mirror of
https://github.com/pelican-dev/panel.git
synced 2025-05-20 00:34:44 +02:00
fc643f57f9
* add spatie/permissions * add policies * add role resource * add root admin role handling * replace some "root_admin" with function * add model specific permissions * make permission selection nicer * fix user creation * fix tests * add back subuser checks in server policy * add custom model for role * assign new users to role if root_admin is set * add api for roles * fix phpstan * add permissions for settings page * remove "restore" and "forceDelete" permissions * add user count to list * prevent deletion if role has users * update user list * fix server policy * remove old `root_admin` column * small refactor * fix tests * forgot can checks here * forgot use * disable editing own roles & disable assigning root admin * don't allow to rename root admin role * remove php bombing exception handler * fix role assignment when creating a user * fix disableOptionWhen * fix missing `root_admin` attribute on react frontend * add permission check for bulk delete * rename viewAny to viewList * improve canAccessPanel check * fix admin not displaying for non-root admins * make sure non root admins can't edit root admins * fix import * fix settings page permission check * fix server permissions for non-subusers * fix settings page permission check v2 * small cleanup * cleanup config file * move consts from resouce into enum & model * Update database/migrations/2024_08_01_114538_remove_root_admin_column.php Co-authored-by: Lance Pioch <lancepioch@gmail.com> * fix config * fix phpstan * fix phpstan 2.0 --------- Co-authored-by: Lance Pioch <lancepioch@gmail.com>
71 lines
2.4 KiB
PHP
71 lines
2.4 KiB
PHP
<?php
|
|
|
|
namespace App\Tests\Integration\Api\Application\Users;
|
|
|
|
use Illuminate\Support\Str;
|
|
use App\Models\User;
|
|
use Illuminate\Http\Response;
|
|
use App\Tests\Integration\Api\Application\ApplicationApiIntegrationTestCase;
|
|
|
|
class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase
|
|
{
|
|
/**
|
|
* Test that a user can be retrieved by their external ID.
|
|
*/
|
|
public function testGetRemoteUser(): void
|
|
{
|
|
$user = User::factory()->create(['external_id' => Str::random()]);
|
|
|
|
$response = $this->getJson('/api/application/users/external/' . $user->external_id);
|
|
$response->assertStatus(Response::HTTP_OK);
|
|
$response->assertJsonCount(2);
|
|
$response->assertJsonStructure([
|
|
'object',
|
|
'attributes' => [
|
|
'id', 'external_id', 'uuid', 'username', 'email', 'first_name', 'last_name',
|
|
'language', 'root_admin', '2fa', 'created_at', 'updated_at',
|
|
],
|
|
]);
|
|
|
|
$response->assertJson([
|
|
'object' => 'user',
|
|
'attributes' => [
|
|
'id' => $user->id,
|
|
'external_id' => $user->external_id,
|
|
'uuid' => $user->uuid,
|
|
'username' => $user->username,
|
|
'email' => $user->email,
|
|
'first_name' => $user->name_first,
|
|
'last_name' => $user->name_last,
|
|
'language' => $user->language,
|
|
'root_admin' => (bool) $user->isRootAdmin(),
|
|
'2fa' => (bool) $user->totp_enabled,
|
|
'created_at' => $this->formatTimestamp($user->created_at),
|
|
'updated_at' => $this->formatTimestamp($user->updated_at),
|
|
],
|
|
], true);
|
|
}
|
|
|
|
/**
|
|
* Test that an invalid external ID returns a 404 error.
|
|
*/
|
|
public function testGetMissingUser(): void
|
|
{
|
|
$response = $this->getJson('/api/application/users/external/nil');
|
|
$this->assertNotFoundJson($response);
|
|
}
|
|
|
|
/**
|
|
* Test that an authentication error occurs if a key does not have permission
|
|
* to access a resource.
|
|
*/
|
|
public function testErrorReturnedIfNoPermission(): void
|
|
{
|
|
$user = User::factory()->create(['external_id' => Str::random()]);
|
|
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]);
|
|
|
|
$response = $this->getJson('/api/application/users/external/' . $user->external_id);
|
|
$this->assertAccessDeniedJson($response);
|
|
}
|
|
}
|