test: clean up tests

Author: innocenzi

packages/support/src/Json/Exception/JsonCouldNotBeDecoded.php

@@ -5,6 +5,7 @@
 namespace Tempest\Support\Json\Exception;
 
 use InvalidArgumentException;
+use Tempest\Support\Json\Exception\JsonException;
 
 final class JsonCouldNotBeDecoded extends InvalidArgumentException implements JsonException
 {

tests/Integration/Database/EncryptedAttributeTest.php

@@ -2,6 +2,7 @@
 
 namespace Tests\Tempest\Integration\Database;
 
+use PHPUnit\Framework\Attributes\Test;
 use Tempest\Cryptography\Encryption\Encrypter;
 use Tempest\Database\DatabaseMigration;
 use Tempest\Database\Encrypted;
@@ -13,20 +14,23 @@
 use Tempest\Database\Table;
 use Tests\Tempest\Integration\FrameworkIntegrationTestCase;
 
+use function Tempest\Database\query;
+
 final class EncryptedAttributeTest extends FrameworkIntegrationTestCase
 {
     private Encrypter $encrypter {
         get => $this->container->get(Encrypter::class);
     }
 
-    public function test_encrypted_attribute_encrypts_value_on_insert(): void
+    #[Test]
+    public function encrypts_value_on_insert(): void
     {
         $this->migrate(CreateMigrationsTable::class, CreateUserWithEncryptedDataTable::class);
 
-        $user = new UserWithEncryptedData(
+        $user = query(UserWithEncryptedData::class)->create(
             email: 'test@example.com',
             secret: 'sensitive information', // @mago-expect security/no-literal-password
-        )->save()->refresh();
+        );
 
         $this->assertSame('sensitive information', $user->secret);
 
@@ -35,14 +39,15 @@ public function test_encrypted_attribute_encrypts_value_on_insert(): void
         $this->assertNotSame('sensitive information', $encrypted['secret']);
     }
 
-    public function test_encrypted_attribute_encrypts_value_on_update(): void
+    #[Test]
+    public function encrypts_value_on_update(): void
     {
         $this->migrate(CreateMigrationsTable::class, CreateUserWithEncryptedDataTable::class);
 
-        $user = new UserWithEncryptedData(
+        $user = query(UserWithEncryptedData::class)->create(
             email: 'test@example.com',
             secret: 'original secret', // @mago-expect security/no-literal-password
-        )->save()->refresh();
+        );
 
         $user->update(secret: 'new secret')->refresh(); // @mago-expect security/no-literal-password
 
@@ -54,40 +59,41 @@ public function test_encrypted_attribute_encrypts_value_on_update(): void
         $this->assertNotSame('new secret', $encrypted['secret']);
     }
 
-    public function test_encrypted_attribute_does_not_re_encrypt_already_encrypted_values(): void
+    #[Test]
+    public function does_not_re_encrypt_already_encrypted_values(): void
     {
         $this->migrate(CreateMigrationsTable::class, CreateUserWithEncryptedDataTable::class);
 
-        $alreadyEncrypted = $this->encrypter->encrypt('sensitive data');
-
-        $user = new UserWithEncryptedData(
+        $user = query(UserWithEncryptedData::class)->create(
             email: 'test@example.com',
-            secret: $alreadyEncrypted,
-        )->save()->refresh();
+            secret: $this->encrypter->encrypt('sensitive data'),
+        );
 
         $this->assertSame('sensitive data', $user->secret);
     }
 
-    public function test_encrypted_attribute_handles_null_values(): void
+    #[Test]
+    public function handles_null_values(): void
     {
         $this->migrate(CreateMigrationsTable::class, CreateUserWithNullableEncryptedDataTable::class);
 
-        $user = new UserWithNullableEncryptedData(
+        $user = query(UserWithNullableEncryptedData::class)->create(
             email: 'test@example.com',
             secret: null,
-        )->save()->refresh();
+        );
 
