import { describe, it, expect, beforeEach } from 'vitest'; import { testClient } from 'hono/testing'; import { IntegrationTestDatabase, setupIntegrationDatabaseHooksWithEntities } from '@d8d/shared-test-util'; import { JWTUtil } from '@d8d/shared-utils'; import { UserEntity, Role } from '@d8d/user-module'; import { File } from '@d8d/file-module'; import { Merchant } from '@d8d/merchant-module'; import { DeliveryAddress } from '@d8d/delivery-address-module'; import { AreaEntity } from '@d8d/geo-areas'; import { Supplier } from '@d8d/supplier-module'; import userRefundsRoutes from '../../src/routes/user/refunds'; import { Order, OrderRefund } from '../../src/entities'; // 设置集成测试钩子 setupIntegrationDatabaseHooksWithEntities([ UserEntity, Role, Order, OrderRefund, File, Merchant, DeliveryAddress, AreaEntity, Supplier ]) describe('用户退款管理API集成测试', () => { let client: ReturnType>; let userToken: string; let otherUserToken: string; let testUser: UserEntity; let otherUser: UserEntity; let testOrder: Order; let otherUserOrder: Order; let testDeliveryAddress: DeliveryAddress; let testMerchant: Merchant; beforeEach(async () => { // 创建测试客户端 client = testClient(userRefundsRoutes); // 获取数据源 const dataSource = await IntegrationTestDatabase.getDataSource(); // 创建测试用户 const userRepository = dataSource.getRepository(UserEntity); testUser = userRepository.create({ username: `test_user_${Math.floor(Math.random() * 100000)}`, password: 'test_password', nickname: '测试用户', registrationSource: 'web' }); await userRepository.save(testUser); // 创建其他用户 otherUser = userRepository.create({ username: `other_user_${Math.floor(Math.random() * 100000)}`, password: 'other_password', nickname: '其他用户', registrationSource: 'web' }); await userRepository.save(otherUser); // 生成测试用户的token userToken = JWTUtil.generateToken({ id: testUser.id, username: testUser.username, roles: [{name:'user'}] }); // 生成其他用户的token otherUserToken = JWTUtil.generateToken({ id: otherUser.id, username: otherUser.username, roles: [{name:'user'}] }); // 创建测试地区 const areaRepository = dataSource.getRepository(AreaEntity); const testProvince = areaRepository.create({ name: '广东省', level: 1, code: '440000', state: 1 }); await areaRepository.save(testProvince); const testCity = areaRepository.create({ name: '深圳市', level: 2, code: '440300', state: 1 }); await areaRepository.save(testCity); const testDistrict = areaRepository.create({ name: '南山区', level: 3, code: '440305', state: 1 }); await areaRepository.save(testDistrict); const testTown = areaRepository.create({ name: '粤海街道', level: 4, code: '440305001', state: 1 }); await areaRepository.save(testTown); // 创建测试配送地址 const deliveryAddressRepository = dataSource.getRepository(DeliveryAddress); testDeliveryAddress = deliveryAddressRepository.create({ userId: testUser.id, name: '收货人姓名', phone: '13800138000', receiverProvince: testProvince.id, receiverCity: testCity.id, receiverDistrict: testDistrict.id, receiverTown: testTown.id, address: '测试地址', isDefault: 1, state: 1, createdBy: testUser.id }); await deliveryAddressRepository.save(testDeliveryAddress); // 创建测试商户 const merchantRepository = dataSource.getRepository(Merchant); testMerchant = merchantRepository.create({ name: '测试商户', username: `merchant_${Math.floor(Math.random() * 100000)}`, password: 'test_password', state: 1, createdBy: testUser.id }); await merchantRepository.save(testMerchant); // 创建测试供应商 const supplierRepository = dataSource.getRepository(Supplier); const testSupplier = supplierRepository.create({ name: '测试供应商', username: `supplier_${Math.floor(Math.random() * 100000)}`, password: 'test_password', state: 1, createdBy: testUser.id }); await supplierRepository.save(testSupplier); // 创建测试用户的订单 const orderRepository = dataSource.getRepository(Order); testOrder = orderRepository.create({ orderNo: `ORDER_${Math.floor(Math.random() * 100000)}`, userId: testUser.id, amount: 100.00, costAmount: 80.00, payAmount: 100.00, orderType: 1, payType: 1, payState: 2, state: 0, deliveryAddressId: