'Bearer '.JWTAuth::fromUser($user)]; } public function test_can_create_user(): void { $admin = User::factory()->create(); $response = $this->withHeaders($this->authHeader($admin))->postJson('/api/users', [ 'name' => 'Alice', 'email' => 'alice@example.com', 'password' => 'Password123', ]); $response->assertCreated()->assertJsonFragment([ 'name' => 'Alice', 'email' => 'alice@example.com', 'is_active' => true, ]); $this->assertDatabaseHas('users', [ 'email' => 'alice@example.com', 'is_active' => true, ]); $user = User::whereEmail('alice@example.com')->first(); $this->assertNotNull($user); $this->assertTrue(Hash::check('Password123', $user->password)); } public function test_can_list_users(): void { $admin = User::factory()->create(['name' => 'Admin']); $activeUser = User::factory()->create(['name' => 'Active User', 'email' => 'active@example.com']); $inactiveUser = User::factory()->create(['name' => 'Inactive User', 'email' => 'inactive@example.com', 'is_active' => false]); $response = $this->withHeaders($this->authHeader($admin))->getJson('/api/users'); $response->assertOk()->assertJsonStructure([ 'data' => [ ['id', 'name', 'email', 'is_active', 'created_at', 'updated_at'], ], 'links', 'meta', ]); $response->assertJsonCount(3, 'data'); $response->assertJsonFragment(['email' => $activeUser->email, 'is_active' => true]); $response->assertJsonFragment(['email' => $inactiveUser->email, 'is_active' => false]); } public function test_can_update_user(): void { $admin = User::factory()->create(); $user = User::factory()->create(); $response = $this->withHeaders($this->authHeader($admin))->putJson("/api/users/{$user->id}", [ 'name' => 'Updated User', 'email' => 'updated@example.com', 'password' => 'NewPassword123', ]); $response->assertOk()->assertJsonFragment([ 'id' => $user->id, 'name' => 'Updated User', 'email' => 'updated@example.com', 'is_active' => true, ]); $user->refresh(); $this->assertEquals('Updated User', $user->name); $this->assertEquals('updated@example.com', $user->email); $this->assertTrue(Hash::check('NewPassword123', $user->password)); } public function test_can_deactivate_and_activate_user(): void { $admin = User::factory()->create(); $user = User::factory()->create(); $deactivate = $this->withHeaders($this->authHeader($admin))->postJson("/api/users/{$user->id}/deactivate"); $deactivate->assertOk()->assertJsonFragment(['is_active' => false]); $this->assertDatabaseHas('users', [ 'id' => $user->id, 'is_active' => false, ]); $activate = $this->withHeaders($this->authHeader($admin))->postJson("/api/users/{$user->id}/activate"); $activate->assertOk()->assertJsonFragment(['is_active' => true]); $this->assertDatabaseHas('users', [ 'id' => $user->id, 'is_active' => true, ]); } public function test_user_can_login_and_receive_jwt(): void { $password = 'Password123'; $user = User::factory()->create([ 'password' => Hash::make($password), ]); $response = $this->postJson('/api/login', [ 'email' => $user->email, 'password' => $password, ]); $response->assertOk()->assertJsonStructure([ 'token', 'token_type', 'expires_in', 'user' => ['id', 'name', 'email', 'is_active'], ]); } public function test_inactive_user_cannot_login(): void { $user = User::factory()->create([ 'password' => Hash::make('Password123'), 'is_active' => false, ]); $response = $this->postJson('/api/login', [ 'email' => $user->email, 'password' => 'Password123', ]); $response->assertForbidden()->assertJson([ 'message' => '用户已停用', ]); } public function test_database_seeder_creates_root_user(): void { $this->seed(); $root = User::whereEmail('root@example.com')->first(); $this->assertNotNull($root); $this->assertEquals('root', $root->name); $this->assertTrue($root->is_active); $this->assertTrue(Hash::check('Root@123456', $root->password)); } }