diff --git a/backend/src/test/java/com/xly/test4/module/usr/controller/UserControllerIT.java b/backend/src/test/java/com/xly/test4/module/usr/controller/UserControllerIT.java index ef867ad..5ed47b2 100644 --- a/backend/src/test/java/com/xly/test4/module/usr/controller/UserControllerIT.java +++ b/backend/src/test/java/com/xly/test4/module/usr/controller/UserControllerIT.java @@ -8,6 +8,9 @@ import com.xly.test4.module.usr.entity.User; import com.xly.test4.module.usr.mapper.UserMapper; import com.xly.test4.module.usr.mapper.UserPermissionMapper; import com.xly.test4.support.TestJwtFactory; +import org.junit.jupiter.api.MethodOrderer; +import org.junit.jupiter.api.Order; +import org.junit.jupiter.api.TestMethodOrder; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; @@ -25,6 +28,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers. @SpringBootTest @AutoConfigureMockMvc +@TestMethodOrder(MethodOrderer.OrderAnnotation.class) class UserControllerIT { @Autowired @@ -49,17 +53,23 @@ class UserControllerIT { return "Bearer " + TestJwtFactory.adminToken(tokenProvider, admin.getIIncrement()); } - @Test - void createUser_validRequestWithAdminToken_returns200WithUserIdAndUserCode() throws Exception { + private UserCreateDTO validDTO(String code, String name) { UserCreateDTO dto = new UserCreateDTO(); - dto.setUserCode("U-IT-001"); - dto.setUserName("it-user-001"); + dto.setUserCode(code); + dto.setUserName(name); dto.setEmployeeId(null); dto.setUserType("NORMAL"); dto.setLanguage("zh-CN"); dto.setCanEditDoc(false); dto.setPassword("Pass1234"); dto.setPermissionIds(List.of()); + return dto; + } + + @Test + @Order(1) + void createUser_validRequestWithAdminToken_returns200WithUserIdAndUserCode() throws Exception { + UserCreateDTO dto = validDTO("U-IT-001", "it-user-001"); mockMvc.perform(post("/api/usr/user") .header(HttpHeaders.AUTHORIZATION, adminBearer()) @@ -80,4 +90,87 @@ class UserControllerIT { assertThat(created.getSPasswordHash()).startsWith("$2").hasSize(60); assertThat(created.getSPasswordHash()).isNotEqualTo("Pass1234"); } + + @Test + @Order(2) + void createUser_duplicateUserName_returns40002() throws Exception { + UserCreateDTO dto = validDTO("U-IT-DUP-NAME", "it-user-001"); + // userName=it-user-001 已被 Order(1) 写入 → 40002 + mockMvc.perform(post("/api/usr/user") + .header(HttpHeaders.AUTHORIZATION, adminBearer()) + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(dto))) + .andExpect(jsonPath("$.code").value(40002)); + } + + @Test + @Order(3) + void createUser_duplicateUserCode_returns40003() throws Exception { + UserCreateDTO dto = validDTO("U-IT-001", "it-user-dup-code"); + // userCode=U-IT-001 已被 Order(1) 写入 → 40003 + mockMvc.perform(post("/api/usr/user") + .header(HttpHeaders.AUTHORIZATION, adminBearer()) + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(dto))) + .andExpect(jsonPath("$.code").value(40003)); + } + + @Test + @Order(4) + void createUser_invalidEmployeeId_returns40004() throws Exception { + UserCreateDTO dto = validDTO("U-IT-EMP", "it-user-emp"); + dto.setEmployeeId(99999); + mockMvc.perform(post("/api/usr/user") + .header(HttpHeaders.AUTHORIZATION, adminBearer()) + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(dto))) + .andExpect(jsonPath("$.code").value(40004)); + } + + @Test + @Order(5) + void createUser_invalidPermissionIds_returns40005() throws Exception { + UserCreateDTO dto = validDTO("U-IT-PERM", "it-user-perm"); + dto.setPermissionIds(List.of(99999)); + mockMvc.perform(post("/api/usr/user") + .header(HttpHeaders.AUTHORIZATION, adminBearer()) + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(dto))) + .andExpect(jsonPath("$.code").value(40005)); + } + + @Test + @Order(6) + void createUser_missingUserName_returns40001() throws Exception { + UserCreateDTO dto = validDTO("U-IT-MISSING", null); + mockMvc.perform(post("/api/usr/user") + .header(HttpHeaders.AUTHORIZATION, adminBearer()) + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(dto))) + .andExpect(jsonPath("$.code").value(40001)); + } + + @Test + @Order(7) + void createUser_normalUserToken_returns40301() throws Exception { + UserCreateDTO dto = validDTO("U-IT-NORMAL", "it-user-normal"); + String normalToken = TestJwtFactory.normalUserToken(tokenProvider, 999, "alice"); + mockMvc.perform(post("/api/usr/user") + .header(HttpHeaders.AUTHORIZATION, "Bearer " + normalToken) + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(dto))) + .andExpect(status().isForbidden()) + .andExpect(jsonPath("$.code").value(40301)); + } + + @Test + @Order(8) + void createUser_noAuthHeader_returns40101() throws Exception { + UserCreateDTO dto = validDTO("U-IT-NOAUTH", "it-user-noauth"); + mockMvc.perform(post("/api/usr/user") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(dto))) + .andExpect(status().isUnauthorized()) + .andExpect(jsonPath("$.code").value(40101)); + } }