solocla/zibo-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TRF Certest first commit

Browse Source
This commit is contained in:
Claudio
2025-02-26 08:57:46 +01:00
commit 3ce064a108
2524 changed files with 475404 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/Feature/Api/Profile/AuthDetailsControllerTest.php
+83
View File
@@ -0,0 +1,83 @@
<?php
namespace Tests\Feature\Api\Profile;
use Facades\Tests\Setup\UserFactory;
use Tests\Feature\ApiTestCase;
class AuthDetailsControllerTest extends ApiTestCase
{
/** @test */
public function user_can_update_his_authentication_details()
{
$user = $this->login();
$this->patch('/api/me/details/auth', [
'email' => 'foo@example.com',
'username' => 'john.doe',
'password' => '12345678',
'password_confirmation' => '12345678',
])->assertOk()
->assertJsonFragment(['email' => 'foo@example.com', 'username' => 'john.doe']);
$this->assertTrue(password_verify('12345678', $user->fresh()->password));
}
/** @test */
public function user_can_update_only_email_and_leave_other_fields_unchanged()
{
$user = $this->login();
$this->patch('/api/me/details/auth', [
'email' => 'foo@example.com',
])->assertOk()
->assertJsonFragment(['email' => 'foo@example.com']);
$this->assertEquals($user->username, $user->fresh()->username);
$this->assertEquals($user->password, $user->fresh()->password);
}
/** @test */
public function email_field_is_required()
{
$this->login();
$this->patch('/api/me/details/auth')
->assertJsonValidationErrors('email');
}
/** @test */
public function email_field_must_be_valid_email()
{
$this->login();
$this->patch('/api/me/details/auth', [
'email' => 'invalid email',
])->assertJsonValidationErrors('email');
}
/** @test */
public function email_field_must_be_unique()
{
$this->login();
UserFactory::email('john.doe@test.com')->create();
$this->patch('/api/me/details/auth', [
'email' => 'john.doe@test.com',
])->assertJsonValidationErrors('email');
}
/** @test */
public function username_field_must_be_unique()
{
$this->login();
UserFactory::withCredentials('john.doe', '123123')->create();
$this->patch('/api/me/details/auth', [
'email' => 'john.doe@test.com',
'username' => 'john.doe',
])->assertJsonValidationErrors('username');
}
}
tests/Feature/Api/Profile/AvatarControllerTest.php
+97
View File
@@ -0,0 +1,97 @@
<?php
namespace Tests\Feature\Api\Profile;
use Illuminate\Http\UploadedFile;
use Storage;
use Tests\Feature\ApiTestCase;
class AvatarControllerTest extends ApiTestCase
{
/** @test */
public function only_authenticated_user_can_update_avatar()
{
$this->post('/api/me/avatar')->assertStatus(401);
}
/** @test */
public function upload_avatar_image()
{
$this->login();
Storage::fake('public');
$file = UploadedFile::fake()->image('avatar.png', 500, 500);
$response = $this->post('api/me/avatar', [
'file' => $file,
]);
$this->assertNotNull($response->json('data.avatar'));
$uploadedFile = str_replace(url(''), '', $response->json('data.avatar'));
$uploadedFile = ltrim($uploadedFile, '/');
Storage::disk('public')->assertExists($uploadedFile);
[$width, $height] = getimagesizefromstring(
Storage::disk('public')->get($uploadedFile)
);
$this->assertEquals(160, $width);
$this->assertEquals(160, $height);
}
/** @test */
public function upload_invalid_image()
{
$this->login();
Storage::fake('public');
$file = UploadedFile::fake()->create('avatar.txt', 500);
$this->post('/api/me/avatar', ['file' => $file])
->assertStatus(422)
->assertJsonFragment([
'file' => [
trans('validation.image', ['attribute' => 'file']),
],
]);
}
/** @test */
public function update_avatar_from_external_source()
{
$this->login();
$url = 'http://google.com';
$this->putJson('/api/me/avatar/external', ['url' => $url])
->assertOk()
->assertJsonFragment(['avatar' => $url]);
}
/** @test */
public function update_avatar_with_invalid_external_source()
{
$this->login();
$this->putJson('/api/me/avatar/external', ['url' => 'foo'])
