package user import ( "errors" "testing" "perms-system-server/internal/response" "perms-system-server/internal/svc" "perms-system-server/internal/testutil" "perms-system-server/internal/testutil/ctxhelper" "perms-system-server/internal/types" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) // TC-0137: 正常ALLOW func TestSetUserPerms_Allow(t *testing.T) { ctx := ctxhelper.SuperAdminCtx() svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) conn := testutil.GetTestSqlConn() username := testutil.UniqueId() userId := insertTestUser(t, ctx, username, testutil.HashPassword("pass")) t.Cleanup(func() { testutil.CleanTableByField(ctx, conn, "`sys_user_perm`", "userId", userId) testutil.CleanTable(ctx, conn, "`sys_user`", userId) }) logic := NewSetUserPermsLogic(ctx, svcCtx) err := logic.SetUserPerms(&types.SetPermsReq{ UserId: userId, Perms: []types.UserPermItem{ {PermId: 100, Effect: "ALLOW"}, {PermId: 200, Effect: "ALLOW"}, }, }) require.NoError(t, err) perms, err := svcCtx.SysUserPermModel.FindByUserId(ctx, userId) require.NoError(t, err) assert.Len(t, perms, 2) for _, p := range perms { assert.Equal(t, "ALLOW", p.Effect) } } // TC-0139: DENY权限 func TestSetUserPerms_Deny(t *testing.T) { ctx := ctxhelper.SuperAdminCtx() svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) conn := testutil.GetTestSqlConn() username := testutil.UniqueId() userId := insertTestUser(t, ctx, username, testutil.HashPassword("pass")) t.Cleanup(func() { testutil.CleanTableByField(ctx, conn, "`sys_user_perm`", "userId", userId) testutil.CleanTable(ctx, conn, "`sys_user`", userId) }) logic := NewSetUserPermsLogic(ctx, svcCtx) err := logic.SetUserPerms(&types.SetPermsReq{ UserId: userId, Perms: []types.UserPermItem{ {PermId: 100, Effect: "DENY"}, }, }) require.NoError(t, err) perms, err := svcCtx.SysUserPermModel.FindByUserId(ctx, userId) require.NoError(t, err) require.Len(t, perms, 1) assert.Equal(t, "DENY", perms[0].Effect) assert.Equal(t, int64(100), perms[0].PermId) } // TC-0138: 用户不存在 func TestSetUserPerms_UserNotFound(t *testing.T) { ctx := ctxhelper.SuperAdminCtx() svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) logic := NewSetUserPermsLogic(ctx, svcCtx) err := logic.SetUserPerms(&types.SetPermsReq{ UserId: 999999999, Perms: []types.UserPermItem{ {PermId: 1, Effect: "ALLOW"}, }, }) require.Error(t, err) var codeErr *response.CodeError require.True(t, errors.As(err, &codeErr)) assert.Equal(t, 404, codeErr.Code()) assert.Equal(t, "用户不存在", codeErr.Error()) } // TC-0140: 清空权限 func TestSetUserPerms_EmptyPerms_ClearsAll(t *testing.T) { ctx := ctxhelper.SuperAdminCtx() svcCtx := svc.NewServiceContext(testutil.GetTestConfig()) conn := testutil.GetTestSqlConn() username := testutil.UniqueId() userId := insertTestUser(t, ctx, username, testutil.HashPassword("pass")) t.Cleanup(func() { testutil.CleanTableByField(ctx, conn, "`sys_user_perm`", "userId", userId) testutil.CleanTable(ctx, conn, "`sys_user`", userId) }) logic := NewSetUserPermsLogic(ctx, svcCtx) err := logic.SetUserPerms(&types.SetPermsReq{ UserId: userId, Perms: []types.UserPermItem{ {PermId: 100, Effect: "ALLOW"}, }, }) require.NoError(t, err) err = logic.SetUserPerms(&types.SetPermsReq{ UserId: userId, Perms: []types.UserPermItem{}, }) require.NoError(t, err) perms, err := svcCtx.SysUserPermModel.FindByUserId(ctx, userId) require.NoError(t, err) assert.Empty(t, perms) }