fix(sql): fix sql script

2026-01-31 11:11:55 +08:00
parent ce12b997f4
commit d071e1a27d
32 changed files with 1687 additions and 133 deletions
--- a/tests/enabled_apps_smoke.rs
+++ b/tests/enabled_apps_smoke.rs
@@ -0,0 +1,79 @@
+use iam_service::services::TenantService;
+use sqlx::PgPool;
+use uuid::Uuid;
+
+#[tokio::test]
+async fn tenant_enabled_apps_roundtrip_and_version_conflict()
+-> Result<(), Box<dyn std::error::Error>> {
+    let database_url = match std::env::var("DATABASE_URL") {
+        Ok(v) if !v.trim().is_empty() => v,
+        _ => return Ok(()),
+    };
+
+    let pool = PgPool::connect(&database_url).await?;
+    let tenant_service = TenantService::new(pool.clone());
+
+    let test_app = format!("testapp{}", Uuid::new_v4().to_string().replace('-', ""));
+    let tenant_id: Uuid = sqlx::query_scalar(
+        r#"
+        INSERT INTO tenants (name, status, config)
+        VALUES ($1, 'active', '{}'::jsonb)
+        RETURNING id
+        "#,
+    )
+    .bind(format!("smoke-{}", Uuid::new_v4()))
+    .fetch_one(&pool)
+    .await?;
+
+    let actor_user_id = Uuid::new_v4();
+
+    async fn cleanup(pool: &PgPool, tenant_id: Uuid, test_app: &str) {
+        let _ = sqlx::query("DELETE FROM tenants WHERE id = $1")
+            .bind(tenant_id)
+            .execute(pool)
+            .await;
+        let _ = sqlx::query("DELETE FROM apps WHERE id = $1")
+            .bind(test_app)
+            .execute(pool)
+            .await;
+    }
+
+    let _ = sqlx::query(
+        r#"
+        INSERT INTO apps (id, name, description)
+        VALUES ($1, 'TestApp', 'Test')
+        "#,
+    )
+    .bind(&test_app)
+    .execute(&pool)
+    .await?;
+
+    let _ = sqlx::query(
+        r#"
+        INSERT INTO tenant_entitlements (tenant_id, enabled_apps, version)
+        VALUES ($1, '{}'::text[], 0)
+        ON CONFLICT (tenant_id) DO NOTHING
+        "#,
+    )
+    .bind(tenant_id)
+    .execute(&pool)
+    .await?;
+
+    let r1 = tenant_service
+        .set_enabled_apps(tenant_id, vec![test_app.clone()], Some(0), actor_user_id)
+        .await;
+    if r1.is_err() {
+        cleanup(&pool, tenant_id, &test_app).await;
+    }
+    let (apps, v1, _) = r1?;
+    assert_eq!(apps, vec![test_app.clone()]);
+    assert_eq!(v1, 1);
+
+    let r2 = tenant_service
+        .set_enabled_apps(tenant_id, vec![test_app.clone()], Some(0), actor_user_id)
+        .await;
+    assert!(r2.is_err());
+
+    cleanup(&pool, tenant_id, &test_app).await;
+    Ok(())
+}
--- a/tests/user_roles_smoke.rs
+++ b/tests/user_roles_smoke.rs
@@ -0,0 +1,100 @@
+use iam_service::models::CreateRoleRequest;
+use iam_service::services::{RoleService, TenantService};
+use sqlx::PgPool;
+use uuid::Uuid;
+
+#[tokio::test]
+async fn set_user_roles_is_idempotent_and_validates_tenant_roles(
+) -> Result<(), Box<dyn std::error::Error>> {
+    let database_url = match std::env::var("DATABASE_URL") {
+        Ok(v) if !v.trim().is_empty() => v,
+        _ => return Ok(()),
+    };
+
+    let pool = PgPool::connect(&database_url).await?;
+    let tenant_service = TenantService::new(pool.clone());
+    let role_service = RoleService::new(pool.clone());
+
+    let tenant = tenant_service
+        .create_tenant(iam_service::models::CreateTenantRequest {
+            name: format!("smoke-{}", Uuid::new_v4()),
+            config: None,
+        })
+        .await?;
+
+    let user_id: Uuid = sqlx::query_scalar(
+        r#"
+        INSERT INTO users (tenant_id, email, password_hash)
+        VALUES ($1, $2, $3)
+        RETURNING id
+        "#,
+    )
+    .bind(tenant.id)
+    .bind(format!("smoke-{}@example.com", Uuid::new_v4()))
+    .bind("hash")
+    .fetch_one(&pool)
+    .await?;
+
+    let role1 = role_service
+        .create_role(
+            tenant.id,
+            CreateRoleRequest {
+                name: "R1".into(),
+                description: Some("role1".into()),
+            },
+        )
+        .await?;
+    let role2 = role_service
+        .create_role(
+            tenant.id,
+            CreateRoleRequest {
+                name: "R2".into(),
+                description: Some("role2".into()),
+            },
+        )
+        .await?;
+
+    let r1 = role_service
+        .set_roles_for_user(tenant.id, user_id, vec![role1.id, role2.id])
+        .await?;
+    assert_eq!(r1.len(), 2);
+
+    let r2 = role_service
+        .set_roles_for_user(tenant.id, user_id, vec![role1.id, role2.id])
+        .await?;
+    assert_eq!(r2.len(), 2);
+
+    let roles = role_service.list_roles_for_user(tenant.id, user_id).await?;
+    assert_eq!(roles.len(), 2);
+
+    let other_tenant = tenant_service
+        .create_tenant(iam_service::models::CreateTenantRequest {
+            name: format!("smoke-{}", Uuid::new_v4()),
+            config: None,
+        })
+        .await?;
+    let other_role = role_service
+        .create_role(
+            other_tenant.id,
+            CreateRoleRequest {
+                name: "Other".into(),
+                description: None,
+            },
+        )
+        .await?;
+
+    let bad = role_service
+        .set_roles_for_user(tenant.id, user_id, vec![other_role.id])
+        .await;
+    assert!(bad.is_err());
+
+    let _ = sqlx::query("DELETE FROM tenants WHERE id = $1")
+        .bind(tenant.id)
+        .execute(&pool)
+        .await;
+    let _ = sqlx::query("DELETE FROM tenants WHERE id = $1")
+        .bind(other_tenant.id)
+        .execute(&pool)
+        .await;
+    Ok(())
+}