From b2f0e04e78a00aa86b9828555984d9c25431ceac Mon Sep 17 00:00:00 2001 From: David Bomba Date: Sat, 12 Aug 2023 12:40:41 +1000 Subject: [PATCH 1/3] Fixes for tests --- tests/Feature/UserTest.php | 63 ++++++++++++++++++++++++++++++++++---- 1 file changed, 57 insertions(+), 6 deletions(-) diff --git a/tests/Feature/UserTest.php b/tests/Feature/UserTest.php index b79644f586a7..083dc0a58c24 100644 --- a/tests/Feature/UserTest.php +++ b/tests/Feature/UserTest.php @@ -38,6 +38,8 @@ class UserTest extends TestCase private $default_email = 'attach@gmail.com'; + public $faker; + protected function setUp() :void { parent::setUp(); @@ -50,7 +52,7 @@ class UserTest extends TestCase Model::reguard(); - $this->withoutExceptionHandling(); + // $this->withoutExceptionHandling(); $this->withoutMiddleware( ThrottleRequests::class, @@ -58,10 +60,9 @@ class UserTest extends TestCase ); } - public function testUserAttemptingtToDeleteThemselves() + private function mockAccout() { - $account = Account::factory()->create([ 'hosted_client_count' => 1000, 'hosted_company_count' => 1000, @@ -102,17 +103,67 @@ class UserTest extends TestCase $company_token->token = $token; $company_token->is_system = true; + + } + + public function testUserAttemptingtToDeleteThemselves() + { + + $account = Account::factory()->create([ + 'hosted_client_count' => 1000, + 'hosted_company_count' => 1000, + ]); + + $account->num_users = 3; + $account->save(); + + $user = User::factory()->create([ + 'account_id' => $this->account->id, + 'confirmation_code' => 'xyz123', + 'email' => $this->faker->unique()->safeEmail(), + 'password' => \Illuminate\Support\Facades\Hash::make('ALongAndBriliantPassword'), + ]); + + $settings = CompanySettings::defaults(); + $settings->client_online_payment_notification = false; + $settings->client_manual_payment_notification = false; + + $company = Company::factory()->create([ + 'account_id' => $account->id, + 'settings' => $settings, + ]); + + + $cu = CompanyUserFactory::create($user->id, $company->id, $account->id); + $cu->is_owner = true; + $cu->is_admin = true; + $cu->is_locked = false; + $cu->save(); + + $token = \Illuminate\Support\Str::random(64); + + $company_token = new CompanyToken(); + $company_token->user_id = $user->id; + $company_token->company_id = $company->id; + $company_token->account_id = $account->id; + $company_token->name = 'test token'; + $company_token->token = $token; + $company_token->is_system = true; + $company_token->save(); + $data = [ 'ids' => [$user->hashed_id], - ]; + ]; $response = $this->withHeaders([ 'X-API-SECRET' => config('ninja.api_secret'), 'X-API-TOKEN' => $token, 'X-API-PASSWORD' => 'ALongAndBriliantPassword', - ])->postJson('/api/v1/users/bulk?action=dete', $data) - ->assertStatus(403); + ])->postJson('/api/v1/users/bulk?action=delete', $data); + nlog($response); + + $response->assertStatus(401); } From a847bdb0edd52fc068256141b7bf894f3dce3daf Mon Sep 17 00:00:00 2001 From: David Bomba Date: Sat, 12 Aug 2023 12:46:46 +1000 Subject: [PATCH 2/3] Fixes for tests --- tests/Feature/UserTest.php | 65 +++++++++++++++++++++++++++++++++++++- 1 file changed, 64 insertions(+), 1 deletion(-) diff --git a/tests/Feature/UserTest.php b/tests/Feature/UserTest.php index 083dc0a58c24..595195ce6f7f 100644 --- a/tests/Feature/UserTest.php +++ b/tests/Feature/UserTest.php @@ -60,7 +60,7 @@ class UserTest extends TestCase ); } - private function mockAccout() + private function mockAccount() { $account = Account::factory()->create([ @@ -75,6 +75,7 @@ class UserTest extends TestCase 'account_id' => $this->account->id, 'confirmation_code' => 'xyz123', 'email' => $this->faker->unique()->safeEmail(), + 'password' => \Illuminate\Support\Facades\Hash::make('ALongAndBriliantPassword'), ]); $settings = CompanySettings::defaults(); @@ -102,6 +103,68 @@ class UserTest extends TestCase $company_token->name = 'test token'; $company_token->token = $token; $company_token->is_system = true; + $company_token->save(); + + return $company_token; + + } + + public function testUserResponse() + { + $company_token = $this->mockAccount(); + + $data = [ + 'first_name' => 'hey', + 'last_name' => 'you', + 'email' => 'normal_user@gmail.com', + 'company_user' => [ + 