for(Studio::factory()) ->for(ExternalResource::factory(), StudioResource::RELATION_RESOURCE) ->createOne(); $parameters = StudioResource::factory()->raw(); $response = $this->put(route('api.studioresource.update', ['studio' => $studioResource->studio, 'resource' => $studioResource->resource] + $parameters)); $response->assertUnauthorized(); } /** * The Studio Resource Update Endpoint shall forbid users without the update studio & update resource permissions. * * @return void */ public function testForbidden(): void { $studioResource = StudioResource::factory() ->for(Studio::factory()) ->for(ExternalResource::factory(), StudioResource::RELATION_RESOURCE) ->createOne(); $parameters = StudioResource::factory()->raw(); $user = User::factory()->createOne(); Sanctum::actingAs($user); $response = $this->put(route('api.studioresource.update', ['studio' => $studioResource->studio, 'resource' => $studioResource->resource] + $parameters)); $response->assertForbidden(); } /** * The Studio Resource Update Endpoint shall update a studio resource. * * @return void */ public function testUpdate(): void { $studioResource = StudioResource::factory() ->for(Studio::factory()) ->for(ExternalResource::factory(), StudioResource::RELATION_RESOURCE) ->createOne(); $parameters = StudioResource::factory()->raw(); $user = User::factory() ->withPermissions( CrudPermission::UPDATE()->format(Studio::class), CrudPermission::UPDATE()->format(ExternalResource::class) ) ->createOne(); Sanctum::actingAs($user); $response = $this->put(route('api.studioresource.update', ['studio' => $studioResource->studio, 'resource' => $studioResource->resource] + $parameters)); $response->assertOk(); } }