feat(database): 添加用户角色权限系统及相关监控功能

- 创建用户表(users)包含基本信息和认证字段 - 创建角色表(roles)用于权限控制 - 创建权限表(permissions)定义系统权限 - 创建用户角色关联表(user_roles)建立用户与角色关系 - 创建角色权限关联表(role_permissions)建立角色与权限关系 - 创建迁移记录表(migrations)追踪数据库变更 - 添加AdminController提供管理员面板功能 - 实现系统监控、配置管理、缓存清理等功能 - 添加AOP切面编程支持的各种通知类型 - 实现告警管理AlertManager支持多渠道告警 - 添加文档注解接口规范
2026-06-15 23:12:49 +08:00 · 2026-04-08 17:00:28 +08:00
commit 2782d765fb
270 changed files with 107192 additions and 0 deletions
--- a/tests/Integration/ApiIntegrationTest.php
+++ b/tests/Integration/ApiIntegrationTest.php
@@ -0,0 +1,473 @@
+<?php
+declare(strict_types=1);
+
+namespace Tests\Integration;
+
+use PHPUnit\Framework\TestCase;
+use Fendx\Web\Request\Request;
+use Fendx\Web\Response\HttpResponse;
+use App\Controller\UserController;
+use App\Service\UserService;
+
+/**
+ * API 集成测试
+ */
+class ApiIntegrationTest extends TestCase
+{
+    private UserController $userController;
+    private UserService $userService;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+        
+        // 初始化测试环境
+        $this->initializeTestEnvironment();
+        
+        // 创建测试服务
+        $this->userService = $this->createTestUserService();
+        $this->userController = new UserController($this->userService);
+    }
+
+    /**
+     * 测试用户注册 API
+     */
+    public function testUserRegistrationApi(): void
+    {
+        $userData = [
+            'username' => 'integration_test_user',
+            'email' => 'integration@test.com',
+            'password' => 'testpassword123',
+            'nickname' => 'Integration Test User'
+        ];
+        
+        $request = $this->createRequest('POST', '/api/users/register', $userData);
+        $response = $this->userController->register($request);
+        
+        $this->assertInstanceOf(HttpResponse::class, $response);
+        $this->assertEquals(201, $response->getStatusCode());
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertTrue($responseData['success']);
+        $this->assertArrayHasKey('user_id', $responseData);
+        $this->assertArrayHasKey('token', $responseData);
+    }
+
+    /**
+     * 测试用户登录 API
+     */
+    public function testUserLoginApi(): void
+    {
+        // 先注册用户
+        $this->createTestUser();
+        
+        $loginData = [
+            'username' => 'integration_test_user',
+            'password' => 'testpassword123'
+        ];
+        
+        $request = $this->createRequest('POST', '/api/auth/login', $loginData);
+        $response = $this->userController->login($request);
+        
+        $this->assertInstanceOf(HttpResponse::class, $response);
+        $this->assertEquals(200, $response->getStatusCode());
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertTrue($responseData['success']);
+        $this->assertArrayHasKey('token', $responseData);
+        $this->assertArrayHasKey('user', $responseData);
+    }
+
+    /**
+     * 测试获取用户信息 API
+     */
+    public function testGetUserApi(): void
+    {
+        // 创建并登录用户
+        $user = $this->createTestUser();
+        $token = $this->authenticateUser($user);
+        
+        $request = $this->createRequest('GET', '/api/users/' . $user['id']);
+        $request->headers->set('Authorization', "Bearer {$token}");
+        
+        $response = $this->userController->show($request, $user['id']);
+        
+        $this->assertInstanceOf(HttpResponse::class, $response);
+        $this->assertEquals(200, $response->getStatusCode());
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertTrue($responseData['success']);
+        $this->assertEquals($user['id'], $responseData['user']['id']);
+        $this->assertEquals('integration_test_user', $responseData['user']['username']);
+    }
+
+    /**
+     * 测试更新用户信息 API
+     */
+    public function testUpdateUserApi(): void
+    {
+        $user = $this->createTestUser();
+        $token = $this->authenticateUser($user);
+        
+        $updateData = [
+            'nickname' => 'Updated Integration User',
+            'phone' => '13800138000'
+        ];
+        
+        $request = $this->createRequest('PUT', '/api/users/' . $user['id'], $updateData);
+        $request->headers->set('Authorization', "Bearer {$token}");
+        
+        $response = $this->userController->update($request, $user['id']);
+        
+        $this->assertInstanceOf(HttpResponse::class, $response);
+        $this->assertEquals(200, $response->getStatusCode());
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertTrue($responseData['success']);
