app-cloudep-permission-server/pkg/usecase/casbin_redis_rbac_test.go

package usecase

import (
	"context"
	"net/http"
	"testing"
	"time"

	"code.30cm.net/digimon/app-cloudep-permission-server/pkg/domain/entity"
	"code.30cm.net/digimon/app-cloudep-permission-server/pkg/domain/permission"
	mock "code.30cm.net/digimon/app-cloudep-permission-server/pkg/mock/repository"
	"code.30cm.net/digimon/app-cloudep-permission-server/pkg/repository"
	"github.com/alicebob/miniredis/v2"
	"github.com/stretchr/testify/assert"
	"github.com/zeromicro/go-zero/core/stores/redis"
	"go.mongodb.org/mongo-driver/bson/primitive"
	"go.uber.org/mock/gomock"
)

func setupMiniRedis() (*miniredis.Miniredis, *redis.Redis) {
	// 啟動 setupMiniRedis 作為模擬的 Redis 服務
	mr, err := miniredis.Run()
	if err != nil {
		panic("failed to start miniRedis: " + err.Error())
	}

	// 使用 setupMiniRedis 的地址配置 go-zero Redis 客戶端
	redisConf := redis.RedisConf{
		Host: mr.Addr(),
		Type: "node",
	}
	r := redis.MustNewRedis(redisConf)

	return mr, r
}

func TestNewRBACUseCase_LoadPolicy(t *testing.T) {
	// 固定發行者設定，測試中會用來驗證 claims.Issuer
	mockCtrl := gomock.NewController(t)
	defer mockCtrl.Finish()

	// 準備測試資料
	permID, _ := primitive.ObjectIDFromHex("507f1f77bcf86cd799439011")
	permissionData := entity.Permission{
		ID:         permID,
		Parent:     "",
		Name:       "read_perm",
		HTTPMethod: http.MethodGet,
		HTTPPath:   "/resource",
		Status:     permission.Open, // 1: 啟用
		// 其他欄位可以隨便填上
		CreateAt: time.Now().Unix(),
		UpdateAt: time.Now().Unix(),
	}

	roleID, _ := primitive.ObjectIDFromHex("507f1f77bcf86cd799439012")
	roleData := &entity.Role{
		ID:       roleID,
		Name:     "test_role",
		UID:      "role1",
		ClientID: "client1",
		Status:   permission.Open,
		CreateAt: time.Now().Unix(),
		UpdateAt: time.Now().Unix(),
	}

	rolePermissionData := &entity.RolePermission{
		// 這裡 RoleID 與 PermissionID 皆以 Hex 字串儲存
		RoleID:       roleID.Hex(),
		PermissionID: permID.Hex(),
		CreateAt:     time.Now().Unix(),
		UpdateAt:     time.Now().Unix(),
	}

	// 建立 mock 物件，並設定期望值
	permissionRepo := mock.NewMockPermissionRepository(mockCtrl)
	roleRepo := mock.NewMockRoleRepository(mockCtrl)
	rolePermissionRepo := mock.NewMockRolePermissionRepository(mockCtrl)
	ctx := context.Background()
	permissionRepo.EXPECT().
		GetAll(ctx, nil).
		Return([]entity.Permission{permissionData}, nil)

	roleRepo.EXPECT().
		All(ctx, nil).
		Return([]*entity.Role{roleData}, nil)

	rolePermissionRepo.EXPECT().
		Get(ctx, roleID.Hex()).
		Return([]*entity.RolePermission{rolePermissionData}, nil)

	// 建立 miniRedis 與 adapter
	mr, rdb := setupMiniRedis()
	defer mr.Close()

	adapter, err := repository.NewRBACAdapter(repository.RBACAdapterParam{Redis: rdb})
	assert.NoError(t, err)

	// 建立 RBACUseCase 測試實例
	uc := NewRBACUseCase(RBACUseCaseParam{
		ModulePath:       "../../etc/rbac.conf", // 注意：確認路徑下有對應的模型檔
		permissionRepo:   permissionRepo,
		roleRepo:         roleRepo,
		rolePermission:   rolePermissionRepo,
		RBACRedisAdapter: adapter,
	})

	// 載入 policy
	err = uc.LoadPolicy(ctx)
	assert.NoError(t, err)

	// 接下來測試 casbin 是否能正確檢查該權限
	status, err := uc.Check(ctx, roleData.Name, permissionData.HTTPPath, permissionData.HTTPMethod)
	assert.NoError(t, err)
	assert.True(t, status.Allow)
	// 預期 PermissionName 為 "read_perm"
	assert.Equal(t, "read_perm", status.Select.PermissionName)

}
feat/refactor (#5) Reviewed-on: https://code.30cm.net/digimon/app-cloudep-permission-server/pulls/5 2025-03-05 07:10:46 +00:00			`package usecase`

