From 61bc21c3037ef8426aff00d8d212bc801cd75739 Mon Sep 17 00:00:00 2001
From: Phan An <me@phanan.net>
Date: Wed, 22 Aug 2018 21:40:04 +0200
Subject: [PATCH] Better tests for User Controller

---
 app/Http/Controllers/API/UserController.php | 13 +++-
 tests/Feature/UserTest.php                  | 78 +++++++++++++++------
 2 files changed, 68 insertions(+), 23 deletions(-)

diff --git a/app/Http/Controllers/API/UserController.php b/app/Http/Controllers/API/UserController.php
index 41b066ae..12466fda 100644
--- a/app/Http/Controllers/API/UserController.php
+++ b/app/Http/Controllers/API/UserController.php
@@ -6,13 +6,20 @@ use App\Http\Requests\API\UserStoreRequest;
 use App\Http\Requests\API\UserUpdateRequest;
 use App\Models\User;
 use Exception;
-use Hash;
 use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Contracts\Hashing\Hasher as Hash;
 use Illuminate\Http\JsonResponse;
 use RuntimeException;
 
 class UserController extends Controller
 {
+    private $hash;
+
+    public function __construct(Hash $hash)
+    {
+        $this->hash = $hash;
+    }
+
     /**
      * Create a new user.
      *
@@ -27,7 +34,7 @@ class UserController extends Controller
         return response()->json(User::create([
             'name' => $request->name,
             'email' => $request->email,
-            'password' => Hash::make($request->password),
+            'password' => $this->hash->make($request->password),
         ]));
     }
 
@@ -46,7 +53,7 @@ class UserController extends Controller
         $data = $request->only('name', 'email');
 
         if ($request->password) {
-            $data['password'] = Hash::make($request->password);
+            $data['password'] = $this->hash->make($request->password);
         }
 
         return response()->json($user->update($data));
diff --git a/tests/Feature/UserTest.php b/tests/Feature/UserTest.php
index 5d2997d0..7a04d103 100644
--- a/tests/Feature/UserTest.php
+++ b/tests/Feature/UserTest.php
@@ -3,34 +3,64 @@
 namespace Tests\Feature;
 
 use App\Models\User;
+use Illuminate\Contracts\Hashing\Hasher;
+use Mockery\MockInterface;
 
 class UserTest extends TestCase
 {
-    /** @test */
-    public function admin_can_create_a_user()
-    {
-        // Non-admins can't do shit
-        $this->postAsUser('api/user', [
-                'name' => 'Foo',
-                'email' => 'bar@baz.com',
-                'password' => 'qux',
-            ])
-            ->seeStatusCode(403);
+    /** @var MockInterface */
+    private $hash;
+
+    public function setUp()
+    {
+        parent::setUp();
+        $this->hash = $this->mockIocDependency(Hasher::class);
+    }
+
+    public function testNonAdminCannotCreateUser()
+    {
+        $this->postAsUser('api/user', [
+            'name' => 'Foo',
+            'email' => 'bar@baz.com',
+            'password' => 'qux',
+        ])->seeStatusCode(403);
+    }
+
+    public function testAdminCreatesUser()
+    {
+        $this->hash
+            ->shouldReceive('make')
+            ->once()
+            ->with('qux')
+            ->andReturn('hashed');
 
-        // But admins can
         $this->postAsUser('api/user', [
                 'name' => 'Foo',
                 'email' => 'bar@baz.com',
                 'password' => 'qux',
             ], factory(User::class, 'admin')->create());
 
-        $this->seeInDatabase('users', ['name' => 'Foo']);
+        self::seeInDatabase('users', [
+            'name' => 'Foo',
+            'email' => 'bar@baz.com',
+            'password' => 'hashed',
+        ]);
     }
 
-    /** @test */
-    public function admin_can_update_a_user()
+    public function testAdminUpdatesUser()
     {
-        $user = factory(User::class)->create();
+        /** @var User $user */
+        $user = factory(User::class)->create([
+            'name' => 'John',
+            'email' => 'john@doe.com',
+            'password' => 'nope',
+        ]);
+
+        $this->hash
+            ->shouldReceive('make')
+            ->once()
+            ->with('qux')
+            ->andReturn('hashed');
 
         $this->putAsUser("api/user/{$user->id}", [
                 'name' => 'Foo',
@@ -38,17 +68,26 @@ class UserTest extends TestCase
                 'password' => 'qux',
             ], factory(User::class, 'admin')->create());
 
-        $this->seeInDatabase('users', ['name' => 'Foo', 'email' => 'bar@baz.com']);
+        self::seeInDatabase('users', [
+            'id' => $user->id,
+            'name' => 'Foo',
+            'email' => 'bar@baz.com',
+            'password' => 'hashed',
+        ]);
     }
 
-    /** @test */
-    public function admin_can_delete_a_user()
+    public function testAdminDeletesUser()
     {
         $user = factory(User::class)->create();
         $admin = factory(User::class, 'admin')->create();
 
         $this->deleteAsUser("api/user/{$user->id}", [], $admin)
             ->notSeeInDatabase('users', ['id' => $user->id]);
+    }
+
+    public function testSeppukuNotAllowed()
+    {
+        $admin = factory(User::class, 'admin')->create();
 
         // A user can't delete himself
         $this->deleteAsUser("api/user/{$admin->id}", [], $admin)
@@ -56,8 +95,7 @@ class UserTest extends TestCase
             ->seeInDatabase('users', ['id' => $admin->id]);
     }
 
-    /** @test */
-    public function user_can_update_their_preferences()
+    public function testUpdateUserProfile()
     {
         $user = factory(User::class)->create();
         $this->assertNull($user->getPreference('foo'));