+        $this->assertEquals('更新成功', $responseData['message']);
+    }
+
+    /**
+     * 测试删除用户 API
+     */
+    public function testDeleteUserApi(): void
+    {
+        $user = $this->createTestUser();
+        $token = $this->authenticateUser($user);
+        
+        $request = $this->createRequest('DELETE', '/api/users/' . $user['id']);
+        $request->headers->set('Authorization', "Bearer {$token}");
+        
+        $response = $this->userController->destroy($request, $user['id']);
+        
+        $this->assertInstanceOf(HttpResponse::class, $response);
+        $this->assertEquals(200, $response->getStatusCode());
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertTrue($responseData['success']);
+        $this->assertEquals('删除成功', $responseData['message']);
+    }
+
+    /**
+     * 测试用户列表 API
+     */
+    public function testUserListApi(): void
+    {
+        // 创建多个测试用户
+        for ($i = 1; $i <= 5; $i++) {
+            $this->createTestUser("test_user_{$i}", "test{$i}@example.com");
+        }
+        
+        $request = $this->createRequest('GET', '/api/users?page=1&limit=10');
+        $response = $this->userController->index($request);
+        
+        $this->assertInstanceOf(HttpResponse::class, $response);
+        $this->assertEquals(200, $response->getStatusCode());
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertTrue($responseData['success']);
+        $this->assertArrayHasKey('items', $responseData['data']);
+        $this->assertArrayHasKey('pagination', $responseData['data']);
+        $this->assertLessThanOrEqual(10, count($responseData['data']['items']));
+    }
+
+    /**
+     * 测试分页功能
+     */
+    public function testPaginationFunctionality(): void
+    {
+        // 创建20个测试用户
+        for ($i = 1; $i <= 20; $i++) {
+            $this->createTestUser("page_user_{$i}", "page{$i}@example.com");
+        }
+        
+        // 测试第一页
+        $request = $this->createRequest('GET', '/api/users?page=1&limit=5');
+        $response = $this->userController->index($request);
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertEquals(5, count($responseData['data']['items']));
+        $this->assertEquals(1, $responseData['data']['pagination']['page']);
+        $this->assertEquals(5, $responseData['data']['pagination']['page_size']);
+        $this->assertEquals(4, $responseData['data']['pagination']['total_pages']);
+        
+        // 测试第二页
+        $request = $this->createRequest('GET', '/api/users?page=2&limit=5');
+        $response = $this->userController->index($request);
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertEquals(5, count($responseData['data']['items']));
+        $this->assertEquals(2, $responseData['data']['pagination']['page']);
+    }
+
+    /**
+     * 测试搜索功能
+     */
+    public function testSearchFunctionality(): void
+    {
+        // 创建测试用户
+        $this->createTestUser('search_user_1', 'search1@test.com');
+        $this->createTestUser('search_user_2', 'search2@test.com');
+        $this->createTestUser('other_user', 'other@test.com');
+        
+        // 搜索用户名
+        $request = $this->createRequest('GET', '/api/users?search=search_user');
+        $response = $this->userController->index($request);
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertEquals(2, count($responseData['data']['items']));
+        
+        foreach ($responseData['data']['items'] as $user) {
+            $this->assertStringContainsString('search_user', $user['username']);
+        }
+    }
+
+    /**
+     * 测试权限验证
+     */
+    public function testPermissionValidation(): void
+    {
+        $user = $this->createTestUser();
+        
+        // 未认证访问
+        $request = $this->createRequest('GET', '/api/users/' . $user['id']);
+        $response = $this->userController->show($request, $user['id']);
+        
+        $this->assertEquals(401, $response->getStatusCode());
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertFalse($responseData['success']);
+        $this->assertEquals('未授权访问', $responseData['message']);
+    }
+
+    /**
+     * 测试输入验证
+     */
+    public function testInputValidation(): void
+    {
+        // 测试无效的注册数据
+        $invalidData = [
+            'username' => '', // 空用户名
+            'email' => 'invalid-email', // 无效邮箱
+            'password' => '123', // 密码太短
+        ];
+        
+        $request = $this->createRequest('POST', '/api/users/register', $invalidData);
+        $response = $this->userController->register($request);
+        
+        $this->assertEquals(422, $response->getStatusCode());
