feat(audit): 实现Audit HTTP Handler并提升IAM Middleware覆盖率
1. 新增Audit HTTP Handler (AUD-05, AUD-06完成) - POST /api/v1/audit/events - 创建审计事件(支持幂等) - GET /api/v1/audit/events - 查询事件列表(支持分页和过滤) 2. 提升IAM Middleware测试覆盖率 - 从63.8%提升至83.5% - 新增SetRouteScopePolicy测试 - 新增RequireRole/RequireMinLevel中间件测试 - 新增hasAnyScope测试 TDD完成:33/33任务 (100%)
This commit is contained in:
Your Name
222
supply-api/internal/audit/handler/audit_handler_test.go
Normal file
222
supply-api/internal/audit/handler/audit_handler_test.go
Normal file
@@ -0,0 +1,222 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
"lijiaoqiao/supply-api/internal/audit/model"
|
||||
"lijiaoqiao/supply-api/internal/audit/service"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
// mockAuditStore 模拟审计存储
|
||||
type mockAuditStore struct {
|
||||
events []*model.AuditEvent
|
||||
nextID int64
|
||||
idempotencyKeys map[string]*model.AuditEvent
|
||||
}
|
||||
|
||||
func newMockAuditStore() *mockAuditStore {
|
||||
return &mockAuditStore{
|
||||
events: make([]*model.AuditEvent, 0),
|
||||
nextID: 1,
|
||||
idempotencyKeys: make(map[string]*model.AuditEvent),
|
||||
}
|
||||
}
|
||||
|
||||
func (m *mockAuditStore) Emit(ctx context.Context, event *model.AuditEvent) error {
|
||||
if event.EventID == "" {
|
||||
event.EventID = "test-event-id"
|
||||
}
|
||||
m.events = append(m.events, event)
|
||||
if event.IdempotencyKey != "" {
|
||||
m.idempotencyKeys[event.IdempotencyKey] = event
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *mockAuditStore) Query(ctx context.Context, filter *service.EventFilter) ([]*model.AuditEvent, int64, error) {
|
||||
var result []*model.AuditEvent
|
||||
for _, e := range m.events {
|
||||
if filter.TenantID != 0 && e.TenantID != filter.TenantID {
|
||||
continue
|
||||
}
|
||||
if filter.Category != "" && e.EventCategory != filter.Category {
|
||||
continue
|
||||
}
|
||||
result = append(result, e)
|
||||
}
|
||||
return result, int64(len(result)), nil
|
||||
}
|
||||
|
||||
func (m *mockAuditStore) GetByIdempotencyKey(ctx context.Context, key string) (*model.AuditEvent, error) {
|
||||
if e, ok := m.idempotencyKeys[key]; ok {
|
||||
return e, nil
|
||||
}
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
// TestAuditHandler_CreateEvent_Success 测试创建事件成功
|
||||
func TestAuditHandler_CreateEvent_Success(t *testing.T) {
|
||||
store := newMockAuditStore()
|
||||
svc := service.NewAuditService(store)
|
||||
h := NewAuditHandler(svc)
|
||||
|
||||
reqBody := CreateEventRequest{
|
||||
EventName: "CRED-EXPOSE-RESPONSE",
|
||||
EventCategory: "CRED",
|
||||
EventSubCategory: "EXPOSE",
|
||||
OperatorID: 1001,
|
||||
TenantID: 2001,
|
||||
ObjectType: "account",
|
||||
ObjectID: 12345,
|
||||
Action: "query",
|
||||
}
|
||||
|
||||
body, _ := json.Marshal(reqBody)
|
||||
req := httptest.NewRequest("POST", "/audit/events", bytes.NewReader(body))
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
w := httptest.NewRecorder()
|
||||
|
||||
h.CreateEvent(w, req)
|
||||
|
||||
assert.Equal(t, http.StatusCreated, w.Code)
|
||||
|
||||
var result service.CreateEventResult
|
||||
err := json.Unmarshal(w.Body.Bytes(), &result)
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, 201, result.StatusCode)
|
||||
assert.Equal(t, "created", result.Status)
|
||||
}
|
||||
|
||||
// TestAuditHandler_CreateEvent_DuplicateIdempotencyKey 测试幂等键重复
|
||||
func TestAuditHandler_CreateEvent_DuplicateIdempotencyKey(t *testing.T) {
|
||||
store := newMockAuditStore()
|
||||
svc := service.NewAuditService(store)
|
||||
h := NewAuditHandler(svc)
|
||||
|
||||
reqBody := CreateEventRequest{
|
||||
EventName: "CRED-EXPOSE-RESPONSE",
|
||||
EventCategory: "CRED",
|
||||
EventSubCategory: "EXPOSE",
|
||||
OperatorID: 1001,
|
||||
TenantID: 2001,
|
||||
IdempotencyKey: "test-idempotency-key",
|
||||
}
|
