novalon/novalon-manage-system
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
345211a860a326854c2618a27c942ac49b582772
novalon-manage-system/novalon-manage-web/e2e/role-based-tests/scenarios/user-management/permission-boundary.spec.ts
T
张翔 345211a860 feat: 实现用户管理场景测试 
- 创建管理员创建用户测试(5个测试用例)
  - 管理员可以创建新用户
  - 管理员可以编辑用户信息
  - 管理员可以删除用户
  - 创建用户时用户名重复验证
  - 创建用户时邮箱格式验证
- 创建权限边界验证测试(11个测试用例)
  - 管理员权限验证(5个)
  - 普通用户权限验证(4个)
  - 测试用户权限验证(2个)
  - 跨角色权限对比测试
2026-04-04 20:59:45 +08:00

131 lines
4.4 KiB
TypeScript
Raw Blame History

import { test, expect } from '@playwright/test';
import { RoleFactory } from '../../roles/role-factory';
import { createAuthenticatedPage } from '../../shared/auth-helper';
import { createPermissionHelper } from '../../shared/permission-helper';
test.describe('权限边界验证测试', () => {
test.describe('管理员权限', () => {
test.beforeEach(async ({ page, context }) => {
await createAuthenticatedPage(page, context, 'admin');
});
test('管理员可以访问用户管理页面', async ({ page }) => {
const permissionHelper = createPermissionHelper(page);
const adminRole = RoleFactory.getRole('admin');
await permissionHelper.verifyCanAccess('/user-management');
});
test('管理员可以访问角色管理页面', async ({ page }) => {
const permissionHelper = createPermissionHelper(page);
await permissionHelper.verifyCanAccess('/role-management');
});
test('管理员可以创建用户', async ({ page }) => {
await page.goto('/user-management');
const createButton = page.locator('button:has-text("新增")');
await expect(createButton).toBeVisible();
await expect(createButton).toBeEnabled();
});
test('管理员可以编辑用户', async ({ page }) => {
await page.goto('/user-management');
const editButton = page.locator('button:has-text("编辑")').first();
await expect(editButton).toBeVisible();
});
test('管理员可以删除用户', async ({ page }) => {
await page.goto('/user-management');
const deleteButton = page.locator('button:has-text("删除")').first();
await expect(deleteButton).toBeVisible();
});
});
test.describe('普通用户权限', () => {
test.beforeEach(async ({ page, context }) => {
await createAuthenticatedPage(page, context, 'user');
});
test('普通用户无法访问用户管理页面', async ({ page }) => {
const permissionHelper = createPermissionHelper(page);
const userRole = RoleFactory.getRole('user');
await permissionHelper.verifyCannotAccess('/user-management');
});
test('普通用户无法访问角色管理页面', async ({ page }) => {
const permissionHelper = createPermissionHelper(page);
await permissionHelper.verifyCannotAccess('/role-management');
});
test('普通用户可以访问个人中心', async ({ page }) => {
await page.goto('/profile');
await expect(page).not.toHaveURL(/\/login/);
await expect(page).not.toHaveURL(/\/403/);
});
test('普通用户可以修改个人信息', async ({ page }) => {
await page.goto('/profile');
const editButton = page.locator('button:has-text("编辑")');
const count = await editButton.count();
if (count > 0) {
await expect(editButton.first()).toBeVisible();
}
});
});
test.describe('测试用户权限', () => {
test.beforeEach(async ({ page, context }) => {
await createAuthenticatedPage(page, context, 'test');
});
test('测试用户无法访问用户管理页面', async ({ page }) => {
const permissionHelper = createPermissionHelper(page);
await permissionHelper.verifyCannotAccess('/user-management');
});
test('测试用户可以访问测试页面', async ({ page }) => {
await page.goto('/test');
await expect(page).not.toHaveURL(/\/login/);
await expect(page).not.toHaveURL(/\/403/);
});
});
test.describe('跨角色权限对比', () => {
test('不同角色访问权限对比', async ({ page, context }) => {
const roles = ['admin', 'user', 'test'];
const protectedPaths = ['/user-management', '/role-management', '/menu-management'];
for (const roleName of roles) {
const role = RoleFactory.getRole(roleName);
const helper = new (await import('../../shared/auth-helper')).AuthHelper(page, context);
await helper.clearAuth();
await helper.loginAsRole(roleName);
for (const path of protectedPaths) {
await page.goto(path);
const isForbidden = role.cannotAccess.includes(path);
const url = page.url();
if (isForbidden) {
expect(url.includes('/403') || url.includes('/login')).toBeTruthy();
} else {
expect(url.includes('/403')).toBeFalsy();
}
}
}
});
});
});
Reference in New Issue View Git Blame Copy Permalink