->assertStatus(422);
}
/** @test */
public function delete_avatar()
{
$user = $this->login();
$user->forceFill(['avatar' => 'http://google.com'])->save();
$this->deleteJson('api/me/avatar')
->assertOk()
->assertJsonFragment([
'avatar' => url('assets/img/profile.png'), // default profile image
]);
}
}
tests/Feature/Api/Profile/DetailsControllerTest.php
+117
View File
@@ -0,0 +1,117 @@
<?php
namespace Tests\Feature\Api\Profile;
use Carbon\Carbon;
use Tests\Feature\ApiTestCase;
use Vanguard\Http\Resources\UserResource;
class DetailsControllerTest extends ApiTestCase
{
/** @test */
public function get_user_profile_unauthenticated()
{
$this->getJson('/api/me')->assertStatus(401);
}
/** @test */
public function get_user_profile()
{
$user = $this->login();
$this->getJson('/api/me')
->assertOk()
->assertJson(['data' => (new UserResource($user))->resolve()]);
}
/** @test */
public function update_user_profile_unauthenticated()
{
$this->patchJson('/api/me/details')->assertStatus(401);
}
/** @test */
public function update_user_profile()
{
$user = $this->login();
$data = $this->getData();
$response = $this->patchJson('/api/me/details', $data);
$transformed = (new UserResource($user->fresh()))->resolve();
$response->assertJsonFragment($transformed);
$this->assertDatabaseHas('users', array_merge($data, ['id' => $user->id]));
}
/** @test */
public function partially_update_user_details()
{
$user = $this->login();
$data = [
'first_name' => 'John',
'last_name' => 'Doe',
];
$response = $this->patchJson('/api/me/details', $data);
$transformed = (new UserResource($user->fresh()))->resolve();
$response->assertJsonFragment($transformed);
$this->assertDatabaseHas('users', array_merge($data, [
'id' => $user->id,
'birthday' => $user->birthday->format('Y-m-d'),
'phone' => $user->phone,
'address' => $user->address,
'country_id' => $user->country_id,
]));
}
/** @test */
public function update_without_country_id()
{
$user = $this->login();
$data = $this->getData();
unset($data['country_id']);
$response = $this->patchJson('/api/me/details', $data);
$transformed = (new UserResource($user->fresh()))->resolve();
$response->assertJsonFragment($transformed);
$this->assertDatabaseHas('users', array_merge($data, ['id' => $user->id]));
}
/** @test */
public function update_with_invalid_date_format()
{
$this->login();
$this->patchJson('/api/me/details', ['birthday' => 'foo'])
->assertStatus(422)
->assertJsonFragment([
'birthday' => [
trans('validation.date', ['attribute' => 'birthday']),
],
]);
}
private function getData(array $attrs = []): array
{
return array_merge([
'first_name' => 'John',
'last_name' => 'Doe',
'birthday' => Carbon::now()->subYears(25)->format('Y-m-d'),
'phone' => '(123) 456 789',
'address' => 'some address 1',
'country_id' => 688,
], $attrs);
}
}
tests/Feature/Api/Profile/SessionsControllerTest.php
+66
View File
@@ -0,0 +1,66 @@
<?php
namespace Tests\Feature\Api\Profile;
use Carbon\Carbon;
use Illuminate\Support\Str;
use Tests\Feature\ApiTestCase;
use Vanguard\Http\Resources\SessionResource;
use Vanguard\Repositories\Session\SessionRepository;
use Vanguard\User;
class SessionsControllerTest extends ApiTestCase
{
/** @test */
public function get_user_sessions_unauthenticated()
{
$this->getJson('/api/me/sessions')->assertStatus(401);
}
/** @test */
public function get_sessions_if_non_database_driver_is_used()
{
config(['session.driver' => 'array']);
$this->login();
$this->getJson('/api/me/sessions')->assertStatus(404);
}
/** @test */
public function get_user_sessions()
{
config(['session.driver' => 'database']);
$user = $this->login();
$sessions = $this->generateNonExpiredSessions($user);
$this->getJson('/api/me/sessions')
->assertOk()
->assertJsonFragment([
'data' => SessionResource::collection($sessions)->resolve(),
]);
}
private function generateNonExpiredSessions(User $user, $count = 5)
{
