0ct0pu5
/
2FAuth


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287
							<?php

namespace Tests\Api\v1\Controllers;

use App\Facades\Settings;
use App\Models\User;
use Tests\FeatureTestCase;

/**
 * @covers \App\Api\v1\Controllers\SettingController
 */
class SettingControllerTest extends FeatureTestCase
{
    /**
     * @var \App\Models\User|\Illuminate\Contracts\Auth\Authenticatable
     */
    protected $user, $admin;

    private const SETTING_JSON_STRUCTURE = [
        'key',
        'value',
    ];

    private const TWOFAUTH_NATIVE_SETTING = 'checkForUpdate';

    private const TWOFAUTH_NATIVE_SETTING_DEFAULT_VALUE = true;

    private const TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE = false;

    private const USER_DEFINED_SETTING = 'mySetting';

    private const USER_DEFINED_SETTING_VALUE = 'mySetting';

    private const USER_DEFINED_SETTING_CHANGED_VALUE = 'mySetting';

    /**
     * @test
     */
    public function setUp() : void
    {
        parent::setUp();

        $this->user = User::factory()->create();
        $this->admin = User::factory()->administrator()->create();
    }

    /**
     * @test
     */
    public function test_index_returns_setting_collection()
    {
        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('GET', '/api/v1/settings')
            ->assertOk()
            ->assertJsonStructure([
                '*' => self::SETTING_JSON_STRUCTURE,
            ]);
    }

    /**
     * @test
     */
    public function test_index_is_forbidden_to_users()
    {
        $response = $this->actingAs($this->user, 'api-guard')
            ->json('GET', '/api/v1/settings')
            ->assertForbidden()
            ->assertJsonStructure([
                'message',
            ]);
    }

    /**
     * @test
     */
    public function test_show_native_unchanged_setting_returns_consistent_value()
    {
        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('GET', '/api/v1/settings/' . self::TWOFAUTH_NATIVE_SETTING)
            ->assertOk()
            ->assertExactJson([
                'key'   => self::TWOFAUTH_NATIVE_SETTING,
                'value' => self::TWOFAUTH_NATIVE_SETTING_DEFAULT_VALUE,
            ]);
    }

    /**
     * @test
     */
    public function test_show_native_changed_setting_returns_consistent_value()
    {
        Settings::set(self::TWOFAUTH_NATIVE_SETTING, self::TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE);

        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('GET', '/api/v1/settings/' . self::TWOFAUTH_NATIVE_SETTING)
            ->assertOk()
            ->assertExactJson([
                'key'   => self::TWOFAUTH_NATIVE_SETTING,
                'value' => self::TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE,
            ]);
    }

    /**
     * @test
     */
    public function test_show_custom_user_setting_returns_consistent_value()
    {
        Settings::set(self::USER_DEFINED_SETTING, self::USER_DEFINED_SETTING_VALUE);

        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('GET', '/api/v1/settings/' . self::USER_DEFINED_SETTING)
            ->assertOk()
            ->assertExactJson([
                'key'   => self::USER_DEFINED_SETTING,
                'value' => self::USER_DEFINED_SETTING_VALUE,
            ]);
    }

    /**
     * @test
     */
    public function test_show_missing_setting_returns_not_found()
    {
        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('GET', '/api/v1/settings/missing')
            ->assertNotFound();
    }

    /**
     * @test
     */
    public function test_show_setting_is_forbidden_to_users()
    {
        $response = $this->actingAs($this->user, 'api-guard')
            ->json('GET', '/api/v1/settings/' . self::TWOFAUTH_NATIVE_SETTING)
            ->assertForbidden()
            ->assertJsonStructure([
                'message',
            ]);
    }

