OptimusX
/
OneAuth
mirror of https://github.com/veypi/OneAuth.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

refactor(tests): Restructure test scripts with better coverage

Browse Source 
- Add 00_none_auth.sh for unauthenticated access testing
    - Replace 01_basic_auth.sh with 01_setup_users.sh for comprehensive user setup
    - Replace 02_user_permission.sh with 02_resource_perm.sh for cross-user permission tests
    - Update lib.sh to handle non-numeric code fields in response
    - Update README.md with new test structure and usage instructions
    - Update run_all.sh with new test sequence
master
veypi 1 week ago
parent 95cdcd557c
commit 1f380587a9
8 changed files with 389 additions and 243 deletions
Show Stats Download Patch File Download Diff File

67
scripts/tests/00_none_auth.sh
Unescape Escape View File

@ -0,0 +1,67 @@
#!/bin/bash
#
# 未登录访问测试
# 测试内容:验证受保护接口在未登录状态下拒绝访问
#
set -e
# 加载公共库
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/lib.sh"
test_start "未登录访问测试 (None Auth)"
# 检查服务
check_service
# 定义要测试的受保护接口列表
# 格式: "METHOD PATH [BODY]"
PROTECTED_ENDPOINTS=(
"GET /api/auth/me"
"POST /api/auth/logout {}"
"GET /api/users"
"POST /api/users {}"
"GET /api/orgs"
"POST /api/orgs {}"
"GET /api/roles"
"POST /api/roles {}"
"GET /api/settings"
"GET /api/oauth/clients"
"GET /api/oauth/providers"
)
# 遍历测试
for endpoint in "${PROTECTED_ENDPOINTS[@]}"; do
read -r method path body <<< "$endpoint"
step "测试 $method $path (未登录)"
if [ "$method" == "GET" ]; then
RES=$(api_get "$path" "")
elif [ "$method" == "POST" ]; then
RES=$(api_post "$path" "${body:-{}}" "")
elif [ "$method" == "PATCH" ]; then
RES=$(api_patch "$path" "${body:-{}}" "")
elif [ "$method" == "DELETE" ]; then
RES=$(api_delete "$path" "")
fi
# 提取状态码
# 注意Vigo 框架可能返回 HTTP 401 或 JSON code 40100
# check_http_code 默认提取 JSON 中的 code
code=$(echo "$RES" | jq -r '.code // 200')
# 允许 401 (Standard HTTP) 或 40100 (Vigo Unauthorized)
if [[ "$code" == "401" || "$code" == "40100" ]]; then
success "访问被拒绝 (Code: $code)"
else
error "期望 401/40100, 实际: $code"
info "响应: $RES"
# 标记失败但不立即退出,以便测试所有接口?
# 这里为了严格性,还是退出吧,或者用 fail_flag
exit 1
fi
done
test_end