$sessions = [];
$faker = $this->app->make(\Faker\Generator::class);
for ($i = 0; $i < $count; $i++) {
array_push($sessions, [
'id' => Str::random(40),
'user_id' => $user->id,
'ip_address' => $faker->ipv4,
'user_agent' => $faker->userAgent,
'payload' => Str::random(),
'last_activity' => Carbon::now()->subMinute()->timestamp,
]);
}
\DB::table('sessions')->insert($sessions);
return app(SessionRepository::class)->getUserSessions($user->id);
}
}
tests/Feature/Api/Profile/TwoFactorControllerTest.php
+167
View File
@@ -0,0 +1,167 @@
<?php
namespace Tests\Feature\Api\Profile;
use Carbon\Carbon;
use Event;
use PragmaRX\Google2FA\Google2FA;
use Tests\Feature\ApiTestCase;
use Vanguard\Events\User\TwoFactorEnabled;
use Vanguard\Http\Resources\UserResource;
use Vanguard\User;
class TwoFactorControllerTest extends ApiTestCase
{
/** @test */
public function update_2fa_unathenticated()
{
$this->setSettings(['2fa.enabled' => true]);
User::factory()->create();
$this->putJson('api/me/2fa')
->assertStatus(401);
}
/** @test */
public function enable_two_factor_auth()
{
$this->setSettings(['2fa.enabled' => true]);
$this->withoutExceptionHandling();
Event::fake([
TwoFactorEnabled::class,
]);
$user = $this->login();
$this->putJson('api/me/2fa')
->assertOk()
->assertJson(['message' => 'Verification token sent.'])
->assertJsonStructure([
'message',
'qrcode'
]);
$this->assertTrue(
\DB::table('users')
->where('id', $user->id)
->whereNotNull('two_factor_secret')
->exists()
);
Event::assertNotDispatched(TwoFactorEnabled::class);
}
/** @test */
public function verify_user_auth_app_with_correct_code()
{
$google2fa = new Google2FA();
$secret = encrypt($google2fa->generateSecretKey());
$this->setSettings(['2fa.enabled' => true]);
Event::fake([
TwoFactorEnabled::class,
]);
$user = $this->login();
$user->two_factor_secret = $secret;
$user->save();
$validCode = $google2fa->getCurrentOtp(decrypt($user->two_factor_secret));
$response = $this->postJson('api/me/2fa/verify', ['code' => $validCode]);
$updatedUser = (new UserResource($user->fresh()))->resolve();
$response->assertOk()
->assertJsonFragment($updatedUser);
$this->assertTrue(
\DB::table('users')
->where('id', $user->id)
->whereNotNull('two_factor_confirmed_at')
->exists()
);
Event::assertDispatched(TwoFactorEnabled::class);
}
/** @test */
public function verify_user_app_with_invalid_token()
{
$this->setSettings(['2fa.enabled' => true]);
$user = $this->login();
$this->postJson('api/me/2fa/verify', ['code' => '123123'])
->assertStatus(422)
->assertJson(['message' => 'Invalid 2FA token.']);
$this->assertTrue(
\DB::table('users')
->where('id', $user->id)
->whereNull('two_factor_confirmed_at')
->exists()
);
}
/** @test */
public function enable_two_factor_auth_when_it_is_already_enabled()
{
$google2fa = new Google2FA();
$secret = encrypt($google2fa->generateSecretKey());
$this->setSettings(['2fa.enabled' => true]);
$user = $this->login();
$user->two_factor_secret = $secret;
$user->two_factor_confirmed_at = Carbon::now();
$user->save();
$this->putJson('api/me/2fa')
->assertStatus(422)
->assertJson([
'message' => '2FA is already enabled for this user.',
]);
}
/** @test */
public function disable_two_factor_auth()
{
$google2fa = new Google2FA();
$secret = encrypt($google2fa->generateSecretKey());
$this->setSettings(['2fa.enabled' => true]);
$user = User::factory()->create([
'two_factor_secret' => $secret,
'two_factor_confirmed_at' => Carbon::now(),
]);
$this->be($user, self::API_GUARD);
$response = $this->deleteJson('api/me/2fa');
$user = (new UserResource($user->fresh()))->resolve();
$response->assertOk()
->assertJsonFragment($user);
}
/** @test */
public function disable_2fa_when_it_is_already_disabled()
{
$this->setSettings(['2fa.enabled' => true]);
$this->login();
$this->deleteJson('api/me/2fa')
->assertStatus(422)
->assertJson([
'message' => '2FA is not enabled for this user.',
]);
}
}