update tests

This commit is contained in:
root
2026-06-08 22:06:30 -04:00
parent 79024235ef
commit 60ecacb7f8
54 changed files with 13243 additions and 5561 deletions
@@ -0,0 +1,106 @@
<?php
namespace Tests\Feature\Api\V1\Parents;
use App\Models\AuthorizedUser;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\Concerns\CreatesApiTestUsers;
use Tests\TestCase;
class AuthorizedUsersControllerTest extends TestCase
{
use CreatesApiTestUsers;
use RefreshDatabase;
private function makeAuthorizedUser(int $parentId, array $overrides = []): AuthorizedUser
{
return AuthorizedUser::query()->create(array_merge([
'user_id' => $parentId,
'firstname' => 'Aunt',
'lastname' => 'Carer',
'email' => 'carer-' . uniqid() . '@example.test',
'phone_number' => '5551112222',
'relation_to_user' => 'Aunt',
'status' => 'pending',
], $overrides));
}
public function test_index_requires_authentication(): void
{
$this->getJson('/api/v1/parents/authorized-users')
->assertStatus(401);
}
public function test_index_is_forbidden_for_non_parent_users(): void
{
$teacher = $this->createApiUserWithRole('teacher');
$this->actingAs($teacher, 'api')
->getJson('/api/v1/parents/authorized-users')
->assertStatus(403);
}
public function test_index_returns_only_the_parents_own_authorized_users(): void
{
$parent = $this->createApiUserWithRole('parent');
$otherParent = $this->createApiUserWithRole('parent');
$own = $this->makeAuthorizedUser($parent->id);
$this->makeAuthorizedUser($otherParent->id);
$response = $this->actingAs($parent, 'api')
->getJson('/api/v1/parents/authorized-users')
->assertOk()
->assertJsonPath('status', true);
$this->assertCount(1, $response->json('data'));
$this->assertSame($own->id, $response->json('data.0.id'));
}
public function test_show_returns_404_for_unknown_authorized_user(): void
{
$parent = $this->createApiUserWithRole('parent');
$this->actingAs($parent, 'api')
->getJson('/api/v1/parents/authorized-users/999999')
->assertNotFound()
->assertJsonPath('status', false);
}
public function test_show_returns_404_for_another_parents_authorized_user(): void
{
$parent = $this->createApiUserWithRole('parent');
$otherParent = $this->createApiUserWithRole('parent');
$foreign = $this->makeAuthorizedUser($otherParent->id);
$this->actingAs($parent, 'api')
->getJson('/api/v1/parents/authorized-users/' . $foreign->id)
->assertNotFound();
}
public function test_destroy_deletes_the_parents_authorized_user(): void
{
$parent = $this->createApiUserWithRole('parent');
$record = $this->makeAuthorizedUser($parent->id);
$this->actingAs($parent, 'api')
->deleteJson('/api/v1/parents/authorized-users/' . $record->id)
->assertOk()
->assertJsonPath('status', true);
$this->assertDatabaseMissing('authorized_users', ['id' => $record->id]);
}
public function test_parent_cannot_delete_another_parents_authorized_user(): void
{
$parent = $this->createApiUserWithRole('parent');
$otherParent = $this->createApiUserWithRole('parent');
$foreign = $this->makeAuthorizedUser($otherParent->id);
$this->actingAs($parent, 'api')
->deleteJson('/api/v1/parents/authorized-users/' . $foreign->id)
->assertNotFound();
$this->assertDatabaseHas('authorized_users', ['id' => $foreign->id]);
}
}