From e1342b63a06d7387310b9d2347bdf112bdd7ced0 Mon Sep 17 00:00:00 2001
From: zichun <zhuzichunhogan@gmail.com>
Date: Wed, 29 Apr 2026 17:51:39 +0800
Subject: [PATCH] test(mod): module update integration coverage REQ-MOD-002

---
 backend/src/test/java/com/xly/erp/module/mod/controller/ModuleControllerIT.java | 94 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 94 insertions(+), 0 deletions(-)

diff --git a/backend/src/test/java/com/xly/erp/module/mod/controller/ModuleControllerIT.java b/backend/src/test/java/com/xly/erp/module/mod/controller/ModuleControllerIT.java
index b4f94d1..3ac3f96 100644
--- a/backend/src/test/java/com/xly/erp/module/mod/controller/ModuleControllerIT.java
+++ b/backend/src/test/java/com/xly/erp/module/mod/controller/ModuleControllerIT.java
@@ -193,6 +193,100 @@ class ModuleControllerIT {
         assertThat(row.get("sCreatedBy")).isEqualTo("ORIG_USER");
     }
 
+    @Test
+    void putNonExistentId_returns40400() throws Exception {
+        String token = testJwtHelper.signFor("ADMIN001");
+        HttpHeaders headers = jsonHeaders();
+        headers.set("Authorization", "Bearer " + token);
+
+        ResponseEntity<String> resp = rest.exchange(
+                idUrl(99999998), HttpMethod.PUT, new HttpEntity<>(updateBody(), headers), String.class);
+
+        JsonNode jb = objectMapper.readTree(resp.getBody());
+        assertThat(jb.get("code").asInt()).isEqualTo(40400);
+    }
+
+    @Test
+    void putInvalidDisplayType_returns40010() throws Exception {
+        Integer id = insertOriginal("sp_test_put_invalidtype", "原", "ORIG");
+        String token = testJwtHelper.signFor("ADMIN001");
+        HttpHeaders headers = jsonHeaders();
+        headers.set("Authorization", "Bearer " + token);
+        Map<String, Object> body = updateBody();
+        body.put("sDisplayType", "火星");
+
+        ResponseEntity<String> resp = rest.exchange(
+                idUrl(id), HttpMethod.PUT, new HttpEntity<>(body, headers), String.class);
+
+        assertThat(objectMapper.readTree(resp.getBody()).get("code").asInt()).isEqualTo(40010);
+    }
+
+    @Test
+    void putSelfParent_returns40021() throws Exception {
+        Integer id = insertOriginal("sp_test_put_self", "原", "ORIG");
+        String token = testJwtHelper.signFor("ADMIN001");
+        HttpHeaders headers = jsonHeaders();
+        headers.set("Authorization", "Bearer " + token);
+        Map<String, Object> body = updateBody();
+        body.put("iParentId", id);
+
+        ResponseEntity<String> resp = rest.exchange(
+                idUrl(id), HttpMethod.PUT, new HttpEntity<>(body, headers), String.class);
+
+        assertThat(objectMapper.readTree(resp.getBody()).get("code").asInt()).isEqualTo(40021);
+    }
+
+    @Test
+    void putCyclicParent_returns40021() throws Exception {
+        Integer rootId = insertOriginal("sp_test_put_root", "根", "ORIG");
+        jdbcTemplate.update(
+                "INSERT INTO tModule (sBrandsId, sSubsidiaryId, tCreateDate, sDisplayType, sProcedureName, "
+                        + "sModuleType, sManageDeptEn, bShowPermission, sModuleNameZh, iParentId, iSortOrder, sCreatedBy, bDeleted) "
+                        + "VALUES ('XLY','XLY', NOW(), '手机端', 'sp_test_put_child', '业务模块', 'IT', 0, '子', ?, 0, 'ORIG', 0)",
+                rootId);
+        Integer childId = jdbcTemplate.queryForObject(
+                "SELECT iIncrement FROM tModule WHERE sProcedureName = 'sp_test_put_child'", Integer.class);
+
+        String token = testJwtHelper.signFor("ADMIN001");
+        HttpHeaders headers = jsonHeaders();
+        headers.set("Authorization", "Bearer " + token);
+        Map<String, Object> body = updateBody();
+        body.put("iParentId", childId);
+
+        ResponseEntity<String> resp = rest.exchange(
+                idUrl(rootId), HttpMethod.PUT, new HttpEntity<>(body, headers), String.class);
+
+        assertThat(objectMapper.readTree(resp.getBody()).get("code").asInt()).isEqualTo(40021);
+    }
+
+    @Test
+    void putWithoutJwt_permitAllStub_returns200_andDoesNotChangeCreatedBy() throws Exception {
+        Integer id = insertOriginal("sp_test_put_nojwt", "原", "ORIG_USER");
+        HttpHeaders headers = jsonHeaders();
+        Map<String, Object> body = updateBody();
+        body.put("sModuleNameZh", "更新无jwt");
+
+        ResponseEntity<String> resp = rest.exchange(
+                idUrl(id), HttpMethod.PUT, new HttpEntity<>(body, headers), String.class);
+
+        assertThat(objectMapper.readTree(resp.getBody()).get("code").asInt()).isZero();
+        String createdBy = jdbcTemplate.queryForObject(
+                "SELECT sCreatedBy FROM tModule WHERE iIncrement = ?", String.class, id);
+        assertThat(createdBy).isEqualTo("ORIG_USER");
+    }
+
+    @Test
+    void putTamperedJwt_returns20001() throws Exception {
+        Integer id = insertOriginal("sp_test_put_tamper", "原", "ORIG");
+        HttpHeaders headers = jsonHeaders();
+        headers.set("Authorization", "Bearer not.a.real.jwt");
+
+        ResponseEntity<String> resp = rest.exchange(
+                idUrl(id), HttpMethod.PUT, new HttpEntity<>(updateBody(), headers), String.class);
+
+        assertThat(objectMapper.readTree(resp.getBody()).get("code").asInt()).isEqualTo(20001);
+    }
+
     private Integer insertOriginal(String procedureName, String nameZh, String createdBy) {
         jdbcTemplate.update(
                 "INSERT INTO tModule (sBrandsId, sSubsidiaryId, tCreateDate, sDisplayType, sProcedureName, "
--
libgit2 0.22.2