diff --git a/backend/app/Controller/Api/V1/OrderController.php b/backend/app/Controller/Api/V1/OrderController.php new file mode 100644 index 0000000..1e64f3a --- /dev/null +++ b/backend/app/Controller/Api/V1/OrderController.php @@ -0,0 +1,172 @@ + 'exact', + 'platform_id' => 'exact', + 'store_id' => 'exact', + 'order_status_id' => 'exact', + 'platform_order_id' => 'exact', + 'created_date_from' => 'date_from', + 'created_date_to' => 'date_to', + 'paid_date_from' => 'date_from', + 'paid_date_to' => 'date_to', + ]; + } + + protected function getDefaultSort(): string + { + return 'created_date'; + } + + /** + * 订单列表 + */ + #[OA\Get( + path: '/orders', + summary: '订单列表', + description: '获取订单列表,支持分页、多维度筛选和时间范围筛选。返回业务字段,不含 raw/hash。', + security: [['bearerAuth' => []]], + tags: ['Orders'], + parameters: [ + new OA\Parameter(name: 'page', in: 'query', required: false, schema: new OA\Schema(type: 'integer', default: 1)), + new OA\Parameter(name: 'per_page', in: 'query', required: false, schema: new OA\Schema(type: 'integer', default: 15, maximum: 100)), + new OA\Parameter(name: 'company_id', in: 'query', required: false, description: '公司 ID 精确筛选', schema: new OA\Schema(type: 'integer')), + new OA\Parameter(name: 'platform_id', in: 'query', required: false, description: '平台 ID 精确筛选', schema: new OA\Schema(type: 'integer')), + new OA\Parameter(name: 'store_id', in: 'query', required: false, description: '店铺 ID 精确筛选', schema: new OA\Schema(type: 'integer')), + new OA\Parameter(name: 'order_status_id', in: 'query', required: false, description: '订单状态 ID 精确筛选', schema: new OA\Schema(type: 'integer')), + new OA\Parameter(name: 'platform_order_id', in: 'query', required: false, description: '平台订单 ID 精确搜索', schema: new OA\Schema(type: 'string')), + new OA\Parameter(name: 'created_date_from', in: 'query', required: false, description: '创建时间起始(含)', schema: new OA\Schema(type: 'string', format: 'date', example: '2026-01-01')), + new OA\Parameter(name: 'created_date_to', in: 'query', required: false, description: '创建时间截止(含)', schema: new OA\Schema(type: 'string', format: 'date', example: '2026-12-31')), + new OA\Parameter(name: 'paid_date_from', in: 'query', required: false, description: '付款时间起始(含)', schema: new OA\Schema(type: 'string', format: 'date', example: '2026-01-01')), + new OA\Parameter(name: 'paid_date_to', in: 'query', required: false, description: '付款时间截止(含)', schema: new OA\Schema(type: 'string', format: 'date', example: '2026-12-31')), + ], + responses: [ + new OA\Response( + response: 200, + description: '获取成功', + content: new OA\JsonContent(properties: [ + new OA\Property(property: 'code', type: 'integer', example: 0), + new OA\Property(property: 'message', type: 'string', example: '获取成功'), + new OA\Property(property: 'data', properties: [ + new OA\Property(property: 'items', type: 'array', items: new OA\Items(ref: '#/components/schemas/Order')), + new OA\Property(property: 'total', type: 'integer', example: 100), + new OA\Property(property: 'page', type: 'integer', example: 1), + new OA\Property(property: 'per_page', type: 'integer', example: 15), + ], type: 'object'), + ]) + ), + new OA\Response(response: 401, description: '未认证', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + new OA\Response(response: 403, description: '无权限', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + ] + )] + #[RequestMapping(path: "", methods: "GET")] + public function index(): ResponseInterface|array + { + return parent::index(); + } + + /** + * 订单详情(含关联订单子项) + */ + #[OA\Get( + path: '/orders/{id}', + summary: '订单详情', + description: '获取订单详情,返回所有业务字段、ext 和关联的 order_items,不含 raw/hash。', + security: [['bearerAuth' => []]], + tags: ['Orders'], + parameters: [ + new OA\Parameter(name: 'id', in: 'path', required: true, description: '订单 ID', schema: new OA\Schema(type: 'integer')), + ], + responses: [ + new OA\Response( + response: 200, + description: '获取成功', + content: new OA\JsonContent(properties: [ + new OA\Property(property: 'code', type: 'integer', example: 0), + new OA\Property(property: 'message', type: 'string', example: '获取成功'), + new OA\Property(property: 'data', type: 'object', allOf: [ + new OA\Schema(ref: '#/components/schemas/Order'), + new OA\Schema(properties: [ + new OA\Property(property: 'order_items', type: 