Merge pull request #8717 from turbo124/v5-develop

Fixes for tests
2024-09-20 08:21:34 +02:00 · 2023-08-13 15:30:17 +10:00 · 2023-08-13 15:30:17 +10:00 · 591d715b04
commit 591d715b04
parent d0ec76e5ad 0f931fe1a8
2 changed files with 155 additions and 8 deletions
--- a/app/Filters/UserFilters.php
+++ b/app/Filters/UserFilters.php
@ -127,8 +127,7 @@ class UserFilters extends QueryFilters
        $user_array = $this->transformKeys(explode(',', $user_id));

        return  $this->builder->where(function ($query) use ($user_array) {
-            $query->whereNotIn('id', $user_array)
-                  ->where('account_id', auth()->user()->account_id);
+            $query->whereNotIn('id', $user_array);
        });
    }
 }
--- a/tests/Feature/UserTest.php
+++ b/tests/Feature/UserTest.php
@ -38,6 +38,8 @@ class UserTest extends TestCase

    private $default_email = 'attach@gmail.com';

+    public $faker;
+
    protected function setUp() :void
    {
        parent::setUp();
@ -50,7 +52,7 @@ class UserTest extends TestCase

        Model::reguard();

-        $this->withoutExceptionHandling();
+        // $this->withoutExceptionHandling();

        $this->withoutMiddleware(
            ThrottleRequests::class,
@ -58,10 +60,9 @@ class UserTest extends TestCase
        );
    }

-    public function testUserAttemptingtToDeleteThemselves()
+    private function mockAccount()
    {

-
        $account = Account::factory()->create([
            'hosted_client_count' => 1000,
            'hosted_company_count' => 1000,
@ -74,6 +75,7 @@ class UserTest extends TestCase
            'account_id' => $this->account->id,
            'confirmation_code' => 'xyz123',
            'email' => $this->faker->unique()->safeEmail(),
+            'password' => \Illuminate\Support\Facades\Hash::make('ALongAndBriliantPassword'),
        ]);

        $settings = CompanySettings::defaults();
@ -101,18 +103,164 @@ class UserTest extends TestCase
        $company_token->name = 'test token';
        $company_token->token = $token;
        $company_token->is_system = true;
+        $company_token->save();
+
+        return $company_token;
+
+    }
+
+    public function testUserResponse()
+    {
+        $company_token = $this->mockAccount();
+
+        $data = [
+                'first_name' => 'hey',
+                'last_name' => 'you',
+                'email' => 'normal_user@gmail.com',
+                'company_user' => [
+                    'is_admin' => true,
+                    'is_owner' => false,
+                    'permissions' => 'create_client,create_invoice',
+                ],
+                'phone' => null,
+            ];
+
+        $response = $this->withHeaders([
+            'X-API-SECRET' => config('ninja.api_secret'),
+            'X-API-TOKEN' => $company_token->token,
+            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
+        ])->post('/api/v1/users?include=company_user', $data);
+
+        $response->assertStatus(200);
+
+        $user = $response->json();
+        $user_id = $user['data']['id'];
+
+        $response = $this->withHeaders([
+            'X-API-SECRET' => config('ninja.api_secret'),
+            'X-API-TOKEN' => $company_token->token,
+            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
+        ])->get('/api/v1/users', $data);
+
+        $response->assertStatus(200);
+        $arr = $response->json();
+
+        $this->assertCount(2, $arr['data']);
+
+        //archive the user we just created:
+
+        $data = [
+            'action' => 'archive',
+            'ids' => [$user_id],
+        ];
+
+        $response = $this->withHeaders([
+            'X-API-SECRET' => config('ninja.api_secret'),
+            'X-API-TOKEN' => $company_token->token,
+            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
+        ])->postJson('/api/v1/users/bulk', $data);
+
+        $response->assertStatus(200);
+
+        $this->assertCount(1, $response->json()['data']);
+
+        $response = $this->withHeaders([
+            'X-API-SECRET' => config('ninja.api_secret'),
+            'X-API-TOKEN' => $company_token->token,
+            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
+        ])->get("/api/v1/users?without={$company_token->user->hashed_id}");
+
+        $response->assertStatus(200);
+        $this->assertCount(1, $response->json()['data']);
+
+        $response = $this->withHeaders([
+            'X-API-SECRET' => config('ninja.api_secret'),
+            'X-API-TOKEN' => $company_token->token,
+            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
+        ])->get("/api/v1/users?without={$company_token->user->hashed_id}&status=active");
+
+        $response->assertStatus(200);
+        $this->assertCount(0, $response->json()['data']);
+
+        $response = $this->withHeaders([
+            'X-API-SECRET' => config('ninja.api_secret'),
+            'X-API-TOKEN' => $company_token->token,
+            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
+        ])->get("/api/v1/users?without={$company_token->user->hashed_id}&status=archived");
+
+        $response->assertStatus(200);
+        $this->assertCount(1, $response->json()['data']);
+        
+        $response = $this->withHeaders([
+            'X-API-SECRET' => config('ninja.api_secret'),
+            'X-API-TOKEN' => $company_token->token,
+            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
+        ])->get("/api/v1/users?without={$company_token->user->hashed_id}&status=deleted");
+
+        $response->assertStatus(200);
+        $this->assertCount(0, $response->json()['data']);
+
+
+    }
+
+    public function testUserAttemptingtToDeleteThemselves()
+    {
+
+        $account = Account::factory()->create([
+            'hosted_client_count' => 1000,
+            'hosted_company_count' => 1000,
+        ]);
+
+        $account->num_users = 3;
+        $account->save();
+
+        $user = User::factory()->create([
+            'account_id' => $this->account->id,
+            'confirmation_code' => 'xyz123',
+            'email' => $this->faker->unique()->safeEmail(),
+            'password' => \Illuminate\Support\Facades\Hash::make('ALongAndBriliantPassword'),
+        ]);
+
+        $settings = CompanySettings::defaults();
+        $settings->client_online_payment_notification = false;
+        $settings->client_manual_payment_notification = false;
+
+        $company = Company::factory()->create([
+            'account_id' => $account->id,
+            'settings' => $settings,
+        ]);
+
+
+        $cu = CompanyUserFactory::create($user->id, $company->id, $account->id);
+        $cu->is_owner = true;
+        $cu->is_admin = true;
+        $cu->is_locked = false;
+        $cu->save();
+
+        $token = \Illuminate\Support\Str::random(64);
+
+        $company_token = new CompanyToken();
+        $company_token->user_id = $user->id;
+        $company_token->company_id = $company->id;
+        $company_token->account_id = $account->id;
+        $company_token->name = 'test token';
+        $company_token->token = $token;
+        $company_token->is_system = true;
+        $company_token->save();

        $data = [
            'ids' => [$user->hashed_id],
-                ];
+        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
-        ])->postJson('/api/v1/users/bulk?action=dete', $data)
-        ->assertStatus(403);
+        ])->postJson('/api/v1/users/bulk?action=delete', $data);

+        nlog($response);
+
+        $response->assertStatus(401);

    }