    /**
     * @test
     */
    public function test_store_custom_user_setting_returns_success()
    {
        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('POST', '/api/v1/settings', [
                'key'   => self::USER_DEFINED_SETTING,
                'value' => self::USER_DEFINED_SETTING_VALUE,
            ])
            ->assertCreated()
            ->assertExactJson([
                'key'   => self::USER_DEFINED_SETTING,
                'value' => self::USER_DEFINED_SETTING_VALUE,
            ]);
    }

    /**
     * @test
     */
    public function test_store_invalid_custom_user_setting_returns_validation_error()
    {
        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('POST', '/api/v1/settings', [
                'key'   => null,
                'value' => null,
            ])
            ->assertStatus(422);
    }

    /**
     * @test
     */
    public function test_store_existing_custom_user_setting_returns_validation_error()
    {
        Settings::set(self::USER_DEFINED_SETTING, self::USER_DEFINED_SETTING_VALUE);

        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('POST', '/api/v1/settings', [
                'key'   => self::USER_DEFINED_SETTING,
                'value' => self::USER_DEFINED_SETTING_VALUE,
            ])
            ->assertStatus(422);
    }

    /**
     * @test
     */
    public function test_update_unchanged_native_setting_returns_updated_setting()
    {
        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('PUT', '/api/v1/settings/' . self::TWOFAUTH_NATIVE_SETTING, [
                'value' => self::TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE,
            ])
            ->assertOk()
            ->assertExactJson([
                'key'   => self::TWOFAUTH_NATIVE_SETTING,
                'value' => self::TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE,
            ]);
    }

    /**
     * @test
     */
    public function test_update_custom_user_setting_returns_updated_setting()
    {
        Settings::set(self::USER_DEFINED_SETTING, self::USER_DEFINED_SETTING_VALUE);

        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('PUT', '/api/v1/settings/' . self::USER_DEFINED_SETTING, [
                'value' => self::USER_DEFINED_SETTING_CHANGED_VALUE,
            ])
            ->assertOk()
            ->assertExactJson([
                'key'   => self::USER_DEFINED_SETTING,
                'value' => self::USER_DEFINED_SETTING_CHANGED_VALUE,
            ]);
    }

    /**
     * @test
     */
    public function test_update_missing_user_setting_returns_created_setting()
    {
        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('PUT', '/api/v1/settings/' . self::USER_DEFINED_SETTING, [
                'value' => self::USER_DEFINED_SETTING_CHANGED_VALUE,
            ])
            ->assertOk()
            ->assertExactJson([
                'key'   => self::USER_DEFINED_SETTING,
                'value' => self::USER_DEFINED_SETTING_CHANGED_VALUE,
            ]);
    }

    /**
     * @test
     */
    public function test_destroy_user_setting_returns_success()
    {
        Settings::set(self::USER_DEFINED_SETTING, self::USER_DEFINED_SETTING_VALUE);

        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('DELETE', '/api/v1/settings/' . self::USER_DEFINED_SETTING)
            ->assertNoContent();
    }

    /**
     * @test
     */
    public function test_destroy_native_setting_returns_bad_request()
    {
        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('DELETE', '/api/v1/settings/' . self::TWOFAUTH_NATIVE_SETTING)
            ->assertStatus(400)
            ->assertJsonStructure([
                'message',
                'reason',
            ]);
    }

    /**
     * @test
     */
    public function test_destroy_missing_user_setting_returns_not_found()
    {
        $response = $this->actingAs($this->admin, 'api-guard')
            ->json('DELETE', '/api/v1/settings/' . self::USER_DEFINED_SETTING)
            ->assertNotFound();
    }

    /**
     * @test
     */
    public function test_destroy_is_forbidden_to_users()
    {
        Settings::set(self::USER_DEFINED_SETTING, self::USER_DEFINED_SETTING_VALUE);

        $response = $this->actingAs($this->user, 'api-guard')
            ->json('DELETE', '/api/v1/settings/' . self::USER_DEFINED_SETTING)
            ->assertForbidden()
            ->assertJsonStructure([
                'message',
            ]);
    }
}