Startseite Erkunden Hilfe
Anmelden
weiym
/
perms-system-server
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: 62aafd53b1
Branches Tags
perms-system...
/
internal
/
logic
/
auth
/
checkManageAccessPrefetch_audit_test.go

checkManageAccessPrefetch_audit_test.go 7.1 KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153 
  1. package auth
    2. 

  2. 

  3. import (
    4. 

  4. 	"context"
    5. 

  5. 	"math"
    6. 

  6. 	"testing"
    7. 

  7. 

  8. 	"perms-system-server/internal/consts"
    9. 

  9. 	"perms-system-server/internal/loaders"
    10. 

  10. 	"perms-system-server/internal/middleware"
    11. 

  11. 	deptModel "perms-system-server/internal/model/dept"
    12. 

  12. 	productmemberModel "perms-system-server/internal/model/productmember"
    13. 

  13. 	userModel "perms-system-server/internal/model/user"
    14. 

  14. 	"perms-system-server/internal/testutil/mocks"
    15. 

  15. 

  16. 	"github.com/stretchr/testify/assert"
    17. 

  17. 	"go.uber.org/mock/gomock"
    18. 

  18. )
    19. 

  19. 

  20. // ---------------------------------------------------------------------------
    21. 

  21. // 覆盖目标:审计第 6 轮 M-5 修复回归 —— CheckManageAccess(WithPrefetchedTarget(...))
    22. 

  22. // 允许调用方透传已经 FindOne 到的 target,避免单次请求内重复 FindOne(targetUserId)。
    23. 

  23. //
    24. 

  24. // 修复前:UpdateUserStatus / UpdateUser 一次请求会先做 ValidateStatusChange 里的 FindOne,
    25. 

  25. // 紧接着 checkDeptHierarchy 里又 FindOne 一次,DB/缓存都白打一次 RTT。
    26. 

  26. //
    27. 

  27. // 修复后的契约:
    28. 

  28. //   * Option 与参数一致(target.Id == targetUserId)时,FindOne 必须被跳过;
    29. 

  29. //   * 不一致时 option 失效(defensive ignore),checkDeptHierarchy 回退到原有 FindOne 路径。
    30. 

  30. // ---------------------------------------------------------------------------
    31. 

  31. 

  32. func buildMemberCallerCtx() context.Context {
    33. 

  33. 	caller := &loaders.UserDetails{
    34. 

  34. 		UserId:        1,
    35. 

  35. 		Username:      "op",
    36. 

  36. 		IsSuperAdmin:  false,
    37. 

  37. 		MemberType:    consts.MemberTypeMember,
    38. 

  38. 		Status:        consts.StatusEnabled,
    39. 

  39. 		ProductCode:   "pc_m5",
    40. 

  40. 		DeptId:        100,
    41. 

  41. 		DeptPath:      "/100/",
    42. 

  42. 		MinPermsLevel: 50,
    43. 

  43. 	}
    44. 

  44. 	return middleware.WithUserDetails(context.Background(), caller)
    45. 

  45. }
    46. 

  46. 

  47. // TC-0860: 透传的 prefetched.Id 与 targetUserId 一致 → SysUserModel.FindOne 必须一次都不被调用。
    48. 

  48. func TestCheckManageAccess_PrefetchedTarget_SkipsFindOne(t *testing.T) {
    49. 

  49. 	ctrl := gomock.NewController(t)
    50. 

  50. 	t.Cleanup(ctrl.Finish)
    51. 

  51. 

  52. 	userMock := mocks.NewMockSysUserModel(ctrl)
    53. 

  53. 	// 关键断言:FindOne 次数为 0。gomock 默认不允许未声明的调用;省略 EXPECT 即相当于 0 次。
    54. 

  54. 	deptMock := mocks.NewMockSysDeptModel(ctrl)
    55. 

  55. 	pmMock := mocks.NewMockSysProductMemberModel(ctrl)
    56. 

  56. 	roleMock := mocks.NewMockSysRoleModel(ctrl)
    57. 

  57. 

  58. 	// 目标用户所在部门的 Path 需满足 HasPrefix caller.DeptPath="/100/"
    59. 

  59. 	deptMock.EXPECT().FindOne(gomock.Any(), int64(101)).
    60. 

  60. 		Return(&deptModel.SysDept{Id: 101, Path: "/100/101/"}, nil)
    61. 

  61. 

  62. 	// 目标产品成员存在,MemberType=MEMBER 与 caller 同级 → 走 permsLevel 比较分支。
    63. 

  63. 	pmMock.EXPECT().FindOneByProductCodeUserId(gomock.Any(), "pc_m5", int64(42)).
    64. 

  64. 		Return(&productmemberModel.SysProductMember{MemberType: consts.MemberTypeMember}, nil)
    65. 

  65. 

  66. 	// 目标的 permsLevel 高于 caller(数值更大 → 权限更低),校验放行。
    67. 

  67. 	roleMock.EXPECT().FindMinPermsLevelByUserIdAndProductCode(gomock.Any(), int64(42), "pc_m5").
    68. 

  68. 		Return(int64(100), nil)
    69. 

  69. 	// 审计 H-2:checkPermLevel 现在会对 caller 也做一次 DB fresh read。
    70. 

  70. 	// caller.UserId=1,permsLevel=50(比 target=100 严格高权)→ 放行。
    71. 

  71. 	roleMock.EXPECT().FindMinPermsLevelByUserIdAndProductCode(gomock.Any(), int64(1), "pc_m5").
    72. 

  72. 		Return(int64(50), nil)
    73. 

  73. 

  74. 	svcCtx := mocks.NewMockServiceContext(mocks.MockModels{
    75. 

  75. 		User: userMock, Dept: deptMock, ProductMember: pmMock, Role: roleMock,
    76. 

  76. 	})
    77. 

  77. 

  78. 	prefetched := &userModel.SysUser{Id: 42, DeptId: 101}
    79. 

  79. 	err := CheckManageAccess(buildMemberCallerCtx(), svcCtx, 42, "pc_m5", WithPrefetchedTarget(prefetched))
    80. 

  80. 	assert.NoError(t, err,
    81. 

  81. 		"M-5:prefetched 与 targetUserId 一致且业务级校验全部通过时应放行")
    82. 

  82. 	// ctrl.Finish() 里会自动校验 userMock.FindOne 调用次数为 0(未显式 EXPECT),
    83. 

  83. 	// 若源码回退到 FindOne 路径测试会抛 "unexpected call to FindOne" 直接 FAIL。
    84. 

  84. }
    85. 

  85. 

  86. // TC-0861: 透传的 prefetched.Id 与 targetUserId 不一致 → option 被 defensive 忽略,
    87. 

  87. // 必须真实调用 SysUserModel.FindOne(ctx, targetUserId) 一次。
    88. 

  88. // 这是一条 "调用方把错 id 传进来时不能被当做合法 prefetched" 的安全断言:
    89. 

  89. // 如果源码直接信任 prefetched 而不校验 Id,就会出现 "用 A 的 userDetails 去放行对 B 的管理"。
    90. 

  90. func TestCheckManageAccess_PrefetchedIdMismatch_IgnoredAndFallsBackToFindOne(t *testing.T) {
    91. 

  91. 	ctrl := gomock.NewController(t)
    92. 

  92. 	t.Cleanup(ctrl.Finish)
    93. 

  93. 

  94. 	userMock := mocks.NewMockSysUserModel(ctrl)
    95. 

  95. 	deptMock := mocks.NewMockSysDeptModel(ctrl)
    96. 

  96. 	pmMock := mocks.NewMockSysProductMemberModel(ctrl)
    97. 

  97. 	roleMock := mocks.NewMockSysRoleModel(ctrl)
    98. 

  98. 

  99. 	// 关键断言:FindOne(targetUserId=42) 必须真实被调用一次,说明 prefetched 没被盲信。
    100. 

  100. 	// 我们返回的真实对象 DeptId=101(与乱传的 prefetched 一致),好让流程继续走通。
    101. 

  101. 	userMock.EXPECT().FindOne(gomock.Any(), int64(42)).
    102. 

  102. 		Return(&userModel.SysUser{Id: 42, DeptId: 101}, nil).Times(1)
    103. 

  103. 

  104. 	deptMock.EXPECT().FindOne(gomock.Any(), int64(101)).
    105. 

