Статистика для дашборда #7

test/api/api_admin_tests.erl

@@ -15,7 +15,7 @@ test() ->
 
   %% TEST 2: Admin login (дополнительная проверка)
   io:format(" TEST 2: Admin login (attempt)... "),
-  LoginBody = jsx:encode(#{<<"email">> => <<"global_admin@test.com">>, <<"password">> => <<"admin123">>}),
+  LoginBody = jsx:encode(#{<<"email">> => <<"admin@eventhub.local">>, <<"password">> => <<"123456">>}),
   case httpc:request(post, {AdminURL ++ "/v1/admin/login", [], "application/json", LoginBody}, [], []) of
     {ok, {{_, 200, _}, _, _}} ->
       io:format("OK (logged in)~n");
@@ -23,11 +23,19 @@ test() ->
       io:format("SKIPPED (credentials not found, using runner token)~n")
   end,
 
-  %% TEST 3: Admin stats
-  io:format(" TEST 3: Admin stats... "),
-  {ok, {{_, 200, _}, _, _}} = httpc:request(get,
-    {AdminURL ++ "/v1/admin/stats", [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}]}, [], []),
-  io:format("OK~n"),
+  %% TEST 3: Admin stats (superadmin)
+  io:format(" TEST 3: Admin stats (superadmin)... "),
+  % Логинимся под суперадмином (данные из api_test_runner)
+  LoginBody = jsx:encode(#{<<"email">> => <<"admin@eventhub.local">>, <<"password">> => <<"123456">>}),
+  {ok, {{_, 200, _}, _, LoginResp}} = httpc:request(post,
+    {AdminURL ++ "/v1/admin/login", [], "application/json", LoginBody}, [], []),
+  #{<<"token">> := SuperToken} = jsx:decode(list_to_binary(LoginResp), [return_maps]),
+
+  % Запрашиваем статистику
+  {ok, {{_, 200, _}, _, StatsResp}} = httpc:request(get,
+    {AdminURL ++ "/v1/admin/stats", [{"Authorization", "Bearer " ++ binary_to_list(SuperToken)}]}, [], []),
+  Stats = jsx:decode(list_to_binary(StatsResp), [return_maps]),
+  io:format(" OK (keys: ~p)~n", [maps:keys(Stats)]),
 
   %% TEST 4: List users
   io:format(" TEST 4: List users... "),

test/api/api_test_runner.erl

@@ -1,4 +1,7 @@
 -module(api_test_runner).
+
+-include("records.hrl").
+
 -export([run_all/0, run/1]).
 -export([http_post/2, http_post/3, http_get/1, http_get/2, http_put/3, http_delete/2]).
 -export([extract_json/2, extract_json/3, assert_status/2]).
@@ -10,8 +13,8 @@
 -define(ADMIN_URL, "http://localhost:8445").
 
 %% ============ Глобальные переменные для тестов ============
--define(ADMIN_EMAIL, <<"global_admin@test.com">>).
--define(ADMIN_PASSWORD, <<"admin123">>).
+-define(ADMIN_EMAIL, <<"admin@eventhub.local">>).
+-define(ADMIN_PASSWORD, <<"123456">>).
 -define(USER_EMAIL, <<"global_user@test.com">>).
 -define(USER_PASSWORD, <<"user123">>).
 
@@ -21,27 +24,29 @@ init_global_users() ->
     undefined ->
       io:format("~n=== Initializing global test users ===~n"),
 
