52 lines
1.6 KiB
PHP
52 lines
1.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Models\User;
|
|
use App\Models\Workspace;
|
|
use App\Models\WorkspaceMembership;
|
|
use App\Support\Workspaces\WorkspaceContext;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Tests\TestCase;
|
|
|
|
final class RbacSemanticsTest extends TestCase
|
|
{
|
|
use RefreshDatabase;
|
|
|
|
public function test_spec090_returns_404_for_non_members_trying_to_edit_a_workspace(): void
|
|
{
|
|
$workspaceA = Workspace::factory()->create();
|
|
$workspaceB = Workspace::factory()->create();
|
|
|
|
$user = User::factory()->create();
|
|
|
|
WorkspaceMembership::factory()->create([
|
|
'workspace_id' => (int) $workspaceA->getKey(),
|
|
'user_id' => (int) $user->getKey(),
|
|
'role' => 'owner',
|
|
]);
|
|
|
|
$this->actingAs($user)
|
|
->withSession([WorkspaceContext::SESSION_KEY => (int) $workspaceA->getKey()])
|
|
->get('/admin/workspaces/'.(int) $workspaceB->getKey().'/edit')
|
|
->assertNotFound();
|
|
}
|
|
|
|
public function test_spec090_returns_403_for_workspace_members_missing_workspace_manage_on_workspace_edit(): void
|
|
{
|
|
$workspace = Workspace::factory()->create();
|
|
$user = User::factory()->create();
|
|
|
|
WorkspaceMembership::factory()->create([
|
|
'workspace_id' => (int) $workspace->getKey(),
|
|
'user_id' => (int) $user->getKey(),
|
|
'role' => 'manager',
|
|
]);
|
|
|
|
$this->actingAs($user)
|
|
->withSession([WorkspaceContext::SESSION_KEY => (int) $workspace->getKey()])
|
|
->get('/admin/workspaces/'.(int) $workspace->getKey().'/edit')
|
|
->assertForbidden();
|
|
}
|
|
}
|