public function testPermissionUserNotAdmin() { // Create user is not admin $user = factory(App\User::class)->create(); $login = Auth::login($user); // Create role $creator = new Role(); $creator->name = 'creator'; $creator->save(); // Create permission $createPost = new Permission(); $createPost->name = 'create-post'; $createPost->display_name = 'Create Posts'; $createPost->description = 'create new blog posts'; $createPost->save(); // Attach creator role for user $user->attachRole($creator); // Attach createPost for creator role $creator->attachPermission($createPost); $controller = new Controller(); // Check user hasn't permission $hasPermission = $controller->checkPermission('edit-profile'); $this->assertEquals(false, $hasPermission); // Check user has permission $hasPermission = $controller->checkPermission('create-post'); $this->assertEquals(true, $hasPermission); }
/** * Run the database seeds. * * @return void */ public function run() { // create admin user $root = factory(App\User::class)->create(['name' => 'Administrator', 'email' => '*****@*****.**', 'password' => bcrypt('123456'), 'username' => 'admin', 'location' => 'Da Nang', 'country' => 'Viet Nam', 'biography' => 'Dev', 'occupation' => 'Dev', 'website' => 'greenglobal.vn', 'image' => 'avatar.jpg']); // create default roles $admin = new Role(); $admin->name = 'admin'; $admin->display_name = 'Administrator'; $admin->description = 'User is allowed to manage all system.'; $admin->save(); // attach roles $root->attachRole($admin); }
public function testUserHavePermission() { // create role creator $creator = new Role(); $creator->name = 'creator'; $creator->save(); // create permission $createPost = new Permission(); $createPost->name = 'create-post'; $createPost->save(); $creator->attachPermission($createPost); $user = factory(App\User::class)->create(); $user->attachRole($creator); Auth::login($user); $res = $this->call('POST', '/posts'); $this->assertEquals(200, $res->getStatusCode()); }
public function testRouteRequirePermissionUserHavePermission() { RoutePermission::setRoutePermissions('POST /blog/{id}', ['create-blog']); // create role creator $creator = new Role(); $creator->name = 'creator'; $creator->save(); // create permission $createPost = new Permission(); $createPost->name = 'create-blog'; $createPost->save(); $creator->attachPermission($createPost); $user = factory(App\User::class)->create(['password' => bcrypt('123456')]); $user->attachRole($creator); $credentials = ['email' => $user->email, 'password' => '123456']; $token = JWTAuth::attempt($credentials); $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]); $this->assertEquals(200, $res->getStatusCode()); }