-      % Создаём или логиним админа
-      AdminToken = register_and_login(?ADMIN_EMAIL, ?ADMIN_PASSWORD),
-      {ok, {{_, 200, _}, _, MeResp}} = http_get("/v1/user/me", AdminToken),
-      #{<<"id">> := AdminId, <<"role">> := Role} = jsx:decode(list_to_binary(MeResp), [return_maps]),
-
-      io:format("Admin ID: ~s, Current role: ~s~n", [AdminId, Role]),
-
-      % Проверяем, что админ действительно админ
-      case Role of
-        <<"admin">> ->
-          io:format("✓ Admin already has admin role~n"),
+      % ---------- АДМИНИСТРАТОР ----------
+      % Проверяем, существует ли админ в таблице admin
+      case core_admin:get_by_email(?ADMIN_EMAIL) of
+        {ok, Admin} ->
+          io:format("Admin already exists: ~s~n", [Admin#admin.id]),
           ok;
-        _ ->
-          io:format("⚠ Admin role is '~s', attempting to promote...~n", [Role]),
-          promote_to_admin(AdminToken, AdminId)
+        {error, not_found} ->
+          % Создаём суперадмина напрямую
+          {ok, Admin} = core_admin:create(?ADMIN_EMAIL, ?ADMIN_PASSWORD, superadmin),
+          io:format("Admin created: ~s~n", [Admin#admin.id])
       end,
 
+      % Логинимся через админский API
+      LoginBody = jsx:encode(#{<<"email">> => ?ADMIN_EMAIL, <<"password">> => ?ADMIN_PASSWORD}),
+      {ok, {{_, 200, _}, _, LoginResp}} = httpc:request(post,
+        {?ADMIN_URL ++ "/v1/admin/login", [], "application/json", LoginBody}, [], []),
+      #{<<"token">> := AdminToken, <<"user">> := #{<<"id">> := AdminId}} =
+        jsx:decode(list_to_binary(LoginResp), [return_maps]),
+
       put(admin_token, AdminToken),
       put(admin_id, AdminId),
 
-      % Создаём или логиним обычного пользователя
+      % ---------- ПОЛЬЗОВАТЕЛЬ ----------
       UserToken = register_and_login(?USER_EMAIL, ?USER_PASSWORD),
       {ok, {{_, 200, _}, _, UserMeResp}} = http_get("/v1/user/me", UserToken),
       #{<<"id">> := UserId} = jsx:decode(list_to_binary(UserMeResp), [return_maps]),
@@ -49,7 +54,7 @@ init_global_users() ->
       put(user_token, UserToken),
       put(user_id, UserId),
 
-      io:format("User ID: ~s~n", [UserId]),
+      io:format("Admin ID: ~s, User ID: ~s~n", [AdminId, UserId]),
       io:format("=== Global users initialized ===~n~n"),
       ok;
     _ ->
@@ -57,32 +62,6 @@ init_global_users() ->
       ok
   end.
 
-%% Попытка повысить роль через разные методы
-promote_to_admin(AdminToken, AdminId) ->
-  io:format("Attempting to promote user ~s to admin...~n", [AdminId]),
-
-  % Метод 1: Прямое обновление через core_user (если доступно)
-  try
-    {ok, _User} = core_user:get_by_id(AdminId),
-    core_user:update(AdminId, [{role, admin}]),
-    io:format("✓ Promoted via core_user~n")
-  catch
-    _:_ ->
-      io:format("  Method 1 (core_user) failed~n")
-  end,
-
-  % Проверяем, сработало ли
-  {ok, {{_, 200, _}, _, CheckResp}} = http_get("/v1/user/me", AdminToken),
-  #{<<"role">> := NewRole} = jsx:decode(list_to_binary(CheckResp), [return_maps]),
-
-  case NewRole of
-    <<"admin">> ->
-      io:format("✓ User is now admin~n");
-    _ ->
-      io:format("⚠ WARNING: User still has role '~s'~n", [NewRole]),
-      io:format("  Some admin tests may fail~n")
-  end.
-
 get_admin_token() ->
   init_global_users(),
   get(admin_token).

test/api/api_tickets_tests.erl

@@ -2,6 +2,7 @@
 -export([test/0]).
 
