From 855ec083230bd6d114d966bacf7069464cb09ccc Mon Sep 17 00:00:00 2001 From: Alfonso Bribiesca Date: Fri, 22 Sep 2023 13:45:09 -0600 Subject: [PATCH 01/11] filament resource wip --- app/Enums/ArticleCategoryEnum.php | 10 ++ app/Filament/Resources/ArticleResource.php | 123 ++++++++++++++++++ .../ArticleResource/Pages/CreateArticle.php | 13 ++ .../ArticleResource/Pages/EditArticle.php | 25 ++++ .../ArticleResource/Pages/ListArticles.php | 21 +++ .../ArticleResource/Pages/ViewArticle.php | 12 ++ app/Models/Article.php | 6 + app/Models/User.php | 11 ++ 8 files changed, 221 insertions(+) create mode 100644 app/Enums/ArticleCategoryEnum.php create mode 100644 app/Filament/Resources/ArticleResource.php create mode 100644 app/Filament/Resources/ArticleResource/Pages/CreateArticle.php create mode 100644 app/Filament/Resources/ArticleResource/Pages/EditArticle.php create mode 100644 app/Filament/Resources/ArticleResource/Pages/ListArticles.php create mode 100644 app/Filament/Resources/ArticleResource/Pages/ViewArticle.php diff --git a/app/Enums/ArticleCategoryEnum.php b/app/Enums/ArticleCategoryEnum.php new file mode 100644 index 000000000..f0dfbfab8 --- /dev/null +++ b/app/Enums/ArticleCategoryEnum.php @@ -0,0 +1,10 @@ +schema([ + TextInput::make('title')->required()->columnSpan('full'), + Select::make('category') + ->options([ + ArticleCategoryEnum::News->value => Str::title(ArticleCategoryEnum::News->value), + ]) + ->default(ArticleCategoryEnum::News->value) + ->required(), + Textarea::make('meta_description')->nullable()->autosize()->columnSpan('full'), + Textarea::make('content')->required()->autosize()->columnSpan('full'), + Select::make('user_id') + ->relationship( + name: 'user', + modifyQueryUsing: fn ($query) => $query->managers()->orderBy('username')->orderBy('email') + ) + ->getOptionLabelFromRecordUsing(fn (User $user) => $user->username ?? $user->email ?? 'ID '.$user->id) + ->required(), + DatePicker::make('published_at')->nullable(), + ]); + } + + public static function table(Table $table): Table + { + return $table + ->columns([ + TextColumn::make('title') + ->label('Title') + ->sortable() + ->searchable(), + TextColumn::make('category') + ->label('Category') + ->sortable() + ->searchable(), + + TextColumn::make('published_at') + ->label('Date Published') + ->date() + ->sortable(), + + TextColumn::make('created_at') + ->label('Date Created') + ->dateTime() + ->sortable(), + + ]) + ->filters([ + // + ]) + ->recordUrl(fn (Article $article) => ArticleResource::getUrl('view', ['record' => $article])) + ->actions([ + ViewAction::make(), + ]) + ->emptyStateActions([ + CreateAction::make(), + ]); + } + + public static function getRelations(): array + { + return [ + // + ]; + } + + public static function getPages(): array + { + return [ + 'index' => ListArticles::route('/'), + 'create' => CreateArticle::route('/create'), + 'view' => ViewArticle::route('/{record}'), + 'edit' => EditArticle::route('/{record}/edit'), + ]; + } + + public static function getEloquentQuery(): Builder + { + return parent::getEloquentQuery() + ->withoutGlobalScopes([ + SoftDeletingScope::class, + ]); + } + + public static function shouldSkipAuthorization(): bool + { + return app()->isLocal(); + } +} diff --git a/app/Filament/Resources/ArticleResource/Pages/CreateArticle.php b/app/Filament/Resources/ArticleResource/Pages/CreateArticle.php new file mode 100644 index 000000000..3ccbef2bd --- /dev/null +++ b/app/Filament/Resources/ArticleResource/Pages/CreateArticle.php @@ -0,0 +1,13 @@ + ArticleCategoryEnum::class, + 'published_at' => 'timestamp', + ]; + /** * @return BelongsToMany */ diff --git a/app/Models/User.php b/app/Models/User.php index 2fdc1dfd8..7d8b0a626 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -166,4 +166,15 @@ public function canAccessPanel(Panel $panel): bool return false; } } + + /** + * @param Builder $query + * @return Builder + */ + public function scopeManagers(Builder $query): Builder + { + return $query->whereHas('roles', function ($query) { + $query->whereIn('name', [Role::Admin->value, Role::Superadmin->value]); + }); + } } From cdf4868bb461de51179e4b01313df58030260dac Mon Sep 17 00:00:00 2001 From: Alfonso Bribiesca Date: Fri, 22 Sep 2023 13:48:17 -0600 Subject: [PATCH 02/11] add actions to articles --- .../ArticleResource/Pages/EditArticle.php | 4 ++-- .../ArticleResource/Pages/ViewArticle.php | 17 ++++++++++++++++- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/app/Filament/Resources/ArticleResource/Pages/EditArticle.php b/app/Filament/Resources/ArticleResource/Pages/EditArticle.php index ab0c0f18d..186f61f41 100644 --- a/app/Filament/Resources/ArticleResource/Pages/EditArticle.php +++ b/app/Filament/Resources/ArticleResource/Pages/EditArticle.php @@ -5,7 +5,7 @@ namespace App\Filament\Resources\ArticleResource\Pages; use App\Filament\Resources\ArticleResource; -use Filament\Actions\DeleteAction as ActionsDeleteAction; +use Filament\Actions\DeleteAction; use Filament\Actions\ForceDeleteAction; use Filament\Actions\RestoreAction; use Filament\Resources\Pages\EditRecord; @@ -17,7 +17,7 @@ class EditArticle extends EditRecord protected function getHeaderActions(): array { return [ - ActionsDeleteAction::make(), + DeleteAction::make(), ForceDeleteAction::make(), RestoreAction::make(), ]; diff --git a/app/Filament/Resources/ArticleResource/Pages/ViewArticle.php b/app/Filament/Resources/ArticleResource/Pages/ViewArticle.php index 1e900144e..ae994b854 100644 --- a/app/Filament/Resources/ArticleResource/Pages/ViewArticle.php +++ b/app/Filament/Resources/ArticleResource/Pages/ViewArticle.php @@ -1,12 +1,27 @@ Date: Fri, 22 Sep 2023 14:13:14 -0600 Subject: [PATCH 03/11] add policy --- app/Policies/ArticlePolicy.php | 59 +++++++++++++++++++++++++++ config/permission.php | 6 +++ database/factories/ArticleFactory.php | 3 +- database/seeders/ArticleSeeder.php | 4 +- 4 files changed, 69 insertions(+), 3 deletions(-) create mode 100644 app/Policies/ArticlePolicy.php diff --git a/app/Policies/ArticlePolicy.php b/app/Policies/ArticlePolicy.php new file mode 100644 index 000000000..0261131b5 --- /dev/null +++ b/app/Policies/ArticlePolicy.php @@ -0,0 +1,59 @@ +hasPermissionTo('article:viewAny', 'admin'); + } + + public function view(User $user, Article $article): bool + { + // If users can view any, can view single article + return $this->viewAny($user); + } + + public function create(User $user): bool + { + return $user->hasPermissionTo('article:create', 'admin'); + } + + public function update(User $user, Article $article): bool + { + if ($user->hasPermissionTo('article:updateAny', 'admin')) { + return true; + } + + // If users can create, they can update his own + return $this->create($user) && ($user->is($article->user)); + } + + public function delete(User $user, Article $article): bool + { + if ($user->hasPermissionTo('article:deleteAny', 'admin')) { + return true; + } + + // If users can create, they can delete his own + return $this->create($user) && ($user->is($article->user)); + } + + public function restore(User $user, Article $article): bool + { + // If users can delete, they can restore + return $this->delete($user, $article); + } + + public function forceDelete(User $user, Article $article): bool + { + // If users can delete, can force delete + return $this->delete($user, $article); + } +} diff --git a/config/permission.php b/config/permission.php index b37be92a2..295db4f14 100644 --- a/config/permission.php +++ b/config/permission.php @@ -10,17 +10,23 @@ 'user:view' => 'View User', 'user:assignRole' => 'Assign User Role', 'user:assignPermissions' => 'Assign User Permissions', + 'article:create' => 'Create Article', + 'article:viewAny' => 'View Article', + 'article:updateAny' => 'Update any Article', + 'article:deleteAny' => 'Delete any Article', 'admin:access' => 'Allow access to Admin panel', ], 'roles' => [ Role::Superadmin->value => [ 'user:viewAny', 