odon
/
free-pmo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Add JobPolicy object with tests and update Project Policy with tests

pull/6/head
Nafies Luthfi 8 years ago
parent
2c7c4a653d
commit
569ca3b49a
5 changed files with 188 additions and 15 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 72
      app/Policies/Projects/JobPolicy.php
  2. 6
      app/Policies/Projects/ProjectPolicy.php
  3. 1
      app/Providers/AuthServiceProvider.php
  4. 74
      tests/Unit/Policies/JobPolicyTest.php
  5. 50
      tests/Unit/Policies/ProjectPolicyTest.php

72
app/Policies/Projects/JobPolicy.php
View File

@ -0,0 +1,72 @@
<?php
namespace App\Policies\Projects;
use App\Entities\Projects\Job;
use App\Entities\Users\User;
use Illuminate\Auth\Access\HandlesAuthorization;
/**
* Job model policy class.
*
* @author Nafies Luthfi <nafiesL@gmail.com>
*/
class JobPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view the job.
*
* @param \App\Entities\Users\User $user
* @param \App\Entities\Projects\Job $job
*
* @return mixed
*/
public function view(User $user, Job $job)
{
// User can only view the job if he is the job's agency owner.
return true;
}
/**
* Determine whether the user can create jobs.
*
* @param \App\Entities\Users\User $user
* @param \App\Entities\Projects\Job $job
*
* @return mixed
*/
public function create(User $user, Job $job)
{
// User can create a job if they owns an agency.
return $user->hasRole('admin');
}
/**
* Determine whether the user can update the job.
*
* @param \App\Entities\Users\User $user
* @param \App\Entities\Projects\Job $job
*
* @return mixed
*/
public function update(User $user, Job $job)
{
return $user->hasRole('admin')
|| ($user->hasRole('worker') && $job->worker_id == $user->id);
}
/**
* Determine whether the user can delete the job.
*
* @param \App\Entities\Users\User $user
* @param \App\Entities\Projects\Job $job
*
* @return mixed
*/
public function delete(User $user, Job $job)
{
return $user->hasRole('admin');
}
}

6
app/Policies/Projects/ProjectPolicy.php
View File

@ -40,7 +40,7 @@ class ProjectPolicy
public function create(User $user, Project $project) public function create(User $user, Project $project)
{ {
// User can create a project if they owns an agency. // User can create a project if they owns an agency.
return true;
return $user->hasRole('admin');
} }
/** /**
@ -53,7 +53,7 @@ class ProjectPolicy
*/ */
public function update(User $user, Project $project) public function update(User $user, Project $project)
{ {
return $this->view($user, $project);
return $user->hasRole('admin');
} }
/** /**
@ -66,6 +66,6 @@ class ProjectPolicy
*/ */
public function delete(User $user, Project $project) public function delete(User $user, Project $project)
{ {
return $this->view($user, $project);
return $user->hasRole('admin');
} }
} }

1
app/Providers/AuthServiceProvider.php
View File

@ -16,6 +16,7 @@ class AuthServiceProvider extends ServiceProvider
'App\Entities\Partners\Vendor' => 'App\Policies\Partners\VendorPolicy', 'App\Entities\Partners\Vendor' => 'App\Policies\Partners\VendorPolicy',
'App\Entities\Partners\Customer' => 'App\Policies\Partners\CustomerPolicy', 'App\Entities\Partners\Customer' => 'App\Policies\Partners\CustomerPolicy',
'App\Entities\Projects\Project' => 'App\Policies\Projects\ProjectPolicy', 'App\Entities\Projects\Project' => 'App\Policies\Projects\ProjectPolicy',
'App\Entities\Projects\Job' => 'App\Policies\Projects\JobPolicy',
'App\Entities\Users\User' => 'App\Policies\UserPolicy', 'App\Entities\Users\User' => 'App\Policies\UserPolicy',
'App\Entities\Users\Event' => 'App\Policies\EventPolicy', 'App\Entities\Users\Event' => 'App\Policies\EventPolicy',
]; ];

