From f99f3c4ba15b5145b999e10cfef1d2640ab11537 Mon Sep 17 00:00:00 2001 From: Nuno Maduro Date: Tue, 11 Jul 2023 13:41:08 +0100 Subject: [PATCH] Tests around authorization logic --- tests/Feature/Console/ListCommandTest.php | 11 ++++--- tests/Feature/Fixtures/Book.php | 2 +- tests/Feature/Fixtures/User.php | 16 +++++++++ tests/Feature/ViewTest.php | 33 +++++++++++++++++++ .../views/pages/books/index.blade.php | 17 ++++++++++ 5 files changed, 74 insertions(+), 5 deletions(-) create mode 100644 tests/Feature/Fixtures/User.php create mode 100644 tests/Feature/resources/views/pages/books/index.blade.php diff --git a/tests/Feature/Console/ListCommandTest.php b/tests/Feature/Console/ListCommandTest.php index ad71e85..b5851d8 100644 --- a/tests/Feature/Console/ListCommandTest.php +++ b/tests/Feature/Console/ListCommandTest.php @@ -26,6 +26,7 @@ expect($exitCode)->toBe(0) ->and($output->fetch())->toBe(<<<'EOF' + GET /books ........................................................................................................... books/index.blade.php GET /books/{...book}/detail ........................................................ books/[...Tests.Feature.Fixtures.Book]/detail.blade.php GET /categories/{category} ......................................................... categories/[.Tests.Feature.Fixtures.Category].blade.php GET /deleted-podcasts/{podcast} ............................................... deleted-podcasts/[.Tests.Feature.Fixtures.Podcast].blade.php @@ -38,7 +39,7 @@ GET /users/nuno ....................................................................................................... users/nuno.blade.php GET /users/{id} ....................................................................................................... users/[id].blade.php - Showing [11] routes + Showing [12] routes EOF); @@ -54,7 +55,7 @@ expect($exitCode)->toBe(0) ->and($output->fetch())->toStartWith(<<<'EOF' - [{"method":"GET","uri":"\/books\/{...book}\/detail","view":"books\/[...Tests.Feature.Fixtures.Book]\/detail.blade.php"},{"method":"GET","uri":"\/categories\/{category}","view":"categ + [{"method":"GET","uri":"\/books","view":"books\/index.blade.php"},{"method":"GET","uri":"\/books\/{...book}\/detail EOF); }); @@ -92,6 +93,7 @@ expect($exitCode)->toBe(0) ->and($output->fetch())->toBe(<<<'EOF' + GET /books ........................................................................................................... books/index.blade.php GET /books/{...book}/detail ........................................................ books/[...Tests.Feature.Fixtures.Book]/detail.blade.php GET /categories/{category} ......................................................... categories/[.Tests.Feature.Fixtures.Category].blade.php GET /flights ....................................................................................................... flights/index.blade.php @@ -99,7 +101,7 @@ GET /users/nuno ....................................................................................................... users/nuno.blade.php GET /users/{id} ....................................................................................................... users/[id].blade.php - Showing [6] routes + Showing [7] routes EOF); @@ -182,6 +184,7 @@ expect($exitCode)->toBe(0) ->and($output->fetch())->toBe(<<<'EOF' + GET /books ....................................................................... tests/Feature/resources/views/pages/books/index.blade.php GET / ............................................................................. tests/Feature/resources/views/more-pages/index.blade.php GET /books/{...book}/detail .................... tests/Feature/resources/views/pages/books/[...Tests.Feature.Fixtures.Book]/detail.blade.php GET /categories/{category} ..................... tests/Feature/resources/views/pages/categories/[.Tests.Feature.Fixtures.Category].blade.php @@ -197,7 +200,7 @@ GET /{...user} ................................................................ tests/Feature/resources/views/more-pages/[...User].blade.php GET /{...user}/detail .................................................. tests/Feature/resources/views/more-pages/[...User]/detail.blade.php - Showing [14] routes + Showing [15] routes EOF); diff --git a/tests/Feature/Fixtures/Book.php b/tests/Feature/Fixtures/Book.php index ccd909a..60aef20 100644 --- a/tests/Feature/Fixtures/Book.php +++ b/tests/Feature/Fixtures/Book.php @@ -6,5 +6,5 @@ class Book extends Model { - // + protected $guarded = []; } diff --git a/tests/Feature/Fixtures/User.php b/tests/Feature/Fixtures/User.php new file mode 100644 index 0000000..d0d1a43 --- /dev/null +++ b/tests/Feature/Fixtures/User.php @@ -0,0 +1,16 @@ +hasMany(Book::class); + } +} diff --git a/tests/Feature/ViewTest.php b/tests/Feature/ViewTest.php index 209f419..a586f67 100644 --- a/tests/Feature/ViewTest.php +++ b/tests/Feature/ViewTest.php @@ -1,6 +1,10 @@ assertSee('Rendered [2] time from PHP block.'); }); + +it('may have blade php blocks with authorization logic', function () { + Folio::route(__DIR__.'/resources/views/pages'); + + Schema::create('users', function ($table) { + $table->id(); + $table->timestamps(); + }); + + Schema::create('books', function ($table) { + $table->id(); + $table->string('title'); + $table->foreignId('user_id'); + $table->timestamps(); + }); + + $user = User::create(); + + Book::create([ + 'title' => 'test-book-title', + 'user_id' => $user->id, + ]); + + Gate::define('view-books', fn () => true); + $this->actingAs($user)->get('/books')->assertStatus(200); + + Gate::define('view-books', fn () => false); + $this->actingAs($user)->get('/books')->assertStatus(403); +}); diff --git a/tests/Feature/resources/views/pages/books/index.blade.php b/tests/Feature/resources/views/pages/books/index.blade.php new file mode 100644 index 0000000..6be315c --- /dev/null +++ b/tests/Feature/resources/views/pages/books/index.blade.php @@ -0,0 +1,17 @@ +@php + use Illuminate\Support\Facades\Gate; + + if (! Gate::check('view-books')) { + abort(403); + } + + $user = auth()->user(); + + $books = $user->books; +@endphp + +@foreach ($books as $book) +
+ {{ $book->title }} +
+@endforeach