public function testHasManyPermission() { // assign new roles with name $modify = factory(Role::class)->create(['name' => 'modify', 'active' => 1]); $editor = factory(Role::class)->create(['name' => 'editor', 'active' => 1]); $user = factory(App\User::class)->create(['password' => bcrypt('123456')]); $credentials = ['email' => $user->email, 'password' => '123456']; $token = JWTAuth::attempt($credentials); // add roles to user $user->attachRole($modify); $user->attachRole($editor); // Post permission tree NodePermission::model()->tree('[{"id":2, "name":"2"},{"id":3, "name":"3","children":[{"id":4, "name":"4","children":[{"id":5, "name":"5"},{"id":6, "name":"6"}]}]},{"id":7, "name":"7"}]'); // add route to permission PermissionRoute::setRoutePermissionsRoles(2, '/password', 'PATCH'); PermissionRoute::setRoutePermissionsRoles(2, '/blog/{id}', 'POST'); // set permissons PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 0]); PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 0]); $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]); $this->assertEquals(403, $res->getStatusCode()); // set permissons PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 1]); PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 0]); $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]); $this->assertEquals(200, $res->getStatusCode()); // set permissons PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 0]); PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 1]); $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]); $this->assertEquals(200, $res->getStatusCode()); }
public function testCanPermissionAndHasRole() { $this->withoutMiddleware(); $user = factory(App\User::class)->create(['password' => bcrypt('123456')]); $credentials = ['email' => $user->email, 'password' => '123456']; $token = JWTAuth::attempt($credentials); $editor = factory(Role::class)->create(['name' => 'editor', 'active' => 1]); $partner = factory(Role::class)->create(['name' => 'partner', 'active' => 1]); // add role to user $user->attachRole($editor); $this->assertEquals(true, $user->hasRole('editor')); $this->assertEquals(false, $user->hasRole('admin')); $this->assertEquals(false, $user->can('delete-user')); $this->assertEquals(false, $user->can(['delete-user', 'create-user'])); // Add permission NodePermission::model()->tree('[{"id":2, "name":"2"},{"id":3, "name":"delete-user","children":[{"id":4, "name":"create-post","children":[{"id":5, "name":"5"},{"id":6, "name":"6"}]}]},{"id":7, "name":"7"}]'); PermissionRole::create(['permission_id' => 3, 'role_id' => $editor->id, 'status' => 1]); $this->assertEquals(true, $user->can('delete-user')); $this->assertEquals(true, $user->can(['delete-user', 'create-user'])); $this->assertEquals(false, $user->can('create-post')); $user->attachRole($partner); PermissionRole::create(['permission_id' => 4, 'role_id' => $partner->id, 'status' => 1]); $this->assertEquals(true, $user->can('create-post')); $this->assertEquals(true, $user->can(['create-post', 'delete-post'])); $this->assertEquals(true, $user->can(['create-post', 'delete-post', 'delete-user'])); }