DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-01-11 22:07:29 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Remove scopeCompanyables call from LicensesController

Browse source
This commit is contained in:
Marcus Moore 2023-06-07 16:09:45 -07:00
parent a18f5e7fc0
commit 8e6e525b47
No known key found for this signature in database
2 changed files with 73 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/Http/Controllers/Api/LicensesController.php
View file

@ -26,8 +26,8 @@ class LicensesController extends Controller
public function index(Request $request)
{
$this->authorize('view', License::class);
$licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'supplier','category')->withCount('freeSeats as free_seats_count'));
$licenses = License::with('company', 'manufacturer', 'supplier','category')->withCount('freeSeats as free_seats_count');
if ($request->filled('company_id')) {
$licenses->where('company_id', '=', $request->input('company_id'));

72
tests/Feature/Api/Licenses/LicensesIndexTest.php Normal file
View file

@ -0,0 +1,72 @@
<?php
namespace Tests\Feature\Api\Licenses;
use App\Models\Company;
use App\Models\License;
use App\Models\User;
use Illuminate\Testing\TestResponse;
use Laravel\Passport\Passport;
use Tests\Support\InteractsWithSettings;
use Tests\TestCase;
class LicensesIndexTest extends TestCase
{
use InteractsWithSettings;
public function testLicensesIndexAdheresToCompanyScoping()
{
[$companyA, $companyB] = Company::factory()->count(2)->create();
$licenseA = License::factory()->for($companyA)->create();
$licenseB = License::factory()->for($companyB)->create();
$superUser = $companyA->users()->save(User::factory()->superuser()->make());
$userInCompanyA = $companyA->users()->save(User::factory()->viewLicenses()->make());
$userInCompanyB = $companyB->users()->save(User::factory()->viewLicenses()->make());
$this->settings->disableMultipleFullCompanySupport();
Passport::actingAs($superUser);
$response = $this->getJson(route('api.licenses.index'));
$this->assertResponseContains($response, $licenseA);
$this->assertResponseContains($response, $licenseB);
Passport::actingAs($userInCompanyA);
$response = $this->getJson(route('api.licenses.index'));
$this->assertResponseContains($response, $licenseA);
$this->assertResponseContains($response, $licenseB);
Passport::actingAs($userInCompanyB);
$response = $this->getJson(route('api.licenses.index'));
$this->assertResponseContains($response, $licenseA);
$this->assertResponseContains($response, $licenseB);
$this->settings->enableMultipleFullCompanySupport();
Passport::actingAs($superUser);
$response = $this->getJson(route('api.licenses.index'));
$this->assertResponseContains($response, $licenseA);
$this->assertResponseContains($response, $licenseB);
Passport::actingAs($userInCompanyA);
$response = $this->getJson(route('api.licenses.index'));
$this->assertResponseContains($response, $licenseA);
$this->assertResponseDoesNotContain($response, $licenseB);
Passport::actingAs($userInCompanyB);
$response = $this->getJson(route('api.licenses.index'));
$this->assertResponseDoesNotContain($response, $licenseA);
$this->assertResponseContains($response, $licenseB);
}
private function assertResponseContains(TestResponse $response, License $license)
{
$this->assertTrue(collect($response['rows'])->pluck('name')->contains($license->name));
}
private function assertResponseDoesNotContain(TestResponse $response, License $license)
{
$this->assertFalse(collect($response['rows'])->pluck('name')->contains($license->name));
}
}