gitdataai/admin/tests/02-admin-api.spec.ts

import { test, expect } from "@playwright/test";

const ADMIN_USER = process.env.ADMIN_TEST_USERNAME || "admin";
const ADMIN_PASS = process.env.ADMIN_TEST_PASSWORD || "admin123";

async function checkBackendAvailable(): Promise<boolean> {
  try {
    const ctrl = new AbortController();
    const id = setTimeout(() => ctrl.abort(), 2000);
    const res = await fetch("http://localhost:3001/api/health", { signal: ctrl.signal });
    clearTimeout(id);
    return res.ok;
  } catch {
    return false;
  }
}

async function uiLogin(page: Parameters<typeof test>[0]): Promise<boolean> {
  try {
    await page.goto("/login");
    await page.fill("input#username", ADMIN_USER);
    await page.fill("input#password", ADMIN_PASS);
    await page.click('button[type="submit"]');
    await page.waitForURL((url) => !url.toString().includes("/login"), { timeout: 8000 });
    return true;
  } catch {
    return false;
  }
}

test.describe("Admin 用户管理 API", () => {
  test("GET /api/users 返回分页用户列表", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/users");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.users)).toBe(true);
    expect(typeof data.total).toBe("number");
  });

  test("GET /api/users 支持分页参数", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/users?page=1&pageSize=5");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(data.users.length).toBeLessThanOrEqual(5);
  });

  test("GET /api/users 支持搜索", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/users?search=admin");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.users)).toBe(true);
  });

  test("POST /api/users 创建并删除用户", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const randomUser = `testuser_${Date.now()}`;
    const createRes = await page.request.post("/api/users", {
      data: { username: randomUser, password: "TestPass123!", roleIds: [] },
    });
    expect(createRes.status(), await createRes.text()).toBeLessThanOrEqual(201);
    const created = await createRes.json();
    if (created.user?.id) {
      await page.request.delete(`/api/users/${created.user.id}`);
    }
  });

  test("POST /api/users 缺少密码返回错误", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const randomUser = `testuser_${Date.now()}`;
    const res = await page.request.post("/api/users", {
      data: { username: randomUser },
    });
    expect(res.status()).toBeGreaterThanOrEqual(400);
  });

  test("DELETE /api/users/[id] 删除用户", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const randomUser = `deluser_${Date.now()}`;
    const createRes = await page.request.post("/api/users", {
      data: { username: randomUser, password: "TestPass123!", roleIds: [] },
    });
    const created = await createRes.json();
    if (!created.user?.id) { return; }
    const deleteRes = await page.request.delete(`/api/users/${created.user.id}`);
    expect([200, 204]).toContain(deleteRes.status());
  });

  test("角色列表 API", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/roles");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.roles)).toBe(true);
  });

  test("权限列表 API", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/permissions");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.permissions)).toBe(true);
  });

  test("审计日志 API", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/logs");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.logs)).toBe(true);
  });

  test("GET /api/sessions 返回 Admin 在线会话", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/sessions");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.sessions)).toBe(true);
  });

  test("GET /api/roles/[id] 返回角色详情（含权限）", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const listRes = await page.request.get("/api/roles");
    const listData = await listRes.json();
    if (!listData.roles?.length) { return; }
    const roleId = listData.roles[0].id;
    const res = await page.request.get(`/api/roles/${roleId}`);
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(data).toHaveProperty("id");
    expect(data).toHaveProperty("name");
  });

  test("POST /api/roles 创建并删除角色", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const randomRole = `testrole_${Date.now()}`;
    const createRes = await page.request.post("/api/roles", {
      data: { name: randomRole, description: "Test role" },
    });
    expect(createRes.status(), await createRes.text()).toBeLessThanOrEqual(201);
    const created = await createRes.json();
    if (created.id) {
      const deleteRes = await page.request.delete(`/api/roles/${created.id}`);
      expect([200, 204]).toContain(deleteRes.status());
    }
  });
});

test.describe("平台数据 API", () => {
  test("GET /api/platform/stats 返回平台统计", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/platform/stats");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(data).toHaveProperty("stats");
    expect(data.stats).toHaveProperty("userCount");
    expect(data.stats).toHaveProperty("workspaceCount");
  });

  test("GET /api/platform/users 返回用户列表", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/platform/users");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.users)).toBe(true);
  });

  test("GET /api/platform/workspaces 返回 workspace 列表", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/platform/workspaces");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.workspaces) || Array.isArray(data)).toBe(true);
  });

  test("GET /api/platform/rooms 返回房间列表", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/platform/rooms");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.rooms) || Array.isArray(data)).toBe(true);
  });

  test("GET /api/platform/repos 返回仓库列表", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/platform/repos");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.repos) || Array.isArray(data)).toBe(true);
  });

  test("GET /api/platform/activity-stats 返回活动统计", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/platform/activity-stats");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(data).toHaveProperty("dau");
    expect(data).toHaveProperty("mau");
  });

  test("GET /api/platform/audit-logs 返回审计日志", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/platform/audit-logs");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.logs) || Array.isArray(data)).toBe(true);
  });

