feat: 实现设备管理和设备导入功能，修复测试问题

主要变更：
- 实现设备管理模块（创建、查询、列表、更新状态、删除）
- 实现设备批量导入功能（CSV 解析、ICCID 绑定、异步任务处理）
- 添加设备-SIM 卡绑定约束（部分唯一索引防止并发问题）
- 修复 fee_rate 数据库字段类型（numeric -> bigint）
- 修复测试数据隔离问题（基于增量断言）
- 修复集成测试中间件顺序问题
- 清理无用测试文件（PersonalCustomer、Email 相关）
- 归档 enterprise-card-authorization 变更

tests/integration/account_test.go

@@ -37,7 +37,7 @@ import (
 // testEnv 测试环境
 type testEnv struct {
 	tx              *gorm.DB
-	rdb     *redis.Client
+	rdb             *redis.Client
 	app             *fiber.App
 	accountService  *accountService.Service
 	postgresCleanup func()
@@ -121,12 +121,19 @@ func setupTestEnv(t *testing.T) *testEnv {
 	services := &bootstrap.Handlers{
 		Account: accountHandler,
 	}
-	middlewares := &bootstrap.Middlewares{}
+	middlewares := &bootstrap.Middlewares{
+		AdminAuth: func(c *fiber.Ctx) error {
+			return c.Next()
+		},
+		H5Auth: func(c *fiber.Ctx) error {
+			return c.Next()
+		},
+	}
 	routes.RegisterRoutes(app, services, middlewares)
 
 	return &testEnv{
 		tx:             tx,
-		rdb:    rdb,
+		rdb:            rdb,
 		app:            app,
 		accountService: accService,
 		postgresCleanup: func() {

tests/integration/api_regression_test.go

@@ -34,7 +34,7 @@ import (
 // regressionTestEnv 回归测试环境
 type regressionTestEnv struct {
 	tx              *gorm.DB
-	rdb     *redis.Client
+	rdb             *redis.Client
 	app             *fiber.App
 	postgresCleanup func()
 	redisCleanup    func()
@@ -132,13 +132,21 @@ func setupRegressionTestEnv(t *testing.T) *regressionTestEnv {
 		Role:       roleHandler,
 		Permission: permHandler,
 	}
-	middlewares := &bootstrap.Middlewares{}
+	// 提供一个空操作的 AdminAuth 中间件，避免 nil panic
+	middlewares := &bootstrap.Middlewares{
+		AdminAuth: func(c *fiber.Ctx) error {
+			return c.Next()
+		},
+		H5Auth: func(c *fiber.Ctx) error {
+			return c.Next()
+		},
+	}
 	routes.RegisterRoutes(app, services, middlewares)
 
 	return &regressionTestEnv{
-		tx:          tx,
+		tx:  tx,
 		rdb: rdb,
-		app:         app,
+		app: app,
 		postgresCleanup: func() {
 			if err := pgContainer.Terminate(ctx); err != nil {
 				t.Logf("终止 PostgreSQL 容器失败: %v", err)

