soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
0d2759b0d4c308630bfe37f08d352b37dd2a65fd
fotospiel-app/tests/Feature/Support/SupportApiTest.php
Codex Agent 0d2759b0d4
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (push) Has been cancelled
Details
tests / ui (push) Has been cancelled
Details
Fix support API audit logging
2026-01-28 21:02:25 +01:00

156 lines
4.3 KiB
PHP
Raw Blame History

<?php
namespace Tests\Feature\Support;
use App\Models\BlogCategory;
use App\Models\Photo;
use App\Models\SuperAdminActionLog;
use App\Models\Tenant;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Bus;
use Laravel\Sanctum\Sanctum;
use Tests\TestCase;
class SupportApiTest extends TestCase
{
use RefreshDatabase;
public function test_support_resources_require_authentication(): void
{
$response = $this->getJson('/api/v1/support/tenants');
$response->assertStatus(401);
}
public function test_support_resources_allow_super_admin_tokens(): void
{
$user = User::factory()->create([
'role' => 'super_admin',
]);
Tenant::factory()->create();
Sanctum::actingAs($user, ['support-admin', 'support:read']);
$response = $this->getJson('/api/v1/support/tenants');
$response->assertOk()
->assertJsonStructure(['data', 'meta']);
}
public function test_support_resource_update_rejects_invalid_fields(): void
{
$user = User::factory()->create([
'role' => 'super_admin',
]);
$tenant = Tenant::factory()->create();
Sanctum::actingAs($user, ['support-admin', 'support:write']);
$response = $this->patchJson('/api/v1/support/tenants/'.$tenant->id, [
'data' => [
'name' => 'Unauthorized',
],
]);
$response->assertStatus(422)
->assertJsonPath('error.code', 'support_invalid_fields');
}
public function test_support_data_export_create_sets_user_and_dispatches_job(): void
{
$user = User::factory()->create([
'role' => 'super_admin',
]);
$tenant = Tenant::factory()->create();
Bus::fake();
Sanctum::actingAs($user, ['support-admin', 'support:ops']);
$response = $this->postJson('/api/v1/support/data-exports', [
'data' => [
'scope' => 'tenant',
'tenant_id' => $tenant->id,
'include_media' => true,
],
]);
$response->assertCreated()
->assertJsonPath('data.status', 'pending')
->assertJsonPath('data.user_id', $user->id)
->assertJsonPath('data.event_id', null);
Bus::assertDispatched(\App\Jobs\GenerateDataExport::class);
}
public function test_support_photo_reject_requires_moderation_notes(): void
{
$user = User::factory()->create([
'role' => 'super_admin',
]);
$photo = Photo::factory()->create();
Sanctum::actingAs($user, ['support-admin', 'support:write']);
$response = $this->patchJson('/api/v1/support/photos/'.$photo->id, [
'data' => [
'status' => 'rejected',
],
]);
$response->assertStatus(422)
->assertJsonValidationErrors(['moderation_notes']);
}
public function test_support_blog_post_create_requires_title_and_content(): void
{
$user = User::factory()->create([
'role' => 'super_admin',
]);
$category = BlogCategory::create([
'slug' => 'news',
'name' => ['de' => 'News', 'en' => 'News'],
'is_visible' => true,
]);
Sanctum::actingAs($user, ['support-admin', 'support:content']);
$response = $this->postJson('/api/v1/support/blog-posts', [
'data' => [
'blog_category_id' => $category->id,
'slug' => 'missing-title',
'is_published' => false,
],
]);
$response->assertStatus(422)
->assertJsonValidationErrors(['title', 'content']);
}
public function test_support_update_logs_audit_entry(): void
{
$user = User::factory()->create([
'role' => 'super_admin',
]);
$tenant = Tenant::factory()->create();
Sanctum::actingAs($user, ['support-admin', 'support:write']);
$response = $this->patchJson('/api/v1/support/tenants/'.$tenant->id, [
'data' => [
'slug' => 'support-updated',
],
]);
$response->assertOk();
$this->assertTrue(SuperAdminActionLog::query()->where('action', 'tenants.updated')->exists());
}
}
Reference in New Issue View Git Blame Copy Permalink