fix(review): harden payment, oauth, and migration paths

2026-04-22 10:26:22 +08:00
parent 7fbd5177c2
commit c229f33e9e
33 changed files with 704 additions and 79 deletions
--- a/backend/migrations/112_add_payment_order_provider_key_snapshot.sql
+++ b/backend/migrations/112_add_payment_order_provider_key_snapshot.sql
@@ -1,4 +1,4 @@
-ALTER TABLE payment_orders ADD COLUMN provider_key VARCHAR(30);
+ALTER TABLE payment_orders ADD COLUMN IF NOT EXISTS provider_key VARCHAR(30);

 UPDATE payment_orders
 SET provider_key = (
--- a/backend/migrations/118_wechat_dual_mode_and_auth_source_defaults.sql
+++ b/backend/migrations/118_wechat_dual_mode_and_auth_source_defaults.sql
@@ -21,12 +21,3 @@ VALUES
    ('auth_source_default_oidc_grant_on_signup', 'false'),
    ('auth_source_default_wechat_grant_on_signup', 'false')
 ON CONFLICT (key) DO NOTHING;
-
-UPDATE settings
-SET value = 'false'
-WHERE key IN (
-    'auth_source_default_email_grant_on_signup',
-    'auth_source_default_linuxdo_grant_on_signup',
-    'auth_source_default_oidc_grant_on_signup',
-    'auth_source_default_wechat_grant_on_signup'
-);
--- a/backend/migrations/119_enforce_payment_orders_out_trade_no_unique.sql
+++ b/backend/migrations/119_enforce_payment_orders_out_trade_no_unique.sql
@@ -0,0 +1,7 @@
+-- Replace the legacy non-unique index with a partial unique index.
+-- Keep empty-string legacy rows compatible while enforcing uniqueness for real order IDs.
+DROP INDEX IF EXISTS paymentorder_out_trade_no;
+
+CREATE UNIQUE INDEX IF NOT EXISTS paymentorder_out_trade_no
+    ON payment_orders (out_trade_no)
+    WHERE out_trade_no <> '';
--- a/backend/migrations/auth_identity_payment_migrations_regression_test.go
+++ b/backend/migrations/auth_identity_payment_migrations_regression_test.go
@@ -0,0 +1,37 @@
+package migrations
+
+import (
+	"strings"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestMigration112UsesIdempotentAddColumn(t *testing.T) {
+	content, err := FS.ReadFile("112_add_payment_order_provider_key_snapshot.sql")
+	require.NoError(t, err)
+
+	sql := string(content)
+	require.Contains(t, sql, "ADD COLUMN IF NOT EXISTS provider_key VARCHAR(30)")
+	require.NotContains(t, sql, "ADD COLUMN provider_key VARCHAR(30);")
+}
+
+func TestMigration118DoesNotForceOverwriteAuthSourceGrantDefaults(t *testing.T) {
+	content, err := FS.ReadFile("118_wechat_dual_mode_and_auth_source_defaults.sql")
+	require.NoError(t, err)
+
+	sql := string(content)
+	require.NotContains(t, sql, "UPDATE settings")
+	require.NotContains(t, sql, "SET value = 'false'")
+	require.True(t, strings.Contains(sql, "ON CONFLICT (key) DO NOTHING"))
+}
+
+func TestMigration119EnforcesOutTradeNoPartialUniqueIndex(t *testing.T) {
+	content, err := FS.ReadFile("119_enforce_payment_orders_out_trade_no_unique.sql")
+	require.NoError(t, err)
+
+	sql := string(content)
+	require.Contains(t, sql, "DROP INDEX IF EXISTS paymentorder_out_trade_no")
+	require.Contains(t, sql, "CREATE UNIQUE INDEX IF NOT EXISTS paymentorder_out_trade_no")
+	require.Contains(t, sql, "WHERE out_trade_no <> ''")
+}