Skip to content

Commit 4afd928

Browse files
saeedvazirysaeedvaziry
committed
fix tests
1 parent df90e15 commit 4afd928

File tree

2 files changed

+154
-60
lines changed

2 files changed

+154
-60
lines changed

tests/Feature/API/DomainsTest.php

Lines changed: 67 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44

55
use App\Models\DNSProvider;
66
use App\Models\Domain;
7+
use App\Models\Project;
78
use App\Models\User;
89
use Illuminate\Foundation\Testing\RefreshDatabase;
910
use Illuminate\Support\Facades\Http;
@@ -89,11 +90,11 @@ public function test_user_without_read_ability_cannot_list_domains(): void
8990
$response->assertForbidden();
9091
}
9192

92-
public function test_user_can_only_see_their_own_domains(): void
93+
public function test_user_can_see_all_domains_in_their_project(): void
9394
{
9495
Sanctum::actingAs($this->user, ['read']);
9596

96-
// Create domain for current user
97+
// Create domain for current user in their project
9798
$dnsProvider = DNSProvider::factory()->create([
9899
'user_id' => $this->user->id,
99100
'project_id' => $this->user->current_project_id,
@@ -105,23 +106,61 @@ public function test_user_can_only_see_their_own_domains(): void
105106
'project_id' => $this->user->current_project_id,
106107
]);
107108

108-
// Create domain for other user
109+
// Create domain for other user in the SAME project
110+
$otherUserDomain = Domain::factory()->create([
111+
'user_id' => $this->otherUser->id,
112+
'dns_provider_id' => $dnsProvider->id,
113+
'project_id' => $this->user->current_project_id,
114+
]);
115+
116+
// Create domain for other user in a DIFFERENT project
117+
$otherProject = Project::factory()->create();
109118
$otherDnsProvider = DNSProvider::factory()->create([
110119
'user_id' => $this->otherUser->id,
111-
'project_id' => $this->otherUser->current_project_id,
120+
'project_id' => $otherProject->id,
112121
]);
113122

114-
$otherDomain = Domain::factory()->create([
123+
$otherProjectDomain = Domain::factory()->create([
115124
'user_id' => $this->otherUser->id,
116125
'dns_provider_id' => $otherDnsProvider->id,
117-
'project_id' => $this->otherUser->current_project_id,
126+
'project_id' => $otherProject->id,
118127
]);
119128

120129
$response = $this->getJson("/api/projects/{$this->user->current_project_id}/domains");
121130

122131
$response->assertOk();
132+
// Should see both domains from the same project, regardless of who created them
123133
$response->assertJsonFragment(['id' => $userDomain->id]);
124-
$response->assertJsonMissing(['id' => $otherDomain->id]);
134+
$response->assertJsonFragment(['id' => $otherUserDomain->id]);
135+
// Should NOT see domains from other projects
136+
$response->assertJsonMissing(['id' => $otherProjectDomain->id]);
137+
}
138+
139+
public function test_user_can_access_domains_created_by_other_users_in_same_project(): void
140+
{
141+
Sanctum::actingAs($this->user, ['read']);
142+
143+
// Create a DNS provider for the current user's project
144+
$dnsProvider = DNSProvider::factory()->create([
145+
'user_id' => $this->user->id,
146+
'project_id' => $this->user->current_project_id,
147+
]);
148+
149+
// Create a domain for another user in the same project
150+
$otherUserDomain = Domain::factory()->create([
151+
'user_id' => $this->otherUser->id,
152+
'dns_provider_id' => $dnsProvider->id,
153+
'project_id' => $this->user->current_project_id,
154+
]);
155+
156+
// User should be able to view the domain created by another user in the same project
157+
$response = $this->getJson("/api/projects/{$this->user->current_project_id}/domains/{$otherUserDomain->id}");
158+
159+
$response->assertOk()
160+
->assertJsonFragment([
161+
'id' => $otherUserDomain->id,
162+
'domain' => $otherUserDomain->domain,
163+
]);
125164
}
126165

127166
public function test_authenticated_user_can_create_domain(): void
@@ -175,13 +214,15 @@ public function test_authenticated_user_can_create_domain(): void
175214
]);
176215
}
177216

178-
public function test_user_cannot_create_domain_with_other_users_dns_provider(): void
217+
public function test_user_cannot_create_domain_with_dns_provider_from_other_project(): void
179218
{
180219
Sanctum::actingAs($this->user, ['write']);
181220

