feat(iot-card-import): 为导入任务接口添加平台用户权限控制
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 6m10s
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 6m10s
- 在 Import/List/GetByID 接口添加用户类型校验 - 仅超级管理员和平台用户可访问 - 同步更新 OpenAPI 路由描述 - 补充集成测试覆盖权限拒绝场景
This commit is contained in:
@@ -11,6 +11,7 @@ import (
|
||||
|
||||
"github.com/break/junhong_cmp_fiber/internal/model"
|
||||
"github.com/break/junhong_cmp_fiber/pkg/constants"
|
||||
pkgerrors "github.com/break/junhong_cmp_fiber/pkg/errors"
|
||||
pkggorm "github.com/break/junhong_cmp_fiber/pkg/gorm"
|
||||
"github.com/break/junhong_cmp_fiber/pkg/response"
|
||||
"github.com/break/junhong_cmp_fiber/tests/testutils/integ"
|
||||
@@ -184,6 +185,72 @@ func TestIotCard_ImportTaskList(t *testing.T) {
|
||||
})
|
||||
}
|
||||
|
||||
func TestIotCard_ImportTask_PlatformOnly(t *testing.T) {
|
||||
env := integ.NewIntegrationTestEnv(t)
|
||||
|
||||
shop := env.CreateTestShop("权限测试店铺", 1, nil)
|
||||
agentAccount := env.CreateTestAccount(fmt.Sprintf("agent_perm_%d", time.Now().UnixNano()), "password123", constants.UserTypeAgent, &shop.ID, nil)
|
||||
|
||||
task := &model.IotCardImportTask{
|
||||
TaskNo: fmt.Sprintf("TEST_PERM_%d", time.Now().UnixNano()),
|
||||
Status: model.ImportTaskStatusCompleted,
|
||||
CarrierID: 1,
|
||||
CarrierType: "CMCC",
|
||||
CarrierName: "中国移动",
|
||||
TotalCount: 1,
|
||||
}
|
||||
require.NoError(t, env.TX.Create(task).Error)
|
||||
|
||||
t.Run("代理账号提交导入任务应返回403", func(t *testing.T) {
|
||||
body, _ := json.Marshal(map[string]interface{}{
|
||||
"carrier_id": 1,
|
||||
"batch_no": "TEST_BATCH_PERM",
|
||||
"file_key": "imports/test.xlsx",
|
||||
})
|
||||
|
||||
resp, err := env.AsUser(agentAccount).Request("POST", "/api/admin/iot-cards/import", body)
|
||||
require.NoError(t, err)
|
||||
defer resp.Body.Close()
|
||||
|
||||
assert.Equal(t, 403, resp.StatusCode)
|
||||
|
||||
var result response.Response
|
||||
err = json.NewDecoder(resp.Body).Decode(&result)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, pkgerrors.CodeForbidden, result.Code)
|
||||
assert.Contains(t, result.Message, "仅平台用户")
|
||||
})
|
||||
|
||||
t.Run("代理账号访问导入任务列表应返回403", func(t *testing.T) {
|
||||
resp, err := env.AsUser(agentAccount).Request("GET", "/api/admin/iot-cards/import-tasks?page=1&page_size=20", nil)
|
||||
require.NoError(t, err)
|
||||
defer resp.Body.Close()
|
||||
|
||||
assert.Equal(t, 403, resp.StatusCode)
|
||||
|
||||
var result response.Response
|
||||
err = json.NewDecoder(resp.Body).Decode(&result)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, pkgerrors.CodeForbidden, result.Code)
|
||||
assert.Contains(t, result.Message, "仅平台用户")
|
||||
})
|
||||
|
||||
t.Run("代理账号访问导入任务详情应返回403", func(t *testing.T) {
|
||||
url := fmt.Sprintf("/api/admin/iot-cards/import-tasks/%d", task.ID)
|
||||
resp, err := env.AsUser(agentAccount).Request("GET", url, nil)
|
||||
require.NoError(t, err)
|
||||
defer resp.Body.Close()
|
||||
|
||||
assert.Equal(t, 403, resp.StatusCode)
|
||||
|
||||
var result response.Response
|
||||
err = json.NewDecoder(resp.Body).Decode(&result)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, pkgerrors.CodeForbidden, result.Code)
|
||||
assert.Contains(t, result.Message, "仅平台用户")
|
||||
})
|
||||
}
|
||||
|
||||
func TestIotCard_ImportE2E(t *testing.T) {
|
||||
t.Skip("E2E测试:需要 Worker 服务运行处理异步导入任务")
|
||||
|
||||
|
||||
Reference in New Issue
Block a user