test admin middleware
This commit is contained in:
parent
a7b7a4a96b
commit
40649ded8e
GPG key ID:
0FA60884F75520A9
1 changed files with 118 additions and 0 deletions
118
tests/Unit/Auth/Middleware/AdminMiddlewareTest.php
Normal file
118
tests/Unit/Auth/Middleware/AdminMiddlewareTest.php
Normal file
|
|
@ -0,0 +1,118 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Auth\Middleware;
|
||||
|
||||
use App\Auth\AdminMiddleware;
|
||||
use App\User\User;
|
||||
use App\ValueObjects\EmailAddress;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
use Psr\Http\Server\RequestHandlerInterface;
|
||||
use Slim\Psr7\Factory\ServerRequestFactory;
|
||||
use Slim\Psr7\Response;
|
||||
|
||||
class AdminMiddlewareTest extends TestCase
|
||||
{
|
||||
private AdminMiddleware $middleware;
|
||||
|
||||
public function setUp(): void
|
||||
{
|
||||
$this->middleware = new AdminMiddleware();
|
||||
}
|
||||
|
||||
private function makeApiRequest(?User $user): ServerRequestInterface
|
||||
{
|
||||
$request = new ServerRequestFactory()
|
||||
->createServerRequest('POST', 'http://localhost/api/texts');
|
||||
if ($user !== null) {
|
||||
$request = $request->withAttribute('user', $user);
|
||||
}
|
||||
return $request;
|
||||
}
|
||||
|
||||
private function makeHtmlRequest(?User $user): ServerRequestInterface
|
||||
{
|
||||
$request = new ServerRequestFactory()
|
||||
->createServerRequest('GET', 'http://localhost/admin')
|
||||
->withHeader('Accept', 'text/html');
|
||||
if ($user !== null) {
|
||||
$request = $request->withAttribute('user', $user);
|
||||
}
|
||||
return $request;
|
||||
}
|
||||
|
||||
private function makeHandler(): RequestHandlerInterface
|
||||
{
|
||||
return new class() implements RequestHandlerInterface {
|
||||
public bool $wasCalled = false;
|
||||
|
||||
public function handle(
|
||||
ServerRequestInterface $request
|
||||
): \Psr\Http\Message\ResponseInterface {
|
||||
$this->wasCalled = true;
|
||||
return new Response(200);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
private function makeUser(bool $isAdmin): User
|
||||
{
|
||||
return new User(
|
||||
id: 1,
|
||||
email: new EmailAddress('test@test.com'),
|
||||
passwordHash: '',
|
||||
isAdmin: $isAdmin,
|
||||
);
|
||||
}
|
||||
|
||||
public function test_passes_through_when_user_is_admin(): void
|
||||
{
|
||||
$handler = $this->makeHandler();
|
||||
|
||||
$response = $this->middleware->process(
|
||||
$this->makeApiRequest($this->makeUser(isAdmin: true)),
|
||||
$handler,
|
||||
);
|
||||
|
||||
$this->assertTrue($handler->wasCalled);
|
||||
$this->assertEquals(200, $response->getStatusCode());
|
||||
}
|
||||
|
||||
public function test_returns_403_json_when_user_not_admin_for_api(): void
|
||||
{
|
||||
$response = $this->middleware->process(
|
||||
$this->makeApiRequest($this->makeUser(isAdmin: false)),
|
||||
$this->makeHandler(),
|
||||
);
|
||||
|
||||
$this->assertEquals(403, $response->getStatusCode());
|
||||
$this->assertStringContainsString(
|
||||
'application/json',
|
||||
$response->getHeaderLine('Content-Type')
|
||||
);
|
||||
}
|
||||
|
||||
public function test_returns_403_html_when_user_not_admin_for_view(): void
|
||||
{
|
||||
$response = $this->middleware->process(
|
||||
$this->makeHtmlRequest($this->makeUser(isAdmin: false)),
|
||||
$this->makeHandler(),
|
||||
);
|
||||
|
||||
$this->assertEquals(403, $response->getStatusCode());
|
||||
$this->assertStringContainsString(
|
||||
'403 Forbidden',
|
||||
(string) $response->getBody()
|
||||
);
|
||||
}
|
||||
|
||||
public function test_returns_403_when_no_user_attribute(): void
|
||||
{
|
||||
$response = $this->middleware->process(
|
||||
$this->makeApiRequest(null),
|
||||
$this->makeHandler(),
|
||||
);
|
||||
|
||||
$this->assertEquals(403, $response->getStatusCode());
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue