115 lines
3.6 KiB
PHP
115 lines
3.6 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
namespace Tests\Feature\Admin;
|
||
|
|
|
||
|
|
use App\Models\User;
|
||
|
|
use App\Models\Role;
|
||
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
||
|
|
use Illuminate\Support\Facades\Hash;
|
||
|
|
use Tests\TestCase;
|
||
|
|
|
||
|
|
class ProfileManagementTest extends TestCase
|
||
|
|
{
|
||
|
|
use RefreshDatabase;
|
||
|
|
|
||
|
|
protected function setUp(): void
|
||
|
|
{
|
||
|
|
parent::setUp();
|
||
|
|
|
||
|
|
// Seed permissions and roles
|
||
|
|
$this->artisan('db:seed', ['--class' => 'PermissionSeeder']);
|
||
|
|
$this->artisan('db:seed', ['--class' => 'RoleSeeder']);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function test_profile_page_is_accessible_to_authenticated_users()
|
||
|
|
{
|
||
|
|
$user = User::factory()->create();
|
||
|
|
$user->roles()->attach(Role::where('slug', 'editor')->first());
|
||
|
|
|
||
|
|
$response = $this->actingAs($user)->get(route('admin.profile.edit'));
|
||
|
|
|
||
|
|
$response->assertStatus(200);
|
||
|
|
$response->assertSee('data-component="Profile"', false);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function test_user_can_update_profile_information()
|
||
|
|
{
|
||
|
|
$user = User::factory()->create([
|
||
|
|
'name' => 'Old Name',
|
||
|
|
'email' => 'old@example.test',
|
||
|
|
]);
|
||
|
|
$user->roles()->attach(Role::where('slug', 'editor')->first());
|
||
|
|
|
||
|
|
$response = $this->actingAs($user)->put(route('admin.profile.update'), [
|
||
|
|
'name' => 'New Name',
|
||
|
|
'email' => 'new@example.test',
|
||
|
|
]);
|
||
|
|
|
||
|
|
$response->assertRedirect(route('admin.profile.edit'));
|
||
|
|
$this->assertDatabaseHas('users', [
|
||
|
|
'id' => $user->id,
|
||
|
|
'name' => 'New Name',
|
||
|
|
'email' => 'new@example.test',
|
||
|
|
]);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function test_user_can_update_password()
|
||
|
|
{
|
||
|
|
$user = User::factory()->create([
|
||
|
|
'password' => Hash::make('old-password'),
|
||
|
|
]);
|
||
|
|
$user->roles()->attach(Role::where('slug', 'editor')->first());
|
||
|
|
|
||
|
|
$response = $this->actingAs($user)->put(route('admin.profile.update'), [
|
||
|
|
'name' => $user->name,
|
||
|
|
'email' => $user->email,
|
||
|
|
'current_password' => 'old-password',
|
||
|
|
'new_password' => 'new-secure-password',
|
||
|
|
'new_password_confirmation' => 'new-secure-password',
|
||
|
|
]);
|
||
|
|
|
||
|
|
$response->assertRedirect(route('admin.profile.edit'));
|
||
|
|
$this->assertTrue(Hash::check('new-secure-password', $user->fresh()->password));
|
||
|
|
}
|
||
|
|
|
||
|
|
public function test_protected_user_cannot_update_email()
|
||
|
|
{
|
||
|
|
$user = User::factory()->create([
|
||
|
|
'name' => 'Admin User',
|
||
|
|
'email' => 'admin@example.test',
|
||
|
|
'is_protected' => true,
|
||
|
|
]);
|
||
|
|
$user->roles()->attach(Role::where('slug', 'admin')->first());
|
||
|
|
|
||
|
|
$response = $this->actingAs($user)->put(route('admin.profile.update'), [
|
||
|
|
'name' => 'Changed Name',
|
||
|
|
'email' => 'changed@example.test',
|
||
|
|
]);
|
||
|
|
|
||
|
|
$response->assertSessionHasErrors(['error']);
|
||
|
|
$this->assertEquals('admin@example.test', $user->fresh()->email);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function test_protected_user_can_update_name_with_same_email()
|
||
|
|
{
|
||
|
|
$user = User::factory()->create([
|
||
|
|
'name' => 'Admin User',
|
||
|
|
'email' => 'admin@example.test',
|
||
|
|
'is_protected' => true,
|
||
|
|
]);
|
||
|
|
$user->roles()->attach(Role::where('slug', 'admin')->first());
|
||
|
|
|
||
|
|
$response = $this->actingAs($user)->put(route('admin.profile.update'), [
|
||
|
|
'name' => 'Lead Admin',
|
||
|
|
'email' => 'admin@example.test', // Simulating readonly field sent back
|
||
|
|
]);
|
||
|
|
|
||
|
|
$response->assertRedirect(route('admin.profile.edit'));
|
||
|
|
$this->assertDatabaseHas('users', [
|
||
|
|
'id' => $user->id,
|
||
|
|
'name' => 'Lead Admin',
|
||
|
|
'email' => 'admin@example.test',
|
||
|
|
]);
|
||
|
|
}
|
||
|
|
}
|