74
tests/Unit/Policies/JobPolicyTest.php
View File

@ -0,0 +1,74 @@
<?php
namespace Tests\Unit\Policies;
use App\Entities\Projects\Job;
use Tests\TestCase as TestCase;
class JobPolicyTest extends TestCase
{
/** @test */
public function an_admin_can_create_job_on_a_project()
{
$admin = $this->createUser('admin');
$this->assertTrue($admin->can('create', new Job()));
}
/** @test */
public function a_worker_cannot_create_job_on_a_project()
{
$worker = $this->createUser('worker');
$this->assertFalse($worker->can('create', new Job()));
}
/** @test */
public function an_admin_can_view_job_on_a_project()
{
$admin = $this->createUser('admin');
$job = factory(Job::class)->create();
$this->assertTrue($admin->can('view', $job));
}
/** @test */
public function an_admin_can_update_job()
{
$admin = $this->createUser('admin');
$job = factory(Job::class)->create();
$this->assertTrue($admin->can('update', $job));
}
/** @test */
public function a_worker_can_only_update_job_that_assigned_to_them()
{
$assignedWorker = $this->createUser('worker');
$job = factory(Job::class)->create(['worker_id' => $assignedWorker->id]);
$this->assertTrue($assignedWorker->can('update', $job));
$otherWorker = $this->createUser('worker');
$this->assertFalse($otherWorker->can('update', $job));
}
/** @test */
public function an_admin_can_delete_job()
{
$admin = $this->createUser('admin');
$job = factory(Job::class)->create();
$this->assertTrue($admin->can('delete', $job));
}
/** @test */
public function a_worker_cannot_delete_job()
{
$worker = $this->createUser('worker');
$job = factory(Job::class)->create();
$this->assertFalse($worker->can('delete', $job));
}
}

50
tests/Unit/Policies/ProjectPolicyTest.php
View File

@ -8,37 +8,63 @@ use Tests\TestCase as TestCase;
class ProjectPolicyTest extends TestCase class ProjectPolicyTest extends TestCase
{ {
/** @test */ /** @test */
public function user_can_create_project()
public function an_admin_can_create_project()
{ {
$user = $this->userSigningIn();
$admin = $this->createUser('admin');
$this->assertTrue($user->can('create', new Project()));
$this->assertTrue($admin->can('create', new Project()));
} }
/** @test */ /** @test */
public function user_can_view_project()
public function a_worker_cannot_create_project()
{ {
$user = $this->userSigningIn();
$worker = $this->createUser('worker');
$this->assertFalse($worker->can('create', new Project()));
}
/** @test */
public function an_admin_can_view_project()
{
$admin = $this->createUser('admin');
$project = factory(Project::class)->create();
$this->assertTrue($admin->can('view', $project));
}
/** @test */
public function an_admin_can_update_project()
{
$admin = $this->createUser('admin');
$project = factory(Project::class)->create();
$this->assertTrue($admin->can('update', $project));
}
/** @test */
public function a_worker_cannot_update_project()
{
$worker = $this->createUser('worker');
$project = factory(Project::class)->create(); $project = factory(Project::class)->create();
$this->assertTrue($user->can('view', $project));
$this->assertFalse($worker->can('update', $project));
} }
/** @test */ /** @test */
public function user_can_update_project()
public function an_admin_can_delete_project()
{ {
$user = $this->userSigningIn();
$admin = $this->createUser('admin');
$project = factory(Project::class)->create(); $project = factory(Project::class)->create();
$this->assertTrue($user->can('update', $project));
$this->assertTrue($admin->can('delete', $project));
} }
/** @test */ /** @test */
public function user_can_delete_project()
public function a_worker_cannot_delete_project()
{ {
$user = $this->userSigningIn();
$worker = $this->createUser('worker');
$project = factory(Project::class)->create(); $project = factory(Project::class)->create();
$this->assertTrue($user->can('delete', $project));
$this->assertFalse($worker->can('delete', $project));
} }
} }
Write Preview
Loading…
Cancel
Save