654 lines
20 KiB
PHP
654 lines
20 KiB
PHP
<?php
|
|
|
|
namespace Tests\Feature\Checkout;
|
|
|
|
use App\Models\Package;
|
|
use App\Models\User;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Tests\TestCase;
|
|
|
|
class CheckoutAuthTest extends TestCase
|
|
{
|
|
use RefreshDatabase;
|
|
|
|
public function test_checkout_login_returns_json_response_with_valid_credentials()
|
|
{
|
|
$user = User::factory()->create();
|
|
|
|
$response = $this->postJson(route('checkout.login'), [
|
|
'login' => $user->email,
|
|
'password' => 'password',
|
|
'remember' => false,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson([
|
|
'success' => true,
|
|
'user' => [
|
|
'id' => $user->id,
|
|
'email' => $user->email,
|
|
'pending_purchase' => false,
|
|
],
|
|
]);
|
|
|
|
$this->assertAuthenticatedAs($user);
|
|
}
|
|
|
|
public function test_checkout_login_returns_validation_errors_with_invalid_credentials()
|
|
{
|
|
$user = User::factory()->create();
|
|
|
|
$response = $this->postJson(route('checkout.login'), [
|
|
'login' => $user->email,
|
|
'password' => 'wrong-password',
|
|
'remember' => false,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'login' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_login_with_username()
|
|
{
|
|
$user = User::factory()->create(['username' => 'testuser']);
|
|
|
|
$response = $this->postJson(route('checkout.login'), [
|
|
'login' => 'testuser', // Using username as login field
|
|
'password' => 'password',
|
|
'remember' => false,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson([
|
|
'success' => true,
|
|
'user' => [
|
|
'id' => $user->id,
|
|
'email' => $user->email,
|
|
'pending_purchase' => false,
|
|
],
|
|
]);
|
|
|
|
$this->assertAuthenticatedAs($user);
|
|
}
|
|
|
|
public function test_checkout_register_creates_user_and_tenant_successfully()
|
|
{
|
|
$package = Package::factory()->create(['price' => 0]); // Free package
|
|
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'package_id' => $package->id,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson([
|
|
'success' => true,
|
|
'pending_purchase' => false,
|
|
])
|
|
->assertJsonStructure([
|
|
'user' => [
|
|
'id',
|
|
'email',
|
|
'name',
|
|
'pending_purchase',
|
|
'email_verified_at',
|
|
],
|
|
'redirect',
|
|
]);
|
|
|
|
$this->assertDatabaseHas('users', [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'role' => 'tenant_admin', // Should be upgraded for free package
|
|
'pending_purchase' => false,
|
|
]);
|
|
|
|
$this->assertDatabaseHas('tenants', [
|
|
'email' => 'test@example.com',
|
|
'subscription_status' => 'active',
|
|
]);
|
|
|
|
$this->assertAuthenticated();
|
|
}
|
|
|
|
public function test_checkout_register_with_paid_package_sets_pending_purchase()
|
|
{
|
|
$package = Package::factory()->create(['price' => 99.99]); // Paid package
|
|
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'package_id' => $package->id,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson([
|
|
'success' => true,
|
|
'pending_purchase' => true,
|
|
]);
|
|
|
|
$this->assertDatabaseHas('users', [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'pending_purchase' => true,
|
|
'role' => 'user', // Should remain user for paid package
|
|
]);
|
|
|
|
$this->assertAuthenticated();
|
|
}
|
|
|
|
public function test_checkout_register_validation_errors()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => '', // Required
|
|
'email' => 'invalid-email',
|
|
'password' => '123', // Too short
|
|
'password_confirmation' => '456', // Doesn't match
|
|
'first_name' => '',
|
|
'last_name' => '',
|
|
'address' => '',
|
|
'phone' => '',
|
|
'privacy_consent' => false, // Required
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'username' => [],
|
|
'email' => [],
|
|
'password' => [],
|
|
'first_name' => [],
|
|
'last_name' => [],
|
|
'address' => [],
|
|
'phone' => [],
|
|
'privacy_consent' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
$this->assertDatabaseMissing('users', ['email' => 'invalid-email']);
|
|
}
|
|
|
|
public function test_checkout_register_unique_username_and_email()
|
|
{
|
|
User::factory()->create([
|
|
'username' => 'existinguser',
|
|
'email' => 'existing@example.com',
|
|
]);
|
|
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'existinguser', // Duplicate
|
|
'email' => 'existing@example.com', // Duplicate
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'username' => [],
|
|
'email' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_without_package()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson([
|
|
'success' => true,
|
|
'pending_purchase' => false,
|
|
]);
|
|
|
|
$this->assertDatabaseHas('users', [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'role' => 'user',
|
|
'pending_purchase' => false,
|
|
]);
|
|
|
|
$this->assertAuthenticated();
|
|
}
|
|
|
|
public function test_checkout_login_sets_locale()
|
|
{
|
|
$user = User::factory()->create();
|
|
|
|
$response = $this->postJson(route('checkout.login'), [
|
|
'login' => $user->email,
|
|
'password' => 'password',
|
|
'remember' => false,
|
|
'locale' => 'en',
|
|
]);
|
|
|
|
$response->assertStatus(200);
|
|
// Note: Locale setting would need to be verified through session or app context