testDeliveryAddress.id, addressId: testDeliveryAddress.id, merchantId: testMerchant.id, supplierId: testSupplier.id, recevierProvince: testProvince.id, recevierCity: testCity.id, recevierDistrict: testDistrict.id, recevierTown: testTown.id, createdBy: testUser.id }); await orderRepository.save(testOrder); // 创建其他用户的订单 otherUserOrder = orderRepository.create({ orderNo: `ORDER_${Math.floor(Math.random() * 100000)}`, userId: otherUser.id, amount: 200.00, costAmount: 160.00, payAmount: 200.00, orderType: 1, payType: 1, payState: 2, state: 0, deliveryAddressId: testDeliveryAddress.id, addressId: testDeliveryAddress.id, merchantId: testMerchant.id, supplierId: testSupplier.id, recevierProvince: testProvince.id, recevierCity: testCity.id, recevierDistrict: testDistrict.id, recevierTown: testTown.id, createdBy: otherUser.id }); await orderRepository.save(otherUserOrder); }); describe('GET /refunds', () => { it('应该返回当前用户订单的退款列表', async () => { // 为测试用户的订单创建一些退款 const dataSource = await IntegrationTestDatabase.getDataSource(); const orderRefundRepository = dataSource.getRepository(OrderRefund); const userRefund1 = orderRefundRepository.create({ orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 50.00, state: 0, createdBy: testUser.id }); await orderRefundRepository.save(userRefund1); const userRefund2 = orderRefundRepository.create({ orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 25.00, state: 1, createdBy: testUser.id }); await orderRefundRepository.save(userRefund2); // 为其他用户的订单创建一个退款,确保不会返回 const otherUserRefund = orderRefundRepository.create({ orderNo: otherUserOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 100.00, state: 0, createdBy: otherUser.id }); await orderRefundRepository.save(otherUserRefund); const response = await client.index.$get({ query: { page: 1, pageSize: 10 } }, { headers: { 'Authorization': `Bearer ${userToken}` } }); console.debug('用户退款列表响应状态:', response.status); if (response.status !== 200) { const errorData = await response.json(); console.debug('用户退款列表错误响应:', errorData); } expect(response.status).toBe(200); if (response.status === 200) { const data = await response.json(); expect(data).toHaveProperty('data'); expect(Array.isArray(data.data)).toBe(true); // 验证只返回当前用户订单的退款 data.data.forEach((refund: any) => { expect(refund.order.userId).toBe(testUser.id); }); // 验证不包含其他用户订单的退款 const otherUserRefundInResponse = data.data.find((refund: any) => refund.order && refund.order.userId === otherUser.id ); expect(otherUserRefundInResponse).toBeUndefined(); } }); it('应该拒绝未认证用户的访问', async () => { const response = await client.index.$get({ query: { page: 1, pageSize: 10 } }); expect(response.status).toBe(401); }); }); describe('POST /refunds', () => { it('应该成功创建退款申请并自动设置当前用户权限', async () => { const createData = { orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 75.00, state: 0 }; const response = await client.index.$post({ json: createData }, { headers: { 'Authorization': `Bearer ${userToken}` } }); console.debug('用户创建退款申请响应状态:', response.status); if (response.status !== 201) { const errorData = await response.json(); console.debug('用户创建退款申请错误响应:', errorData); } expect(response.status).toBe(201); if (response.status === 201) { const data = await response.json(); expect(data).toHaveProperty('id'); expect(data.refundOrderNo).toBe(createData.refundOrderNo); expect(parseFloat(data.refundAmount)).toBe(createData.refundAmount); expect(data.state).toBe(createData.state); expect(data.createdBy).toBe(testUser.id); // 验证自动设置创建用户 } }); it('应该验证创建退款申请的必填字段', async () => { const invalidData = { // 缺少必填字段 refundAmount: -1 }; const response = await client.index.$post({ json: invalidData }, { headers: { 'Authorization': `Bearer ${userToken}` } }); expect(response.status).toBe(400); }); it('应该拒绝为其他用户的订单创建退款申请', async () => { const createData = { orderNo: otherUserOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 75.00, state: 0 }; const response = await client.index.