Skip to content

Commit a84de86

Browse files
KroderDevKroderDev
committed
Add test cases for RoleMiddleware y PermissionMiddleware
1 parent 4a3eb41 commit a84de86

File tree

1 file changed

+65
-0
lines changed

1 file changed

+65
-0
lines changed

tests/Middleware/AuthMiddlewareTest.php

Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
<?php
2+
3+
namespace Tests\Middleware;
4+
5+
use Illuminate\Support\Facades\Route;
6+
use Kroderdev\LaravelMicroserviceCore\Auth\ExternalUser;
7+
use Kroderdev\LaravelMicroserviceCore\Http\Middleware\RoleMiddleware;
8+
use Kroderdev\LaravelMicroserviceCore\Http\Middleware\PermissionMiddleware;
9+
use Orchestra\Testbench\TestCase;
10+
11+
class AuthMiddlewareTest extends TestCase
12+
{
13+
protected function setUp(): void
14+
{
15+
parent::setUp();
16+
17+
// Register middleware aliases
18+
$this->app['router']->aliasMiddleware('role', RoleMiddleware::class);
19+
$this->app['router']->aliasMiddleware('permission', PermissionMiddleware::class);
20+
21+
// Routes for testing
22+
Route::middleware('role:admin')->get('/role-protected', fn () => response()->json(['ok' => true]));
23+
Route::middleware('permission:edit.posts')->get('/permission-protected', fn () => response()->json(['ok' => true]));
24+
}
25+
26+
/** @test */
27+
public function role_middleware_allows_user_with_required_role()
28+
{
29+
$user = new ExternalUser(['id' => 'user-1']);
30+
$user->loadAccess(['admin'], []);
31+
$this->actingAs($user);
32+
33+
$this->get('/role-protected')->assertOk()->assertJson(['ok' => true]);
34+
}
35+
36+
/** @test */
37+
public function role_middleware_blocks_user_without_role()
38+
{
39+
$user = new ExternalUser(['id' => 'user-1']);
40+
$user->loadAccess(['tester'], []);
41+
$this->actingAs($user);
42+
43+
$this->get('/role-protected')->assertStatus(403);
44+
}
45+
46+
/** @test */
47+
public function permission_middleware_allows_user_with_permission()
48+
{
49+
$user = new ExternalUser(['id' => 'user-1']);
50+
$user->loadAccess([], ['edit.posts']);
51+
$this->actingAs($user);
52+
53+
$this->get('/permission-protected')->assertOk()->assertJson(['ok' => true]);
54+
}
55+
56+
/** @test */
57+
public function permission_middleware_blocks_user_without_permission()
58+
{
59+
$user = new ExternalUser(['id' => 'user-1']);
60+
$user->loadAccess([], ['view.posts']);
61+
$this->actingAs($user);
62+
63+
$this->get('/permission-protected')->assertStatus(403);
64+
}
65+
}

0 commit comments

Comments
 (0)