|
10 | 10 |
|
11 | 11 | namespace UserFrosting\Sprinkle\Admin\Tests\Integration\Controller; |
12 | 12 |
|
| 13 | +use UserFrosting\Sprinkle\Account\Database\Models\User; |
13 | 14 | use UserFrosting\Sprinkle\Account\Tests\withTestUser; |
14 | 15 | use UserFrosting\Sprinkle\Admin\Controller\UserController; |
15 | 16 | use UserFrosting\Sprinkle\Core\Tests\RefreshDatabase; |
16 | 17 | use UserFrosting\Sprinkle\Core\Tests\TestDatabase; |
17 | 18 | use UserFrosting\Sprinkle\Core\Tests\withController; |
| 19 | +use UserFrosting\Support\Exception\BadRequestException; |
18 | 20 | use UserFrosting\Support\Exception\ForbiddenException; |
19 | 21 | use UserFrosting\Tests\TestCase; |
20 | 22 |
|
@@ -436,6 +438,237 @@ public function testPageListWithNoPermission(UserController $controller) |
436 | 438 | $controller->pageList($this->getRequest(), $this->getResponse(), []); |
437 | 439 | } |
438 | 440 |
|
| 441 | + /** |
| 442 | + * @depends testControllerConstructorWithUser |
| 443 | + * @param UserController $controller |
| 444 | + */ |
| 445 | + public function testUpdateInfoWithNoPermissions(UserController $controller) |
| 446 | + { |
| 447 | + // Create a user |
| 448 | + $fm = $this->ci->factory; |
| 449 | + $user = $fm->create('UserFrosting\Sprinkle\Account\Database\Models\User', [ |
| 450 | + 'user_name' => 'testUpdateInfoWithNoPermissions', |
| 451 | + 'first_name' => 'foo', |
| 452 | + ]); |
| 453 | + |
| 454 | + // Set post data |
| 455 | + $data = [ |
| 456 | + 'first_name' => 'bar', |
| 457 | + ]; |
| 458 | + $request = $this->getRequest()->withParsedBody($data); |
| 459 | + |
| 460 | + $this->expectException(ForbiddenException::class); |
| 461 | + $controller->updateInfo($request, $this->getResponse(), ['user_name' => $user->user_name]); |
| 462 | + } |
| 463 | + |
| 464 | + /** |
| 465 | + * @depends testControllerConstructorWithUser |
| 466 | + * @param UserController $controller |
| 467 | + */ |
| 468 | + public function testUpdateInfoWithPartialPermissions(UserController $controller) |
| 469 | + { |
| 470 | + // Guest user |
| 471 | + $testUser = $this->createTestUser(false, true); |
| 472 | + |
| 473 | + // Give user partial permissions |
| 474 | + $this->giveUserTestPermission($testUser, 'update_user_field'); |
| 475 | + |
| 476 | + // Get new controller to propagate new user |
| 477 | + $controller = $this->getController(); |
| 478 | + |
| 479 | + // Create a user |
| 480 | + $fm = $this->ci->factory; |
| 481 | + $user = $fm->create('UserFrosting\Sprinkle\Account\Database\Models\User', [ |
| 482 | + 'user_name' => 'testUpdateInfoWithPartialPermissions', |
| 483 | + 'first_name' => 'foo', |
| 484 | + ]); |
| 485 | + |
| 486 | + // Also create a group |
| 487 | + $group = $fm->create('UserFrosting\Sprinkle\Account\Database\Models\Group'); |
| 488 | + |
| 489 | + // Set post data |
| 490 | + $data = [ |
| 491 | + 'first_name' => 'bar', |
| 492 | + 'group_id' => $group->id, |
| 493 | + ]; |
| 494 | + $request = $this->getRequest()->withParsedBody($data); |
| 495 | + |
| 496 | + // Get controller stuff |
| 497 | + $result = $controller->updateInfo($request, $this->getResponse(), ['user_name' => $user->user_name]); |
| 498 | + $this->assertSame($result->getStatusCode(), 200); |
| 499 | + $this->assertJson((string) $result->getBody()); |
| 500 | + $this->assertSame('[]', (string) $result->getBody()); |
| 501 | + |
| 502 | + // Make sure user was update |
| 503 | + $editedUser = User::where('user_name', $user->user_name)->first(); |
| 504 | + $this->assertSame('bar', $editedUser->first_name); |
