refactor: RBAC权限系统重构 + UI组件拆分 + 测试修复 + 架构文档
Some checks failed
CI / build-deploy (push) Has been cancelled
Some checks failed
CI / build-deploy (push) Has been cancelled
- RBAC: 新增30个权限点、DataScope行级权限、requirePermission守卫,所有57+ Server Action接入权限校验 - UI拆分: exam-form(1623行→11文件)、textbook-reader(744行→7文件),均降至300行以内 - 测试: 新增5个单元测试文件(19用例),修复4个集成测试文件(38用例全部通过) - 架构文档: 新增架构影响地图(004/005)、标准功能清单(006)、差距审计报告(007) - 项目规则: 架构图优先规则,改码必同步图 - 安全: rehype-sanitize净化、AES加密API Key、权限路由守卫 - 无障碍: skip-link、aria-label、prefers-reduced-motion - 性能: next/font优化、next/image、代码分割
This commit is contained in:
SpecialX
@@ -1,7 +1,7 @@
|
||||
import { beforeEach, describe, expect, it, vi } from "vitest"
|
||||
|
||||
const mocks = vi.hoisted(() => {
|
||||
const authMock = vi.fn()
|
||||
const requirePermissionMock = vi.fn()
|
||||
const revalidatePathMock = vi.fn()
|
||||
const createIdMock = vi.fn()
|
||||
|
||||
@@ -27,13 +27,10 @@ const mocks = vi.hoisted(() => {
|
||||
homeworkAssignmentTargets: { assignmentId: "assignmentId", studentId: "studentId" },
|
||||
homeworkAssignments: { id: "id" },
|
||||
homeworkSubmissions: { id: "id" },
|
||||
roles: { id: "id", name: "name" },
|
||||
users: { id: "id" },
|
||||
usersToRoles: { userId: "userId", roleId: "roleId" },
|
||||
}
|
||||
|
||||
return {
|
||||
authMock,
|
||||
requirePermissionMock,
|
||||
revalidatePathMock,
|
||||
createIdMock,
|
||||
ensureLimitMock,
|
||||
@@ -48,8 +45,14 @@ const mocks = vi.hoisted(() => {
|
||||
}
|
||||
})
|
||||
|
||||
vi.mock("@/auth", () => ({
|
||||
auth: mocks.authMock,
|
||||
vi.mock("@/shared/lib/auth-guard", () => ({
|
||||
requirePermission: mocks.requirePermissionMock,
|
||||
PermissionDeniedError: class PermissionDeniedError extends Error {
|
||||
constructor(permission: string) {
|
||||
super(`Permission denied: ${permission}`)
|
||||
this.name = "PermissionDeniedError"
|
||||
}
|
||||
},
|
||||
}))
|
||||
|
||||
vi.mock("next/cache", () => ({
|
||||
@@ -118,14 +121,33 @@ vi.mock("@/shared/db", () => ({
|
||||
|
||||
import { createHomeworkAssignmentAction } from "@/modules/homework/actions"
|
||||
|
||||
/** Helper to create a default admin auth context */
|
||||
function adminCtx() {
|
||||
return {
|
||||
userId: "u_admin",
|
||||
roles: ["admin"],
|
||||
permissions: ["homework:create"],
|
||||
dataScope: { type: "all" as const },
|
||||
}
|
||||
}
|
||||
|
||||
/** Helper to create a teacher auth context */
|
||||
function teacherCtx(userId = "u_teacher") {
|
||||
return {
|
||||
userId,
|
||||
roles: ["teacher"],
|
||||
permissions: ["homework:create"],
|
||||
dataScope: { type: "class_taught" as const, classIds: ["class_5"], subjectIds: ["subject_science"] },
|
||||
}
|
||||
}
|
||||
|
||||
describe("createHomeworkAssignmentAction", () => {
|
||||
beforeEach(() => {
|
||||
vi.resetAllMocks()
|
||||
})
|
||||
|
||||
it("creates published assignment from exam with targets", async () => {
|
||||
mocks.authMock.mockResolvedValue({ user: { id: "u_admin" } })
|
||||
mocks.ensureLimitMock.mockResolvedValue([{ id: "u_admin", role: "admin" }])
|
||||
mocks.requirePermissionMock.mockResolvedValue(adminCtx())
|
||||
mocks.classLimitMock.mockResolvedValue([{ id: "class_1", teacherId: "teacher_1" }])
|
||||
mocks.examFindFirstMock.mockResolvedValue({
|
||||
id: "exam_1",
|
||||
@@ -150,8 +172,7 @@ describe("createHomeworkAssignmentAction", () => {
|
||||
})
|
||||
|
||||
it("returns not found when source exam does not exist", async () => {
|
||||
mocks.authMock.mockResolvedValue({ user: { id: "u_admin" } })
|
||||
mocks.ensureLimitMock.mockResolvedValue([{ id: "u_admin", role: "admin" }])
|
||||
