#!/bin/bash # 测试审计功能脚本 echo "🧪 测试审计拦截器..." echo "" # 配置 API_URL="http://localhost:3001/api/v1" TOKEN="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVhZTNjZWRmLWM2Y2UtNGFmZC05OWQzLTlkNTRlZmVjYjgyOCIsInVzZXJuYW1lIjoiYWRtaW4iLCJyZWdpb24iOiJjbiIsImVtYWlsIjoiYWRtaW5AZXhhbXBsZS5jb20iLCJyb2xlcyI6W10sInBlcm1pc3Npb25zIjpbXSwiaWF0IjoxNzM0NTcxNDk2LCJleHAiOjE3MzUxNzYyOTZ9.YP4RDWsb50-7U3CkdqfQNqRtVfYLHkECejJMW4PVAhg" # 1. 获取一个部门ID echo "📋 步骤 1: 获取部门列表..." DEPT_RESPONSE=$(curl -s "${API_URL}/departments?limit=1" \ -H "Authorization: Bearer ${TOKEN}") DEPT_ID=$(echo $DEPT_RESPONSE | grep -o '"id":"[^"]*"' | head -1 | sed 's/"id":"//;s/"//') if [ -z "$DEPT_ID" ]; then echo "❌ 无法获取部门ID,请先创建一个部门" exit 1 fi echo "✅ 找到部门ID: $DEPT_ID" echo "" # 2. 获取一个用户ID echo "📋 步骤 2: 获取用户列表..." USER_RESPONSE=$(curl -s "${API_URL}/users?limit=1" \ -H "Authorization: Bearer ${TOKEN}") USER_ID=$(echo $USER_RESPONSE | grep -o '"id":"[^"]*"' | head -1 | sed 's/"id":"//;s/"//') if [ -z "$USER_ID" ]; then echo "❌ 无法获取用户ID" exit 1 fi echo "✅ 找到用户ID: $USER_ID" echo "" # 3. 获取一个职位ID echo "📋 步骤 3: 获取职位列表..." POSITION_RESPONSE=$(curl -s "${API_URL}/positions?limit=1" \ -H "Authorization: Bearer ${TOKEN}") POSITION_ID=$(echo $POSITION_RESPONSE | grep -o '"id":"[^"]*"' | head -1 | sed 's/"id":"//;s/"//') if [ -z "$POSITION_ID" ]; then echo "❌ 无法获取职位ID" exit 1 fi echo "✅ 找到职位ID: $POSITION_ID" echo "" # 4. 添加成员到部门 echo "🚀 步骤 4: 添加成员到部门..." echo " - 部门ID: $DEPT_ID" echo " - 用户ID: $USER_ID" echo " - 职位ID: $POSITION_ID" echo "" RESULT=$(curl -s -w "\nHTTP_CODE:%{http_code}" \ -X POST "${API_URL}/departments/${DEPT_ID}/members" \ -H "Authorization: Bearer ${TOKEN}" \ -H "Content-Type: application/json" \ -d "{ \"userId\": \"${USER_ID}\", \"positionId\": \"${POSITION_ID}\" }") HTTP_CODE=$(echo "$RESULT" | grep "HTTP_CODE:" | sed 's/HTTP_CODE://') RESPONSE=$(echo "$RESULT" | sed '/HTTP_CODE:/d') echo "📊 响应状态码: $HTTP_CODE" echo "📊 响应内容: $RESPONSE" echo "" if [ "$HTTP_CODE" = "201" ] || [ "$HTTP_CODE" = "200" ]; then echo "✅ 添加成员成功!" else echo "❌ 添加成员失败,状态码: $HTTP_CODE" fi echo "" echo "🔍 步骤 5: 等待审计日志写入..." sleep 2 echo "" echo "📊 步骤 6: 查询审计日志..." AUDIT_LOGS=$(curl -s "${API_URL}/audit/logs?limit=5&module=Departments" \ -H "Authorization: Bearer ${TOKEN}") echo "$AUDIT_LOGS" | head -50 echo "" if echo "$AUDIT_LOGS" | grep -q "Departments"; then echo "✅✅✅ 审计功能正常工作!" else echo "❌❌❌ 审计日志未生成,请查看后端日志" fi echo "" echo "💡 提示: 查看后端控制台,应该能看到 [Audit] 开头的调试日志"