  105. 		Return(&deptModel.SysDept{Id: 101, Path: "/100/101/"}, nil)
    106. 

  106. 	pmMock.EXPECT().FindOneByProductCodeUserId(gomock.Any(), "pc_m5", int64(42)).
    107. 

  107. 		Return(&productmemberModel.SysProductMember{MemberType: consts.MemberTypeMember}, nil)
    108. 

  108. 	roleMock.EXPECT().FindMinPermsLevelByUserIdAndProductCode(gomock.Any(), int64(42), "pc_m5").
    109. 

  109. 		Return(int64(100), nil)
    110. 

  110. 	// 审计 H-2:caller 侧 fresh read 仍需要。
    111. 

  111. 	roleMock.EXPECT().FindMinPermsLevelByUserIdAndProductCode(gomock.Any(), int64(1), "pc_m5").
    112. 

  112. 		Return(int64(50), nil)
    113. 

  113. 

  114. 	svcCtx := mocks.NewMockServiceContext(mocks.MockModels{
    115. 

  115. 		User: userMock, Dept: deptMock, ProductMember: pmMock, Role: roleMock,
    116. 

  116. 	})
    117. 

  117. 

  118. 	// 故意传 Id=999,与 targetUserId=42 不一致。
    119. 

  119. 	wrong := &userModel.SysUser{Id: 999, DeptId: 101}
    120. 

  120. 	err := CheckManageAccess(buildMemberCallerCtx(), svcCtx, 42, "pc_m5", WithPrefetchedTarget(wrong))
    121. 

  121. 	assert.NoError(t, err,
    122. 

  122. 		"M-5:prefetched.Id 不匹配时回退 FindOne 后,本场景仍应通过业务级校验")
    123. 

  123. }
    124. 

  124. 

  125. // 正向防御:prefetched 为 nil 时也不应 panic,且必须走 FindOne 一次(不传 option 的等价路径)。
    126. 

  126. func TestCheckManageAccess_NilPrefetched_FallsBackToFindOne(t *testing.T) {
    127. 

  127. 	ctrl := gomock.NewController(t)
    128. 

  128. 	t.Cleanup(ctrl.Finish)
    129. 

  129. 

  130. 	userMock := mocks.NewMockSysUserModel(ctrl)
    131. 

  131. 	deptMock := mocks.NewMockSysDeptModel(ctrl)
    132. 

  132. 	pmMock := mocks.NewMockSysProductMemberModel(ctrl)
    133. 

  133. 	roleMock := mocks.NewMockSysRoleModel(ctrl)
    134. 

  134. 

  135. 	userMock.EXPECT().FindOne(gomock.Any(), int64(42)).
    136. 

  136. 		Return(&userModel.SysUser{Id: 42, DeptId: 101}, nil).Times(1)
    137. 

  137. 	deptMock.EXPECT().FindOne(gomock.Any(), int64(101)).
    138. 

  138. 		Return(&deptModel.SysDept{Id: 101, Path: "/100/101/"}, nil)
    139. 

  139. 	pmMock.EXPECT().FindOneByProductCodeUserId(gomock.Any(), "pc_m5", int64(42)).
    140. 

  140. 		Return(&productmemberModel.SysProductMember{MemberType: consts.MemberTypeMember}, nil)
    141. 

  141. 	roleMock.EXPECT().FindMinPermsLevelByUserIdAndProductCode(gomock.Any(), int64(42), "pc_m5").
    142. 

  142. 		Return(int64(math.MaxInt64), nil)
    143. 

  143. 	// 审计 H-2:caller 侧 fresh read。
    144. 

  144. 	roleMock.EXPECT().FindMinPermsLevelByUserIdAndProductCode(gomock.Any(), int64(1), "pc_m5").
    145. 

  145. 		Return(int64(50), nil)
    146. 

  146. 

  147. 	svcCtx := mocks.NewMockServiceContext(mocks.MockModels{
    148. 

  148. 		User: userMock, Dept: deptMock, ProductMember: pmMock, Role: roleMock,
    149. 

  149. 	})
    150. 

  150. 

  151. 	err := CheckManageAccess(buildMemberCallerCtx(), svcCtx, 42, "pc_m5", WithPrefetchedTarget(nil))
    152. 

  152. 	assert.NoError(t, err)
    153. 

  153. }
    154.