security fix and fix parent pages
API CI/CD / Validate (composer + pint) (push) Successful in 3m7s
API CI/CD / Test (PHPUnit) (push) Failing after 5m46s
API CI/CD / Build frontend assets (push) Successful in 1m2s
API CI/CD / Security audit (push) Failing after 49s
API CI/CD / Deploy to shared hosting (PHP) (push) Has been skipped
API CI/CD / Validate (composer + pint) (push) Successful in 3m7s
API CI/CD / Test (PHPUnit) (push) Failing after 5m46s
API CI/CD / Build frontend assets (push) Successful in 1m2s
API CI/CD / Security audit (push) Failing after 49s
API CI/CD / Deploy to shared hosting (PHP) (push) Has been skipped
This commit is contained in:
@@ -45,6 +45,138 @@ class ClassProgressControllerTest extends TestCase
|
||||
$this->assertCount(2, $response->json('data.items'));
|
||||
}
|
||||
|
||||
public function test_admin_grouped_index_accepts_school_year_id_and_includes_legacy_rows(): void
|
||||
{
|
||||
$admin = $this->createUser('admin@example.com');
|
||||
$this->assignRole($admin->id, 'administrator');
|
||||
$this->seedClassSection();
|
||||
DB::table('classSection')->where('class_section_id', 101)->update([
|
||||
'semester' => '',
|
||||
'school_year' => null,
|
||||
]);
|
||||
$schoolYearId = DB::table('school_years')->insertGetId([
|
||||
'name' => '2025-2026',
|
||||
'start_date' => '2025-08-01',
|
||||
'end_date' => '2026-07-31',
|
||||
'status' => 'active',
|
||||
'is_current' => 1,
|
||||
'created_at' => now(),
|
||||
'updated_at' => now(),
|
||||
]);
|
||||
ClassProgressReport::factory()->create([
|
||||
'teacher_id' => $admin->id,
|
||||
'class_section_id' => 101,
|
||||
'school_year' => null,
|
||||
'semester' => null,
|
||||
'week_start' => '2026-02-08',
|
||||
'week_end' => '2026-02-14',
|
||||
]);
|
||||
|
||||
Sanctum::actingAs($admin);
|
||||
|
||||
$response = $this->getJson('/api/v1/class-progress?school_year_id='.$schoolYearId.'&group_by_week=1');
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertJsonPath('status', true);
|
||||
$this->assertCount(1, $response->json('data.items'));
|
||||
|
||||
$administratorAlias = $this->getJson('/api/v1/administrator/progress?school_year_id='.$schoolYearId.'&group_by_week=1');
|
||||
$administratorAlias->assertOk();
|
||||
$this->assertCount(1, $administratorAlias->json('data.items'));
|
||||
|
||||
$adminAlias = $this->getJson('/api/v1/admin/progress?school_year_id='.$schoolYearId.'&group_by_week=1');
|
||||
$adminAlias->assertOk();
|
||||
$this->assertCount(1, $adminAlias->json('data.items'));
|
||||
}
|
||||
|
||||
public function test_parent_progress_returns_reports_for_enrolled_sections(): void
|
||||
{
|
||||
$parent = $this->createUser('parent@example.com');
|
||||
$teacher = $this->createUser('teacher-for-parent-progress@example.com');
|
||||
$this->assignRole($parent->id, 'parent');
|
||||
$this->seedClassSection();
|
||||
DB::table('classSection')->where('class_section_id', 101)->update([
|
||||
'semester' => '',
|
||||
'school_year' => null,
|
||||
]);
|
||||
DB::table('students')->insert([
|
||||
'id' => 301,
|
||||
'school_id' => '301',
|
||||
'firstname' => 'Student',
|
||||
'lastname' => 'One',
|
||||
'is_active' => 1,
|
||||
'is_new' => 0,
|
||||
'parent_id' => $parent->id,
|
||||
'semester' => 'Fall',
|
||||
'school_year' => '2025-2026',
|
||||
]);
|
||||
DB::table('enrollments')->insert([
|
||||
'student_id' => 301,
|
||||
'class_section_id' => 101,
|
||||
'parent_id' => $parent->id,
|
||||
'enrollment_status' => 'enrolled',
|
||||
'is_withdrawn' => 0,
|
||||
'admission_status' => 'accepted',
|
||||
'semester' => 'Fall',
|
||||
'school_year' => '2025-2026',
|
||||
'created_at' => now(),
|
||||
'updated_at' => now(),
|
||||
]);
|
||||
$report = ClassProgressReport::factory()->create([
