ether-docs/04-TESTING/api/auth/test-auth.sh

298 lines
10 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
BASE_URL="http://localhost:8080/api"
TOKEN=""
PASS_COUNT=0
FAIL_COUNT=0
TOTAL_COUNT=0
assert_eq() {
local actual="$1"
local expected="$2"
local name="$3"
TOTAL_COUNT=$((TOTAL_COUNT + 1))
if [ "$actual" = "$expected" ]; then
echo " PASS: $name"
PASS_COUNT=$((PASS_COUNT + 1))
else
echo " FAIL: $name (expected=$expected, actual=$actual)"
FAIL_COUNT=$((FAIL_COUNT + 1))
fi
}
assert_contains() {
local haystack="$1"
local needle="$2"
local name="$3"
TOTAL_COUNT=$((TOTAL_COUNT + 1))
if echo "$haystack" | grep -q "$needle"; then
echo " PASS: $name"
PASS_COUNT=$((PASS_COUNT + 1))
else
echo " FAIL: $name (expected to contain: $needle)"
FAIL_COUNT=$((FAIL_COUNT + 1))
fi
}
assert_not_contains() {
local haystack="$1"
local needle="$2"
local name="$3"
TOTAL_COUNT=$((TOTAL_COUNT + 1))
if echo "$haystack" | grep -q "$needle"; then
echo " FAIL: $name (expected NOT to contain: $needle)"
FAIL_COUNT=$((FAIL_COUNT + 1))
else
echo " PASS: $name"
PASS_COUNT=$((PASS_COUNT + 1))
fi
}
login() {
echo "=== 登录获取Token ==="
local response=$(curl -s -X POST "$BASE_URL/auth/login" \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"admin123"}')
TOKEN=$(echo "$response" | grep -o '"token":"[^"]*"' | cut -d'"' -f4)
if [ -z "$TOKEN" ]; then
echo "FATAL: 登录失败无法获取Token"
echo "Response: $response"
exit 1
fi
echo "Token获取成功"
}
test_login_success() {
echo "--- TC-AUTH-001: 用户登录-正常 ---"
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"admin123"}')
local status=$(echo "$response" | tail -n 1)
local body=$(echo "$response" | head -n -1)
assert_eq "$status" "200" "TC-AUTH-001: 登录返回200"
assert_contains "$body" '"token"' "TC-AUTH-001: 响应包含token"
assert_contains "$body" '"userId"' "TC-AUTH-001: 响应包含userId"
assert_contains "$body" '"roles"' "TC-AUTH-001: 响应包含roles"
}
test_login_wrong_password() {
echo "--- TC-AUTH-002: 用户登录-密码错误 ---"
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"wrongpassword"}')
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "401" "TC-AUTH-002: 错误密码返回401"
}
test_login_lockout() {
echo "--- TC-AUTH-003: 用户登录-锁定机制 ---"
local test_user="lockout_test_$$"
curl -s -X POST "$BASE_URL/auth/users" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d "{\"username\":\"$test_user\",\"password\":\"Test@1234\",\"userType\":\"ENTERPRISE\"}" > /dev/null 2>&1
for i in $(seq 1 5); do
curl -s -X POST "$BASE_URL/auth/login" \
-H "Content-Type: application/json" \
-d "{\"username\":\"$test_user\",\"password\":\"wrong$i\"}" > /dev/null 2>&1
done
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
-H "Content-Type: application/json" \
-d "{\"username\":\"$test_user\",\"password\":\"Test@1234\"}")
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "401" "TC-AUTH-003: 5次失败后账户锁定"
}
test_get_current_user() {
echo "--- TC-AUTH-005: 获取当前用户 ---"
local response=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/auth/me" \
-H "Authorization: Bearer $TOKEN")
local status=$(echo "$response" | tail -n 1)
local body=$(echo "$response" | head -n -1)
assert_eq "$status" "200" "TC-AUTH-005: 获取当前用户返回200"
assert_contains "$body" '"username"' "TC-AUTH-005: 响应包含username"
}
test_refresh_token() {
echo "--- TC-AUTH-004: Token刷新 ---"
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/refresh" \
-H "Authorization: Bearer $TOKEN")
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "200" "TC-AUTH-004: Token刷新返回200"
}
test_logout() {
echo "--- TC-AUTH-006: 用户登出 ---"
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/logout" \
-H "Authorization: Bearer $TOKEN")
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "200" "TC-AUTH-006: 登出返回200"
}
test_create_user() {
echo "--- TC-AUTH-007: 创建用户 ---"
local username="testuser_$$"
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/users" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d "{\"username\":\"$username\",\"password\":\"Test@1234\",\"userType\":\"ENTERPRISE\",\"realName\":\"Test User\"}")
local status=$(echo "$response" | tail -n 1)
local body=$(echo "$response" | head -n -1)
assert_eq "$status" "201" "TC-AUTH-007: 创建用户返回201"
CREATED_USER_ID=$(echo "$body" | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4)
}
test_list_users() {
echo "--- TC-AUTH-008: 查询用户列表 ---"
local response=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/auth/users?page=0&size=10" \
