298 lines
10 KiB
Bash
Executable File
298 lines
10 KiB
Bash
Executable File
#!/bin/bash
|
||
BASE_URL="http://localhost:8080/api"
|
||
TOKEN=""
|
||
PASS_COUNT=0
|
||
FAIL_COUNT=0
|
||
TOTAL_COUNT=0
|
||
|
||
assert_eq() {
|
||
local actual="$1"
|
||
local expected="$2"
|
||
local name="$3"
|
||
TOTAL_COUNT=$((TOTAL_COUNT + 1))
|
||
if [ "$actual" = "$expected" ]; then
|
||
echo " PASS: $name"
|
||
PASS_COUNT=$((PASS_COUNT + 1))
|
||
else
|
||
echo " FAIL: $name (expected=$expected, actual=$actual)"
|
||
FAIL_COUNT=$((FAIL_COUNT + 1))
|
||
fi
|
||
}
|
||
|
||
assert_contains() {
|
||
local haystack="$1"
|
||
local needle="$2"
|
||
local name="$3"
|
||
TOTAL_COUNT=$((TOTAL_COUNT + 1))
|
||
if echo "$haystack" | grep -q "$needle"; then
|
||
echo " PASS: $name"
|
||
PASS_COUNT=$((PASS_COUNT + 1))
|
||
else
|
||
echo " FAIL: $name (expected to contain: $needle)"
|
||
FAIL_COUNT=$((FAIL_COUNT + 1))
|
||
fi
|
||
}
|
||
|
||
assert_not_contains() {
|
||
local haystack="$1"
|
||
local needle="$2"
|
||
local name="$3"
|
||
TOTAL_COUNT=$((TOTAL_COUNT + 1))
|
||
if echo "$haystack" | grep -q "$needle"; then
|
||
echo " FAIL: $name (expected NOT to contain: $needle)"
|
||
FAIL_COUNT=$((FAIL_COUNT + 1))
|
||
else
|
||
echo " PASS: $name"
|
||
PASS_COUNT=$((PASS_COUNT + 1))
|
||
fi
|
||
}
|
||
|
||
login() {
|
||
echo "=== 登录获取Token ==="
|
||
local response=$(curl -s -X POST "$BASE_URL/auth/login" \
|
||
-H "Content-Type: application/json" \
|
||
-d '{"username":"admin","password":"admin123"}')
|
||
TOKEN=$(echo "$response" | grep -o '"token":"[^"]*"' | cut -d'"' -f4)
|
||
if [ -z "$TOKEN" ]; then
|
||
echo "FATAL: 登录失败,无法获取Token"
|
||
echo "Response: $response"
|
||
exit 1
|
||
fi
|
||
echo "Token获取成功"
|
||
}
|
||
|
||
test_login_success() {
|
||
echo "--- TC-AUTH-001: 用户登录-正常 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
|
||
-H "Content-Type: application/json" \
|
||
-d '{"username":"admin","password":"admin123"}')
|
||
local status=$(echo "$response" | tail -n 1)
|
||
local body=$(echo "$response" | head -n -1)
|
||
assert_eq "$status" "200" "TC-AUTH-001: 登录返回200"
|
||
assert_contains "$body" '"token"' "TC-AUTH-001: 响应包含token"
|
||
assert_contains "$body" '"userId"' "TC-AUTH-001: 响应包含userId"
|
||
assert_contains "$body" '"roles"' "TC-AUTH-001: 响应包含roles"
|
||
}
|
||
|
||
test_login_wrong_password() {
|
||
echo "--- TC-AUTH-002: 用户登录-密码错误 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
|
||
-H "Content-Type: application/json" \
|
||
-d '{"username":"admin","password":"wrongpassword"}')
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "401" "TC-AUTH-002: 错误密码返回401"
|
||
}
|
||
|
||
test_login_lockout() {
|
||
echo "--- TC-AUTH-003: 用户登录-锁定机制 ---"
|
||
local test_user="lockout_test_$$"
|
||
curl -s -X POST "$BASE_URL/auth/users" \
|
||
-H "Content-Type: application/json" \
|
||
-H "Authorization: Bearer $TOKEN" \
|
||
-d "{\"username\":\"$test_user\",\"password\":\"Test@1234\",\"userType\":\"ENTERPRISE\"}" > /dev/null 2>&1
|
||
for i in $(seq 1 5); do
|
||
curl -s -X POST "$BASE_URL/auth/login" \
|
||
-H "Content-Type: application/json" \
|
||
-d "{\"username\":\"$test_user\",\"password\":\"wrong$i\"}" > /dev/null 2>&1
|
||
done
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
|
||
-H "Content-Type: application/json" \
|
||
-d "{\"username\":\"$test_user\",\"password\":\"Test@1234\"}")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "401" "TC-AUTH-003: 5次失败后账户锁定"