 -define(ADMIN_BASE_URL, "http://localhost:8445").
+-define(BASE_URL, "http://localhost:8080").
 
 test() ->
   io:format("Testing tickets API...~n"),
@@ -9,70 +10,62 @@ test() ->
   AdminToken = api_test_runner:get_admin_token(),
 
   %% TEST 1: Create ticket (user)
-  io:format("  TEST 1: Create ticket...~n"),
-  io:format("    POST /v1/tickets~n"),
+  io:format("  TEST 1: Create ticket... "),
   TicketId = api_test_runner:extract_json(
     api_test_runner:http_post("/v1/tickets",
       #{error_message => <<"Bug">>,
         stacktrace => <<"Something broke">>},
       Token),
     <<"id">>),
-  io:format("  OK~n"),
+  io:format("OK~n"),
 
   %% TEST 2: Get my tickets (user)
-  io:format("  TEST 2: Get my tickets...~n"),
-  io:format("    GET /v1/tickets~n"),
+  io:format("  TEST 2: Get my tickets... "),
   {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get("/v1/tickets", Token),
-  io:format("  OK~n"),
+  io:format("OK~n"),
 
   %% TEST 3: Get single ticket (user)
-  io:format("  TEST 3: Get single ticket...~n"),
-  io:format("    GET /v1/tickets/~s~n", [TicketId]),
+  io:format("  TEST 3: Get single ticket... "),
   {ok, {{_, 200, _}, _, _}} = api_test_runner:http_get(
     "/v1/tickets/" ++ binary_to_list(TicketId),
     Token),
-  io:format("  OK~n"),
+  io:format("OK~n"),
 
   %% TEST 4: Admin lists all tickets
-  io:format("  TEST 4: Admin lists all tickets...~n"),
-  io:format("    GET ~s/v1/admin/tickets~n", [?ADMIN_BASE_URL]),
+  io:format("  TEST 4: Admin lists all tickets... "),
   {ok, {{_, 200, _}, _, _}} = httpc:request(get,
     {?ADMIN_BASE_URL ++ "/v1/admin/tickets", [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}]}, [], []),
-  io:format("  OK~n"),
+  io:format("OK~n"),
 
   %% TEST 5: Admin updates ticket status
-  io:format("  TEST 5: Admin updates ticket status...~n"),
-  io:format("    PUT ~s/v1/admin/tickets/~s~n", [?ADMIN_BASE_URL, TicketId]),
+  io:format("  TEST 5: Admin updates ticket status... "),
   {ok, {{_, 200, _}, _, _}} = httpc:request(put,
     {?ADMIN_BASE_URL ++ "/v1/admin/tickets/" ++ binary_to_list(TicketId),
       [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}],
       "application/json",
       jsx:encode(#{status => <<"in_progress">>})}, [], []),
-  io:format("  OK~n"),
+  io:format("OK~n"),
 
   %% TEST 6: Admin assigns ticket
-  io:format("  TEST 6: Admin assigns ticket...~n"),
-  io:format("    PUT ~s/v1/admin/tickets/~s~n", [?ADMIN_BASE_URL, TicketId]),
+  io:format("  TEST 6: Admin assigns ticket... "),
   {ok, {{_, 200, _}, _, _}} = httpc:request(put,
     {?ADMIN_BASE_URL ++ "/v1/admin/tickets/" ++ binary_to_list(TicketId),
       [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}],
       "application/json",
       jsx:encode(#{assigned_to => AdminToken})}, [], []),
-  io:format("  OK~n"),
+  io:format("OK~n"),
 
   %% TEST 7: Admin views ticket stats
-  io:format("  TEST 7: Admin views ticket stats...~n"),
-  io:format("    GET ~s/v1/admin/tickets/stats~n", [?ADMIN_BASE_URL]),
+  io:format("  TEST 7: Admin views ticket stats... "),
   {ok, {{_, 200, _}, _, _}} = httpc:request(get,
     {?ADMIN_BASE_URL ++ "/v1/admin/tickets/stats", [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}]}, [], []),
-  io:format("  OK~n"),
+  io:format("OK~n"),
 