$post({ json: createData }, { headers: { 'Authorization': `Bearer ${userToken}` } }); expect(response.status).toBe(403); // 数据权限控制返回403 }); }); describe('GET /refunds/:id', () => { it('应该返回当前用户订单的退款详情', async () => { // 先为测试用户的订单创建一个退款 const dataSource = await IntegrationTestDatabase.getDataSource(); const orderRefundRepository = dataSource.getRepository(OrderRefund); const testRefund = orderRefundRepository.create({ orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 50.00, state: 0, createdBy: testUser.id }); await orderRefundRepository.save(testRefund); const response = await client[':id'].$get({ param: { id: testRefund.id } }, { headers: { 'Authorization': `Bearer ${userToken}` } }); console.debug('用户退款详情响应状态:', response.status); if (response.status !== 200) { const errorData = await response.json(); console.debug('用户退款详情错误响应:', errorData); } expect(response.status).toBe(200); if (response.status === 200) { const data = await response.json(); expect(data.id).toBe(testRefund.id); expect(data.refundOrderNo).toBe(testRefund.refundOrderNo); expect(data.order.userId).toBe(testUser.id); // 验证订单属于当前用户 } }); it('应该拒绝访问其他用户订单的退款', async () => { // 为其他用户的订单创建一个退款 const dataSource = await IntegrationTestDatabase.getDataSource(); const orderRefundRepository = dataSource.getRepository(OrderRefund); const otherUserRefund = orderRefundRepository.create({ orderNo: otherUserOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 100.00, state: 0, createdBy: otherUser.id }); await orderRefundRepository.save(otherUserRefund); const response = await client[':id'].$get({ param: { id: otherUserRefund.id } }, { headers: { 'Authorization': `Bearer ${userToken}` } }); expect(response.status).toBe(403); // 数据权限控制返回403(权限不足) }); it('应该处理不存在的退款', async () => { const response = await client[':id'].$get({ param: { id: 999999 } }, { headers: { 'Authorization': `Bearer ${userToken}` } }); expect(response.status).toBe(404); }); }); describe('PUT /refunds/:id', () => { it('应该成功更新当前用户订单的退款', async () => { // 先为测试用户的订单创建一个退款 const dataSource = await IntegrationTestDatabase.getDataSource(); const orderRefundRepository = dataSource.getRepository(OrderRefund); const testRefund = orderRefundRepository.create({ orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 50.00, state: 0, createdBy: testUser.id }); await orderRefundRepository.save(testRefund); const updateData = { state: 1 }; const response = await client[':id'].$put({ param: { id: testRefund.id }, json: updateData }, { headers: { 'Authorization': `Bearer ${userToken}` } }); console.debug('用户更新退款响应状态:', response.status); expect(response.status).toBe(200); if (response.status === 200) { const data = await response.json(); expect(data.state).toBe(updateData.state); expect(data.updatedBy).toBe(testUser.id); // 验证自动设置更新用户 } }); it('应该拒绝更新其他用户订单的退款', async () => { // 为其他用户的订单创建一个退款 const dataSource = await IntegrationTestDatabase.getDataSource(); const orderRefundRepository = dataSource.getRepository(OrderRefund); const otherUserRefund = orderRefundRepository.create({ orderNo: otherUserOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 100.00, state: 0, createdBy: otherUser.id }); await orderRefundRepository.save(otherUserRefund); const updateData = { state: 1 }; const response = await client[':id'].$put({ param: { id: otherUserRefund.id }, json: updateData }, { headers: { 'Authorization': `Bearer ${userToken}` } }); expect(response.status).toBe(403); // 数据权限控制返回403 }); }); describe('DELETE /refunds/:id', () => { it('应该成功删除当前用户订单的退款', async () => { // 先为测试用户的订单创建一个退款 const dataSource = await IntegrationTestDatabase.getDataSource(); const orderRefundRepository = dataSource.getRepository(OrderRefund); const testRefund = orderRefundRepository.create({ orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 50.00, state: 0, createdBy: testUser.id }); await orderRefundRepository.save(testRefund); const response = await client[':id'].