163 lines
4.2 KiB
PHP
163 lines
4.2 KiB
PHP
<?php
|
|
|
|
namespace Tests\Feature\Api\Authorization;
|
|
|
|
use Facades\Tests\Setup\RoleFactory;
|
|
use Facades\Tests\Setup\UserFactory;
|
|
use Tests\Feature\ApiTestCase;
|
|
use Vanguard\Http\Resources\RoleResource;
|
|
use Vanguard\Role;
|
|
use Vanguard\User;
|
|
|
|
class RolesControllerTest extends ApiTestCase
|
|
{
|
|
/** @test */
|
|
public function unauthenticated()
|
|
{
|
|
$this->getJson('/api/roles')
|
|
->assertStatus(401);
|
|
}
|
|
|
|
/** @test */
|
|
public function get_settings_without_permission()
|
|
{
|
|
$user = User::factory()->create();
|
|
|
|
$this->actingAs($user, self::API_GUARD)
|
|
->getJson('/api/roles')
|
|
->assertStatus(403);
|
|
}
|
|
|
|
/** @test */
|
|
public function get_roles()
|
|
{
|
|
Role::factory()->times(4)->create();
|
|
|
|
$response = $this->actingAs($this->getUser(), self::API_GUARD)
|
|
->getJson("/api/roles")
|
|
->assertOk();
|
|
|
|
$this->assertCount(7, $response->original);
|
|
}
|
|
|
|
/** @test */
|
|
public function get_role()
|
|
{
|
|
$userRole = Role::whereName('User')->first();
|
|
|
|
$this->actingAs($this->getUser(), self::API_GUARD)
|
|
->getJson("/api/roles/{$userRole->id}")
|
|
->assertOk()
|
|
->assertJson([
|
|
'data' => (new RoleResource($userRole))->resolve()
|
|
]);
|
|
}
|
|
|
|
/** @test */
|
|
public function create_role()
|
|
{
|
|
$this->getUser();
|
|
|
|
$data = [
|
|
'name' => 'foo',
|
|
'display_name' => 'Foo Role',
|
|
'description' => 'This is foo role.'
|
|
];
|
|
|
|
$this->actingAs($this->getUser(), self::API_GUARD)
|
|
->postJson("/api/roles", $data)
|
|
->assertStatus(201)
|
|
->assertJsonFragment($data);
|
|
|
|
$this->assertDatabaseHas('roles', $data);
|
|
}
|
|
|
|
/** @test */
|
|
public function create_role_with_invalid_name()
|
|
{
|
|
$this->be($this->getUser(), self::API_GUARD);
|
|
|
|
$this->postJson("/api/roles")
|
|
->assertStatus(422)
|
|
->assertJsonValidationErrors('name');
|
|
|
|
$this->postJson("/api/roles", ['name' => 'User'])
|
|
->assertStatus(422)
|
|
->assertJsonValidationErrors('name');
|
|
|
|
$this->postJson("/api/roles", ['name' => 'foo bar'])
|
|
->assertStatus(422)
|
|
->assertJsonValidationErrors('name');
|
|
}
|
|
|
|
/** @test */
|
|
public function update_role()
|
|
{
|
|
$user = $this->getUser();
|
|
|
|
$data = ['name' => 'foo'];
|
|
$expected = $data + ['id' => $user->role_id];
|
|
|
|
$this->actingAs($user, self::API_GUARD)
|
|
->patchJson("/api/roles/{$user->role_id}", $data)
|
|
->assertOk()
|
|
->assertJsonFragment($expected);
|
|
|
|
$this->assertDatabaseHas('roles', $expected);
|
|
}
|
|
|
|
/** @test */
|
|
public function partially_update_role()
|
|
{
|
|
$user = $this->getUser();
|
|
|
|
$data = [
|
|
'name' => 'foo',
|
|
'display_name' => 'Foo Role',
|
|
'description' => 'This is foo role.'
|
|
];
|
|
$expected = $data + ['id' => $user->role_id];
|
|
|
|
$this->actingAs($user, self::API_GUARD)
|
|
->patchJson("/api/roles/{$user->role_id}", $data)
|
|
->assertOk()
|
|
->assertJsonFragment($expected);
|
|
|
|
$this->assertDatabaseHas('roles', $expected);
|
|
}
|
|
|
|
/** @test */
|
|
public function remove_role()
|
|
{
|
|
$userRole = Role::whereName('User')->first();
|
|
$role = RoleFactory::removable()->withPermissions('roles.manage')->create();
|
|
$user = UserFactory::role($role)->create();
|
|
|
|
$this->actingAs($user, self::API_GUARD)
|
|
->deleteJson("/api/roles/{$role->id}")
|
|
->assertOk()
|
|
->assertJson(['success' => true]);
|
|
|
|
$this->assertDatabaseMissing('roles', ['id' => $role->id]);
|
|
$this->assertEquals($userRole->id, $user->fresh()->role_id);
|
|
}
|
|
|
|
/** @test */
|
|
public function remove_non_removable_role()
|
|
{
|
|
$role = RoleFactory::withPermissions('roles.manage')->create();
|
|
|
|
$this->actingAs($this->getUser(), self::API_GUARD)
|
|
->deleteJson("/api/roles/{$role->id}")
|
|
->assertForbidden();
|
|
}
|
|
|
|
/**
|
|
* @return mixed
|
|
*/
|
|
private function getUser()
|
|
{
|
|
return UserFactory::user()->withPermissions('roles.manage')->create();
|
|
}
|
|
}
|