2FAuth/tests/Feature/Http/Auth/UserControllerTest.php

<?php

namespace Tests\Feature\Http\Auth;

use App\Facades\Settings;
use App\Models\Group;
use App\Models\TwoFAccount;
use App\Models\User;
use Illuminate\Support\Facades\Config;
use Tests\FeatureTestCase;

/**
 * @covers  \App\Http\Controllers\Auth\UserController
 * @covers  \App\Http\Middleware\RejectIfDemoMode
 */
class UserControllerTest extends FeatureTestCase
{
    /**
     * @var \App\Models\User|\Illuminate\Contracts\Auth\Authenticatable
     */
    protected $user;

    private const NEW_USERNAME = 'Jane DOE';

    private const NEW_EMAIL = 'janedoe@example.org';

    private const PASSWORD = 'password';

    /**
     * @test
     */
    public function setUp() : void
    {
        parent::setUp();

        $this->user = User::factory()->create();
    }

    /**
     * @test
     */
    public function test_update_user_returns_success()
    {
        $response = $this->actingAs($this->user, 'web-guard')
            ->json('PUT', '/user', [
                'name'     => self::NEW_USERNAME,
                'email'    => self::NEW_EMAIL,
                'password' => self::PASSWORD,
            ])
            ->assertOk()
            ->assertExactJson([
                'name'     => self::NEW_USERNAME,
                'id'       => $this->user->id,
                'email'    => self::NEW_EMAIL,
                'is_admin' => false,
            ]);

        $this->assertDatabaseHas('users', [
            'name'     => self::NEW_USERNAME,
            'id'       => $this->user->id,
            'email'    => self::NEW_EMAIL,
            'is_admin' => false,
        ]);
    }

    /**
     * @test
     */
    public function test_update_user_in_demo_mode_returns_unchanged_user()
    {
        Config::set('2fauth.config.isDemoApp', true);

        $name = $this->user->name;
        $email = $this->user->email;

        $response = $this->actingAs($this->user, 'web-guard')
            ->json('PUT', '/user', [
                'name'     => self::NEW_USERNAME,
                'email'    => self::NEW_EMAIL,
                'password' => self::PASSWORD,
            ])
            ->assertOk()
            ->assertExactJson([
                'name'     => $name,
                'id'       => $this->user->id,
                'email'    => $email,
                'is_admin' => $this->user->is_admin,
            ]);

        $this->assertDatabaseHas('users', [
            'name'     => $name,
            'id'       => $this->user->id,
            'email'    => $email,
        ]);
    }

    /**
     * @test
     */
    public function test_update_user_passing_wrong_password_returns_bad_request()
    {
        $response = $this->actingAs($this->user, 'web-guard')
            ->json('PUT', '/user', [
                'name'     => self::NEW_USERNAME,
                'email'    => self::NEW_EMAIL,
                'password' => 'wrongPassword',
            ])
            ->assertStatus(400);
    }

    /**
     * @test
     */
    public function test_update_user_with_invalid_data_returns_validation_error()
    {
        $response = $this->actingAs($this->user, 'web-guard')
            ->json('PUT', '/user', [
                'name'     => '',
                'email'    => '',
                'password' => self::PASSWORD,
            ])
            ->assertStatus(422);
    }

    /**
     * @test
     */
    public function test_delete_user_returns_success()
    {
        TwoFAccount::factory()->for($this->user)->create();
        Group::factory()->for($this->user)->create();

        $admin = User::factory()->administrator()->create();
        $this->assertDatabaseCount('users', 2);

        $this->actingAs($this->user, 'web-guard')
            ->json('DELETE', '/user', [
                'password' => self::PASSWORD,
            ])
            ->assertNoContent();

        $this->assertDatabaseMissing('users', [
            'id' => $this->user->id,
        ]);
        $this->assertDatabaseHas('users', [
            'id' => $admin->id,
        ]);
        $this->assertDatabaseCount('users', 1);
        $this->assertDatabaseMissing('twofaccounts', [
            'user_id' => $this->user->id,
        ]);
        $this->assertDatabaseMissing('groups', [
            'user_id' => $this->user->id,
        ]);
        $this->assertDatabaseMissing('webauthn_credentials', [
            'authenticatable_id' => $this->user->id,
        ]);
        $this->assertDatabaseMissing('webauthn_recoveries', [
            'email' => $this->user->email,
        ]);
        $this->assertDatabaseMissing('oauth_access_tokens', [
            'user_id' => $this->user->id,
        ]);
        $this->assertDatabaseMissing('password_resets', [
            'email' => $this->user->email,
        ]);
    }

    /**
     * @test
     */
    public function test_delete_user_in_demo_mode_returns_unauthorized()
    {
        Config::set('2fauth.config.isDemoApp', true);

