Merge pull request #35 from yungifez/dev

Dev

routes/web.php

@@ -24,7 +24,7 @@
     Route::get('schools/settings', ['App\Http\Controllers\SchoolController', 'settings'])->name('schools.settings')->middleware('App\Http\Middleware\EnsureSuperAdminHasSchoolId');
     //School routes
     Route::resource('schools', SchoolController::class);
-    Route::post('schools/set school', ['App\Http\Controllers\SchoolController', 'setSchool'])->name('schools.setSchool');
+    Route::post('schools/set-school', ['App\Http\Controllers\SchoolController', 'setSchool'])->name('schools.setSchool');
 
     //super admin must be have school id set
     Route::middleware(['App\Http\Middleware\EnsureSuperAdminHasSchoolId'])->group(function () {

tests/Feature/ClassGroupTest.php

@@ -0,0 +1,158 @@
+<?php
+
+namespace Tests\Feature;
+
+use Tests\TestCase;
+use App\Models\User;
+use App\Models\ClassGroup;
+use Illuminate\Foundation\Testing\WithFaker;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+
+class ClassGroupTest extends TestCase
+{
+   public function test_view_class_groups_can_be_rendered_to_authorized_user()
+   {
+      $user = User::factory()->create();
+      $user->givePermissionTo(
+         ['read class group']
+      );
+      $this->actingAs($user);
+      $response = $this->get('/dashboard/class-groups');
+
+      $response->assertOk();
+   }
+
+   public function test_view_class_groups_cannot_be_rendered_to_unauthorized_user()
+   {
+      $user = User::factory()->create();
+
+      $this->actingAs($user);
+      $response = $this->get('/dashboard/class-groups');
+
+      $response->assertForbidden();
+   }
+
+   public function test_create_class_groups_can_be_rendered_to_authorized_user()
+   {
+      $user = User::factory()->create();
+      $user->givePermissionTo(
+         ['create class group']
+      );
+      $this->actingAs($user);
+      $response = $this->get('/dashboard/class-groups/create');
+
+      $response->assertOk();
+   }
+
+   public function test_create_class_groups_can_not_be_rendered_to_unauthorized_user()
+   {
+      $user = User::factory()->create();
+      $this->actingAs($user);
+      $response = $this->get('/dashboard/class-groups/create');
+
+      $response->assertForbidden();
+   }
+
+   public function test_authorized_user_can_create_class_group()
+   {
+      $user = User::factory()->create();
+      $user->givePermissionTo(
+         ['create class group']
+      );
+      $this->actingAs($user);
+      $response = $this->post('/dashboard/class-groups', ['name' => 'Test class group', 'school_id' => '1']);
+      $classGroup = \App\Models\ClassGroup::where('name','Test class group')->get();
+
+      $this->assertEquals(1, $classGroup->count());
+   }
+
+   public function test_unauthorized_user_can_not_create_class_group()
+   {
+      $user = User::factory()->create();
+      $this->actingAs($user);
+      $response = $this->post('/dashboard/class-groups', ['name' => 'Test class group', 'school_id' => '1']);
+      $classGroup = \App\Models\ClassGroup::where('name','Test class group')->get();
+
+      $response->assertForbidden();
+   }
+
+   public function test_edit_class_groups_can_be_rendered_to_authorized_user()
+   {
+      $user = User::factory()->create();
+      $user->givePermissionTo(
+         ['update class group']
+      );
+      $this->actingAs($user);
+      $response = $this->get('/dashboard/class-groups/1/edit');
+
+      $response->assertOk();
+   }
+
+   public function test_edit_class_groups_can_not_be_rendered_to_unauthorized_user()
+   {
+      $user = User::factory()->create();
+
+      $this->actingAs($user);
+      $response = $this->get('/dashboard/class-groups/1/edit');
+
+      $response->assertForbidden();
+   }
+
+   public function test_authorized_user_can_edit_class_group()
+   {
+      $user = User::factory()->create();
+      $user->givePermissionTo(
+         ['update class group']
+      );
+      $this->actingAs($user);
+      $response = $this->put('/dashboard/class-groups/1', ['name' => 'Test class group', 'school_id' => '1']);
+      //get class group with updatesd name
+      $classGroup = \App\Models\ClassGroup::where('name','Test class group')->get();
+
+      //check if model exists
+      $this->assertEquals(1, $classGroup->count());
+   }
+
+   public function test_unauthorized_user_can_not_edit_class_group()
+   {
+      $user = User::factory()->create();
+      $this->actingAs($user);
+      $response = $this->put('/dashboard/class-groups/1', ['name' => 'Test class group would fail', 'school_id' => '1']);
+
+      $response->assertForbidden();
+   }
+
+   public function test_authorized_user_can_delete_class_group()
+   {
+      $user = User::factory()->create();
+      $user->givePermissionTo(
+         ['delete class group']
+      );
+      $this->actingAs($user);
+      $classGroup = ClassGroup::factory()->create();
+      $response = $this->delete("/dashboard/class-groups/$classGroup->id");
+      $this->assertEquals(0,$classGroup->fresh());
+   }
+
+   public function test_unauthorized_user_can_not_delete_class_group()
+   {
+      $user = User::factory()->create();
+      $this->actingAs($user);
+      $response = $this->delete('/dashboard/class-groups/1');
+      $classGroup = \App\Models\ClassGroup::where('id','1')->get();
+
+      $response->assertForbidden();
+   }
+
+   public function test_user_can_view_class_group()
+   {
+      $user = User::factory()->create();
+      $user->givePermissionTo(
+         ['read class group']
+      );
+      $this->actingAs($user);
+      $response = $this->get('/dashboard/class-groups/1');
+
+      $response->assertOk();
+   }
+}

tests/Feature/SchoolTest.php

@@ -27,7 +27,7 @@ public function test_view_schools_can_be_rendered_to_authorized_user()
         $response->assertStatus(200);
     }
 