100
scripts/tests/01_basic_auth.sh
Unescape Escape View File

@ -1,100 +0,0 @@
#!/bin/bash
#
# 基础认证测试
# 测试内容注册、登录、修改信息、改密码、刷新token、登出
#
set -e
# 加载公共库
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/lib.sh"
# 测试配置
TEST_USER="basic_user_$TEST_TIMESTAMP"
TEST_PASS="password123"
TEST_EMAIL="$TEST_USER@test.com"
test_start "基础认证测试"
# 检查服务
check_service
# 1. 用户注册
step "1. 用户注册"
REGISTER_RES=$(register_user "$TEST_USER" "$TEST_PASS" "$TEST_EMAIL")
echo "注册响应: $REGISTER_RES"
check_http_code "$REGISTER_RES" "200" || exit 1
check_success "用户注册成功"
# 2. 用户登录
step "2. 用户登录"
LOGIN_RES=$(login_user "$TEST_USER" "$TEST_PASS")
echo "登录响应: $LOGIN_RES"
check_http_code "$LOGIN_RES" "200" || exit 1
TOKEN=$(get_token "$LOGIN_RES")
USER_ID=$(get_user_id "$LOGIN_RES")
info "Token: ${TOKEN:0:20}..."
info "User ID: $USER_ID"
check_success "用户登录成功"
# 3. 获取当前用户信息
step "3. 获取当前用户信息"
ME_RES=$(api_get "/api/auth/me" "$TOKEN")
echo "用户信息: $ME_RES"
check_http_code "$ME_RES" "200" || exit 1
check_success "获取用户信息成功"
# 4. 修改自己的信息
step "4. 修改自己的信息"
UPDATE_RES=$(api_patch "/api/users/$USER_ID" '{"nickname": "Updated Nickname"}' "$TOKEN")
echo "更新响应: $UPDATE_RES"
check_http_code "$UPDATE_RES" "200" || exit 1
NICKNAME=$(echo "$UPDATE_RES" | jq -r '.nickname')
if [ "$NICKNAME" = "Updated Nickname" ]; then
check_success "修改用户信息成功"
else
error "修改用户信息失败"
exit 1
fi
# 5. 修改密码
step "5. 修改密码"
CHANGE_PW_RES=$(api_post "/api/auth/me/change-password" \
"{\"old_password\": \"$TEST_PASS\", \"new_password\": \"newpassword123\"}" \
"$TOKEN")
echo "改密码响应: $CHANGE_PW_RES"
check_http_code "$CHANGE_PW_RES" "200" || exit 1
check_success "修改密码成功"
# 6. 使用新密码登录
step "6. 使用新密码登录"
LOGIN_NEW_RES=$(login_user "$TEST_USER" "newpassword123")
check_http_code "$LOGIN_NEW_RES" "200" || exit 1
TOKEN=$(get_token "$LOGIN_NEW_RES")
check_success "新密码登录成功"
# 7. Token 刷新
step "7. Token 刷新"
REFRESH_TOKEN=$(get_refresh_token "$LOGIN_NEW_RES")
REFRESH_RES=$(api_post "/api/auth/refresh" "{\"refresh_token\": \"$REFRESH_TOKEN\"}" "" )
echo "刷新响应: $REFRESH_RES"
check_http_code "$REFRESH_RES" "200" || exit 1
NEW_TOKEN=$(echo "$REFRESH_RES" | jq -r '.access_token')
if [ -n "$NEW_TOKEN" ] && [ "$NEW_TOKEN" != "null" ]; then
TOKEN="$NEW_TOKEN"
check_success "Token 刷新成功"
else
error "Token 刷新失败"
exit 1
fi
# 8. 用户登出
step "8. 用户登出"
LOGOUT_RES=$(api_post "/api/auth/logout" "{}" "$TOKEN")
echo "登出响应: $LOGOUT_RES"
check_http_code "$LOGOUT_RES" "200" || exit 1
check_success "用户登出成功"
test_end