'user:view', 'user:restore', 'user:assignRole', 'user:assignPermissions', + 'article:viewAny', 'article:create', 'article:updateAny', 'article:deleteAny', 'admin:access', ], Role::Admin->value => [ 'user:viewAny', 'user:view', 'user:assignRole', + 'article:viewAny', 'article:create', 'article:updateAny', 'article:deleteAny', 'admin:access', ], ], diff --git a/database/factories/ArticleFactory.php b/database/factories/ArticleFactory.php index 07bc43a1b..92e03f369 100644 --- a/database/factories/ArticleFactory.php +++ b/database/factories/ArticleFactory.php @@ -4,6 +4,7 @@ namespace Database\Factories; +use App\Enums\ArticleCategoryEnum; use App\Models\Article; use App\Models\User; use Database\Factories\Traits\RandomTimestamps; @@ -25,7 +26,7 @@ public function definition(): array { return [ 'title' => fake()->name(), - 'category' => fake()->name(), + 'category' => fake()->randomElement([ArticleCategoryEnum::News->value]), 'published_at' => fake()->date(), 'meta_description' => fake()->text(), 'content' => fake()->text(), diff --git a/database/seeders/ArticleSeeder.php b/database/seeders/ArticleSeeder.php index d155e5635..514181b9a 100644 --- a/database/seeders/ArticleSeeder.php +++ b/database/seeders/ArticleSeeder.php @@ -28,8 +28,8 @@ public function run(): void $imageUrl = fake()->imageUrl(640, 480, null, false); $article->addMediaFromUrl($imageUrl)->toMediaCollection(); - $collections = Collection::factory(2)->createMany([ - 'network' => $network->id, + $collections = Collection::factory()->count(2)->create([ + 'network_id' => $network->id, ]); $article->collections()->attach($collections, ['order_index' => 1]); From 531c75a6178355d3fd454f6dcdd46c16d13b60e5 Mon Sep 17 00:00:00 2001 From: Alfonso Bribiesca Date: Fri, 22 Sep 2023 14:38:47 -0600 Subject: [PATCH 04/11] article policy crud and tests --- app/Enums/Role.php | 2 + config/permission.php | 6 + tests/App/Policies/ArticlePolicyTest.php | 155 +++++++++++++++++++++++ tests/Helpers.php | 4 +- 4 files changed, 165 insertions(+), 2 deletions(-) create mode 100644 tests/App/Policies/ArticlePolicyTest.php diff --git a/app/Enums/Role.php b/app/Enums/Role.php index e11d40aa7..656fab778 100644 --- a/app/Enums/Role.php +++ b/app/Enums/Role.php @@ -8,12 +8,14 @@ enum Role: string { case Superadmin = 'superadmin'; case Admin = 'admin'; + case Editor = 'editor'; public function label(): string { return match ($this) { self::Superadmin => 'Super Administrator', self::Admin => 'Administrator', + self::Editor => 'Editor', }; } } diff --git a/config/permission.php b/config/permission.php index 295db4f14..5e385e321 100644 --- a/config/permission.php +++ b/config/permission.php @@ -29,6 +29,12 @@ 'article:viewAny', 'article:create', 'article:updateAny', 'article:deleteAny', 'admin:access', ], + + Role::Editor->value => [ + // For the moment `article:create` also allows to update and delete own articles + 'article:viewAny', 'article:create', + 'admin:access', + ], ], 'user_role' => [ diff --git a/tests/App/Policies/ArticlePolicyTest.php b/tests/App/Policies/ArticlePolicyTest.php new file mode 100644 index 000000000..14dbcb23b --- /dev/null +++ b/tests/App/Policies/ArticlePolicyTest.php @@ -0,0 +1,155 @@ +instance = new ArticlePolicy(); + + $this->user = User::factory()->create(); + $this->admin = User::factory()->create(); + $this->editor = User::factory()->create(); + + $this->editor->assignRole([ + RoleModel::where('name', Role::Editor->value)->where('guard_name', 'admin')->firstOrFail(), + ])->save(); + + $this->admin->assignRole([ + RoleModel::where('name', Role::Superadmin->value)->where('guard_name', 'admin')->firstOrFail(), + ])->save(); + +}); + +it('should not be able to view articles', function () { + expect($this->instance->viewAny($this->user))->toBeFalse(); + expect($this->user->hasPermissionTo('article:viewAny', 'admin'))->toBeFalse(); +}); + +it('should be able to view articles', function () { + expect($this->instance->viewAny($this->admin))->toBeTrue(); + expect($this->admin->hasPermissionTo('article:viewAny', 'admin'))->toBeTrue(); +}); + +it('should not be able to view a single article', function () { + $article = Article::factory()->create(); + + expect($this->user->hasPermissionTo('article:viewAny', 'admin'))->toBeFalse(); + expect($this->instance->view($this->user, $article))->toBeFalse(); +}); + +it('should be able to view a single article', function () { + $article = Article::factory()->create(); + + expect($this->admin->hasPermissionTo('article:viewAny', 'admin'))->toBeTrue(); + expect($this->instance->view($this->admin, $article))->toBeTrue(); +}); + +it('should be able to update own article', function () { + $article = Article::factory()->create([ + 'user_id' => $this->editor->id, + ]); + + expect($this->instance->update($this->editor, $article))->toBeTrue(); +}); + +it('should not be able to create articles', function () { + expect($this->instance->create($this->user))->toBeFalse(); +}); + +it('should be able to create articles', function () { + expect($this->editor->hasPermissionTo('article:create', 'admin'))->toBeTrue(); + + expect($this->instance->create($this->admin))->toBeTrue(); + expect($this->instance->create($this->editor))->toBeTrue(); +}); + +it('should not be able to update a single article', function () { + $article = Article::factory()->create(); + + expect($this->instance->update($this->user, $article))->toBeFalse(); + expect($this->instance->update($this->editor, $article))->toBeFalse(); +}); + +it('should be able to update a single article', function () { + $article = Article::factory()->create(); + + expect($this->instance->update($this->admin, $article))->toBeTrue(); +}); + +it('should be able to update a single article that owns', function () { + $article = Article::factory()->create([ + 'user_id' => $this->editor->id, + ]); + + expect($this->instance->update($this->editor, $article))->toBeTrue(); +}); + +it('should not be able to delete a single article', function () { + $article = Article::factory()->create(); + + expect($this->instance->delete($this->user, $article))->toBeFalse(); + expect($this->instance->delete($this->editor, $article))->toBeFalse(); +}); + +it('should be able to delete a single article', function () { + $article = Article::factory()->create(); + + expect($this->instance->delete($this->admin, $article))->toBeTrue(); +}); + +it('should be able to delete a single article that owns', function () { + $article = Article::factory()->create([ + 'user_id' => $this->editor->id, + ]); + + expect($this->instance->delete($this->editor, $article))->toBeTrue(); +}); + +it('should not be able to restore a single article', function () { + $article = Article::factory()->create(); + + expect($this->instance->restore($this->user, $article))->toBeFalse(); + expect($this->instance->restore($this->editor, $article))->toBeFalse(); +}); + +it('should be able to restore a single article', function () { + $article = Article::factory()->create(); + + expect($this->instance->restore($this->admin, $article))->toBeTrue(); +}); + +it('should be able to restore a single article that owns', function () { + $article = Article::factory()->create([ + 'user_id' => $this->editor->id, + ]); + + expect($this->instance->restore($this->editor, $article))->toBeTrue(); +}); + +it('should not be able to forceDelete a single article', function () { + $article = Article::factory()->create(); + + expect($this->instance->forceDelete($this->user, $article))->toBeFalse(); + expect($this->instance->forceDelete($this->editor, $article))->toBeFalse(); +}); + +it('should be able to forceDelete a single article', function () { + $article = Article::factory()->create(); + + expect($this->instance->forceDelete($this->admin, $article))->toBeTrue(); +}); + +it('should be able to forceDelete a single article that owns', function () { + $article = Article::factory()->create([ + 