lijiaoqiao/supply-api/internal/iam/model/role_scope_test.go

package model

import (
	"testing"

	"github.com/stretchr/testify/assert"
)

// TestRoleScopeMapping_GrantScope 测试授予Scope
func TestRoleScopeMapping_GrantScope(t *testing.T) {
	// arrange
	role := NewRole("operator", "运维人员", RoleTypePlatform, 30)
	role.ID = 1
	scope1 := NewScope("platform:read", "读取平台配置", ScopeTypePlatform)
	scope1.ID = 1
	scope2 := NewScope("platform:write", "修改平台配置", ScopeTypePlatform)
	scope2.ID = 2

	// act
	roleScopeMapping := NewRoleScopeMapping(role.ID, scope1.ID)
	roleScopeMapping2 := NewRoleScopeMapping(role.ID, scope2.ID)

	// assert
	assert.Equal(t, role.ID, roleScopeMapping.RoleID)
	assert.Equal(t, scope1.ID, roleScopeMapping.ScopeID)
	assert.NotEmpty(t, roleScopeMapping.RequestID)
	assert.Equal(t, 1, roleScopeMapping.Version)

	assert.Equal(t, role.ID, roleScopeMapping2.RoleID)
	assert.Equal(t, scope2.ID, roleScopeMapping2.ScopeID)
}

// TestRoleScopeMapping_RevokeScope 测试撤销Scope
func TestRoleScopeMapping_RevokeScope(t *testing.T) {
	// arrange
	role := NewRole("viewer", "查看者", RoleTypePlatform, 10)
	role.ID = 1
	scope := NewScope("platform:read", "读取平台配置", ScopeTypePlatform)
	scope.ID = 1

	// act
	roleScopeMapping := NewRoleScopeMapping(role.ID, scope.ID)
	roleScopeMapping.Revoke()

	// assert
	assert.False(t, roleScopeMapping.IsActive, "revoked mapping should be inactive")
}

// TestRoleScopeMapping_WithAudit 测试带审计字段的映射
func TestRoleScopeMapping_WithAudit(t *testing.T) {
	// arrange
	roleID := int64(1)
	scopeID := int64(2)
	requestID := "req-role-scope-123"
	createdIP := "192.168.1.100"

	// act
	mapping := NewRoleScopeMappingWithAudit(roleID, scopeID, requestID, createdIP)

	// assert
	assert.Equal(t, roleID, mapping.RoleID)
	assert.Equal(t, scopeID, mapping.ScopeID)
	assert.Equal(t, requestID, mapping.RequestID)
	assert.Equal(t, createdIP, mapping.CreatedIP)
	assert.True(t, mapping.IsActive)
}

// TestRoleScopeMapping_IncrementVersion 测试版本号递增
func TestRoleScopeMapping_IncrementVersion(t *testing.T) {
	// arrange
	mapping := NewRoleScopeMapping(1, 1)
	originalVersion := mapping.Version

	// act
	mapping.IncrementVersion()

	// assert
	assert.Equal(t, originalVersion+1, mapping.Version)
}

// TestRoleScopeMapping_IsActive 测试活跃状态
func TestRoleScopeMapping_IsActive(t *testing.T) {
	// arrange
	mapping := NewRoleScopeMapping(1, 1)

	// assert - 默认应该激活
	assert.True(t, mapping.IsActive)
}

// TestRoleScopeMapping_UniqueConstraint 测试唯一性（同一个角色和Scope组合）
func TestRoleScopeMapping_UniqueConstraint(t *testing.T) {
	// arrange
	roleID := int64(1)
	scopeID := int64(1)

	// act
	mapping1 := NewRoleScopeMapping(roleID, scopeID)
	mapping2 := NewRoleScopeMapping(roleID, scopeID)

	// assert - 两个映射应该有相同的 RoleID 和 ScopeID（代表唯一约束）
	assert.Equal(t, mapping1.RoleID, mapping2.RoleID)
	assert.Equal(t, mapping1.ScopeID, mapping2.ScopeID)
}

// TestRoleScopeMapping_GrantScopeList 测试批量授予Scope
func TestRoleScopeMapping_GrantScopeList(t *testing.T) {
	// arrange
	roleID := int64(1)
	scopeIDs := []int64{1, 2, 3, 4, 5}

	// act
	mappings := GrantScopeList(roleID, scopeIDs)

	// assert
	assert.Len(t, mappings, len(scopeIDs))
	for i, scopeID := range scopeIDs {
		assert.Equal(t, roleID, mappings[i].RoleID)
		assert.Equal(t, scopeID, mappings[i].ScopeID)
		assert.True(t, mappings[i].IsActive)
	}
}

// TestRoleScopeMapping_RevokeAll 测试撤销所有Scope（针对某个角色）
func TestRoleScopeMapping_RevokeAll(t *testing.T) {
	// arrange
	roleID := int64(1)
	scopeIDs := []int64{1, 2, 3}
	mappings := GrantScopeList(roleID, scopeIDs)

	// act
	RevokeAll(mappings)

	// assert
	for _, mapping := range mappings {
		assert.False(t, mapping.IsActive, "all mappings should be revoked")
	}
}

// TestRoleScopeMapping_GetActiveScopes 测试获取活跃的Scope列表
func TestRoleScopeMapping_GetActiveScopes(t *testing.T) {
	// arrange
	roleID := int64(1)
	scopeIDs := []int64{1, 2, 3}
	mappings := GrantScopeList(roleID, scopeIDs)

	// 撤销中间的Scope
	mappings[1].Revoke()

	// act
	activeScopes := GetActiveScopeIDs(mappings)

	// assert
	assert.Len(t, activeScopes, 2)
	assert.Contains(t, activeScopes, int64(1))
	assert.Contains(t, activeScopes, int64(3))
	assert.NotContains(t, activeScopes, int64(2))
}