xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
699d43fbd43f62ffc63e1f9294233bf0eda40905
lotteryLaravel/tests/Feature/AdminAuthorizationAuditCommandTest.php

49 lines
1.6 KiB
PHP
Raw Blame History

<?php
use Database\Seeders\AdminRbacAndUserSeeder;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\DB;
uses(RefreshDatabase::class);
test('admin authorization audit reports missing api resources for protected routes', function (): void {
DB::table('admin_api_resources')
->where('code', 'admin.config.play-versions.index')
->delete();
$this->artisan('lottery:admin-auth-audit')
->expectsOutputToContain('Admin authorization audit found')
->expectsOutputToContain('[route_coverage]')
->assertExitCode(1);
});
test('admin authorization audit passes on the default authorization catalog', function (): void {
$this->artisan('lottery:admin-auth-audit')
->expectsOutputToContain('Admin authorization audit passed.')
->assertExitCode(0);
});
test('admin authorization audit detects role api resource drift', function (): void {
$this->seed(AdminRbacAndUserSeeder::class);
$resourceId = DB::table('admin_api_resources')
->where('code', 'admin.audit.index')
->value('id');
$roleId = DB::table('admin_roles')
->where('slug', 'finance')
->value('id');
expect($resourceId)->not->toBeNull();
expect($roleId)->not->toBeNull();
DB::table('admin_role_api_resources')
->where('role_id', (int) $roleId)
->where('api_resource_id', (int) $resourceId)
->delete();
$this->artisan('lottery:admin-auth-audit --skip-route-coverage')
->expectsOutputToContain('Missing role-resource grant')
->assertExitCode(1);
});
Reference in New Issue View Git Blame Copy Permalink