2023-06-22 12:36:43 -07:00
|
|
|
<?php
|
|
|
|
|
2024-06-04 10:48:53 -07:00
|
|
|
namespace Tests\Feature\Assets\Api;
|
2023-06-22 12:36:43 -07:00
|
|
|
|
|
|
|
use App\Models\Asset;
|
|
|
|
use App\Models\Company;
|
|
|
|
use App\Models\User;
|
|
|
|
use Tests\TestCase;
|
|
|
|
|
2024-06-03 16:54:59 -07:00
|
|
|
class RequestableAssetTest extends TestCase
|
2023-06-22 12:36:43 -07:00
|
|
|
{
|
|
|
|
public function testViewingRequestableAssetsRequiresCorrectPermission()
|
|
|
|
{
|
2023-06-22 17:37:30 -07:00
|
|
|
$this->actingAsForApi(User::factory()->create())
|
|
|
|
->getJson(route('api.assets.requestable'))
|
|
|
|
->assertForbidden();
|
2023-06-22 12:36:43 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testReturnsRequestableAssets()
|
|
|
|
{
|
|
|
|
$requestableAsset = Asset::factory()->requestable()->create(['asset_tag' => 'requestable']);
|
|
|
|
$nonRequestableAsset = Asset::factory()->nonrequestable()->create(['asset_tag' => 'non-requestable']);
|
|
|
|
|
2023-06-22 17:37:30 -07:00
|
|
|
$this->actingAsForApi(User::factory()->viewRequestableAssets()->create())
|
|
|
|
->getJson(route('api.assets.requestable'))
|
2023-06-22 14:41:56 -07:00
|
|
|
->assertOk()
|
|
|
|
->assertResponseContainsInRows($requestableAsset, 'asset_tag')
|
|
|
|
->assertResponseDoesNotContainInRows($nonRequestableAsset, 'asset_tag');
|
2023-06-22 12:36:43 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testRequestableAssetsAreScopedToCompanyWhenMultipleCompanySupportEnabled()
|
|
|
|
{
|
|
|
|
[$companyA, $companyB] = Company::factory()->count(2)->create();
|
|
|
|
|
|
|
|
$assetA = Asset::factory()->requestable()->for($companyA)->create(['asset_tag' => '0001']);
|
|
|
|
$assetB = Asset::factory()->requestable()->for($companyB)->create(['asset_tag' => '0002']);
|
|
|
|
|
|
|
|
$superUser = $companyA->users()->save(User::factory()->superuser()->make());
|
|
|
|
$userInCompanyA = $companyA->users()->save(User::factory()->viewRequestableAssets()->make());
|
|
|
|
$userInCompanyB = $companyB->users()->save(User::factory()->viewRequestableAssets()->make());
|
|
|
|
|
|
|
|
$this->settings->disableMultipleFullCompanySupport();
|
|
|
|
|
2023-06-22 17:37:30 -07:00
|
|
|
$this->actingAsForApi($superUser)
|
|
|
|
->getJson(route('api.assets.requestable'))
|
2023-06-22 14:41:56 -07:00
|
|
|
->assertResponseContainsInRows($assetA, 'asset_tag')
|
|
|
|
->assertResponseContainsInRows($assetB, 'asset_tag');
|
2023-06-22 12:36:43 -07:00
|
|
|
|
2023-06-22 17:37:30 -07:00
|
|
|
$this->actingAsForApi($userInCompanyA)
|
|
|
|
->getJson(route('api.assets.requestable'))
|
2023-06-22 14:41:56 -07:00
|
|
|
->assertResponseContainsInRows($assetA, 'asset_tag')
|
|
|
|
->assertResponseContainsInRows($assetB, 'asset_tag');
|
2023-06-22 12:36:43 -07:00
|
|
|
|
2023-06-22 17:37:30 -07:00
|
|
|
$this->actingAsForApi($userInCompanyB)
|
|
|
|
->getJson(route('api.assets.requestable'))
|
2023-06-22 14:41:56 -07:00
|
|
|
->assertResponseContainsInRows($assetA, 'asset_tag')
|
|
|
|
->assertResponseContainsInRows($assetB, 'asset_tag');
|
2023-06-22 12:36:43 -07:00
|
|
|
|
|
|
|
$this->settings->enableMultipleFullCompanySupport();
|
|
|
|
|
2023-06-22 17:37:30 -07:00
|
|
|
$this->actingAsForApi($superUser)
|
|
|
|
->getJson(route('api.assets.requestable'))
|
2023-06-22 14:41:56 -07:00
|
|
|
->assertResponseContainsInRows($assetA, 'asset_tag')
|
|
|
|
->assertResponseContainsInRows($assetB, 'asset_tag');
|
2023-06-22 12:36:43 -07:00
|
|
|
|
2023-06-22 17:37:30 -07:00
|
|
|
$this->actingAsForApi($userInCompanyA)
|
|
|
|
->getJson(route('api.assets.requestable'))
|
2023-06-22 14:41:56 -07:00
|
|
|
->assertResponseContainsInRows($assetA, 'asset_tag')
|
|
|
|
->assertResponseDoesNotContainInRows($assetB, 'asset_tag');
|
2023-06-22 12:36:43 -07:00
|
|
|
|
2023-06-22 17:37:30 -07:00
|
|
|
$this->actingAsForApi($userInCompanyB)
|
|
|
|
->getJson(route('api.assets.requestable'))
|
2023-06-22 14:41:56 -07:00
|
|
|
->assertResponseDoesNotContainInRows($assetA, 'asset_tag')
|
|
|
|
->assertResponseContainsInRows($assetB, 'asset_tag');
|
2023-06-22 12:36:43 -07:00
|
|
|
}
|
|
|
|
}
|