feat: 修复测试套件问题并添加Woodpecker CI配置

- 修复API测试认证问题：创建全局认证设置，更新Playwright配置 - 优化回归测试稳定性：增加超时时间到15秒，修复定位器 - 创建Woodpecker CI工作流：CI、部署和质量门禁配置 - 添加Jest配置和测试脚本 - 移除登录页面的默认账号密码显示（安全问题修复）
2026-03-09 10:26:02 +08:00
parent 96c96fe75d
commit 6d92024b63
68 changed files with 5584 additions and 167 deletions
@@ -0,0 +1,149 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { db } from '@/db';
+import { content } from '@/db/schema';
+import { auth } from '@/lib/auth';
+import { hasPermission } from '@/lib/auth/permissions';
+import { createAuditLog } from '@/lib/audit';
+import { eq, desc, and, like, sql } from 'drizzle-orm';
+import { nanoid } from 'nanoid';
+
+export async function GET(request: NextRequest) {
+  try {
+    const session = await auth();
+    
+    if (!session?.user) {
+      return NextResponse.json({ error: '未授权' }, { status: 401 });
+    }
+
+    const userRole = session.user.role as 'admin' | 'editor' | 'viewer';
+    
+    if (!hasPermission(userRole, 'content', 'read')) {
+      return NextResponse.json({ error: '无权限' }, { status: 403 });
+    }
+
+    const { searchParams } = new URL(request.url);
+    const type = searchParams.get('type');
+    const status = searchParams.get('status');
+    const search = searchParams.get('search');
+    const page = parseInt(searchParams.get('page') || '1');
+    const limit = parseInt(searchParams.get('limit') || '20');
+    const offset = (page - 1) * limit;
+
+    const conditions = [];
+    
+    if (type) {
+      conditions.push(eq(content.type, type as 'news' | 'product' | 'service' | 'case'));
+    }
+    
+    if (status) {
+      conditions.push(eq(content.status, status as 'draft' | 'published' | 'archived'));
+    }
+    
+    if (search) {
+      conditions.push(like(content.title, `%${search}%`));
+    }
+
+    const whereClause = conditions.length > 0 ? and(...conditions) : undefined;
+
+    const [items, countResult] = await Promise.all([
+      db
+        .select()
+        .from(content)
+        .where(whereClause)
+        .orderBy(desc(content.createdAt))
+        .limit(limit)
+        .offset(offset),
+      db
+        .select({ count: sql<number>`count(*)` })
+        .from(content)
+        .where(whereClause),
+    ]);
+
+    const total = countResult[0]?.count || 0;
+
+    return NextResponse.json({
+      items,
+      pagination: {
+        page,
+        limit,
+        total,
+        totalPages: Math.ceil(total / limit),
+      },
+    });
+  } catch (error) {
+    console.error('获取内容列表失败:', error);
+    return NextResponse.json({ error: '服务器错误' }, { status: 500 });
+  }
+}
+
+export async function POST(request: NextRequest) {
+  try {
+    const session = await auth();
+    
+    if (!session?.user) {
+      return NextResponse.json({ error: '未授权' }, { status: 401 });
+    }
+
+    const userRole = session.user.role as 'admin' | 'editor' | 'viewer';
+    
+    if (!hasPermission(userRole, 'content', 'create')) {
+      return NextResponse.json({ error: '无权限' }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const { type, title, slug, excerpt, contentBody, coverImage, category, tags, status: contentStatus, metadata } = body;
+
+    if (!type || !title || !slug) {
+      return NextResponse.json({ error: '缺少必要字段' }, { status: 400 });
+    }
+
+    const existingContent = await db
+      .select()
+      .from(content)
+      .where(eq(content.slug, slug))
+      .limit(1);
+
+    if (existingContent.length > 0) {
+      return NextResponse.json({ error: 'Slug 已存在' }, { status: 400 });
+    }
+
+    const now = new Date();
+    const newContent = await db
+      .insert(content)
+      .values({
+        id: nanoid(),
+        type,
+        title,
+        slug,
+        excerpt: excerpt || null,
+        content: contentBody || '',
+        coverImage: coverImage || null,
+        category: category || null,
+        tags: tags || [],
+        status: contentStatus || 'draft',
+        publishedAt: contentStatus === 'published' ? now : null,
+        authorId: session.user.id,
+        metadata: metadata || null,
+        createdAt: now,
+        updatedAt: now,
+      })
+      .returning();
+
+    await createAuditLog({
+      userId: session.user.id,
+      action: 'create',
+      resourceType: 'content',
+      resourceId: newContent[0]!.id,
+      details: {
+        type,
+        title,
+        status: contentStatus || 'draft',
+      },
+    });
+
+    return NextResponse.json(newContent[0], { status: 201 });
+  } catch (error) {
+    console.error('创建内容失败:', error);
+    return NextResponse.json({ error: '服务器错误' }, { status: 500 });
+  }
+}