-H "Authorization: Bearer $TOKEN")
local status=$(echo "$response" | tail -n 1)
local body=$(echo "$response" | head -n -1)
assert_eq "$status" "200" "TC-AUTH-008: 查询用户列表返回200"
assert_contains "$body" '"content"' "TC-AUTH-008: 响应包含content"
}
test_update_user() {
echo "--- TC-AUTH-009: 更新用户 ---"
if [ -z "$CREATED_USER_ID" ]; then
echo " SKIP: TC-AUTH-009 (无用户ID)"
return
fi
local response=$(curl -s -w "\n%{http_code}" -X PUT "$BASE_URL/auth/users/$CREATED_USER_ID" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d '{"realName":"Updated Name","phone":"13800138000"}')
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "200" "TC-AUTH-009: 更新用户返回200"
}
test_delete_user() {
echo "--- TC-AUTH-010: 删除用户 ---"
if [ -z "$CREATED_USER_ID" ]; then
echo " SKIP: TC-AUTH-010 (无用户ID)"
return
fi
local response=$(curl -s -w "\n%{http_code}" -X DELETE "$BASE_URL/auth/users/$CREATED_USER_ID" \
-H "Authorization: Bearer $TOKEN")
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "200" "TC-AUTH-010: 删除用户返回200"
}
test_weak_password_rejected() {
echo "--- TC-AUTH-012: 弱密码拒绝 ---"
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/users" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d '{"username":"weakpwd_$$_test","password":"123456","userType":"ENTERPRISE"}')
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "400" "TC-AUTH-012: 弱密码返回400"
}
test_create_role() {
echo "--- TC-AUTH-013: 创建角色 ---"
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/roles" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d "{\"code\":\"TEST_ROLE_$$\",\"name\":\"Test Role\",\"type\":\"SYSTEM\"}")
local status=$(echo "$response" | tail -n 1)
local body=$(echo "$response" | head -n -1)
assert_eq "$status" "201" "TC-AUTH-013: 创建角色返回201"
CREATED_ROLE_ID=$(echo "$body" | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4)
}
test_assign_role_permissions() {
echo "--- TC-AUTH-014: 角色权限分配 ---"
if [ -z "$CREATED_ROLE_ID" ]; then
echo " SKIP: TC-AUTH-014 (无角色ID)"
return
fi
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/roles/$CREATED_ROLE_ID/permissions" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d '{"permissionIds":[]}')
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "200" "TC-AUTH-014: 角色权限分配返回200"
}
test_create_permission() {
echo "--- TC-AUTH-015: 创建权限 ---"
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/permissions" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d "{\"code\":\"test:resource:action_$$\",\"name\":\"Test Permission\",\"type\":\"API\"}")
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "201" "TC-AUTH-015: 创建权限返回201"
}
test_dept_tree() {
echo "--- TC-AUTH-016: 部门树查询 ---"
local response=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/auth/depts/tree" \
-H "Authorization: Bearer $TOKEN")
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "200" "TC-AUTH-016: 部门树查询返回200"
}
test_audit_log_query() {
echo "--- TC-AUTH-020: 审计日志查询 ---"
local response=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/auth/audit-logs?page=0&size=10" \
-H "Authorization: Bearer $TOKEN")
local status=$(echo "$response" | tail -n 1)
assert_eq "$status" "200" "TC-AUTH-020: 审计日志查询返回200"
}
cleanup() {
echo "=== 清理测试数据 ==="
if [ -n "$CREATED_ROLE_ID" ]; then
curl -s -X DELETE "$BASE_URL/auth/roles/$CREATED_ROLE_ID" \
-H "Authorization: Bearer $TOKEN" > /dev/null 2>&1
fi
}
print_summary() {
echo ""
echo "=========================================="
echo " Auth Domain API Test Summary"
echo "=========================================="
echo " Total: $TOTAL_COUNT"
echo " Passed: $PASS_COUNT"
echo " Failed: $FAIL_COUNT"
if [ "$TOTAL_COUNT" -gt 0 ]; then
local rate=$(echo "scale=1; $PASS_COUNT * 100 / $TOTAL_COUNT" | bc)
echo " Rate: ${rate}%"
fi
echo "=========================================="
if [ "$FAIL_COUNT" -gt 0 ]; then
return 1
fi
return 0
}
CREATED_USER_ID=""
CREATED_ROLE_ID=""
echo "=========================================="
echo " Ether PMS - Auth Domain API Tests"
echo "=========================================="
echo ""
login
test_login_success
test_login_wrong_password
test_login_lockout
test_get_current_user
test_refresh_token
test_create_user
test_list_users
test_update_user
test_weak_password_rejected
test_create_role
test_assign_role_permissions
test_create_permission
test_dept_tree
test_delete_user
test_audit_log_query
test_logout
cleanup
print_summary