STEMMechanics/Website
1
0
Fork 0
Code Issues 4 Pull Requests 1 Actions Packages Projects Releases 3 Wiki Activity

cleanuo

Browse Source
This commit is contained in:
James Collins
2023-11-14 09:40:58 +10:00
parent 7d9b6793d3
commit 6f53c7ea6f
51 changed files with 110 additions and 5546 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/CreatesApplication.php
View File

@@ -9,12 +9,10 @@ trait CreatesApplication
{
/**
* Creates the application.
*
* @return \Illuminate\Foundation\Application
*/
public function createApplication(): Application
{
$app = require __DIR__ . '/../bootstrap/app.php';
$app = require __DIR__.'/../bootstrap/app.php';
$app->make(Kernel::class)->bootstrap();

162
tests/Feature/ArticlesApiTest.php
View File

@@ -1,162 +0,0 @@
<?php
namespace Tests;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
use App\Models\User;
use App\Models\Media;
use App\Models\Article;
use Faker\Factory as FakerFactory;
final class ArticlesApiTest extends TestCase
{
use RefreshDatabase;
/**
* Faker Factory instance.
* @var Faker\Factory
*/
protected $faker;
/**
* {@inheritDoc}
*
* @return void
*/
protected function setUp(): void
{
parent::setUp();
$this->faker = FakerFactory::create();
}
/**
* Tests that any user can view an article if it's published and not in the future.
*
* @return void
*/
public function testAnyUserCanViewArticle(): void
{
// Create an event
$article = Article::factory()->create([
'publish_at' => $this->faker->dateTimeBetween('-2 months', '-1 month'),
]);
// Create a future event
$futureArticle = Article::factory()->create([
'publish_at' => $this->faker->dateTimeBetween('+1 month', '+2 months'),
]);
// Send GET request to the /api/articles endpoint
$response = $this->getJson('/api/articles');
$response->assertStatus(200);
// Assert that the event is in the response data
$response->assertJsonCount(1, 'articles');
$response->assertJsonFragment([
'id' => $article->id,
'title' => $article->title,
'content' => $article->content,
]);
$response->assertJsonMissing([
'id' => $futureArticle->id,
'title' => $futureArticle->title,
'content' => $futureArticle->content,
]);
}
/**
* Tests that an admin can create, update, and delete articles.
*
* @return void
*/
public function testAdminCanCreateUpdateDeleteArticle(): void
{
// Create a user with the admin/events permission
$adminUser = User::factory()->create();
$adminUser->givePermission('admin/articles');
// Create media data
$media = Media::factory()->create(['user_id' => $adminUser->id]);
// Create event data
$articleData = Article::factory()->make([
'user_id' => $adminUser->id,
'hero' => $media->id,
])->toArray();
// Test creating event
$response = $this->actingAs($adminUser)->postJson('/api/articles', $articleData);
$response->assertStatus(201);
$this->assertDatabaseHas('articles', [
'title' => $articleData['title'],
'content' => $articleData['content'],
]);
// Test viewing event
$article = Article::where('title', $articleData['title'])->first();
$response = $this->get("/api/articles/$article->id");
$response->assertStatus(200);
$response->assertJsonStructure([
'article' => [
'id',
'title',
'content',
]
]);
// Test updating event
$articleData['title'] = 'Updated Article';
$response = $this->actingAs($adminUser)->putJson("/api/articles/$article->id", $articleData);
$response->assertStatus(200);
$this->assertDatabaseHas('articles', [
'title' => 'Updated Article',
]);
// Test deleting event
$response = $this->actingAs($adminUser)->delete("/api/articles/$article->id");
$response->assertStatus(204);
$this->assertDatabaseMissing('articles', [
'title' => 'Updated Article',
]);
}
/**
* Tests that a non-admin user cannot create, update, or delete articles.
*
* @return void
*/
public function testNonAdminCannotCreateUpdateDeleteArticle(): void
{
// Create a user without admin/events permission
$user = User::factory()->create();
// Authenticate as the user
$this->actingAs($user);
// Try to create a new article
$media = Media::factory()->create(['user_id' => $user->id]);
$newArticleData = Article::factory()->make(['user_id' => $user->id, 'hero' => $media->id])->toArray();
$response = $this->postJson('/api/articles', $newArticleData);
$response->assertStatus(403);
// Try to update an event
$article = Article::factory()->create();
$updatedArticleData = [
'title' => 'Updated Event',
'content' => 'This is an updated event.',
// Add more fields as needed
];
$response = $this->putJson('/api/articles/' . $article->id, $updatedArticleData);
$response->assertStatus(403);
// Try to delete an event
$article = Article::factory()->create();
$response = $this->deleteJson('/api/articles/' . $article->id);
$response->assertStatus(403);
}
}