  test("GET /api/platform/sessions 返回平台会话", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/platform/sessions");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.sessions) || Array.isArray(data)).toBe(true);
  });

  test("GET /api/admin/projects 返回项目列表", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/admin/projects");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.projects) || Array.isArray(data)).toBe(true);
    expect(typeof data.total).toBe("number");
  });

  test("GET /api/admin/projects 支持分页参数", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/admin/projects?page=1&pageSize=5");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(data.projects.length).toBeLessThanOrEqual(5);
  });

  test("GET /api/admin/projects 支持搜索", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/admin/projects?search=test");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.projects)).toBe(true);
  });

  test("GET /api/platform/ai 返回 AI Provider/Model/定价", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const res = await page.request.get("/api/platform/ai");
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(Array.isArray(data.providers)).toBe(true);
    expect(Array.isArray(data.models)).toBe(true);
    expect(Array.isArray(data.pricing)).toBe(true);
  });

  test("GET /api/platform/workspaces/[id] 返回 Workspace 详情", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const listRes = await page.request.get("/api/platform/workspaces?pageSize=1");
    const listData = await listRes.json();
    if (!listData.workspaces?.length) { return; }
    const wsId = listData.workspaces[0].id;
    const res = await page.request.get(`/api/platform/workspaces/${wsId}`);
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(data).toHaveProperty("workspace");
    expect(data).toHaveProperty("members");
    expect(data).toHaveProperty("projects");
    expect(data).toHaveProperty("billingHistory");
  });

  test("POST /api/platform/ai/sync 同步 AI 模型（需要 Rust 后端配置）", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const rustUrl = process.env.RUST_BACKEND_URL;
    const apiKey = process.env.ADMIN_API_SHARED_KEY;
    if (!rustUrl || !apiKey) { return; }
    const res = await page.request.post("/api/platform/ai/sync");
    expect([200, 500]).toContain(res.status());
  });

  test("POST /api/platform/alerts/check 检查告警（需要 Rust 后端配置）", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const rustUrl = process.env.RUST_BACKEND_URL;
    const apiKey = process.env.ADMIN_API_SHARED_KEY;
    if (!rustUrl || !apiKey) { return; }
    const res = await page.request.post("/api/platform/alerts/check");
    expect([200, 500]).toContain(res.status());
  });

  test("GET /api/platform/workspaces/[id]/alert-config 获取告警配置", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const listRes = await page.request.get("/api/platform/workspaces?pageSize=1");
    const listData = await listRes.json();
    if (!listData.workspaces?.length) { return; }
    const wsId = listData.workspaces[0].id;
    const getRes = await page.request.get(`/api/platform/workspaces/${wsId}/alert-config`);
    expect([200, 404]).toContain(getRes.status());
  });

  test("GET /api/platform/rooms/[id]/messages 返回房间消息", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const listRes = await page.request.get("/api/platform/rooms?pageSize=1");
    const listData = await listRes.json();
    if (!listData.rooms?.length) { return; }
    const roomId = listData.rooms[0].id;
    const res = await page.request.get(`/api/platform/rooms/${roomId}/messages`);
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(data).toHaveProperty("messages");
    expect(Array.isArray(data.messages)).toBe(true);
  });

  test("GET /api/admin/projects/[id] 返回项目详情", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const listRes = await page.request.get("/api/admin/projects?pageSize=1");
    const listData = await listRes.json();
    if (!listData.projects?.length) { return; }
    const projId = listData.projects[0].id;
    const res = await page.request.get(`/api/admin/projects/${projId}`);
    expect(res.status()).toBe(200);
    const data = await res.json();
    expect(data).toHaveProperty("project");
    expect(data).toHaveProperty("members");
  });

  test("GET /api/admin/projects/[id]/billing 返回项目账单信息", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const listRes = await page.request.get("/api/admin/projects?pageSize=1");
    const listData = await listRes.json();
    if (!listData.projects?.length) { return; }
    const projId = String(listData.projects[0].id);
    const res = await page.request.get(`/api/admin/projects/${projId}/billing`);
    expect([200, 404]).toContain(res.status());
  });

  test("POST /api/admin/projects/[id]/billing 充值", async ({ page }) => {
    if (!await checkBackendAvailable()) { test.skip(); }
    if (!await uiLogin(page)) { test.skip(); }

    const listRes = await page.request.get("/api/admin/projects?pageSize=1");
    const listData = await listRes.json();
    if (!listData.projects?.length) { return; }
    const projId = String(listData.projects[0].id);
    const res = await page.request.post(`/api/admin/projects/${projId}/billing`, {
      data: { amount: 0.01, description: "Test credit" },
    });
    expect([200, 404, 500]).toContain(res.status());
  });
});

test.describe("中间件权限控制", () => {
  test("未登录访问受保护 API 返回 401", async ({ request }) => {
    const res = await request.get("http://localhost:3001/api/users");
    expect(res.status()).toBe(401);
  });

  test("无效 API Token 返回 401", async ({ request }) => {
    const res = await request.get("http://localhost:3001/api/users", {
      headers: { Authorization: "Bearer invalid_token_123" },
    });
    expect(res.status()).toBe(401);
  });
});