tests/integration/device_test.go

@@ -0,0 +1,333 @@
+package integration
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http/httptest"
+	"testing"
+	"time"
+
+	"github.com/break/junhong_cmp_fiber/internal/bootstrap"
+	internalMiddleware "github.com/break/junhong_cmp_fiber/internal/middleware"
+	"github.com/break/junhong_cmp_fiber/internal/model"
+	"github.com/break/junhong_cmp_fiber/internal/routes"
+	"github.com/break/junhong_cmp_fiber/pkg/auth"
+	"github.com/break/junhong_cmp_fiber/pkg/config"
+	"github.com/break/junhong_cmp_fiber/pkg/constants"
+	"github.com/break/junhong_cmp_fiber/pkg/queue"
+	"github.com/break/junhong_cmp_fiber/pkg/response"
+	"github.com/break/junhong_cmp_fiber/tests/testutil"
+	"github.com/gofiber/fiber/v2"
+	"github.com/redis/go-redis/v9"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"go.uber.org/zap"
+	"gorm.io/driver/postgres"
+	"gorm.io/gorm"
+	"gorm.io/gorm/logger"
+)
+
+type deviceTestEnv struct {
+	db           *gorm.DB
+	rdb          *redis.Client
+	tokenManager *auth.TokenManager
+	app          *fiber.App
+	adminToken   string
+	t            *testing.T
+}
+
+func setupDeviceTestEnv(t *testing.T) *deviceTestEnv {
+	t.Helper()
+
+	t.Setenv("CONFIG_ENV", "dev")
+	t.Setenv("CONFIG_PATH", "../../configs/config.dev.yaml")
+	cfg, err := config.Load()
+	require.NoError(t, err)
+	err = config.Set(cfg)
+	require.NoError(t, err)
+
+	zapLogger, _ := zap.NewDevelopment()
+
+	dsn := "host=cxd.whcxd.cn port=16159 user=erp_pgsql password=erp_2025 dbname=junhong_cmp_test sslmode=disable TimeZone=Asia/Shanghai"
+	db, err := gorm.Open(postgres.Open(dsn), &gorm.Config{
+		Logger: logger.Default.LogMode(logger.Silent),
+	})
+	require.NoError(t, err)
+
+	rdb := redis.NewClient(&redis.Options{
+		Addr:     "cxd.whcxd.cn:16299",
+		Password: "cpNbWtAaqgo1YJmbMp3h",
+		DB:       15,
+	})
+
+	ctx := context.Background()
+	err = rdb.Ping(ctx).Err()
+	require.NoError(t, err)
+
+	testPrefix := fmt.Sprintf("test:%s:", t.Name())
+	keys, _ := rdb.Keys(ctx, testPrefix+"*").Result()
+	if len(keys) > 0 {
+		rdb.Del(ctx, keys...)
+	}
+
+	tokenManager := auth.NewTokenManager(rdb, 24*time.Hour, 7*24*time.Hour)
+	superAdmin := testutil.CreateSuperAdmin(t, db)
+	adminToken, _ := testutil.GenerateTestToken(t, rdb, superAdmin, "web")
+
+	queueClient := queue.NewClient(rdb, zapLogger)
+
+	deps := &bootstrap.Dependencies{
+		DB:           db,
+		Redis:        rdb,
+		Logger:       zapLogger,
+		TokenManager: tokenManager,
+		QueueClient:  queueClient,
+	}
+
+	result, err := bootstrap.Bootstrap(deps)
+	require.NoError(t, err)
+
+	app := fiber.New(fiber.Config{
+		ErrorHandler: internalMiddleware.ErrorHandler(zapLogger),
+	})
+
+	routes.RegisterRoutes(app, result.Handlers, result.Middlewares)
+
+	return &deviceTestEnv{
+		db:           db,
+		rdb:          rdb,
+		tokenManager: tokenManager,
+		app:          app,
+		adminToken:   adminToken,
+		t:            t,
+	}
+}
+
+func (e *deviceTestEnv) teardown() {
+	// 清理测试数据
+	e.db.Exec("DELETE FROM tb_device WHERE device_no LIKE 'TEST%'")
+	e.db.Exec("DELETE FROM tb_device_sim_binding WHERE device_id IN (SELECT id FROM tb_device WHERE device_no LIKE 'TEST%')")
+	e.db.Exec("DELETE FROM tb_device_import_task WHERE task_no LIKE 'TEST%'")
+
+	ctx := context.Background()
