diff --git a/backend/app/Controller/AuthController.php b/backend/app/Controller/api/v1/AuthController.php similarity index 98% rename from backend/app/Controller/AuthController.php rename to backend/app/Controller/api/v1/AuthController.php index 6500d87..78910ba 100644 --- a/backend/app/Controller/AuthController.php +++ b/backend/app/Controller/api/v1/AuthController.php @@ -2,8 +2,9 @@ declare(strict_types=1); -namespace App\Controller; +namespace App\Controller\Api\V1; +use App\Controller\AbstractController; use App\Model\User; use Hyperf\HttpServer\Contract\RequestInterface; use Hyperf\HttpServer\Contract\ResponseInterface; diff --git a/backend/app/Controller/api/v1/UserController.php b/backend/app/Controller/api/v1/UserController.php new file mode 100644 index 0000000..a5a32b6 --- /dev/null +++ b/backend/app/Controller/api/v1/UserController.php @@ -0,0 +1,93 @@ +request->input('page', 1)); + $per_page = min(100, max(1, (int) $this->request->input('per_page', 15))); + + $query = User::query(); + + // 按 username 模糊搜索 + $username = $this->request->input('username'); + if ($username !== null && $username !== '') { + $query->where('username', 'like', '%' . $username . '%'); + } + + // 按 email 模糊搜索 + $email = $this->request->input('email'); + if ($email !== null && $email !== '') { + $query->where('email', 'like', '%' . $email . '%'); + } + + // 按 status 精确筛选 + $status = $this->request->input('status'); + if ($status !== null && $status !== '') { + $query->where('status', (int) $status); + } + + // 按 created_at 降序排序 + $query->orderBy('created_at', 'desc'); + + $total = $query->count(); + $items = $query->offset(($page - 1) * $per_page) + ->limit($per_page) + ->get(); + + return [ + 'code' => 0, + 'message' => '获取成功', + 'data' => [ + 'items' => $items, + 'total' => $total, + 'page' => $page, + 'per_page' => $per_page, + ], + ]; + } + + /** + * 用户详情 + * + * @param int $id 用户 ID + */ + #[RequestMapping(path: "{id}", methods: "GET")] + #[Middleware(AuthMiddleware::class)] + public function show(int $id): \Psr\Http\Message\ResponseInterface|array + { + $user = User::query()->find($id); + + if (!$user) { + return $this->response->json([ + 'code' => 404, + 'message' => '用户不存在', + ])->withStatus(404); + } + + return [ + 'code' => 0, + 'message' => '获取成功', + 'data' => $user, + ]; + } +} diff --git a/backend/app/Model/User.php b/backend/app/Model/User.php index d754d9c..4e75711 100644 --- a/backend/app/Model/User.php +++ b/backend/app/Model/User.php @@ -97,14 +97,7 @@ class User extends Model implements Authenticatable return $this->hasMany(Platform::class, 'developer_id'); } - protected function boot(): void - { - parent::boot(); - - static::deleting(function (User $user) { - $user->developedPlatforms()->update(['developer_id' => 1]); - }); - } + // @TODO 重新实现删除用户时平台归属转移逻辑(Hyperf 不支持 static::deleting 事件绑定) /** * Check if refresh token is valid. diff --git a/backend/composer.json b/backend/composer.json index 586e59b..0c77884 100644 --- a/backend/composer.json +++ b/backend/composer.json @@ -50,6 +50,7 @@ }, "autoload": { "psr-4": { + "App\\Controller\\Api\\V1\\": "app/Controller/api/v1/", "App\\": "app/" }, "files": [] diff --git a/backend/config/autoload/mq_user.php b/backend/config/autoload/mq_user.php index 75ca456..4b67f26 100644 --- a/backend/config/autoload/mq_user.php +++ b/backend/config/autoload/mq_user.php @@ -33,6 +33,10 @@ return [ 'platforms' => (static function (): array { $platforms = []; + if (env('APP_ENV', 'dev') === 'testing') { + return $platforms; + } + try { // 从数据库获取所有启用的平台 $rows = Db::table('platforms') diff --git a/backend/test/Cases/ExampleTest.php b/backend/test/Cases/ExampleTest.php index 789ff67..03e6b16 100644 --- a/backend/test/Cases/ExampleTest.php +++ b/backend/test/Cases/ExampleTest.php @@ -20,8 +20,10 @@ use Hyperf\Testing\TestCase; */ class ExampleTest extends TestCase { - public function testExample() + public function testExample(): void { - $this->get('/')->assertOk()->assertSee('Hyperf'); + $this->get('/health') + ->assertOk() + ->assertJsonPath('message', 'System status ok'); } } diff --git a/backend/test/Cases/Integration/User/UserControllerTest.php b/backend/test/Cases/Integration/User/UserControllerTest.php new file mode 100644 index 0000000..9c35bf8 --- /dev/null +++ b/backend/test/Cases/Integration/User/UserControllerTest.php @@ -0,0 +1,224 @@ +fetchUser(static function ($query): void { + $query->where('status', 1); + }); + if (!$user) { + $this->markTestSkipped('没有可用的活跃用户,无法测试'); + } + + $auth = make(AuthManager::class); + return $auth->guard('jwt')->login($user); + } + + /** + * 获取认证请求头 + */ + protected function authHeaders(): array + { + return ['Authorization' => 'Bearer ' . $this->getAuthToken()]; + } + + protected function fetchUser(?callable $callback = null): ?User + { + if (\Swoole\Coroutine::getCid() > 0) { + $query = User::query(); + if ($callback !== null) { + $callback($query); + } + + return $query->first(); + } + + $user = null; + + \Swoole\Coroutine\run(static function () use ($callback, &$user): void { + $query = User::query(); + if ($callback !