47 lines
1.5 KiB
PHP
47 lines
1.5 KiB
PHP
<?php
|
|
|
|
use App\Models\Permission;
|
|
use App\Models\User;
|
|
use Illuminate\Support\Facades\Cache;
|
|
use Illuminate\Support\Facades\Route;
|
|
|
|
beforeEach(function () {
|
|
Cache::flush();
|
|
|
|
Route::middleware(['web', 'auth', 'active-permission:probe'])
|
|
->get('/__probe', fn () => response('ok'))
|
|
->name('test.probe');
|
|
});
|
|
|
|
test('inactive permission returns 403 even when user has it', function () {
|
|
Permission::firstOrCreate(['name' => 'probe', 'guard_name' => 'web', 'is_active' => false]);
|
|
$user = User::factory()->create();
|
|
$user->givePermissionTo('probe');
|
|
|
|
$this->actingAs($user)->get('/__probe')->assertForbidden();
|
|
});
|
|
|
|
test('active permission allows the request through', function () {
|
|
Permission::firstOrCreate(['name' => 'probe', 'guard_name' => 'web', 'is_active' => true]);
|
|
$user = User::factory()->create();
|
|
$user->givePermissionTo('probe');
|
|
|
|
$this->actingAs($user)->get('/__probe')->assertOk()->assertSeeText('ok');
|
|
});
|
|
|
|
test('missing permission returns 403', function () {
|
|
$user = User::factory()->create();
|
|
|
|
$this->actingAs($user)->get('/__probe')->assertForbidden();
|
|
});
|
|
|
|
test('cache is consulted on subsequent hits', function () {
|
|
Permission::firstOrCreate(['name' => 'probe', 'guard_name' => 'web', 'is_active' => true]);
|
|
$user = User::factory()->create();
|
|
$user->givePermissionTo('probe');
|
|
|
|
$this->actingAs($user)->get('/__probe')->assertOk();
|
|
|
|
expect(Cache::has('permission_status:probe'))->toBeTrue();
|
|
});
|