| 505 | + $this->assertNotSame($user->first_name, $editedUser->first_name); |
| 506 | + $this->assertSame($user->last_name, $editedUser->last_name); |
| 507 | + $this->assertSame($group->id, $editedUser->group->id); |
| 508 | + |
| 509 | + // Test message |
| 510 | + /** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */ |
| 511 | + $ms = $this->ci->alerts; |
| 512 | + $messages = $ms->getAndClearMessages(); |
| 513 | + $this->assertSame('success', end($messages)['type']); |
| 514 | + } |
| 515 | + |
| 516 | + /** |
| 517 | + * @depends testControllerConstructorWithUser |
| 518 | + * @param UserController $controller |
| 519 | + */ |
| 520 | + public function testUpdateInfoForMasterUserWithNoPermissions(UserController $controller) |
| 521 | + { |
| 522 | + // Guest user |
| 523 | + $testUser = $this->createTestUser(false, true); |
| 524 | + |
| 525 | + // Give user partial permissions |
| 526 | + $this->giveUserTestPermission($testUser, 'update_user_field'); |
| 527 | + |
| 528 | + // Get new controller to propagate new user |
| 529 | + $controller = $this->getController(); |
| 530 | + |
| 531 | + // Default should be the existing admin user. |
| 532 | + $user = User::find($this->ci->config['reserved_user_ids.master']); |
| 533 | + |
| 534 | + // In case the user don't exist |
| 535 | + if (!$user) { |
| 536 | + $fm = $this->ci->factory; |
| 537 | + $user = $fm->create('UserFrosting\Sprinkle\Account\Database\Models\User', [ |
| 538 | + 'id' => $this->ci->config['reserved_user_ids.master'] |
| 539 | + ]); |
| 540 | + } |
| 541 | + |
| 542 | + // Set post data |
| 543 | + $data = [ |
| 544 | + 'first_name' => 'bar', |
| 545 | + ]; |
| 546 | + $request = $this->getRequest()->withParsedBody($data); |
| 547 | + |
| 548 | + // Get controller stuff |
| 549 | + $this->expectException(ForbiddenException::class); |
| 550 | + $controller->updateInfo($request, $this->getResponse(), ['user_name' => $user->user_name]); |
| 551 | + } |
| 552 | + |
| 553 | + /** |
| 554 | + * @depends testControllerConstructorWithUser |
| 555 | + * @param UserController $controller |
| 556 | + */ |
| 557 | + public function testUpdateFieldWithNoPermissions(UserController $controller) |
| 558 | + { |
| 559 | + $this->expectException(ForbiddenException::class); |
| 560 | + $controller->updateField($this->getRequest(), $this->getResponse(), ['user_name' => 'userfoo', 'field' => 'first_name']); |
| 561 | + } |
| 562 | + |
| 563 | + /** |
| 564 | + * @depends testControllerConstructorWithUser |
| 565 | + * @param UserController $controller |
| 566 | + */ |
| 567 | + public function testUpdateFieldWithPartialPermissions(UserController $controller) |
| 568 | + { |
| 569 | + // Guest user |
| 570 | + $testUser = $this->createTestUser(false, true); |
| 571 | + |
| 572 | + // Give user partial permissions |
| 573 | + $this->giveUserTestPermission($testUser, 'update_user_field'); |
| 574 | + |
| 575 | + // Get new controller to propagate new user |
| 576 | + $controller = $this->getController(); |
| 577 | + |
| 578 | + // Create a user |
| 579 | + $fm = $this->ci->factory; |
| 580 | + $user = $fm->create('UserFrosting\Sprinkle\Account\Database\Models\User', [ |
| 581 | + 'user_name' => 'testUpdateFieldWithPartialPermissions', |
| 582 | + 'first_name' => 'foo', |
| 583 | + ]); |
| 584 | + |
| 585 | + // Set post data |
| 586 | + $data = [ |
| 587 | + 'value' => 'bar', |
| 588 | + ]; |
| 589 | + $request = $this->getRequest()->withParsedBody($data); |
| 590 | + |
| 591 | + // Get controller stuff |
