Skip to content

Commit fcefcc8

Browse files
snipesnipe
authored
Merge pull request #15512 from marcusmoore/testing/fmcs
Added tests for delete methods in api
2 parents 04bb3ee + 3519a82 commit fcefcc8

28 files changed

+1239
-55
lines changed

app/Http/Controllers/Api/AssetMaintenancesController.php

-4
Original file line numberDiff line numberDiff line change
@@ -188,10 +188,6 @@ public function destroy($assetMaintenanceId) : JsonResponse
188188
// Check if the asset maintenance exists
189189
$assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
190190

191-
if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
192-
return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot delete a maintenance for that asset'));
193-
}
194-
195191
$assetMaintenance->delete();
196192

197193
return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.delete.success')));

app/Http/Controllers/Api/LicensesController.php

-1
Original file line numberDiff line numberDiff line change
@@ -220,7 +220,6 @@ public function update(Request $request, $id) : JsonResponse | array
220220
*/
221221
public function destroy($id) : JsonResponse
222222
{
223-
//
224223
$license = License::findOrFail($id);
225224
$this->authorize('delete', $license);
226225

app/Models/PredefinedKit.php

+2
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44

55
use App\Models\Traits\Searchable;
66
use App\Presenters\Presentable;
7+
use Illuminate\Database\Eloquent\Factories\HasFactory;
78
use Illuminate\Validation\Rule;
89
use Watson\Validating\ValidatingTrait;
910

@@ -16,6 +17,7 @@
1617
class PredefinedKit extends SnipeModel
1718
{
1819
protected $presenter = \App\Presenters\PredefinedKitPresenter::class;
20+
use HasFactory;
1921
use Presentable;
2022
protected $table = 'kits';
2123

database/factories/PredefinedKitFactory.php

+23
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
<?php
2+
3+
namespace Database\Factories;
4+
5+
use Illuminate\Database\Eloquent\Factories\Factory;
6+
7+
/**
8+
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\PredefinedKit>
9+
*/
10+
class PredefinedKitFactory extends Factory
11+
{
12+
/**
13+
* Define the model's default state.
14+
*
15+
* @return array<string, mixed>
16+
*/
17+
public function definition(): array
18+
{
19+
return [
20+
'name' => $this->faker->words(3, true),
21+
];
22+
}
23+
}

database/factories/UserFactory.php

+65-5
Original file line numberDiff line numberDiff line change
@@ -141,6 +141,11 @@ public function viewRequestableAssets()
141141
return $this->appendPermission(['assets.view.requestable' => '1']);
142142
}
143143

144+
public function deleteAssetModels()
145+
{
146+
return $this->appendPermission(['models.delete' => '1']);
147+
}
148+
144149
public function viewAccessories()
145150
{
146151
return $this->appendPermission(['accessories.view' => '1']);
@@ -201,6 +206,11 @@ public function checkoutConsumables()
201206
return $this->appendPermission(['consumables.checkout' => '1']);
202207
}
203208

209+
public function deleteDepartments()
210+
{
211+
return $this->appendPermission(['departments.delete' => '1']);
212+
}
213+
204214
public function viewDepartments()
205215
{
206216
return $this->appendPermission(['departments.view' => '1']);
@@ -241,11 +251,6 @@ public function viewComponents()
241251
return $this->appendPermission(['components.view' => '1']);
242252
}
243253

244-
public function createCompanies()
245-
{
246-
return $this->appendPermission(['companies.create' => '1']);
247-
}
248-
249254
public function createComponents()
250255
{
251256
return $this->appendPermission(['components.create' => '1']);
@@ -271,6 +276,16 @@ public function checkoutComponents()
271276
return $this->appendPermission(['components.checkout' => '1']);
272277
}
273278

279+
public function createCompanies()
280+
{
281+
return $this->appendPermission(['companies.create' => '1']);
282+
}
283+
284+
public function deleteCompanies()
285+
{
286+
return $this->appendPermission(['companies.delete' => '1']);
287+
}
288+
274289
public function viewUsers()
275290
{
276291
return $this->appendPermission(['users.view' => '1']);
@@ -291,6 +306,16 @@ public function deleteUsers()
291306
return $this->appendPermission(['users.delete' => '1']);
292307
}
293308