   %% TEST 8: Admin deletes ticket
-  io:format("  TEST 8: Admin deletes ticket...~n"),
-  io:format("    DELETE ~s/v1/admin/tickets/~s~n", [?ADMIN_BASE_URL, TicketId]),
+  io:format("  TEST 8: Admin deletes ticket... "),
   {ok, {{_, 200, _}, _, _}} = httpc:request(delete,
     {?ADMIN_BASE_URL ++ "/v1/admin/tickets/" ++ binary_to_list(TicketId), [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}]}, [], []),
-  io:format("  OK~n"),
+  io:format("OK~n"),
 
   io:format("~n✅ Tickets API tests passed!~n"),
   {?MODULE, ok}.

test/unit/admin_handler_stats_tests.erl

@@ -2,88 +2,81 @@
 -include_lib("eunit/include/eunit.hrl").
 -include("records.hrl").
 
--define(JWT_SECRET,       <<"test-user-secret-key-32-byt!">>).
--define(ADMIN_JWT_SECRET, <<"test-admin-secret-key-32-b">>).
-
 setup() ->
   ok = meck:new(cowboy_req, [non_strict]),
   ok = meck:new(handler_auth, [non_strict]),
-  ok = meck:new(core_user, [non_strict]),
-  ok = meck:new(mnesia, [non_strict]),
-  ok = meck:expect(mnesia, dirty_match_object, fun(_) -> [] end),
-  application:set_env(eventhub, jwt_secret, ?JWT_SECRET),
-  application:set_env(eventhub, admin_jwt_secret, ?ADMIN_JWT_SECRET),
-  {ok, _} = application:ensure_all_started(jose),
+  ok = meck:new(admin_utils, [non_strict]),
+  ok = meck:new(core_admin, [non_strict]),
+  ok = meck:new(logic_stats, [non_strict]),
+  ok = meck:expect(cowboy_req, reply,
+    fun(Code, _, _, _) -> put(test_reply, Code) end),
   ok.
 
 cleanup(_) ->
-  application:unset_env(eventhub, jwt_secret),
-  application:unset_env(eventhub, admin_jwt_secret),
-  application:stop(jose),
-  meck:unload(mnesia),
-  meck:unload(core_user),
+  meck:unload(logic_stats),
+  meck:unload(core_admin),
+  meck:unload(admin_utils),
   meck:unload(handler_auth),
   meck:unload(cowboy_req).
 
 admin_stats_test_() ->
   {setup, fun setup/0, fun cleanup/1, [
-    {"GET /admin/stats with admin role returns 200 and dashboard data",
-      fun test_stats_admin/0},
-    {"GET /admin/stats with non-admin role returns 403",
-      fun test_stats_forbidden/0},
-    {"POST /admin/stats returns 405",
-      fun test_stats_wrong_method/0},
-    {"Count functions return 0 with empty DB",
-      fun test_count_functions/0}
+    {"GET /admin/stats as superadmin returns 200 with system metrics", fun test_superadmin/0},
+    {"GET /admin/stats as moderator returns 200 with own metrics", fun test_moderator/0},
+    {"GET /admin/stats as support returns 200 with assigned tickets", fun test_support/0},
+    {"GET /admin/stats with non‑admin token returns 403", fun test_forbidden/0},
+    {"POST /admin/stats returns 405", fun test_wrong_method/0}
   ]}.
 
-%% ── Успешный GET с ролью админа ────────────────────────────
-test_stats_admin() ->
+%% --- Суперадмин ---
+test_superadmin() ->
   ok = meck:expect(cowboy_req, method, fun(_) -> <<"GET">> end),
   ok = meck:expect(handler_auth, authenticate,
     fun(Req) -> {ok, <<"adm1">>, Req} end),
-  % Администратор с ролью superadmin
-  AdminUser = #user{id = <<"adm1">>, role = superadmin, _ = '_'},
-  ok = meck:expect(core_user, get_by_id,
-    fun(<<"adm1">>) -> {ok, AdminUser} end),
-  ok = meck:expect(cowboy_req, reply,
-    fun(Code, Headers, Body, Req) ->
-      put(test_reply, {Code, Headers, Body, Req})
-    end),
+  ok = meck:expect(admin_utils, is_admin, fun(_) -> true end),
+  ok = meck:expect(core_admin, get_by_id,
+    fun(<<"adm1">>) -> {ok, #admin{id = <<"adm1">>, role = superadmin}} end),
+  ok = meck:expect(logic_stats, get_stats,
+    fun(superadmin, _) -> #{users => 10, events => 25} end),
   {ok, _, _} = admin_handler_stats:init(req, []),
-  {Status, _, RespBody, _} = erase(test_reply),
-  ?assertEqual(200, Status),
-  Stats = jsx:decode(RespBody, [return_maps]),
-  ?assert(is_map_key(<<"users">>, Stats)),
-  ?assert(is_map_key(<<"events">>, Stats)).
+  ?assertEqual(200, erase(test_reply)).
 