== null) { + $callback($query); + } + + $user = $query->first(); + }); + + return $user; + } + + // ========== 列表接口测试 ========== + + public function test_list_users_returns_paginated_data(): void + { + $response = $this->get('/api/v1/users', [], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + $response->assertJsonStructure([ + 'code', + 'message', + 'data' => [ + 'items', + 'total', + 'page', + 'per_page', + ], + ]); + } + + public function test_list_users_respects_page_and_per_page(): void + { + $response = $this->get('/api/v1/users', ['page' => 1, 'per_page' => 5], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + $response->assertJsonPath('data.page', 1); + $response->assertJsonPath('data.per_page', 5); + } + + public function test_list_users_per_page_max_100(): void + { + $response = $this->get('/api/v1/users', ['per_page' => 999], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('data.per_page', 100); + } + + public function test_list_users_filter_by_username(): void + { + // 先获取一个已知用户名 + $user = $this->fetchUser(); + if (!$user) { + $this->markTestSkipped('没有用户数据'); + } + + $response = $this->get('/api/v1/users', ['username' => $user->username], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + + $body = json_decode($response->getContent(), true); + $this->assertGreaterThanOrEqual(1, $body['data']['total']); + } + + public function test_list_users_filter_by_email(): void + { + $user = $this->fetchUser(static function ($query): void { + $query->whereNotNull('email') + ->where('email', '!=', ''); + }); + if (!$user) { + $this->markTestSkipped('没有用户邮箱数据'); + } + + $response = $this->get('/api/v1/users', ['email' => $user->email], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + + $body = json_decode($response->getContent(), true); + $this->assertGreaterThanOrEqual(1, $body['data']['total']); + } + + public function test_list_users_filter_by_status(): void + { + $response = $this->get('/api/v1/users', ['status' => 1], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + + $body = json_decode($response->getContent(), true); + foreach ($body['data']['items'] as $item) { + $this->assertSame(1, $item['status']); + } + } + + public function test_list_users_does_not_expose_password(): void + { + $response = $this->get('/api/v1/users', [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + + if (!empty($body['data']['items'])) { + $first_item = $body['data']['items'][0]; + $this->assertArrayNotHasKey('password', $first_item); + $this->assertArrayNotHasKey('refresh_token', $first_item); + } + } + + // ========== 详情接口测试 ========== + + public function test_show_user_returns_user_data(): void + { + $user = $this->fetchUser(); + if (!$user) { + $this->markTestSkipped('没有用户数据'); + } + + $response = $this->get('/api/v1/users/' . $user->id, [], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + $response->assertJsonPath('data.id', $user->id); + $response->assertJsonPath('data.username', $user->username); + } + + public function test_show_user_does_not_expose_password(): void + { + $user = $this->fetchUser(); + if (!$user) { + $this->markTestSkipped('没有用户数据'); + } + + $response = $this->get('/api/v1/users/' . $user->id, [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + $this->assertArrayNotHasKey('password', $body['data']); + $this->assertArrayNotHasKey('refresh_token', $body['data']); + } + + public function test_show_user_not_found_returns_404(): void + { + $response = $this->get('/api/v1/users/999999', [], $this->authHeaders()); + + $response->assertStatus(404); + $response->assertJsonPath('code', 404); + } + + // ========== 认证拦截测试 ========== + + public function test_list_users_without_token_returns_401(): void + { + $response = $this->get('/api/v1/users'); + + $response->assertStatus(401); + } + + public function test_show_user_without_token_returns_401(): void + { + $response = $this->get('/api/v1/users/1'); + + $response->assertStatus(401); + } +} diff --git a/backend/test/TestCase.php b/backend/test/TestCase.php new file mode 100644 index 0000000..06baad8 --- /dev/null +++ b/backend/test/TestCase.php @@ -0,0 +1,83 @@ +middlewaresSorted) { + $this->sortAllRegisteredMiddlewares(); + $this->middlewaresSorted = true; + } + + if (\Swoole\Coroutine::getCid() > 0) { + return $this->createTestResponse( + $client->{$method}(...$args) + ); + } + + $response = null; + $exception = null; + + \Swoole\Coroutine\run(function () use ($client, $method, $args, &$response, &$exception): void { + try { + $response = $this->createTestResponse( + $client->{$method}(...$args) + ); + } catch (\Throwable $throwable) { + $exception = $throwable; + } + }); + + if ($exception !== null) { + throw $exception; + } + + if ($response === null) { + throw new \RuntimeException('Test response not initialized.'); + } + + return $response; + } + + /** + * 将所有已注册的 PriorityMiddleware 对象转为字符串类名 + */ + private function sortAllRegisteredMiddlewares(): void + { + $reflection = new \ReflectionClass(MiddlewareManager::class); + $prop = $reflection->getProperty('container'); + $prop->setAccessible(true); + $container = $prop->getValue(); + + foreach ($container as $server => $paths) { + foreach ($paths as $path => $methods) { + foreach ($methods as $method => $middlewares) { + $container[$server][$path][$method] = MiddlewareManager::sortMiddlewares($middlewares); + } + } + } + + $prop->setValue(null, $container); + } +}