'superlevel'], ['body' => '100']); Sysparam::updateOrCreate(['alias' => 'level_kick'], ['body' => '15']); Sysparam::updateOrCreate(['alias' => 'level_mute'], ['body' => '15']); Sysparam::updateOrCreate(['alias' => 'level_ban'], ['body' => '15']); Sysparam::updateOrCreate(['alias' => 'level_banip'], ['body' => '15']); Sysparam::updateOrCreate(['alias' => 'smtp_enabled'], ['body' => '1']); // Allow email changing in tests } /** * 测试可以查看用户资料卡接口。 */ public function test_can_view_user_profile() { $user = User::factory()->create([ 'username' => 'testuser', 'user_level' => 10, ]); $this->actingAs($user); $response = $this->getJson("/user/{$user->username}"); $response->assertStatus(200) ->assertJsonPath('data.username', 'testuser') ->assertJsonPath('data.user_level', 10); } /** * 测试不改邮箱时可以正常更新个人资料。 */ public function test_can_update_profile_without_email_change() { $user = User::factory()->create([ 'username' => 'testuser', 'email' => 'old@example.com', 'sign' => 'old sign', ]); $this->actingAs($user); $response = $this->putJson('/user/profile', [ 'email' => 'old@example.com', 'sign' => 'new sign', 'sex' => 1, 'headface' => 'avatar1.png', ]); $response->assertStatus(200) ->assertJsonPath('status', 'success'); $user->refresh(); $this->assertEquals('new sign', $user->sign); } /** * 测试改邮箱但未提交验证码时会被拒绝。 */ public function test_cannot_update_email_without_verification_code() { $user = User::factory()->create([ 'username' => 'testuser', 'email' => 'old@example.com', ]); $this->actingAs($user); $response = $this->putJson('/user/profile', [ 'email' => 'new@example.com', 'sex' => 1, 'headface' => 'avatar1.png', ]); $response->assertStatus(422) ->assertJsonPath('status', 'error') ->assertJsonPath('message', '新邮箱需要验证码，请先获取并填写验证码。'); } /** * 测试提供有效验证码后可以成功修改邮箱。 */ public function test_can_update_email_with_valid_code() { $user = User::factory()->create([ 'username' => 'testuser', 'email' => 'old@example.com', ]); Cache::put("email_verify_code_{$user->id}_new@example.com", '123456', 5); $this->actingAs($user); $response = $this->putJson('/user/profile', [ 'email' => 'new@example.com', 'email_code' => '123456', 'sex' => 1, 'headface' => 'avatar1.png', ]); $response->assertStatus(200); $user->refresh(); $this->assertEquals('new@example.com', $user->email); } /** * 测试可以保存聊天室屏蔽与禁音偏好。 */ public function test_can_update_chat_preferences(): void { $user = User::factory()->create([ 'chat_preferences' => null, ]); $response = $this->actingAs($user)->putJson('/user/chat-preferences', [ 'blocked_system_senders' => ['钓鱼播报', '神秘箱子', '跑马'], 'sound_muted' => true, ]); $response->assertOk() ->assertJsonPath('status', 'success') ->assertJsonPath('data.blocked_system_senders.0', '钓鱼播报') ->assertJsonPath('data.blocked_system_senders.1', '神秘箱子') ->assertJsonPath('data.blocked_system_senders.2', '跑马') ->assertJsonPath('data.sound_muted', true); $user->refresh(); $this->assertEquals([ 'blocked_system_senders' => ['钓鱼播报', '神秘箱子', '跑马'], 'sound_muted' => true, ], $user->chat_preferences); } /** * 测试合法聊天室当日状态可以保存，并在当天结束后自动失效。 */ public function test_can_update_daily_status_until_end_of_day(): void { Carbon::setTestNow('2026-04-24 10:36:00'); try { $user = User::factory()->create([ 'username' => 'status-user', ]); $room = $this->enterRoomForUser($user); $response = $this->actingAs($user)->putJson(route('user.update_daily_status'), [ 'room_id' => $room->id, 'action' => 'set', 'status_key' => 'working_hard', ]); $expectedExpiry = now()->endOfDay(); $response->assertOk() ->assertJsonPath('status', 'success') ->assertJsonPath('data.status.key', 'working_hard') ->assertJsonPath('data.status.label', '搬砖') ->assertJsonPath('data.status.group', '工作学习'); $user->refresh(); $this->assertSame('working_hard', $user->daily_status_key); $this->assertSame( $expectedExpiry->toDateTimeString(), $user->daily_status_expires_at?->toDateTimeString() ); // 时间推进到次日，验证在线名单服务不再返回已过期状态。 Carbon::setTestNow($expectedExpiry->copy()->addSecond()); $this->assertNull(app(ChatUserPresenceService::class)->currentDailyStatus($user->fresh())); } finally { Carbon::setTestNow(); } } /** * 测试非法聊天室当日状态键会返回 422 校验错误。 */ public function test_invalid_daily_status_key_returns_validation_error(): void { $user = User::factory()->create(); $room = Room::create([ 'room_name' => 'dsinvalid', 'room_owner' => 'someone', ]); $response = $this->actingAs($user)->putJson(route('user.update_daily_status'), [ 'room_id' => $room->id, 'action' => 'set', 'status_key' => 'not-a-real-status', ]); $response->assertStatus(422) ->assertJsonValidationErrors('status_key'); } /** * 测试清除聊天室当日状态后会把状态字段置空。 */ public function test_clear_daily_status_resets_status_fields(): void { $user = User::factory()->create([ 'daily_status_key' => 'working_hard', 'daily_status_expires_at' => now()->endOfDay(), ]); $room = $this->enterRoomForUser($user); $response = $this->actingAs($user)->putJson(route('user.update_daily_status'), [ 'room_id' => $room->id, 'action' => 'clear', ]); $response->assertOk() ->assertJsonPath('status', 'success') ->assertJsonPath('message', '状态已清除。') ->assertJsonPath('data.status', null); $user->refresh(); $this->assertNull($user->daily_status_key); $this->assertNull($user->daily_status_expires_at); } public function test_can_change_password() { $user = User::factory()->create([ 'username' => 'testuser', 'password' => Hash::make('oldpassword'), ]); $this->actingAs($user); $response = $this->putJson('/user/password', [ 'old_password' => 'oldpassword', 'new_password' => 'newpassword123', 'new_password_confirmation' => 'newpassword123', ]); $response->assertStatus(200) ->assertJsonPath('status', 'success'); $user->refresh(); $this->assertTrue(Hash::check('newpassword123', $user->password)); } public function test_admin_can_kick_user() { $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]); $target = User::factory()->create(['username' => 'target', 'user_level' => 1]); $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']); $this->actingAs($admin); $response = $this->postJson("/user/{$target->username}/kick", [ 'room_id' => $room->id, ]); $response->assertStatus(200) ->assertJsonPath('status', 'success'); } public function test_low_level_user_cannot_kick() { $user = User::factory()->create(['username' => 'user', 'user_level' => 1]); $target = User::factory()->create(['username' => 'target', 'user_level' => 1]); $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']); $this->actingAs($user); $response = $this->postJson("/user/{$target->username}/kick", [ 'room_id' => $room->id, ]); $response->assertStatus(403); } public function test_room_master_can_kick() { $user = User::factory()->create(['username' => 'user', 'user_level' => 2]); $target = User::factory()->create(['username' => 'target', 'user_level' => 1]); $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'user']); // Master is 'user' $this->actingAs($user); $response = $this->postJson("/user/{$target->username}/kick", [ 'room_id' => $room->id, ]); if ($response->status() !== 200) { dump($response->json()); } $response->assertStatus(200); } public function test_cannot_kick_higher_level() { $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]); $superadmin = User::factory()->create(['username' => 'superadmin', 'user_level' => 100]); $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']); $this->actingAs($admin); $response = $this->postJson("/user/{$superadmin->username}/kick", [ 'room_id' => $room->id, ]); $response->assertStatus(403); } public function test_admin_can_mute_user() { $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]); $target = User::factory()->create(['username' => 'target', 'user_level' => 1]); $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']); Redis::shouldReceive('setex')->once(); $this->actingAs($admin); $response = $this->postJson("/user/{$target->username}/mute", [ 'room_id' => $room->id, 'duration' => 10, ]); $response->assertStatus(200); } public function test_admin_can_ban_user() { $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]); $target = User::factory()->create(['username' => 'target', 'user_level' => 1]); $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']); $this->actingAs($admin); $response = $this->postJson("/user/{$target->username}/ban", [ 'room_id' => $room->id, ]); $response->assertStatus(200); $target->refresh(); $this->assertEquals(-1, $target->user_level); } public function test_admin_can_ban_ip() { $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]); $target = User::factory()->create(['username' => 'target', 'user_level' => 1, 'last_ip' => '192.168.1.100']); $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']); Redis::shouldReceive('sadd')->with('banned_ips', '192.168.1.100')->once(); $this->actingAs($admin); $response = $this->postJson("/user/{$target->username}/banip", [ 'room_id' => $room->id, ]); $response->assertStatus(200); $target->refresh(); $this->assertEquals(-1, $target->user_level); } /** * 让指定用户先进入聊天室，满足“仅在线用户可设置状态”的前置条件。 */ private function enterRoomForUser(User $user): Room { $room = Room::create([ 'room_name' => 'dsr'.$user->id, 'room_owner' => 'someone', ]); $this->actingAs($user) ->get(route('chat.room', $room->id)) ->assertOk(); return $room; } }