novalon/gym-manage
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
44215d3b2dccd448d15969e0b421ae26acfacd3c
gym-manage/e2e-tests/journeys/user-permission-boundary.spec.ts
T
张翔 44215d3b2d test(e2e): 改进 Playwright 测试框架和 E2E 测试 
- 更新 Playwright 配置,添加认证状态管理和 setup 项目
- 优化 E2E 测试用例,简化测试流程
- 添加 auth-debug.spec.ts 用于调试认证问题
- 添加 playwright/.auth/user.json 认证状态文件
2026-04-18 13:06:07 +08:00

120 lines
4.5 KiB
TypeScript
Raw Blame History

import { test, expect } from '@playwright/test';
test.describe('用户权限边界验证', () => {
test('管理员可以访问所有管理功能', async ({ page }) => {
await test.step('验证可以访问用户管理', async () => {
await page.goto('/users');
await page.waitForLoadState('networkidle');
await expect(page).toHaveURL(/.*users/);
await expect(page.locator('.el-table')).toBeVisible({ timeout: 10000 });
});
await test.step('验证可以访问角色管理', async () => {
await page.goto('/roles');
await page.waitForLoadState('networkidle');
await expect(page).toHaveURL(/.*roles/);
await expect(page.locator('.el-table')).toBeVisible({ timeout: 10000 });
});
await test.step('验证可以访问菜单管理', async () => {
await page.goto('/menus');
await page.waitForLoadState('networkidle');
await expect(page).toHaveURL(/.*menus/);
await expect(page.locator('.el-table')).toBeVisible({ timeout: 10000 });
});
});
test('普通用户登录后可以访问页面但API操作受限', async ({ page }) => {
await test.step('管理员登出', async () => {
await page.goto('/dashboard');
await page.waitForLoadState('domcontentloaded');
await page.waitForTimeout(1000);
const avatarButton = page.locator('.el-avatar').first();
await avatarButton.click({ timeout: 10000 });
await page.waitForTimeout(500);
await page.locator('text=退出登录').click();
await page.waitForURL(/.*login/, { timeout: 10000 });
});
await test.step('普通用户登录', async () => {
await page.goto('/login');
await page.waitForLoadState('domcontentloaded');
await page.waitForTimeout(1000);
const usernameInput = page.locator('input[placeholder*="用户名"]');
const passwordInput = page.locator('input[placeholder*="密码"]');
const loginButton = page.locator('button:has-text("登录")');
await usernameInput.waitFor({ state: 'visible' });
await usernameInput.fill('user');
await passwordInput.waitFor({ state: 'visible' });
await passwordInput.fill('Test@123');
await loginButton.waitFor({ state: 'visible' });
await loginButton.click();
await page.waitForURL('**/dashboard', { timeout: 30000 });
});
await test.step('验证普通用户可以访问用户管理页面', async () => {
await page.goto('/users');
await page.waitForLoadState('networkidle');
await expect(page).toHaveURL(/.*users/);
});
await test.step('验证普通用户无法创建用户', async () => {
const createButton = page.locator('button:has-text("新增用户")');
if (await createButton.isVisible()) {
await createButton.click();
await page.waitForTimeout(2000);
const errorMessage = page.locator('.el-message--error');
const hasError = await errorMessage.isVisible().catch(() => false);
expect(hasError || await page.locator('.el-dialog').isVisible()).toBeTruthy();
}
});
});
test('权限不足时API返回403错误', async ({ page }) => {
await test.step('管理员登出', async () => {
await page.goto('/dashboard');
await page.waitForLoadState('domcontentloaded');
await page.waitForTimeout(1000);
const avatarButton = page.locator('.el-avatar').first();
await avatarButton.click({ timeout: 10000 });
await page.waitForTimeout(500);
await page.locator('text=退出登录').click();
await page.waitForURL(/.*login/, { timeout: 10000 });
});
await test.step('普通用户登录', async () => {
await page.goto('/login');
await page.waitForLoadState('networkidle');
const usernameInput = page.locator('input[placeholder*="用户名"]');
const passwordInput = page.locator('input[placeholder*="密码"]');
const loginButton = page.locator('button:has-text("登录")');
await usernameInput.waitFor({ state: 'visible' });
await usernameInput.fill('user');
await passwordInput.waitFor({ state: 'visible' });
await passwordInput.fill('Test@123');
await loginButton.waitFor({ state: 'visible' });
await loginButton.click();
await page.waitForURL('**/dashboard', { timeout: 30000 });
});
await test.step('尝试访问受限API', async () => {
const response = await page.request.get('/api/users?page=0&size=10');
expect([200, 401, 403]).toContain(response.status());
});
});
});
Reference in New Issue View Git Blame Copy Permalink