'user_id' => $this->editor->id, + ]); + + expect($this->instance->forceDelete($this->editor, $article))->toBeTrue(); +}); diff --git a/tests/Helpers.php b/tests/Helpers.php index 32be702d5..3dbfa50c4 100644 --- a/tests/Helpers.php +++ b/tests/Helpers.php @@ -12,8 +12,6 @@ function setUpPermissions(string $guard = 'admin'): void $permissions = PermissionRepository::all(); $roles = config('permission.roles'); - app()[PermissionRegistrar::class]->forgetCachedPermissions(); - Permission::insert($permissions->map(fn ($permission) => [ 'name' => $permission, 'guard_name' => $guard, @@ -25,4 +23,6 @@ function setUpPermissions(string $guard = 'admin'): void 'name' => $role, 'guard_name' => $guard, ])->givePermissionTo($permissions)); + + app()[PermissionRegistrar::class]->forgetCachedPermissions(); } From f4ff3891704841e7d83f6473f986dc65227d384c Mon Sep 17 00:00:00 2001 From: Alfonso Bribiesca Date: Fri, 22 Sep 2023 14:40:05 -0600 Subject: [PATCH 05/11] linting and fix tests --- tests/App/Support/PermissionRepositoryTest.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/App/Support/PermissionRepositoryTest.php b/tests/App/Support/PermissionRepositoryTest.php index ef007b407..0a4fdcf0e 100644 --- a/tests/App/Support/PermissionRepositoryTest.php +++ b/tests/App/Support/PermissionRepositoryTest.php @@ -6,26 +6,26 @@ use Illuminate\Support\Facades\Config; it('should get all permissions', function () { - expect(PermissionRepository::all())->toHaveCount(6); + expect(PermissionRepository::all())->toHaveCount(10); }); it('should cache permissions and refresh every 5 days', function () { $config = config('permission.roles'); - expect(PermissionRepository::all())->toHaveCount(6); + expect(PermissionRepository::all())->toHaveCount(10); $config['User'] = ['user:test']; Config::set('permission.roles', $config); - expect(PermissionRepository::all())->toHaveCount(6); + expect(PermissionRepository::all())->toHaveCount(10); $this->travel(4)->days(); - expect(PermissionRepository::all())->toHaveCount(6); + expect(PermissionRepository::all())->toHaveCount(10); $this->travel(1)->days(); $this->travel(1)->minute(); - expect(PermissionRepository::all())->toHaveCount(7); + expect(PermissionRepository::all())->toHaveCount(11); }); From 55b304fd6b9da2468e87908c8fd32231709ec192 Mon Sep 17 00:00:00 2001 From: Alfonso Bribiesca Date: Fri, 22 Sep 2023 14:43:24 -0600 Subject: [PATCH 06/11] test managers scope --- app/Models/User.php | 2 +- tests/App/Models/UserTest.php | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/app/Models/User.php b/app/Models/User.php index 7d8b0a626..597675fe9 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -174,7 +174,7 @@ public function canAccessPanel(Panel $panel): bool public function scopeManagers(Builder $query): Builder { return $query->whereHas('roles', function ($query) { - $query->whereIn('name', [Role::Admin->value, Role::Superadmin->value]); + $query->whereIn('name', [Role::Admin->value, Role::Superadmin->value, Role::Editor->value]); }); } } diff --git a/tests/App/Models/UserTest.php b/tests/App/Models/UserTest.php index 7b0bbe299..9e800674b 100644 --- a/tests/App/Models/UserTest.php +++ b/tests/App/Models/UserTest.php @@ -3,10 +3,12 @@ declare(strict_types=1); use App\Enums\CurrencyCode; +use App\Enums\Role; use App\Models\Collection; use App\Models\Gallery; use App\Models\Network; use App\Models\Nft; +use App\Models\Role as RoleModel; use App\Models\User; use App\Models\Wallet; use Filament\Panel; @@ -297,3 +299,34 @@ expect($user->canAccessPanel(new Panel))->toBeTrue(); }); + +it('filters managers', function () { + setUpPermissions(); + + $user = User::factory()->create(); + $superadmin = User::factory()->create(); + $admin = User::factory()->create(); + $editor = User::factory()->create(); + + $editor->assignRole([ + RoleModel::where('name', Role::Editor->value)->where('guard_name', 'admin')->firstOrFail(), + ])->save(); + + $admin->assignRole([ + RoleModel::where('name', Role::Admin->value)->where('guard_name', 