Break 'update' API statements into its own test file. Split tests up

This commit is contained in:
Brady Wetherington 2024-04-16 15:34:28 +01:00
parent 266424ff0e
commit 870612be1c

View file

@ -0,0 +1,59 @@
<?php
namespace Tests\Feature\Api\Assets;
use App\Models\Asset;
use App\Models\AssetModel;
use App\Models\Company;
use App\Models\CustomField;
use App\Models\CustomFieldset;
use App\Models\Location;
use App\Models\Statuslabel;
use App\Models\Supplier;
use App\Models\User;
use Illuminate\Testing\Fluent\AssertableJson;
use Tests\TestCase;
class AssetUpdateTest extends TestCase
{
public function testEncryptedCustomFieldCanBeUpdated()
{
$field = CustomField::factory()->testEncrypted()->create();
$asset = Asset::factory()->hasEncryptedCustomField()->create();
$superuser = User::factory()->superuser()->create();
//first, test that an Admin user can save the encrypted custom field
$response = $this->actingAsForApi($superuser)
->patchJson(route('api.assets.update', $asset->id), [
$field->db_column_name() => 'This is encrypted field'
])
->assertStatusMessageIs('success')
->assertOk()
->json();
$asset->refresh();
$this->assertEquals(\Crypt::decrypt($asset->{$field->db_column_name()}), 'This is encrypted field');
}
public function testPermissionNeededToUpdateEncryptedField()
{
$field = CustomField::factory()->testEncrypted()->create();
$asset = Asset::factory()->hasEncryptedCustomField()->create();
$normal_user = User::factory()->editAssets()->create();
$asset->{$field->db_column_name()} = \Crypt::encrypt("encrypted value should not change");
$asset->save(); //is this needed?
//test that a 'normal' user *cannot* change the encrypted custom field
$response = $this->actingAsForApi($normal_user)
->patchJson(route('api.assets.update', $asset->id), [
$field->db_column_name() => 'Some Other Value Entirely!'
])
->assertStatusMessageIs('success')
->assertOk()
->assertMessagesAre('Asset updated successfully, but encrypted custom fields were not due to permissions')
->json();
$asset->refresh();
$this->assertEquals(\Crypt::decrypt($asset->{$field->db_column_name()}), "encrypted value should not change");
}
}