xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0527c7c392b17ac535bbcb66088b1d4b65db9cd2
lotteryLaravel/tests/Feature/AdminDrawRolePermissionRoundTripTest.php
kang 0527c7c392 feat: 增强管理员权限与角色管理功能 
- 在 SyncAdminAuthorizationCommand 中新增对代理和抽奖菜单操作的同步功能,确保缺失的菜单操作行能够被创建。
- 更新多个控制器中的权限检查逻辑,使用 hasPermissionCode 替代原有的权限验证方式,提升权限管理的灵活性。
- 引入 ApiMessage 统一错误响应格式,确保在权限不足时返回一致的错误信息。
- 更新 AdminRole 和 AdminUser 模型,增强角色与用户的权限管理功能,支持更细粒度的权限控制。
2026-06-03 10:56:36 +08:00

61 lines
2.1 KiB
PHP
Raw Blame History

<?php
use App\Models\AdminRole;
use App\Models\AdminUser;
use Illuminate\Support\Facades\Hash;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
beforeEach(function (): void {
$this->artisan('lottery:admin-auth-sync')->assertExitCode(0);
});
test('role with only draw view slug does not round-trip as manage', function (): void {
$role = AdminRole::query()->create([
'slug' => 'draw_view_only',
'name' => 'Draw view only',
]);
$role->syncLegacyPermissionSlugs(['prd.draw_result.view']);
expect($role->legacyPermissionSlugs())
->toContain('prd.draw_result.view')
->not->toContain('prd.draw_result.manage');
});
test('platform role sync can drop draw manage while keeping view', function (): void {
$super = AdminUser::query()->create([
'username' => 'draw_perm_super',
'name' => 'Super',
'email' => null,
'password' => Hash::make('secret-strong'),
'status' => 0,
]);
grantSuperAdminRole($super);
$token = $super->createToken('test', ['*'], now()->addDay())->plainTextToken;
$role = AdminRole::query()->create([
'slug' => 'draw_toggle_test',
'name' => 'Draw toggle test',
]);
$this->withHeader('Authorization', 'Bearer '.$token)
->putJson('/api/v1/admin/admin-roles/'.$role->id.'/permissions', [
'permission_slugs' => ['prd.draw_result.view', 'prd.draw_result.manage'],
])
->assertOk()
->assertJsonPath('data.permission_slugs', fn ($slugs): bool => in_array('prd.draw_result.manage', $slugs, true));
$this->withHeader('Authorization', 'Bearer '.$token)
->putJson('/api/v1/admin/admin-roles/'.$role->id.'/permissions', [
'permission_slugs' => ['prd.draw_result.view'],
])
->assertOk()
->assertJsonPath('data.permission_slugs', function ($slugs): bool {
$list = is_array($slugs) ? $slugs : [];
return in_array('prd.draw_result.view', $list, true)
&& ! in_array('prd.draw_result.manage', $list, true);
});
});
Reference in New Issue View Git Blame Copy Permalink