SiteWeaverCMS/cms
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
cms/tests/Feature/Admin/RoleManagementTest.php

174 lines
5.6 KiB
PHP
Raw Normal View History

feat(cms): initialize Laravel project structure and core CMS files - Added standard Laravel directory structure and configuration. - Included Svelte and Tailwind configuration for the admin interface. - Added core PHPUnit and testing scripts.
2026-04-13 17:48:06 +00:00
<?php
namespace Tests\Feature\Admin;
use App\Models\Role;
use App\Models\User;
use Database\Seeders\RoleSeeder;
use Database\Seeders\PermissionSeeder;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
class RoleManagementTest extends TestCase
{
use RefreshDatabase;
protected User $admin;
protected function setUp(): void
{
parent::setUp();
$this->seed(PermissionSeeder::class);
$this->seed(RoleSeeder::class);
$this->admin = User::factory()->create();
$this->admin->roles()->attach(Role::where('slug', 'admin')->first());
}
public function test_admin_can_view_roles_index(): void
{
$response = $this->actingAs($this->admin)->get('/loom/roles');
$response->assertStatus(200);
$response->assertSee('Admin');
$response->assertSee('Editor');
}
public function test_admin_has_all_permissions(): void
{
$adminRole = Role::where('slug', 'admin')->first();
// Admin role itself should have 0 permissions in DB now, as it's hardcoded in User model/middleware
$this->assertEquals(0, $adminRole->permissions()->count());
// But the admin user should have all permissions
$this->assertTrue($this->admin->hasPermission('upload-themes'));
$this->assertTrue($this->admin->hasPermission('upload-media'));
$this->assertTrue($this->admin->hasPermission('non-existent-permission-should-also-be-true-for-admin'));
}
public function test_editor_has_default_permissions(): void
{
$editor = Role::where('slug', 'editor')->first();
$this->assertTrue($editor->permissions->contains('slug', 'view-pages'));
$this->assertFalse($editor->permissions->contains('slug', 'view-users'));
$this->assertFalse($editor->permissions->contains('slug', 'delete-users'));
}
public function test_author_has_default_permissions(): void
{
$author = Role::where('slug', 'author')->first();
$this->assertTrue($author->permissions->contains('slug', 'view-pages'));
$this->assertFalse($author->permissions->contains('slug', 'view-users'));
}
public function test_admin_can_create_role(): void
{
$response = $this->actingAs($this->admin)->post('/loom/roles', [
'name' => 'Test Role',
'slug' => 'test-role',
'description' => 'A test role description',
]);
$response->assertRedirect('/loom/roles');
$this->assertDatabaseHas('roles', ['slug' => 'test-role']);
}
public function test_admin_can_update_role(): void
{
$role = Role::create([
'name' => 'Old Name',
'slug' => 'old-slug',
'is_protected' => false,
]);
$response = $this->actingAs($this->admin)->put("/loom/roles/{$role->id}", [
'name' => 'New Name',
'slug' => 'new-slug',
'description' => 'Updated description',
]);
$response->assertRedirect('/loom/roles');
$this->assertDatabaseHas('roles', [
'id' => $role->id,
'name' => 'New Name',
'slug' => 'new-slug',
]);
}
public function test_admin_cannot_update_protected_role(): void
{
$role = Role::where('slug', 'admin')->first();
$response = $this->actingAs($this->admin)->put("/loom/roles/{$role->id}", [
'name' => 'New Admin Name',
'slug' => 'new-admin-slug',
]);
$response->assertSessionHasErrors();
$this->assertDatabaseHas('roles', [
'id' => $role->id,
'slug' => 'admin',
]);
}
public function test_admin_can_delete_role(): void
{
$role = Role::create([
'name' => 'Delete Me',
'slug' => 'delete-me',
'is_protected' => false,
]);
$response = $this->actingAs($this->admin)->delete("/loom/roles/{$role->id}");
$response->assertRedirect('/loom/roles');
$this->assertDatabaseMissing('roles', ['id' => $role->id]);
}
public function test_admin_cannot_delete_protected_role(): void
{
$role = Role::where('slug', 'admin')->first();
$response = $this->actingAs($this->admin)->delete("/loom/roles/{$role->id}");
$response->assertSessionHasErrors();
$this->assertDatabaseHas('roles', ['id' => $role->id]);
}
public function test_admin_can_toggle_permission_via_ajax(): void
{
$role = Role::create([
'name' => 'Custom Editor',
'slug' => 'custom-editor-test',
'is_protected' => false,
]);
$permission = \App\Models\Permission::create([
'name' => 'Test Permission',
'slug' => 'test-permission',
'resource' => 'test',
'action' => 'view',
]);
// Grant permission
$response = $this->actingAs($this->admin)
->postJson("/loom/roles/{$role->id}/permissions", [
'permission_id' => $permission->id,
'active' => 'on',
]);
$response->assertStatus(200);
$response->assertJsonPath('success', true);
$this->assertTrue($role->fresh()->permissions->contains($permission->id));
// Revoke permission
$response = $this->actingAs($this->admin)
->postJson("/loom/roles/{$role->id}/permissions", [
'permission_id' => $permission->id,
]);
$response->assertStatus(200);
$response->assertJsonPath('success', true);
$this->assertFalse($role->fresh()->permissions->contains($permission->id));
}
}
Reference in a new issue Copy permalink