-%% ── Обычный пользователь получает 403 ─────────────────────
-test_stats_forbidden() ->
+%% --- Модератор ---
+test_moderator() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"GET">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {ok, <<"mod1">>, Req} end),
+  ok = meck:expect(admin_utils, is_admin, fun(_) -> true end),
+  ok = meck:expect(core_admin, get_by_id,
+    fun(<<"mod1">>) -> {ok, #admin{id = <<"mod1">>, role = moderator}} end),
+  ok = meck:expect(logic_stats, get_stats,
+    fun(moderator, _) -> #{reports_reviewed => 5} end),
+  {ok, _, _} = admin_handler_stats:init(req, []),
+  ?assertEqual(200, erase(test_reply)).
+
+%% --- Поддержка ---
+test_support() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"GET">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {ok, <<"sup1">>, Req} end),
+  ok = meck:expect(admin_utils, is_admin, fun(_) -> true end),
+  ok = meck:expect(core_admin, get_by_id,
+    fun(<<"sup1">>) -> {ok, #admin{id = <<"sup1">>, role = support}} end),
+  ok = meck:expect(logic_stats, get_stats,
+    fun(support, _) -> #{tickets_assigned => 3} end),
+  {ok, _, _} = admin_handler_stats:init(req, []),
+  ?assertEqual(200, erase(test_reply)).
+
+%% --- Не админ ---
+test_forbidden() ->
   ok = meck:expect(cowboy_req, method, fun(_) -> <<"GET">> end),
   ok = meck:expect(handler_auth, authenticate,
     fun(Req) -> {error, 403, <<"Admin access required">>, Req} end),
-  ok = meck:expect(cowboy_req, reply,
-    fun(Code, Headers, Body, Req) ->
-      put(test_reply, {Code, Headers, Body, Req})
-    end),
   {ok, _, _} = admin_handler_stats:init(req, []),
-  {Status, _, RespBody, _} = erase(test_reply),
-  ?assertEqual(403, Status),
-  ?assertEqual(#{<<"error">> => <<"Admin access required">>}, jsx:decode(RespBody, [return_maps])).
+  ?assertEqual(403, erase(test_reply)).
 
-%% ── Неверный метод ──────────────────────────────────────
-test_stats_wrong_method() ->
+%% --- Неверный метод ---
+test_wrong_method() ->
   ok = meck:expect(cowboy_req, method, fun(_) -> <<"POST">> end),
-  ok = meck:expect(cowboy_req, reply,
-    fun(Code, Headers, Body, Req) ->
-      put(test_reply, {Code, Headers, Body, Req})
-    end),
   {ok, _, _} = admin_handler_stats:init(req, []),
-  {Status, _, RespBody, _} = erase(test_reply),
-  ?assertEqual(405, Status),
-  ?assertEqual(#{<<"error">> => <<"Method not allowed">>}, jsx:decode(RespBody, [return_maps])).
-
-%% ── Функции подсчёта (мок mnesia) ──────────────────────
-test_count_functions() ->
-  ?assertEqual(0, admin_handler_stats:count_users()),
-  ?assertEqual(0, admin_handler_stats:count_events()).
+  ?assertEqual(405, erase(test_reply)).