-    public function test_view_schools_rendered_to_unauthorized_user()
+    public function test_view_schools_cannot_be_rendered_to_unauthorized_user()
     {
         $user = User::factory()->create();
 
@@ -58,11 +58,8 @@ public function test_user_can_create_school()
         $this->actingAs($user);
         $response = $this->post('/dashboard/schools', ['name' => 'Test school', 'address' => 'Test address', 'initials' => 'DS']);
         $school = School::where('name','Test school')->get();
-        if ($school == null) {
-            return false;
-        }
-
-        $response->assertRedirect();
+
+        $this->assertEquals(1, $school->count());
     }
 
     public function test_unauthorized_user_can_not_create_school()
@@ -79,7 +76,7 @@ public function test_show_school_can_be_rendered_to_super_admin()
         $user = User::factory()->create();
         $user->assignRole('super-admin');
         $this->actingAs($user);
-        $school = School::where('name','Test school')->first();
+        $school = School::factory()->create();
         $response = $this->get("/dashboard/schools/$school->id");
 
         $response->assertStatus(200);
@@ -92,30 +89,14 @@ public function test_show_school_can_be_rendered_to_authorized_user_in_same_scho
             ['read school']
         );
         $this->actingAs($user);
-        $school = School::where('name','Test school')->first();
+        $school =  School::factory()->create();
         $user->school_id = $school->id;
         $user->save();
         $response = $this->get("/dashboard/schools/$school->id");
 
         $response->assertStatus(200);
     }
 
-    public function test_school_is_not_rendered_to_authorized_user_in_different_school()
-    {
-        $user = User::factory()->create();
-        $user->givePermissionTo(
-            ['read school']
-        );
-        $this->actingAs($user);
-        $school = School::where('name','Test school')->first();
-        //assign user a different school from the fetched school every time
-        $user->school_id = $school->id++;
-        $user->save();
-        $response = $this->get("/dashboard/schools/$school->id");
-
-        $response->assertNotFound();
-    }
-
     public function test_edit_school_can_be_rendered_to_authorized_user()
     {
         $user = User::factory()->create();
@@ -142,4 +123,99 @@ public function test_school_settings_redirects_to_edit_school()
         $response = $this->get('/dashboard/schools/settings');
         $response->assertRedirect(url("/dashboard/schools/$user->school_id/edit"));
     }
+
+    public function test_unauthorized_user_cannot_update_school()
+    {
+        $user = User::factory()->create();
+        $this->actingAs($user);
+        $school = School::where('name','Test school')->first();
+        $response = $this->patch("/dashboard/schools/$school->id");
+
+        $response->assertForbidden();
+    }
+
+    public function test_authorized_user_can_update_School()
+    {
+        $user = User::factory()->create();
+        $user->givePermissionTo([
+            'update school'
+        ]);
+        $this->actingAs($user);
+        $school = School::where('name','Test school')->first();
+        $user->school_id = $school->id;
+        $user->save();
+        $response = $this->patch("/dashboard/schools/$school->id",['name'=>'Test school 2','address' => 'something street', 'initials' => 'TS2']);
+
+        $this->assertEquals('Test school 2',$school->fresh()->name);
+    }
+
+    public function test_that_unauthorized_user_cannot_delete_school()
+    {
+        $user = User::factory()->create();
+        $this->actingAs($user);
+        $school = School::where('name','Test school 2')->first();
+        $response = $this->delete("/dashboard/schools/$school->id");
+
+        $response->assertForbidden();
+    }
+
+    public function test_that_unauthorized_user_cannot_delete_School_if_it_is_their_current_school()
+    {
+        $user = User::factory()->create();
+        $user->givePermissionTo([
+            'delete school'
+        ]);
+        $this->actingAs($user);
+        $school = School::where('name','Test school 2')->first();
+        $user->school_id = $school->id;
+        $user->save();
+        $response = $this->delete("/dashboard/schools/$school->id");
+
+        $this->assertNotNull($school->fresh());
+    }
+
+    public function test_user_cannot_delete_school_with_users_in_it()
+    {
+        $user = User::factory()->create();
+        $user->givePermissionTo([
+            'delete school'
+        ]);
+        $this->actingAs($user);
+
+        $school = School::find(1);
+        //user id must always not equal to school id 
+        $user->school_id = $school->id++;
+        $user->save();
+        $response = $this->delete("/dashboard/schools/$school->id");
+
+        $this->assertNotNull($school->fresh());
+    }
+
+    public function test_user_can_delete_School_with_no_users()
+    {
+        //get school and users
+        $school =  School::factory()->create();;
+        $userIds = $school->users->pluck('id');
+        //delete all users
+        User::destroy($userIds);
+        $user = User::factory()->create();
+        $user->givePermissionTo([
+            'delete school'
+        ]);
+        $this->actingAs($user);
+        //user id must always not equal to school id 
+        $response = $this->delete("/dashboard/schools/$school->id");
+
+        $this->assertNull($school->fresh());
+    }
+
+    public function test_super_admin_can_set_school()
+    {
+        $user =  User::where('email','super@admin.com')->first();
+        $this->actingAs($user);
+        $school = School::factory()->create();
+        $response = $this->post("/dashboard/schools/set-school",['school_id' => $school->id]);
+
+        $this->assertEquals($school->id,$user->fresh()->school_id);
+    }
 }