musimana · musimana · May 12, 2024 · May 12, 2024 · May 12, 2024 · May 12, 2024
diff --git a/phpstan.dist.neon b/phpstan.dist.neon
@@ -27,7 +27,7 @@ parameters:
         - # From the way the methods are inherited by the Browser object
             message: '#Call to an undefined method Laravel\\Dusk\\Browser::#'
             path: tests/Browser
-            count: 22
+            count: 23
         - # From the way the methods are inherited by Pest
             message: '#Function testNotifiedUpdate#'
             path: tests/Feature/Http/Controllers/Auth/PasswordForgottenControllerTest.php

diff --git a/tests/Browser/TestAuth/WebMiddlewareTest.php b/tests/Browser/TestAuth/WebMiddlewareTest.php
@@ -2,10 +2,12 @@
 
 namespace Tests\Browser\TestAuth;
 
+use App\Models\Page;
 use App\Models\User;
 use Illuminate\Foundation\Testing\DatabaseTruncation;
 use Laravel\Dusk\Browser;
 use PHPUnit\Framework\Assert;
+use Tests\Browser\Pages\Admin\Page\AdminEditPage;
 use Tests\Browser\Pages\Guest\Homepage;
 use Tests\Browser\Pages\User\Dashboard;
 use Tests\Browser\Pages\User\Login;
@@ -27,7 +29,6 @@ public function testGuestMiddleware(): void
             ->on(new Login)
             ->assertGuest()
 
-            ->visit(new Homepage)
             ->visit('/logout')
             ->on(new Login)
             ->assertGuest()
@@ -37,13 +38,15 @@ public function testGuestMiddleware(): void
     /** Test the standard auth middleware works correctly. */
     public function testUserMiddleware(): void
     {
+        $page = Page::factory()->create();
         $user = User::factory()->create([
             'email' => 'test.user@example.com',
             'name' => 'Test User',
         ]);
 
         Assert::assertTrue($user->email === 'test.user@example.com');
         Assert::assertTrue($user->name === 'Test User');
+        Assert::assertTrue(!$user->hasRole('admin'));
 
         $this->browse(fn (Browser $browser) => $browser
             ->assertGuest()
@@ -54,6 +57,11 @@ public function testUserMiddleware(): void
             ->on(new Dashboard($user))
             ->screenshotWholePage('dashboard-user-' . str_replace(['@', '.'], '_', $user->email))
 
+            ->visit($page->getUrlEdit())
+            ->assertSee('404')
+            ->assertSee('NOT FOUND')
+            ->screenshotWholePage('cms-user-denied')
+
             ->visit(new Homepage)
             ->assertAuthenticatedAs($user)
             ->screenshotWholePage('homepage-user')
@@ -63,4 +71,36 @@ public function testUserMiddleware(): void
             ->assertGuest()
         );
     }
+
+    /** Test the admin auth middleware works correctly. */
+    public function testAdminMiddleware(): void
+    {
+        $page = Page::factory()->create();
+        $user = User::factory()->isAdmin()->create([
+            'email' => 'test.admin@example.com',
+            'name' => 'Test Admin',
+        ]);
+
+        Assert::assertTrue($user->email === 'test.admin@example.com');
+        Assert::assertTrue($user->name === 'Test Admin');
+        Assert::assertTrue($user->hasRole('admin'));
+
+        $this->browse(fn (Browser $browser) => $browser
+            ->visit(new Login)
+            ->assertGuest()
+            ->loginAsUser($user->email)
+
+            ->on(new Dashboard($user))
+            ->assertAuthenticatedAs($user)
+            ->screenshotWholePage('dashboard-admin-' . str_replace(['@', '.'], '_', $user->email))
+
+            ->visit(new AdminEditPage($page))
+            ->assertAuthenticatedAs($user)
+            ->screenshotWholePage('admin-edit-page')
+
+            ->visit('/logout')
+            ->on(new Homepage)
+            ->assertGuest()
+        );
+    }
 }