zgty/zt-dsc
9
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'base-version/main' into dev

Browse Source
This commit is contained in:
chenbowen
2025-11-28 11:07:42 +08:00
parent 240a531ee1 542466270a
commit db3afb5b64
40 changed files with 1006 additions and 365 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
zt-module-system/zt-module-system-server/src/test/java/com/zt/plat/module/system/service/auth/AdminAuthServiceImplTest.java
View File

@@ -16,7 +16,11 @@ import com.zt.plat.module.system.enums.logger.LoginLogTypeEnum;
import com.zt.plat.module.system.enums.logger.LoginResultEnum;
import com.zt.plat.module.system.enums.sms.SmsSceneEnum;
import com.zt.plat.module.system.enums.social.SocialTypeEnum;
import com.zt.plat.module.system.enums.user.UserSourceEnum;
import com.zt.plat.module.system.service.logger.LoginLogService;
import com.zt.plat.module.system.service.member.MemberService;
import com.zt.plat.module.system.service.oauth2.EbanOAuth2Service;
import com.zt.plat.module.system.service.oauth2.EbanTokenService;
import com.zt.plat.module.system.service.oauth2.OAuth2TokenService;
import com.zt.plat.module.system.service.social.SocialUserService;
import com.zt.plat.module.system.service.user.AdminUserService;
@@ -57,6 +61,12 @@ public class AdminAuthServiceImplTest extends BaseDbUnitTest {
private SmsCodeApi smsCodeApi;
@MockBean
private OAuth2TokenService oauth2TokenService;
@MockBean
private MemberService memberService;
@MockBean
private EbanOAuth2Service ebanOAuth2Service;
@MockBean
private EbanTokenService ebanTokenService;
@MockBean
private Validator validator;
@@ -78,7 +88,7 @@ public class AdminAuthServiceImplTest extends BaseDbUnitTest {
.setPassword(password).setStatus(CommonStatusEnum.ENABLE.getStatus()));
when(userService.getUserByUsername(eq(username))).thenReturn(user);
// mock password 匹配
when(userService.isPasswordMatch(eq(password), eq(user.getPassword()))).thenReturn(true);
when(userService.isPasswordMatch(eq(user), eq(password))).thenReturn(true);
// 调用
AdminUserDO loginUser = authService.authenticate(username, password);
@@ -132,7 +142,7 @@ public class AdminAuthServiceImplTest extends BaseDbUnitTest {
.setPassword(password).setStatus(CommonStatusEnum.DISABLE.getStatus()));
when(userService.getUserByUsername(eq(username))).thenReturn(user);
// mock password 匹配
when(userService.isPasswordMatch(eq(password), eq(user.getPassword()))).thenReturn(true);
when(userService.isPasswordMatch(eq(user), eq(password))).thenReturn(true);
// 调用, 并断言异常
assertServiceException(() -> authService.authenticate(username, password),
@@ -158,7 +168,7 @@ public class AdminAuthServiceImplTest extends BaseDbUnitTest {
.setPassword("test_password").setStatus(CommonStatusEnum.ENABLE.getStatus()));
when(userService.getUserByUsername(eq("test_username"))).thenReturn(user);
// mock password 匹配
when(userService.isPasswordMatch(eq("test_password"), eq(user.getPassword()))).thenReturn(true);
when(userService.isPasswordMatch(eq(user), eq("test_password"))).thenReturn(true);
// mock 缓存登录用户到 Redis
OAuth2AccessTokenDO accessTokenDO = randomPojo(OAuth2AccessTokenDO.class, o -> o.setUserId(1L)
.setUserType(UserTypeEnum.ADMIN.getValue()));
@@ -179,6 +189,49 @@ public class AdminAuthServiceImplTest extends BaseDbUnitTest {
reqVO.getSocialType(), reqVO.getSocialCode(), reqVO.getSocialState())));
}
@Test
public void testLogin_internalUserBlocked() {
AuthLoginReqVO reqVO = randomPojo(AuthLoginReqVO.class, o -> {
o.setUsername("sync_user");
o.setPassword("Pass@123");
o.setSocialType(null);
});
authService.setCaptchaEnable(false);
AdminUserDO user = randomPojo(AdminUserDO.class, o -> o.setId(10L)
.setUsername("sync_user")
.setPassword("bcrypt")
.setStatus(CommonStatusEnum.ENABLE.getStatus())
.setUserSource(UserSourceEnum.SYNC.getSource()));
when(userService.getUserByUsername(eq("sync_user"))).thenReturn(user);
when(userService.isPasswordMatch(eq(user), eq("Pass@123"))).thenReturn(true);
assertServiceException(() -> authService.login(reqVO), AUTH_LOGIN_INTERNAL_USER_PASSWORD_NOT_ALLOWED);
}
@Test
public void testLogin_iWorkUserAllowed() {
AuthLoginReqVO reqVO = randomPojo(AuthLoginReqVO.class, o -> {
o.setUsername("iwork_user");
o.setPassword("Password1!");
o.setSocialType(null);
});
authService.setCaptchaEnable(false);
AdminUserDO user = randomPojo(AdminUserDO.class, o -> o.setId(20L)
.setUsername("iwork_user")
.setPassword("md5")
.setStatus(CommonStatusEnum.ENABLE.getStatus())
.setUserSource(UserSourceEnum.IWORK.getSource()));
when(userService.getUserByUsername(eq("iwork_user"))).thenReturn(user);
when(userService.isPasswordMatch(eq(user), eq("Password1!"))).thenReturn(true);
OAuth2AccessTokenDO accessTokenDO = randomPojo(OAuth2AccessTokenDO.class, o -> o.setUserId(20L)
.setUserType(UserTypeEnum.ADMIN.getValue()));
when(oauth2TokenService.createAccessToken(eq(20L), eq(UserTypeEnum.ADMIN.getValue()), eq("default"), isNull()))
.thenReturn(accessTokenDO);
AuthLoginRespVO respVO = authService.login(reqVO);
assertPojoEquals(accessTokenDO, respVO);
}
@Test
public void testSendSmsCode() {
// 准备参数

