added tests for role updating
This commit is contained in:
parent
2baddc16c2
commit
6cfcbc2d10
2 changed files with 43 additions and 39 deletions
|
|
@ -16,8 +16,6 @@ class AuthTest extends TestCase
|
|||
->postJson('/api/register', [
|
||||
'username' => 'johndoe',
|
||||
'email' => 'john@example.com',
|
||||
'password' => 'password123',
|
||||
'password_confirmation' => 'password123',
|
||||
]);
|
||||
|
||||
$response->assertStatus(201)
|
||||
|
|
@ -31,12 +29,10 @@ class AuthTest extends TestCase
|
|||
$response = $this->postJson('/api/register', [
|
||||
'username' => '',
|
||||
'email' => 'not-an-email',
|
||||
'password' => 'short',
|
||||
'password_confirmation' => 'mismatch',
|
||||
]);
|
||||
|
||||
$response->assertStatus(422)
|
||||
->assertJsonValidationErrors(['username', 'email', 'password']);
|
||||
->assertJsonValidationErrors(['username', 'email']);
|
||||
}
|
||||
|
||||
public function test_registration_fails_with_duplicate_email(): void
|
||||
|
|
@ -46,8 +42,6 @@ class AuthTest extends TestCase
|
|||
$response = $this->postJson('/api/register', [
|
||||
'username' => 'johndoe',
|
||||
'email' => 'john@example.com',
|
||||
'password' => 'password123',
|
||||
'password_confirmation' => 'password123',
|
||||
]);
|
||||
|
||||
$response->assertStatus(422)
|
||||
|
|
@ -61,8 +55,6 @@ class AuthTest extends TestCase
|
|||
$response = $this->postJson('/api/register', [
|
||||
'username' => 'johndoe',
|
||||
'email' => 'john@example.com',
|
||||
'password' => 'password123',
|
||||
'password_confirmation' => 'password123',
|
||||
]);
|
||||
|
||||
$response->assertStatus(422)
|
||||
|
|
@ -111,18 +103,8 @@ class AuthTest extends TestCase
|
|||
|
||||
public function test_unauthenticated_user_cannot_access_protected_routes(): void
|
||||
{
|
||||
$response = $this->getJson('/api/user');
|
||||
$response = $this->getJson('/api/roles');
|
||||
|
||||
$response->assertStatus(401);
|
||||
}
|
||||
|
||||
public function test_authenticated_user_can_access_user_endpoint(): void
|
||||
{
|
||||
$user = User::factory()->create();
|
||||
|
||||
$response = $this->actingAs($user)->getJson('/api/user');
|
||||
|
||||
$response->assertOk()
|
||||
->assertJsonFragment(['email' => $user->email]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,28 +14,11 @@ class UpdateCollaboratorRoleTest extends TestCase
|
|||
use RefreshDatabase;
|
||||
|
||||
private Role $adminRole;
|
||||
|
||||
private Role $editorRole;
|
||||
|
||||
private Role $viewerRole;
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
parent::setUp();
|
||||
$this->seed(DatabaseSeeder::class);
|
||||
|
||||
$this->adminRole = Role::where('name', 'ADMIN')->first();
|
||||
$this->editorRole = Role::where('name', 'EDITOR')->first();
|
||||
$this->viewerRole = Role::where('name', 'VIEWER')->first();
|
||||
}
|
||||
|
||||
private function makeList(User $owner): MovieList
|
||||
{
|
||||
return MovieList::create([
|
||||
'name' => 'Test List',
|
||||
'owner' => $owner->getKey(),
|
||||
'slug' => 'test-list',
|
||||
]);
|
||||
}
|
||||
|
||||
public function test_role_id_is_required(): void
|
||||
{
|
||||
$owner = User::factory()->create();
|
||||
|
|
@ -50,6 +33,15 @@ class UpdateCollaboratorRoleTest extends TestCase
|
|||
->assertJsonValidationErrors(['role_id']);
|
||||
}
|
||||
|
||||
private function makeList(User $owner): MovieList
|
||||
{
|
||||
return MovieList::create([
|
||||
'name' => 'Test List',
|
||||
'owner' => $owner->getKey(),
|
||||
'slug' => 'test-list',
|
||||
]);
|
||||
}
|
||||
|
||||
public function test_role_id_must_exist_in_roles_table(): void
|
||||
{
|
||||
$owner = User::factory()->create();
|
||||
|
|
@ -125,6 +117,26 @@ class UpdateCollaboratorRoleTest extends TestCase
|
|||
$response->assertForbidden();
|
||||
}
|
||||
|
||||
public function test_admin_collaborator_cannot_update_own_role(): void
|
||||
{
|
||||
$owner = User::factory()->create();
|
||||
$admin = User::factory()->create();
|
||||
$movieList = $this->makeList($owner);
|
||||
$movieList->collaborators()->attach($admin, ['role_id' => $this->adminRole->getKey()]);
|
||||
|
||||
$response = $this->actingAs($admin)
|
||||
->patchJson("/api/movielists/{$movieList->getKey()}/collaborators/{$admin->getKey()}", [
|
||||
'role_id' => $this->editorRole->getKey(),
|
||||
]);
|
||||
|
||||
$response->assertUnprocessable();
|
||||
$this->assertDatabaseHas('movie_list_user', [
|
||||
'movie_list_id' => $movieList->getKey(),
|
||||
'user_id' => $admin->getKey(),
|
||||
'role_id' => $this->adminRole->getKey(),
|
||||
]);
|
||||
}
|
||||
|
||||
public function test_unrelated_user_cannot_update_collaborator_role(): void
|
||||
{
|
||||
$owner = User::factory()->create();
|
||||
|
|
@ -140,4 +152,14 @@ class UpdateCollaboratorRoleTest extends TestCase
|
|||
|
||||
$response->assertForbidden();
|
||||
}
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
parent::setUp();
|
||||
$this->seed(DatabaseSeeder::class);
|
||||
|
||||
$this->adminRole = Role::where('name', 'ADMIN')->first();
|
||||
$this->editorRole = Role::where('name', 'EDITOR')->first();
|
||||
$this->viewerRole = Role::where('name', 'VIEWER')->first();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue