Add extensive controller and model tests
This commit is contained in:
209
tests/Feature/PostControllerTest.php
Normal file
209
tests/Feature/PostControllerTest.php
Normal file
@@ -0,0 +1,209 @@
|
||||
<?php
|
||||
|
||||
use App\Models\Forum;
|
||||
use App\Models\Post;
|
||||
use App\Models\PostThank;
|
||||
use App\Models\Role;
|
||||
use App\Models\Thread;
|
||||
use App\Models\User;
|
||||
use Laravel\Sanctum\Sanctum;
|
||||
|
||||
function makeThread(): Thread
|
||||
{
|
||||
$category = Forum::create([
|
||||
'name' => 'Category',
|
||||
'description' => null,
|
||||
'type' => 'category',
|
||||
'parent_id' => null,
|
||||
'position' => 1,
|
||||
]);
|
||||
|
||||
$forum = Forum::create([
|
||||
'name' => 'Forum',
|
||||
'description' => null,
|
||||
'type' => 'forum',
|
||||
'parent_id' => $category->id,
|
||||
'position' => 1,
|
||||
]);
|
||||
|
||||
return Thread::create([
|
||||
'forum_id' => $forum->id,
|
||||
'user_id' => null,
|
||||
'title' => 'Thread Title',
|
||||
'body' => 'Thread Body',
|
||||
]);
|
||||
}
|
||||
|
||||
it('creates a post in a thread', function (): void {
|
||||
$user = User::factory()->create();
|
||||
Sanctum::actingAs($user);
|
||||
|
||||
$thread = makeThread();
|
||||
|
||||
$response = $this->postJson('/api/posts', [
|
||||
'body' => 'First reply',
|
||||
'thread' => "/api/threads/{$thread->id}",
|
||||
]);
|
||||
|
||||
$response->assertStatus(201);
|
||||
$response->assertJsonFragment([
|
||||
'body' => 'First reply',
|
||||
'thread' => "/api/threads/{$thread->id}",
|
||||
]);
|
||||
|
||||
$this->assertDatabaseHas('posts', [
|
||||
'thread_id' => $thread->id,
|
||||
'user_id' => $user->id,
|
||||
'body' => 'First reply',
|
||||
]);
|
||||
});
|
||||
|
||||
it('validates required fields when creating posts', function (): void {
|
||||
$user = User::factory()->create();
|
||||
Sanctum::actingAs($user);
|
||||
|
||||
$response = $this->postJson('/api/posts', []);
|
||||
|
||||
$response->assertStatus(422);
|
||||
$response->assertJsonValidationErrors(['body', 'thread']);
|
||||
});
|
||||
|
||||
it('enforces post update permissions', function (): void {
|
||||
$thread = makeThread();
|
||||
$owner = User::factory()->create();
|
||||
$other = User::factory()->create();
|
||||
|
||||
$post = Post::create([
|
||||
'thread_id' => $thread->id,
|
||||
'user_id' => $owner->id,
|
||||
'body' => 'Original body',
|
||||
]);
|
||||
|
||||
Sanctum::actingAs($other);
|
||||
$response = $this->patchJson("/api/posts/{$post->id}", [
|
||||
'body' => 'Hacked body',
|
||||
]);
|
||||
|
||||
$response->assertStatus(403);
|
||||
|
||||
Sanctum::actingAs($owner);
|
||||
$response = $this->patchJson("/api/posts/{$post->id}", [
|
||||
'body' => 'Owner update',
|
||||
]);
|
||||
|
||||
$response->assertOk();
|
||||
$this->assertDatabaseHas('posts', [
|
||||
'id' => $post->id,
|
||||
'body' => 'Owner update',
|
||||
]);
|
||||
|
||||
$admin = User::factory()->create();
|
||||
$role = Role::create(['name' => 'ROLE_ADMIN', 'color' => '#111111']);
|
||||
