From 38cfd3464562ad9efc48b47f277b3fb41e171c59 Mon Sep 17 00:00:00 2001
From: Yisroel Baum <yisroel.d.baum@gmail.com>
Date: Fri, 24 Apr 2026 13:18:00 +0300
Subject: [PATCH] test create user requires password

---
 tests/Unit/User/UseCases/CreateUserTest.php | 50 +++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/tests/Unit/User/UseCases/CreateUserTest.php b/tests/Unit/User/UseCases/CreateUserTest.php
index 1a97716..93971c4 100644
--- a/tests/Unit/User/UseCases/CreateUserTest.php
+++ b/tests/Unit/User/UseCases/CreateUserTest.php
@@ -17,6 +17,7 @@ class CreateUserTest extends TestCase
         $useCase = new CreateUser($userRepo);
         $useCase->execute(new CreateUserRequest(
             email: 'test@test.com',
+            password: 'password1',
         ));
         $user = $userRepo->find(0);
         $this->assertInstanceOf(User::class, $user);
@@ -42,6 +43,7 @@ class CreateUserTest extends TestCase
         $useCase = new CreateUser($userRepo);
         $useCase->execute(new CreateUserRequest(
             email: 'test@test.com',
+            password: 'password1',
         ));
         $user = $userRepo->find(0);
         $this->assertFalse($user->isAdmin());
@@ -53,6 +55,7 @@ class CreateUserTest extends TestCase
         $useCase = new CreateUser($userRepo);
         $useCase->execute(new CreateUserRequest(
             email: 'test@test.com',
+            password: 'password1',
             isAdmin: true,
         ));
         $user = $userRepo->find(0);
@@ -65,6 +68,7 @@ class CreateUserTest extends TestCase
         $useCase = new CreateUser($userRepo);
         $useCase->execute(new CreateUserRequest(
             email: 'test@test.com',
+            password: 'password1',
         ));
 
         $this->expectException(BadRequestException::class);
@@ -72,6 +76,52 @@ class CreateUserTest extends TestCase
 
         $useCase->execute(new CreateUserRequest(
             email: 'test@test.com',
+            password: 'password1',
         ));
     }
+
+    public function test_throws_if_password_is_null(): void
+    {
+        $userRepo = new FakeUserRepository();
+        $useCase = new CreateUser($userRepo);
+
+        $this->expectException(BadRequestException::class);
+        $this->expectExceptionMessage('password is required');
+
+        $useCase->execute(new CreateUserRequest(
+            email: 'test@test.com',
+            password: null,
+        ));
+    }
+
+    public function test_throws_if_password_too_short(): void
+    {
+        $userRepo = new FakeUserRepository();
+        $useCase = new CreateUser($userRepo);
+
+        $this->expectException(BadRequestException::class);
+        $this->expectExceptionMessage(
+            'password must be at least 8 characters'
+        );
+
+        $useCase->execute(new CreateUserRequest(
+            email: 'test@test.com',
+            password: 'short',
+        ));
+    }
+
+    public function test_stores_hashed_password(): void
+    {
+        $userRepo = new FakeUserRepository();
+        $useCase = new CreateUser($userRepo);
+        $useCase->execute(new CreateUserRequest(
+            email: 'test@test.com',
+            password: 'password1',
+        ));
+        $user = $userRepo->find(0);
+        $this->assertNotEquals('password1', $user->getPasswordHash());
+        $this->assertTrue(
+            password_verify('password1', $user->getPasswordHash())
+        );
+    }
 }