github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2025-01-19 18:12:59 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Tests: Comply with default permissions

Browse Source 
Before transactions, each test class would need to explicitly state starting state for permissions, which made the initial permission configuration somewhat arbitrary. Now, we might as well use the initial state of the default installation.

One of the User show_test tests has been commented out until
This commit is contained in:
Alexander Skvortsov 2021-01-07 11:24:52 -05:00
parent ae280016e7
commit c1aa1455d3
2 changed files with 68 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
tests/integration/api/users/ShowTest.php
View File

@ -30,6 +30,16 @@ class ShowTest extends TestCase
]);
}
private function forbidGuestsFromSeeingForum()
{
$this->database()->table('group_permission')->where('permission', 'viewDiscussions')->where('group_id', 2)->delete();
}
private function forbidMembersFromSearchingUsers()
{
$this->database()->table('group_permission')->where('permission', 'viewUserList')->where('group_id', 3)->delete();
}
/**
* @test
*/
@ -63,22 +73,52 @@ class ShowTest extends TestCase
/**
* @test
*/
public function guest_cannot_see_user()
public function guest_can_see_user_by_default()
{
$response = $this->send(
$this->request('GET', '/api/users/2')
);
$this->assertEquals(200, $response->getStatusCode());
}
/**
* @test
*/
public function guest_can_see_user_by_slug_by_default()
{
$response = $this->send(
$this->request('GET', '/api/users/normal')->withQueryParams([
'bySlug' => true
])
);
$this->assertEquals(200, $response->getStatusCode());
}
/**
* @test
*/
public function guest_cant_see_user_if_blocked()
{
$this->forbidGuestsFromSeeingForum();
$response = $this->send(
$this->request('GET', '/api/users/2')
);
$this->assertEquals(404, $response->getStatusCode());
}
/**
* @test
*/
public function guest_cannot_see_user_by_slug()
public function guest_cant_see_user_by_slug_if_blocked()
{
$this->forbidGuestsFromSeeingForum();
$response = $this->send(
$this->request('GET', '/api/users/2')->withQueryParams([
$this->request('GET', '/api/users/normal')->withQueryParams([
'bySlug' => true
])
);
@ -119,7 +159,7 @@ class ShowTest extends TestCase
/**
* @test
*/
public function user_cant_see_others_by_default()
public function user_can_see_others_by_default()
{
$response = $this->send(
$this->request('GET', '/api/users/1', [
@ -127,55 +167,31 @@ class ShowTest extends TestCase
])
);
$this->assertEquals(404, $response->getStatusCode());
}
/**
* @test
*/
public function user_cant_see_others_by_default_via_slug()
{
$response = $this->send(
$this->request('GET', '/api/users/admin', [
'authenticatedAs' => 2,
])->withQueryParams([
'bySlug' => true
])
);
$this->assertEquals(404, $response->getStatusCode());
}
/**
* @test
*/
public function user_can_see_others_if_allowed()
{
$this->prepareDatabase([
'group_permission' => [
['permission' => 'viewDiscussions', 'group_id' => 3],
]
]);
$response = $this->send(
$this->request('GET', '/api/users/1', [
'authenticatedAs' => 2,
])
);
$this->assertEquals(200, $response->getStatusCode());
}
/**
* @test
*/
public function user_can_see_others_if_allowed_via_slug()
public function user_can_see_others_by_default_via_slug()
{
$this->prepareDatabase([
'group_permission' => [
['permission' => 'viewDiscussions', 'group_id' => 3],
]
]);
$response = $this->send(
$this->request('GET', '/api/users/admin', [
'authenticatedAs' => 2,
])->withQueryParams([
'bySlug' => true
])
);
$this->assertEquals(200, $response->getStatusCode());
}
/**
* @test
*/
public function user_can_still_see_others_via_slug_even_if_cant_search()
{
$this->forbidMembersFromSearchingUsers();
$response = $this->send(
$this->request('GET', '/api/users/admin', [

12
tests/integration/extenders/PolicyTest.php
View File

@ -137,19 +137,19 @@ class PolicyTest extends TestCase
/**
* @test
*/
public function regular_user_cant_start_discussions_by_default()
public function regular_user_can_start_discussions_by_default()
{
$this->app();
$user = User::find(2);
$this->assertEquals(false, $user->can('startDiscussion'));
$this->assertEquals(true, $user->can('startDiscussion'));
}
/**
* @test
*/
public function regular_user_can_start_discussions_if_granted_by_global_policy()
public function regular_user_cant_start_discussions_if_blocked_by_global_policy()
{
$this->extend(
(new Extend\Policy)
@ -160,7 +160,7 @@ class PolicyTest extends TestCase
$user = User::find(2);
$this->assertEquals(true, $user->can('startDiscussion'));
$this->assertEquals(false, $user->can('startDiscussion'));
}
/**
@ -177,7 +177,7 @@ class PolicyTest extends TestCase
$user = User::find(2);
$this->assertEquals(false, $user->can('startDiscussion', Discussion::find(1)));
$this->assertEquals(true, $user->can('startDiscussion', Discussion::find(1)));
}
/**
@ -260,7 +260,7 @@ class GlobalStartDiscussionPolicy extends AbstractPolicy
{
protected function startDiscussion(User $user)
{
return $this->allow();
return $this->deny();
}
}