'is_admin' => true, + 'is_owner' => false, + 'permissions' => 'create_client,create_invoice', + ], + 'phone' => null, + ]; + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $company_token->token, + 'X-API-PASSWORD' => 'ALongAndBriliantPassword', + ])->post('/api/v1/users?include=company_user', $data); + + $response->assertStatus(200); + + $user = $response->json(); + $user_id = $user['data']['id']; + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $company_token->token, + 'X-API-PASSWORD' => 'ALongAndBriliantPassword', + ])->get('/api/v1/users', $data); + + + $response->assertStatus(200); + $arr = $response->json(); + + $this->assertCount(2, $arr['data']); + + //archive the user we just created: + + $data = [ + 'action' => 'archive', + 'ids' => [$user_id], + ]; + + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $company_token->token, + 'X-API-PASSWORD' => 'ALongAndBriliantPassword', + ])->postJson('/api/v1/users/bulk', $data); + + $response->assertStatus(200); + + $this->assertCount(1, $response->json()['data']); } From 0f931fe1a8fdc0309374a165b6548674a113b783 Mon Sep 17 00:00:00 2001 From: David Bomba Date: Sat, 12 Aug 2023 16:21:06 +1000 Subject: [PATCH 3/3] Tests for users --- app/Filters/UserFilters.php | 3 +- tests/Feature/UserTest.php | 60 +++++++++++++++++++++++++++++-------- 2 files changed, 48 insertions(+), 15 deletions(-) diff --git a/app/Filters/UserFilters.php b/app/Filters/UserFilters.php index 12a26d27a6cf..3989ec7450ed 100644 --- a/app/Filters/UserFilters.php +++ b/app/Filters/UserFilters.php @@ -127,8 +127,7 @@ class UserFilters extends QueryFilters $user_array = $this->transformKeys(explode(',', $user_id)); return $this->builder->where(function ($query) use ($user_array) { - $query->whereNotIn('id', $user_array) - ->where('account_id', auth()->user()->account_id); + $query->whereNotIn('id', $user_array); }); } } diff --git a/tests/Feature/UserTest.php b/tests/Feature/UserTest.php index 595195ce6f7f..4872dd7478a3 100644 --- a/tests/Feature/UserTest.php +++ b/tests/Feature/UserTest.php @@ -142,29 +142,63 @@ class UserTest extends TestCase 'X-API-PASSWORD' => 'ALongAndBriliantPassword', ])->get('/api/v1/users', $data); - $response->assertStatus(200); $arr = $response->json(); $this->assertCount(2, $arr['data']); - //archive the user we just created: + //archive the user we just created: - $data = [ - 'action' => 'archive', - 'ids' => [$user_id], - ]; + $data = [ + 'action' => 'archive', + 'ids' => [$user_id], + ]; + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $company_token->token, + 'X-API-PASSWORD' => 'ALongAndBriliantPassword', + ])->postJson('/api/v1/users/bulk', $data); - $response = $this->withHeaders([ - 'X-API-SECRET' => config('ninja.api_secret'), - 'X-API-TOKEN' => $company_token->token, - 'X-API-PASSWORD' => 'ALongAndBriliantPassword', - ])->postJson('/api/v1/users/bulk', $data); + $response->assertStatus(200); - $response->assertStatus(200); + $this->assertCount(1, $response->json()['data']); - $this->assertCount(1, $response->json()['data']); + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $company_token->token, + 'X-API-PASSWORD' => 'ALongAndBriliantPassword', + ])->get("/api/v1/users?without={$company_token->user->hashed_id}"); + + $response->assertStatus(200); + $this->assertCount(1, $response->json()['data']); + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $company_token->token, + 'X-API-PASSWORD' => 'ALongAndBriliantPassword', + ])->get("/api/v1/users?without={$company_token->user->hashed_id}&status=active"); + + $response->assertStatus(200); + $this->assertCount(0, $response->json()['data']); + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $company_token->token, + 'X-API-PASSWORD' => 'ALongAndBriliantPassword', + ])->get("/api/v1/users?without={$company_token->user->hashed_id}&status=archived"); + + $response->assertStatus(200); + $this->assertCount(1, $response->json()['data']); + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $company_token->token, + 'X-API-PASSWORD' => 'ALongAndBriliantPassword', + ])->get("/api/v1/users?without={$company_token->user->hashed_id}&status=deleted"); + + $response->assertStatus(200); + $this->assertCount(0, $response->json()['data']); }