/**
* @return User
*
* @SuppressWarnings(PHPMD.StaticAccess)
*/
protected function getRandomUser()
{
if ($this->users === null) {
$this->users = User::all();
}
return $this->users->random();
}
/**
* Issue auth token.
*
* @param Request $request
*
* @return Response
*/
public function authenticate(Request $request)
{
$email = $request->input(self::AUTH_PARAM_EMAIL, null);
$password = $request->input(self::AUTH_PARAM_PASSWORD, null);
if ($email !== null && $password !== null && ($user = User::query()->where(User::FIELD_EMAIL, '=', strtolower($email))->first()) !== null) {
/** @var HasherInterface $hasher */
$hasher = app(HasherInterface::class);
if ($hasher->check($password, $user->{User::FIELD_PASSWORD_HASH}) === true) {
/** @var TokenCodecInterface $codec */
$codec = app(TokenCodecInterface::class);
$token = $codec->encode($user);
$this->getLogger()->debug('Account login success.', [User::FIELD_EMAIL => $email, User::FIELD_ID => $user->getKey()]);
return response($token);
}
}
$this->getLogger()->debug('Account login failed.', [User::FIELD_EMAIL => $email]);
return response(null, Response::HTTP_UNAUTHORIZED);
}
/**
* @return void
*/
public function testUpdateByNonOwnerUnauthorized()
{
$allUsers = User::query()->where(User::FIELD_ID_ROLE, '=', Role::ENUM_ROLE_USER_ID)->get();
$this->assertGreaterThan(2, count($allUsers));
$user1 = $allUsers[0];
$user2 = $allUsers[1];
/** @var Model $post */
$this->assertNotNull($post = $user1->{User::REL_POSTS}->first());
$this->beginDatabaseTransaction();
$idx = $post->getKey();
$body = $this->getUpdateRequestBody($idx);
/** @var Response $response */
$response = $this->callPatch($user2, $idx, $body);
$this->assertEquals(Response::HTTP_FORBIDDEN, $response->getStatusCode());
}
/**
* @return void
*/
public function testUpdate()
{
$this->beginDatabaseTransaction();
/** @var Model $model */
$this->assertNotNull($model = factory(Model::class)->make());
$model->{Model::FIELD_FIRST_NAME} = 'Jane';
$model->saveOrFail();
$idx = $model->getKey();
$body = $this->getUpdateRequestBody($idx);
/** @var Response $response */
$response = $this->callPatch($this->admin(), $idx, $body);
$this->assertResponseOk();
$this->assertNotEmpty($resource = json_decode($response->getContent())->data);
$this->assertNotNull($model = Model::find($resource->id));
$this->assertEquals('John', $model->{Model::FIELD_FIRST_NAME});
}
/**
* @return User
*/
protected function user()
{
/** @noinspection PhpUndefinedMethodInspection */
$admin = User::where(User::FIELD_ID_ROLE, '=', Role::ENUM_ROLE_USER_ID)->firstOrFail();
return $admin;
}
