diff --git a/database/factories/OrganisationFactory.php b/database/factories/OrganisationFactory.php index 0154a84..f571847 100644 --- a/database/factories/OrganisationFactory.php +++ b/database/factories/OrganisationFactory.php @@ -132,6 +132,30 @@ public function withRelated(): static }); } + public function withUserAndDocuments() + { + return $this->afterCreating(function (Organisation $organisation) { + User::factory(['email' => $organisation->email]) + ->orgAdmin() + ->for($organisation) + ->create(); + + Document::factory() + ->for($organisation) + ->create(); + + Document::factory() + ->contract() + ->for($organisation) + ->create(); + + Document::factory() + ->protocol() + ->for($organisation) + ->create(); + }); + } + protected function attachLocationByActivityArea(Organisation $organisation): void { $counties = null; diff --git a/tests/Feature/Documents/AdminPlatformTest.php b/tests/Feature/Documents/AdminPlatformTest.php new file mode 100644 index 0000000..12e5b20 --- /dev/null +++ b/tests/Feature/Documents/AdminPlatformTest.php @@ -0,0 +1,189 @@ +user = User::factory() + ->platformAdmin() + ->create(); + Livewire::actingAs($this->user); + + $this->createOrganisations(3, 'random'); + } + + public function testAdminPlatformCanViewDocuments(): void + { + $this->viewDocuments() + ->assertPageActionVisible('create') + ->assertPageActionEnabled('create'); + } + + public function testViewAdminPlatformCanViewDocument(): void + { + $document = Document::query() + ->whereType(DocumentType::protocol) + ->first(); + + $this->viewProtocolDocumentByUser($document) + ->assertPageActionVisible('edit') + ->assertPageActionVisible('delete'); + + $document = Document::query() + ->whereNot('type', DocumentType::protocol) + ->first(); + + $this->viewDocumentByUser($document) + ->assertPageActionVisible('edit') + ->assertPageActionVisible('delete'); + } + + public function testAdminPlatformCanEditDocument(): void + { + $protocolDocument = Document::query() + ->whereType(DocumentType::protocol) + ->first(); + + $this->editDocument($protocolDocument) + ->assertFormFieldIsVisible('signed_at') + ->assertFormFieldIsEnabled('signed_at') + ->assertFormFieldIsVisible('expires_at') + ->assertFormFieldIsEnabled('expires_at') + ->assertFormFieldIsVisible('never_expires') + ->assertFormFieldIsEnabled('never_expires'); + + $document = Document::query() + ->whereNot('type', DocumentType::protocol) + ->first(); + + $this->editDocument($document) + ->assertFormFieldIsHidden('signed_at') + ->assertFormFieldIsHidden('expires_at') + ->assertFormFieldIsHidden('never_expires'); + } + + public function testAdminPlatformCanDeleteDocument(): void + { + $document = Document::query() + ->inRandomOrder() + ->first(); + + Livewire::test(ViewDocument::class, ['record' => $document->id]) + ->callPageAction('delete') + ->assertSuccessful(); + $this->assertNull(Document::find($document->id)); + } + + public function testAdminPlatformCanCreateDocument() + { + $file = \Illuminate\Http\UploadedFile::fake() + ->image(fake()->word() . '.jpg') + ->store('tests'); + + // all data ok for type contract + Livewire::test(CreateDocument::class) + ->fillForm(['organisation_id' => Organisation::query()->inRandomOrder()->first()->id, + 'name' => fake()->word(), + 'type' => DocumentType::contract, + 'document' => [$file]]) + ->assertFormFieldIsHidden('signed_at') + ->assertFormFieldIsHidden('expires_at') + ->assertFormFieldIsHidden('never_expires') + ->call('create') + ->assertHasNoFormErrors(); + + // all data ok for protocol with never_expires + Livewire::test(CreateDocument::class) + ->fillForm(['organisation_id' => Organisation::query()->inRandomOrder()->first()->id, + 'name' => fake()->word(), + 'type' => DocumentType::protocol, + 'document' => [$file], + 'signed_at' => fake()->date(), + 'never_expires' => true]) + ->assertFormFieldIsVisible('signed_at') + ->assertFormFieldIsVisible('expires_at') + ->assertFormFieldIsVisible('never_expires') + ->call('create') + ->assertHasNoFormErrors(); + + // all data ok for protocol with expire date + $endDate = fake()->date(); + Livewire::test(CreateDocument::class) + ->fillForm(['organisation_id' => Organisation::query()->inRandomOrder()->first()->id, + 'name' => fake()->word(), + 'type' => DocumentType::protocol, + 'document' => [$file], + 'signed_at' => fake()->date(max: $endDate), + 'expires_at' => $endDate]) + ->assertFormFieldIsVisible('signed_at') + ->assertFormFieldIsVisible('expires_at') + ->assertFormFieldIsVisible('never_expires') + ->call('create') + ->assertHasNoFormErrors(); + + // all data