+        
+        $responseData = json_decode($response->getContent(), true);
+        $this->assertFalse($responseData['success']);
+        $this->assertArrayHasKey('errors', $responseData);
+    }
+
+    /**
+     * 测试并发请求处理
+     */
+    public function testConcurrentRequests(): void
+    {
+        $user = $this->createTestUser();
+        $token = $this->authenticateUser($user);
+        
+        // 模拟并发请求
+        $requests = [];
+        for ($i = 0; $i < 10; $i++) {
+            $request = $this->createRequest('GET', '/api/users/' . $user['id']);
+            $request->headers->set('Authorization', "Bearer {$token}");
+            $requests[] = $request;
+        }
+        
+        $responses = [];
+        foreach ($requests as $request) {
+            $responses[] = $this->userController->show($request, $user['id']);
+        }
+        
+        // 验证所有请求都成功
+        foreach ($responses as $response) {
+            $this->assertEquals(200, $response->getStatusCode());
+            $responseData = json_decode($response->getContent(), true);
+            $this->assertTrue($responseData['success']);
+        }
+    }
+
+    /**
+     * 测试数据库事务
+     */
+    public function testDatabaseTransaction(): void
+    {
+        $userData = [
+            'username' => 'transaction_test_user',
+            'email' => 'transaction@test.com',
+            'password' => 'testpassword123',
+            'nickname' => 'Transaction Test User'
+        ];
+        
+        $request = $this->createRequest('POST', '/api/users/register', $userData);
+        
+        // 模拟数据库错误
+        $this->simulateDatabaseError();
+        
+        $response = $this->userController->register($request);
+        
+        // 验证事务回滚
+        $this->assertEquals(500, $response->getStatusCode());
+        
+        // 验证用户未被创建
+        $checkRequest = $this->createRequest('GET', '/api/users?search=transaction_test_user');
+        $checkResponse = $this->userController->index($checkRequest);
+        $checkData = json_decode($checkResponse->getContent(), true);
+        $this->assertEquals(0, count($checkData['data']['items']));
+    }
+
+    /**
+     * 测试缓存功能
+     */
+    public function testCacheFunctionality(): void
+    {
+        $user = $this->createTestUser();
+        $token = $this->authenticateUser($user);
+        
+        // 第一次请求
+        $request1 = $this->createRequest('GET', '/api/users/' . $user['id']);
+        $request1->headers->set('Authorization', "Bearer {$token}");
+        $response1 = $this->userController->show($request1, $user['id']);
+        
+        // 第二次请求（应该从缓存获取）
+        $request2 = $this->createRequest('GET', '/api/users/' . $user['id']);
+        $request2->headers->set('Authorization', "Bearer {$token}");
+        $response2 = $this->userController->show($request2, $user['id']);
+        
+        // 验证响应一致
+        $this->assertEquals(
+            $response1->getContent(),
+            $response2->getContent()
+        );
+    }
+
+    /**
+     * 初始化测试环境
+     */
+    private function initializeTestEnvironment(): void
+    {
+        // 设置测试数据库
+        $this->setupTestDatabase();
+        
+        // 设置测试缓存
+        $this->setupTestCache();
+        
+        // 清理测试数据
+        $this->cleanupTestData();
+    }
+
+    /**
+     * 设置测试数据库
+     */
+    private function setupTestDatabase(): void
+    {
+        // 创建内存数据库
+        // 运行迁移
+        // 设置测试数据
+    }
+
+    /**
+     * 设置测试缓存
+     */
+    private function setupTestCache(): void
+    {
+        // 使用数组缓存驱动
+        // 清空缓存
+    }
+
+    /**
+     * 清理测试数据
+     */
+    private function cleanupTestData(): void
+    {
+        // 删除测试用户
+        // 清理缓存
+    }
+
+    /**
+     * 创建测试用户服务
+     */
+    private function createTestUserService(): UserService
+    {
+        // 返回配置好的测试服务
+        return new UserService(/* test dependencies */);
+    }
+
+    /**
+     * 创建测试用户
+     */
+    private function createTestUser(string $username = 'integration_test_user', string $email = 'integration@test.com'): array
+    {
+        $userData = [
+            'username' => $username,
+            'email' => $email,
+            'password' => 'testpassword123',
+            'nickname' => 'Integration Test User'
+        ];
+        
+        $request = $this->createRequest('POST', '/api/users/register', $userData);
+        $response = $this->userController->register($request);
+        
+        $responseData = json_decode($response->getContent(), true);
+        
+        return [