'admin')->firstOrFail(), + ])->save(); + + $superadmin->assignRole([ + RoleModel::where('name', Role::Superadmin->value)->where('guard_name', 'admin')->firstOrFail(), + ])->save(); + + $managers = User::managers()->get(); + + expect($managers)->toHaveCount(3); + + expect($managers->pluck('id')->toArray())->toEqualCanonicalizing([ + $superadmin->id, + $admin->id, + $editor->id, + ]); +}); From b6b121c0e2dafbcdb79362ac67c2c986fdc88800 Mon Sep 17 00:00:00 2001 From: Alfonso Bribiesca Date: Fri, 22 Sep 2023 15:10:10 -0600 Subject: [PATCH 07/11] Update ArticleResource.php --- app/Filament/Resources/ArticleResource.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Filament/Resources/ArticleResource.php b/app/Filament/Resources/ArticleResource.php index 3a66b585b..f1889ccca 100644 --- a/app/Filament/Resources/ArticleResource.php +++ b/app/Filament/Resources/ArticleResource.php @@ -108,6 +108,9 @@ public static function getPages(): array ]; } + /** + * @return Builder
+ */ public static function getEloquentQuery(): Builder { return parent::getEloquentQuery() From 34a13b12e1091a0f9fdf6348c6765040a8059db9 Mon Sep 17 00:00:00 2001 From: ItsANameToo Date: Mon, 25 Sep 2023 16:40:58 +0200 Subject: [PATCH 08/11] wip --- app/Policies/ArticlePolicy.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Policies/ArticlePolicy.php b/app/Policies/ArticlePolicy.php index 0261131b5..d800a0d7d 100644 --- a/app/Policies/ArticlePolicy.php +++ b/app/Policies/ArticlePolicy.php @@ -31,7 +31,7 @@ public function update(User $user, Article $article): bool return true; } - // If users can create, they can update his own + // If users can create, they can update their own return $this->create($user) && ($user->is($article->user)); } @@ -41,7 +41,7 @@ public function delete(User $user, Article $article): bool return true; } - // If users can create, they can delete his own + // If users can create, they can delete their own return $this->create($user) && ($user->is($article->user)); } From f9466d9212db635b2b951059c9fcab38191e7d39 Mon Sep 17 00:00:00 2001 From: Alfonso Bribiesca Date: Mon, 25 Sep 2023 11:41:06 -0600 Subject: [PATCH 09/11] add permissions to forcedelete and restore article for admins --- app/Policies/ArticlePolicy.php | 6 ++---- config/permission.php | 6 ++++-- tests/App/Policies/ArticlePolicyTest.php | 8 ++++---- tests/App/Support/PermissionRepositoryTest.php | 6 +++--- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/app/Policies/ArticlePolicy.php b/app/Policies/ArticlePolicy.php index d800a0d7d..c760e9a72 100644 --- a/app/Policies/ArticlePolicy.php +++ b/app/Policies/ArticlePolicy.php @@ -47,13 +47,11 @@ public function delete(User $user, Article $article): bool public function restore(User $user, Article $article): bool { - // If users can delete, they can restore - return $this->delete($user, $article); + return $user->hasPermissionTo('article:restore', 'admin'); } public function forceDelete(User $user, Article $article): bool { - // If users can delete, can force delete - return $this->delete($user, $article); + return $user->hasPermissionTo('article:forceDelete', 'admin'); } } diff --git a/config/permission.php b/config/permission.php index 5e385e321..1e2adf82b 100644 --- a/config/permission.php +++ b/config/permission.php @@ -14,19 +14,21 @@ 'article:viewAny' => 'View Article', 'article:updateAny' => 'Update any Article', 'article:deleteAny' => 'Delete any Article', + 'article:restore' => 'Restore Deleted Article', + 'article:forceDelete' => 'Force Delete Article', 'admin:access' => 'Allow access to Admin panel', ], 'roles' => [ Role::Superadmin->value => [ 'user:viewAny', 'user:view', 'user:restore', 'user:assignRole', 'user:assignPermissions', - 'article:viewAny', 'article:create', 'article:updateAny', 'article:deleteAny', + 'article:viewAny', 'article:create', 'article:updateAny', 'article:deleteAny', 'article:restore', 'article:forceDelete', 'admin:access', ], Role::Admin->value => [ 'user:viewAny', 'user:view', 'user:assignRole', - 'article:viewAny', 'article:create', 'article:updateAny', 'article:deleteAny', + 'article:viewAny', 'article:create', 'article:updateAny', 'article:deleteAny', 'article:restore', 'article:forceDelete', 'admin:access', ], diff --git a/tests/App/Policies/ArticlePolicyTest.php b/tests/App/Policies/ArticlePolicyTest.php index 14dbcb23b..1eab17b8d 100644 --- a/tests/App/Policies/ArticlePolicyTest.php +++ b/tests/App/Policies/ArticlePolicyTest.php @@ -125,12 +125,12 @@ expect($this->instance->restore($this->admin, $article))->toBeTrue(); }); -it('should be able to restore a single article that owns', function () { +it('should not be able to restore an article', function () { $article = Article::factory()->create([ 'user_id' => $this->editor->id, ]); - expect($this->instance->restore($this->editor, $article))->toBeTrue(); + expect($this->instance->restore($this->editor, $article))->toBeFalse(); }); it('should not be able to forceDelete a single article', function () { @@ -146,10 +146,10 @@ expect($this->instance->forceDelete($this->admin, $article))->toBeTrue(); }); -it('should be able to forceDelete a single article that owns', function () { +it('should not be able to forceDelete a single', function () { $article = Article::factory()->create([ 'user_id' => $this->editor->id, ]); - expect($this->instance->forceDelete($this->editor, $article))->toBeTrue(); + expect($this->instance->forceDelete($this->editor, $article))->toBeFalse(); }); diff --git a/tests/App/Support/PermissionRepositoryTest.php b/tests/App/Support/PermissionRepositoryTest.php index 0a4fdcf0e..3fcb0f1c8 100644 --- a/tests/App/Support/PermissionRepositoryTest.php +++ b/tests/App/Support/PermissionRepositoryTest.php @@ -18,14 +18,14 @@ Config::set('permission.roles', $config); - expect(PermissionRepository::all())->toHaveCount(10); + expect(PermissionRepository::all())->toHaveCount(12); $this->travel(4)->days(); - expect(PermissionRepository::all())->toHaveCount(10); + expect(PermissionRepository::all())->toHaveCount(12); $this->travel(1)->days(); $this->travel(1)->minute(); - expect(PermissionRepository::all())->toHaveCount(11); + expect(PermissionRepository::all())->toHaveCount(12); }); From 69206e6dae982e8dfa17141f840ca4d604fbda73 Mon Sep 17 00:00:00 2001 From: Alfonso Bribiesca Date: Mon, 25 Sep 2023 11:41:41 -0600 Subject: [PATCH 10/11] Update PermissionRepositoryTest.php --- tests/App/Support/PermissionRepositoryTest.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/App/Support/PermissionRepositoryTest.php b/tests/App/Support/PermissionRepositoryTest.php index 3fcb0f1c8..9f4c84782 100644 --- a/tests/App/Support/PermissionRepositoryTest.php +++ b/tests/App/Support/PermissionRepositoryTest.php @@ -6,13 +6,13 @@ use Illuminate\Support\Facades\Config; it('should get all permissions', function () { - expect(PermissionRepository::all())->toHaveCount(10); + expect(PermissionRepository::all())->toHaveCount(12); }); it('should cache permissions and refresh every 5 days', function () { $config = config('permission.roles'); - expect(PermissionRepository::all())->toHaveCount(10); + expect(PermissionRepository::all())->toHaveCount(12); $config['User'] = ['user:test']; From 2a4e30a576c94286396e496b45b23dfd015d4122 Mon Sep 17 00:00:00 2001 From: Alfonso Bribiesca Date: Tue, 26 Sep 2023 09:56:19 -0600 Subject: [PATCH 11/11] Update PermissionRepositoryTest.php --- tests/App/Support/PermissionRepositoryTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/App/Support/PermissionRepositoryTest.php b/tests/App/Support/PermissionRepositoryTest.php index 9f4c84782..8bf74238a 100644 --- a/tests/App/Support/PermissionRepositoryTest.php +++ b/tests/App/Support/PermissionRepositoryTest.php @@ -27,5 +27,5 @@ $this->travel(1)->days(); $this->travel(1)->minute(); - expect(PermissionRepository::all())->toHaveCount(12); + expect(PermissionRepository::all())->toHaveCount(13); });