        $response = $this->actingAs($this->user, 'web-guard')
            ->json('DELETE', '/user', [
                'password' => self::PASSWORD,
            ])
            ->assertUnauthorized()
            ->assertJsonStructure([
                'message',
            ]);

        $this->assertDatabaseHas('users', [
            'id' => $this->user->id,
        ]);
    }

    /**
     * @test
     */
    public function test_delete_user_passing_wrong_password_returns_bad_request()
    {
        $response = $this->actingAs($this->user, 'web-guard')
            ->json('DELETE', '/user', [
                'password' => 'wrongPassword',
            ])
            ->assertStatus(400);

        $this->assertDatabaseHas('users', [
            'id' => $this->user->id,
        ]);
    }

    /**
     * @test
     */
    public function test_delete_the_only_admin_returns_bad_request()
    {
        /**
         * @var \App\Models\User|\Illuminate\Contracts\Auth\Authenticatable
         */
        $admin = User::factory()->administrator()->create();

        $this->assertDatabaseCount('users', 2);
        $this->assertEquals(1, User::admins()->count());

        $response = $this->actingAs($admin, 'web-guard')
            ->json('DELETE', '/user', [
                'password' => self::PASSWORD,
            ])
            ->assertStatus(400);

        $this->assertDatabaseHas('users', [
            'id' => $admin->id,
        ]);
    }
}
Fix and complete tests 2022-03-31 08:38:35 +02:00			`<?php`

Fix some tests namespaces 2022-03-31 12:09:25 +02:00			`namespace Tests\Feature\Http\Auth;`
Fix and complete tests 2022-03-31 08:38:35 +02:00
Set SettingService behind a Facade 2022-07-30 17:51:02 +02:00			`use App\Facades\Settings;`
Update Feature tests 2023-03-10 16:03:42 +01:00			`use App\Models\Group;`
			`use App\Models\TwoFAccount;`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`use App\Models\User;`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`use Illuminate\Support\Facades\Config;`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`use Tests\FeatureTestCase;`
Fix and complete tests 2022-03-31 08:38:35 +02:00
Update tests & minor fixes 2022-12-09 10:52:17 +01:00			`/**`
			`* @covers \App\Http\Controllers\Auth\UserController`
			`* @covers \App\Http\Middleware\RejectIfDemoMode`
			`*/`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`class UserControllerTest extends FeatureTestCase`
			`{`
			`/**`
Update Feature tests 2023-03-10 16:03:42 +01:00			`* @var \App\Models\User\|\Illuminate\Contracts\Auth\Authenticatable`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`*/`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`protected $user;`

			`private const NEW_USERNAME = 'Jane DOE';`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00
Fix and complete tests 2022-03-31 08:38:35 +02:00			`private const NEW_EMAIL = 'janedoe@example.org';`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00
			`private const PASSWORD = 'password';`
Fix and complete tests 2022-03-31 08:38:35 +02:00
			`/**`
			`* @test`
			`*/`
Apply Laravel Pint fixes 2022-12-13 12:07:29 +01:00			`public function setUp() : void`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`{`
			`parent::setUp();`

			`$this->user = User::factory()->create();`
			`}`

			`/**`
			`* @test`
			`*/`
			`public function test_update_user_returns_success()`
			`{`
			`$response = $this->actingAs($this->user, 'web-guard')`
			`->json('PUT', '/user', [`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`'name' => self::NEW_USERNAME,`
			`'email' => self::NEW_EMAIL,`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`'password' => self::PASSWORD,`
			`])`
			`->assertOk()`
			`->assertExactJson([`
Update Feature tests 2023-03-10 16:03:42 +01:00			`'name' => self::NEW_USERNAME,`
			`'id' => $this->user->id,`
			`'email' => self::NEW_EMAIL,`
			`'is_admin' => false,`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`]);`
Update Feature tests 2023-03-10 16:03:42 +01:00
			`$this->assertDatabaseHas('users', [`
			`'name' => self::NEW_USERNAME,`
			`'id' => $this->user->id,`
			`'email' => self::NEW_EMAIL,`
			`'is_admin' => false,`
			`]);`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`}`

			`/**`
			`* @test`
			`*/`
			`public function test_update_user_in_demo_mode_returns_unchanged_user()`
			`{`
Remove invalid calls to the Settings facade 2023-03-15 16:26:32 +01:00			`Config::set('2fauth.config.isDemoApp', true);`