|
|
}
|
|
|
|
public function test_checkout_register_sets_locale()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'en',
|
|
]);
|
|
|
|
$response->assertStatus(200);
|
|
// Note: Locale setting would need to be verified through session or app context
|
|
}
|
|
|
|
public function test_checkout_show_renders_wizard_page()
|
|
{
|
|
$package = Package::factory()->create();
|
|
|
|
$response = $this->get(route('checkout.show', $package));
|
|
|
|
$response->assertStatus(200)
|
|
->assertInertia(fn ($page) => $page
|
|
->component('marketing/CheckoutWizardPage')
|
|
->has('package')
|
|
->has('packageOptions')
|
|
->has('stripePublishableKey')
|
|
->has('privacyHtml')
|
|
->where('package.id', $package->id)
|
|
);
|
|
}
|
|
|
|
public function test_checkout_show_with_invalid_package_returns_404()
|
|
{
|
|
$response = $this->get(route('checkout.show', 999));
|
|
|
|
$response->assertStatus(404);
|
|
}
|
|
|
|
public function test_checkout_register_missing_required_fields()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
// All required fields missing
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'username' => [],
|
|
'email' => [],
|
|
'password' => [],
|
|
'first_name' => [],
|
|
'last_name' => [],
|
|
'address' => [],
|
|
'phone' => [],
|
|
'privacy_consent' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_invalid_email_format()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'invalid-email-format',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'email' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_password_too_short()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => '123', // Too short
|
|
'password_confirmation' => '123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'password' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_password_confirmation_mismatch()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'differentpassword',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'password' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_missing_password_confirmation()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
// password_confirmation missing
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'password' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_username_too_long()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => str_repeat('a', 256), // 256 chars, max is 255
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'username' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_email_too_long()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => str_repeat('a', 246) . '@example.com', // Total > 255 chars
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'email' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_address_too_long()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => str_repeat('a', 501), // 501 chars, max is 500
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'address' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_phone_too_long()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => str_repeat('1', 21), // 21 chars, max is 20
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'phone' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_invalid_package_id()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'package_id' => 'invalid-string', // Should be integer
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'package_id' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_nonexistent_package_id()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'package_id' => 99999, // Non-existent package
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
// Note: Due to controller logic, user gets created and authenticated before package validation
|
|
// This is actually a bug in the controller - user should not be authenticated on validation failure
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'package_id' => [],
|
|
],
|
|
]);
|
|
|
|
// User is authenticated despite validation error (controller bug)
|
|
$this->assertAuthenticated();
|
|
}
|
|
|
|
public function test_checkout_register_privacy_consent_not_accepted()
|
|
{
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'test@example.com',
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => false, // Not accepted
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'privacy_consent' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_checkout_register_case_insensitive_email_uniqueness()
|
|
{
|
|
// Ensure database is properly set up
|
|
$this->artisan('migrate:fresh', ['--seed' => false]);
|
|
|
|
User::factory()->create(['email' => 'existing@example.com']);
|
|
|
|
$response = $this->postJson(route('checkout.register'), [
|
|
'username' => 'testuser',
|
|
'email' => 'EXISTING@EXAMPLE.COM', // Same email, different case
|
|
'password' => 'password123',
|
|
'password_confirmation' => 'password123',
|
|
'first_name' => 'Test',
|
|
'last_name' => 'User',
|
|
'address' => 'Test Address 123',
|
|
'phone' => '+49123456789',
|
|
'privacy_consent' => true,
|
|
'locale' => 'de',
|
|
]);
|
|
|
|
$response->assertStatus(422)
|
|
->assertJsonStructure([
|
|
'errors' => [
|
|
'email' => [],
|
|
],
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
} |