2015-12-13 12:42:28 +08:00
|
|
|
<?php
|
|
|
|
|
|
2017-02-14 14:53:02 +08:00
|
|
|
namespace Tests\Feature;
|
|
|
|
|
|
2015-12-13 12:42:28 +08:00
|
|
|
use App\Models\User;
|
2021-05-21 19:14:00 +02:00
|
|
|
use Illuminate\Support\Facades\Hash;
|
2024-01-09 19:34:40 +01:00
|
|
|
use Tests\TestCase;
|
2015-12-13 12:42:28 +08:00
|
|
|
|
2024-01-11 13:41:33 +01:00
|
|
|
use function Tests\create_admin;
|
|
|
|
|
use function Tests\create_user;
|
|
|
|
|
|
2017-08-05 17:56:11 +01:00
|
|
|
class UserTest extends TestCase
|
2015-12-13 12:42:28 +08:00
|
|
|
{
|
2019-07-22 09:03:23 +02:00
|
|
|
public function testNonAdminCannotCreateUser(): void
|
2015-12-13 12:42:28 +08:00
|
|
|
{
|
2022-07-27 10:49:33 +02:00
|
|
|
$this->postAs('api/user', [
|
2018-08-22 21:40:04 +02:00
|
|
|
'name' => 'Foo',
|
|
|
|
|
'email' => 'bar@baz.com',
|
2021-05-21 19:14:00 +02:00
|
|
|
'password' => 'secret',
|
2020-09-06 23:20:42 +02:00
|
|
|
'is_admin' => false,
|
2021-05-21 19:14:00 +02:00
|
|
|
])->assertForbidden();
|
2018-08-22 21:40:04 +02:00
|
|
|
}
|
|
|
|
|
|
2019-07-22 09:03:23 +02:00
|
|
|
public function testAdminCreatesUser(): void
|
2018-08-22 21:40:04 +02:00
|
|
|
{
|
2024-01-11 13:41:33 +01:00
|
|
|
$admin = create_admin();
|
2022-07-27 17:32:36 +02:00
|
|
|
|
2022-07-27 10:49:33 +02:00
|
|
|
$this->postAs('api/user', [
|
2020-01-08 15:21:29 +01:00
|
|
|
'name' => 'Foo',
|
|
|
|
|
'email' => 'bar@baz.com',
|
2021-05-21 19:14:00 +02:00
|
|
|
'password' => 'secret',
|
2020-09-06 23:20:42 +02:00
|
|
|
'is_admin' => true,
|
2022-07-27 17:32:36 +02:00
|
|
|
], $admin)
|
2022-07-07 12:45:57 +02:00
|
|
|
->assertSuccessful();
|
2015-12-13 12:42:28 +08:00
|
|
|
|
2022-08-09 20:45:11 +02:00
|
|
|
/** @var User $user */
|
|
|
|
|
$user = User::query()->firstWhere('email', 'bar@baz.com');
|
2021-05-21 19:14:00 +02:00
|
|
|
|
|
|
|
|
self::assertTrue(Hash::check('secret', $user->password));
|
|
|
|
|
self::assertSame('Foo', $user->name);
|
|
|
|
|
self::assertSame('bar@baz.com', $user->email);
|
|
|
|
|
self::assertTrue($user->is_admin);
|
2015-12-13 12:42:28 +08:00
|
|
|
}
|
|
|
|
|
|
2019-07-22 09:03:23 +02:00
|
|
|
public function testAdminUpdatesUser(): void
|
2015-12-13 12:42:28 +08:00
|
|
|
{
|
2024-01-11 13:41:33 +01:00
|
|
|
$admin = create_admin();
|
|
|
|
|
$user = create_admin(['password' => 'secret']);
|
2018-08-22 21:40:04 +02:00
|
|
|
|
2022-07-27 10:49:33 +02:00
|
|
|
$this->putAs("api/user/$user->id", [
|
2020-01-08 15:21:29 +01:00
|
|
|
'name' => 'Foo',
|
|
|
|
|
'email' => 'bar@baz.com',
|
2021-05-21 19:14:00 +02:00
|
|
|
'password' => 'new-secret',
|
2020-06-13 17:19:47 +02:00
|
|
|
'is_admin' => false,
|
2022-07-27 17:32:36 +02:00
|
|
|
], $admin)
|
|
|
|
|
->assertSuccessful();
|
2015-12-13 12:42:28 +08:00
|
|
|
|
2021-05-21 19:14:00 +02:00
|
|
|
$user->refresh();
|
|
|
|
|
|
|
|
|
|
self::assertTrue(Hash::check('new-secret', $user->password));
|
|
|
|
|
self::assertSame('Foo', $user->name);
|
|
|
|
|
self::assertSame('bar@baz.com', $user->email);
|
|
|
|
|
self::assertFalse($user->is_admin);
|
2015-12-13 12:42:28 +08:00
|
|
|
}
|
|
|
|
|
|
2019-07-22 09:03:23 +02:00
|
|
|
public function testAdminDeletesUser(): void
|
2015-12-13 12:42:28 +08:00
|
|
|
{
|
2024-01-11 13:41:33 +01:00
|
|
|
$user = create_user();
|
2015-12-15 08:32:41 -02:00
|
|
|
|
2024-01-11 13:41:33 +01:00
|
|
|
$this->deleteAs("api/user/$user->id", [], create_admin());
|
2022-07-27 17:32:36 +02:00
|
|
|
self::assertModelMissing($user);
|
2018-08-22 21:40:04 +02:00
|
|
|
}
|
|
|
|
|
|
2024-01-11 13:41:33 +01:00
|
|
|
public function testSelfDeletionNotAllowed(): void
|
2018-08-22 21:40:04 +02:00
|
|
|
{
|
2024-01-11 13:41:33 +01:00
|
|
|
$admin = create_admin();
|
2015-12-13 12:42:28 +08:00
|
|
|
|
2022-07-27 17:32:36 +02:00
|
|
|
$this->deleteAs("api/user/$admin->id", [], $admin)->assertForbidden();
|
|
|
|
|
self::assertModelExists($admin);
|
2015-12-13 12:42:28 +08:00
|
|
|
}
|
|
|
|
|
}
|