| 592 | + $result = $controller->updateField($request, $this->getResponse(), ['user_name' => $user->user_name, 'field' => 'first_name']); |
| 593 | + $this->assertSame($result->getStatusCode(), 200); |
| 594 | + $this->assertJson((string) $result->getBody()); |
| 595 | + $this->assertSame('[]', (string) $result->getBody()); |
| 596 | + |
| 597 | + // Make sure user was update |
| 598 | + $editedUser = User::where('user_name', $user->user_name)->first(); |
| 599 | + $this->assertSame('bar', $editedUser->first_name); |
| 600 | + $this->assertNotSame($user->first_name, $editedUser->first_name); |
| 601 | + $this->assertSame($user->last_name, $editedUser->last_name); |
| 602 | + |
| 603 | + // Test message |
| 604 | + /** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */ |
| 605 | + $ms = $this->ci->alerts; |
| 606 | + $messages = $ms->getAndClearMessages(); |
| 607 | + $this->assertSame('success', end($messages)['type']); |
| 608 | + } |
| 609 | + |
| 610 | + /** |
| 611 | + * @depends testControllerConstructorWithUser |
| 612 | + * @param UserController $controller |
| 613 | + */ |
| 614 | + public function testUpdateFieldWithMasterUserWithNoPermissions(UserController $controller) |
| 615 | + { |
| 616 | + // Guest user |
| 617 | + $testUser = $this->createTestUser(false, true); |
| 618 | + |
| 619 | + // Give user partial permissions |
| 620 | + $this->giveUserTestPermission($testUser, 'update_user_field'); |
| 621 | + |
| 622 | + // Get new controller to propagate new user |
| 623 | + $controller = $this->getController(); |
| 624 | + |
| 625 | + // Default should be the existing admin user. |
| 626 | + $user = User::find($this->ci->config['reserved_user_ids.master']); |
| 627 | + |
| 628 | + // In case the user don't exist |
| 629 | + if (!$user) { |
| 630 | + $user = $fm->create('UserFrosting\Sprinkle\Account\Database\Models\User', [ |
| 631 | + 'id' => $this->ci->config['reserved_user_ids.master'] |
| 632 | + ]); |
| 633 | + } |
| 634 | + |
| 635 | + // Set post data |
| 636 | + $data = [ |
| 637 | + 'value' => 'bar', |
| 638 | + ]; |
| 639 | + $request = $this->getRequest()->withParsedBody($data); |
| 640 | + |
| 641 | + // Get controller stuff |
| 642 | + $this->expectException(ForbiddenException::class); |
| 643 | + $controller->updateField($request, $this->getResponse(), ['user_name' => $user->user_name, 'field' => 'first_name']); |
| 644 | + } |
| 645 | + |
| 646 | + /** |
| 647 | + * @depends testControllerConstructorWithUser |
| 648 | + * @param UserController $controller |
| 649 | + */ |
| 650 | + public function testUpdateFieldForFlagEnabledWithCurrentUser(UserController $controller) |
| 651 | + { |
| 652 | + // Guest user |
| 653 | + $user = $this->createTestUser(false, true); |
| 654 | + |
| 655 | + // Give user partial permissions |
| 656 | + $this->giveUserTestPermission($user, 'update_user_field'); |
| 657 | + |
| 658 | + // Get new controller to propagate new user |
| 659 | + $controller = $this->getController(); |
| 660 | + |
| 661 | + // Set post data |
| 662 | + $data = [ |
| 663 | + 'value' => '0', |
| 664 | + ]; |
| 665 | + $request = $this->getRequest()->withParsedBody($data); |
| 666 | + |
| 667 | + // Get controller stuff |
| 668 | + $this->expectException(BadRequestException::class); |
| 669 | + $controller->updateField($request, $this->getResponse(), ['user_name' => $user->user_name, 'field' => 'flag_enabled']); |
| 670 | + } |
| 671 | + |
439 | 672 | /** |
440 | 673 | * @return UserController |
441 | 674 | */ |
|
0 commit comments