mirror of
https://github.com/snipe/snipe-it.git
synced 2025-02-21 03:15:45 -08:00
Update tests to send post request
This commit is contained in:
Marcus Moore
parent
e16c04250e
commit
f763aea4fc
|
|
@ -6,7 +6,6 @@ use App\Models\Asset;
|
||||||
use App\Models\AssetModel;
|
use App\Models\AssetModel;
|
||||||
use App\Models\Company;
|
use App\Models\Company;
|
||||||
use App\Models\CustomField;
|
use App\Models\CustomField;
|
||||||
use App\Models\CustomFieldset;
|
|
||||||
use App\Models\Location;
|
use App\Models\Location;
|
||||||
use App\Models\Statuslabel;
|
use App\Models\Statuslabel;
|
||||||
use App\Models\Supplier;
|
use App\Models\Supplier;
|
||||||
|
|
@ -484,40 +483,50 @@ class AssetStoreTest extends TestCase
|
||||||
|
|
||||||
public function testEncryptedCustomFieldCanBeStored()
|
public function testEncryptedCustomFieldCanBeStored()
|
||||||
{
|
{
|
||||||
|
$status = Statuslabel::factory()->create();
|
||||||
$field = CustomField::factory()->testEncrypted()->create();
|
$field = CustomField::factory()->testEncrypted()->create();
|
||||||
$asset = Asset::factory()->hasEncryptedCustomField($field)->create();
|
|
||||||
$superuser = User::factory()->superuser()->create();
|
$superuser = User::factory()->superuser()->create();
|
||||||
|
$assetData = Asset::factory()->hasEncryptedCustomField($field)->make();
|
||||||
|
|
||||||
//first, test that an Admin user can save the encrypted custom field
|
|
||||||
$response = $this->actingAsForApi($superuser)
|
$response = $this->actingAsForApi($superuser)
|
||||||
// @todo: target store method
|
->postJson(route('api.assets.store'), [
|
||||||
->patchJson(route('api.assets.update', $asset->id), [
|
$field->db_column_name() => 'This is encrypted field',
|
||||||
$field->db_column_name() => 'This is encrypted field'
|
'model_id' => $assetData->model->id,
|
||||||
|
'status_id' => $status->id,
|
||||||
|
'asset_tag' => '1234',
|
||||||
])
|
])
|
||||||
->assertStatusMessageIs('success')
|
->assertStatusMessageIs('success')
|
||||||
->assertOk()
|
->assertOk()
|
||||||
->json();
|
->json();
|
||||||
$asset->refresh();
|
|
||||||
|
$asset = Asset::findOrFail($response['payload']['id']);
|
||||||
$this->assertEquals('This is encrypted field', \Crypt::decrypt($asset->{$field->db_column_name()}));
|
$this->assertEquals('This is encrypted field', \Crypt::decrypt($asset->{$field->db_column_name()}));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testPermissionNeededToStoreEncryptedField()
|
public function testPermissionNeededToStoreEncryptedField()
|
||||||
{
|
{
|
||||||
$field = CustomField::factory()->testEncrypted()->create();
|
// @todo:
|
||||||
$asset = Asset::factory()->hasEncryptedCustomField()->create();
|
$this->markTestIncomplete();
|
||||||
$normal_user = User::factory()->editAssets()->create();
|
|
||||||
|
$status = Statuslabel::factory()->create();
|
||||||
|
$field = CustomField::factory()->testEncrypted()->create();
|
||||||
|
$normal_user = User::factory()->editAssets()->create();
|
||||||
|
$assetData = Asset::factory()->hasEncryptedCustomField($field)->make();
|
||||||
|
|
||||||
//next, test that a 'normal' user *cannot* change the encrypted custom field
|
|
||||||
$response = $this->actingAsForApi($normal_user)
|
$response = $this->actingAsForApi($normal_user)
|
||||||
// @todo: target store method
|
->postJson(route('api.assets.store'), [
|
||||||
->patchJson(route('api.assets.update', $asset->id), [
|
$field->db_column_name() => 'Some Other Value Entirely!',
|
||||||
$field->db_column_name() => 'Some Other Value Entirely!'