+	testPrefix := fmt.Sprintf("test:%s:", e.t.Name())
+	keys, _ := e.rdb.Keys(ctx, testPrefix+"*").Result()
+	if len(keys) > 0 {
+		e.rdb.Del(ctx, keys...)
+	}
+
+	e.rdb.Close()
+}
+
+func TestDevice_List(t *testing.T) {
+	env := setupDeviceTestEnv(t)
+	defer env.teardown()
+
+	// 创建测试设备
+	devices := []*model.Device{
+		{DeviceNo: "TEST_DEVICE_001", DeviceName: "测试设备1", DeviceType: "router", MaxSimSlots: 4, Status: constants.DeviceStatusInStock},
+		{DeviceNo: "TEST_DEVICE_002", DeviceName: "测试设备2", DeviceType: "router", MaxSimSlots: 2, Status: constants.DeviceStatusInStock},
+		{DeviceNo: "TEST_DEVICE_003", DeviceName: "测试设备3", DeviceType: "mifi", MaxSimSlots: 1, Status: constants.DeviceStatusDistributed},
+	}
+	for _, device := range devices {
+		require.NoError(t, env.db.Create(device).Error)
+	}
+
+	t.Run("获取设备列表-无过滤", func(t *testing.T) {
+		req := httptest.NewRequest("GET", "/api/admin/devices?page=1&page_size=20", nil)
+		req.Header.Set("Authorization", "Bearer "+env.adminToken)
+
+		resp, err := env.app.Test(req, -1)
+		require.NoError(t, err)
+		defer resp.Body.Close()
+
+		assert.Equal(t, 200, resp.StatusCode)
+
+		var result response.Response
+		err = json.NewDecoder(resp.Body).Decode(&result)
+		require.NoError(t, err)
+		assert.Equal(t, 0, result.Code)
+	})
+
+	t.Run("获取设备列表-按设备类型过滤", func(t *testing.T) {
+		req := httptest.NewRequest("GET", "/api/admin/devices?device_type=router", nil)
+		req.Header.Set("Authorization", "Bearer "+env.adminToken)
+
+		resp, err := env.app.Test(req, -1)
+		require.NoError(t, err)
+		defer resp.Body.Close()
+
+		assert.Equal(t, 200, resp.StatusCode)
+
+		var result response.Response
+		err = json.NewDecoder(resp.Body).Decode(&result)
+		require.NoError(t, err)
+		assert.Equal(t, 0, result.Code)
+	})
+
+	t.Run("获取设备列表-按状态过滤", func(t *testing.T) {
+		req := httptest.NewRequest("GET", fmt.Sprintf("/api/admin/devices?status=%d", constants.DeviceStatusInStock), nil)
+		req.Header.Set("Authorization", "Bearer "+env.adminToken)
+
+		resp, err := env.app.Test(req, -1)
+		require.NoError(t, err)
+		defer resp.Body.Close()
+
+		assert.Equal(t, 200, resp.StatusCode)
+
+		var result response.Response
+		err = json.NewDecoder(resp.Body).Decode(&result)
+		require.NoError(t, err)
+		assert.Equal(t, 0, result.Code)
+	})
+
+	t.Run("未认证请求应返回错误", func(t *testing.T) {
+		req := httptest.NewRequest("GET", "/api/admin/devices", nil)
+
+		resp, err := env.app.Test(req, -1)
+		require.NoError(t, err)
+		defer resp.Body.Close()
+
+		var result response.Response
+		err = json.NewDecoder(resp.Body).Decode(&result)
+		require.NoError(t, err)
+		assert.NotEqual(t, 0, result.Code, "未认证请求应返回错误码")
+	})
+}
+
+func TestDevice_GetByID(t *testing.T) {
+	env := setupDeviceTestEnv(t)
+	defer env.teardown()
+
+	// 创建测试设备
+	device := &model.Device{
+		DeviceNo:    "TEST_DEVICE_GET_001",
+		DeviceName:  "测试设备详情",
+		DeviceType:  "router",
+		MaxSimSlots: 4,
+		Status:      constants.DeviceStatusInStock,
+	}
+	require.NoError(t, env.db.Create(device).Error)
+
+	t.Run("获取设备详情-成功", func(t *testing.T) {
+		url := fmt.Sprintf("/api/admin/devices/%d", device.ID)
+		req := httptest.NewRequest("GET", url, nil)
+		req.Header.Set("Authorization", "Bearer "+env.adminToken)
+
+		resp, err := env.app.Test(req, -1)
+		require.NoError(t, err)
+		defer resp.Body.Close()
+
+		assert.Equal(t, 200, resp.StatusCode)
+
+		var result response.Response
+		err = json.NewDecoder(resp.Body).Decode(&result)
+		require.NoError(t, err)
+		assert.Equal(t, 0, result.Code)
+
+		// 验证返回数据
+		dataMap, ok := result.Data.(map[string]interface{})
+		require.True(t, ok)
+		assert.Equal(t, "TEST_DEVICE_GET_001", dataMap["device_no"])
+	})
+
+	t.Run("获取不存在的设备-应返回错误", func(t *testing.T) {
+		req := httptest.NewRequest("GET", "/api/admin/devices/999999", nil)
+		req.Header.Set("Authorization", "Bearer "+env.adminToken)
+
+		resp, err := env.app.Test(req, -1)
+		require.NoError(t, err)
+		defer resp.Body.Close()
+
+		var result response.Response
+		err = json.NewDecoder(resp.Body).Decode(&result)
+		require.NoError(t, err)
+		assert.NotEqual(t, 0, result.Code, "不存在的设备应返回错误码")
+	})
+}
+
+func TestDevice_Delete(t *testing.T) {
+	env := setupDeviceTestEnv(t)
+	defer env.teardown()
+
+	// 创建测试设备
+	device := &model.Device{
+		DeviceNo:    "TEST_DEVICE_DEL_001",
+		DeviceName:  "测试删除设备",
+		DeviceType:  "router",
+		MaxSimSlots: 4,
+		Status:      constants.DeviceStatusInStock,
+	}
+	require.NoError(t, env.db.Create(device).Error)
+
+	t.Run("删除设备-成功", func(t *testing.T) {
+		url := fmt.Sprintf("/api/admin/devices/%d", device.ID)
+		req := httptest.NewRequest("DELETE", url, nil)
+		req.Header.Set("Authorization", "Bearer "+env.adminToken)
+
+		resp, err := env.app.Test(req, -1)
+		require.NoError(t, err)
+		defer resp.Body.Close()
+
+		assert.Equal(t, 200, resp.StatusCode)
+
+		var result response.Response
+		err = json.NewDecoder(resp.Body).Decode(&result)
+		require.NoError(t, err)
+		assert.Equal(t, 0, result.Code)
+
+		// 验证设备已被软删除
+		var deletedDevice model.Device
+		err = env.db.Unscoped().First(&deletedDevice, device.ID).Error
+		require.NoError(t, err)
+		assert.NotNil(t, deletedDevice.DeletedAt)
+	})
+}
+
+func TestDeviceImport_TaskList(t *testing.T) {
+	env := setupDeviceTestEnv(t)
+	defer env.teardown()
+
+	// 创建测试导入任务
+	task := &model.DeviceImportTask{
+		TaskNo:     "TEST_DEVICE_IMPORT_001",
+		Status:     model.ImportTaskStatusCompleted,
+		BatchNo:    "TEST_BATCH_001",
+		TotalCount: 100,
+	}
+	require.NoError(t, env.db.Create(task).Error)
+
+	t.Run("获取导入任务列表", func(t *testing.T) {
+		req := httptest.NewRequest("GET", "/api/admin/devices/import-tasks?page=1&page_size=20", nil)
+		req.Header.Set("Authorization", "Bearer "+env.adminToken)
+
+		resp, err := env.app.Test(req, -1)
+		require.NoError(t, err)
+		defer resp.Body.Close()
+
+		assert.Equal(t, 200, resp.StatusCode)
+
+		var result response.Response
+		err = json.NewDecoder(resp.Body).Decode(&result)
+		require.NoError(t, err)
+		assert.Equal(t, 0, result.Code)
+	})
+
+	t.Run("获取导入任务详情", func(t *testing.T) {
+		url := fmt.Sprintf("/api/admin/devices/import-tasks/%d", task.ID)
+		req := httptest.NewRequest("GET", url, nil)
+		req.Header.Set("Authorization", "Bearer "+env.adminToken)
+
+		resp, err := env.app.Test(req, -1)
+		require.NoError(t, err)
+		defer resp.Body.Close()
+
+		assert.Equal(t, 200, resp.StatusCode)
+
+		var result response.Response
+		err = json.NewDecoder(resp.Body).Decode(&result)
+		require.NoError(t, err)
+		assert.Equal(t, 0, result.Code)
+	})
+}

