132 lines
4.4 KiB
PHP
132 lines
4.4 KiB
PHP
<?php
|
|
|
|
namespace Tests\Feature;
|
|
|
|
use App\Models\User;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Spatie\Permission\Models\Permission;
|
|
use Spatie\Permission\Models\Role;
|
|
use Tests\TestCase;
|
|
|
|
class SsoApiTest extends TestCase
|
|
{
|
|
use RefreshDatabase;
|
|
|
|
public function test_user_can_login_and_get_jwt_token(): void
|
|
{
|
|
$password = 'secret123';
|
|
$user = User::factory()->create([
|
|
'email' => 'admin@example.com',
|
|
'password' => bcrypt($password),
|
|
]);
|
|
$role = Role::query()->create(['name' => 'tester', 'guard_name' => 'api']);
|
|
$permission = Permission::query()->create(['name' => 'platform.dashboard.view', 'guard_name' => 'api']);
|
|
$role->givePermissionTo($permission);
|
|
$user->assignRole($role);
|
|
|
|
$response = $this->postJson('/auth/login', [
|
|
'email' => 'admin@example.com',
|
|
'password' => $password,
|
|
]);
|
|
|
|
$response
|
|
->assertOk()
|
|
->assertJsonPath('code', 0)
|
|
->assertJsonStructure(['data' => ['token', 'type', 'expires_in']]);
|
|
}
|
|
|
|
public function test_apply_account_validates_email_and_phone_format(): void
|
|
{
|
|
$response = $this->postJson('/auth/apply-account', [
|
|
'nickname' => 'Tester',
|
|
'email' => 'bad-email',
|
|
'phone' => '12345',
|
|
'password' => 'secret123',
|
|
'password_confirmation' => 'secret123',
|
|
]);
|
|
|
|
$response
|
|
->assertStatus(422)
|
|
->assertJsonValidationErrors(['email', 'phone']);
|
|
}
|
|
|
|
public function test_apply_account_assigns_guest_role(): void
|
|
{
|
|
$response = $this->postJson('/auth/apply-account', [
|
|
'nickname' => 'Guest User',
|
|
'email' => 'guest@example.com',
|
|
'phone' => '13800138000',
|
|
'password' => 'secret123',
|
|
'password_confirmation' => 'secret123',
|
|
'application_note' => '需要访问服务器资源',
|
|
]);
|
|
|
|
$response->assertCreated();
|
|
$user = User::query()->where('email', 'guest@example.com')->firstOrFail();
|
|
|
|
$this->assertTrue($user->hasRole('guest', 'api'));
|
|
$this->assertSame('需要访问服务器资源', $user->application_note);
|
|
}
|
|
|
|
public function test_apply_account_updates_existing_guest_application_by_email_or_phone(): void
|
|
{
|
|
$guest = Role::query()->firstOrCreate(['name' => 'guest', 'guard_name' => 'api']);
|
|
$user = User::factory()->create([
|
|
'nickname' => 'Old Name',
|
|
'email' => 'old@example.com',
|
|
'phone' => '13800138001',
|
|
'application_note' => '旧备注',
|
|
]);
|
|
$user->assignRole($guest);
|
|
|
|
$response = $this->postJson('/auth/apply-account', [
|
|
'nickname' => 'New Name',
|
|
'email' => 'new@example.com',
|
|
'phone' => '13800138001',
|
|
'password' => 'newsecret',
|
|
'password_confirmation' => 'newsecret',
|
|
'application_note' => '新备注',
|
|
]);
|
|
|
|
$response
|
|
->assertOk()
|
|
->assertJsonPath('data.updated', true);
|
|
|
|
$user->refresh();
|
|
$this->assertSame('New Name', $user->nickname);
|
|
$this->assertSame('new@example.com', $user->email);
|
|
$this->assertSame('新备注', $user->application_note);
|
|
$this->assertTrue($user->hasRole('guest', 'api'));
|
|
}
|
|
|
|
public function test_apply_account_rejects_existing_non_guest_account_without_modifying_it(): void
|
|
{
|
|
$role = Role::query()->firstOrCreate(['name' => 'user', 'guard_name' => 'api']);
|
|
$user = User::factory()->create([
|
|
'nickname' => 'Opened User',
|
|
'email' => 'opened@example.com',
|
|
'phone' => '13900139000',
|
|
'application_note' => '原备注',
|
|
]);
|
|
$user->assignRole($role);
|
|
|
|
$response = $this->postJson('/auth/apply-account', [
|
|
'nickname' => 'Should Not Save',
|
|
'email' => 'opened@example.com',
|
|
'phone' => '13800138002',
|
|
'password' => 'secret123',
|
|
'password_confirmation' => 'secret123',
|
|
'application_note' => '新备注',
|
|
]);
|
|
|
|
$response
|
|
->assertStatus(422)
|
|
->assertJsonValidationErrors(['account']);
|
|
|
|
$user->refresh();
|
|
$this->assertSame('Opened User', $user->nickname);
|
|
$this->assertSame('13900139000', $user->phone);
|
|
$this->assertSame('原备注', $user->application_note);
|
|
}
|
|
}
|