fix api config auth and image model compatibility

2026-04-17 18:41:47 +08:00
parent 531de26d48
commit 022d581c60
9 changed files with 244 additions and 8 deletions
--- a/tests/integration/api/specific/user-api-config-put.test.ts
+++ b/tests/integration/api/specific/user-api-config-put.test.ts
@@ -34,6 +34,9 @@ type SavedProvider = {
 }

 const prismaMock = vi.hoisted(() => ({
+  user: {
+    findUnique: vi.fn<(...args: unknown[]) => Promise<{ id: string } | null>>(),
+  },
  userPreference: {
    findUnique: vi.fn<(...args: unknown[]) => Promise<UserPreferenceSnapshot | null>>(),
    upsert: vi.fn<(...args: unknown[]) => Promise<unknown>>(),
@@ -103,6 +106,7 @@ describe('api specific - user api-config PUT provider uniqueness', () => {
    vi.clearAllMocks()
    resetAuthMockState()

+    prismaMock.user.findUnique.mockResolvedValue({ id: 'user-1' })
    prismaMock.userPreference.findUnique.mockResolvedValue({
      customProviders: null,
      customModels: null,
@@ -111,6 +115,37 @@ describe('api specific - user api-config PUT provider uniqueness', () => {
    getBillingModeMock.mockResolvedValue('OFF')
  })

+  it('returns unauthorized when session user no longer exists before saving providers', async () => {
+    installAuthMocks()
+    mockAuthenticated('user-missing')
+    prismaMock.user.findUnique.mockResolvedValueOnce(null)
+    const route = await import('@/app/api/user/api-config/route')
+
+    const req = buildMockRequest({
+      path: '/api/user/api-config',
+      method: 'PUT',
+      body: {
+        providers: [
+          { id: 'openai-compatible:oa-1', name: 'OpenAI A', baseUrl: 'https://oa-a.test', apiKey: 'oa-key-a' },
+        ],
+      },
+    })
+
+    const res = await route.PUT(req, routeContext)
+    const body = await res.json() as {
+      error?: {
+        code?: string
+        message?: string
+      }
+    }
+
+    expect(res.status).toBe(401)
+    expect(body.error?.code).toBe('UNAUTHORIZED')
+    expect(body.error?.message).toBe('登录状态已失效，请重新登录')
+    expect(prismaMock.userPreference.findUnique).not.toHaveBeenCalled()
+    expect(prismaMock.userPreference.upsert).not.toHaveBeenCalled()
+  })
+
  it('allows multiple providers with the same api type when provider ids differ', async () => {
    installAuthMocks()
    mockAuthenticated('user-1')
--- a/tests/integration/api/specific/user-preference-art-style-validation.test.ts
+++ b/tests/integration/api/specific/user-preference-art-style-validation.test.ts
@@ -9,6 +9,9 @@ const authMock = vi.hoisted(() => ({
 }))

 const prismaMock = vi.hoisted(() => ({
+  user: {
+    findUnique: vi.fn<(...args: unknown[]) => Promise<{ id: string } | null>>(),
+  },
  userPreference: {
    upsert: vi.fn(async () => ({
      userId: 'user-1',
@@ -25,6 +28,7 @@ describe('api specific - user preference art style validation', () => {

  beforeEach(() => {
    vi.clearAllMocks()
+    prismaMock.user.findUnique.mockResolvedValue({ id: 'user-1' })
  })

  it('accepts valid artStyle and persists normalized value', async () => {
@@ -58,4 +62,27 @@ describe('api specific - user preference art style validation', () => {
    expect(body.error.code).toBe('INVALID_PARAMS')
    expect(prismaMock.userPreference.upsert).not.toHaveBeenCalled()
  })
+
+  it('returns unauthorized when session user record is missing', async () => {
+    prismaMock.user.findUnique.mockResolvedValueOnce(null)
+    const mod = await import('@/app/api/user-preference/route')
+    const req = buildMockRequest({
+      path: '/api/user-preference',
+      method: 'PATCH',
+      body: { artStyle: 'realistic' },
+    })
+
+    const res = await mod.PATCH(req, routeContext)
+    const body = await res.json() as {
+      error?: {
+        code?: string
+        message?: string
+      }
+    }
+
+    expect(res.status).toBe(401)
+    expect(body.error?.code).toBe('UNAUTHORIZED')
+    expect(body.error?.message).toBe('登录状态已失效，请重新登录')
+    expect(prismaMock.userPreference.upsert).not.toHaveBeenCalled()
+  })
 })