import { describe, it, expect, beforeAll, beforeEach, afterEach } from 'vitest'; import { DataSource } from 'typeorm'; import { RoleServiceMt } from '../../src/services/role.service.mt'; import { RoleMt } from '../../src/entities/role.entity.mt'; import { AppDataSource, initializeDataSource } from '@d8d/shared-utils'; // 确保测试环境变量被设置 process.env.NODE_ENV = 'test'; describe('角色集成测试', () => { let dataSource: DataSource; let roleService: RoleServiceMt; beforeAll(() => { // 使用预先配置的数据源 initializeDataSource([RoleMt]) dataSource = AppDataSource; }) beforeEach(async () => { if (!dataSource.isInitialized) { await dataSource.initialize(); } roleService = new RoleServiceMt(dataSource); }); afterEach(async () => { if (dataSource.isInitialized) { await dataSource.destroy(); } }); describe('角色CRUD操作', () => { it('应该创建并检索角色', async () => { // Create role const roleData = { name: 'admin', description: 'Administrator role', permissions: ['user:create', 'user:delete', 'role:manage'], tenantId: 1 }; const createdRole = await roleService.create(roleData); expect(createdRole.id).toBeDefined(); expect(createdRole.name).toBe(roleData.name); expect(createdRole.description).toBe(roleData.description); expect(createdRole.permissions).toEqual(roleData.permissions); // Retrieve role const retrievedRole = await roleService.getById(createdRole.id); expect(retrievedRole).toBeDefined(); expect(retrievedRole?.name).toBe(roleData.name); }); it('应该更新角色信息', async () => { // Create role first const roleData = { name: 'updaterole', description: 'Role to be updated', permissions: ['user:read'], tenantId: 1 }; const createdRole = await roleService.create(roleData); // Update role const updateData = { description: 'Updated role description', permissions: ['user:read', 'user:update'] }; const updatedRole = await roleService.update(createdRole.id, updateData); expect(updatedRole).toBeDefined(); expect(updatedRole?.description).toBe(updateData.description); expect(updatedRole?.permissions).toEqual(updateData.permissions); }); it('应该删除角色', async () => { // Create role first const roleData = { name: 'deleterole', description: 'Role to be deleted', permissions: ['user:read'], tenantId: 1 }; const createdRole = await roleService.create(roleData); // Delete role const deleteResult = await roleService.delete(createdRole.id); expect(deleteResult).toBe(true); // Verify role is deleted const retrievedRole = await roleService.getById(createdRole.id); expect(retrievedRole).toBeNull(); }); it('应该根据角色名获取角色', async () => { const roleData = { name: 'specificrole', description: 'Specific role for testing', permissions: ['user:read'], tenantId: 1 }; await roleService.create(roleData); const foundRole = await roleService.getRoleByName('specificrole'); expect(foundRole).toBeDefined(); expect(foundRole?.name).toBe('specificrole'); }); }); describe('角色列表操作', () => { it('应该获取分页角色列表', async () => { // Create multiple roles const rolesData = [ { name: 'role1', description: 'Role 1', permissions: ['user:read'], tenantId: 1 }, { name: 'role2', description: 'Role 2', permissions: ['user:read'], tenantId: 1 }, { name: 'role3', description: 'Role 3', permissions: ['user:read'], tenantId: 1 } ]; for (const roleData of rolesData) { await roleService.create(roleData); } const [roles, total] = await roleService.getList(1, 10); expect(total).toBe(3); expect(roles).toHaveLength(3); expect(roles.map(r => r.name)).toEqual( expect.arrayContaining(['role1', 'role2', 'role3']) ); }); it('应该根据角色名搜索角色', async () => { // Create roles with different names await roleService.create({ name: 'admin', description: 'Admin role', permissions: ['user:create'], tenantId: 1 }); await roleService.create({ name: 'user', description: 'User role', permissions: ['user:read'], tenantId: 1 }); await roleService.create({ name: 'moderator', description: 'Moderator role', permissions: ['user:update'], tenantId: 1 }); const [adminRoles] = await roleService.getList(1, 10, 'admin', ['name']); expect(adminRoles).toHaveLength(1); expect(adminRoles[0].name).toBe('admin'); const [userRoles] = await roleService.getList(1, 10, 'user', ['name']); expect(userRoles).toHaveLength(1); expect(userRoles[0].name).toBe('user'); }); }); describe('权限检查', () => { it('应该检查角色是否拥有权限', async () => { const roleData = { name: 'permissionrole', description: 'Role with specific permissions', permissions: ['user:create', 'user:read', 'user:update'], tenantId: 1 }; const role = await roleService.create(roleData); // Check existing permissions expect(await roleService.hasPermission(role.id, 'user:create')).toBe(true); expect(await roleService.hasPermission(role.id, 'user:read')).toBe(true); expect(await roleService.hasPermission(role.id, 'user:update')).toBe(true); // Check non-existing permission expect(await roleService.hasPermission(role.id, 'user:delete')).toBe(false); }); it('应该对不存在的角色返回false', async () => { const hasPermission = await roleService.hasPermission(999, 