
// act
userRole.Revoke()
// assert
assert.False(t, userRole.IsActive)
}
// TestUserRoleMapping_Grant 测试重新授予角色
func TestUserRoleMapping_Grant(t *testing.T) {
// arrange
userRole := NewUserRoleMapping(100, 1, 0)
userRole.Revoke()
// act
userRole.Grant()
// assert
assert.True(t, userRole.IsActive)
}
// TestUserRoleMapping_IncrementVersion 测试版本号递增
func TestUserRoleMapping_IncrementVersion(t *testing.T) {
// arrange
userRole := NewUserRoleMapping(100, 1, 0)
originalVersion := userRole.Version
// act
userRole.IncrementVersion()
// assert
assert.Equal(t, originalVersion+1, userRole.Version)
}
// TestUserRoleMapping_Valid 测试有效角色
func TestUserRoleMapping_Valid(t *testing.T) {
// arrange - 活跃且未过期的角色
userRole := NewUserRoleMapping(100, 1, 0)
expiresAt := time.Now().Add(24 * time.Hour)
userRole.ExpiresAt = &expiresAt
// act & assert
assert.True(t, userRole.IsValid())
}
// TestUserRoleMapping_InvalidInactive 测试无效角色 - 未激活
func TestUserRoleMapping_InvalidInactive(t *testing.T) {
// arrange
userRole := NewUserRoleMapping(100, 1, 0)
userRole.Revoke()
// assert
assert.False(t, userRole.IsValid())
}
// TestUserRoleMapping_Valid_ExpiredButActive 测试过期但激活的角色
func TestUserRoleMapping_Valid_ExpiredButActive(t *testing.T) {
// arrange - 已过期但仍然激活的角色(应该无效)
userRole := NewUserRoleMapping(100, 1, 0)
expiresAt := time.Now().Add(-1 * time.Hour)
userRole.ExpiresAt = &expiresAt
// assert - 即使IsActive为true过期角色也应该无效
assert.False(t, userRole.IsValid())
}
// TestUserRoleMapping_UniqueConstraint 测试唯一性约束
func TestUserRoleMapping_UniqueConstraint(t *testing.T) {
// arrange
userID := int64(100)
roleID := int64(1)
tenantID := int64(0) // 全局角色
// act
userRole1 := NewUserRoleMapping(userID, roleID, tenantID)
userRole2 := NewUserRoleMapping(userID, roleID, tenantID)
// assert - 同一个用户、角色、租户组合应该唯一
assert.Equal(t, userRole1.UserID, userRole2.UserID)
assert.Equal(t, userRole1.RoleID, userRole2.RoleID)
assert.Equal(t, userRole1.TenantID, userRole2.TenantID)
}
// TestUserRoleMapping_DifferentTenants 测试不同租户可以有相同角色
func TestUserRoleMapping_DifferentTenants(t *testing.T) {
// arrange
userID := int64(100)
roleID := int64(1)
tenantID1 := int64(1)
tenantID2 := int64(2)
// act
userRole1 := NewUserRoleMapping(userID, roleID, tenantID1)
userRole2 := NewUserRoleMapping(userID, roleID, tenantID2)
// assert - 不同租户的角色分配互不影响
assert.Equal(t, tenantID1, userRole1.TenantID)
assert.Equal(t, tenantID2, userRole2.TenantID)
assert.NotEqual(t, userRole1.TenantID, userRole2.TenantID)
}
// TestUserRoleMappingInfo_ToInfo 测试转换为UserRoleMappingInfo
func TestUserRoleMappingInfo_ToInfo(t *testing.T) {
// arrange
userRole := NewUserRoleMapping(100, 1, 0)
userRole.ID = 1
// act
info := userRole.ToInfo()
// assert
assert.Equal(t, int64(100), info.UserID)
assert.Equal(t, int64(1), info.RoleID)
assert.Equal(t, int64(0), info.TenantID)
assert.True(t, info.IsActive)
}
Reference in New Issue Copy Permalink