+            'id' => $responseData['user_id'],
+            'username' => $username,
+            'email' => $email
+        ];
+    }
+
+    /**
+     * 认证用户
+     */
+    private function authenticateUser(array $user): string
+    {
+        $loginData = [
+            'username' => $user['username'],
+            'password' => 'testpassword123'
+        ];
+        
+        $request = $this->createRequest('POST', '/api/auth/login', $loginData);
+        $response = $this->userController->login($request);
+        
+        $responseData = json_decode($response->getContent(), true);
+        return $responseData['token'];
+    }
+
+    /**
+     * 创建请求对象
+     */
+    private function createRequest(string $method, string $uri, array $data = []): Request
+    {
+        $request = new Request();
+        
+        // 设置请求方法
+        $_SERVER['REQUEST_METHOD'] = $method;
+        
+        // 设置请求URI
+        $_SERVER['REQUEST_URI'] = $uri;
+        
+        // 设置请求数据
+        if ($method === 'POST' || $method === 'PUT') {
+            $_POST = $data;
+            $_REQUEST = array_merge($_REQUEST, $data);
+        } else {
+            $_GET = array_merge($_GET, $data);
+            $_REQUEST = array_merge($_REQUEST, $data);
+        }
+        
+        return $request;
+    }
+
+    /**
+     * 模拟数据库错误
+     */
+    private function simulateDatabaseError(): void
+    {
+        // 模拟数据库连接错误或其他异常
+    }
+}
--- a/tests/Unit/UserServiceTest.php
+++ b/tests/Unit/UserServiceTest.php
@@ -0,0 +1,426 @@
+<?php
+declare(strict_types=1);
+
+namespace Tests\Unit;
+
+use PHPUnit\Framework\TestCase;
+use App\Service\UserService;
+use App\Dao\UserDao;
+use App\Dto\UserDto;
+use App\Validate\UserValidator;
+use Fendx\Security\Auth\JwtManager;
+use Fendx\Security\Auth\RbacManager;
+
+/**
+ * 用户服务单元测试
+ */
+class UserServiceTest extends TestCase
+{
+    private UserService $userService;
+    private UserDao $userDao;
+    private UserValidator $validator;
+    private JwtManager $jwtManager;
+    private RbacManager $rbacManager;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+        
+        // 创建 Mock 对象
+        $this->userDao = $this->createMock(UserDao::class);
+        $this->validator = $this->createMock(UserValidator::class);
+        $this->jwtManager = $this->createMock(JwtManager::class);
+        $this->rbacManager = $this->createMock(RbacManager::class);
+        
+        // 创建服务实例
+        $this->userService = new UserService(
+            $this->userDao,
+            $this->validator,
+            $this->jwtManager,
+            $this->rbacManager
+        );
+    }
+
+    /**
+     * 测试用户注册成功
+     */
+    public function testRegisterSuccess(): void
+    {
+        // 准备测试数据
+        $userData = [
+            'username' => 'testuser',
+            'email' => 'test@example.com',
+            'password' => 'password123',
+            'nickname' => 'Test User'
+        ];
+        
+        $request = $this->createMockRequest($userData);
+        
+        // 设置 Mock 期望
+        $this->validator
+            ->expects($this->once())
+            ->method('validateRegisterFull')
+            ->with($request)
+            ->willReturn([]); // 无验证错误
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('existsByUsername')
+            ->with('testuser')
+            ->willReturn(false);
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('existsByEmail')
+            ->with('test@example.com')
+            ->willReturn(false);
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('create')
+            ->with($this->callback(function($userDto) use ($userData) {
+                return $userDto->getUsername() === $userData['username'] &&
+                       $userDto->getEmail() === $userData['email'] &&
+                       $userDto->getNickname() === $userData['nickname'];
+            }))
+            ->willReturn(1);
+        
+        // 执行测试
+        $result = $this->userService->register($request);
+        
+        // 断言
+        $this->assertTrue($result['success']);
+        $this->assertEquals('注册成功', $result['message']);
+        $this->assertEquals(1, $result['user_id']);
+    }
+
+    /**
+     * 测试用户注册验证失败
+     */
+    public function testRegisterValidationFailure(): void
+    {
+        $userData = [
+            'username' => '', // 空用户名
+            'email' => 'invalid-email', // 无效邮箱
+            'password' => '123', // 密码太短
+        ];
+        
+        $request = $this->createMockRequest($userData);
+        
+        $this->validator
