chatroom/tests/Feature/UserControllerTest.php

<?php

/**
 * 文件功能：用户控制器功能测试
 * 覆盖个人资料、密码与聊天室偏好设置等关键接口。
 */

namespace Tests\Feature;

use App\Models\Room;
use App\Models\Sysparam;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Redis;
use Tests\TestCase;

/**
 * 用户控制器功能测试
 * 覆盖个人资料、密码与聊天室偏好设置等关键接口。
 */
class UserControllerTest extends TestCase
{
    use RefreshDatabase;

    /**
     * 初始化用户控制器测试所需的系统参数。
     */
    protected function setUp(): void
    {
        parent::setUp();

        Sysparam::updateOrCreate(['alias' => 'superlevel'], ['body' => '100']);
        Sysparam::updateOrCreate(['alias' => 'level_kick'], ['body' => '15']);
        Sysparam::updateOrCreate(['alias' => 'level_mute'], ['body' => '15']);
        Sysparam::updateOrCreate(['alias' => 'level_ban'], ['body' => '15']);
        Sysparam::updateOrCreate(['alias' => 'level_banip'], ['body' => '15']);
        Sysparam::updateOrCreate(['alias' => 'smtp_enabled'], ['body' => '1']); // Allow email changing in tests
    }

    /**
     * 测试可以查看用户资料卡接口。
     */
    public function test_can_view_user_profile()
    {
        $user = User::factory()->create([
            'username' => 'testuser',
            'user_level' => 10,
        ]);

        $this->actingAs($user);

        $response = $this->getJson("/user/{$user->username}");

        $response->assertStatus(200)
            ->assertJsonPath('data.username', 'testuser')
            ->assertJsonPath('data.user_level', 10);
    }

    /**
     * 测试不改邮箱时可以正常更新个人资料。
     */
    public function test_can_update_profile_without_email_change()
    {
        $user = User::factory()->create([
            'username' => 'testuser',
            'email' => 'old@example.com',
            'sign' => 'old sign',
        ]);

        $this->actingAs($user);

        $response = $this->putJson('/user/profile', [
            'email' => 'old@example.com',
            'sign' => 'new sign',
            'sex' => 1,
            'headface' => 'avatar1.png',
        ]);

        $response->assertStatus(200)
            ->assertJsonPath('status', 'success');

        $user->refresh();
        $this->assertEquals('new sign', $user->sign);
    }

    /**
     * 测试改邮箱但未提交验证码时会被拒绝。
     */
    public function test_cannot_update_email_without_verification_code()
    {
        $user = User::factory()->create([
            'username' => 'testuser',
            'email' => 'old@example.com',
        ]);

        $this->actingAs($user);

        $response = $this->putJson('/user/profile', [
            'email' => 'new@example.com',
            'sex' => 1,
            'headface' => 'avatar1.png',
        ]);

        $response->assertStatus(422)
            ->assertJsonPath('status', 'error')
            ->assertJsonPath('message', '新邮箱需要验证码，请先获取并填写验证码。');
    }

    /**
     * 测试提供有效验证码后可以成功修改邮箱。
     */
    public function test_can_update_email_with_valid_code()
    {
        $user = User::factory()->create([
            'username' => 'testuser',
            'email' => 'old@example.com',
        ]);

        Cache::put("email_verify_code_{$user->id}_new@example.com", '123456', 5);

        $this->actingAs($user);

        $response = $this->putJson('/user/profile', [
            'email' => 'new@example.com',
            'email_code' => '123456',
            'sex' => 1,
            'headface' => 'avatar1.png',
        ]);

        $response->assertStatus(200);

        $user->refresh();
        $this->assertEquals('new@example.com', $user->email);
    }

    /**
     * 测试可以保存聊天室屏蔽与禁音偏好。
     */
    public function test_can_update_chat_preferences(): void
    {
        $user = User::factory()->create([
            'chat_preferences' => null,
        ]);

        $response = $this->actingAs($user)->putJson('/user/chat-preferences', [
            'blocked_system_senders' => ['钓鱼播报', '神秘箱子', '跑马'],
            'sound_muted' => true,
        ]);

