fix(sql): fix sql script

2026-01-31 11:11:55 +08:00
parent ce12b997f4
commit d071e1a27d
32 changed files with 1687 additions and 133 deletions
--- a/tests/user_roles_smoke.rs
+++ b/tests/user_roles_smoke.rs
@@ -0,0 +1,100 @@
+use iam_service::models::CreateRoleRequest;
+use iam_service::services::{RoleService, TenantService};
+use sqlx::PgPool;
+use uuid::Uuid;
+
+#[tokio::test]
+async fn set_user_roles_is_idempotent_and_validates_tenant_roles(
+) -> Result<(), Box<dyn std::error::Error>> {
+    let database_url = match std::env::var("DATABASE_URL") {
+        Ok(v) if !v.trim().is_empty() => v,
+        _ => return Ok(()),
+    };
+
+    let pool = PgPool::connect(&database_url).await?;
+    let tenant_service = TenantService::new(pool.clone());
+    let role_service = RoleService::new(pool.clone());
+
+    let tenant = tenant_service
+        .create_tenant(iam_service::models::CreateTenantRequest {
+            name: format!("smoke-{}", Uuid::new_v4()),
+            config: None,
+        })
+        .await?;
+
+    let user_id: Uuid = sqlx::query_scalar(
+        r#"
+        INSERT INTO users (tenant_id, email, password_hash)
+        VALUES ($1, $2, $3)
+        RETURNING id
+        "#,
+    )
+    .bind(tenant.id)
+    .bind(format!("smoke-{}@example.com", Uuid::new_v4()))
+    .bind("hash")
+    .fetch_one(&pool)
+    .await?;
+
+    let role1 = role_service
+        .create_role(
+            tenant.id,
+            CreateRoleRequest {
+                name: "R1".into(),
+                description: Some("role1".into()),
+            },
+        )
+        .await?;
+    let role2 = role_service
+        .create_role(
+            tenant.id,
+            CreateRoleRequest {
+                name: "R2".into(),
+                description: Some("role2".into()),
+            },
+        )
+        .await?;
+
+    let r1 = role_service
+        .set_roles_for_user(tenant.id, user_id, vec![role1.id, role2.id])
+        .await?;
+    assert_eq!(r1.len(), 2);
+
+    let r2 = role_service
+        .set_roles_for_user(tenant.id, user_id, vec![role1.id, role2.id])
+        .await?;
+    assert_eq!(r2.len(), 2);
+
+    let roles = role_service.list_roles_for_user(tenant.id, user_id).await?;
+    assert_eq!(roles.len(), 2);
+
+    let other_tenant = tenant_service
+        .create_tenant(iam_service::models::CreateTenantRequest {
+            name: format!("smoke-{}", Uuid::new_v4()),
+            config: None,
+        })
+        .await?;
+    let other_role = role_service
+        .create_role(
+            other_tenant.id,
+            CreateRoleRequest {
+                name: "Other".into(),
+                description: None,
+            },
+        )
+        .await?;
+
+    let bad = role_service
+        .set_roles_for_user(tenant.id, user_id, vec![other_role.id])
+        .await;
+    assert!(bad.is_err());
+
+    let _ = sqlx::query("DELETE FROM tenants WHERE id = $1")
+        .bind(tenant.id)
+        .execute(&pool)
+        .await;
+    let _ = sqlx::query("DELETE FROM tenants WHERE id = $1")
+        .bind(other_tenant.id)
+        .execute(&pool)
+        .await;
+    Ok(())
+}