|
||
}
|
||
|
||
test_get_current_user() {
|
||
echo "--- TC-AUTH-005: 获取当前用户 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/auth/me" \
|
||
-H "Authorization: Bearer $TOKEN")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
local body=$(echo "$response" | head -n -1)
|
||
assert_eq "$status" "200" "TC-AUTH-005: 获取当前用户返回200"
|
||
assert_contains "$body" '"username"' "TC-AUTH-005: 响应包含username"
|
||
}
|
||
|
||
test_refresh_token() {
|
||
echo "--- TC-AUTH-004: Token刷新 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/refresh" \
|
||
-H "Authorization: Bearer $TOKEN")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "200" "TC-AUTH-004: Token刷新返回200"
|
||
}
|
||
|
||
test_logout() {
|
||
echo "--- TC-AUTH-006: 用户登出 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/logout" \
|
||
-H "Authorization: Bearer $TOKEN")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "200" "TC-AUTH-006: 登出返回200"
|
||
}
|
||
|
||
test_create_user() {
|
||
echo "--- TC-AUTH-007: 创建用户 ---"
|
||
local username="testuser_$$"
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/users" \
|
||
-H "Content-Type: application/json" \
|
||
-H "Authorization: Bearer $TOKEN" \
|
||
-d "{\"username\":\"$username\",\"password\":\"Test@1234\",\"userType\":\"ENTERPRISE\",\"realName\":\"Test User\"}")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
local body=$(echo "$response" | head -n -1)
|
||
assert_eq "$status" "201" "TC-AUTH-007: 创建用户返回201"
|
||
CREATED_USER_ID=$(echo "$body" | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4)
|
||
}
|
||
|
||
test_list_users() {
|
||
echo "--- TC-AUTH-008: 查询用户列表 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/auth/users?page=0&size=10" \
|
||
-H "Authorization: Bearer $TOKEN")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
local body=$(echo "$response" | head -n -1)
|
||
assert_eq "$status" "200" "TC-AUTH-008: 查询用户列表返回200"
|
||
assert_contains "$body" '"content"' "TC-AUTH-008: 响应包含content"
|
||
}
|
||
|
||
test_update_user() {
|
||
echo "--- TC-AUTH-009: 更新用户 ---"
|
||
if [ -z "$CREATED_USER_ID" ]; then
|
||
echo " SKIP: TC-AUTH-009 (无用户ID)"
|
||
return
|
||
fi
|
||
local response=$(curl -s -w "\n%{http_code}" -X PUT "$BASE_URL/auth/users/$CREATED_USER_ID" \
|
||
-H "Content-Type: application/json" \
|
||
-H "Authorization: Bearer $TOKEN" \
|
||
-d '{"realName":"Updated Name","phone":"13800138000"}')
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "200" "TC-AUTH-009: 更新用户返回200"
|
||
}
|
||
|
||
test_delete_user() {
|
||
echo "--- TC-AUTH-010: 删除用户 ---"
|
||
if [ -z "$CREATED_USER_ID" ]; then
|
||
echo " SKIP: TC-AUTH-010 (无用户ID)"
|
||
return
|
||
fi
|
||
local response=$(curl -s -w "\n%{http_code}" -X DELETE "$BASE_URL/auth/users/$CREATED_USER_ID" \
|
||
-H "Authorization: Bearer $TOKEN")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "200" "TC-AUTH-010: 删除用户返回200"
|
||
}
|
||
|
||
test_weak_password_rejected() {
|
||
echo "--- TC-AUTH-012: 弱密码拒绝 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/users" \
|
||
-H "Content-Type: application/json" \
|
||
-H "Authorization: Bearer $TOKEN" \
|
||
-d '{"username":"weakpwd_$$_test","password":"123456","userType":"ENTERPRISE"}')
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "400" "TC-AUTH-012: 弱密码返回400"
|
||
}
|
||
|
||
test_create_role() {
|
||
echo "--- TC-AUTH-013: 创建角色 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/roles" \
