38 lines
1.1 KiB
PHP
38 lines
1.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Resources\Workspaces\Pages\ViewWorkspace;
|
|
use App\Models\User;
|
|
use App\Models\Workspace;
|
|
use App\Models\WorkspaceMembership;
|
|
use App\Support\Auth\Capabilities;
|
|
use Illuminate\Auth\Access\AuthorizationException;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Illuminate\Support\Facades\Gate;
|
|
use Livewire\Livewire;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
it('returns 404 for non-members (deny as not found)', function (): void {
|
|
$user = User::factory()->create();
|
|
$workspace = Workspace::factory()->create();
|
|
|
|
$this->actingAs($user);
|
|
|
|
Livewire::test(ViewWorkspace::class, ['record' => $workspace->getRouteKey()])
|
|
->assertStatus(404);
|
|
});
|
|
|
|
it('returns 403 for members without membership manage capability', function (): void {
|
|
$user = User::factory()->create();
|
|
$workspace = Workspace::factory()->create();
|
|
|
|
WorkspaceMembership::factory()->for($workspace)->for($user)->create(['role' => 'readonly']);
|
|
|
|
$this->actingAs($user);
|
|
|
|
expect(fn () => Gate::forUser($user)->authorize(Capabilities::WORKSPACE_MEMBERSHIP_MANAGE, $workspace))
|
|
->toThrow(AuthorizationException::class);
|
|
});
|