         $this->assertNull($user->secret);
     }
 
-    public function test_encrypted_attribute_handles_empty_strings(): void
+    #[Test]
+    public function handles_empty_strings(): void
     {
         $this->migrate(CreateMigrationsTable::class, CreateUserWithEncryptedDataTable::class);
 
-        $user = new UserWithEncryptedData(
+        $user = query(UserWithEncryptedData::class)->create(
             email: 'test@example.com',
             secret: '',
-        )->save()->refresh();
+        );
 
         $this->assertSame('', $user->secret);
     }

tests/Integration/Database/HashedAttributeTest.php

@@ -2,6 +2,7 @@
 
 namespace Tests\Tempest\Integration\Database;
 
+use PHPUnit\Framework\Attributes\Test;
 use Tempest\Cryptography\Password\PasswordHasher;
 use Tempest\Database\DatabaseMigration;
 use Tempest\Database\Hashed;
@@ -11,33 +12,43 @@
 use Tempest\Database\QueryStatements\CreateTableStatement;
 use Tests\Tempest\Integration\FrameworkIntegrationTestCase;
 
+use function Tempest\Database\query;
+
 final class HashedAttributeTest extends FrameworkIntegrationTestCase
 {
     private PasswordHasher $hasher {
         get => $this->container->get(PasswordHasher::class);
     }
 
-    public function test_hashed_attribute_hashes_value_on_insert(): void
+    #[Test]
+    public function hashes_value_on_insert(): void
     {
         $this->migrate(CreateMigrationsTable::class, CreateUserWithHashTable::class);
 
-        $user = new UserWithHash(
+        $user = query(UserWithHash::class)->create(
             email: 'test@example.com',
             password: 'plaintext-password', // @mago-expect security/no-literal-password
-        )->save()->refresh();
+        );
+
+        // The current behavior when creating a model is to not refresh it.
+        // In this case, it might be a potential security issue?
+        $this->assertSame('plaintext-password', $user->password);
+
+        $user->refresh();
 
         $this->assertNotSame('plaintext-password', $user->password);
         $this->assertTrue($this->hasher->verify('plaintext-password', $user->password));
     }
 
-    public function test_hashed_attribute_hashes_value_on_update(): void
+    #[Test]
+    public function hashes_value_on_update(): void
     {
         $this->migrate(CreateMigrationsTable::class, CreateUserWithHashTable::class);
 
-        $user = new UserWithHash(
+        $user = query(UserWithHash::class)->create(
             email: 'test@example.com',
             password: 'original-password', // @mago-expect security/no-literal-password
-        )->save()->refresh();
+        )->refresh();
 
         $originalHash = $user->password;
 
@@ -50,29 +61,29 @@ public function test_hashed_attribute_hashes_value_on_update(): void
         $this->assertFalse($this->hasher->verify('original-password', $user->password));
     }
 
-    public function test_hashed_attribute_does_not_rehash_already_hashed_values(): void
+    #[Test]
+    public function does_not_rehash_already_hashed_values(): void
     {
         $this->migrate(CreateMigrationsTable::class, CreateUserWithHashTable::class);
 
-        $alreadyHashed = $this->hasher->hash('plaintext-password');
-
-        $user = new UserWithHash(
+        $user = query(UserWithHash::class)->create(
             email: 'test@example.com',
-            password: $alreadyHashed,
-        )->save()->refresh();
+            password: $alreadyHashed = $this->hasher->hash('plaintext-password'),
+        )->refresh();
 
         $this->assertSame($alreadyHashed, $user->password);
         $this->assertTrue($this->hasher->verify('plaintext-password', $user->password));
     }
 
-    public function test_hashed_attribute_handles_null_values(): void
+    #[Test]
+    public function handles_null_values(): void
     {
         $this->migrate(CreateMigrationsTable::class, CreateUserWithNullablePasswordTable::class);
 
-        $user = new UserWithNullablePassword(
+        $user = query(UserWithNullablePassword::class)->create(
             email: 'test@example.com',
             password: null,
-        )->save()->refresh();
+        )->refresh();
 
         $this->assertNull($user->password);
     }