Tests around authorization logic

laravel · Jul 11, 2023 · f99f3c4 · f99f3c4
1 parent 64a37c5
commit f99f3c4
Show file tree

Hide file tree

Showing 5 changed files with 74 additions and 5 deletions.
diff --git a/tests/Feature/Console/ListCommandTest.php b/tests/Feature/Console/ListCommandTest.php
@@ -26,6 +26,7 @@
     expect($exitCode)->toBe(0)
         ->and($output->fetch())->toBe(<<<'EOF'
 
+          GET       /books ........................................................................................................... books/index.blade.php
           GET       /books/{...book}/detail ........................................................ books/[...Tests.Feature.Fixtures.Book]/detail.blade.php
           GET       /categories/{category} ......................................................... categories/[.Tests.Feature.Fixtures.Category].blade.php
           GET       /deleted-podcasts/{podcast} ............................................... deleted-podcasts/[.Tests.Feature.Fixtures.Podcast].blade.php
@@ -38,7 +39,7 @@
           GET       /users/nuno ....................................................................................................... users/nuno.blade.php
           GET       /users/{id} ....................................................................................................... users/[id].blade.php
 
-                                                                                                                                         Showing [11] routes
+                                                                                                                                         Showing [12] routes
 
 
         EOF);
@@ -54,7 +55,7 @@
 
     expect($exitCode)->toBe(0)
         ->and($output->fetch())->toStartWith(<<<'EOF'
-        [{"method":"GET","uri":"\/books\/{...book}\/detail","view":"books\/[...Tests.Feature.Fixtures.Book]\/detail.blade.php"},{"method":"GET","uri":"\/categories\/{category}","view":"categ
+        [{"method":"GET","uri":"\/books","view":"books\/index.blade.php"},{"method":"GET","uri":"\/books\/{...book}\/detail
         EOF);
 });
 
@@ -92,14 +93,15 @@
     expect($exitCode)->toBe(0)
         ->and($output->fetch())->toBe(<<<'EOF'
 
+          GET       /books ........................................................................................................... books/index.blade.php
           GET       /books/{...book}/detail ........................................................ books/[...Tests.Feature.Fixtures.Book]/detail.blade.php
           GET       /categories/{category} ......................................................... categories/[.Tests.Feature.Fixtures.Category].blade.php
           GET       /flights ....................................................................................................... flights/index.blade.php
           GET       /non-routables/{nonRoutable} ............................................. non-routables/[.Tests.Feature.Fixtures.NonRoutable].blade.php
           GET       /users/nuno ....................................................................................................... users/nuno.blade.php
           GET       /users/{id} ....................................................................................................... users/[id].blade.php
 
-                                                                                                                                          Showing [6] routes
+                                                                                                                                          Showing [7] routes
 
 
         EOF);
@@ -182,6 +184,7 @@
     expect($exitCode)->toBe(0)
         ->and($output->fetch())->toBe(<<<'EOF'
 
+          GET       /books ....................................................................... tests/Feature/resources/views/pages/books/index.blade.php
           GET       / ............................................................................. tests/Feature/resources/views/more-pages/index.blade.php
           GET       /books/{...book}/detail .................... tests/Feature/resources/views/pages/books/[...Tests.Feature.Fixtures.Book]/detail.blade.php
           GET       /categories/{category} ..................... tests/Feature/resources/views/pages/categories/[.Tests.Feature.Fixtures.Category].blade.php
@@ -197,7 +200,7 @@
           GET       /{...user} ................................................................ tests/Feature/resources/views/more-pages/[...User].blade.php
           GET       /{...user}/detail .................................................. tests/Feature/resources/views/more-pages/[...User]/detail.blade.php
 
-                                                                                                                                         Showing [14] routes
+                                                                                                                                         Showing [15] routes
 
 
         EOF);

diff --git a/tests/Feature/Fixtures/Book.php b/tests/Feature/Fixtures/Book.php
@@ -6,5 +6,5 @@
 
 class Book extends Model
 {
-    //
+    protected $guarded = [];
 }
diff --git a/tests/Feature/Fixtures/User.php b/tests/Feature/Fixtures/User.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace Tests\Feature\Fixtures;
+
+use Illuminate\Database\Eloquent\Relations\HasMany;
+use Illuminate\Foundation\Auth\User as BaseUser;
+
+class User extends BaseUser
+{
+    protected $guarded = [];
+
+    public function books(): HasMany
+    {
+        return $this->hasMany(Book::class);
+    }
+}
diff --git a/tests/Feature/ViewTest.php b/tests/Feature/ViewTest.php
@@ -1,6 +1,10 @@
 <?php
 
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Schema;
 use Laravel\Folio\Folio;
+use Tests\Feature\Fixtures\Book;
+use Tests\Feature\Fixtures\User;
 
 it('may have blade php blocks', function () {
     Folio::route(__DIR__.'/resources/views/pages');
@@ -20,3 +24,32 @@
 
     $response->assertSee('Rendered [2] time from PHP block.');
 });
+
+it('may have blade php blocks with authorization logic', function () {
+    Folio::route(__DIR__.'/resources/views/pages');
+
+    Schema::create('users', function ($table) {
+        $table->id();
+        $table->timestamps();
+    });
+
+    Schema::create('books', function ($table) {
+        $table->id();
+        $table->string('title');
+        $table->foreignId('user_id');
+        $table->timestamps();
+    });
+
+    $user = User::create();
+
+    Book::create([
+        'title' => 'test-book-title',
+        'user_id' => $user->id,
+    ]);
+
+    Gate::define('view-books', fn () => true);
+    $this->actingAs($user)->get('/books')->assertStatus(200);
+
+    Gate::define('view-books', fn () => false);
+    $this->actingAs($user)->get('/books')->assertStatus(403);
+});
diff --git a/tests/Feature/resources/views/pages/books/index.blade.php b/tests/Feature/resources/views/pages/books/index.blade.php
@@ -0,0 +1,17 @@
+@php
+    use Illuminate\Support\Facades\Gate;
+
+    if (! Gate::check('view-books')) {
+        abort(403);
+    }
+
+    $user = auth()->user();
+
+    $books = $user->books;
+@endphp
+
+@foreach ($books as $book)
+    <div>
+        {{ $book->title }}
+    </div>
+@endforeach