61 lines
1.8 KiB
PHP
61 lines
1.8 KiB
PHP
<?php
|
|
|
|
use App\Enums\UserRole;
|
|
use App\Models\User;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Illuminate\Support\Facades\Gate;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
it('allows only administrators through production tooling gates', function (): void {
|
|
$admin = User::factory()->create([
|
|
'role' => UserRole::ADMIN,
|
|
]);
|
|
$moderator = User::factory()->create([
|
|
'role' => UserRole::MODERATOR,
|
|
]);
|
|
$user = User::factory()->create([
|
|
'role' => UserRole::USER,
|
|
]);
|
|
|
|
expect(Gate::forUser($admin)->allows('viewHorizon'))->toBeTrue()
|
|
->and(Gate::forUser($admin)->allows('viewApiDocs'))->toBeTrue()
|
|
->and(Gate::forUser($moderator)->allows('viewHorizon'))->toBeFalse()
|
|
->and(Gate::forUser($moderator)->allows('viewApiDocs'))->toBeFalse()
|
|
->and(Gate::forUser($user)->allows('viewHorizon'))->toBeFalse()
|
|
->and(Gate::forUser($user)->allows('viewApiDocs'))->toBeFalse()
|
|
->and(Gate::allows('viewHorizon'))->toBeFalse()
|
|
->and(Gate::allows('viewApiDocs'))->toBeFalse();
|
|
});
|
|
|
|
it('protects the horizon dashboard outside local environments', function (): void {
|
|
$admin = User::factory()->create([
|
|
'role' => UserRole::ADMIN,
|
|
]);
|
|
$moderator = User::factory()->create([
|
|
'role' => UserRole::MODERATOR,
|
|
]);
|
|
|
|
$this->get('/horizon')->assertForbidden();
|
|
|
|
$this->actingAs($moderator)
|
|
->get('/horizon')
|
|
->assertForbidden();
|
|
|
|
$this->actingAs($admin)
|
|
->get('/horizon')
|
|
->assertSuccessful();
|
|
});
|
|
|
|
it('protects the scramble documentation outside local environments', function (): void {
|
|
$user = User::factory()->create([
|
|
'role' => UserRole::USER,
|
|
]);
|
|
|
|
$this->get('/docs/api')->assertForbidden();
|
|
|
|
$this->actingAs($user)
|
|
->get('/docs/api')
|
|
->assertForbidden();
|
|
});
|