tests/integration/permission_test.go

@@ -17,6 +17,7 @@ import (
 	testcontainers_postgres "github.com/testcontainers/testcontainers-go/modules/postgres"
 	testcontainers_redis "github.com/testcontainers/testcontainers-go/modules/redis"
 	"github.com/testcontainers/testcontainers-go/wait"
+	"go.uber.org/zap"
 	"gorm.io/driver/postgres"
 	"gorm.io/gorm"
 	"gorm.io/gorm/logger"
@@ -37,7 +38,7 @@ import (
 // permTestEnv 权限测试环境
 type permTestEnv struct {
 	tx                *gorm.DB
-	rdb       *redis.Client
+	rdb               *redis.Client
 	app               *fiber.App
 	permissionService *permissionService.Service
 	cleanup           func()
@@ -105,23 +106,28 @@ func setupPermTestEnv(t *testing.T) *permTestEnv {
 	// 初始化 Handler
 	permHandler := admin.NewPermissionHandler(permSvc)
 
-	// 创建 Fiber App
 	app := fiber.New(fiber.Config{
-		ErrorHandler: func(c *fiber.Ctx, err error) error {
-			return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": err.Error()})
-		},
+		ErrorHandler: errors.SafeErrorHandler(zap.NewNop()),
+	})
+
+	app.Use(func(c *fiber.Ctx) error {
+		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(1, constants.UserTypeSuperAdmin, 0))
+		c.SetUserContext(ctx)
+		return c.Next()
 	})
 
-	// 注册路由
 	services := &bootstrap.Handlers{
 		Permission: permHandler,
 	}
-	middlewares := &bootstrap.Middlewares{}
+	middlewares := &bootstrap.Middlewares{
+		AdminAuth: func(c *fiber.Ctx) error { return c.Next() },
+		H5Auth:    func(c *fiber.Ctx) error { return c.Next() },
+	}
 	routes.RegisterRoutes(app, services, middlewares)
 
 	return &permTestEnv{
 		tx:                tx,
-		rdb:       rdb,
+		rdb:               rdb,
 		app:               app,
 		permissionService: permSvc,
 		cleanup: func() {
@@ -140,14 +146,6 @@ func TestPermissionAPI_Create(t *testing.T) {
 	env := setupPermTestEnv(t)
 	defer env.cleanup()
 
-	// 添加测试中间件
-	testUserID := uint(1)
-	env.app.Use(func(c *fiber.Ctx) error {
-		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(testUserID, constants.UserTypeSuperAdmin, 0))
-		c.SetUserContext(ctx)
-		return c.Next()
-	})
-
 	t.Run("成功创建权限", func(t *testing.T) {
 		reqBody := dto.CreatePermissionRequest{
 			PermName: "用户管理",
@@ -206,7 +204,6 @@ func TestPermissionAPI_Create(t *testing.T) {
 	})
 
 	t.Run("创建子权限", func(t *testing.T) {
-		// 先创建父权限
 		parentPerm := &model.Permission{
 			PermName: "系统管理",
 			PermCode: "system:manage",
@@ -215,10 +212,9 @@ func TestPermissionAPI_Create(t *testing.T) {
 		}
 		env.tx.Create(parentPerm)
 
-		// 创建子权限
 		reqBody := dto.CreatePermissionRequest{
 			PermName: "用户列表",
-			PermCode: "system:user:list",
+			PermCode: "user:list",
 			PermType: constants.PermissionTypeButton,
 			ParentID: &parentPerm.ID,
 		}
@@ -231,10 +227,10 @@ func TestPermissionAPI_Create(t *testing.T) {
 		require.NoError(t, err)
 		assert.Equal(t, fiber.StatusOK, resp.StatusCode)
 
