186-template-175
/
mini-starter
派生自 155-template-138/mini-starter


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343
							import { describe, it, expect, beforeEach } from 'vitest';
import { testClient } from 'hono/testing';
import { IntegrationTestDatabase, setupIntegrationDatabaseHooksWithEntities } from '@d8d/shared-test-util';
import { UserEntityMt, RoleMt } from '@d8d/core-module-mt/user-module-mt/entities';
import { FileMt } from '@d8d/core-module-mt/file-module-mt/entities';
import { OrderMt, OrderGoodsMt } from '@d8d/orders-module-mt';
import { MerchantMt } from '@d8d/merchant-module-mt';
import { SupplierMt } from '@d8d/supplier-module-mt';
import { DeliveryAddressMt } from '@d8d/delivery-address-module-mt';
import { AreaEntityMt } from '@d8d/geo-areas-mt';
import { GoodsMt, GoodsCategoryMt } from '@d8d/goods-module-mt';
import dataOverviewRoutes from '../../src/routes';
import { DataOverviewTestDataFactory } from '../utils/test-data-factory';

// 设置集成测试钩子 - 需要User、Role、File、Order及相关实体
setupIntegrationDatabaseHooksWithEntities([
  UserEntityMt,
  RoleMt,
  FileMt,
  OrderMt,
  OrderGoodsMt,
  MerchantMt,
  SupplierMt,
  DeliveryAddressMt,
  AreaEntityMt,
  GoodsMt,
  GoodsCategoryMt
])

describe('多租户数据概览API集成测试', () => {
  let client: ReturnType<typeof testClient<typeof dataOverviewRoutes>>;
  let userToken: string;
  let adminToken: string;
  let testUser: UserEntityMt;

  beforeEach(async () => {
    // 创建测试客户端
    client = testClient(dataOverviewRoutes);

    // 获取数据源并创建测试用户
    const dataSource = await IntegrationTestDatabase.getDataSource();

    // 创建租户1的测试用户
    testUser = await DataOverviewTestDataFactory.createTestUser(dataSource, 1);

    // 生成JWT令牌
    userToken = DataOverviewTestDataFactory.generateUserToken(testUser);
    adminToken = DataOverviewTestDataFactory.generateAdminToken(1);
  });

  describe('租户数据隔离验证', () => {
    it('应该确保订单数据的租户隔离', async () => {
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const orderRepository = dataSource.getRepository(OrderMt);

      // 创建租户1的订单数据
      await DataOverviewTestDataFactory.createTestOrders(dataSource, 1, 2);
      // 创建租户2的订单数据
      await DataOverviewTestDataFactory.createTestOrders(dataSource, 2, 3);

      // 验证租户1只能看到租户1的订单
      const tenant1Orders = await orderRepository.find({
        where: { tenantId: 1 }
      });

      // 验证租户2只能看到租户2的订单
      const tenant2Orders = await orderRepository.find({
        where: { tenantId: 2 }
      });

      expect(tenant1Orders).toHaveLength(2);
      expect(tenant1Orders[0].tenantId).toBe(1);
      expect(tenant2Orders).toHaveLength(3);
      expect(tenant2Orders[0].tenantId).toBe(2);
    });

    it('应该防止跨租户数据访问', async () => {
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const orderRepository = dataSource.getRepository(OrderMt);

      // 创建租户1的订单
      const tenant1Orders = await DataOverviewTestDataFactory.createTestOrders(dataSource, 1, 1);
      const tenant1Order = tenant1Orders[0];

      // 尝试使用租户2的ID查询租户1的订单
      const crossTenantOrder = await orderRepository.findOne({
        where: {
          orderNo: tenant1Order.orderNo,
          tenantId: 2 // 错误的租户ID
        }
      });

      expect(crossTenantOrder).toBeNull();
    });

    it('应该在创建数据时正确设置租户ID', async () => {
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const orderRepository = dataSource.getRepository(OrderMt);

      const tenantId = 5;
      const orders = await DataOverviewTestDataFactory.createTestOrders(dataSource, tenantId, 1);
      const order = orders[0];

      expect(order.tenantId).toBe(tenantId);
      expect(order.createdBy).toBeDefined();
    });
  });

  describe('GET /api/data-overview/summary', () => {
    it('应该返回今日数据概览统计（默认时间范围）', async () => {
      // 创建测试订单数据
      const dataSource = await IntegrationTestDatabase.getDataSource();
      await DataOverviewTestDataFactory.createTestOrders(dataSource, testUser.tenantId, 5);

      const response = await client.summary.$get({
        query: {}
      }, {
        headers: {
          'Authorization': `Bearer ${userToken}`
        }
      });

      expect(response.status).toBe(200);
      if (response.status === 200) {
        const data = await response.json();
        expect(data.success).toBe(true);
        expect(data.data).toBeDefined();
        expect(typeof data.data.totalSales).toBe('number');
        expect(typeof data.data.totalOrders).toBe('number');
        expect(typeof data.data.wechatSales).toBe('number');
        expect(typeof data.data.wechatOrders).toBe('number');
        expect(typeof data.data.creditSales).toBe('number');
        expect(typeof data.data.creditOrders).toBe('number');
        expect(typeof data.data.todaySales).toBe('number');
        expect(typeof data.data.todayOrders).toBe('number');
      }
    });

    it('应该支持自定义时间范围参数', async () => {
      const startDate = '2025-01-01T00:00:00Z';
      const endDate = '2025-01-31T23:59:59Z';

