41 lines
1.4 KiB
PHP
41 lines
1.4 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Support\Workspaces\WorkspaceContext;
|
|
use App\Support\Workspaces\WorkspaceIntendedUrl;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
it('stores and consumes an intended admin URL (path + query)', function (): void {
|
|
session()->forget(WorkspaceContext::INTENDED_URL_SESSION_KEY);
|
|
|
|
WorkspaceIntendedUrl::store('/admin/operations?tab=active');
|
|
|
|
expect(session(WorkspaceContext::INTENDED_URL_SESSION_KEY))->toBe('/admin/operations?tab=active');
|
|
|
|
$consumed = WorkspaceIntendedUrl::consume();
|
|
|
|
expect($consumed)->toBe('/admin/operations?tab=active');
|
|
expect(session()->has(WorkspaceContext::INTENDED_URL_SESSION_KEY))->toBeFalse();
|
|
});
|
|
|
|
it('rejects non-admin intended URLs', function (): void {
|
|
session()->forget(WorkspaceContext::INTENDED_URL_SESSION_KEY);
|
|
|
|
WorkspaceIntendedUrl::store('/logout');
|
|
|
|
expect(session()->has(WorkspaceContext::INTENDED_URL_SESSION_KEY))->toBeFalse();
|
|
});
|
|
|
|
it('rejects absolute URLs and protocol-relative URLs', function (): void {
|
|
session()->forget(WorkspaceContext::INTENDED_URL_SESSION_KEY);
|
|
|
|
WorkspaceIntendedUrl::store('https://example.com/admin/operations');
|
|
expect(session()->has(WorkspaceContext::INTENDED_URL_SESSION_KEY))->toBeFalse();
|
|
|
|
WorkspaceIntendedUrl::store('//example.com/admin/operations');
|
|
expect(session()->has(WorkspaceContext::INTENDED_URL_SESSION_KEY))->toBeFalse();
|
|
});
|