92 lines
2.7 KiB
PHP
92 lines
2.7 KiB
PHP
<?php
|
|
|
|
namespace Tests\Feature\User;
|
|
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Tests\Feature\AuthenticatesUsers;
|
|
use Tests\TestCase;
|
|
|
|
class UserSearchAndPromoteTest extends TestCase
|
|
{
|
|
use AuthenticatesUsers;
|
|
use RefreshDatabase;
|
|
|
|
public function test_search_is_public(): void
|
|
{
|
|
$this->signupAndLogin(
|
|
email: 'alice@example.com',
|
|
displayName: 'alice',
|
|
password: 'longenoughpassword',
|
|
);
|
|
$this->signupAndLogin(
|
|
email: 'alex@example.com',
|
|
displayName: 'alex',
|
|
password: 'longenoughpassword',
|
|
);
|
|
|
|
$this->resetClientState();
|
|
$response = $this->getJson('/api/users?q=al');
|
|
$response->assertStatus(200);
|
|
$response->assertJsonCount(2, 'users');
|
|
}
|
|
|
|
public function test_search_with_no_query_returns_empty(): void
|
|
{
|
|
$response = $this->getJson('/api/users');
|
|
$response->assertStatus(200);
|
|
$response->assertJsonPath('users', []);
|
|
}
|
|
|
|
public function test_non_admin_cannot_promote(): void
|
|
{
|
|
$alice = $this->signupAndLogin(
|
|
email: 'alice@example.com',
|
|
displayName: 'alice',
|
|
password: 'longenoughpassword',
|
|
);
|
|
$bob = $this->signupAndLogin(
|
|
email: 'bob@example.com',
|
|
displayName: 'bob',
|
|
password: 'longenoughpassword',
|
|
);
|
|
|
|
$this->resetClientState();
|
|
$this->withCredentials()
|
|
->withUnencryptedCookie('auth_token', $alice['cookie'])
|
|
->postJson('/api/admin/users/promote', [
|
|
'userId' => $bob['user']->getId(),
|
|
])
|
|
->assertStatus(403);
|
|
}
|
|
|
|
public function test_admin_promotes_user(): void
|
|
{
|
|
$alice = $this->signupAndLogin(
|
|
email: 'alice@example.com',
|
|
displayName: 'alice',
|
|
password: 'longenoughpassword',
|
|
);
|
|
$bob = $this->signupAndLogin(
|
|
email: 'bob@example.com',
|
|
displayName: 'bob',
|
|
password: 'longenoughpassword',
|
|
);
|
|
|
|
$this->promoteToAdmin($alice['user']->getId());
|
|
$loginResponse = $this->postJson('/api/login', [
|
|
'email' => 'alice@example.com',
|
|
'password' => 'longenoughpassword',
|
|
]);
|
|
$aliceCookie = $loginResponse->getCookie('auth_token', false)
|
|
->getValue();
|
|
|
|
$this->resetClientState();
|
|
$this->withCredentials()
|
|
->withUnencryptedCookie('auth_token', $aliceCookie)
|
|
->postJson('/api/admin/users/promote', [
|
|
'userId' => $bob['user']->getId(),
|
|
])
|
|
->assertStatus(200)
|
|
->assertJsonPath('user.isAdmin', true);
|
|
}
|
|
}
|