fix(course-package): extract role_key from JWT sub roles objects

JWT sub.roles is an array of objects with role_key field, not plain strings. Fix extractRoleKeys to map role_key from each role object. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-30 08:41:54 +08:00
parent 1ddeb21ca7
commit 894ca05566
2 changed files with 25 additions and 12 deletions
@@ -7,5 +7,8 @@ HUIKE_ADMIN_BASE_URL=https://admin.moicen.com
 MOICEN_ADMIN_USER=
 MOICEN_ADMIN_PASSWORD=

+# 课包（course_package）测试依赖 MOICEN_E2E_UNIONID（共用 teacher/student unionid）
+# 测试通过 JWT roles 验证只有 TEACHER/SUPERVISOR 角色可访问课包 API。
+
 # 可选：任意 HTTP 200 健康检查 URL（CI 可在仓库 Settings → Variables 配置 MOICEN_HEALTHCHECK_URL）
 MOICEN_HEALTHCHECK_URL=