mirror of
https://github.com/solidtime-io/solidtime.git
synced 2026-06-15 05:22:44 +01:00
175 lines
5.6 KiB
PHP
175 lines
5.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Tests\Unit\Endpoint\Web;
|
|
|
|
use App\Http\Controllers\Web\OrganizationController;
|
|
use App\Models\Organization;
|
|
use App\Models\OrganizationInvitation;
|
|
use App\Models\User;
|
|
use Inertia\Testing\AssertableInertia as Assert;
|
|
use PHPUnit\Framework\Attributes\CoversClass;
|
|
|
|
#[CoversClass(OrganizationController::class)]
|
|
class OrganizationEndpointTest extends EndpointTestAbstract
|
|
{
|
|
public function test_organization_create_succeeds(): void
|
|
{
|
|
// Arrange
|
|
$user = User::factory()->withPersonalOrganization()->create();
|
|
$this->actingAs($user);
|
|
|
|
// Act
|
|
$response = $this->get(route('organizations.create'));
|
|
|
|
// Assert
|
|
$response->assertOk();
|
|
$response->assertInertia(fn (Assert $page) => $page
|
|
->component('Teams/Create')
|
|
);
|
|
}
|
|
|
|
public function test_legacy_teams_create_redirects_to_new_organization_create(): void
|
|
{
|
|
// Arrange
|
|
$user = User::factory()->withPersonalOrganization()->create();
|
|
$this->actingAs($user);
|
|
|
|
// Act
|
|
$response = $this->get(route('teams.create'));
|
|
|
|
// Assert
|
|
$response->assertRedirect(route('organizations.create'));
|
|
}
|
|
|
|
public function test_organization_show_succeeds(): void
|
|
{
|
|
// Arrange
|
|
$data = $this->createUserWithPermission([
|
|
'organizations:view',
|
|
]);
|
|
$this->actingAs($data->user);
|
|
|
|
// Act
|
|
$response = $this->get(route('organizations.show', [$data->organization->getKey()]));
|
|
|
|
// Assert
|
|
$response->assertOk();
|
|
$response->assertInertia(fn (Assert $page) => $page
|
|
->component('Teams/Show')
|
|
->where('team.id', $data->organization->getKey())
|
|
->where('team.name', $data->organization->name)
|
|
->where('team.currency', $data->organization->currency)
|
|
->where('team.owner.id', $data->owner->getKey())
|
|
->where('team.owner.name', $data->owner->name)
|
|
->has('team.owner.profile_photo_url')
|
|
->has('currencies')
|
|
->where('availableRoles', [])
|
|
->where('availablePermissions', [])
|
|
->where('defaultPermissions', [])
|
|
->where('permissions.canAddTeamMembers', true)
|
|
->where('permissions.canDeleteTeam', true)
|
|
->where('permissions.canRemoveTeamMembers', true)
|
|
->where('permissions.canUpdateTeam', true)
|
|
->where('permissions.canUpdateTeamMembers', true)
|
|
);
|
|
}
|
|
|
|
public function test_legacy_team_show_redirects_to_organization_show(): void
|
|
{
|
|
// Arrange
|
|
$data = $this->createUserWithPermission([
|
|
'organizations:view',
|
|
]);
|
|
$this->actingAs($data->user);
|
|
|
|
// Act
|
|
$response = $this->get(route('teams.show', [$data->organization->getKey()]));
|
|
|
|
// Assert
|
|
$response->assertRedirect(route('organizations.show', [$data->organization->getKey()]));
|
|
}
|
|
|
|
public function test_team_show_redirects_to_dashboard_for_invalid_organization_id(): void
|
|
{
|
|
// Arrange
|
|
$user = User::factory()->withPersonalOrganization()->create();
|
|
$this->actingAs($user);
|
|
|
|
// Act
|
|
$response = $this->get(route('organizations.show', ['not-a-uuid']));
|
|
|
|
// Assert
|
|
$response->assertRedirect(route('dashboard'));
|
|
}
|
|
|
|
public function test_organization_show_redirects_to_dashboard_for_unknown_organization_id(): void
|
|
{
|
|
// Arrange
|
|
$user = User::factory()->withPersonalOrganization()->create();
|
|
$this->actingAs($user);
|
|
|
|
// Act
|
|
$response = $this->get(route('organizations.show', ['00000000-0000-4000-8000-000000000000']));
|
|
|
|
// Assert
|
|
$response->assertRedirect(route('dashboard'));
|
|
}
|
|
|
|
public function test_organization_show_redirects_to_dashboard_without_organization_view_permission(): void
|
|
{
|
|
// Arrange
|
|
$data = $this->createUserWithPermission();
|
|
$this->actingAs($data->user);
|
|
|
|
// Act
|
|
$response = $this->get(route('organizations.show', [$data->organization->getKey()]));
|
|
|
|
// Assert
|
|
$response->assertRedirect(route('dashboard'));
|
|
}
|
|
|
|
public function test_organization_show_redirects_to_dashboard_for_organization_outside_user_memberships(): void
|
|
{
|
|
// Arrange
|
|
$data = $this->createUserWithPermission([
|
|
'organizations:view',
|
|
]);
|
|
$otherOrganization = Organization::factory()->create();
|
|
$this->actingAs($data->user);
|
|
|
|
// Act
|
|
$response = $this->get(route('organizations.show', [$otherOrganization->getKey()]));
|
|
|
|
// Assert
|
|
$response->assertRedirect(route('dashboard'));
|
|
}
|
|
|
|
public function test_organization_show_does_not_expose_member_roster_invitations_or_owner_email(): void
|
|
{
|
|
// Arrange
|
|
$data = $this->createUserWithPermission([
|
|
'organizations:view',
|
|
]);
|
|
OrganizationInvitation::factory()->forOrganization($data->organization)->create([
|
|
'email' => 'pending@example.com',
|
|
]);
|
|
$this->actingAs($data->user);
|
|
|
|
// Act
|
|
$response = $this->get(route('organizations.show', [$data->organization->getKey()]));
|
|
|
|
// Assert
|
|
$response->assertOk();
|
|
$response->assertInertia(fn (Assert $page) => $page
|
|
->missing('team.users')
|
|
->missing('team.team_invitations')
|
|
->missing('team.owner.email')
|
|
->has('team.owner.id')
|
|
->has('team.owner.name')
|
|
->has('team.owner.profile_photo_url')
|
|
);
|
|
}
|
|
}
|