package role import ( "errors" "testing" "time" permModel "perms-system-server/internal/model/perm" roleModel "perms-system-server/internal/model/role" "perms-system-server/internal/model/roleperm" "perms-system-server/internal/response" "perms-system-server/internal/svc" "perms-system-server/internal/testutil" "perms-system-server/internal/testutil/ctxhelper" "perms-system-server/internal/types" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) // TC-0117: 正常绑定 func TestBindRolePerms_Normal(t *testing.T) { ctx := ctxhelper.SuperAdminCtx() svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) conn := testutil.GetTestSqlConn() now := time.Now().Unix() pc := testutil.UniqueId() roleRes, err := svcCtx.SysRoleModel.Insert(ctx, &roleModel.SysRole{ ProductCode: pc, Name: testutil.UniqueId(), Status: 1, PermsLevel: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) roleId, _ := roleRes.LastInsertId() p1Res, err := svcCtx.SysPermModel.Insert(ctx, &permModel.SysPerm{ ProductCode: pc, Name: testutil.UniqueId(), Code: testutil.UniqueId(), Status: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) p1Id, _ := p1Res.LastInsertId() p2Res, err := svcCtx.SysPermModel.Insert(ctx, &permModel.SysPerm{ ProductCode: pc, Name: testutil.UniqueId(), Code: testutil.UniqueId(), Status: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) p2Id, _ := p2Res.LastInsertId() t.Cleanup(func() { testutil.CleanTableByField(ctx, conn, "`sys_role_perm`", "roleId", roleId) testutil.CleanTable(ctx, conn, "`sys_perm`", p1Id, p2Id) testutil.CleanTable(ctx, conn, "`sys_role`", roleId) }) logic := NewBindRolePermsLogic(ctx, svcCtx) err = logic.BindRolePerms(&types.BindPermsReq{ RoleId: roleId, PermIds: []int64{p1Id, p2Id}, }) require.NoError(t, err) permIds, err := svcCtx.SysRolePermModel.FindPermIdsByRoleId(ctx, roleId) require.NoError(t, err) assert.ElementsMatch(t, []int64{p1Id, p2Id}, permIds) } // TC-0118: 角色不存在 func TestBindRolePerms_RoleNotFound(t *testing.T) { ctx := ctxhelper.SuperAdminCtx() svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) logic := NewBindRolePermsLogic(ctx, svcCtx) err := logic.BindRolePerms(&types.BindPermsReq{ RoleId: 999999999, PermIds: []int64{1}, }) require.Error(t, err) var ce *response.CodeError require.True(t, errors.As(err, &ce)) assert.Equal(t, 404, ce.Code()) assert.Equal(t, "角色不存在", ce.Error()) } // TC-0119: 清空权限 func TestBindRolePerms_EmptyPermIds(t *testing.T) { ctx := ctxhelper.SuperAdminCtx() svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) conn := testutil.GetTestSqlConn() now := time.Now().Unix() pc := testutil.UniqueId() roleRes, err := svcCtx.SysRoleModel.Insert(ctx, &roleModel.SysRole{ ProductCode: pc, Name: testutil.UniqueId(), Status: 1, PermsLevel: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) roleId, _ := roleRes.LastInsertId() pRes, err := svcCtx.SysPermModel.Insert(ctx, &permModel.SysPerm{ ProductCode: pc, Name: testutil.UniqueId(), Code: testutil.UniqueId(), Status: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) pId, _ := pRes.LastInsertId() rpRes, err := svcCtx.SysRolePermModel.Insert(ctx, &roleperm.SysRolePerm{ RoleId: roleId, PermId: pId, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) rpId, _ := rpRes.LastInsertId() t.Cleanup(func() { testutil.CleanTable(ctx, conn, "`sys_role_perm`", rpId) testutil.CleanTable(ctx, conn, "`sys_perm`", pId) testutil.CleanTable(ctx, conn, "`sys_role`", roleId) }) logic := NewBindRolePermsLogic(ctx, svcCtx) err = logic.BindRolePerms(&types.BindPermsReq{ RoleId: roleId, PermIds: []int64{}, }) require.NoError(t, err) permIds, err := svcCtx.SysRolePermModel.FindPermIdsByRoleId(ctx, roleId) require.NoError(t, err) assert.Empty(t, permIds) } // TC-0117: 