public function testPermissionUserNotAdmin() { // Create user is not admin $user = factory(App\User::class)->create(); $login = Auth::login($user); // Create role $creator = new Role(); $creator->name = 'creator'; $creator->save(); // Create permission $createPost = new Permission(); $createPost->name = 'create-post'; $createPost->display_name = 'Create Posts'; $createPost->description = 'create new blog posts'; $createPost->save(); // Attach creator role for user $user->attachRole($creator); // Attach createPost for creator role $creator->attachPermission($createPost); $controller = new Controller(); // Check user hasn't permission $hasPermission = $controller->checkPermission('edit-profile'); $this->assertEquals(false, $hasPermission); // Check user has permission $hasPermission = $controller->checkPermission('create-post'); $this->assertEquals(true, $hasPermission); }
public function testUserHavePermission() { // create role creator $creator = new Role(); $creator->name = 'creator'; $creator->save(); // create permission $createPost = new Permission(); $createPost->name = 'create-post'; $createPost->save(); $creator->attachPermission($createPost); $user = factory(App\User::class)->create(); $user->attachRole($creator); Auth::login($user); $res = $this->call('POST', '/posts'); $this->assertEquals(200, $res->getStatusCode()); }
public function testRouteRequirePermissionUserHavePermission() { RoutePermission::setRoutePermissions('POST /blog/{id}', ['create-blog']); // create role creator $creator = new Role(); $creator->name = 'creator'; $creator->save(); // create permission $createPost = new Permission(); $createPost->name = 'create-blog'; $createPost->save(); $creator->attachPermission($createPost); $user = factory(App\User::class)->create(['password' => bcrypt('123456')]); $user->attachRole($creator); $credentials = ['email' => $user->email, 'password' => '123456']; $token = JWTAuth::attempt($credentials); $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]); $this->assertEquals(200, $res->getStatusCode()); }