70
tests/Feature/AuthApiTest.php
View File

@@ -1,70 +0,0 @@
<?php
namespace Tests;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
use App\Models\User;
final class AuthApiTest extends TestCase
{
use RefreshDatabase;
/**
* Tests the login, user retrieval, and logout functionality of the Auth API.
*
* This test performs the following steps:
* 1. Creates a new user using a factory.
* 2. Attempts a successful login with the correct credentials,
* checks for a 200 status code, and verifies the structure of the returned token.
* 3. Retrieves the authenticated user's data using the token,
* checks for a 200 status code, and verifies the returned user data.
* 4. Logs out the authenticated user using the token and checks for a 204 status code.
* 5. Attempts a failed login with incorrect credentials and checks for a 422 status code.
*
* @return void
*/
public function testLogin(): void
{
$user = User::factory()->create([
'password' => bcrypt('password'),
]);
// Test successful login
$response = $this->postJson('/api/login', [
'email' => $user->email,
'password' => 'password',
]);
$response->assertStatus(200);
$response->assertJsonStructure([
'token',
]);
$token = $response->json('token');
// Test getting authenticated user
$response = $this->withHeaders([
'Authorization' => "Bearer $token",
])->get('/api/me');
$response->assertStatus(200);
$response->assertJson([
'user' => [
'id' => $user->id,
'email' => $user->email,
]
]);
// Test logout
$response = $this->withHeaders([
'Authorization' => "Bearer $token",
])->postJson('/api/logout');
$response->assertStatus(204);
// Test failed login
$response = $this->postJson('/api/login', [
'email' => $user->email,
'password' => 'wrongpassword',
]);
$response->assertStatus(422);
}
}

43
tests/Feature/ContactFormTest.php
View File

@@ -1,43 +0,0 @@
<?php
namespace Tests;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
final class ContactFormTest extends TestCase
{
use RefreshDatabase;
/**
* Tests the contact form submission API endpoint.
*
* This test performs two POST requests to the '/api/contact' endpoint
* using the `postJson` method. The first request contains valid data and
* should return a 201 status code, indicating a successful creation.
* The second request omits the 'email' field, which should cause a
* validation error and return a 422 status code.
*
* @return void
*/
public function testContactForm(): void
{
$formData = [
'name' => 'John Doe',
'email' => 'johndoe@example.com',
'content' => 'Hello, this is a test message.',
];
$response = $this->postJson('/api/contact', $formData);
$response->assertStatus(201);
$formData = [
'name' => 'John Doe',
'content' => 'Hello, this is a test message.',
];
$response = $this->postJson('/api/contact', $formData);
$response->assertStatus(422);
}
}