148
scripts/tests/01_setup_users.sh
Unescape Escape View File

@ -0,0 +1,148 @@
#!/bin/bash
#
# 01_setup_users.sh
#
# 功能:
# 1. 初始化三个核心测试账户Admin, User1, User2
# 2. 验证基础认证功能注册、登录、信息修改、密码修改、Token刷新、登出
# 3. 确保后续测试有稳定的测试账号
#
set -e
# 加载公共库
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/lib.sh"
test_start "用户初始化与基础认证测试"
# 检查服务
check_service
# ==========================================
# 定义测试账号
# ==========================================
# 密码统一
COMMON_PASS="password123"
# 1. Admin 用户 (系统第一个注册用户自动成为Admin)
ADMIN_USER="admin_${TEST_TIMESTAMP}"
ADMIN_EMAIL="${ADMIN_USER}@test.com"
# 2. 普通用户 1
USER1_NAME="user1_${TEST_TIMESTAMP}"
USER1_EMAIL="${USER1_NAME}@test.com"
# 3. 普通用户 2
USER2_NAME="user2_${TEST_TIMESTAMP}"
USER2_EMAIL="${USER2_NAME}@test.com"
# 4. 临时用户 (用于测试改密、登出等破坏性操作)
TEMP_USER="temp_${TEST_TIMESTAMP}"
TEMP_EMAIL="${TEMP_USER}@test.com"
# ==========================================
# 1. 创建核心账户
# ==========================================
# --- Admin ---
step "1.1 注册 Admin 账户 (第一个用户)"
RES=$(register_user "$ADMIN_USER" "$COMMON_PASS" "$ADMIN_EMAIL")
check_http_code "$RES" "200"
info "Admin 注册成功: $ADMIN_USER"
# 验证 Admin 登录
RES=$(login_user "$ADMIN_USER" "$COMMON_PASS")
check_http_code "$RES" "200"
ADMIN_TOKEN=$(get_token "$RES")
check_success "Admin 登录验证成功"
# --- User1 ---
step "1.2 注册 User1 账户"
RES=$(register_user "$USER1_NAME" "$COMMON_PASS" "$USER1_EMAIL")
check_http_code "$RES" "200"
info "User1 注册成功: $USER1_NAME"
# 验证 User1 登录
RES=$(login_user "$USER1_NAME" "$COMMON_PASS")
check_http_code "$RES" "200"
USER1_TOKEN=$(get_token "$RES")
check_success "User1 登录验证成功"
# --- User2 ---
step "1.3 注册 User2 账户"
RES=$(register_user "$USER2_NAME" "$COMMON_PASS" "$USER2_EMAIL")
check_http_code "$RES" "200"
info "User2 注册成功: $USER2_NAME"
# 验证 User2 登录
RES=$(login_user "$USER2_NAME" "$COMMON_PASS")
check_http_code "$RES" "200"
check_success "User2 登录验证成功"
# ==========================================
# 2. 基础功能验证 (使用临时用户)
# ==========================================
step "2.1 注册临时用户用于功能验证"
RES=$(register_user "$TEMP_USER" "$COMMON_PASS" "$TEMP_EMAIL")
check_http_code "$RES" "200"
# 登录
RES=$(login_user "$TEMP_USER" "$COMMON_PASS")
TEMP_TOKEN=$(get_token "$RES")
TEMP_ID=$(get_user_id "$RES")
# 修改信息
step "2.2 验证修改个人信息"
RES=$(api_patch "/api/users/$TEMP_ID" '{"nickname": "Temp Nick"}' "$TEMP_TOKEN")
check_http_code "$RES" "200"
check_success "修改信息成功"
# 修改密码
step "2.3 验证修改密码"
NEW_PASS="newpass123"
RES=$(api_post "/api/auth/me/change-password" \
"{\"old_password\": \"$COMMON_PASS\", \"new_password\": \"$NEW_PASS\"}" \
"$TEMP_TOKEN")
check_http_code "$RES" "200"
check_success "密码修改成功"
# 旧密码登录失败验证
step "2.4 验证旧密码登录失败"
RES=$(login_user "$TEMP_USER" "$COMMON_PASS")
code=$(echo "$RES" | jq -r '.code // 200')
if [[ "$code" != "200" ]]; then
check_success "旧密码登录被拒绝 (预期)"
else
error "旧密码仍然可以登录!"
exit 1
fi
# 新密码登录
step "2.5 验证新密码登录"
RES=$(login_user "$TEMP_USER" "$NEW_PASS")
check_http_code "$RES" "200"
TEMP_TOKEN=$(get_token "$RES") # 更新 Token
check_success "新密码登录成功"
# Token 刷新
step "2.6 验证 Token 刷新"
REFRESH_TOKEN=$(get_refresh_token "$RES")
RES=$(api_post "/api/auth/refresh" "{\"refresh_token\": \"$REFRESH_TOKEN\"}" "")
check_http_code "$RES" "200"
NEW_ACCESS=$(echo "$RES" | jq -r '.access_token')
if [ -n "$NEW_ACCESS" ] && [ "$NEW_ACCESS" != "null" ]; then
check_success "Token 刷新成功"
else
error "Token 刷新失败"
exit 1
fi
# 登出
step "2.7 验证登出"
RES=$(api_post "/api/auth/logout" "{}" "$TEMP_TOKEN")
check_http_code "$RES" "200"
check_success "登出成功"
test_end