-		// 验证父权限ID已设置
 		var child model.Permission
-		env.tx.Where("perm_code = ?", "system:user:list").First(&child)
-		assert.NotNil(t, child.ParentID)
+		err = env.tx.Where("perm_code = ?", "user:list").First(&child).Error
+		require.NoError(t, err, "子权限应该已创建")
+		require.NotNil(t, child.ParentID, "子权限的 ParentID 应该已设置")
 		assert.Equal(t, parentPerm.ID, *child.ParentID)
 	})
 }

tests/integration/platform_account_test.go

@@ -48,7 +48,10 @@ func TestPlatformAccountAPI_ListPlatformAccounts(t *testing.T) {
 	})
 
 	services := &bootstrap.Handlers{Account: accountHandler}
-	middlewares := &bootstrap.Middlewares{}
+	middlewares := &bootstrap.Middlewares{
+		AdminAuth: func(c *fiber.Ctx) error { return c.Next() },
+		H5Auth:    func(c *fiber.Ctx) error { return c.Next() },
+	}
 	routes.RegisterRoutes(app, services, middlewares)
 
 	superAdmin := &model.Account{
@@ -137,7 +140,10 @@ func TestPlatformAccountAPI_UpdatePassword(t *testing.T) {
 	})
 
 	services := &bootstrap.Handlers{Account: accountHandler}
-	middlewares := &bootstrap.Middlewares{}
+	middlewares := &bootstrap.Middlewares{
+		AdminAuth: func(c *fiber.Ctx) error { return c.Next() },
+		H5Auth:    func(c *fiber.Ctx) error { return c.Next() },
+	}
 	routes.RegisterRoutes(app, services, middlewares)
 
 	testAccount := &model.Account{
@@ -212,7 +218,10 @@ func TestPlatformAccountAPI_UpdateStatus(t *testing.T) {
 	})
 
 	services := &bootstrap.Handlers{Account: accountHandler}
-	middlewares := &bootstrap.Middlewares{}
+	middlewares := &bootstrap.Middlewares{
+		AdminAuth: func(c *fiber.Ctx) error { return c.Next() },
+		H5Auth:    func(c *fiber.Ctx) error { return c.Next() },
+	}
 	routes.RegisterRoutes(app, services, middlewares)
 
 	testAccount := &model.Account{
@@ -282,7 +291,10 @@ func TestPlatformAccountAPI_AssignRoles(t *testing.T) {
 	})
 
 	services := &bootstrap.Handlers{Account: accountHandler}
-	middlewares := &bootstrap.Middlewares{}
+	middlewares := &bootstrap.Middlewares{
+		AdminAuth: func(c *fiber.Ctx) error { return c.Next() },
+		H5Auth:    func(c *fiber.Ctx) error { return c.Next() },
+	}
 	routes.RegisterRoutes(app, services, middlewares)
 
 	superAdmin := &model.Account{

tests/integration/role_test.go

@@ -37,7 +37,7 @@ import (
 // roleTestEnv 角色测试环境
 type roleTestEnv struct {
 	tx              *gorm.DB
-	rdb     *redis.Client
+	rdb             *redis.Client
 	app             *fiber.App
 	roleService     *roleService.Service
 	postgresCleanup func()
@@ -121,12 +121,15 @@ func setupRoleTestEnv(t *testing.T) *roleTestEnv {
 	services := &bootstrap.Handlers{
 		Role: roleHandler,
 	}
-	middlewares := &bootstrap.Middlewares{}
+	middlewares := &bootstrap.Middlewares{
+		AdminAuth: func(c *fiber.Ctx) error { return c.Next() },
+		H5Auth:    func(c *fiber.Ctx) error { return c.Next() },
+	}
 	routes.RegisterRoutes(app, services, middlewares)
 
 	return &roleTestEnv{
 		tx:          tx,
-		rdb: rdb,
+		rdb:         rdb,
 		app:         app,
 		roleService: roleSvc,
 		postgresCleanup: func() {