'array', items: new OA\Items(type: 'object'), description: '关联订单子项'), + ]), + ]), + ]) + ), + new OA\Response(response: 401, description: '未认证', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + new OA\Response(response: 403, description: '无权限', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + new OA\Response(response: 404, description: '数据不存在', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + ] + )] + #[RequestMapping(path: "{id}", methods: "GET")] + public function show(int $id): ResponseInterface|array + { + $result = parent::show($id); + + // 404 响应直接返回 + if ($result instanceof ResponseInterface) { + return $result; + } + + // 追加订单子项 + $order = $result['data']; + $result['data'] = $order->toArray(); + $result['data']['order_items'] = $order->getOrderItems()->toArray(); + + return $result; + } +} diff --git a/backend/app/Controller/Api/V1/RawOrderController.php b/backend/app/Controller/Api/V1/RawOrderController.php new file mode 100644 index 0000000..923de2e --- /dev/null +++ b/backend/app/Controller/Api/V1/RawOrderController.php @@ -0,0 +1,148 @@ + []]], + tags: ['Orders (Raw)'], + parameters: [ + new OA\Parameter(name: 'page', in: 'query', required: false, schema: new OA\Schema(type: 'integer', default: 1)), + new OA\Parameter(name: 'per_page', in: 'query', required: false, schema: new OA\Schema(type: 'integer', default: 15, maximum: 100)), + new OA\Parameter(name: 'company_id', in: 'query', required: false, description: '公司 ID 精确筛选', schema: new OA\Schema(type: 'integer')), + new OA\Parameter(name: 'platform_id', in: 'query', required: false, description: '平台 ID 精确筛选', schema: new OA\Schema(type: 'integer')), + new OA\Parameter(name: 'store_id', in: 'query', required: false, description: '店铺 ID 精确筛选', schema: new OA\Schema(type: 'integer')), + new OA\Parameter(name: 'order_status_id', in: 'query', required: false, description: '订单状态 ID 精确筛选', schema: new OA\Schema(type: 'integer')), + new OA\Parameter(name: 'platform_order_id', in: 'query', required: false, description: '平台订单 ID 精确搜索', schema: new OA\Schema(type: 'string')), + new OA\Parameter(name: 'created_date_from', in: 'query', required: false, description: '创建时间起始(含)', schema: new OA\Schema(type: 'string', format: 'date')), + new OA\Parameter(name: 'created_date_to', in: 'query', required: false, description: '创建时间截止(含)', schema: new OA\Schema(type: 'string', format: 'date')), + new OA\Parameter(name: 'paid_date_from', in: 'query', required: false, description: '付款时间起始(含)', schema: new OA\Schema(type: 'string', format: 'date')), + new OA\Parameter(name: 'paid_date_to', in: 'query', required: false, description: '付款时间截止(含)', schema: new OA\Schema(type: 'string', format: 'date')), + ], + responses: [ + new OA\Response( + response: 200, + description: '获取成功', + content: new OA\JsonContent(properties: [ + new OA\Property(property: 'code', type: 'integer', example: 0), + new OA\Property(property: 'message', type: 'string', example: '获取成功'), + new OA\Property(property: 'data', properties: [ + new OA\Property(property: 'items', type: 'array', items: new OA\Items(properties: [ + new OA\Property(property: 'id', type: 'integer'), + new OA\Property(property: 'platform_order_id', type: 'string'), + new OA\Property(property: 'store_id', type: 'integer'), + new OA\Property(property: 'company_id', type: 'integer'), + new OA\Property(property: 'platform_id', type: 'integer'), + new OA\Property(property: 'order_status_id', type: 'integer'), + new OA\Property(property: 'hash', type: 'string'), + new OA\Property(property: 'created_date', type: 'string', format: 'date-time'), + new OA\Property(property: 'updated_at', type: 'string', format: 'date-time'), + ], type: 'object')), + new OA\Property(property: 'total', type: 'integer'), + new OA\Property(property: 'page', type: 'integer'), + new OA\Property(property: 'per_page', type: 'integer'), + ], type: 'object'), + ]) + ), + new OA\Response(response: 401, description: '未认证', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + new OA\Response(response: 403, description: '无权限', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + ] + )] + #[RequestMapping(path: "", methods: "GET")] + public function index(): ResponseInterface|array + { + return parent::index(); + } + + /** + * 订单详情(Raw) + * + * 跳过 OrderController 的 order_items 追加逻辑, + * 直接调用 AbstractDataController::show() + */ + #[OA\Get( + path: '/raw/orders/{id}', + summary: '订单详情(Raw)', + description: '获取订单原始数据详情。