正常绑定 func TestBindRolePerms_Rebind(t *testing.T) { ctx := ctxhelper.SuperAdminCtx() svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) conn := testutil.GetTestSqlConn() now := time.Now().Unix() pc := testutil.UniqueId() roleRes, err := svcCtx.SysRoleModel.Insert(ctx, &roleModel.SysRole{ ProductCode: pc, Name: testutil.UniqueId(), Status: 1, PermsLevel: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) roleId, _ := roleRes.LastInsertId() var permIds []int64 for i := 0; i < 3; i++ { pRes, err := svcCtx.SysPermModel.Insert(ctx, &permModel.SysPerm{ ProductCode: pc, Name: testutil.UniqueId(), Code: testutil.UniqueId(), Status: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) pId, _ := pRes.LastInsertId() permIds = append(permIds, pId) } t.Cleanup(func() { testutil.CleanTableByField(ctx, conn, "`sys_role_perm`", "roleId", roleId) testutil.CleanTable(ctx, conn, "`sys_perm`", permIds...) testutil.CleanTable(ctx, conn, "`sys_role`", roleId) }) logic := NewBindRolePermsLogic(ctx, svcCtx) err = logic.BindRolePerms(&types.BindPermsReq{ RoleId: roleId, PermIds: []int64{permIds[0], permIds[1]}, }) require.NoError(t, err) got, err := svcCtx.SysRolePermModel.FindPermIdsByRoleId(ctx, roleId) require.NoError(t, err) assert.ElementsMatch(t, []int64{permIds[0], permIds[1]}, got) err = logic.BindRolePerms(&types.BindPermsReq{ RoleId: roleId, PermIds: []int64{permIds[1], permIds[2]}, }) require.NoError(t, err) got, err = svcCtx.SysRolePermModel.FindPermIdsByRoleId(ctx, roleId) require.NoError(t, err) assert.ElementsMatch(t, []int64{permIds[1], permIds[2]}, got) } // TC-0120: 重复permId — H-5审计修复后静默去重 func TestBindRolePerms_DuplicatePermId(t *testing.T) { ctx := ctxhelper.SuperAdminCtx() svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) conn := testutil.GetTestSqlConn() now := time.Now().Unix() pc := testutil.UniqueId() roleRes, err := svcCtx.SysRoleModel.Insert(ctx, &roleModel.SysRole{ ProductCode: pc, Name: testutil.UniqueId(), Status: 1, PermsLevel: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) roleId, _ := roleRes.LastInsertId() pRes, err := svcCtx.SysPermModel.Insert(ctx, &permModel.SysPerm{ ProductCode: pc, Name: testutil.UniqueId(), Code: testutil.UniqueId(), Status: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) pId, _ := pRes.LastInsertId() t.Cleanup(func() { testutil.CleanTableByField(ctx, conn, "`sys_role_perm`", "roleId", roleId) testutil.CleanTable(ctx, conn, "`sys_perm`", pId) testutil.CleanTable(ctx, conn, "`sys_role`", roleId) }) logic := NewBindRolePermsLogic(ctx, svcCtx) err = logic.BindRolePerms(&types.BindPermsReq{ RoleId: roleId, PermIds: []int64{pId, pId}, }) require.NoError(t, err, "重复permId应被静默去重(H-5修复)") permIds, err := svcCtx.SysRolePermModel.FindPermIdsByRoleId(ctx, roleId) require.NoError(t, err) assert.Equal(t, []int64{pId}, permIds, "去重后应只绑定1个权限") } // TC-0520: bindRolePerms非管理员拒绝 func TestBindRolePerms_MemberRejected(t *testing.T) { pc := "test_product" ctx := ctxhelper.MemberCtx(pc) svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) conn := testutil.GetTestSqlConn() now := time.Now().Unix() roleRes, err := svcCtx.SysRoleModel.Insert(ctx, &roleModel.SysRole{ ProductCode: pc, Name: testutil.UniqueId(), Status: 1, PermsLevel: 1, CreateTime: now, UpdateTime: now, }) require.NoError(t, err) roleId, _ := roleRes.LastInsertId() t.Cleanup(func() { testutil.CleanTable(ctx, conn, "`sys_role`", roleId) }) logic := NewBindRolePermsLogic(ctx, svcCtx) err = logic.BindRolePerms(&types.BindPermsReq{RoleId: roleId, PermIds: []int64{1}}) require.Error(t, err) var ce *response.CodeError require.True(t, errors.As(err, &ce)) assert.Equal(t, 403, ce.Code()) }