204
tests/Feature/EventsApiTest.php
View File

@@ -1,204 +0,0 @@
<?php
namespace Tests;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
use App\Models\User;
use App\Models\Event;
use App\Models\Media;
use Carbon\Carbon;
use Faker\Factory as FakerFactory;
final class EventsApiTest extends TestCase
{
use RefreshDatabase;
/**
* Faker Factory instance.
* @var Faker\Factory
*/
protected $faker;
/**
* {@inheritDoc}
*
* @return void
*/
protected function setUp(): void
{
parent::setUp();
$this->faker = FakerFactory::create();
}
/**
* Tests that any user can view an event if it's published and not in the future.
*
* @return void
*/
public function testAnyUserCanViewEvent(): void
{
// Create an event
$event = Event::factory()->create([
'publish_at' => Carbon::parse($this->faker->dateTimeBetween('-2 months', '-1 month')),
'status' => 'open',
]);
// Create a future event
$futureEvent = Event::factory()->create([
'publish_at' => Carbon::parse($this->faker->dateTimeBetween('+1 day', '+1 month')),
'status' => 'open',
]);
// Send GET request to the /api/events endpoint
$response = $this->getJson('/api/events');
$response->assertStatus(200);
// Assert that the event is in the response data
$response->assertJsonCount(1, 'events');
$response->assertJsonFragment([
'id' => $event->id,
'title' => $event->title,
]);
$response->assertJsonMissing([
'id' => $futureEvent->id,
'title' => $futureEvent->title,
]);
}
/**
* Tests that any user cannot see draft events.
*
* @return void
*/
public function testAnyUserCannotSeeDraftEvent(): void
{
// Create a draft event
$draftEvent = Event::factory()->create([
'publish_at' => Carbon::parse($this->faker->dateTimeBetween('-2 months', '-1 month')),
'status' => 'draft',
]);
// Create a open event
$openEvent = Event::factory()->create([
'publish_at' => Carbon::parse($this->faker->dateTimeBetween('-2 months', '-1 month')),
'status' => 'open',
]);
// Create a closed event
$closedEvent = Event::factory()->create([
'publish_at' => Carbon::parse($this->faker->dateTimeBetween('-2 months', '-1 month')),
'status' => 'closed',
]);
// Send GET request to the /api/events endpoint
$response = $this->getJson('/api/events');
$response->assertStatus(200);
// Assert that the event is in the response data
$response->assertJsonCount(2, 'events');
$response->assertJsonMissing([
'id' => $draftEvent->id,
'title' => $draftEvent->title,
]);
}
/**
* Tests that an admin can create, update, and delete events.
*
* @return void
*/
public function testAdminCanCreateUpdateDeleteEvent(): void
{
// Create a user with the admin/events permission
$adminUser = User::factory()->create();
$adminUser->givePermission('admin/events');
// Create media data
$media = Media::factory()->create(['user_id' => $adminUser->id]);
// Create event data
$eventData = Event::factory()->make([
'start_at' => now()->addDays(7),
'end_at' => now()->addDays(7)->addHours(2),
'hero' => $media->id,
])->toArray();
// Test creating event
$response = $this->actingAs($adminUser)->postJson('/api/events', $eventData);
$response->assertStatus(201);
$this->assertDatabaseHas('events', [
'title' => $eventData['title'],
'content' => $eventData['content'],
]);
// Test viewing event
$event = Event::where('title', $eventData['title'])->first();
$response = $this->get("/api/events/$event->id");
$response->assertStatus(200);
$response->assertJsonStructure([
'event' => [
'id',
'title',
'content',
'start_at',
'end_at',
]
]);
// Test updating event
$eventData['title'] = 'Updated Event';
$response = $this->actingAs($adminUser)->putJson("/api/events/$event->id", $eventData);
$response->assertStatus(200);
$this->assertDatabaseHas('events', [
'title' => 'Updated Event',
]);
// Test deleting event
$response = $this->actingAs($adminUser)->delete("/api/events/$event->id");
$response->assertStatus(204);
$this->assertDatabaseMissing('events', [
'title' => 'Updated Event',
]);
}
/**
* Tests that a non-admin user cannot create, update, or delete events.
*
* @return void
*/
public function testNonAdminCannotCreateUpdateDeleteEvent(): void
{
// Create a user without admin/events permission
$user = User::factory()->create();
// Authenticate as the user
$this->actingAs($user);
// Try to create a new event
$media = Media::factory()->create(['user_id' => $user->id]);
$newEventData = Event::factory()->make(['hero' => $media->id])->toArray();
$response = $this->postJson('/api/events', $newEventData);
$response->assertStatus(403);
// Try to update an event
$event = Event::factory()->create();
$updatedEventData = [
'title' => 'Updated Event',
'content' => 'This is an updated event.',
// Add more fields as needed
];
$response = $this->putJson('/api/events/' . $event->id, $updatedEventData);
$response->assertStatus(403);
// Try to delete an event
$event = Event::factory()->create();
$response = $this->deleteJson('/api/events/' . $event->id);
$response->assertStatus(403);
}
}

