fetchUser(static function ($query): void { $query->where('status', 1); }); if (!$user) { $this->markTestSkipped('没有可用的活跃用户，无法测试'); } $auth = make(AuthManager::class); return $auth->guard('jwt')->login($user); } /** * 获取认证请求头 */ protected function authHeaders(): array { return ['Authorization' => 'Bearer ' . $this->getAuthToken()]; } protected function fetchUser(?callable $callback = null): ?User { if (\Swoole\Coroutine::getCid() > 0) { $query = User::query(); if ($callback !== null) { $callback($query); } return $query->first(); } $user = null; \Swoole\Coroutine\run(static function () use ($callback, &$user): void { $query = User::query(); if ($callback !== null) { $callback($query); } $user = $query->first(); }); return $user; } protected function makeUserPayload(array $overrides = []): array { $suffix = bin2hex(random_bytes(4)); return array_merge([ 'username' => 'user_' . $suffix, 'password' => 'Pass_' . $suffix, 'email' => 'user_' . $suffix . '@example.com', 'status' => 1, ], $overrides); } protected function createUser(array $overrides = []): User { $payload = $this->makeUserPayload($overrides); return User::query()->create($payload); } // ========== 列表接口测试 ========== public function test_list_users_returns_paginated_data(): void { $response = $this->get('/api/v1/users', [], $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('code', 0); $response->assertJsonStructure([ 'code', 'message', 'data' => [ 'items', 'total', 'page', 'per_page', ], ]); } public function test_list_users_respects_page_and_per_page(): void { $response = $this->get('/api/v1/users', ['page' => 1, 'per_page' => 5], $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('code', 0); $response->assertJsonPath('data.page', 1); $response->assertJsonPath('data.per_page', 5); } public function test_list_users_per_page_max_100(): void { $response = $this->get('/api/v1/users', ['per_page' => 999], $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('data.per_page', 100); } public function test_list_users_filter_by_username(): void { // 先获取一个已知用户名 $user = $this->fetchUser(); if (!$user) { $this->markTestSkipped('没有用户数据'); } $response = $this->get('/api/v1/users', ['username' => $user->username], $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('code', 0); $body = json_decode($response->getContent(), true); $this->assertGreaterThanOrEqual(1, $body['data']['total']); } public function test_list_users_filter_by_email(): void { $user = $this->fetchUser(static function ($query): void { $query->whereNotNull('email') ->where('email', '!=', ''); }); if (!$user) { $this->markTestSkipped('没有用户邮箱数据'); } $response = $this->get('/api/v1/users', ['email' => $user->email], $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('code', 0); $body = json_decode($response->getContent(), true); $this->assertGreaterThanOrEqual(1, $body['data']['total']); } public function test_list_users_filter_by_status(): void { $response = $this->get('/api/v1/users', ['status' => 1], $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('code', 0); $body = json_decode($response->getContent(), true); foreach ($body['data']['items'] as $item) { $this->assertSame(1, $item['status']); } } public function test_list_users_does_not_expose_password(): void { $response = $this->get('/api/v1/users', [], $this->authHeaders()); $response->assertStatus(200); $body = json_decode($response->getContent(), true); if (!empty($body['data']['items'])) { $first_item = $body['data']['items'][0]; $this->assertArrayNotHasKey('password', $first_item); $this->assertArrayNotHasKey('refresh_token', $first_item); } } // ========== 详情接口测试 ========== public function test_show_user_returns_user_data(): void { $user = $this->fetchUser(); if (!$user) { $this->markTestSkipped('没有用户数据'); } $response = $this->get('/api/v1/users/' . $user->id, [], $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('code', 0); $response->assertJsonPath('data.id', $user->id); $response->assertJsonPath('data.username', $user->username); } public function test_show_user_does_not_expose_password(): void { $user = $this->fetchUser(); if (!