using System; using System.Collections.Generic; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Moq; using FluentAssertions; using Xunit; using Haoliang.Api.Controllers; using Haoliang.Core.Services; using Haoliang.Models.Common; using Haoliang.Models.User; namespace Haoliang.Tests.Controllers { public class AuthControllerTests { private readonly Mock _authService; private readonly Mock _userService; private readonly Mock _permissionService; private readonly Mock _loggingService; private readonly AuthController _controller; public AuthControllerTests() { _authService = new Mock(); _userService = new Mock(); _permissionService = new Mock(); _loggingService = new Mock(); _controller = new AuthController( _authService.Object, _userService.Object, _permissionService.Object, _loggingService.Object); } // Login [Fact] public async Task Login_WhenSuccess_ReturnsOk() { var authResult = new AuthResult { Success = true, Token = "token123" }; _authService.Setup(s => s.LoginAsync(It.IsAny())) .ReturnsAsync(authResult); var result = await _controller.Login(new LoginRequest { Username = "admin", Password = "pass" }); result.Should().BeOfType(); } [Fact] public async Task Login_WhenFailed_ReturnsUnauthorized() { var authResult = new AuthResult { Success = false }; _authService.Setup(s => s.LoginAsync(It.IsAny())) .ReturnsAsync(authResult); var result = await _controller.Login(new LoginRequest { Username = "admin", Password = "wrong" }); result.Should().BeOfType(); } [Fact] public async Task Login_WhenException_Returns500() { _authService.Setup(s => s.LoginAsync(It.IsAny())) .ThrowsAsync(new Exception("test")); var result = await _controller.Login(new LoginRequest { Username = "admin", Password = "pass" }); var objResult = result.Should().BeOfType().Subject; objResult.StatusCode.Should().Be(500); } // Logout [Fact] public async Task Logout_WhenSuccess_ReturnsOk() { _authService.Setup(s => s.LogoutAsync(1)) .ReturnsAsync(true); var result = await _controller.Logout(new LogoutRequest { UserId = 1 }); result.Should().BeOfType(); } [Fact] public async Task Logout_WhenFailed_ReturnsBadRequest() { _authService.Setup(s => s.LogoutAsync(1)) .ReturnsAsync(false); var result = await _controller.Logout(new LogoutRequest { UserId = 1 }); result.Should().BeOfType(); } [Fact] public async Task Logout_WhenInvalidUserId_ReturnsBadRequest() { var result = await _controller.Logout(new LogoutRequest { UserId = 0 }); result.Should().BeOfType(); } [Fact] public async Task Logout_WhenException_Returns500() { _authService.Setup(s => s.LogoutAsync(It.IsAny())) .ThrowsAsync(new Exception("test")); var result = await _controller.Logout(new LogoutRequest { UserId = 1 }); var objResult = result.Should().BeOfType().Subject; objResult.StatusCode.Should().Be(500); } // RefreshToken [Fact] public async Task RefreshToken_WhenSuccess_ReturnsOk() { var authResult = new AuthResult { Success = true, Token = "newtoken" }; _authService.Setup(s => s.RefreshTokenAsync("refresh123")) .ReturnsAsync(authResult); var result = await _controller.RefreshToken(new RefreshTokenRequest { RefreshToken = "refresh123" }); result.Should().BeOfType(); } [Fact] public async Task RefreshToken_WhenFailed_ReturnsUnauthorized() { var authResult = new AuthResult { Success = false }; _authService.Setup(s => s.RefreshTokenAsync(It.IsAny())) .ReturnsAsync(authResult); var result = await _controller.RefreshToken(new RefreshTokenRequest { RefreshToken = "invalid" }); result.Should().BeOfType(); } [Fact] public async Task RefreshToken_WhenException_Returns500() { _authService.Setup(s => s.RefreshTokenAsync(It.IsAny())) .ThrowsAsync(new Exception("test")); var result = await _controller.RefreshToken(new RefreshTokenRequest { RefreshToken = "token" }); var objResult = result.Should().BeOfType().Subject; objResult.StatusCode.Should().Be(500); } // Register [Fact] public async Task Register_WhenSuccess_ReturnsOk() { _authService.Setup(s => s.UsernameExistsAsync(It.IsAny())) .ReturnsAsync(false); _authService.Setup(s => s.EmailExistsAsync(It.IsAny())) .ReturnsAsync(false); _userService.Setup(s => s.CreateUserAsync(It.IsAny())) .ReturnsAsync(new UserViewModel { Id = 1, Username = "newuser" }); var result = await _controller.Register(new RegisterRequest { Username = "newuser", Email = "new@test.com", Password = "pass123", ConfirmPassword = "pass123" }); result.Should().BeOfType(); } [Fact] public async Task Register_WhenUsernameExists_ReturnsBadRequest() { _authService.Setup(s => s.UsernameExistsAsync("existing")) .ReturnsAsync(true); var result = await _controller.Register(new RegisterRequest { Username = "existing", Email = "e@t.com", Password = "p", ConfirmPassword = "p" }); result.Should().BeOfType(); } [Fact] public async Task Register_WhenEmailExists_ReturnsBadRequest() { _authService.Setup(s => s.UsernameExistsAsync(It.IsAny())) .ReturnsAsync(false); _authService.Setup(s => s.EmailExistsAsync("existing@test.com")) .ReturnsAsync(true); var result = await _controller.Register(new RegisterRequest { Username = "new", Email = "existing@test.com", Password = "p", ConfirmPassword = "p" }); result.Should().BeOfType(); } // GetProfile - GetCurrentUserId() returns null in test context [Fact] public async Task GetProfile_WhenNotAuthenticated_ReturnsUnauthorized() { // GetCurrentUserId() returns null by default (no JWT middleware in tests) var result = await _controller.GetProfile(); result.Should().BeOfType(); } // GetUserPermissions - same issue with GetCurrentUserId [Fact] public async Task GetUserPermissions_WhenNotAuthenticated_ReturnsUnauthorized() { var result = await _controller.GetUserPermissions(); result.Should().BeOfType(); } // GetAllUsers [Fact] public async Task GetAllUsers_WhenSuccess_ReturnsOk() { _userService.Setup(s => s.GetAllUsersAsync()) .ReturnsAsync(new List()); var result = await _controller.GetAllUsers(new UserFilter()); result.Should().BeOfType(); } [Fact] public async Task GetAllUsers_WhenException_Returns500() { _userService.Setup(s => s.GetAllUsersAsync()) .ThrowsAsync(new Exception("test")); var result = await _controller.GetAllUsers(new UserFilter()); var objResult = result.Should().BeOfType().Subject; objResult.StatusCode.Should().Be(500); } // GetUserById [Fact] public async Task GetUserById_WhenFound_ReturnsOk() { _userService.Setup(s => s.GetUserByIdAsync(1)) .ReturnsAsync(new UserViewModel { Id = 1 }); var result = await _controller.GetUserById(1); result.Should().BeOfType(); } [Fact] public async Task GetUserById_WhenNotFound_ReturnsNotFound() { _userService.Setup(s => s.GetUserByIdAsync(999)) .ReturnsAsync((UserViewModel?)null); var result = await _controller.GetUserById(999); result.Should().BeOfType(); } [Fact] public async Task GetUserById_WhenException_Returns500() { _userService.Setup(s => s.GetUserByIdAsync(It.IsAny())) .ThrowsAsync(new Exception("test")); var result = await _controller.GetUserById(1); var objResult = result.Should().BeOfType().Subject; objResult.StatusCode.Should().Be(500); } // ActivateUser [Fact] public async Task ActivateUser_WhenSuccess_ReturnsOk() { _userService.Setup(s => s.ActivateUserAsync(1)) .ReturnsAsync(true); var result = await _controller.ActivateUser(1); result.Should().BeOfType(); } [Fact] public async Task ActivateUser_WhenFailed_ReturnsBadRequest() { _userService.Setup(s => s.ActivateUserAsync(999)) .ReturnsAsync(false); var result = await _controller.ActivateUser(999); result.Should().BeOfType(); } [Fact] public async Task ActivateUser_WhenException_Returns500() { _userService.Setup(s => s.ActivateUserAsync(It.IsAny())) .ThrowsAsync(new Exception("test")); var result = await _controller.ActivateUser(1); var objResult = result.Should().BeOfType().Subject; objResult.StatusCode.Should().Be(500); } // DeactivateUser [Fact] public async Task DeactivateUser_WhenSuccess_ReturnsOk() { _userService.Setup(s => s.DeactivateUserAsync(1)) .ReturnsAsync(true); var result = await _controller.DeactivateUser(1); result.Should().BeOfType(); } [Fact] public async Task DeactivateUser_WhenFailed_ReturnsBadRequest() { _userService.Setup(s => s.DeactivateUserAsync(999)) .ReturnsAsync(false); var result = await _controller.DeactivateUser(999); result.Should().BeOfType(); } [Fact] public async Task DeactivateUser_WhenException_Returns500() { _userService.Setup(s => s.DeactivateUserAsync(It.IsAny())) .ThrowsAsync(new Exception("test")); var result = await _controller.DeactivateUser(1); var objResult = result.Should().BeOfType().Subject; objResult.StatusCode.Should().Be(500); } } }