返回关键标识 + 完整 raw + hash + ext。', + security: [['bearerAuth' => []]], + tags: ['Orders (Raw)'], + parameters: [ + new OA\Parameter(name: 'id', in: 'path', required: true, description: '订单 ID', schema: new OA\Schema(type: 'integer')), + ], + responses: [ + new OA\Response( + response: 200, + description: '获取成功', + content: new OA\JsonContent(properties: [ + new OA\Property(property: 'code', type: 'integer', example: 0), + new OA\Property(property: 'message', type: 'string', example: '获取成功'), + new OA\Property(property: 'data', properties: [ + new OA\Property(property: 'id', type: 'integer'), + new OA\Property(property: 'platform_order_id', type: 'string'), + new OA\Property(property: 'store_id', type: 'integer'), + new OA\Property(property: 'company_id', type: 'integer'), + new OA\Property(property: 'platform_id', type: 'integer'), + new OA\Property(property: 'order_status_id', type: 'integer'), + new OA\Property(property: 'raw', type: 'object', description: '平台原始数据'), + new OA\Property(property: 'hash', type: 'string'), + new OA\Property(property: 'ext', type: 'object', nullable: true), + new OA\Property(property: 'created_date', type: 'string', format: 'date-time'), + ], type: 'object'), + ]) + ), + new OA\Response(response: 401, description: '未认证', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + new OA\Response(response: 403, description: '无权限', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + new OA\Response(response: 404, description: '数据不存在', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')), + ] + )] + #[RequestMapping(path: "{id}", methods: "GET")] + public function show(int $id): ResponseInterface|array + { + return AbstractDataController::show($id); + } +} diff --git a/backend/app/Model/Order.php b/backend/app/Model/Order.php index a7f33b1..ff8900e 100644 --- a/backend/app/Model/Order.php +++ b/backend/app/Model/Order.php @@ -5,6 +5,7 @@ declare(strict_types=1); namespace App\Model; use App\Model\OrderItem; +use OpenApi\Attributes as OA; /** * @property int $id 主键 @@ -35,12 +36,48 @@ use App\Model\OrderItem; * @property string $city 城市 * @property string $province 省 * @property string $country 国家 + * @property string $hash raw 字段的 MD5 哈希值 * @property string $raw 远程原始数据 * @property string $ext 扩展字段 - * @property \Carbon\Carbon $created_at - * @property \Carbon\Carbon $updated_at + * @property \Carbon\Carbon $created_at + * @property \Carbon\Carbon $updated_at * @mixin \App_Model_Order */ +#[OA\Schema( + schema: 'Order', + type: 'object', + properties: [ + new OA\Property(property: 'id', type: 'integer', example: 1), + new OA\Property(property: 'company_id', type: 'integer', example: 1), + new OA\Property(property: 'platform_id', type: 'integer', example: 2), + new OA\Property(property: 'store_id', type: 'integer', example: 100), + new OA\Property(property: 'order_status_id', type: 'integer', example: 1), + new OA\Property(property: 'platform_order_id', type: 'string', example: 'ORD-20260101-001'), + new OA\Property(property: 'buyer_user_id', type: 'string', nullable: true, example: 'buyer_123'), + new OA\Property(property: 'payment_method_id', type: 'integer', example: 1), + new OA\Property(property: 'presale', type: 'boolean', example: false), + new OA\Property(property: 'total_amount', type: 'number', format: 'decimal', example: 199.99), + new OA\Property(property: 'total_paid', type: 'number', format: 'decimal', example: 189.99), + new OA\Property(property: 'total_discount', type: 'number', format: 'decimal', example: 10.00), + new OA\Property(property: 'total_received', type: 'number', format: 'decimal', example: 189.99), + new OA\Property(property: 'freight_fee', type: 'number', format: 'decimal', example: 0.00), + new OA\Property(property: 'tax_fee', type: 'number', format: 'decimal', example: 0.00), + new OA\Property(property: 'discount_fee', type: 'number', format: 'decimal', example: 10.00), + new OA\Property(property: 'commission_fee', type: 'number', format: 'decimal', example: 5.00), + new OA\Property(property: 'coupon_amount', type: 'number', format: 'decimal', example: 0.00), + new OA\Property(property: 