309+
public function deleteCategories()
310+
{
311+
return $this->appendPermission(['categories.delete' => '1']);
312+
}
313+
314+
public function deleteLocations()
315+
{
316+
return $this->appendPermission(['locations.delete' => '1']);
317+
}
318+
294319
public function canEditOwnLocation()
295320
{
296321
return $this->appendPermission(['self.edit_location' => '1']);
@@ -306,6 +331,41 @@ public function canImport()
306331
return $this->appendPermission(['import' => '1']);
307332
}
308333

334+
public function deleteCustomFields()
335+
{
336+
return $this->appendPermission(['customfields.delete' => '1']);
337+
}
338+
339+
public function deleteCustomFieldsets()
340+
{
341+
return $this->appendPermission(['customfields.delete' => '1']);
342+
}
343+
344+
public function deleteDepreciations()
345+
{
346+
return $this->appendPermission(['depreciations.delete' => '1']);
347+
}
348+
349+
public function deleteManufacturers()
350+
{
351+
return $this->appendPermission(['manufacturers.delete' => '1']);
352+
}
353+
354+
public function deletePredefinedKits()
355+
{
356+
return $this->appendPermission(['kits.delete' => '1']);
357+
}
358+
359+
public function deleteStatusLabels()
360+
{
361+
return $this->appendPermission(['statuslabels.delete' => '1']);
362+
}
363+
364+
public function deleteSuppliers()
365+
{
366+
return $this->appendPermission(['suppliers.delete' => '1']);
367+
}
368+
309369
private function appendPermission(array $permission)
310370
{
311371
return $this->state(function ($currentState) use ($permission) {

tests/Concerns/TestsFullMultipleCompaniesSupport.php

+8
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
<?php
2+
3+
namespace Tests\Concerns;
4+
5+
interface TestsFullMultipleCompaniesSupport
6+
{
7+
public function testAdheresToFullMultipleCompaniesSupportScoping();
8+
}

tests/Concerns/TestsPermissionsRequirement.php

+8
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
<?php
2+
3+
namespace Tests\Concerns;
4+
5+
interface TestsPermissionsRequirement
6+
{
7+
public function testRequiresPermission();
8+
}

tests/Feature/Accessories/Api/DeleteAccessoriesTest.php

+77
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,77 @@
1+
<?php
2+
3+
namespace Tests\Feature\Accessories\Api;
4+
5+
use App\Models\Accessory;
6+
use App\Models\Company;
7+
use App\Models\User;
8+
use Tests\Concerns\TestsFullMultipleCompaniesSupport;
9+
use Tests\Concerns\TestsPermissionsRequirement;
10+
use Tests\TestCase;
11+
12+
class DeleteAccessoriesTest extends TestCase implements TestsFullMultipleCompaniesSupport, TestsPermissionsRequirement
13+
{
14+
public function testRequiresPermission()
15+
{
16+
$accessory = Accessory::factory()->create();
17+
18+
$this->actingAsForApi(User::factory()->create())
19+
->deleteJson(route('api.accessories.destroy', $accessory))
20+
->assertForbidden();
21+
22+
$this->assertNotSoftDeleted($accessory);
23+
}
24+
25+
public function testAdheresToFullMultipleCompaniesSupportScoping()
26+
{
27+
[$companyA, $companyB] = Company::factory()->count(2)->create();
28+
29+
$accessoryA = Accessory::factory()->for($companyA)->create();
30+
$accessoryB = Accessory::factory()->for($companyB)->create();
31+
$accessoryC = Accessory::factory()->for($companyB)->create();
32+
33+
$superUser = $companyA->users()->save(User::factory()->superuser()->make());
34+
$userInCompanyA = $companyA->users()->save(User::factory()->deleteAccessories()->make());
35+
$userInCompanyB = $companyB->users()->save(User::factory()->deleteAccessories()->make());
36+
37+
$this->settings->enableMultipleFullCompanySupport();
38+
39+
$this->actingAsForApi($userInCompanyA)
40+
->deleteJson(route('api.accessories.destroy', $accessoryB))
41+
->assertStatusMessageIs('error');
42+
43+
$this->actingAsForApi($userInCompanyB)
44+
->deleteJson(route('api.accessories.destroy', $accessoryA))
45+
->assertStatusMessageIs('error');
46+
47+
$this->actingAsForApi($superUser)
48+
->deleteJson(route('api.accessories.destroy', $accessoryC))
49+
->assertStatusMessageIs('success');
50+
51+
$this->assertNotSoftDeleted($accessoryA);
52+
$this->assertNotSoftDeleted($accessoryB);
53+
$this->assertSoftDeleted($accessoryC);
54+
}
55+
56+
public function testCannotDeleteAccessoryThatHasCheckouts()
57+
{
58+
$accessory = Accessory::factory()->checkedOutToUser()->create();
59+
60+
$this->actingAsForApi(User::factory()->deleteAccessories()->create())
61+
->deleteJson(route('api.accessories.destroy', $accessory))
62+
->assertStatusMessageIs('error');
63+
64+
$this->assertNotSoftDeleted($accessory);
65+
}
66+
67+
public function testCanDeleteAccessory()
68+
{
69+
$accessory = Accessory::factory()->create();
70+
71+
$this->actingAsForApi(User::factory()->deleteAccessories()->create())
72+
->deleteJson(route('api.accessories.destroy', $accessory))
73+
->assertStatusMessageIs('success');
74+
75+
$this->assertSoftDeleted($accessory);
76+
}
77+
}