        $response->assertOk()
            ->assertJsonPath('status', 'success')
            ->assertJsonPath('data.blocked_system_senders.0', '钓鱼播报')
            ->assertJsonPath('data.blocked_system_senders.1', '神秘箱子')
            ->assertJsonPath('data.blocked_system_senders.2', '跑马')
            ->assertJsonPath('data.sound_muted', true);

        $user->refresh();
        $this->assertEquals([
            'blocked_system_senders' => ['钓鱼播报', '神秘箱子', '跑马'],
            'sound_muted' => true,
        ], $user->chat_preferences);
    }

    public function test_can_change_password()
    {
        $user = User::factory()->create([
            'username' => 'testuser',
            'password' => Hash::make('oldpassword'),
        ]);

        $this->actingAs($user);

        $response = $this->putJson('/user/password', [
            'old_password' => 'oldpassword',
            'new_password' => 'newpassword123',
            'new_password_confirmation' => 'newpassword123',
        ]);

        $response->assertStatus(200)
            ->assertJsonPath('status', 'success');

        $user->refresh();
        $this->assertTrue(Hash::check('newpassword123', $user->password));
    }

    public function test_admin_can_kick_user()
    {
        $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]);
        $target = User::factory()->create(['username' => 'target', 'user_level' => 1]);
        $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']);

        $this->actingAs($admin);

        $response = $this->postJson("/user/{$target->username}/kick", [
            'room_id' => $room->id,
        ]);

        $response->assertStatus(200)
            ->assertJsonPath('status', 'success');
    }

    public function test_low_level_user_cannot_kick()
    {
        $user = User::factory()->create(['username' => 'user', 'user_level' => 1]);
        $target = User::factory()->create(['username' => 'target', 'user_level' => 1]);
        $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']);

        $this->actingAs($user);

        $response = $this->postJson("/user/{$target->username}/kick", [
            'room_id' => $room->id,
        ]);

        $response->assertStatus(403);
    }

    public function test_room_master_can_kick()
    {
        $user = User::factory()->create(['username' => 'user', 'user_level' => 2]);
        $target = User::factory()->create(['username' => 'target', 'user_level' => 1]);
        $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'user']); // Master is 'user'

        $this->actingAs($user);

        $response = $this->postJson("/user/{$target->username}/kick", [
            'room_id' => $room->id,
        ]);

        if ($response->status() !== 200) {
            dump($response->json());
        }
        $response->assertStatus(200);
    }

    public function test_cannot_kick_higher_level()
    {
        $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]);
        $superadmin = User::factory()->create(['username' => 'superadmin', 'user_level' => 100]);
        $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']);

        $this->actingAs($admin);

        $response = $this->postJson("/user/{$superadmin->username}/kick", [
            'room_id' => $room->id,
        ]);

        $response->assertStatus(403);
    }

    public function test_admin_can_mute_user()
    {
        $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]);
        $target = User::factory()->create(['username' => 'target', 'user_level' => 1]);
        $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']);

        Redis::shouldReceive('setex')->once();

        $this->actingAs($admin);

        $response = $this->postJson("/user/{$target->username}/mute", [
            'room_id' => $room->id,
            'duration' => 10,
        ]);

        $response->assertStatus(200);
    }

    public function test_admin_can_ban_user()
    {
        $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]);
        $target = User::factory()->create(['username' => 'target', 'user_level' => 1]);
        $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']);

        $this->actingAs($admin);

        $response = $this->postJson("/user/{$target->username}/ban", [
            'room_id' => $room->id,
        ]);

        $response->assertStatus(200);

        $target->refresh();
        $this->assertEquals(-1, $target->user_level);
    }

    public function test_admin_can_ban_ip()
    {
        $admin = User::factory()->create(['username' => 'admin', 'user_level' => 20]);
        $target = User::factory()->create(['username' => 'target', 'user_level' => 1, 'last_ip' => '192.168.1.100']);
        $room = Room::create(['id' => 1, 'room_name' => 'Test Room', 'room_owner' => 'someone']);

        Redis::shouldReceive('sadd')->with('banned_ips', '192.168.1.100')->once();

        $this->actingAs($admin);

        $response = $this->postJson("/user/{$target->username}/banip", [
            'room_id' => $room->id,
        ]);

        $response->assertStatus(200);

        $target->refresh();
        $this->assertEquals(-1, $target->user_level);
    }
}