Added view permissions for the redirects

Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2024-06-05 14:13:51 +01:00
parent a2346e4666
commit c5cbe37007

View file

@ -17,7 +17,7 @@ class DeleteUserTest extends TestCase
$manager = User::factory()->create(); $manager = User::factory()->create();
User::factory()->count(1)->create(['manager_id' => $manager->id]); User::factory()->count(1)->create(['manager_id' => $manager->id]);
$this->actingAs(User::factory()->deleteUsers()->create())->assertFalse($manager->isDeletable()); $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())->assertFalse($manager->isDeletable());
$response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create()) $response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())
->delete(route('users.destroy', $manager->id)) ->delete(route('users.destroy', $manager->id))
@ -32,7 +32,7 @@ class DeleteUserTest extends TestCase
$manager = User::factory()->create(); $manager = User::factory()->create();
Location::factory()->count(2)->create(['manager_id' => $manager->id]); Location::factory()->count(2)->create(['manager_id' => $manager->id]);
$this->actingAs(User::factory()->deleteUsers()->create())->assertFalse($manager->isDeletable()); $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())->assertFalse($manager->isDeletable());
$response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create()) $response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())
->delete(route('users.destroy', $manager->id)) ->delete(route('users.destroy', $manager->id))
@ -47,7 +47,7 @@ class DeleteUserTest extends TestCase
$user = User::factory()->create(); $user = User::factory()->create();
Accessory::factory()->count(3)->checkedOutToUser($user)->create(); Accessory::factory()->count(3)->checkedOutToUser($user)->create();
$this->actingAs(User::factory()->deleteUsers()->create())->assertFalse($user->isDeletable()); $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())->assertFalse($user->isDeletable());
$response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create()) $response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())
->delete(route('users.destroy', $user->id)) ->delete(route('users.destroy', $user->id))
@ -62,7 +62,7 @@ class DeleteUserTest extends TestCase
$user = User::factory()->create(); $user = User::factory()->create();
LicenseSeat::factory()->count(4)->create(['assigned_to' => $user->id]); LicenseSeat::factory()->count(4)->create(['assigned_to' => $user->id]);
$this->actingAs(User::factory()->deleteUsers()->create())->assertFalse($user->isDeletable()); $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())->assertFalse($user->isDeletable());
$response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create()) $response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())
->delete(route('users.destroy', $user->id)) ->delete(route('users.destroy', $user->id))
@ -76,7 +76,7 @@ class DeleteUserTest extends TestCase
public function testAllowUserDeletionIfNotManagingLocations() public function testAllowUserDeletionIfNotManagingLocations()
{ {
$manager = User::factory()->create(); $manager = User::factory()->create();
$this->actingAs(User::factory()->deleteUsers()->create())->assertTrue($manager->isDeletable()); $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())->assertTrue($manager->isDeletable());
$response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create()) $response = $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())
->delete(route('users.destroy', $manager->id)) ->delete(route('users.destroy', $manager->id))
@ -91,13 +91,13 @@ class DeleteUserTest extends TestCase
{ {
$manager = User::factory()->create(); $manager = User::factory()->create();
Location::factory()->create(['manager_id' => $manager->id]); Location::factory()->create(['manager_id' => $manager->id]);
$this->actingAs(User::factory()->editUsers()->create())->assertFalse($manager->isDeletable()); $this->actingAs(User::factory()->editUsers()->viewUsers()->create())->assertFalse($manager->isDeletable());
} }
public function testUsersCannotDeleteThemselves() public function testUsersCannotDeleteThemselves()
{ {
$manager = User::factory()->deleteUsers()->create(); $manager = User::factory()->deleteUsers()->viewUsers()->create();
$this->actingAs(User::factory()->deleteUsers()->create())->assertTrue($manager->isDeletable()); $this->actingAs(User::factory()->deleteUsers()->viewUsers()->create())->assertTrue($manager->isDeletable());
$response = $this->actingAs($manager) $response = $this->actingAs($manager)
->delete(route('users.destroy', $manager->id)) ->delete(route('users.destroy', $manager->id))