mocks.requirePermissionMock.mockResolvedValue(adminCtx())
|
||||
mocks.classLimitMock.mockResolvedValue([{ id: "class_1", teacherId: "teacher_1" }])
|
||||
mocks.examFindFirstMock.mockResolvedValue(null)
|
||||
|
||||
@@ -166,8 +187,7 @@ describe("createHomeworkAssignmentAction", () => {
|
||||
})
|
||||
|
||||
it("blocks publish when class has no active students", async () => {
|
||||
mocks.authMock.mockResolvedValue({ user: { id: "u_admin" } })
|
||||
mocks.ensureLimitMock.mockResolvedValue([{ id: "u_admin", role: "admin" }])
|
||||
mocks.requirePermissionMock.mockResolvedValue(adminCtx())
|
||||
mocks.classLimitMock.mockResolvedValue([{ id: "class_2", teacherId: "teacher_2" }])
|
||||
mocks.examFindFirstMock.mockResolvedValue({
|
||||
id: "exam_2",
|
||||
@@ -189,8 +209,8 @@ describe("createHomeworkAssignmentAction", () => {
|
||||
})
|
||||
|
||||
it("blocks teacher when not assigned to class", async () => {
|
||||
mocks.authMock.mockResolvedValue({ user: { id: "u_teacher" } })
|
||||
mocks.ensureLimitMock.mockResolvedValue([{ id: "u_teacher", role: "teacher" }])
|
||||
const ctx = teacherCtx("u_teacher")
|
||||
mocks.requirePermissionMock.mockResolvedValue(ctx)
|
||||
mocks.classLimitMock.mockResolvedValue([{ id: "class_3", teacherId: "owner_teacher" }])
|
||||
mocks.examFindFirstMock.mockResolvedValue({
|
||||
id: "exam_3",
|
||||
@@ -212,8 +232,8 @@ describe("createHomeworkAssignmentAction", () => {
|
||||
})
|
||||
|
||||
it("blocks teacher when exam subject is not assigned", async () => {
|
||||
mocks.authMock.mockResolvedValue({ user: { id: "u_teacher" } })
|
||||
mocks.ensureLimitMock.mockResolvedValue([{ id: "u_teacher", role: "teacher" }])
|
||||
const ctx = teacherCtx("u_teacher")
|
||||
mocks.requirePermissionMock.mockResolvedValue(ctx)
|
||||
mocks.classLimitMock.mockResolvedValue([{ id: "class_4", teacherId: "owner_teacher" }])
|
||||
mocks.examFindFirstMock.mockResolvedValue({
|
||||
id: "exam_4",
|
||||
@@ -235,8 +255,8 @@ describe("createHomeworkAssignmentAction", () => {
|
||||
})
|
||||
|
||||
it("allows teacher assigned subject to publish", async () => {
|
||||
mocks.authMock.mockResolvedValue({ user: { id: "u_teacher" } })
|
||||
mocks.ensureLimitMock.mockResolvedValue([{ id: "u_teacher", role: "teacher" }])
|
||||
const ctx = teacherCtx("u_teacher")
|
||||
mocks.requirePermissionMock.mockResolvedValue(ctx)
|
||||
mocks.classLimitMock.mockResolvedValue([{ id: "class_5", teacherId: "owner_teacher" }])
|
||||
mocks.examFindFirstMock.mockResolvedValue({
|
||||
id: "exam_5",
|
||||
@@ -260,8 +280,8 @@ describe("createHomeworkAssignmentAction", () => {
|
||||
})
|
||||
|
||||
it("returns exam subject missing for teacher-assigned class", async () => {
|
||||
mocks.authMock.mockResolvedValue({ user: { id: "u_teacher" } })
|
||||
mocks.ensureLimitMock.mockResolvedValue([{ id: "u_teacher", role: "teacher" }])
|
||||
const ctx = teacherCtx("u_teacher")
|
||||
mocks.requirePermissionMock.mockResolvedValue(ctx)
|
||||
mocks.classLimitMock.mockResolvedValue([{ id: "class_6", teacherId: "owner_teacher" }])
|
||||
mocks.examFindFirstMock.mockResolvedValue({
|
||||
id: "exam_6",
|
||||
@@ -283,8 +303,7 @@ describe("createHomeworkAssignmentAction", () => {
|
||||
})
|
||||
|
||||
it("returns class not found when class is missing", async () => {
|
||||
mocks.authMock.mockResolvedValue({ user: { id: "u_admin" } })
|
||||
mocks.ensureLimitMock.mockResolvedValue([{ id: "u_admin", role: "admin" }])
|
||||
mocks.requirePermissionMock.mockResolvedValue(adminCtx())
|
||||
mocks.classLimitMock.mockResolvedValue([])
|
||||
|
||||
const formData = new FormData()
|
||||
|
||||
Reference in New Issue
Block a user