131 lines
4.2 KiB
PHP
131 lines
4.2 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Models\Partner;
|
|
use App\Models\Product;
|
|
use App\Models\User;
|
|
use App\Policies\ProductPolicy;
|
|
use Spatie\Permission\Models\Permission;
|
|
use Spatie\Permission\Models\Role;
|
|
|
|
beforeEach(function () {
|
|
app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();
|
|
|
|
Role::create(['name' => 'Admin']);
|
|
Role::create(['name' => 'Retailer']);
|
|
Role::create(['name' => 'Manufacturer']);
|
|
Role::create(['name' => 'Customer']);
|
|
$permission = Permission::firstOrCreate(['name' => 'curate products']);
|
|
Role::findByName('Admin')->givePermissionTo($permission);
|
|
});
|
|
|
|
test('admin can view any product', function () {
|
|
$admin = User::factory()->create();
|
|
$admin->assignRole('Admin');
|
|
|
|
expect((new ProductPolicy)->viewAny($admin))->toBeTrue();
|
|
});
|
|
|
|
test('retailer can view any product', function () {
|
|
$retailer = User::factory()->create();
|
|
$retailer->assignRole('Retailer');
|
|
|
|
expect((new ProductPolicy)->viewAny($retailer))->toBeTrue();
|
|
});
|
|
|
|
test('customer cannot view any product in backend', function () {
|
|
$customer = User::factory()->create();
|
|
$customer->assignRole('Customer');
|
|
|
|
expect((new ProductPolicy)->viewAny($customer))->toBeFalse();
|
|
});
|
|
|
|
test('admin can view specific product', function () {
|
|
$admin = User::factory()->create();
|
|
$admin->assignRole('Admin');
|
|
$product = Product::factory()->create();
|
|
|
|
expect((new ProductPolicy)->view($admin, $product))->toBeTrue();
|
|
});
|
|
|
|
test('partner user can view own product', function () {
|
|
$partner = Partner::factory()->create();
|
|
$user = User::factory()->create(['partner_id' => $partner->id]);
|
|
$user->assignRole('Retailer');
|
|
$product = Product::factory()->create(['partner_id' => $partner->id]);
|
|
|
|
expect((new ProductPolicy)->view($user, $product))->toBeTrue();
|
|
});
|
|
|
|
test('partner user cannot view other partner product', function () {
|
|
$myPartner = Partner::factory()->create();
|
|
$otherPartner = Partner::factory()->create();
|
|
$user = User::factory()->create(['partner_id' => $myPartner->id]);
|
|
$user->assignRole('Retailer');
|
|
$product = Product::factory()->create(['partner_id' => $otherPartner->id]);
|
|
|
|
expect((new ProductPolicy)->view($user, $product))->toBeFalse();
|
|
});
|
|
|
|
test('retailer can create products', function () {
|
|
$retailer = User::factory()->create();
|
|
$retailer->assignRole('Retailer');
|
|
|
|
expect((new ProductPolicy)->create($retailer))->toBeTrue();
|
|
});
|
|
|
|
test('manufacturer can create products', function () {
|
|
$manufacturer = User::factory()->create();
|
|
$manufacturer->assignRole('Manufacturer');
|
|
|
|
expect((new ProductPolicy)->create($manufacturer))->toBeTrue();
|
|
});
|
|
|
|
test('customer cannot create products', function () {
|
|
$customer = User::factory()->create();
|
|
$customer->assignRole('Customer');
|
|
|
|
expect((new ProductPolicy)->create($customer))->toBeFalse();
|
|
});
|
|
|
|
test('admin can update any product', function () {
|
|
$admin = User::factory()->create();
|
|
$admin->assignRole('Admin');
|
|
$product = Product::factory()->create();
|
|
|
|
expect((new ProductPolicy)->update($admin, $product))->toBeTrue();
|
|
});
|
|
|
|
test('partner can update own product', function () {
|
|
$partner = Partner::factory()->create();
|
|
$user = User::factory()->create(['partner_id' => $partner->id]);
|
|
$user->assignRole('Retailer');
|
|
$product = Product::factory()->create(['partner_id' => $partner->id]);
|
|
|
|
expect((new ProductPolicy)->update($user, $product))->toBeTrue();
|
|
});
|
|
|
|
test('partner cannot update other partner product', function () {
|
|
$myPartner = Partner::factory()->create();
|
|
$otherPartner = Partner::factory()->create();
|
|
$user = User::factory()->create(['partner_id' => $myPartner->id]);
|
|
$user->assignRole('Retailer');
|
|
$product = Product::factory()->create(['partner_id' => $otherPartner->id]);
|
|
|
|
expect((new ProductPolicy)->update($user, $product))->toBeFalse();
|
|
});
|
|
|
|
test('admin can curate products', function () {
|
|
$admin = User::factory()->create();
|
|
$admin->assignRole('Admin');
|
|
|
|
expect((new ProductPolicy)->curate($admin))->toBeTrue();
|
|
});
|
|
|
|
test('retailer cannot curate products', function () {
|
|
$retailer = User::factory()->create();
|
|
$retailer->assignRole('Retailer');
|
|
|
|
expect((new ProductPolicy)->curate($retailer))->toBeFalse();
|
|
});
|