19
tests/Feature/ExampleTest.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
namespace Tests\Feature;
// use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*/
public function test_the_application_returns_a_successful_response(): void
{
$response = $this->get('/');
$response->assertStatus(200);
}
}

263
tests/Feature/UsersApiTest.php
View File

@@ -1,263 +0,0 @@
<?php
namespace Tests;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Foundation\Testing\WithFaker;
use Tests\TestCase;
use App\Models\User;
final class UsersApiTest extends TestCase
{
use RefreshDatabase;
/**
* Tests that non-admin users can only view basic user info.
*
* @return void
*/
public function testNonAdminUsersCanOnlyViewBasicUserInfo(): void
{
// create a non-admin user
$nonAdminUser = User::factory()->create();
$nonAdminUser->revokePermission('admin/users');
// create an admin user
$adminUser = User::factory()->create();
$adminUser->givePermission('admin/users');
// ensure the non-admin user can access the endpoint and see basic user info only
$response = $this->actingAs($nonAdminUser)->get('/api/users');
$response->assertStatus(200);
$response->assertJsonStructure([
'users' => [
'*' => [
'id',
'display_name'
]
],
'total'
]);
$response->assertJsonMissing([
'users' => [
'*' => [
'email',
'password'
]
],
]);
// ensure the admin user can access the endpoint and see additional user info
$response = $this->actingAs($adminUser)->get('/api/users');
$response->assertStatus(200);
$response->assertJsonStructure([
'users' => [
'*' => [
'id',
'email'
]
],
'total'
]);
$response->assertJsonMissing([
'users' => [
'*' => [
'password'
]
]
]);
$response->assertJsonFragment([
'id' => $nonAdminUser->id,
'email' => $nonAdminUser->email
]);
}
/**
* Tests that guests cannot create a user via the API.
*
* @return void
*/
public function testGuestCannotCreateUser(): void
{
$userData = [
'email' => 'johndoe@example.com',
'password' => 'password',
];
$response = $this->postJson('/api/users', $userData);
$response->assertStatus(401);
$this->assertDatabaseMissing('users', [
'email' => $userData['email'],
]);
}
/**
* Tests that guests can register a user via the API.
*
* @return void
*/
public function testGuestCanRegisterUser(): void
{
$userData = [
'first_name' => 'John',
'last_name' => 'Doe',
'display_name' => 'jackdoe',
'email' => 'johndoe@example.com',
'password' => 'password',
];
$response = $this->postJson('/api/register', $userData);
$response->assertStatus(200);
$this->assertDatabaseHas('users', [
'email' => $userData['email'],
]);
}
/**
* Tests that duplicate email or display name entries cannot be created.
*
* @return void
*/
public function testCannotCreateDuplicateEmailOrDisplayName(): void
{
$userData = [
'display_name' => 'JackDoe',
'first_name' => 'Jack',
'last_name' => 'Doe',
'email' => 'jackdoe@example.com',
'password' => 'password',
];
// Test creating user
$response = $this->postJson('/api/register', $userData);
$response->assertStatus(200);
$this->assertDatabaseHas('users', [
'email' => 'jackdoe@example.com',
]);
// Test creating duplicate user
$response = $this->postJson('/api/register', $userData);
$response->assertStatus(422);
$response->assertJsonValidationErrors(['display_name', 'email']);
}
/**
* Tests that a user can only update their own user info.
*
* @return void
*/
public function testUserCanOnlyUpdateOwnUser(): void
{