'voucher_amount', type: 'number', format: 'decimal', example: 0.00), + new OA\Property(property: 'order_type_id', type: 'integer', example: 1), + new OA\Property(property: 'hash', type: 'string', example: 'a1b2c3d4e5f6...'), + new OA\Property(property: 'raw', type: 'object', nullable: true, description: '平台原始数据'), + new OA\Property(property: 'ext', type: 'object', nullable: true, description: '扩展字段'), + new OA\Property(property: 'created_date', type: 'string', format: 'date-time'), + new OA\Property(property: 'updated_date', type: 'string', format: 'date-time', nullable: true), + new OA\Property(property: 'paid_date', type: 'string', format: 'date-time', nullable: true), + new OA\Property(property: 'shipping_date', type: 'string', format: 'date-time', nullable: true), + new OA\Property(property: 'created_at', type: 'string', format: 'date-time'), + new OA\Property(property: 'updated_at', type: 'string', format: 'date-time'), + ] +)] class Order extends Model { /** @@ -51,7 +88,7 @@ class Order extends Model /** * The attributes that are mass assignable. */ - protected array $fillable = ['id', 'company_id', 'platform_id', 'store_id', 'order_status_id', 'platform_order_id', 'buyer_user_id', 'payment_method_id', 'presale', 'total_amount', 'total_paid', 'total_discount', 'total_received', 'freight_fee', 'tax_fee', 'discount_fee', 'commission_fee', 'coupon_amount', 'voucher_amount', 'order_type_id', 'created_date', 'updated_date', 'paid_date', 'shipping_date', 'zipcode', 'city', 'province', 'country', 'raw', 'ext', 'created_at', 'updated_at']; + protected array $fillable = ['id', 'company_id', 'platform_id', 'store_id', 'order_status_id', 'platform_order_id', 'buyer_user_id', 'payment_method_id', 'presale', 'total_amount', 'total_paid', 'total_discount', 'total_received', 'freight_fee', 'tax_fee', 'discount_fee', 'commission_fee', 'coupon_amount', 'voucher_amount', 'order_type_id', 'created_date', 'updated_date', 'paid_date', 'shipping_date', 'zipcode', 'city', 'province', 'country', 'hash', 'raw', 'ext', 'created_at', 'updated_at']; /** * The attributes that should be cast to native types. diff --git a/backend/test/Cases/Integration/Order/OrderControllerTest.php b/backend/test/Cases/Integration/Order/OrderControllerTest.php new file mode 100644 index 0000000..5df3810 --- /dev/null +++ b/backend/test/Cases/Integration/Order/OrderControllerTest.php @@ -0,0 +1,464 @@ +fetchAdminRole(); + $user = $this->fetchUser(static function ($query) use ($admin_role): void { + $query->where('status', 1)->where('role_id', $admin_role->id); + }); + if (!$user) { + $this->markTestSkipped('没有可用的 administrator 用户'); + } + + $auth = make(AuthManager::class); + return $auth->guard('jwt')->login($user); + } + + protected function fetchAdminRole(): Role + { + if (\Swoole\Coroutine::getCid() > 0) { + return Role::query()->where('name', 'administrator')->firstOrFail(); + } + + $role = null; + \Swoole\Coroutine\run(static function () use (&$role): void { + $role = Role::query()->where('name', 'administrator')->firstOrFail(); + }); + return $role; + } + + protected function fetchUser(?callable $callback = null): ?User + { + if (\Swoole\Coroutine::getCid() > 0) { + $query = User::query(); + if ($callback !== null) { + $callback($query); + } + return $query->first(); + } + + $user = null; + \Swoole\Coroutine\run(static function () use ($callback, &$user): void { + $query = User::query(); + if ($callback !== null) { + $callback($query); + } + $user = $query->first(); + }); + return $user; + } + + protected function authHeaders(): array + { + return ['Authorization' => 'Bearer ' . $this->getAdminToken()]; + } + + protected function hasOrderData(): bool + { + if (\Swoole\Coroutine::getCid() > 0) { + return Order::query()->exists(); + } + + $exists = false; + \Swoole\Coroutine\run(static function () use (&$exists): void { + $exists = Order::query()->exists(); + }); + return $exists; + } + + protected function getFirstOrderId(): ?int + { + if (\Swoole\Coroutine::getCid() > 0) { + return Order::query()->value('id'); + } + + $id = null; + \Swoole\Coroutine\run(static function () use (&$id): void { + $id = Order::query()->value('id'); + }); + return $id; + } + + // ========== Normal 列表接口 ========== + + public function