#!/bin/bash # # 03_org_ops.sh # # 功能:测试组织相关操作,验证 LoadOrg 中间件及权限 # set -e # 加载公共库 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/lib.sh" test_start "组织操作与 LoadOrg 测试" # 检查服务 check_service # ========================================== # 准备环境 # ========================================== COMMON_PASS="password123" # 使用一个新的后缀以避免冲突 TEST_SUFFIX="$(date +%s)_org" USER1_NAME="u1_${TEST_SUFFIX}" USER2_NAME="u2_${TEST_SUFFIX}" # 注册用户 step "1. 注册测试用户" RES=$(register_user "$USER1_NAME" "$COMMON_PASS" "${USER1_NAME}@test.com") check_http_code "$RES" "200" USER1_TOKEN=$(get_token "$RES") USER1_ID=$(get_user_id "$RES") RES=$(register_user "$USER2_NAME" "$COMMON_PASS" "${USER2_NAME}@test.com") check_http_code "$RES" "200" USER2_TOKEN=$(get_token "$RES") USER2_ID=$(get_user_id "$RES") # ========================================== # 测试用例 # ========================================== # 1. 创建组织 step "2. User1 创建组织" ORG_CODE="org_${TEST_SUFFIX}" RES=$(api_post "/api/orgs" "{\"name\": \"Test Org\", \"code\": \"$ORG_CODE\", \"description\": \"Test Desc\"}" "$USER1_TOKEN") check_http_code "$RES" "200" ORG_ID=$(echo "$RES" | jq -r '.id') info "Org ID: $ORG_ID" if [ -z "$ORG_ID" ] || [ "$ORG_ID" == "null" ]; then error "创建组织失败" exit 1 fi # 2. 获取组织详情 (测试 LoadOrg + Perm) step "3. User1 获取组织详情 (预期: 成功)" RES=$(api_get "/api/orgs/$ORG_ID" "$USER1_TOKEN") check_http_code "$RES" "200" NAME=$(echo "$RES" | jq -r '.name') if [ "$NAME" == "Test Org" ]; then check_success "获取组织详情成功" else error "获取组织详情失败, name=$NAME" fi # 3. 更新组织 (测试 LoadOrg + Perm update) step "4. User1 更新组织 (预期: 成功)" RES=$(api_patch "/api/orgs/$ORG_ID" "{\"name\": \"Updated Org\"}" "$USER1_TOKEN") check_http_code "$RES" "200" NAME=$(echo "$RES" | jq -r '.name') if [ "$NAME" == "Updated Org" ]; then check_success "更新组织成功" else error "更新组织失败, name=$NAME" fi # 4. User2 获取组织详情 (预期: 失败/403 - 不是成员) # LoadOrg checks membership. User2 is not a member. step "5. User2 获取组织详情 (预期: 失败 403 Forbidden)" RES=$(api_get "/api/orgs/$ORG_ID" "$USER2_TOKEN") code=$(echo "$RES" | jq -r '.code // 200') if [[ "$code" == "403"* ]]; then check_success "User2 访问被拒绝 (Code: $code)" else error "User2 竟然访问成功了! Code: $code" info "Response: $RES" fi # 5. User1 添加 User2 为成员 step "6. User1 添加 User2 为成员" RES=$(api_post "/api/orgs/$ORG_ID/members" "{\"user_id\": \"$USER2_ID\", \"role_codes\": [\"member\"]}" "$USER1_TOKEN") check_http_code "$RES" "200" check_success "添加成员成功" # 6. User2 获取组织详情 (预期: 成功 - 现已是成员) step "7. User2 (成员) 获取组织详情 (预期: 成功)" RES=$(api_get "/api/orgs/$ORG_ID" "$USER2_TOKEN") check_http_code "$RES" "200" NAME=$(echo "$RES" | jq -r '.name') if [ "$NAME" == "Updated Org" ]; then check_success "User2 获取组织详情成功" else error "User2 获取组织详情失败" fi test_end