$user = User::factory()->create();
$userData = [
'email' => 'raffi@example.com',
'password' => 'password',
];
// Test updating own user
$response = $this->actingAs($user)->putJson('/api/users/' . $user->id, $userData);
$response->assertStatus(200);
$this->assertDatabaseHas('users', [
'id' => $user->id,
'email' => 'raffi@example.com',
]);
// Test updating another user
$otherUser = User::factory()->create();
$otherUserData = [
'email' => 'otherraffi@example.com',
'password' => 'password',
];
$response = $this->actingAs($user)->putJson('/api/users/' . $otherUser->id, $otherUserData);
$response->assertStatus(403);
}
/**
* Tests that a user cannot delete users via the API.
*
* @return void
*/
public function testUserCannotDeleteUsers(): void
{
$user = User::factory()->create();
// Test deleting own user
$response = $this->actingAs($user)->deleteJson('/api/users/' . $user->id);
$response->assertStatus(403);
$this->assertDatabaseHas('users', ['id' => $user->id]);
// Test deleting another user
$otherUser = User::factory()->create();
$response = $this->actingAs($user)->deleteJson('/api/users/' . $otherUser->id);
$response->assertStatus(403);
$this->assertDatabaseHas('users', ['id' => $otherUser->id]);
}
/**
* Tests that an admin can update any user's info.
*
* @return void
*/
public function testAdminCanUpdateAnyUser(): void
{
$admin = User::factory()->create();
$admin->givePermission('admin/users');
$user = User::factory()->create();
$userData = [
'email' => 'todddoe@example.com',
'password' => 'password',
];
// Test updating own user
$response = $this->actingAs($admin)->putJson('/api/users/' . $user->id, $userData);
$response->assertStatus(200);
$this->assertDatabaseHas('users', [
'id' => $user->id,
'email' => 'todddoe@example.com'
]);
// Test updating another user
$otherUser = User::factory()->create();
$otherUserData = [
'email' => 'kimdoe@example.com',
'password' => 'password',
];
$response = $this->actingAs($admin)->putJson('/api/users/' . $otherUser->id, $otherUserData);
$response->assertStatus(200);
$this->assertDatabaseHas('users', [
'id' => $otherUser->id,
'email' => 'kimdoe@example.com',
]);
}
/**
* Tests that an admin can delete any user via the API.
*
* @return void
*/
public function testAdminCanDeleteAnyUser(): void
{
$admin = User::factory()->create();
$admin->givePermission('admin/users');
$user = User::factory()->create();
// Test deleting own user
$response = $this->actingAs($admin)->deleteJson('/api/users/' . $user->id);
$response->assertStatus(204);
$this->assertDatabaseMissing('users', ['id' => $user->id]);
// Test deleting another user
$otherUser = User::factory()->create();
$response = $this->actingAs($admin)->deleteJson('/api/users/' . $otherUser->id);
$response->assertStatus(204);
$this->assertDatabaseMissing('users', ['id' => $otherUser->id]);
}
}

13
tests/TestCase.php
View File

@@ -7,17 +7,4 @@ use Illuminate\Foundation\Testing\TestCase as BaseTestCase;
abstract class TestCase extends BaseTestCase
{
use CreatesApplication;
/**
* {@inheritDoc}
*
* @return void
*/
protected function setUp(): void
{
parent::setUp();
$this->withoutVite();
}
}

4
tests/Unit/ExampleTest.php
View File

@@ -4,12 +4,10 @@ namespace Tests\Unit;
use PHPUnit\Framework\TestCase;
final class ExampleTest extends TestCase
class ExampleTest extends TestCase
{
/**
* A basic test example.
*
* @return void
*/
public function test_that_true_is_true(): void
{