+            ->expects($this->once())
+            ->method('validateRegisterFull')
+            ->with($request)
+            ->willReturn([
+                'username' => '用户名必填',
+                'email' => '邮箱格式不正确',
+                'password' => '密码至少6位'
+            ]);
+        
+        $result = $this->userService->register($request);
+        
+        $this->assertFalse($result['success']);
+        $this->assertEquals('验证失败', $result['message']);
+        $this->assertEquals([
+            'username' => '用户名必填',
+            'email' => '邮箱格式不正确',
+            'password' => '密码至少6位'
+        ], $result['errors']);
+    }
+
+    /**
+     * 测试用户登录成功
+     */
+    public function testLoginSuccess(): void
+    {
+        $loginData = [
+            'username' => 'testuser',
+            'password' => 'password123'
+        ];
+        
+        $request = $this->createMockRequest($loginData);
+        
+        $userDto = new UserDto();
+        $userDto->setId(1)
+                ->setUsername('testuser')
+                ->setEmail('test@example.com')
+                ->setPassword(password_hash('password123', PASSWORD_DEFAULT));
+        
+        $this->validator
+            ->expects($this->once())
+            ->method('validateLogin')
+            ->with($request)
+            ->willReturn([]);
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('findByUsername')
+            ->with('testuser')
+            ->willReturn($userDto);
+        
+        $this->jwtManager
+            ->expects($this->once())
+            ->method('generate')
+            ->with(['user_id' => 1, 'username' => 'testuser'])
+            ->willReturn('jwt_token_here');
+        
+        $result = $this->userService->login($request);
+        
+        $this->assertTrue($result['success']);
+        $this->assertEquals('登录成功', $result['message']);
+        $this->assertEquals('jwt_token_here', $result['token']);
+        $this->assertEquals(1, $result['user']['id']);
+        $this->assertEquals('testuser', $result['user']['username']);
+    }
+
+    /**
+     * 测试用户登录失败 - 用户不存在
+     */
+    public function testLoginUserNotFound(): void
+    {
+        $loginData = [
+            'username' => 'nonexistent',
+            'password' => 'password123'
+        ];
+        
+        $request = $this->createMockRequest($loginData);
+        
+        $this->validator
+            ->expects($this->once())
+            ->method('validateLogin')
+            ->with($request)
+            ->willReturn([]);
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('findByUsername')
+            ->with('nonexistent')
+            ->willReturn(null);
+        
+        $result = $this->userService->login($request);
+        
+        $this->assertFalse($result['success']);
+        $this->assertEquals('用户名或密码错误', $result['message']);
+    }
+
+    /**
+     * 测试获取用户信息成功
+     */
+    public function testGetUserSuccess(): void
+    {
+        $userId = 1;
+        
+        $userDto = new UserDto();
+        $userDto->setId(1)
+                ->setUsername('testuser')
+                ->setEmail('test@example.com')
+                ->setNickname('Test User');
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('findById')
+            ->with($userId)
+            ->willReturn($userDto);
+        
+        $result = $this->userService->getUser($userId);
+        
+        $this->assertTrue($result['success']);
+        $this->assertEquals('testuser', $result['user']['username']);
+        $this->assertEquals('test@example.com', $result['user']['email']);
+        $this->assertEquals('Test User', $result['user']['nickname']);
+    }
+
+    /**
+     * 测试获取用户信息失败 - 用户不存在
+     */
+    public function testGetUserNotFound(): void
+    {
+        $userId = 999;
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('findById')
+            ->with($userId)
+            ->willReturn(null);
+        
+        $result = $this->userService->getUser($userId);
+        
+        $this->assertFalse($result['success']);
+        $this->assertEquals('用户不存在', $result['message']);
+    }
+
+    /**
+     * 测试更新用户信息成功
+     */
+    public function testUpdateUserSuccess(): void
+    {
+        $userId = 1;
+        $updateData = [
+            'nickname' => 'Updated User',
+            'phone' => '13800138000'
+        ];
+        
+        $request = $this->createMockRequest($updateData);
+        
+        $existingUser = new UserDto();
+        $existingUser->setId(1)
+                     ->setUsername('testuser')