|
||||
'teacher_id' => $teacher->id,
|
||||
'class_section_id' => 101,
|
||||
'school_year' => null,
|
||||
'semester' => null,
|
||||
'week_start' => '2026-02-08',
|
||||
'week_end' => '2026-02-14',
|
||||
]);
|
||||
ClassProgressAttachment::factory()->create([
|
||||
'report_id' => $report->id,
|
||||
'file_path' => 'storage/class_material/sample.pdf',
|
||||
'original_name' => 'sample.pdf',
|
||||
]);
|
||||
|
||||
Sanctum::actingAs($parent);
|
||||
|
||||
$response = $this->getJson('/api/v1/parents/progress?school_year=2025-2026');
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertJsonPath('ok', true);
|
||||
$this->assertCount(1, $response->json('data.items'));
|
||||
$this->assertCount(1, $response->json('data.students'));
|
||||
$this->assertSame($report->id, $response->json('data.items.0.id'));
|
||||
$this->assertSame($report->id, $response->json('data.items.0.report_id'));
|
||||
$this->assertNotEmpty($response->json('data.items.0.view_url'));
|
||||
$this->assertNotEmpty($response->json('data.items.0.reports.Islamic Studies.attachments.0.download_url'));
|
||||
$this->assertSame($report->id, $response->json('data.items.0.weekly_reports.0.id'));
|
||||
$this->assertNotEmpty($response->json('data.items.0.weekly_reports.0.attachments.0.download_url'));
|
||||
|
||||
$sharedResponse = $this->getJson('/api/v1/class-progress?school_year=2025-2026&group_by_week=1');
|
||||
|
||||
$sharedResponse->assertOk();
|
||||
$sharedResponse->assertJsonPath('status', true);
|
||||
$this->assertCount(1, $sharedResponse->json('data.items'));
|
||||
$this->assertSame($report->id, $sharedResponse->json('data.items.0.id'));
|
||||
$this->assertSame($report->id, $sharedResponse->json('data.items.0.weekly_reports.0.id'));
|
||||
|
||||
$detailResponse = $this->getJson('/api/v1/class-progress/'.$report->id);
|
||||
|
||||
$detailResponse->assertOk();
|
||||
$detailResponse->assertJsonPath('status', true);
|
||||
$this->assertSame($report->id, $detailResponse->json('data.report.id'));
|
||||
$this->assertNotEmpty($detailResponse->json('data.weekly_reports.0.attachments.0.download_url'));
|
||||
$this->assertSame($report->id, $detailResponse->json('data.group.weekly_reports.0.id'));
|
||||
|
||||
$parentDetailResponse = $this->getJson('/api/v1/parents/progress/'.$report->id);
|
||||
|
||||
$parentDetailResponse->assertOk();
|
||||
$parentDetailResponse->assertJsonPath('ok', true);
|
||||
$parentDetailResponse->assertJsonPath('status', true);
|
||||
$this->assertSame($report->id, $parentDetailResponse->json('data.report.id'));
|
||||
$this->assertNotEmpty($parentDetailResponse->json('data.report.attachments.0.download_url'));
|
||||
$this->assertSame($report->id, $parentDetailResponse->json('data.group.weekly_reports.0.id'));
|
||||
}
|
||||
|
||||
public function test_store_creates_reports(): void
|
||||
{
|
||||
Storage::fake('public');
|
||||
@@ -243,4 +375,24 @@ class ClassProgressControllerTest extends TestCase
|
||||
|
||||
return User::query()->where('email', $email)->firstOrFail();
|
||||
}
|
||||
|
||||
private function assignRole(int $userId, string $roleName): void
|
||||
{
|
||||
$roleId = DB::table('roles')->insertGetId([
|
||||
'name' => $roleName,
|
||||
'slug' => $roleName,
|
||||
'dashboard_route' => $roleName === 'parent' ? 'parent/dashboard' : 'administrator/administratordashboard',
|
||||
'priority' => 100,
|
||||
'is_active' => 1,
|
||||
'created_at' => now(),
|
||||
'updated_at' => now(),
|
||||
]);
|
||||
|
||||
DB::table('user_roles')->insert([
|
||||
'user_id' => $userId,
|
||||
'role_id' => $roleId,
|
||||
'created_at' => now(),
|
||||
'updated_at' => now(),
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user