86 lines
2.5 KiB
PHP
86 lines
2.5 KiB
PHP
<?php
|
|
|
|
use App\Models\Role;
|
|
use App\Models\User;
|
|
|
|
test('guests cannot access the edit user page', function () {
|
|
$user = User::factory()->create();
|
|
|
|
$this->get(route('users.edit', $user))->assertRedirect('/login');
|
|
});
|
|
|
|
test('authenticated users can access the edit user page', function () {
|
|
$user = User::factory()->create();
|
|
|
|
$this->actingAs($user)
|
|
->get(route('users.edit', $user))
|
|
->assertOk()
|
|
->assertViewIs('users.edit')
|
|
->assertViewHas('user', $user)
|
|
->assertViewHas('roles');
|
|
});
|
|
|
|
test('edit page shows all available roles', function () {
|
|
$roles = Role::factory()->count(3)->create();
|
|
$user = User::factory()->create();
|
|
|
|
$this->actingAs($user)
|
|
->get(route('users.edit', $user))
|
|
->assertOk()
|
|
->assertViewHas('roles', fn ($viewRoles) => $viewRoles->count() === $roles->count());
|
|
});
|
|
|
|
test('can assign roles to a user', function () {
|
|
$user = User::factory()->create();
|
|
$roles = Role::factory()->count(2)->create();
|
|
|
|
$this->actingAs($user)
|
|
->put(route('users.update', $user), ['roles' => $roles->pluck('id')->all()])
|
|
->assertRedirect(route('users.index'))
|
|
->assertSessionHas('status', 'user-updated');
|
|
|
|
expect($user->roles()->count())->toBe(2);
|
|
});
|
|
|
|
test('can remove all roles from a user', function () {
|
|
$user = User::factory()->create();
|
|
$role = Role::factory()->create();
|
|
$user->roles()->attach($role);
|
|
|
|
$this->actingAs($user)
|
|
->put(route('users.update', $user), [])
|
|
->assertRedirect(route('users.index'));
|
|
|
|
expect($user->roles()->count())->toBe(0);
|
|
});
|
|
|
|
test('syncs roles replacing previous assignments', function () {
|
|
$user = User::factory()->create();
|
|
$oldRole = Role::factory()->create();
|
|
$newRole = Role::factory()->create();
|
|
$user->roles()->attach($oldRole);
|
|
|
|
$this->actingAs($user)
|
|
->put(route('users.update', $user), ['roles' => [$newRole->id]]);
|
|
|
|
expect($user->roles()->pluck('id')->all())->toBe([$newRole->id]);
|
|
});
|
|
|
|
test('role ids must exist in the database', function () {
|
|
$user = User::factory()->create();
|
|
|
|
$this->actingAs($user)
|
|
->put(route('users.update', $user), ['roles' => [999]])
|
|
->assertSessionHasErrors('roles.*');
|
|
});
|
|
|
|
test('guests cannot update user roles', function () {
|
|
$user = User::factory()->create();
|
|
$role = Role::factory()->create();
|
|
|
|
$this->put(route('users.update', $user), ['roles' => [$role->id]])
|
|
->assertRedirect('/login');
|
|
|
|
expect($user->roles()->count())->toBe(0);
|
|
});
|