122
scripts/tests/02_resource_perm.sh
Unescape Escape View File

@ -0,0 +1,122 @@
#!/bin/bash
#
# 02_resource_perm.sh
#
# 功能:测试跨用户资源访问权限
# 场景:
# 1. Admin 修改任意用户资源 (Allow)
# 2. 普通用户修改自己资源 (Allow)
# 3. 普通用户修改他人资源 (Deny)
# 4. 普通用户修改 Admin 资源 (Deny)
#
set -e
# 加载公共库
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/lib.sh"
test_start "资源权限交叉验证测试"
# 检查服务
check_service
# ==========================================
# 准备环境 (登录三个账户)
# ==========================================
COMMON_PASS="password123"
ADMIN_USER="admin_${TEST_TIMESTAMP}"
USER1_NAME="user1_${TEST_TIMESTAMP}"
USER2_NAME="user2_${TEST_TIMESTAMP}"
step "0. 登录测试账户"
# Admin Login
RES=$(login_user "$ADMIN_USER" "$COMMON_PASS")
check_http_code "$RES" "200"
ADMIN_TOKEN=$(get_token "$RES")
ADMIN_ID=$(get_user_id "$RES")
info "Admin ID: $ADMIN_ID"
# User1 Login
RES=$(login_user "$USER1_NAME" "$COMMON_PASS")
check_http_code "$RES" "200"
USER1_TOKEN=$(get_token "$RES")
USER1_ID=$(get_user_id "$RES")
info "User1 ID: $USER1_ID"
# User2 Login
RES=$(login_user "$USER2_NAME" "$COMMON_PASS")
check_http_code "$RES" "200"
USER2_TOKEN=$(get_token "$RES")
USER2_ID=$(get_user_id "$RES")
info "User2 ID: $USER2_ID"
# ==========================================
# 测试用例
# ==========================================
# Case 1: Admin 修改 User1 (应成功)
step "1. Admin 修改 User1 信息 (预期: 成功)"
RES=$(api_patch "/api/users/$USER1_ID" '{"nickname": "Edited By Admin"}' "$ADMIN_TOKEN")
check_http_code "$RES" "200"
NICK=$(echo "$RES" | jq -r '.nickname')
if [ "$NICK" == "Edited By Admin" ]; then
check_success "Admin 修改 User1 成功"
else
error "Admin 修改失败, nickname=$NICK"
exit 1
fi
# Case 2: User1 修改 User1 (应成功)
step "2. User1 修改自己信息 (预期: 成功)"
RES=$(api_patch "/api/users/$USER1_ID" '{"nickname": "Edited By Self"}' "$USER1_TOKEN")
check_http_code "$RES" "200"
NICK=$(echo "$RES" | jq -r '.nickname')
if [ "$NICK" == "Edited By Self" ]; then
check_success "User1 修改自己成功"
else
error "User1 修改自己失败, nickname=$NICK"
exit 1
fi
# Case 3: User1 修改 User2 (应失败)
step "3. User1 修改 User2 信息 (预期: 失败 403/404)"
RES=$(api_patch "/api/users/$USER2_ID" '{"nickname": "Hacked By User1"}' "$USER1_TOKEN")
# Vigo 可能返回 403 Forbidden 或 404 NotFound (如果做了隔离)
code=$(echo "$RES" | jq -r '.code // 200')
if [[ "$code" == "403"* ]] || [[ "$code" == "404"* ]] || [[ "$code" == "401"* ]]; then
check_success "User1 修改 User2 被拒绝 (Code: $code)"
else
error "User1 竟然修改了 User2 ! Code: $code"
info "Response: $RES"
exit 1
fi
# Case 4: User1 修改 Admin (应失败)
step "4. User1 修改 Admin 信息 (预期: 失败 403/404)"
RES=$(api_patch "/api/users/$ADMIN_ID" '{"nickname": "Hacked By User1"}' "$USER1_TOKEN")
code=$(echo "$RES" | jq -r '.code // 200')
if [[ "$code" == "403"* ]] || [[ "$code" == "404"* ]] || [[ "$code" == "401"* ]]; then
check_success "User1 修改 Admin 被拒绝 (Code: $code)"
else
error "User1 竟然修改了 Admin ! Code: $code"
info "Response: $RES"
exit 1
fi
# Case 5: User2 修改 User1 (应失败)
step "5. User2 修改 User1 信息 (预期: 失败 403/404)"
RES=$(api_patch "/api/users/$USER1_ID" '{"nickname": "Hacked By User2"}' "$USER2_TOKEN")
code=$(echo "$RES" | jq -r '.code // 200')
if [[ "$code" == "403"* ]] || [[ "$code" == "404"* ]] || [[ "$code" == "401"* ]]; then
check_success "User2 修改 User1 被拒绝 (Code: $code)"
else
error "User2 竟然修改了 User1 ! Code: $code"
info "Response: $RES"
exit 1
fi
test_end

