test child deletion

This commit is contained in:
Yisroel Baum 2026-06-21 22:05:14 +03:00
parent 34b0fd0b44
commit 11a0b1576f
Signed by: yisroelbaum
GPG key ID: 0FA60884F75520A9
3 changed files with 375 additions and 0 deletions

View file

@ -229,6 +229,180 @@ class ElementsEndpointTest extends TestCase
);
}
public function testDeleteChildRequiresAuthentication(): void
{
$setRepository = app(SetRepository::class);
$elementRepository = app(ElementRepository::class);
$set = $this->createSet($setRepository);
$parentElement = $this->createElement(
$elementRepository,
$set,
'Baderech HaAvodah',
'A structured path for growth',
null,
'<p>A structured path for growth</p>',
null,
null,
null,
null,
);
$childElement = $this->createElement(
$elementRepository,
$set,
'Child',
'Child description',
null,
'',
null,
null,
null,
$parentElement,
);
$response = $this->deleteJson(
"/api/elements/{$parentElement->getId()}"
. "/children/{$childElement->getId()}",
);
$response->assertUnauthorized();
$response->assertExactJson([
'error' => 'unauthenticated',
]);
}
public function testAuthenticatedDeleteChildRemovesSubtree(): void
{
Storage::fake('public');
Storage::disk('public')->put('element-icons/child.png', 'child icon');
Storage::disk('public')->put(
'element-pdfs/short/child.pdf',
'child short pdf',
);
Storage::disk('public')->put(
'element-pdfs/long/grandchild.pdf',
'grandchild long pdf',
);
$setRepository = app(SetRepository::class);
$elementRepository = app(ElementRepository::class);
$set = $this->createSet($setRepository);
$parentElement = $this->createElement(
$elementRepository,
$set,
'Baderech HaAvodah',
'A structured path for growth',
null,
'<p>A structured path for growth</p>',
null,
null,
null,
null,
);
$childElement = $this->createElement(
$elementRepository,
$set,
'Child',
'Child description',
'element-icons/child.png',
'',
'element-pdfs/short/child.pdf',
null,
null,
$parentElement,
);
$grandchildElement = $this->createElement(
$elementRepository,
$set,
'Grandchild',
'Grandchild description',
null,
'',
null,
'element-pdfs/long/grandchild.pdf',
null,
$childElement,
);
$this->createSession('valid-token');
$response = $this->withCredentials()
->withUnencryptedCookie('auth_token', 'valid-token')
->deleteJson(
"/api/elements/{$parentElement->getId()}"
. "/children/{$childElement->getId()}",
);
$response->assertNoContent();
$this->assertNull($elementRepository->find($childElement->getId()));
$this->assertNull(
$elementRepository->find($grandchildElement->getId()),
);
Storage::disk('public')->assertMissing('element-icons/child.png');
Storage::disk('public')->assertMissing(
'element-pdfs/short/child.pdf',
);
Storage::disk('public')->assertMissing(
'element-pdfs/long/grandchild.pdf',
);
}
public function testAuthenticatedDeleteChildRejectsNonDirectChild(): void
{
$setRepository = app(SetRepository::class);
$elementRepository = app(ElementRepository::class);
$set = $this->createSet($setRepository);
$parentElement = $this->createElement(
$elementRepository,
$set,
'Baderech HaAvodah',
'A structured path for growth',
null,
'<p>A structured path for growth</p>',
null,
null,
null,
null,
);
$childElement = $this->createElement(
$elementRepository,
$set,
'Child',
'Child description',
null,
'',
null,
null,
null,
$parentElement,
);
$grandchildElement = $this->createElement(
$elementRepository,
$set,
'Grandchild',
'Grandchild description',
null,
'',
null,
null,
null,
$childElement,
);
$this->createSession('valid-token');
$response = $this->withCredentials()
->withUnencryptedCookie('auth_token', 'valid-token')
->deleteJson(
"/api/elements/{$parentElement->getId()}"
. "/children/{$grandchildElement->getId()}",
);
$response->assertBadRequest();
$response->assertExactJson([
'error' => 'Child element does not belong to parent',
]);
$this->assertNotNull(
$elementRepository->find($grandchildElement->getId()),
);
}
public function testAuthenticatedUpdateReturnsElementPayload(): void
{
$sampleYoutubeUrl = 'https://www.youtube.com/watch?v='