Based restore API test

Signed-off-by: snipe <snipe@snipe.net>
2025-03-05 20:52:15 -08:00 · 2024-06-22 20:35:40 +01:00 · 2024-06-22 20:35:40 +01:00 · 3a05d72124
parent 7ec44e46ce
commit 3a05d72124
1 changed files with 109 additions and 0 deletions
--- a/tests/Feature/Users/Api/RestoreUserTest.php
+++ b/tests/Feature/Users/Api/RestoreUserTest.php
@ -0,0 +1,109 @@
+<?php
+
+namespace Tests\Feature\Users\Api;
+
+use App\Models\Company;
+use App\Models\LicenseSeat;
+use App\Models\Location;
+use App\Models\User;
+use Tests\TestCase;
+
+class RestoreUserTest extends TestCase
+{
+
+
+    public function testErrorReturnedViaApiIfUserDoesNotExist()
+    {
+        $this->actingAsForApi(User::factory()->deleteUsers()->create())
+            ->postJson(route('api.users.restore', 'invalid-id'))
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
+    }
+
+    public function testErrorReturnedViaApiIfUserIsNotDeleted()
+    {
+        $user = User::factory()->create();
+        $this->actingAsForApi(User::factory()->deleteUsers()->create())
+            ->postJson(route('api.users.restore', $user->id))
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
+    }
+
+
+    public function testDeniedPermissionsForRestoringUserViaApi()
+    {
+        $this->actingAsForApi(User::factory()->create())
+            ->postJson(route('api.users.restore', User::factory()->deletedUser()->create()))
+            ->assertStatus(403)
+            ->json();
+    }
+
+    public function testSuccessPermissionsForRestoringUserViaApi()
+    {
+        $deleted_user = User::factory()->deletedUser()->create();
+        \Log::warning($deleted_user);
+
+        $admin = User::factory()->deleteUsers()->create();
+        \Log::warning($admin->permissions);
+
+        $this->actingAsForApi($admin)
+            ->postJson(route('api.users.restore', ['user' => $deleted_user]))
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('success')
+            ->json();
+
+        $deleted_user->refresh();
+        $this->assertNull($deleted_user->deleted_at);
+    }
+
+    public function testPermissionsForRestoringIfNotInSameCompanyAndNotSuperadmin()
+    {
+        $this->settings->enableMultipleFullCompanySupport();
+
+        [$companyA, $companyB] = Company::factory()->count(2)->create();
+
+        $superuser = User::factory()->superuser()->create();
+        $userFromA = User::factory()->deletedUser()->deleteUsers()->for($companyA)->create();
+        $userFromB = User::factory()->deletedUser()->deleteUsers()->for($companyB)->create();
+
+        $this->actingAsForApi($userFromA)
+            ->postJson(route('api.users.restore', ['user' => $userFromB->id]))
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
+
+        $userFromB->refresh();
+        $this->assertNotNull($userFromB->deleted_at);
+
+        $this->actingAsForApi($userFromB)
+            ->postJson(route('api.users.restore', ['user' => $userFromA->id]))
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
+
+        $userFromA->refresh();
+        $this->assertNotNull($userFromA->deleted_at);
+
+        $this->actingAsForApi($superuser)
+            ->postJson(route('api.users.restore', ['user' => $userFromA->id]))
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('success')
+            ->json();
+
+        $userFromA->refresh();
+        $this->assertNull($userFromA->deleted_at);
+
+    }
+
+
+
+
+}