221+
// Create a different project for the other user
222+
$otherProject = Project::factory()->create();
182223
$otherDnsProvider = DNSProvider::factory()->create([
183224
'user_id' => $this->otherUser->id,
184-
'project_id' => $this->otherUser->current_project_id,
225+
'project_id' => $otherProject->id,
185226
]);
186227

187228
$domainData = [
@@ -246,22 +287,24 @@ public function test_authenticated_user_can_view_domain(): void
246287
]);
247288
}
248289

249-
public function test_user_cannot_view_other_users_domain(): void
290+
public function test_user_cannot_view_domains_from_other_projects(): void
250291
{
251292
Sanctum::actingAs($this->user, ['read']);
252293

294+
// Create a different project for the other user
295+
$otherProject = Project::factory()->create();
253296
$otherDnsProvider = DNSProvider::factory()->create([
254297
'user_id' => $this->otherUser->id,
255-
'project_id' => $this->otherUser->current_project_id,
298+
'project_id' => $otherProject->id,
256299
]);
257300

258301
$otherDomain = Domain::factory()->create([
259302
'user_id' => $this->otherUser->id,
260303
'dns_provider_id' => $otherDnsProvider->id,
261-
'project_id' => $this->otherUser->current_project_id,
304+
'project_id' => $otherProject->id,
262305
]);
263306

264-
$response = $this->getJson("/api/projects/{$this->otherUser->current_project_id}/domains/{$otherDomain->id}");
307+
$response = $this->getJson("/api/projects/{$otherProject->id}/domains/{$otherDomain->id}");
265308

266309
$response->assertForbidden();
267310
}
@@ -289,22 +332,24 @@ public function test_authenticated_user_can_delete_domain(): void
289332
$this->assertDatabaseMissing('domains', ['id' => $domain->id]);
290333
}
291334

292-
public function test_user_cannot_delete_other_users_domain(): void
335+
public function test_user_cannot_delete_domains_from_other_projects(): void
293336
{
294337
Sanctum::actingAs($this->user, ['write']);
295338

339+
// Create a different project for the other user
340+
$otherProject = Project::factory()->create();
296341
$otherDnsProvider = DNSProvider::factory()->create([
297342
'user_id' => $this->otherUser->id,
298-
'project_id' => $this->otherUser->current_project_id,
343+
'project_id' => $otherProject->id,
299344
]);
300345

301346
$otherDomain = Domain::factory()->create([
302347
'user_id' => $this->otherUser->id,
303348
'dns_provider_id' => $otherDnsProvider->id,
304-
'project_id' => $this->otherUser->current_project_id,
349+
'project_id' => $otherProject->id,
305350
]);
306351

307-
$response = $this->deleteJson("/api/projects/{$this->otherUser->current_project_id}/domains/{$otherDomain->id}");
352+
$response = $this->deleteJson("/api/projects/{$otherProject->id}/domains/{$otherDomain->id}");
308353

309354
$response->assertForbidden();
310355

@@ -345,22 +390,22 @@ public function test_authenticated_user_can_get_available_domains_from_dns_provi
345390
$response->assertNotFound();
346391
}
347392

348-
public function test_user_cannot_get_available_domains_from_other_users_dns_provider(): void
393+
public function test_user_cannot_get_available_domains_from_dns_provider_in_other_project(): void
349394
{
350395
Sanctum::actingAs($this->user, ['read']);
351396

397+
// Create a different project for the other user
398+
$otherProject = Project::factory()->create();
352399
$otherDnsProvider = DNSProvider::factory()->create([
353400
'user_id' => $this->otherUser->id,
354-
'project_id' => $this->otherUser->current_project_id,
401+
'project_id' => $otherProject->id,
355402
]);
356403

357-
$response = $this->getJson("/api/projects/{$this->otherUser->current_project_id}/domains/{$otherDnsProvider->id}/available");
404+
$response = $this->getJson("/api/projects/{$otherProject->id}/domains/{$otherDnsProvider->id}/available");
358405

359406
$response->assertNotFound();
360407
}
361408

362-
// ==================== Edge Cases and Error Scenarios ====================
363-
364409
public function test_domain_not_found_returns_404(): void
365410
{
366411
Sanctum::actingAs($this->user, ['read']);
@@ -408,8 +453,6 @@ public function test_domain_pagination_works_correctly(): void
408453
$this->assertCount(25, $response->json('data'));
409454
}
410455

411-
// ==================== Cross-Project Access Tests ====================
412-
413456
public function test_user_cannot_access_domains_from_other_projects(): void
414457
{
415458
Sanctum::actingAs($this->user, ['read']);

0 commit comments

Comments
 (0)