			`import (`
			`"context"`
			`"net/http"`
			`"testing"`
			`"time"`

			`"code.30cm.net/digimon/app-cloudep-permission-server/pkg/domain/entity"`
			`"code.30cm.net/digimon/app-cloudep-permission-server/pkg/domain/permission"`
			`mock "code.30cm.net/digimon/app-cloudep-permission-server/pkg/mock/repository"`
			`"code.30cm.net/digimon/app-cloudep-permission-server/pkg/repository"`
			`"github.com/alicebob/miniredis/v2"`
			`"github.com/stretchr/testify/assert"`
			`"github.com/zeromicro/go-zero/core/stores/redis"`
			`"go.mongodb.org/mongo-driver/bson/primitive"`
			`"go.uber.org/mock/gomock"`
			`)`

			`func setupMiniRedis() (miniredis.Miniredis, redis.Redis) {`
			`// 啟動 setupMiniRedis 作為模擬的 Redis 服務`
			`mr, err := miniredis.Run()`
			`if err != nil {`
			`panic("failed to start miniRedis: " + err.Error())`
			`}`

			`// 使用 setupMiniRedis 的地址配置 go-zero Redis 客戶端`
			`redisConf := redis.RedisConf{`
			`Host: mr.Addr(),`
			`Type: "node",`
			`}`
			`r := redis.MustNewRedis(redisConf)`

			`return mr, r`
			`}`

			`func TestNewRBACUseCase_LoadPolicy(t *testing.T) {`
			`// 固定發行者設定，測試中會用來驗證 claims.Issuer`
			`mockCtrl := gomock.NewController(t)`
			`defer mockCtrl.Finish()`

			`// 準備測試資料`
			`permID, _ := primitive.ObjectIDFromHex("507f1f77bcf86cd799439011")`
			`permissionData := entity.Permission{`
			`ID: permID,`
			`Parent: "",`
			`Name: "read_perm",`
			`HTTPMethod: http.MethodGet,`
			`HTTPPath: "/resource",`
			`Status: permission.Open, // 1: 啟用`
			`// 其他欄位可以隨便填上`
			`CreateAt: time.Now().Unix(),`
			`UpdateAt: time.Now().Unix(),`
			`}`

			`roleID, _ := primitive.ObjectIDFromHex("507f1f77bcf86cd799439012")`
			`roleData := &entity.Role{`
			`ID: roleID,`
			`Name: "test_role",`
			`UID: "role1",`
			`ClientID: "client1",`
			`Status: permission.Open,`
			`CreateAt: time.Now().Unix(),`
			`UpdateAt: time.Now().Unix(),`
			`}`

			`rolePermissionData := &entity.RolePermission{`
			`// 這裡 RoleID 與 PermissionID 皆以 Hex 字串儲存`
			`RoleID: roleID.Hex(),`
			`PermissionID: permID.Hex(),`
			`CreateAt: time.Now().Unix(),`
			`UpdateAt: time.Now().Unix(),`
			`}`

			`// 建立 mock 物件，並設定期望值`
			`permissionRepo := mock.NewMockPermissionRepository(mockCtrl)`
			`roleRepo := mock.NewMockRoleRepository(mockCtrl)`
			`rolePermissionRepo := mock.NewMockRolePermissionRepository(mockCtrl)`
			`ctx := context.Background()`
			`permissionRepo.EXPECT().`
			`GetAll(ctx, nil).`
			`Return([]entity.Permission{permissionData}, nil)`

			`roleRepo.EXPECT().`
			`All(ctx, nil).`
			`Return([]*entity.Role{roleData}, nil)`

			`rolePermissionRepo.EXPECT().`
			`Get(ctx, roleID.Hex()).`
			`Return([]*entity.RolePermission{rolePermissionData}, nil)`

			`// 建立 miniRedis 與 adapter`
			`mr, rdb := setupMiniRedis()`
			`defer mr.Close()`

			`adapter, err := repository.NewRBACAdapter(repository.RBACAdapterParam{Redis: rdb})`
			`assert.NoError(t, err)`

			`// 建立 RBACUseCase 測試實例`
			`uc := NewRBACUseCase(RBACUseCaseParam{`
			`ModulePath: "../../etc/rbac.conf", // 注意：確認路徑下有對應的模型檔`
			`permissionRepo: permissionRepo,`
			`roleRepo: roleRepo,`
			`rolePermission: rolePermissionRepo,`
			`RBACRedisAdapter: adapter,`
			`})`

			`// 載入 policy`
			`err = uc.LoadPolicy(ctx)`
			`assert.NoError(t, err)`

			`// 接下來測試 casbin 是否能正確檢查該權限`
			`status, err := uc.Check(ctx, roleData.Name, permissionData.HTTPPath, permissionData.HTTPMethod)`
			`assert.NoError(t, err)`
			`assert.True(t, status.Allow)`
			`// 預期 PermissionName 為 "read_perm"`
			`assert.Equal(t, "read_perm", status.Select.PermissionName)`

			`}`