test_normal_list_returns_paginated_data(): void + { + $response = $this->get('/api/v1/orders', [], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + $response->assertJsonStructure([ + 'code', + 'message', + 'data' => [ + 'items', + 'total', + 'page', + 'per_page', + ], + ]); + } + + public function test_normal_list_respects_per_page(): void + { + $response = $this->get('/api/v1/orders', ['per_page' => 5], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('data.per_page', 5); + } + + public function test_normal_list_per_page_max_100(): void + { + $response = $this->get('/api/v1/orders', ['per_page' => 999], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('data.per_page', 100); + } + + public function test_normal_list_excludes_raw_and_hash(): void + { + if (!$this->hasOrderData()) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/orders', [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + $first_item = $body['data']['items'][0] ?? []; + + $this->assertArrayNotHasKey('raw', $first_item); + $this->assertArrayNotHasKey('hash', $first_item); + } + + public function test_normal_list_contains_expected_fields(): void + { + if (!$this->hasOrderData()) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/orders', [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + $first_item = $body['data']['items'][0]; + + $expected_keys = [ + 'id', 'company_id', 'platform_id', 'store_id', 'order_status_id', + 'platform_order_id', 'total_amount', 'total_paid', 'total_discount', + 'created_date', 'paid_date', 'shipping_date', + ]; + + foreach ($expected_keys as $key) { + $this->assertArrayHasKey($key, $first_item, "列表缺少字段: {$key}"); + } + } + + // ========== Normal 列表筛选 ========== + + public function test_normal_list_filter_by_company_id(): void + { + if (!$this->hasOrderData()) { + $this->markTestSkipped('没有订单数据'); + } + + $company_id = null; + if (\Swoole\Coroutine::getCid() > 0) { + $company_id = Order::query()->value('company_id'); + } else { + \Swoole\Coroutine\run(static function () use (&$company_id): void { + $company_id = Order::query()->value('company_id'); + }); + } + + $response = $this->get('/api/v1/orders', ['company_id' => $company_id], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + + foreach ($body['data']['items'] as $item) { + $this->assertSame($company_id, $item['company_id']); + } + } + + public function test_normal_list_filter_by_order_status_id(): void + { + if (!$this->hasOrderData()) { + $this->markTestSkipped('没有订单数据'); + } + + $status_id = null; + if (\Swoole\Coroutine::getCid() > 0) { + $status_id = Order::query()->value('order_status_id'); + } else { + \Swoole\Coroutine\run(static function () use (&$status_id): void { + $status_id = Order::query()->value('order_status_id'); + }); + } + + $response = $this->get('/api/v1/orders', ['order_status_id' => $status_id], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + + foreach ($body['data']['items'] as $item) { + $this->assertSame($status_id, $item['order_status_id']); + } + } + + public function test_normal_list_filter_by_created_date_range(): void + { + if (!$this->hasOrderData()) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/orders', [ + 'created_date_from' => '2020-01-01', + 'created_date_to' => '2099-12-31', + ], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + + // 使用足够宽的范围,应该能返回数据 + $this->assertGreaterThanOrEqual(0, $body['data']['total']); + } + + public function test_normal_list_filter_by_paid_date_range(): void + { + if (!$this->hasOrderData()) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/orders', [ + 'paid_date_from' => '2020-01-01', + 'paid_date_to' => '2099-12-31', + ], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + } + + // ========== Normal 详情接口 ========== + + public function test_normal_detail_returns_order(): void + { + $id = $this->getFirstOrderId(); + if (!$id) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/orders/' . $id, [], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + $response->assertJsonPath('data.id', $id); + } + + public function test_normal_detail_contains_order_items(): void + { + $id = $this->getFirstOrderId(); + if (!