84
scripts/tests/02_user_permission.sh
Unescape Escape View File

@ -1,84 +0,0 @@
#!/bin/bash
#
# 用户权限测试
# 测试内容:
# - 第一个用户注册为 admin
# - 第二个用户注册为 user
# - user 可以修改自己的信息
# - user 不能修改 admin 的信息
#
set -e
# 加载公共库
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/lib.sh"
# 测试用户
ADMIN_USER="admin_user_$TEST_TIMESTAMP"
ADMIN_PASS="admin123"
ADMIN_EMAIL="$ADMIN_USER@test.com"
NORMAL_USER="normal_user_$TEST_TIMESTAMP"
NORMAL_PASS="user123"
NORMAL_EMAIL="$NORMAL_USER@test.com"
test_start "用户权限测试"
# 检查服务
check_service
# 1. 第一个用户注册 (admin)
step "1. 第一个用户注册 (自动成为 admin)"
ADMIN_REG=$(register_user "$ADMIN_USER" "$ADMIN_PASS" "$ADMIN_EMAIL")
echo "Admin 注册响应: $ADMIN_REG"
check_http_code "$ADMIN_REG" "200"
ADMIN_LOGIN=$(login_user "$ADMIN_USER" "$ADMIN_PASS")
ADMIN_TOKEN=$(get_token "$ADMIN_LOGIN")
ADMIN_ID=$(get_user_id "$ADMIN_LOGIN")
info "Admin ID: $ADMIN_ID"
check_success "Admin 注册并登录成功"
# 2. 第二个用户注册 (user)
step "2. 第二个用户注册 (普通 user)"
USER_REG=$(register_user "$NORMAL_USER" "$NORMAL_PASS" "$NORMAL_EMAIL")
echo "User 注册响应: $USER_REG"
check_http_code "$USER_REG" "200"
USER_LOGIN=$(login_user "$NORMAL_USER" "$NORMAL_PASS")
USER_TOKEN=$(get_token "$USER_LOGIN")
USER_ID=$(get_user_id "$USER_LOGIN")
info "User ID: $USER_ID"
check_success "普通用户注册并登录成功"
# 3. user 可以修改自己的信息
step "3. user 可以修改自己的信息"
USER_UPDATE=$(api_patch "/api/users/$USER_ID" '{"nickname": "My Nickname"}' "$USER_TOKEN")
echo "修改自己响应: $USER_UPDATE"
check_http_code "$USER_UPDATE" "200"
check_success "user 可以修改自己的信息"
# 4. user 不能修改 admin 的信息
step "4. user 不能修改 admin 的信息 (应该返回 403)"
ADMIN_UPDATE_BY_USER=$(api_patch "/api/users/$ADMIN_ID" '{"nickname": "Hacked"}' "$USER_TOKEN") || true
echo "尝试修改 admin 响应: $ADMIN_UPDATE_BY_USER"
if echo "$ADMIN_UPDATE_BY_USER" | grep -q '"code":403' || echo "$ADMIN_UPDATE_BY_USER" | grep -q '"code":404'; then
check_success "user 不能修改 admin 的信息 (权限控制生效)"
else
error "权限控制失效"
exit 1
fi
# 5. admin 可以修改任意用户的信息
step "5. admin 可以修改任意用户的信息"
USER_UPDATE_BY_ADMIN=$(api_patch "/api/users/$USER_ID" '{"nickname": "Updated By Admin"}' "$ADMIN_TOKEN")
echo "Admin 修改 user 响应: $USER_UPDATE_BY_ADMIN"
check_http_code "$USER_UPDATE_BY_ADMIN" "200"
NICKNAME=$(echo "$USER_UPDATE_BY_ADMIN" | jq -r '.nickname')
if [ "$NICKNAME" == "Updated By Admin" ]; then
check_success "admin 可以修改任意用户的信息"
else
error "admin 修改失败"
exit 1
fi
test_end