$admin->roles()->attach($role);
|
||||
|
||||
Sanctum::actingAs($admin);
|
||||
$response = $this->patchJson("/api/posts/{$post->id}", [
|
||||
'body' => 'Admin update',
|
||||
]);
|
||||
|
||||
$response->assertOk();
|
||||
$this->assertDatabaseHas('posts', [
|
||||
'id' => $post->id,
|
||||
'body' => 'Admin update',
|
||||
]);
|
||||
});
|
||||
|
||||
it('requires authentication to update a post', function (): void {
|
||||
$thread = makeThread();
|
||||
$post = Post::create([
|
||||
'thread_id' => $thread->id,
|
||||
'user_id' => null,
|
||||
'body' => 'Original body',
|
||||
]);
|
||||
|
||||
$response = $this->patchJson("/api/posts/{$post->id}", [
|
||||
'body' => 'Updated body',
|
||||
]);
|
||||
|
||||
$response->assertStatus(401);
|
||||
});
|
||||
|
||||
it('deletes a post and tracks deleted_by', function (): void {
|
||||
$thread = makeThread();
|
||||
$user = User::factory()->create();
|
||||
|
||||
$post = Post::create([
|
||||
'thread_id' => $thread->id,
|
||||
'user_id' => $user->id,
|
||||
'body' => 'To be deleted',
|
||||
]);
|
||||
|
||||
Sanctum::actingAs($user);
|
||||
$response = $this->deleteJson("/api/posts/{$post->id}");
|
||||
|
||||
$response->assertStatus(204);
|
||||
|
||||
$this->assertSoftDeleted('posts', [
|
||||
'id' => $post->id,
|
||||
]);
|
||||
|
||||
$this->assertDatabaseHas('posts', [
|
||||
'id' => $post->id,
|
||||
'deleted_by' => $user->id,
|
||||
]);
|
||||
});
|
||||
|
||||
it('filters posts by thread', function (): void {
|
||||
$threadA = makeThread();
|
||||
$threadB = makeThread();
|
||||
|
||||
$postA = Post::create([
|
||||
'thread_id' => $threadA->id,
|
||||
'user_id' => null,
|
||||
'body' => 'Post A',
|
||||
]);
|
||||
|
||||
Post::create([
|
||||
'thread_id' => $threadB->id,
|
||||
'user_id' => null,
|
||||
'body' => 'Post B',
|
||||
]);
|
||||
|
||||
$response = $this->getJson("/api/posts?thread=/api/threads/{$threadA->id}");
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertJsonCount(1);
|
||||
$response->assertJsonFragment([
|
||||
'id' => $postA->id,
|
||||
'body' => 'Post A',
|
||||
]);
|
||||
});
|
||||
|
||||
it('allows users to thank and unthank posts', function (): void {
|
||||
$thread = makeThread();
|
||||
$author = User::factory()->create();
|
||||
$thanker = User::factory()->create();
|
||||
|
||||
$post = Post::create([
|
||||
'thread_id' => $thread->id,
|
||||
'user_id' => $author->id,
|
||||
'body' => 'Helpful answer',
|
||||
]);
|
||||
|
||||
Sanctum::actingAs($thanker);
|
||||
$response = $this->postJson("/api/posts/{$post->id}/thanks");
|
||||
|
||||
$response->assertStatus(201);
|
||||
$this->assertDatabaseHas('post_thanks', [
|
||||
'post_id' => $post->id,
|
||||
'user_id' => $thanker->id,
|
||||
]);
|
||||
|
||||
$response = $this->deleteJson("/api/posts/{$post->id}/thanks");
|
||||
|
||||
$response->assertStatus(204);
|
||||
$this->assertDatabaseMissing('post_thanks', [
|
||||
'post_id' => $post->id,
|
||||
'user_id' => $thanker->id,
|
||||
]);
|
||||
});
|
||||
Reference in New Issue
Block a user