snipe-it/tests/Feature/Users/ViewUserTest.php

<?php

namespace Tests\Feature\Users;

use Illuminate\Support\Facades\Notification;
use App\Models\Company;
use App\Models\User;
use Tests\TestCase;
use App\Notifications\CurrentInventory;

class ViewUserTest extends TestCase
{
    public function testUserWithoutCompanyPermissionsCannotViewUserDetailPage()
    {
        $this->settings->enableMultipleFullCompanySupport();

        [$companyA, $companyB] = Company::factory()->count(2)->create();

        $superuser = User::factory()->superuser()->create();
        $user = User::factory()->for($companyB)->create();

        $this->actingAs(User::factory()->editUsers()->for($companyA)->create())
            ->get(route('users.show', ['user' => $user->id]))
            ->assertStatus(403);

        $this->actingAs($superuser)
            ->get(route('users.show', ['user' => $user->id]))
            ->assertOk()
            ->assertStatus(200);
    }

    public function testUserWithoutCompanyPermissionsCannotViewPrintAllInventoryPage()
    {
        $this->settings->enableMultipleFullCompanySupport();
        //$this->withoutExceptionHandling();

        [$companyA, $companyB] = Company::factory()->count(2)->create();

        $superuser = User::factory()->superuser()->create();
        $user = User::factory()->for($companyB)->create();

        $this->actingAs(User::factory()->viewUsers()->for($companyA)->create())
            ->get(route('users.print', ['userId' => $user->id]))
            ->assertStatus(403);

        $this->actingAs(User::factory()->viewUsers()->for($companyB)->create())
            ->get(route('users.print', ['userId' => $user->id]))
            ->assertStatus(200);

        $this->actingAs($superuser)
            ->get(route('users.print', ['userId' => $user->id]))
            ->assertOk()
            ->assertStatus(200);
    }

    public function testUserWithoutCompanyPermissionsCannotSendInventory()
    {
        Notification::fake();

        $this->settings->enableMultipleFullCompanySupport();

        [$companyA, $companyB] = Company::factory()->count(2)->create();

        $superuser = User::factory()->superuser()->create();
        $user = User::factory()->for($companyB)->create();

        $this->actingAs(User::factory()->viewUsers()->for($companyA)->create())
            ->post(route('users.email', ['userId' => $user->id]))
            ->assertStatus(403);

        $this->actingAs(User::factory()->viewUsers()->for($companyB)->create())
            ->post(route('users.email', ['userId' => $user->id]))
            ->assertStatus(302);

        $this->actingAs($superuser)
            ->post(route('users.email', ['userId' => $user->id]))
            ->assertStatus(302);

        Notification::assertSentTo(
            [$user], CurrentInventory::class
        );
    }

    public function testUserWithoutCompanyPermissionsCannotDeleteUser()
    {

        $this->settings->enableMultipleFullCompanySupport();

        [$companyA, $companyB] = Company::factory()->count(2)->create();

        $superuser = User::factory()->superuser()->create();
        $userFromA = User::factory()->for($companyA)->create();
        $userFromB = User::factory()->for($companyB)->create();

        $this->followingRedirects()->actingAs(User::factory()->deleteUsers()->for($companyA)->create())
            ->delete(route('users.destroy', ['user' => $userFromB->id]))
            ->assertStatus(403);

        $this->actingAs(User::factory()->deleteUsers()->for($companyA)->create())
            ->delete(route('users.destroy', ['user' => $userFromA->id]))
            ->assertStatus(302)
            ->assertRedirect(route('users.index'));

    }

}
Added more tests Signed-off-by: snipe <snipe@snipe.net> 2024-05-31 15:10:59 -07:00			`<?php`

			`namespace Tests\Feature\Users;`

			`use Illuminate\Support\Facades\Notification;`
			`use App\Models\Company;`
			`use App\Models\User;`
			`use Tests\TestCase;`
			`use App\Notifications\CurrentInventory;`

			`class ViewUserTest extends TestCase`
			`{`
Updated test names Signed-off-by: snipe <snipe@snipe.net> 2024-05-31 15:13:27 -07:00			`public function testUserWithoutCompanyPermissionsCannotViewUserDetailPage()`
Added more tests Signed-off-by: snipe <snipe@snipe.net> 2024-05-31 15:10:59 -07:00			`{`
			`$this->settings->enableMultipleFullCompanySupport();`