29
zt-module-system/zt-module-system-server/src/test/java/com/zt/plat/module/system/service/user/AdminUserServiceImplTest.java
View File

@@ -23,6 +23,7 @@ import com.zt.plat.module.system.dal.mysql.dept.UserPostMapper;
import com.zt.plat.module.system.dal.mysql.user.AdminUserMapper;
import com.zt.plat.module.system.dal.mysql.userdept.UserDeptMapper;
import com.zt.plat.module.system.enums.common.SexEnum;
import com.zt.plat.module.system.enums.user.UserSourceEnum;
import com.zt.plat.module.system.service.dept.DeptServiceImpl;
import com.zt.plat.module.system.service.dept.PostService;
import com.zt.plat.module.system.service.permission.PermissionService;
@@ -35,7 +36,9 @@ import org.mockito.stubbing.Answer;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.context.annotation.Import;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.util.DigestUtils;
import java.nio.charset.StandardCharsets;
import java.util.*;
import java.util.function.Consumer;
@@ -267,6 +270,32 @@ public class AdminUserServiceImplTest extends BaseDbUnitTest {
assertEquals("encode:" + password, user.getPassword());
}
@Test
public void testUpdateUserPassword_forbiddenForIWork() {
AdminUserDO dbUser = randomAdminUserDO(o -> o.setUserSource(UserSourceEnum.IWORK.getSource()));
userMapper.insert(dbUser);
Long userId = dbUser.getId();
UserProfileUpdatePasswordReqVO reqVO = randomPojo(UserProfileUpdatePasswordReqVO.class, o -> {
o.setOldPassword("oldPwd");
o.setNewPassword("newPwd");
});
assertServiceException(() -> userService.updateUserPassword(userId, reqVO), USER_PASSWORD_MODIFY_FORBIDDEN);
assertServiceException(() -> userService.updateUserPassword(userId, "anotherPwd"), USER_PASSWORD_MODIFY_FORBIDDEN);
}
@Test
public void testIsPasswordMatch_iWorkMd5() {
String rawPassword = "Abc12345";
String md5 = DigestUtils.md5DigestAsHex(rawPassword.getBytes(StandardCharsets.UTF_8)).toUpperCase(Locale.ROOT);
AdminUserDO user = randomAdminUserDO(o -> {
o.setUserSource(UserSourceEnum.IWORK.getSource());
o.setPassword(md5);
});
assertTrue(userService.isPasswordMatch(user, rawPassword));
}
@Test
public void testUpdateUserStatus() {
// mock 数据