odon
/
free-pmo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Add Role middleware test and add forbidden json response

pull/12/head
Nafies Luthfi 8 years ago
parent
23b7aa4d7c
commit
8f22380f6e
4 changed files with 119 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      app/Http/Controllers/JobsController.php
  2. 8
      app/Http/Middleware/Role.php
  3. 4
      tests/Feature/Projects/UploadFilesTest.php
  4. 111
      tests/Unit/Http/Middlewares/RoleTest.php

2
app/Http/Controllers/JobsController.php
View File

@ -25,7 +25,7 @@ class JobsController extends Controller
public function index() public function index()
{ {
$projects = Project::whereIn('status_id', [2, 3])->pluck('name','id');
$projects = Project::whereIn('status_id', [2, 3])->pluck('name', 'id');
$jobs = $this->repo->getUnfinishedJobs(auth()->user(), request('project_id')); $jobs = $this->repo->getUnfinishedJobs(auth()->user(), request('project_id'));
return view('jobs.unfinished', compact('jobs', 'projects')); return view('jobs.unfinished', compact('jobs', 'projects'));

8
app/Http/Middleware/Role.php
View File

@ -24,11 +24,17 @@ class Role
$nameArray = explode('|', $names); $nameArray = explode('|', $names);
if (auth()->check() == false) { if (auth()->check() == false) {
return redirect()->guest('login');
return $request->expectsJson()
? response()->json(['message' => 'Forbidden.'], 403)
: redirect()->guest('login');
} }
// Cek apakah grup user ada di dalam array $nameArray? // Cek apakah grup user ada di dalam array $nameArray?
if (auth()->user()->hasRoles($nameArray) == false) { if (auth()->user()->hasRoles($nameArray) == false) {
if ($request->expectsJson()) {
return response()->json(['message' => 'Forbidden.'], 403);
}
flash(__('auth.unauthorized_access', ['url' => $request->path()]), 'danger'); flash(__('auth.unauthorized_access', ['url' => $request->path()]), 'danger');
return redirect()->route('home'); return redirect()->route('home');

4
tests/Feature/Projects/UploadFilesTest.php
View File

@ -44,10 +44,6 @@ class UploadFilesTest extends TestCase
Storage::fake('avatar'); Storage::fake('avatar');
$user = $this->adminUserSigningIn(); $user = $this->adminUserSigningIn();
$project = factory(Project::class)->create(); $project = factory(Project::class)->create();
// $file = factory(File::class, 'project')->create(['fileable_id' => $project->id]);
// dd(get_class_methods((new FileFactory)->create('123.txt')));
// $result = Storage::disk('avatar')->put('public/files', (new FileFactory)->create('123.txt'));
// dd($result);
$this->visit(route('projects.files', [$project->id])); $this->visit(route('projects.files', [$project->id]));

111
tests/Unit/Http/Middlewares/RoleTest.php
View File

@ -0,0 +1,111 @@
<?php
namespace Tests\Unit\Http\Middlewares;
use Tests\TestCase;
use App\Http\Middleware\Role;
use Illuminate\Foundation\Testing\DatabaseMigrations;
/**
* Role middleware test.
*
* @author Nafies Luthfi <nafiesL@gmail.com>
*/
class RoleTest extends TestCase
{
use DatabaseMigrations;
/**
* Call the given middleware.
*
* @param string|string[] $middleware
* @param string $method
* @param array $data
* @return $this
*/
protected function callMiddleware($middleware, $method = 'GET', array $data = [])
{
return $this->call(
$method, $this->makeMiddlewareRoute($method, $middleware), $data
);
}
/**
* Call the given middleware using a JSON request.
*
* @param string|string[] $middleware
* @param string $method
* @param array $data
* @return $this
*/
protected function callMiddlewareJson($middleware, $method = 'GET', array $data = [])
{
return $this->json(
$method, $this->makeMiddlewareRoute($method, $middleware), $data
);
}
/**
* Make a dummy route with the given middleware applied.
*
* @param string $method
* @param string|string[] $middleware
* @return string
*/
protected function makeMiddlewareRoute($method, $middleware)
{
$method = strtolower($method);
return $this->app->make('router')->{$method}('/__middleware__', [
'middleware' => $middleware,
function () {
return '__passed__';
},
])->uri();
}
/** @test */
public function it_passes_for_user_roles_on_parameters()
{
$user = $this->createUser('admin');
$this->actingAs($user)->callMiddleware(Role::class.':admin|worker');
$this->assertResponseStatus(200);
}
/** @test */
public function it_redirects_non_accepted_roles_to_the_home()
{
$user = $this->createUser('worker');
$this->actingAs($user)->callMiddleware(Role::class.':admin');
$this->assertRedirectedTo(route('home'));
}
/** @test */
public function it_redirects_guests_to_login()
{
$this->callMiddleware(Role::class.':admin');
$this->assertRedirectedTo(route('auth.login'));
}
/** @test */
public function it_returns_a_forbidden_json_response_for_non_accepted_roles()
{
$user = $this->createUser('worker');
$this->actingAs($user)->callMiddlewareJson(Role::class.':admin');
$this->assertResponseStatus(403);
}
/** @test */
public function it_returns_a_forbidden_json_response_for_guests()
{
$this->callMiddlewareJson(Role::class.':admin');
$this->assertResponseStatus(403);
}
}
Write Preview
Loading…
Cancel
Save