			`[$companyA, $companyB] = Company::factory()->count(2)->create();`

			`$superuser = User::factory()->superuser()->create();`
			`$user = User::factory()->for($companyB)->create();`

			`$this->actingAs(User::factory()->editUsers()->for($companyA)->create())`
			`->get(route('users.show', ['user' => $user->id]))`
			`->assertStatus(403);`

			`$this->actingAs($superuser)`
			`->get(route('users.show', ['user' => $user->id]))`
			`->assertOk()`
			`->assertStatus(200);`
			`}`

Updated test names Signed-off-by: snipe <snipe@snipe.net> 2024-05-31 15:13:27 -07:00			`public function testUserWithoutCompanyPermissionsCannotViewPrintAllInventoryPage()`
Added more tests Signed-off-by: snipe <snipe@snipe.net> 2024-05-31 15:10:59 -07:00			`{`
			`$this->settings->enableMultipleFullCompanySupport();`
			`//$this->withoutExceptionHandling();`

			`[$companyA, $companyB] = Company::factory()->count(2)->create();`

			`$superuser = User::factory()->superuser()->create();`
			`$user = User::factory()->for($companyB)->create();`

			`$this->actingAs(User::factory()->viewUsers()->for($companyA)->create())`
			`->get(route('users.print', ['userId' => $user->id]))`
			`->assertStatus(403);`

			`$this->actingAs(User::factory()->viewUsers()->for($companyB)->create())`
			`->get(route('users.print', ['userId' => $user->id]))`
			`->assertStatus(200);`

			`$this->actingAs($superuser)`
			`->get(route('users.print', ['userId' => $user->id]))`
			`->assertOk()`
			`->assertStatus(200);`
			`}`

Updated test names Signed-off-by: snipe <snipe@snipe.net> 2024-05-31 15:13:27 -07:00			`public function testUserWithoutCompanyPermissionsCannotSendInventory()`
Added more tests Signed-off-by: snipe <snipe@snipe.net> 2024-05-31 15:10:59 -07:00			`{`
			`Notification::fake();`

			`$this->settings->enableMultipleFullCompanySupport();`

			`[$companyA, $companyB] = Company::factory()->count(2)->create();`

			`$superuser = User::factory()->superuser()->create();`
			`$user = User::factory()->for($companyB)->create();`

			`$this->actingAs(User::factory()->viewUsers()->for($companyA)->create())`
			`->post(route('users.email', ['userId' => $user->id]))`
			`->assertStatus(403);`

			`$this->actingAs(User::factory()->viewUsers()->for($companyB)->create())`
			`->post(route('users.email', ['userId' => $user->id]))`
			`->assertStatus(302);`

			`$this->actingAs($superuser)`
			`->post(route('users.email', ['userId' => $user->id]))`
			`->assertStatus(302);`

			`Notification::assertSentTo(`
			`[$user], CurrentInventory::class`
			`);`
			`}`

Updated test names Signed-off-by: snipe <snipe@snipe.net> 2024-05-31 15:13:27 -07:00			`public function testUserWithoutCompanyPermissionsCannotDeleteUser()`
Added more tests Signed-off-by: snipe <snipe@snipe.net> 2024-05-31 15:10:59 -07:00			`{`

			`$this->settings->enableMultipleFullCompanySupport();`

			`[$companyA, $companyB] = Company::factory()->count(2)->create();`

			`$superuser = User::factory()->superuser()->create();`
			`$userFromA = User::factory()->for($companyA)->create();`
			`$userFromB = User::factory()->for($companyB)->create();`

			`$this->followingRedirects()->actingAs(User::factory()->deleteUsers()->for($companyA)->create())`
			`->delete(route('users.destroy', ['user' => $userFromB->id]))`
			`->assertStatus(403);`

			`$this->actingAs(User::factory()->deleteUsers()->for($companyA)->create())`
			`->delete(route('users.destroy', ['user' => $userFromA->id]))`
			`->assertStatus(302)`
			`->assertRedirect(route('users.index'));`

			`}`

			`}`