From 8983b69fa154cb5941f559d72ab31d8758e07da5 Mon Sep 17 00:00:00 2001 From: Yisroel Baum Date: Wed, 6 May 2026 22:32:36 +0300 Subject: [PATCH] test featured posts admin endpoints --- .../tests/Feature/Post/FeaturedPostsTest.php | 144 ++++++++++++++++++ 1 file changed, 144 insertions(+) create mode 100644 backend/tests/Feature/Post/FeaturedPostsTest.php diff --git a/backend/tests/Feature/Post/FeaturedPostsTest.php b/backend/tests/Feature/Post/FeaturedPostsTest.php new file mode 100644 index 0000000..3ae9aea --- /dev/null +++ b/backend/tests/Feature/Post/FeaturedPostsTest.php @@ -0,0 +1,144 @@ +withCredentials() + ->withUnencryptedCookie('auth_token', $cookie) + ->postJson('/api/posts', [ + 'title' => $title, + 'body' => 'b', + ]); + $response->assertStatus(201); + + return $response->json('post.id'); + } + + private function reLoginAsAdmin(string $email, string $password): string + { + $response = $this->postJson('/api/login', [ + 'email' => $email, + 'password' => $password, + ]); + + return $response->getCookie('auth_token', false)->getValue(); + } + + public function test_non_admin_cannot_feature_post(): void + { + $alice = $this->signupAndLogin( + email: 'alice@example.com', + displayName: 'alice', + password: 'longenoughpassword', + ); + $postId = $this->createPost($alice['cookie'], 'P1'); + + $this->withCredentials() + ->withUnencryptedCookie('auth_token', $alice['cookie']) + ->postJson('/api/admin/posts/feature', [ + 'postId' => $postId, + 'slot' => 1, + ]) + ->assertStatus(403); + } + + public function test_admin_features_post(): void + { + $alice = $this->signupAndLogin( + email: 'alice@example.com', + displayName: 'alice', + password: 'longenoughpassword', + ); + $postId = $this->createPost($alice['cookie'], 'P1'); + + $this->promoteToAdmin($alice['user']->getId()); + $cookie = $this->reLoginAsAdmin( + 'alice@example.com', + 'longenoughpassword', + ); + + $this->withCredentials() + ->withUnencryptedCookie('auth_token', $cookie) + ->postJson('/api/admin/posts/feature', [ + 'postId' => $postId, + 'slot' => 1, + ]) + ->assertStatus(200) + ->assertJsonPath('post.featureSlot', 1); + } + + public function test_listing_featured_posts_is_public(): void + { + $alice = $this->signupAndLogin( + email: 'alice@example.com', + displayName: 'alice', + password: 'longenoughpassword', + ); + $postId = $this->createPost($alice['cookie'], 'P1'); + + $this->promoteToAdmin($alice['user']->getId()); + $cookie = $this->reLoginAsAdmin( + 'alice@example.com', + 'longenoughpassword', + ); + $this->withCredentials() + ->withUnencryptedCookie('auth_token', $cookie) + ->postJson('/api/admin/posts/feature', [ + 'postId' => $postId, + 'slot' => 2, + ]) + ->assertStatus(200); + + $this->resetClientState(); + $response = $this->getJson('/api/posts/featured'); + $response->assertStatus(200); + $response->assertJsonPath('posts.0.id', $postId); + $response->assertJsonPath('posts.0.featureSlot', 2); + } + + public function test_admin_unfeatures_post(): void + { + $alice = $this->signupAndLogin( + email: 'alice@example.com', + displayName: 'alice', + password: 'longenoughpassword', + ); + $postId = $this->createPost($alice['cookie'], 'P1'); + + $this->promoteToAdmin($alice['user']->getId()); + $cookie = $this->reLoginAsAdmin( + 'alice@example.com', + 'longenoughpassword', + ); + + $this->withCredentials() + ->withUnencryptedCookie('auth_token', $cookie) + ->postJson('/api/admin/posts/feature', [ + 'postId' => $postId, + 'slot' => 1, + ]) + ->assertStatus(200); + + $this->withCredentials() + ->withUnencryptedCookie('auth_token', $cookie) + ->postJson('/api/admin/posts/unfeature', [ + 'postId' => $postId, + ]) + ->assertStatus(204); + + $this->resetClientState(); + $this->getJson('/api/posts/featured') + ->assertStatus(200) + ->assertJsonPath('posts', []); + } +}