94
scripts/tests/README.md
Unescape Escape View File

@ -8,8 +8,9 @@
scripts/tests/
├── README.md # 本说明文件
├── lib.sh # 公共函数库
├── 01_basic_auth.sh # 基础认证测试
├── 02_user_permission.sh # 用户权限测试
├── 00_none_auth.sh # 未登录访问测试
├── 01_setup_users.sh # 用户初始化与基础认证
├── 02_resource_perm.sh # 资源权限交叉测试
├── 03_org_permission.sh # 组织权限测试
└── run_all.sh # 运行所有测试
```
@ -19,60 +20,44 @@ scripts/tests/
1. 服务必须已启动:
```bash
go run cli/main.go -db.type=sqlite -db.dsn /tmp/vb.sqlite -p 4000
rm /tmp/vb.sqlite && go run cli/main.go -db.type=sqlite -db.dsn /tmp/vb.sqlite -p 4000
```
2. 数据库已初始化(如需要可以删除旧数据库):
2. 手动查询后端接口列表
```bash
rm /tmp/vb.sqlite
curl -sSf http://localhost:4000/_api.json
```
3. 依赖工具:
- `curl`
- `jq` (JSON 解析)
## 测试脚本说明
### lib.sh
公共函数库,包含:
### 00_none_auth.sh
- `check_success()` / `check_fail()` - 检查结果
- `check_http_code()` - 检查 HTTP 状态码
- `register_user()` - 注册用户
- `login_user()` - 登录用户
- `api_get()` / `api_post()` / `api_patch()` / `api_delete()` - API 请求封装
- `create_org()` - 创建组织
- `update_org()` - 更新组织
- `add_org_member()` - 添加组织成员
**测试内容**:未登录状态下访问受保护接口
- 验证 API 是否正确拦截未携带 Token 的请求
- 覆盖 Users, Orgs, Roles, Settings 等核心模块
### 01_basic_auth.sh
### 01_setup_users.sh
**测试内容**:基础认证流程
**测试内容**:用户初始化与基础功能验证
- 注册三个核心账户Admin, User1, User2
- 验证注册与登录流程
- 使用临时账户验证:
- 修改个人信息
- 修改密码(验证旧密码失效、新密码生效)
- Token 刷新
- 用户登出
- 用户注册
- 用户登录
- 获取当前用户信息
- 修改自己的用户信息
- 修改密码
- Token 刷新
- 用户登出
### 02_resource_perm.sh
### 02_user_permission.sh
**测试内容**:用户级权限控制
- 第一个用户注册(自动成为 admin
- 第二个用户注册(普通 user
- user 可以修改自己的信息
- user **不能**修改 admin 的信息
- admin 可以修改任意用户信息
**测试内容**:跨用户资源访问权限验证
- 场景 1: Admin 修改任意用户信息 (允许)
- 场景 2: User1 修改自己信息 (允许)
- 场景 3: User1 修改 User2 信息 (禁止)
- 场景 4: User1 修改 Admin 信息 (禁止)
- 场景 5: User2 修改 User1 信息 (禁止)
### 03_org_permission.sh
**测试内容**:组织权限控制
- admin 创建组织
- user 不能修改他人创建的组织
- admin 邀请 user 加入组织
@ -82,33 +67,30 @@ scripts/tests/
### run_all.sh
**功能**:运行所有测试
- 按顺序执行所有测试脚本
- 遇到错误时停止
- 输出测试摘要
- 统一时间戳避免冲突
- 统一时间戳 `TEST_TIMESTAMP`,确保跨脚本的用户数据一致性
## 使用方法
### 运行单个测试
### 运行所有测试 (推荐)
```bash
# 基础认证测试
cd scripts/tests
bash 01_basic_auth.sh
# 用户权限测试
bash 02_user_permission.sh
# 组织权限测试
bash 03_org_permission.sh
bash run_all.sh
```
### 运行所有测试
### 运行单个测试
```bash
cd scripts/tests
bash run_all.sh
# 必须先设置时间戳以避免冲突 (可选)
export TEST_TIMESTAMP=$(date +%s)
# 运行特定测试
bash 00_none_auth.sh
bash 01_setup_users.sh
bash 02_resource_perm.sh
```
## 测试环境变量
@ -122,4 +104,4 @@ bash run_all.sh
1. 测试脚本会创建真实数据,建议在测试数据库上运行
2. 测试失败时会立即退出(`set -e`
3. 每次运行使用不同的时间戳,避免用户名冲突
3. `run_all.sh` 会自动导出 `TEST_TIMESTAMP`,手动运行单个脚本时建议手动设置,否则每次运行都会生成新用户。

12
scripts/tests/lib.sh
Unescape Escape View File

@ -75,7 +75,17 @@ check_http_code() {
code="200"
else
# 提取 code 字段,如果不存在则认为是 200
code=$(echo "$response" | jq -r '.code // 200')
local json_code
json_code=$(echo "$response" | jq -r '.code // empty')
if [ -z "$json_code" ] || [ "$json_code" = "empty" ]; then
code="200"
elif [[ "$json_code" =~ ^[0-9]+$ ]]; then
code="$json_code"
else
# code 字段存在但不是数字(可能是业务字段,如 org.code视为成功 200
code="200"
fi
fi
if [ "$code" = "$expected" ]; then

5
scripts/tests/run_all.sh
Unescape Escape View File

@ -27,8 +27,9 @@ echo ""
# 测试脚本列表
TESTS=(
"01_basic_auth.sh:基础认证测试"
"02_user_permission.sh:用户权限测试"
"00_none_auth.sh:未登录访问测试"
"01_setup_users.sh:用户初始化与基础认证测试"
"02_resource_perm.sh:资源权限交叉验证测试"
"03_org_permission.sh:组织权限测试"
)

Write Preview
Loading…
Cancel
Save