From 396d4dc53598bf5185f58dc348949218255c105e Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Tue, 24 Jul 2018 22:40:38 +1000
Subject: [PATCH] Update PermissionsCest.php

---
 tests/functional/PermissionsCest.php | 121 ++++++++++++++++++++++++++-
 1 file changed, 120 insertions(+), 1 deletion(-)

diff --git a/tests/functional/PermissionsCest.php b/tests/functional/PermissionsCest.php
index d7d631b2826a..ef293bee485d 100644
--- a/tests/functional/PermissionsCest.php
+++ b/tests/functional/PermissionsCest.php
@@ -288,4 +288,123 @@ class PermissionsCest
         $I->seeResponseCodeIs(403);
     }
 
-}
\ No newline at end of file
+
+    /****
+     *  Test the edge case with Invoice and Quote Permissions
+     */
+
+    public function setQuoteOnlyPermissions(FunctionalTester $I)
+    {
+        $I->wantTo('create a quote view only permission user');
+
+        $permissions = [];
+
+        array_push($permissions, 'view_quote');
+        array_push($permissions, 'edit_quote');
+        array_push($permissions, 'create_quote');
+
+        $I->updateInDatabase('users',
+            ['is_admin' => 0,
+                'permissions' => json_encode(array_diff(array_values($permissions),[0]))
+            ],
+            ['email' => Fixtures::get('permissions_username')]
+        );
+    }
+
+    public function testCreateInvoice(FunctionalTester $I)
+    {
+        $I->amOnPage('/invoices/create');
+        $I->seeResponseCodeIs(403);
+    }
+
+
+    /*
+     * 
+
+    public function testViewInvoice(FunctionalTester $I)
+    {
+        $I->amOnPage('/invoices/1');
+        $I->seeResponseCodeIs(403);
+    }
+
+    public function testEditInvoice(FunctionalTester $I)
+    {
+        $I->amOnPage('/invoices/11/edit');
+        $I->seeResponseCodeIs(403);
+    }
+
+    */
+
+    public function testCreateQuote(FunctionalTester $I)
+    {
+        $I->amOnPage('/quotes/create');
+        $I->seeResponseCodeIs(200);
+    }
+
+    public function testEditQuote(FunctionalTester $I)
+    {
+        $I->amOnPage('/quotes/1/edit');
+        $I->seeResponseCodeIs(200);
+    }
+
+    public function testViewQuote(FunctionalTester $I)
+    {
+        $I->amOnPage('/quotes/1');
+        $I->seeResponseCodeIs(200);
+    }
+
+    public function setInvoiceOnlyPermissions(FunctionalTester $I)
+    {
+        $I->wantTo('create a invoice view only permission user');
+
+        $permissions = [];
+
+        array_push($permissions, 'view_invoice');
+        array_push($permissions, 'edit_invoice');
+        array_push($permissions, 'create_invoice');
+
+        $I->updateInDatabase('users',
+            ['is_admin' => 0,
+                'permissions' => json_encode(array_diff(array_values($permissions),[0]))
+            ],
+            ['email' => Fixtures::get('permissions_username')]
+        );
+    }
+
+
+    public function testCreateInvoiceOnly(FunctionalTester $I)
+    {
+        $I->amOnPage('/invoices/create');
+        $I->seeResponseCodeIs(200);
+    }
+
+    public function testViewInvoiceOnly(FunctionalTester $I)
+    {
+        $I->amOnPage('/invoices/1');
+        $I->seeResponseCodeIs(200);
+    }
+
+    public function testEditInvoiceOnly(FunctionalTester $I)
+    {
+        $I->amOnPage('/invoices/1/edit');
+        $I->seeResponseCodeIs(200);
+    }
+
+    public function testCreateQuoteOnly(FunctionalTester $I)
+    {
+        $I->amOnPage('/quotes/create');
+        $I->seeResponseCodeIs(403);
+    }
+
+    public function testEditQuoteOnly(FunctionalTester $I)
+    {
+        $I->amOnPage('/quotes/1/edit');
+        $I->seeResponseCodeIs(403);
+    }
+
+    public function testViewQuoteOnly(FunctionalTester $I)
+    {
+        $I->amOnPage('/quotes/1');
+        $I->seeResponseCodeIs(403);
+    }
+}