mirror of
https://github.com/AnimeThemes/animethemes-server.git
synced 2026-07-11 01:24:46 +02:00
da02b741e1
* feat(auth): adding patron role with new permission to bypass feature flags * style: fix StyleCI finding * fix: wiki editors shouldn't have extended CRUD permissions
92 lines
2.1 KiB
PHP
92 lines
2.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Tests\Feature\Http\Api\Document\Page;
|
|
|
|
use App\Enums\Auth\CrudPermission;
|
|
use App\Models\Auth\User;
|
|
use App\Models\Document\Page;
|
|
use Illuminate\Foundation\Testing\WithoutEvents;
|
|
use Laravel\Sanctum\Sanctum;
|
|
use Tests\TestCase;
|
|
|
|
/**
|
|
* Class PageDestroyTest.
|
|
*/
|
|
class PageDestroyTest extends TestCase
|
|
{
|
|
use WithoutEvents;
|
|
|
|
/**
|
|
* The Page Destroy Endpoint shall be protected by sanctum.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function testProtected(): void
|
|
{
|
|
$page = Page::factory()->createOne();
|
|
|
|
$response = $this->delete(route('api.page.destroy', ['page' => $page]));
|
|
|
|
$response->assertUnauthorized();
|
|
}
|
|
|
|
/**
|
|
* The Page Destroy Endpoint shall forbid users without the delete page permission.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function testForbidden(): void
|
|
{
|
|
$page = Page::factory()->createOne();
|
|
|
|
$user = User::factory()->createOne();
|
|
|
|
Sanctum::actingAs($user);
|
|
|
|
$response = $this->delete(route('api.page.destroy', ['page' => $page]));
|
|
|
|
$response->assertForbidden();
|
|
}
|
|
|
|
/**
|
|
* The Page Destroy Endpoint shall forbid users from updating a page that is trashed.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function testTrashed(): void
|
|
{
|
|
$page = Page::factory()->createOne();
|
|
|
|
$page->delete();
|
|
|
|
$user = User::factory()->withPermission(CrudPermission::DELETE()->format(Page::class))->createOne();
|
|
|
|
Sanctum::actingAs($user);
|
|
|
|
$response = $this->delete(route('api.page.destroy', ['page' => $page]));
|
|
|
|
$response->assertNotFound();
|
|
}
|
|
|
|
/**
|
|
* The Page Destroy Endpoint shall delete the page.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function testDeleted(): void
|
|
{
|
|
$page = Page::factory()->createOne();
|
|
|
|
$user = User::factory()->withPermission(CrudPermission::DELETE()->format(Page::class))->createOne();
|
|
|
|
Sanctum::actingAs($user);
|
|
|
|
$response = $this->delete(route('api.page.destroy', ['page' => $page]));
|
|
|
|
$response->assertOk();
|
|
static::assertSoftDeleted($page);
|
|
}
|
|
}
|