|
'model_id' => $assetData->model->id,
|
||||||
|
'status_id' => $status->id,
|
||||||
|
'asset_tag' => '1234',
|
||||||
])
|
])
|
||||||
|
// @todo: this is 403 unauthorized
|
||||||
->assertStatusMessageIs('success')
|
->assertStatusMessageIs('success')
|
||||||
->assertOk()
|
->assertOk()
|
||||||
->assertMessagesAre('Asset updated successfully, but encrypted custom fields were not due to permissions')
|
->assertMessagesAre('Asset updated successfully, but encrypted custom fields were not due to permissions')
|
||||||
->json();
|
->json();
|
||||||
$asset->refresh();
|
|
||||||
|
$asset = Asset::findOrFail($response['payload']['id']);
|
||||||
$this->assertEquals('This is encrypted field', \Crypt::decrypt($asset->{$field->db_column_name()}));
|
$this->assertEquals('This is encrypted field', \Crypt::decrypt($asset->{$field->db_column_name()}));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -15,14 +15,13 @@ class AssetUpdateTest extends TestCase
|
||||||
$asset = Asset::factory()->hasEncryptedCustomField($field)->create();
|
$asset = Asset::factory()->hasEncryptedCustomField($field)->create();
|
||||||
$superuser = User::factory()->superuser()->create();
|
$superuser = User::factory()->superuser()->create();
|
||||||
|
|
||||||
//first, test that an Admin user can save the encrypted custom field
|
$this->actingAsForApi($superuser)
|
||||||
$response = $this->actingAsForApi($superuser)
|
|
||||||
->patchJson(route('api.assets.update', $asset->id), [
|
->patchJson(route('api.assets.update', $asset->id), [
|
||||||
$field->db_column_name() => 'This is encrypted field'
|
$field->db_column_name() => 'This is encrypted field'
|
||||||
])
|
])
|
||||||
->assertStatusMessageIs('success')
|
->assertStatusMessageIs('success')
|
||||||
->assertOk()
|
->assertOk();
|
||||||
->json();
|
|
||||||
$asset->refresh();
|
$asset->refresh();
|
||||||
$this->assertEquals('This is encrypted field', \Crypt::decrypt($asset->{$field->db_column_name()}));
|
$this->assertEquals('This is encrypted field', \Crypt::decrypt($asset->{$field->db_column_name()}));
|
||||||
}
|
}
|
||||||
|
|
@ -34,17 +33,17 @@ class AssetUpdateTest extends TestCase
|
||||||
$normal_user = User::factory()->editAssets()->create();
|
$normal_user = User::factory()->editAssets()->create();
|
||||||
|
|
||||||
$asset->{$field->db_column_name()} = \Crypt::encrypt("encrypted value should not change");
|
$asset->{$field->db_column_name()} = \Crypt::encrypt("encrypted value should not change");
|
||||||
$asset->save(); //is this needed?
|
$asset->save();
|
||||||
|
|
||||||
//test that a 'normal' user *cannot* change the encrypted custom field
|
// test that a 'normal' user *cannot* change the encrypted custom field
|
||||||
$response = $this->actingAsForApi($normal_user)
|
$this->actingAsForApi($normal_user)
|
||||||
->patchJson(route('api.assets.update', $asset->id), [
|
->patchJson(route('api.assets.update', $asset->id), [
|
||||||
$field->db_column_name() => 'Some Other Value Entirely!'
|
$field->db_column_name() => 'Some Other Value Entirely!'
|
||||||
])
|
])
|
||||||
->assertStatusMessageIs('success')
|
->assertStatusMessageIs('success')
|
||||||
->assertOk()
|
->assertOk()
|
||||||
->assertMessagesAre('Asset updated successfully, but encrypted custom fields were not due to permissions')
|
->assertMessagesAre('Asset updated successfully, but encrypted custom fields were not due to permissions');
|
||||||
->json();
|
|
||||||
$asset->refresh();
|
$asset->refresh();
|
||||||
$this->assertEquals("encrypted value should not change", \Crypt::decrypt($asset->{$field->db_column_name()}));
|
$this->assertEquals("encrypted value should not change", \Crypt::decrypt($asset->{$field->db_column_name()}));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue