""" 系统设置模块测试 —— /api/settings 覆盖: 部门树 / 角色CRUD / 员工CRUD / 重置密码 / 权限守卫 """ import uuid import pytest from httpx import AsyncClient from tests.conftest import ( ADMIN_USER_ID, SALES_USER_ID, DEPT_ID, ADMIN_ROLE_ID, SALES_ROLE_ID, ) class TestDeptTree: """GET /api/settings/departments/tree""" async def test_admin_get_dept_tree(self, client: AsyncClient, admin_headers): """管理员 → 200 + 部门树""" resp = await client.get("/api/settings/departments/tree", headers=admin_headers) assert resp.status_code == 200 assert isinstance(resp.json()["data"], list) async def test_sales_get_dept_tree_forbidden(self, client: AsyncClient, sales_headers): """普通销售 → 403""" resp = await client.get("/api/settings/departments/tree", headers=sales_headers) assert resp.status_code == 403 class TestRoles: """/api/settings/roles""" async def test_list_roles(self, client: AsyncClient, admin_headers): """角色列表 → 200""" resp = await client.get("/api/settings/roles", headers=admin_headers) assert resp.status_code == 200 data = resp.json()["data"] assert len(data) >= 2 # admin + sales async def test_create_role(self, client: AsyncClient, admin_headers): """新增角色 → 200""" resp = await client.post("/api/settings/roles", headers=admin_headers, json={ "role_name": "财务主管", "data_scope": "dept_and_sub", "menu_keys": ["finance", "dashboard"], "description": "财务部门主管角色", }) assert resp.status_code == 200 assert resp.json()["data"]["role_name"] == "财务主管" async def test_create_duplicate_role(self, client: AsyncClient, admin_headers): """重复角色名 → 400""" resp = await client.post("/api/settings/roles", headers=admin_headers, json={ "role_name": "管理员", # 已存在 "data_scope": "all", }) assert resp.status_code == 400 async def test_update_role(self, client: AsyncClient, admin_headers): """修改角色 → 200""" resp = await client.put( f"/api/settings/roles/{SALES_ROLE_ID}", headers=admin_headers, json={"description": "基础销售角色-已更新"} ) assert resp.status_code == 200 async def test_sales_cannot_manage_roles(self, client: AsyncClient, sales_headers): """普通销售管理角色 → 403""" resp = await client.get("/api/settings/roles", headers=sales_headers) assert resp.status_code == 403 class TestUsers: """/api/settings/users""" async def test_list_users(self, client: AsyncClient, admin_headers): """员工列表 → 200""" resp = await client.get("/api/settings/users", headers=admin_headers) assert resp.status_code == 200 data = resp.json()["data"] assert data["total"] >= 2 async def test_create_user(self, client: AsyncClient, admin_headers): """开通新账号 → 200""" resp = await client.post("/api/settings/users", headers=admin_headers, json={ "username": "newuser01", "password": "test123456", "real_name": "新员工", "dept_id": str(DEPT_ID), "role_id": str(SALES_ROLE_ID), }) assert resp.status_code == 200 assert resp.json()["data"]["username"] == "newuser01" async def test_create_duplicate_username(self, client: AsyncClient, admin_headers): """重复用户名 → 400""" resp = await client.post("/api/settings/users", headers=admin_headers, json={ "username": "admin", # 已存在 "password": "123456", "real_name": "重复用户", }) assert resp.status_code == 400 async def test_update_user(self, client: AsyncClient, admin_headers): """编辑员工 → 200""" resp = await client.put( f"/api/settings/users/{SALES_USER_ID}", headers=admin_headers, json={"real_name": "销售01-改名", "phone": "13800000001"} ) assert resp.status_code == 200 async def test_reset_password(self, client: AsyncClient, admin_headers): """重置密码 → 200""" resp = await client.put( f"/api/settings/users/{SALES_USER_ID}/reset-password", headers=admin_headers, json={"new_password": "reset999"} ) assert resp.status_code == 200 async def test_sales_cannot_manage_users(self, client: AsyncClient, sales_headers): """普通销售无法管理员工 → 403""" resp = await client.get("/api/settings/users", headers=sales_headers) assert resp.status_code == 403