DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-10 07:34:06 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
snipe-it/tests/Feature/Users/ViewUserTest.php

107 lines
3.5 KiB
PHP
Raw Normal View History

Added more tests Signed-off-by: snipe <snipe@snipe.net>
2024-05-31 15:10:59 -07:00
<?php
namespace Tests\Feature\Users;
use Illuminate\Support\Facades\Notification;
use App\Models\Company;
use App\Models\User;
use Tests\TestCase;
use App\Notifications\CurrentInventory;
class ViewUserTest extends TestCase
{
public function testUserWithoutPermissionsCannotViewUserDetailPage()
{
$this->settings->enableMultipleFullCompanySupport();
[$companyA, $companyB] = Company::factory()->count(2)->create();
$superuser = User::factory()->superuser()->create();
$user = User::factory()->for($companyB)->create();
$this->actingAs(User::factory()->editUsers()->for($companyA)->create())
->get(route('users.show', ['user' => $user->id]))
->assertStatus(403);
$this->actingAs($superuser)
->get(route('users.show', ['user' => $user->id]))
->assertOk()
->assertStatus(200);
}
public function testUserWithoutPermissionsCannotViewPrintAllInventoryPage()
{
$this->settings->enableMultipleFullCompanySupport();
//$this->withoutExceptionHandling();
[$companyA, $companyB] = Company::factory()->count(2)->create();
$superuser = User::factory()->superuser()->create();
$user = User::factory()->for($companyB)->create();
$this->actingAs(User::factory()->viewUsers()->for($companyA)->create())
->get(route('users.print', ['userId' => $user->id]))
->assertStatus(403);
$this->actingAs(User::factory()->viewUsers()->for($companyB)->create())
->get(route('users.print', ['userId' => $user->id]))
->assertStatus(200);
$this->actingAs($superuser)
->get(route('users.print', ['userId' => $user->id]))
->assertOk()
->assertStatus(200);
}
Derp. Spelling. Signed-off-by: snipe <snipe@snipe.net>
2024-05-31 15:12:13 -07:00
public function testUserWithoutPermissionsCannotSendInventory()
Added more tests Signed-off-by: snipe <snipe@snipe.net>
2024-05-31 15:10:59 -07:00
{
Notification::fake();
$this->settings->enableMultipleFullCompanySupport();
[$companyA, $companyB] = Company::factory()->count(2)->create();
$superuser = User::factory()->superuser()->create();
$user = User::factory()->for($companyB)->create();
$this->actingAs(User::factory()->viewUsers()->for($companyA)->create())
->post(route('users.email', ['userId' => $user->id]))
->assertStatus(403);
$this->actingAs(User::factory()->viewUsers()->for($companyB)->create())
->post(route('users.email', ['userId' => $user->id]))
->assertStatus(302);
$this->actingAs($superuser)
->post(route('users.email', ['userId' => $user->id]))
->assertStatus(302);
Notification::assertSentTo(
[$user], CurrentInventory::class
);
}
Derp. Spelling. Signed-off-by: snipe <snipe@snipe.net>
2024-05-31 15:12:13 -07:00
public function testUserWithoutPermissionsCannotDeleteUser()
Added more tests Signed-off-by: snipe <snipe@snipe.net>
2024-05-31 15:10:59 -07:00
{
$this->settings->enableMultipleFullCompanySupport();
[$companyA, $companyB] = Company::factory()->count(2)->create();
$superuser = User::factory()->superuser()->create();
$userFromA = User::factory()->for($companyA)->create();
$userFromB = User::factory()->for($companyB)->create();
$this->followingRedirects()->actingAs(User::factory()->deleteUsers()->for($companyA)->create())
->delete(route('users.destroy', ['user' => $userFromB->id]))
->assertStatus(403);
$this->actingAs(User::factory()->deleteUsers()->for($companyA)->create())
->delete(route('users.destroy', ['user' => $userFromA->id]))
->assertStatus(302)
->assertRedirect(route('users.index'));
}
}
Reference in a new issue Copy permalink