yisroelbaum/Goal-Calibration
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

remove default values from user constructors

Browse source 
Forcing every call site to be explicit about admin status and
password eliminates a class of bugs where an unintended
isAdmin=false or empty passwordHash could silently slip through.
The CreateUserTest case that asserted the isAdmin default is
dropped since the default no longer exists.
This commit is contained in:
Yisroel Baum 2026-04-26 10:46:07 +03:00
parent f95adddaaf
commit cd40483cd4
Signed by: yisroelbaum
GPG key ID: 0FA60884F75520A9
7 changed files with 21 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/User/UseCases/CreateUserRequest.php
View file

@ -6,7 +6,7 @@ class CreateUserRequest
{ {
public function __construct( public function __construct(
public ?string $email, public ?string $email,
public ?string $password = null, public ?string $password,
public bool $isAdmin = false, public bool $isAdmin,
) {} ) {}
} }

4
app/User/User.php
View file

@ -9,8 +9,8 @@ class User
public function __construct( public function __construct(
private int $id, private int $id,
private EmailAddress $email, private EmailAddress $email,
private string $passwordHash = '', private string $passwordHash,
private bool $isAdmin = false, private bool $isAdmin,
) {} ) {}
public function getId(): int public function getId(): int

2
tests/Unit/Auth/UseCases/CreateSessionTest.php
View file

@ -36,6 +36,8 @@ class CreateSessionTest extends TestCase
$this->user = new User( $this->user = new User(
id: 7, id: 7,
email: new EmailAddress('test@test.com'), email: new EmailAddress('test@test.com'),
passwordHash: 'hashed:password1',
isAdmin: false,
); );
} }

7
tests/Unit/ScheduledNode/UseCases/CreateScheduledNodeTest.php
View file

@ -30,7 +30,12 @@ class CreateScheduledNodeTest extends TestCase
$this->planRepo = new FakePlanRepository(); $this->planRepo = new FakePlanRepository();
$this->planRepo->create(new CreatePlanDto( $this->planRepo->create(new CreatePlanDto(
name: 'testplan', name: 'testplan',
user: new User(0, new EmailAddress('test@test.com')), user: new User(
id: 0,
email: new EmailAddress('test@test.com'),
passwordHash: 'hashed:password1',
isAdmin: false,
),
)); ));
$this->useCase = new CreateScheduledNode( $this->useCase = new CreateScheduledNode(
$this->scheduledNodeRepo, $this->scheduledNodeRepo,

1
tests/Unit/User/UseCases/AuthenticateUserTest.php
View file

@ -30,6 +30,7 @@ class AuthenticateUserTest extends TestCase
$createUser->execute(new CreateUserRequest( $createUser->execute(new CreateUserRequest(
email: 'test@test.com', email: 'test@test.com',
password: 'password1', password: 'password1',
isAdmin: false,
)); ));
$this->useCase = new AuthenticateUser( $this->useCase = new AuthenticateUser(
$this->userRepo, $this->userRepo,

16
tests/Unit/User/UseCases/CreateUserTest.php
View file

@ -31,6 +31,7 @@ class CreateUserTest extends TestCase
$this->useCase->execute(new CreateUserRequest( $this->useCase->execute(new CreateUserRequest(
email: 'test@test.com', email: 'test@test.com',
password: 'password1', password: 'password1',
isAdmin: false,
)); ));
$user = $this->userRepo->find(0); $user = $this->userRepo->find(0);
$this->assertInstanceOf(User::class, $user); $this->assertInstanceOf(User::class, $user);
@ -44,17 +45,9 @@ class CreateUserTest extends TestCase
$this->useCase->execute(new CreateUserRequest( $this->useCase->execute(new CreateUserRequest(
email: null, email: null,
));
}
public function test_is_admin_defaults_to_false(): void
{
$this->useCase->execute(new CreateUserRequest(
email: 'test@test.com',
password: 'password1', password: 'password1',
isAdmin: false,
)); ));
$user = $this->userRepo->find(0);
$this->assertFalse($user->isAdmin());
} }
public function test_is_admin_can_be_set_true(): void public function test_is_admin_can_be_set_true(): void
@ -73,6 +66,7 @@ class CreateUserTest extends TestCase
$this->useCase->execute(new CreateUserRequest( $this->useCase->execute(new CreateUserRequest(
email: 'test@test.com', email: 'test@test.com',
password: 'password1', password: 'password1',
isAdmin: false,
)); ));
$this->expectException(BadRequestException::class); $this->expectException(BadRequestException::class);
@ -81,6 +75,7 @@ class CreateUserTest extends TestCase
$this->useCase->execute(new CreateUserRequest( $this->useCase->execute(new CreateUserRequest(
email: 'test@test.com', email: 'test@test.com',
password: 'password1', password: 'password1',
isAdmin: false
)); ));
} }
@ -92,6 +87,7 @@ class CreateUserTest extends TestCase
$this->useCase->execute(new CreateUserRequest( $this->useCase->execute(new CreateUserRequest(
email: 'test@test.com', email: 'test@test.com',
password: null, password: null,
isAdmin: false,
)); ));
} }
@ -105,6 +101,7 @@ class CreateUserTest extends TestCase
$this->useCase->execute(new CreateUserRequest( $this->useCase->execute(new CreateUserRequest(
email: 'test@test.com', email: 'test@test.com',
password: 'short', password: 'short',
isAdmin: false,
)); ));
} }
@ -113,6 +110,7 @@ class CreateUserTest extends TestCase
$this->useCase->execute(new CreateUserRequest( $this->useCase->execute(new CreateUserRequest(
email: 'test@test.com', email: 'test@test.com',
password: 'password1', password: 'password1',
isAdmin: false,
)); ));
$user = $this->userRepo->find(0); $user = $this->userRepo->find(0);
$this->assertNotEquals('password1', $user->getPasswordHash()); $this->assertNotEquals('password1', $user->getPasswordHash());

1
tests/e2e/Controllers/AuthControllerTest.php
View file

@ -63,6 +63,7 @@ class AuthControllerTest extends TestCase
$this->createUser->execute(new CreateUserRequest( $this->createUser->execute(new CreateUserRequest(
email: 'existing@test.com', email: 'existing@test.com',
password: 'password1', password: 'password1',
isAdmin: false,
)); ));
$this->controller = new AuthController(); $this->controller = new AuthController();