$delete({ param: { id: testRefund.id } }, { headers: { 'Authorization': `Bearer ${userToken}` } }); console.debug('用户删除退款响应状态:', response.status); expect(response.status).toBe(204); }); it('应该拒绝删除其他用户订单的退款', async () => { // 为其他用户的订单创建一个退款 const dataSource = await IntegrationTestDatabase.getDataSource(); const orderRefundRepository = dataSource.getRepository(OrderRefund); const otherUserRefund = orderRefundRepository.create({ orderNo: otherUserOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 100.00, state: 0, createdBy: otherUser.id }); await orderRefundRepository.save(otherUserRefund); const response = await client[':id'].$delete({ param: { id: otherUserRefund.id } }, { headers: { 'Authorization': `Bearer ${userToken}` } }); expect(response.status).toBe(403); // 数据权限控制返回403 }); }); describe('数据权限配置测试', () => { it('应该验证dataPermission配置正确工作', async () => { // 这个测试验证数据权限配置是否正常工作 // 用户只能访问自己订单的退款 const dataSource = await IntegrationTestDatabase.getDataSource(); const orderRefundRepository = dataSource.getRepository(OrderRefund); // 创建测试用户和其他用户订单的退款 const userRefund = orderRefundRepository.create({ orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 50.00, state: 0, createdBy: testUser.id }); await orderRefundRepository.save(userRefund); const otherUserRefund = orderRefundRepository.create({ orderNo: otherUserOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 100.00, state: 0, createdBy: otherUser.id }); await orderRefundRepository.save(otherUserRefund); // 使用测试用户token获取列表 const response = await client.index.$get({ query: { page: 1, pageSize: 10 } }, { headers: { 'Authorization': `Bearer ${userToken}` } }); if (response.status !== 200) { const errorData = await response.json(); console.debug('数据权限配置测试错误响应:', errorData); } expect(response.status).toBe(200); const data = await response.json(); // 类型检查确保data属性存在 if ('data' in data && Array.isArray(data.data)) { // 验证只返回测试用户订单的退款 const userRefundInResponse = data.data.filter((refund: any) => refund.order && refund.order.userId === testUser.id ); const otherUserRefundInResponse = data.data.filter((refund: any) => refund.order && refund.order.userId === otherUser.id ); expect(userRefundInResponse.length).toBeGreaterThan(0); expect(otherUserRefundInResponse.length).toBe(0); } else { // 如果响应是错误格式,应该失败 expect(data).toHaveProperty('data'); } }); }); describe('退款状态管理测试', () => { it('应该正确处理退款状态变更', async () => { const dataSource = await IntegrationTestDatabase.getDataSource(); const orderRefundRepository = dataSource.getRepository(OrderRefund); // 创建不同状态的退款 const pendingRefund = orderRefundRepository.create({ orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 50.00, state: 0, // 未退款 createdBy: testUser.id }); await orderRefundRepository.save(pendingRefund); const processingRefund = orderRefundRepository.create({ orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 25.00, state: 1, // 退款中 createdBy: testUser.id }); await orderRefundRepository.save(processingRefund); const completedRefund = orderRefundRepository.create({ orderNo: testOrder.orderNo, refundOrderNo: `REFUND_${Math.floor(Math.random() * 100000)}`, refundAmount: 75.00, state: 2, // 退款成功 createdBy: testUser.id }); await orderRefundRepository.save(completedRefund); // 验证状态过滤 const response = await client.index.$get({ query: { filters: JSON.stringify({ state: 0 }) } }, { headers: { 'Authorization': `Bearer ${userToken}` } }); expect(response.status).toBe(200); const data = await response.json(); // 类型检查确保data属性存在 if ('data' in data && Array.isArray(data.data)) { // 应该只返回未退款状态的退款 const pendingRefundsInResponse = data.data.filter((refund: any) => refund.state === 0); const processingRefundsInResponse = data.data.filter((refund: any) => refund.state === 1); const completedRefundsInResponse = data.data.filter((refund: any) => refund.state === 2); expect(pendingRefundsInResponse.length).toBeGreaterThan(0); expect(processingRefundsInResponse.length).toBe(0); expect(completedRefundsInResponse.length).toBe(0); } else { // 如果响应是错误格式,应该失败 expect(data).toHaveProperty('data'); } }); }); });