|
||
-H "Content-Type: application/json" \
|
||
-H "Authorization: Bearer $TOKEN" \
|
||
-d "{\"code\":\"TEST_ROLE_$$\",\"name\":\"Test Role\",\"type\":\"SYSTEM\"}")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
local body=$(echo "$response" | head -n -1)
|
||
assert_eq "$status" "201" "TC-AUTH-013: 创建角色返回201"
|
||
CREATED_ROLE_ID=$(echo "$body" | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4)
|
||
}
|
||
|
||
test_assign_role_permissions() {
|
||
echo "--- TC-AUTH-014: 角色权限分配 ---"
|
||
if [ -z "$CREATED_ROLE_ID" ]; then
|
||
echo " SKIP: TC-AUTH-014 (无角色ID)"
|
||
return
|
||
fi
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/roles/$CREATED_ROLE_ID/permissions" \
|
||
-H "Content-Type: application/json" \
|
||
-H "Authorization: Bearer $TOKEN" \
|
||
-d '{"permissionIds":[]}')
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "200" "TC-AUTH-014: 角色权限分配返回200"
|
||
}
|
||
|
||
test_create_permission() {
|
||
echo "--- TC-AUTH-015: 创建权限 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/permissions" \
|
||
-H "Content-Type: application/json" \
|
||
-H "Authorization: Bearer $TOKEN" \
|
||
-d "{\"code\":\"test:resource:action_$$\",\"name\":\"Test Permission\",\"type\":\"API\"}")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "201" "TC-AUTH-015: 创建权限返回201"
|
||
}
|
||
|
||
test_dept_tree() {
|
||
echo "--- TC-AUTH-016: 部门树查询 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/auth/depts/tree" \
|
||
-H "Authorization: Bearer $TOKEN")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "200" "TC-AUTH-016: 部门树查询返回200"
|
||
}
|
||
|
||
test_audit_log_query() {
|
||
echo "--- TC-AUTH-020: 审计日志查询 ---"
|
||
local response=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/auth/audit-logs?page=0&size=10" \
|
||
-H "Authorization: Bearer $TOKEN")
|
||
local status=$(echo "$response" | tail -n 1)
|
||
assert_eq "$status" "200" "TC-AUTH-020: 审计日志查询返回200"
|
||
}
|
||
|
||
cleanup() {
|
||
echo "=== 清理测试数据 ==="
|
||
if [ -n "$CREATED_ROLE_ID" ]; then
|
||
curl -s -X DELETE "$BASE_URL/auth/roles/$CREATED_ROLE_ID" \
|
||
-H "Authorization: Bearer $TOKEN" > /dev/null 2>&1
|
||
fi
|
||
}
|
||
|
||
print_summary() {
|
||
echo ""
|
||
echo "=========================================="
|
||
echo " Auth Domain API Test Summary"
|
||
echo "=========================================="
|
||
echo " Total: $TOTAL_COUNT"
|
||
echo " Passed: $PASS_COUNT"
|
||
echo " Failed: $FAIL_COUNT"
|
||
if [ "$TOTAL_COUNT" -gt 0 ]; then
|
||
local rate=$(echo "scale=1; $PASS_COUNT * 100 / $TOTAL_COUNT" | bc)
|
||
echo " Rate: ${rate}%"
|
||
fi
|
||
echo "=========================================="
|
||
if [ "$FAIL_COUNT" -gt 0 ]; then
|
||
return 1
|
||
fi
|
||
return 0
|
||
}
|
||
|
||
CREATED_USER_ID=""
|
||
CREATED_ROLE_ID=""
|
||
|
||
echo "=========================================="
|
||
echo " Ether PMS - Auth Domain API Tests"
|
||
echo "=========================================="
|
||
echo ""
|
||
|
||
login
|
||
|
||
test_login_success
|
||
test_login_wrong_password
|
||
test_login_lockout
|
||
test_get_current_user
|
||
test_refresh_token
|
||
test_create_user
|
||
test_list_users
|
||
test_update_user
|
||
test_weak_password_rejected
|
||
test_create_role
|
||
test_assign_role_permissions
|
||
test_create_permission
|
||
test_dept_tree
|
||
test_delete_user
|
||
test_audit_log_query
|
||
test_logout
|
||
|
||
cleanup
|
||
print_summary
|