'user:create'); expect(hasPermission).toBe(false); }); }); describe('角色验证', () => { it('应该允许不同租户使用相同的角色名', async () => { const roleData1 = { name: 'same_name', description: 'Role in tenant 1', permissions: ['user:read'], tenantId: 1 }; const roleData2 = { name: 'same_name', description: 'Role in tenant 2', permissions: ['user:read'], tenantId: 2 }; // Create role in tenant 1 const role1 = await roleService.create(roleData1); expect(role1).toBeDefined(); expect(role1.tenantId).toBe(1); // Create role with same name in tenant 2 (should work in multi-tenant) const role2 = await roleService.create(roleData2); expect(role2).toBeDefined(); expect(role2.tenantId).toBe(2); }); it('应该要求至少一个权限', async () => { const roleData = { name: 'nopermission', description: 'Role without permissions', permissions: [], tenantId: 1 }; // This should work as TypeORM handles empty arrays const role = await roleService.create(roleData); expect(role.permissions).toEqual([]); }); }); describe('租户隔离测试', () => { let tenant1Role: RoleMt; let tenant2Role: RoleMt; beforeEach(async () => { // 创建租户1的角色 tenant1Role = await roleService.create({ name: 'tenant1_role', description: 'Role for tenant 1', permissions: ['user:read', 'user:create'], tenantId: 1 }); // 创建租户2的角色 tenant2Role = await roleService.create({ name: 'tenant2_role', description: 'Role for tenant 2', permissions: ['user:read', 'user:update'], tenantId: 2 }); // 手动设置租户上下文,因为autoExtractFromContext功能尚未实现 (roleService as any)._tenantId = undefined; }); it('应该只返回当前租户的角色列表', async () => { // 测试租户1的角色列表 const [roles1, total1] = await roleService.getList(1, 10, undefined, undefined, { tenantId: 1 }); expect(total1).toBe(1); expect(roles1).toHaveLength(1); expect(roles1[0].tenantId).toBe(1); expect(roles1[0].name).toBe('tenant1_role'); // 测试租户2的角色列表 const [roles2, total2] = await roleService.getList(1, 10, undefined, undefined, { tenantId: 2 }); expect(total2).toBe(1); expect(roles2).toHaveLength(1); expect(roles2[0].tenantId).toBe(2); expect(roles2[0].name).toBe('tenant2_role'); }); it('应该正确过滤跨租户的角色详情访问', async () => { // 租户1应该能访问自己的角色 const role1 = await roleService.getById(tenant1Role.id, [], 1); expect(role1).toBeDefined(); expect(role1?.tenantId).toBe(1); // 租户1不应该能访问租户2的角色 const role2FromTenant1 = await roleService.getById(tenant2Role.id, [], 1); expect(role2FromTenant1).toBeNull(); // 租户2应该能访问自己的角色 const role2 = await roleService.getById(tenant2Role.id, [], 2); expect(role2).toBeDefined(); expect(role2?.tenantId).toBe(2); // 租户2不应该能访问租户1的角色 const role1FromTenant2 = await roleService.getById(tenant1Role.id, [], 2); expect(role1FromTenant2).toBeNull(); }); it('应该拒绝跨租户的角色更新', async () => { const updateData = { description: '尝试跨租户更新', permissions: ['user:delete'] }; // 租户1尝试更新租户2的角色 - 应该返回null const updatedRole = await roleService.update(tenant2Role.id, updateData, 1); expect(updatedRole).toBeNull(); // 验证租户2的角色没有被修改 const originalRole = await roleService.getById(tenant2Role.id, [], 2); expect(originalRole?.description).toBe('Role for tenant 2'); expect(originalRole?.permissions).toEqual(['user:read', 'user:update']); }); it('应该拒绝跨租户的角色删除', async () => { // 租户1尝试删除租户2的角色 - 应该返回false const deleteResult = await roleService.delete(tenant2Role.id, 1); expect(deleteResult).toBe(false); // 验证租户2的角色仍然存在 const roleStillExists = await roleService.getById(tenant2Role.id, [], 2); expect(roleStillExists).toBeDefined(); }); it('应该只在当前租户内搜索角色', async () => { // 在租户1中搜索 const [roles1] = await roleService.getList(1, 10, 'role', ['name'], { tenantId: 1 }); expect(roles1).toHaveLength(1); expect(roles1[0].name).toBe('tenant1_role'); // 在租户2中搜索 const [roles2] = await roleService.getList(1, 10, 'role', ['name'], { tenantId: 2 }); expect(roles2).toHaveLength(1); expect(roles2[0].name).toBe('tenant2_role'); }); it('应该根据租户ID正确获取角色名', async () => { // 租户1应该能找到自己的角色 const role1 = await roleService.getRoleByName('tenant1_role', 1); expect(role1).toBeDefined(); expect(role1?.tenantId).toBe(1); // 租户1不应该找到租户2的角色 const role2FromTenant1 = await roleService.getRoleByName('tenant2_role', 1); expect(role2FromTenant1).toBeNull(); // 租户2应该能找到自己的角色 const role2 = await roleService.getRoleByName('tenant2_role', 2); expect(role2).toBeDefined(); expect(role2?.tenantId).toBe(2); // 租户2不应该找到租户1的角色 const role1FromTenant2 = await roleService.getRoleByName('tenant1_role', 2); expect(role1FromTenant2).toBeNull(); }); it('应该正确检查跨租户的权限', async () => { // 租户1应该能检查自己角色的权限 const hasPermission1 = await roleService.hasPermission(tenant1Role.id, 'user:read', 1); expect(hasPermission1).toBe(true); // 租户1不应该能检查租户2角色的权限 const hasPermission2 = await roleService.hasPermission(tenant2Role.id, 'user:read', 1); expect(hasPermission2).toBe(false); // 租户2应该能检查自己角色的权限 const hasPermission3 = await roleService.hasPermission(tenant2Role.id, 'user:read', 2); expect(hasPermission3).toBe(true); // 租户2不应该能检查租户1角色的权限 const hasPermission4 = await roleService.hasPermission(tenant1Role.id, 'user:read', 2); expect(hasPermission4).toBe(false); }); }); });