DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-09-19 23:37:38 -07:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Added more tests

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2024-05-31 23:10:59 +01:00
parent b156264684
commit f7687008b7
1 changed files with 106 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

106
tests/Feature/Users/ViewUserTest.php Normal file
View file

@ -0,0 +1,106 @@
<?php
namespace Tests\Feature\Users;
use Illuminate\Support\Facades\Notification;
use App\Models\Company;
use App\Models\User;
use Tests\TestCase;
use App\Notifications\CurrentInventory;
class ViewUserTest extends TestCase
{
public function testUserWithoutPermissionsCannotViewUserDetailPage()
{
$this->settings->enableMultipleFullCompanySupport();
[$companyA, $companyB] = Company::factory()->count(2)->create();
$superuser = User::factory()->superuser()->create();
$user = User::factory()->for($companyB)->create();
$this->actingAs(User::factory()->editUsers()->for($companyA)->create())
->get(route('users.show', ['user' => $user->id]))
->assertStatus(403);
$this->actingAs($superuser)
->get(route('users.show', ['user' => $user->id]))
->assertOk()
->assertStatus(200);
}
public function testUserWithoutPermissionsCannotViewPrintAllInventoryPage()
{
$this->settings->enableMultipleFullCompanySupport();
//$this->withoutExceptionHandling();
[$companyA, $companyB] = Company::factory()->count(2)->create();
$superuser = User::factory()->superuser()->create();
$user = User::factory()->for($companyB)->create();
$this->actingAs(User::factory()->viewUsers()->for($companyA)->create())
->get(route('users.print', ['userId' => $user->id]))
->assertStatus(403);
$this->actingAs(User::factory()->viewUsers()->for($companyB)->create())
->get(route('users.print', ['userId' => $user->id]))
->assertStatus(200);
$this->actingAs($superuser)
->get(route('users.print', ['userId' => $user->id]))
->assertOk()
->assertStatus(200);
}
public function testUserWithhoutPermissionsCannotSendInventory()
{
Notification::fake();
$this->settings->enableMultipleFullCompanySupport();
[$companyA, $companyB] = Company::factory()->count(2)->create();
$superuser = User::factory()->superuser()->create();
$user = User::factory()->for($companyB)->create();
$this->actingAs(User::factory()->viewUsers()->for($companyA)->create())
->post(route('users.email', ['userId' => $user->id]))
->assertStatus(403);
$this->actingAs(User::factory()->viewUsers()->for($companyB)->create())
->post(route('users.email', ['userId' => $user->id]))
->assertStatus(302);
$this->actingAs($superuser)
->post(route('users.email', ['userId' => $user->id]))
->assertStatus(302);
Notification::assertSentTo(
[$user], CurrentInventory::class
);
}
public function testUserWithhoutPermissionsCannotDeleteUser()
{
$this->settings->enableMultipleFullCompanySupport();
[$companyA, $companyB] = Company::factory()->count(2)->create();
$superuser = User::factory()->superuser()->create();
$userFromA = User::factory()->for($companyA)->create();
$userFromB = User::factory()->for($companyB)->create();
$this->followingRedirects()->actingAs(User::factory()->deleteUsers()->for($companyA)->create())
->delete(route('users.destroy', ['user' => $userFromB->id]))
->assertStatus(403);
$this->actingAs(User::factory()->deleteUsers()->for($companyA)->create())
->delete(route('users.destroy', ['user' => $userFromA->id]))
->assertStatus(302)
->assertRedirect(route('users.index'));
}
}