$user) { $this->markTestSkipped('没有用户数据'); } $response = $this->get('/api/v1/users/' . $user->id, [], $this->authHeaders()); $response->assertStatus(200); $body = json_decode($response->getContent(), true); $this->assertArrayNotHasKey('password', $body['data']); $this->assertArrayNotHasKey('refresh_token', $body['data']); } public function test_show_user_not_found_returns_404(): void { $response = $this->get('/api/v1/users/999999', [], $this->authHeaders()); $response->assertStatus(404); $response->assertJsonPath('code', 404); } // ========== 创建接口测试 ========== public function test_create_user_success(): void { $payload = $this->makeUserPayload(); $response = $this->post('/api/v1/users', $payload, $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('code', 0); $response->assertJsonPath('data.username', $payload['username']); $response->assertJsonPath('data.email', $payload['email']); $response->assertJsonPath('data.status', 1); } public function test_create_user_validation_error_returns_400(): void { $payload = $this->makeUserPayload([ 'username' => 'ab', ]); $response = $this->post('/api/v1/users', $payload, $this->authHeaders()); $response->assertStatus(400); $response->assertJsonPath('code', 400); } public function test_create_user_duplicate_username_returns_400(): void { $user = $this->createUser(); $payload = $this->makeUserPayload([ 'username' => $user->username, ]); $response = $this->post('/api/v1/users', $payload, $this->authHeaders()); $response->assertStatus(400); $response->assertJsonPath('code', 400); } public function test_create_user_duplicate_email_returns_400(): void { $user = $this->createUser(); $payload = $this->makeUserPayload([ 'email' => $user->email, ]); $response = $this->post('/api/v1/users', $payload, $this->authHeaders()); $response->assertStatus(400); $response->assertJsonPath('code', 400); } // ========== 更新接口测试 ========== public function test_update_user_partial_fields(): void { $user = $this->createUser(); $suffix = bin2hex(random_bytes(4)); $updated_email = 'updated_' . $suffix . '@example.com'; $ext = ['nickname' => 'Tester']; $response = $this->put('/api/v1/users/' . $user->id, [ 'email' => $updated_email, 'ext' => $ext, ], $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('code', 0); $response->assertJsonPath('data.email', $updated_email); $response->assertJsonPath('data.ext.nickname', 'Tester'); $user->refresh(); $this->assertSame($updated_email, $user->email); $this->assertSame($ext, $user->ext); } public function test_update_user_unique_conflict_returns_400(): void { $existing = $this->createUser(); $target = $this->createUser(); $response = $this->put('/api/v1/users/' . $target->id, [ 'username' => $existing->username, ], $this->authHeaders()); $response->assertStatus(400); $response->assertJsonPath('code', 400); } public function test_update_user_not_found_returns_404(): void { $response = $this->put('/api/v1/users/999999', [ 'email' => 'missing@example.com', ], $this->authHeaders()); $response->assertStatus(404); $response->assertJsonPath('code', 404); } // ========== 状态切换接口测试 ========== public function test_patch_user_status_updates_status(): void { $user = $this->createUser(); $response = $this->patch('/api/v1/users/' . $user->id . '/status', [ 'status' => 0, ], $this->authHeaders()); $response->assertStatus(200); $response->assertJsonPath('code', 0); $response->assertJsonPath('data.status', 0); $user->refresh(); $this->assertSame(0, $user->status); } public function test_patch_user_status_invalid_returns_400(): void { $user = $this->createUser(); $response = $this->patch('/api/v1/users/' . $user->id . '/status', [ 'status' => 2, ], $this->authHeaders()); $response->assertStatus(400); $response->assertJsonPath('code', 400); } public function test_patch_user_status_not_found_returns_404(): void { $response = $this->patch('/api/v1/users/999999/status', [ 'status' => 0, ], $this->authHeaders()); $response->assertStatus(404); $response->assertJsonPath('code', 404); } // ========== 认证拦截测试 ========== public function test_list_users_without_token_returns_401(): void { $response = $this->get('/api/v1/users'); $response->assertStatus(401); } public function test_show_user_without_token_returns_401(): void { $response = $this->get('/api/v1/users/1'); $response->assertStatus(401); } }