#!/bin/bash # ISO 27001 風險管理功能測試腳本 echo "=========================================" echo "ISO 27001 風險管理功能測試" echo "=========================================" echo "" # 設定 API 基礎 URL API_URL="http://localhost:8000/api" # 顏色定義 GREEN='\033[0;32m' RED='\033[0;31m' YELLOW='\033[1;33m' NC='\033[0m' # No Color # 測試計數器 total_tests=0 passed_tests=0 failed_tests=0 # 測試函數 test_api() { local test_name=$1 local method=$2 local endpoint=$3 local data=$4 total_tests=$((total_tests + 1)) echo -n "測試 ${total_tests}: ${test_name} ... " if [ "$method" == "GET" ]; then response=$(curl -s -w "\n%{http_code}" -X GET "${API_URL}${endpoint}") elif [ "$method" == "POST" ]; then response=$(curl -s -w "\n%{http_code}" -X POST "${API_URL}${endpoint}" \ -H "Content-Type: application/json" \ -d "$data") fi http_code=$(echo "$response" | tail -n1) body=$(echo "$response" | sed '$d') if [ "$http_code" -ge 200 ] && [ "$http_code" -lt 300 ]; then echo -e "${GREEN}✓ 通過${NC} (HTTP $http_code)" passed_tests=$((passed_tests + 1)) return 0 else echo -e "${RED}✗ 失敗${NC} (HTTP $http_code)" echo " 回應: $body" failed_tests=$((failed_tests + 1)) return 1 fi } echo "1. 後端 API 測試" echo "----------------------------------------" # 測試風險類別 API test_api "取得風險類別列表" "GET" "/risks/categories/" # 測試威脅來源 API test_api "取得威脅來源列表" "GET" "/risks/threat-sources/" # 測試脆弱性 API test_api "取得脆弱性列表" "GET" "/risks/vulnerabilities/" # 測試風險列表 API test_api "取得風險列表" "GET" "/risks/risks/" # 測試風險統計 API test_api "取得風險統計" "GET" "/risks/risks/statistics/" # 測試風險矩陣 API test_api "取得風險矩陣" "GET" "/risks/risks/risk_matrix/" # 測試新增風險 test_data='{ "title": "測試風險-DDoS攻擊", "description": "網站可能遭受 DDoS 攻擊導致服務中斷", "likelihood": 4, "impact": 5, "status": "identified" }' test_api "新增風險記錄" "POST" "/risks/risks/" "$test_data" echo "" echo "2. 前端檔案檢查" echo "----------------------------------------" check_file() { local file_path=$1 local file_name=$2 total_tests=$((total_tests + 1)) echo -n "檢查 ${total_tests}: ${file_name} ... " if [ -f "$file_path" ]; then echo -e "${GREEN}✓ 存在${NC}" passed_tests=$((passed_tests + 1)) return 0 else echo -e "${RED}✗ 不存在${NC}" failed_tests=$((failed_tests + 1)) return 1 fi } FRONTEND_DIR="/root/projects/iso27001-system/frontend/src" check_file "${FRONTEND_DIR}/types/risk.ts" "風險型別定義" check_file "${FRONTEND_DIR}/api/risks.ts" "風險 API" check_file "${FRONTEND_DIR}/pages/RiskList.tsx" "風險列表頁面" check_file "${FRONTEND_DIR}/pages/RiskForm.tsx" "風險表單頁面" echo "" echo "3. 資料庫檢查" echo "----------------------------------------" # 檢查資料庫表是否存在(需要 docker-compose 運行中) # 這部分可以根據實際環境調整 echo "" echo "=========================================" echo "測試結果總結" echo "=========================================" echo -e "總測試數: ${total_tests}" echo -e "${GREEN}通過: ${passed_tests}${NC}" echo -e "${RED}失敗: ${failed_tests}${NC}" echo "" if [ $failed_tests -eq 0 ]; then echo -e "${GREEN}✓ 所有測試通過!${NC}" exit 0 else echo -e "${RED}✗ 有 ${failed_tests} 個測試失敗${NC}" exit 1 fi