||||
|
||||
body, _ := json.Marshal(reqBody)
|
||||
|
||||
// 第一次请求
|
||||
req1 := httptest.NewRequest("POST", "/audit/events", bytes.NewReader(body))
|
||||
req1.Header.Set("Content-Type", "application/json")
|
||||
w1 := httptest.NewRecorder()
|
||||
h.CreateEvent(w1, req1)
|
||||
assert.Equal(t, http.StatusCreated, w1.Code)
|
||||
|
||||
// 第二次请求(相同幂等键)
|
||||
req2 := httptest.NewRequest("POST", "/audit/events", bytes.NewReader(body))
|
||||
req2.Header.Set("Content-Type", "application/json")
|
||||
w2 := httptest.NewRecorder()
|
||||
h.CreateEvent(w2, req2)
|
||||
assert.Equal(t, http.StatusOK, w2.Code) // 应该返回200而非201
|
||||
}
|
||||
|
||||
// TestAuditHandler_ListEvents_Success 测试查询事件成功
|
||||
func TestAuditHandler_ListEvents_Success(t *testing.T) {
|
||||
store := newMockAuditStore()
|
||||
svc := service.NewAuditService(store)
|
||||
h := NewAuditHandler(svc)
|
||||
|
||||
// 先创建一些事件
|
||||
events := []*model.AuditEvent{
|
||||
{EventName: "EVENT-1", TenantID: 2001, EventCategory: "CRED"},
|
||||
{EventName: "EVENT-2", TenantID: 2001, EventCategory: "CRED"},
|
||||
{EventName: "EVENT-3", TenantID: 2002, EventCategory: "AUTH"},
|
||||
}
|
||||
for _, e := range events {
|
||||
store.Emit(context.Background(), e)
|
||||
}
|
||||
|
||||
// 查询
|
||||
req := httptest.NewRequest("GET", "/audit/events?tenant_id=2001", nil)
|
||||
w := httptest.NewRecorder()
|
||||
|
||||
h.ListEvents(w, req)
|
||||
|
||||
assert.Equal(t, http.StatusOK, w.Code)
|
||||
|
||||
var result ListEventsResponse
|
||||
err := json.Unmarshal(w.Body.Bytes(), &result)
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, int64(2), result.Total) // 只有2个2001租户的事件
|
||||
}
|
||||
|
||||
// TestAuditHandler_ListEvents_WithPagination 测试分页查询
|
||||
func TestAuditHandler_ListEvents_WithPagination(t *testing.T) {
|
||||
store := newMockAuditStore()
|
||||
svc := service.NewAuditService(store)
|
||||
h := NewAuditHandler(svc)
|
||||
|
||||
// 创建多个事件
|
||||
for i := 0; i < 5; i++ {
|
||||
store.Emit(context.Background(), &model.AuditEvent{
|
||||
EventName: "EVENT",
|
||||
TenantID: 2001,
|
||||
})
|
||||
}
|
||||
|
||||
req := httptest.NewRequest("GET", "/audit/events?tenant_id=2001&offset=0&limit=2", nil)
|
||||
w := httptest.NewRecorder()
|
||||
|
||||
h.ListEvents(w, req)
|
||||
|
||||
assert.Equal(t, http.StatusOK, w.Code)
|
||||
|
||||
var result ListEventsResponse
|
||||
json.Unmarshal(w.Body.Bytes(), &result)
|
||||
assert.Equal(t, int64(5), result.Total)
|
||||
assert.Equal(t, 0, result.Offset)
|
||||
assert.Equal(t, 2, result.Limit)
|
||||
}
|
||||
|
||||
// TestAuditHandler_InvalidRequest 测试无效请求
|
||||
func TestAuditHandler_InvalidRequest(t *testing.T) {
|
||||
store := newMockAuditStore()
|
||||
svc := service.NewAuditService(store)
|
||||
h := NewAuditHandler(svc)
|
||||
|
||||
req := httptest.NewRequest("POST", "/audit/events", bytes.NewReader([]byte("invalid json")))
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
w := httptest.NewRecorder()
|
||||
|
||||
h.CreateEvent(w, req)
|
||||
|
||||
assert.Equal(t, http.StatusBadRequest, w.Code)
|
||||
}
|
||||
|
||||
// TestAuditHandler_MissingRequiredFields 测试缺少必填字段
|
||||
func TestAuditHandler_MissingRequiredFields(t *testing.T) {
|
||||
store := newMockAuditStore()
|
||||
svc := service.NewAuditService(store)
|
||||
h := NewAuditHandler(svc)
|
||||
|
||||
// 缺少EventName
|
||||
reqBody := CreateEventRequest{
|
||||
EventCategory: "CRED",
|
||||
OperatorID: 1001,
|
||||
}
|
||||
|
||||
body, _ := json.Marshal(reqBody)
|
||||
req := httptest.NewRequest("POST", "/audit/events", bytes.NewReader(body))
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
w := httptest.NewRecorder()
|
||||
|
||||
h.CreateEvent(w, req)
|
||||
|
||||
assert.Equal(t, http.StatusBadRequest, w.Code)
|
||||
}
|
||||
Reference in New Issue
Block a user