      const response = await client.summary.$get({
        query: {
          timeRange: 'custom',
          startDate,
          endDate
        }
      }, {
        headers: {
          'Authorization': `Bearer ${userToken}`
        }
      });

      expect(response.status).toBe(200);
      if (response.status === 200) {
        const data = await response.json();
        expect(data.success).toBe(true);
      }
    });

    it('当时间范围参数无效时应该返回400错误', async () => {
      // 提供自定义时间范围但不提供startDate和endDate
      const response = await client.summary.$get({
        query: {
          timeRange: 'custom'
          // 缺少startDate和endDate
        }
      }, {
        headers: {
          'Authorization': `Bearer ${userToken}`
        }
      });

      expect(response.status).toBe(400);
    });

    it('当startDate晚于endDate时应该返回400错误', async () => {
      const response = await client.summary.$get({
        query: {
          timeRange: 'custom',
          startDate: '2025-01-31T00:00:00Z',
          endDate: '2025-01-01T00:00:00Z'
        }
      }, {
        headers: {
          'Authorization': `Bearer ${userToken}`
        }
      });

      expect(response.status).toBe(400);
    });

    it('应该验证多租户数据隔离', async () => {
      // 创建租户100的订单数据
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const tenant100User = await DataOverviewTestDataFactory.createTestUser(dataSource, 100);
      const tenant100Token = DataOverviewTestDataFactory.generateUserToken(tenant100User);
      await DataOverviewTestDataFactory.createTestOrders(dataSource, 100, 3);

      // 创建租户101的用户和订单
      const tenant101User = await DataOverviewTestDataFactory.createTestUser(dataSource, 101);
      const tenant101Token = DataOverviewTestDataFactory.generateUserToken(tenant101User);
      await DataOverviewTestDataFactory.createTestOrders(dataSource, 101, 2);

      // 租户100查询应该只看到租户100的数据
      const response1 = await client.summary.$get({
        query: {}
      }, {
        headers: {
          'Authorization': `Bearer ${tenant100Token}`
        }
      });

      // 租户101查询应该只看到租户101的数据
      const response2 = await client.summary.$get({
        query: {}
      }, {
        headers: {
          'Authorization': `Bearer ${tenant101Token}`
        }
      });

      expect(response1.status).toBe(200);
      expect(response2.status).toBe(200);

      if (response1.status === 200 && response2.status === 200) {
        const data1 = await response1.json();
        const data2 = await response2.json();

        console.debug('租户100统计数据:', data1.data);
        console.debug('租户101统计数据:', data2.data);

        // 两个租户的统计数据应该独立
        expect(data1.data.totalOrders).toBe(3);
        expect(data2.data.totalOrders).toBe(2);
      }
    });

    it('应该支持缓存机制', async () => {
      // 第一次查询应该从数据库获取
      const dataSource = await IntegrationTestDatabase.getDataSource();
      await DataOverviewTestDataFactory.createTestOrders(dataSource, testUser.tenantId, 2);

      const response1 = await client.summary.$get({
        query: {}
      }, {
        headers: {
          'Authorization': `Bearer ${userToken}`
        }
      });

      expect(response1.status).toBe(200);

      // 第二次查询（短时间内）应该从缓存获取相同结果
      const response2 = await client.summary.$get({
        query: {}
      }, {
        headers: {
          'Authorization': `Bearer ${userToken}`
        }
      });

      expect(response2.status).toBe(200);

      if (response1.status === 200 && response2.status === 200) {
        const data1 = await response1.json();
        const data2 = await response2.json();
        expect(data1.data.totalOrders).toBe(data2.data.totalOrders);
      }
    });
  });

  describe('GET /api/data-overview/today', () => {
    it('应该返回今日实时统计数据', async () => {
      // 创建新租户的用户和token
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const tenant103User = await DataOverviewTestDataFactory.createTestUser(dataSource, 103);
      const tenant103Token = DataOverviewTestDataFactory.generateUserToken(tenant103User);

      // 创建今日订单数据
      await DataOverviewTestDataFactory.createTodayTestOrders(dataSource, 103, 3);

      const response = await client.today.$get({}, {
        headers: {
          'Authorization': `Bearer ${tenant103Token}`
        }
      });

      expect(response.status).toBe(200);
      if (response.status === 200) {
        const data = await response.json();
        expect(data.success).toBe(true);
        expect(data.data).toBeDefined();
        expect(typeof data.data.todaySales).toBe('number');
        expect(typeof data.data.todayOrders).toBe('number');
        expect(data.data.todayOrders).toBe(3);
      }
    });

    it('当没有今日订单时应该返回零值', async () => {
      // 创建新租户的用户和token（确保没有订单）
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const tenant104User = await DataOverviewTestDataFactory.createTestUser(dataSource, 104);
      const tenant104Token = DataOverviewTestDataFactory.generateUserToken(tenant104User);

      const response = await client.today.$get({}, {
        headers: {
          'Authorization': `Bearer ${tenant104Token}`
        }
      });

      expect(response.status).toBe(200);
      if (response.status === 200) {
        const data = await response.json();
        expect(data.data.todaySales).toBe(0);
        expect(data.data.todayOrders).toBe(0);
      }
    });
  });

  describe('认证和授权', () => {
    it('当缺少认证头时应该返回401错误', async () => {
      const response = await client.summary.$get({
        query: {}
      }); // 没有Authorization头

      expect(response.status).toBe(401);
    });

    it('当令牌无效时应该返回401错误', async () => {
      const response = await client.summary.$get({
        query: {}
      }, {
        headers: {
          'Authorization': 'Bearer invalid-token'
        }
      });

      expect(response.status).toBe(401);
    });
  });
});