$id) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/orders/' . $id, [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + + $this->assertArrayHasKey('order_items', $body['data'], '订单详情应包含 order_items'); + $this->assertIsArray($body['data']['order_items']); + } + + public function test_normal_detail_contains_ext(): void + { + $id = $this->getFirstOrderId(); + if (!$id) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/orders/' . $id, [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + + $this->assertArrayHasKey('ext', $body['data']); + } + + public function test_normal_detail_excludes_raw_and_hash(): void + { + $id = $this->getFirstOrderId(); + if (!$id) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/orders/' . $id, [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + + $this->assertArrayNotHasKey('raw', $body['data']); + $this->assertArrayNotHasKey('hash', $body['data']); + } + + public function test_normal_detail_not_found_returns_404(): void + { + $response = $this->get('/api/v1/orders/999999999', [], $this->authHeaders()); + + $response->assertStatus(404); + $response->assertJsonPath('code', 404); + } + + // ========== Raw 列表接口 ========== + + public function test_raw_list_returns_paginated_data(): void + { + $response = $this->get('/api/v1/raw/orders', [], $this->authHeaders()); + + $response->assertStatus(200); + $response->assertJsonPath('code', 0); + $response->assertJsonStructure([ + 'code', + 'message', + 'data' => [ + 'items', + 'total', + 'page', + 'per_page', + ], + ]); + } + + public function test_raw_list_contains_hash_but_not_raw(): void + { + if (!$this->hasOrderData()) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/raw/orders', [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + $first_item = $body['data']['items'][0] ?? []; + + $this->assertArrayHasKey('hash', $first_item, 'Raw 列表应包含 hash 字段'); + $this->assertArrayNotHasKey('raw', $first_item, 'Raw 列表不应包含 raw 字段(太大)'); + } + + public function test_raw_list_excludes_business_fields(): void + { + if (!$this->hasOrderData()) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/raw/orders', [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + $first_item = $body['data']['items'][0] ?? []; + + // Raw 列表不应包含业务字段 + $this->assertArrayNotHasKey('total_amount', $first_item); + $this->assertArrayNotHasKey('total_paid', $first_item); + $this->assertArrayNotHasKey('total_discount', $first_item); + $this->assertArrayNotHasKey('buyer_user_id', $first_item); + } + + // ========== Raw 详情接口 ========== + + public function test_raw_detail_contains_raw_and_hash(): void + { + $id = $this->getFirstOrderId(); + if (!$id) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/raw/orders/' . $id, [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + + $this->assertArrayHasKey('raw', $body['data'], 'Raw 详情应包含 raw 字段'); + $this->assertArrayHasKey('hash', $body['data'], 'Raw 详情应包含 hash 字段'); + $this->assertArrayHasKey('ext', $body['data'], 'Raw 详情应包含 ext 字段'); + } + + public function test_raw_detail_excludes_business_fields(): void + { + $id = $this->getFirstOrderId(); + if (!$id) { + $this->markTestSkipped('没有订单数据'); + } + + $response = $this->get('/api/v1/raw/orders/' . $id, [], $this->authHeaders()); + + $response->assertStatus(200); + $body = json_decode($response->getContent(), true); + + // Raw 详情不应包含业务字段 + $this->assertArrayNotHasKey('total_amount', $body['data']); + $this->assertArrayNotHasKey('total_paid', $body['data']); + $this->assertArrayNotHasKey('buyer_user_id', $body['data']); + } + + public function test_raw_detail_not_found_returns_404(): void + { + $response = $this->get('/api/v1/raw/orders/999999999', [], $this->authHeaders()); + + $response->assertStatus(404); + $response->assertJsonPath('code', 404); + } + + // ========== 认证拦截 ========== + + public function test_normal_list_without_token_returns_401(): void + { + $response = $this->get('/api/v1/orders'); + + $response->assertStatus(401); + } + + public function test_normal_detail_without_token_returns_401(): void + { + $response = $this->get('/api/v1/orders/1'); + + $response->assertStatus(401); + } + + public function test_raw_list_without_token_returns_401(): void + { + $response = $this->get('/api/v1/raw/orders'); + + $response->assertStatus(401); + } + + public function test_raw_detail_without_token_returns_401(): void + { + $response = $this->get('/api/v1/raw/orders/1'); + + $response->assertStatus(401); + } +}