diff --git a/app/Http/Controllers/Api/LicensesController.php b/app/Http/Controllers/Api/LicensesController.php index 0dae68dbb7..61f04bbd0b 100644 --- a/app/Http/Controllers/Api/LicensesController.php +++ b/app/Http/Controllers/Api/LicensesController.php @@ -220,7 +220,6 @@ class LicensesController extends Controller */ public function destroy($id) : JsonResponse { - // $license = License::findOrFail($id); $this->authorize('delete', $license); diff --git a/tests/Feature/Licenses/Api/DeleteLicenseTest.php b/tests/Feature/Licenses/Api/DeleteLicenseTest.php new file mode 100644 index 0000000000..c41c0eca88 --- /dev/null +++ b/tests/Feature/Licenses/Api/DeleteLicenseTest.php @@ -0,0 +1,88 @@ +create(); + + $this->actingAsForApi(User::factory()->create()) + ->deleteJson(route('api.licenses.destroy', $license)) + ->assertForbidden(); + } + + public function testAdheresToMultipleFullCompanySupportScoping() + { + [$companyA, $companyB] = Company::factory()->count(2)->create(); + + $licenseA = License::factory()->for($companyA)->create(); + $licenseB = License::factory()->for($companyB)->create(); + $licenseC = License::factory()->for($companyB)->create(); + + $superUser = $companyA->users()->save(User::factory()->superuser()->make()); + $userInCompanyA = $companyA->users()->save(User::factory()->deleteLicenses()->make()); + $userInCompanyB = $companyB->users()->save(User::factory()->deleteLicenses()->make()); + + $this->settings->enableMultipleFullCompanySupport(); + + $this->actingAsForApi($userInCompanyA) + ->deleteJson(route('api.licenses.destroy', $licenseB)) + ->assertStatusMessageIs('error'); + + $this->actingAsForApi($userInCompanyB) + ->deleteJson(route('api.licenses.destroy', $licenseA)) + ->assertStatusMessageIs('error'); + + $this->actingAsForApi($superUser) + ->deleteJson(route('api.licenses.destroy', $licenseC)) + ->assertStatusMessageIs('success'); + + $this->assertNotSoftDeleted($licenseA); + $this->assertNotSoftDeleted($licenseB); + $this->assertSoftDeleted($licenseC); + } + + public function testLicenseCannotBeDeletedIfStillAssigned() + { + $license = License::factory()->create(['seats' => 2]); + $license->freeSeat()->update(['assigned_to' => User::factory()->create()->id]); + + $this->actingAsForApi(User::factory()->deleteLicenses()->create()) + ->deleteJson(route('api.licenses.destroy', $license)) + ->assertStatusMessageIs('error'); + + $this->assertNotSoftDeleted($license); + } + + public function testCanDeleteLicense() + { + $license = License::factory()->create(); + + $this->actingAsForApi(User::factory()->deleteLicenses()->create()) + ->deleteJson(route('api.licenses.destroy', $license)) + ->assertStatusMessageIs('success'); + + $this->assertSoftDeleted($license); + } + + public function testLicenseSeatsAreDeletedWhenLicenseIsDeleted() + { + $license = License::factory()->create(['seats' => 2]); + + $this->assertTrue($license->fresh()->licenseseats->isNotEmpty(), 'License seats not created like expected'); + + $this->actingAsForApi(User::factory()->deleteLicenses()->create()) + ->deleteJson(route('api.licenses.destroy', $license)); + + $this->assertTrue($license->fresh()->licenseseats->isEmpty()); + } +}