			`$name = $this->user->name;`
			`$email = $this->user->email;`
Fix and complete tests 2022-03-31 08:38:35 +02:00
			`$response = $this->actingAs($this->user, 'web-guard')`
			`->json('PUT', '/user', [`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`'name' => self::NEW_USERNAME,`
			`'email' => self::NEW_EMAIL,`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`'password' => self::PASSWORD,`
			`])`
			`->assertOk()`
			`->assertExactJson([`
Remove invalid calls to the Settings facade 2023-03-15 16:26:32 +01:00			`'name' => $name,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`'id' => $this->user->id,`
Remove invalid calls to the Settings facade 2023-03-15 16:26:32 +01:00			`'email' => $email,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`'is_admin' => $this->user->is_admin,`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`]);`
Update Feature tests 2023-03-10 16:03:42 +01:00
			`$this->assertDatabaseHas('users', [`
Remove invalid calls to the Settings facade 2023-03-15 16:26:32 +01:00			`'name' => $name,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`'id' => $this->user->id,`
Remove invalid calls to the Settings facade 2023-03-15 16:26:32 +01:00			`'email' => $email,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`}`

			`/**`
			`* @test`
			`*/`
			`public function test_update_user_passing_wrong_password_returns_bad_request()`
			`{`
			`$response = $this->actingAs($this->user, 'web-guard')`
			`->json('PUT', '/user', [`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`'name' => self::NEW_USERNAME,`
			`'email' => self::NEW_EMAIL,`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`'password' => 'wrongPassword',`
			`])`
			`->assertStatus(400);`
			`}`

			`/**`
			`* @test`
			`*/`
			`public function test_update_user_with_invalid_data_returns_validation_error()`
			`{`
			`$response = $this->actingAs($this->user, 'web-guard')`
			`->json('PUT', '/user', [`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`'name' => '',`
			`'email' => '',`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`'password' => self::PASSWORD,`
			`])`
			`->assertStatus(422);`
			`}`

			`/**`
			`* @test`
			`*/`
			`public function test_delete_user_returns_success()`
			`{`
Update Feature tests 2023-03-10 16:03:42 +01:00			`TwoFAccount::factory()->for($this->user)->create();`
			`Group::factory()->for($this->user)->create();`

			`$admin = User::factory()->administrator()->create();`
			`$this->assertDatabaseCount('users', 2);`

			`$this->actingAs($this->user, 'web-guard')`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`->json('DELETE', '/user', [`
			`'password' => self::PASSWORD,`
			`])`
			`->assertNoContent();`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00
Update Feature tests 2023-03-10 16:03:42 +01:00			`$this->assertDatabaseMissing('users', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'id' => $this->user->id,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
			`$this->assertDatabaseHas('users', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'id' => $admin->id,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
			`$this->assertDatabaseCount('users', 1);`
			`$this->assertDatabaseMissing('twofaccounts', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'user_id' => $this->user->id,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
			`$this->assertDatabaseMissing('groups', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'user_id' => $this->user->id,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
			`$this->assertDatabaseMissing('webauthn_credentials', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'authenticatable_id' => $this->user->id,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
			`$this->assertDatabaseMissing('webauthn_recoveries', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'email' => $this->user->email,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
			`$this->assertDatabaseMissing('oauth_access_tokens', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'user_id' => $this->user->id,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
			`$this->assertDatabaseMissing('password_resets', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'email' => $this->user->email,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`}`

			`/**`
			`* @test`
			`*/`
			`public function test_delete_user_in_demo_mode_returns_unauthorized()`
			`{`
			`Config::set('2fauth.config.isDemoApp', true);`

			`$response = $this->actingAs($this->user, 'web-guard')`
			`->json('DELETE', '/user', [`
			`'password' => self::PASSWORD,`
			`])`
			`->assertUnauthorized()`
			`->assertJsonStructure([`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`'message',`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`]);`
Update Feature tests 2023-03-10 16:03:42 +01:00
			`$this->assertDatabaseHas('users', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'id' => $this->user->id,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`}`

			`/**`
			`* @test`
			`*/`
			`public function test_delete_user_passing_wrong_password_returns_bad_request()`
			`{`
			`$response = $this->actingAs($this->user, 'web-guard')`
			`->json('DELETE', '/user', [`
			`'password' => 'wrongPassword',`
			`])`
			`->assertStatus(400);`
Update Feature tests 2023-03-10 16:03:42 +01:00
			`$this->assertDatabaseHas('users', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'id' => $this->user->id,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
			`}`

			`/**`
			`* @test`
			`*/`
			`public function test_delete_the_only_admin_returns_bad_request()`
			`{`
			`/**`
			`* @var \App\Models\User\|\Illuminate\Contracts\Auth\Authenticatable`
			`*/`
			`$admin = User::factory()->administrator()->create();`

			`$this->assertDatabaseCount('users', 2);`
			`$this->assertEquals(1, User::admins()->count());`

			`$response = $this->actingAs($admin, 'web-guard')`
			`->json('DELETE', '/user', [`
			`'password' => self::PASSWORD,`
			`])`
			`->assertStatus(400);`

			`$this->assertDatabaseHas('users', [`
Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00			`'id' => $admin->id,`
Update Feature tests 2023-03-10 16:03:42 +01:00			`]);`
Fix and complete tests 2022-03-31 08:38:35 +02:00			`}`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`}`