117 lines
3.8 KiB
PHP
117 lines
3.8 KiB
PHP
<?php
|
|
|
|
use App\Models\Permission;
|
|
use App\Models\User;
|
|
|
|
function grantManageAccessRightsForPerms(User $user): void
|
|
{
|
|
$perm = Permission::firstOrCreate(['name' => 'manage access rights', 'guard_name' => 'web']);
|
|
Permission::firstOrCreate(['name' => 'view access rights', 'guard_name' => 'web']);
|
|
$user->givePermissionTo($perm);
|
|
}
|
|
|
|
test('guest cannot access permissions index', function () {
|
|
$this->get('/permissions')->assertRedirect('/login');
|
|
});
|
|
|
|
test('user without permission gets 403', function () {
|
|
$u = User::factory()->create();
|
|
$this->actingAs($u)->get('/permissions')->assertForbidden();
|
|
});
|
|
|
|
test('store creates a permission with web guard', function () {
|
|
$admin = User::factory()->create();
|
|
grantManageAccessRightsForPerms($admin);
|
|
|
|
$response = $this->actingAs($admin)->postJson('/permissions', [
|
|
'name' => 'view.reports',
|
|
'guard_name' => 'web',
|
|
]);
|
|
|
|
$response->assertOk()->assertJson(['success' => true]);
|
|
$this->assertDatabaseHas('permissions', [
|
|
'name' => 'view.reports',
|
|
'guard_name' => 'web',
|
|
]);
|
|
});
|
|
|
|
test('same name allowed across different guards', function () {
|
|
$admin = User::factory()->create();
|
|
grantManageAccessRightsForPerms($admin);
|
|
Permission::create(['name' => 'shared.perm', 'guard_name' => 'web']);
|
|
|
|
$this->actingAs($admin)->postJson('/permissions', [
|
|
'name' => 'shared.perm',
|
|
'guard_name' => 'api',
|
|
])->assertOk();
|
|
});
|
|
|
|
test('store rejects duplicate name within same guard', function () {
|
|
$admin = User::factory()->create();
|
|
grantManageAccessRightsForPerms($admin);
|
|
Permission::create(['name' => 'duplicate.perm', 'guard_name' => 'web']);
|
|
|
|
$this->actingAs($admin)->postJson('/permissions', [
|
|
'name' => 'duplicate.perm',
|
|
'guard_name' => 'web',
|
|
])->assertStatus(422);
|
|
});
|
|
|
|
test('store rejects invalid guard', function () {
|
|
$admin = User::factory()->create();
|
|
grantManageAccessRightsForPerms($admin);
|
|
|
|
$this->actingAs($admin)->postJson('/permissions', [
|
|
'name' => 'some.perm',
|
|
'guard_name' => 'console',
|
|
])->assertStatus(422);
|
|
});
|
|
|
|
test('store rejects illegal characters in name', function () {
|
|
$admin = User::factory()->create();
|
|
grantManageAccessRightsForPerms($admin);
|
|
|
|
$this->actingAs($admin)->postJson('/permissions', [
|
|
'name' => 'bad name with space!',
|
|
'guard_name' => 'web',
|
|
])->assertStatus(422);
|
|
});
|
|
|
|
test('update can rename a permission', function () {
|
|
$admin = User::factory()->create();
|
|
grantManageAccessRightsForPerms($admin);
|
|
$p = Permission::create(['name' => 'old.name', 'guard_name' => 'web']);
|
|
|
|
$this->actingAs($admin)->putJson("/permissions/{$p->id}", [
|
|
'name' => 'new.name',
|
|
'guard_name' => 'web',
|
|
])->assertOk();
|
|
|
|
expect($p->fresh()->name)->toBe('new.name');
|
|
});
|
|
|
|
test('toggleStatus flips is_active', function () {
|
|
$admin = User::factory()->create();
|
|
grantManageAccessRightsForPerms($admin);
|
|
$p = Permission::create(['name' => 'flip.able', 'guard_name' => 'web', 'is_active' => 1]);
|
|
|
|
$this->actingAs($admin)
|
|
->postJson('/permissions/toggle-status', ['id' => $p->id, 'status' => 'deactivate'])
|
|
->assertOk();
|
|
expect((bool) $p->fresh()->is_active)->toBeFalse();
|
|
|
|
$this->actingAs($admin)
|
|
->postJson('/permissions/toggle-status', ['id' => $p->id, 'status' => 'activate'])
|
|
->assertOk();
|
|
expect((bool) $p->fresh()->is_active)->toBeTrue();
|
|
});
|
|
|
|
test('destroy soft deletes permission', function () {
|
|
$admin = User::factory()->create();
|
|
grantManageAccessRightsForPerms($admin);
|
|
$p = Permission::create(['name' => 'to.delete', 'guard_name' => 'web']);
|
|
|
|
$this->actingAs($admin)->deleteJson("/permissions/{$p->id}")->assertOk();
|
|
expect(Permission::withTrashed()->find($p->id)->trashed())->toBeTrue();
|
|
});
|