import { test, expect } from '@playwright/test'; test.describe('配置权限验证测试', () => { test('未登录访问配置API - GET请求', async ({ request }) => { const response = await request.get('/api/admin/config'); expect(response.status()).toBe(403); const body = await response.json(); expect(body.success).toBe(false); expect(body.error).toBeDefined(); }); test('未登录访问配置API - POST请求', async ({ request }) => { const newConfig = { key: 'test_config', value: { enabled: true }, category: 'feature' }; const response = await request.post('/api/admin/config', { data: newConfig }); expect(response.status()).toBe(403); const body = await response.json(); expect(body.success).toBe(false); expect(body.error).toBeDefined(); }); test('未登录访问配置API - PUT请求', async ({ request }) => { const updates = [ { key: 'feature_services', value: { enabled: false } } ]; const response = await request.put('/api/admin/config', { data: { configs: updates } }); expect(response.status()).toBe(403); const body = await response.json(); expect(body.success).toBe(false); expect(body.error).toBeDefined(); }); test('未登录访问配置API - DELETE请求', async ({ request }) => { const response = await request.delete('/api/admin/config?key=feature_services'); expect(response.status()).toBe(403); const body = await response.json(); expect(body.success).toBe(false); expect(body.error).toBeDefined(); }); test('管理员访问配置API - GET请求成功', async ({ page, request }) => { await page.goto('/admin/login'); await page.fill('input[type="email"]', 'admin@novalon.cn'); await page.fill('input[type="password"]', 'admin123456'); await page.click('button[type="submit"]'); await page.waitForURL('/admin'); const response = await request.get('/api/admin/config'); expect(response.status()).toBe(200); const body = await response.json(); expect(body.success).toBe(true); expect(body.configs).toBeDefined(); }); test('管理员访问配置API - POST请求成功', async ({ page, request }) => { await page.goto('/admin/login'); await page.fill('input[type="email"]', 'admin@novalon.cn'); await page.fill('input[type="password"]', 'admin123456'); await page.click('button[type="submit"]'); await page.waitForURL('/admin'); const newConfig = { key: 'test_config_' + Date.now(), value: { enabled: true }, category: 'feature' }; const response = await request.post('/api/admin/config', { data: newConfig }); expect(response.status()).toBe(201); const body = await response.json(); expect(body.success).toBe(true); expect(body.configs).toBeDefined(); }); test('管理员访问配置API - PUT请求成功', async ({ page, request }) => { await page.goto('/admin/login'); await page.fill('input[type="email"]', 'admin@novalon.cn'); await page.fill('input[type="password"]', 'admin123456'); await page.click('button[type="submit"]'); await page.waitForURL('/admin'); const updates = [ { key: 'feature_services', value: { enabled: false } } ]; const response = await request.put('/api/admin/config', { data: { configs: updates } }); expect(response.status()).toBe(200); const body = await response.json(); expect(body.success).toBe(true); expect(body.configs).toBeDefined(); }); test('管理员访问配置API - DELETE请求成功', async ({ page, request }) => { await page.goto('/admin/login'); await page.fill('input[type="email"]', 'admin@novalon.cn'); await page.fill('input[type="password"]', 'admin123456'); await page.click('button[type="submit"]'); await page.waitForURL('/admin'); const response = await request.delete('/api/admin/config?key=feature_services'); expect(response.status()).toBe(200); const body = await response.json(); expect(body.success).toBe(true); expect(body.data).toBeDefined(); }); });