tests/Feature/Accessories/Api/DeleteAccessoryTest.php

-19
This file was deleted.

tests/Feature/AssetMaintenances/Api/DeleteAssetMaintenancesTest.php

+70
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
<?php
2+
3+
namespace Tests\Feature\AssetMaintenances\Api;
4+
5+
use App\Models\AssetMaintenance;
6+
use App\Models\Company;
7+
use App\Models\User;
8+
use Tests\Concerns\TestsFullMultipleCompaniesSupport;
9+
use Tests\Concerns\TestsPermissionsRequirement;
10+
use Tests\TestCase;
11+
12+
class DeleteAssetMaintenancesTest extends TestCase implements TestsFullMultipleCompaniesSupport, TestsPermissionsRequirement
13+
{
14+
public function testRequiresPermission()
15+
{
16+
$assetMaintenance = AssetMaintenance::factory()->create();
17+
18+
$this->actingAsForApi(User::factory()->create())
19+
->deleteJson(route('api.maintenances.destroy', $assetMaintenance))
20+
->assertForbidden();
21+
22+
$this->assertNotSoftDeleted($assetMaintenance);
23+
}
24+
25+
public function testAdheresToFullMultipleCompaniesSupportScoping()
26+
{
27+
[$companyA, $companyB] = Company::factory()->count(2)->create();
28+
29+
$assetMaintenanceA = AssetMaintenance::factory()->create();
30+
$assetMaintenanceB = AssetMaintenance::factory()->create();
31+
$assetMaintenanceC = AssetMaintenance::factory()->create();
32+
33+
$assetMaintenanceA->asset->update(['company_id' => $companyA->id]);
34+
$assetMaintenanceB->asset->update(['company_id' => $companyB->id]);
35+
$assetMaintenanceC->asset->update(['company_id' => $companyB->id]);
36+
37+
$superUser = $companyA->users()->save(User::factory()->superuser()->make());
38+
$userInCompanyA = $companyA->users()->save(User::factory()->editAssets()->make());
39+
$userInCompanyB = $companyB->users()->save(User::factory()->editAssets()->make());
40+
41+
$this->settings->enableMultipleFullCompanySupport();
42+
43+
$this->actingAsForApi($userInCompanyA)
44+
->deleteJson(route('api.maintenances.destroy', $assetMaintenanceB))
45+
->assertStatusMessageIs('error');
46+
47+
$this->actingAsForApi($userInCompanyB)
48+
->deleteJson(route('api.maintenances.destroy', $assetMaintenanceA))
49+
->assertStatusMessageIs('error');
50+
51+
$this->actingAsForApi($superUser)
52+
->deleteJson(route('api.maintenances.destroy', $assetMaintenanceC))
53+
->assertStatusMessageIs('success');
54+
55+
$this->assertNotSoftDeleted($assetMaintenanceA);
56+
$this->assertNotSoftDeleted($assetMaintenanceB);
57+
$this->assertSoftDeleted($assetMaintenanceC);
58+
}
59+
60+
public function testCanDeleteAssetMaintenance()
61+
{
62+
$assetMaintenance = AssetMaintenance::factory()->create();
63+
64+
$this->actingAsForApi(User::factory()->editAssets()->create())
65+
->deleteJson(route('api.maintenances.destroy', $assetMaintenance))
66+
->assertStatusMessageIs('success');
67+
68+
$this->assertSoftDeleted($assetMaintenance);
69+
}
70+
}

0 commit comments

Comments
 (0)