+                     ->setEmail('test@example.com');
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('findById')
+            ->with($userId)
+            ->willReturn($existingUser);
+        
+        $this->validator
+            ->expects($this->once())
+            ->method('validateUpdateFull')
+            ->with($request, $userId)
+            ->willReturn([]);
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('update')
+            ->with($this->callback(function($userDto) use ($updateData) {
+                return $userDto->getId() === 1 &&
+                       $userDto->getNickname() === $updateData['nickname'] &&
+                       $userDto->getPhone() === $updateData['phone'];
+            }))
+            ->willReturn(true);
+        
+        $result = $this->userService->updateUser($userId, $request);
+        
+        $this->assertTrue($result['success']);
+        $this->assertEquals('更新成功', $result['message']);
+    }
+
+    /**
+     * 测试删除用户成功
+     */
+    public function testDeleteUserSuccess(): void
+    {
+        $userId = 1;
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('findById')
+            ->with($userId)
+            ->willReturn(new UserDto());
+        
+        $this->userDao
+            ->expects($this->once())
+            ->method('delete')
+            ->with($userId)
+            ->willReturn(true);
+        
+        $result = $this->userService->deleteUser($userId);
+        
+        $this->assertTrue($result['success']);
+        $this->assertEquals('删除成功', $result['message']);
+    }
+
+    /**
+     * 测试用户权限检查
+     */
+    public function testCheckUserPermission(): void
+    {
+        $userId = 1;
+        $permission = 'user:read';
+        
+        $this->rbacManager
+            ->expects($this->once())
+            ->method('hasPermission')
+            ->with($userId, $permission)
+            ->willReturn(true);
+        
+        $result = $this->userService->checkPermission($userId, $permission);
+        
+        $this->assertTrue($result);
+    }
+
+    /**
+     * 测试用户角色分配
+     */
+    public function testAssignUserRole(): void
+    {
+        $userId = 1;
+        $role = 'admin';
+        
+        $this->rbacManager
+            ->expects($this->once())
+            ->method('assignRole')
+            ->with($userId, $role)
+            ->willReturn(true);
+        
+        $result = $this->userService->assignRole($userId, $role);
+        
+        $this->assertTrue($result['success']);
+        $this->assertEquals('角色分配成功', $result['message']);
+    }
+
+    /**
+     * 创建 Mock 请求对象
+     */
+    private function createMockRequest(array $data): \Fendx\Web\Request\Request
+    {
+        $request = $this->createMock(\Fendx\Web\Request\Request::class);
+        
+        $request->method('all')->willReturn($data);
+        $request->method('get')->willReturnCallback(fn($key) => $data[$key] ?? null);
+        $request->method('post')->willReturnCallback(fn($key) => $data[$key] ?? null);
+        
+        return $request;
+    }
+
+    /**
+     * 测试用户密码加密
+     */
+    public function testPasswordEncryption(): void
+    {
+        $password = 'password123';
+        $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
+        
+        $this->assertTrue(password_verify($password, $hashedPassword));
+        $this->assertFalse(password_verify('wrongpassword', $hashedPassword));
+    }
+
+    /**
+     * 测试 JWT 令牌生成
+     */
+    public function testJwtTokenGeneration(): void
+    {
+        $payload = ['user_id' => 1, 'username' => 'testuser'];
+        
+        $this->jwtManager
+            ->expects($this->once())
+            ->method('generate')
+            ->with($payload)
+            ->willReturn('mock_jwt_token');
+        
+        $token = $this->jwtManager->generate($payload);
+        
+        $this->assertEquals('mock_jwt_token', $token);
+    }
+
+    /**
+     * 测试数据验证器
+     */
+    public function testUserValidator(): void
+    {
+        $this->validator
+            ->expects($this->once())
+            ->method('validateEmail')
+            ->with('test@example.com')
+            ->willReturn(true);
+        
+        $this->validator
+            ->expects($this->once())
+            ->method('validatePhone')
+            ->with('13800138000')
+            ->willReturn(true);
+        
+        $this->assertTrue($this->validator->validateEmail('test@example.com'));
+        $this->assertTrue($this->validator->validatePhone('13800138000'));
+    }
+}