ok for other type document + Livewire::test(CreateDocument::class) + ->fillForm(['organisation_id' => Organisation::query()->inRandomOrder()->first()->id, + 'name' => fake()->word(), + 'type' => DocumentType::other, + 'document' => [$file]]) + ->assertFormFieldIsHidden('signed_at') + ->assertFormFieldIsHidden('expires_at') + ->assertFormFieldIsHidden('never_expires') + ->call('create') + ->assertHasNoFormErrors(); + + // wrong organisation_id, name, type + Livewire::test(CreateDocument::class) + ->fillForm(['organisation_id' => Organisation::query()->max('id') + 1, + 'name' => fake()->word(), + 'type' => DocumentType::contract, + 'document' => [$file]]) + ->call('create') + ->assertHasFormErrors(['organisation_id']) + ->fillForm(['organisation_id' => Organisation::query()->inRandomOrder()->first()->id, + 'name' => fake()->realTextBetween(256, 300)]) + ->call('create') + ->assertHasFormErrors(['name']) + ->fillForm(['name' => fake()->word(), + 'type' => fake()->word(), ]) + ->call('create') + ->assertHasFormErrors(['type']); + + // document type protocol without start/end date, expires_at before signed_at + $startDate = fake()->date(); + Livewire::test(CreateDocument::class) + ->fillForm(['organisation_id' => Organisation::query()->inRandomOrder()->first()->id, + 'name' => fake()->word(), + 'type' => DocumentType::protocol, + 'document' => [$file]]) + ->assertFormFieldIsVisible('signed_at') + ->assertFormFieldIsVisible('expires_at') + ->assertFormFieldIsVisible('never_expires') + ->call('create') + ->assertHasFormErrors(['signed_at' => 'required', + 'expires_at' => 'required', + ]) + ->fillForm(['never_expires' => true]) + ->call('create') + ->assertHasFormErrors(['signed_at' => 'required']) + ->fillForm(['signed_at' => $startDate, + 'expires_at' => fake()->date(max: $startDate), + 'never_expires' => false]) + ->call('create') + ->assertHasFormErrors(['expires_at']); + } +} diff --git a/tests/Feature/Documents/DocumentsBaseTest.php b/tests/Feature/Documents/DocumentsBaseTest.php new file mode 100644 index 0000000..b609ddc --- /dev/null +++ b/tests/Feature/Documents/DocumentsBaseTest.php @@ -0,0 +1,149 @@ +role(UserRole::ORG_ADMIN) + ->inRandomOrder() + ->get(); + } + + protected function getOrgAdminWithInactiveOrg(): User + { + return Organisation::query() + ->whereStatus(OrganisationStatus::inactive) + ->with('users') + ->inRandomOrder() + ->first() + ->users + ->first(); + } + + protected function createOrganisations(int $count = 3, string $status = 'active'): void + { + $options = ['user', 'document']; + if ($status === 'inactive') { + Organisation::factory() + ->count($count) + ->withUserAndDocuments() + ->randomStatus() + ->createQuietly(); + + return; + } + if ($status === 'random') { + Organisation::factory() + ->count($count) + ->withUserAndDocuments() + ->randomStatus() + ->createQuietly(); + + return; + } + Organisation::factory() + ->count($count) + ->withUserAndDocuments() + ->createQuietly(); + } + + public function viewDocuments(): Livewire\Testing\TestableLivewire + { + $documents = Document::all(); + + return Livewire::test(DocumentResource\Pages\ListDocuments::class) + ->assertSuccessful() + ->assertCountTableRecords(9) + ->assertCanSeeTableRecords($documents) + ->assertCanRenderTableColumn('name') + ->filterTable('type', DocumentType::contract->value) + ->assertCanSeeTableRecords($documents->where('type', DocumentType::contract)) + ->resetTableFilters() + ->assertCanRenderTableColumn('organisation.name') + ->sortTable('name') + ->assertCanSeeTableRecords($documents->sortBy('name'), inOrder: true) + ->assertCanRenderTableColumn('media.file_name') + ->sortTable('media.file_name') + ->assertCanSeeTableRecords($documents->sortBy('media.file_name'), inOrder: true) + ->assertCanRenderTableColumn('signed_at') + ->sortTable('signed_at') + ->assertCanSeeTableRecords($documents->sortBy('signed_at'), inOrder: true) + ->assertCanRenderTableColumn('expires_at') + ->sortTable('expires_at') + ->assertCanSeeTableRecords($documents->sortBy('expires_at'), inOrder: true); + } + + public function viewProtocolDocumentByUser(Document $document): Livewire\Testing\TestableLivewire + { + return Livewire::test(DocumentResource\Pages\ViewDocument::class, ['record' => $document->id]) + ->assertSuccessful() + ->assertFormFieldIsVisible('organisation_id') + ->assertFormFieldIsVisible('name') + ->assertFormFieldIsVisible('type') + ->assertFormFieldIsVisible('signed_at') + ->assertFormFieldIsVisible('expires_at') + ->assertFormFieldIsVisible('never_expires') + ->assertFormFieldIsVisible('document'); + } + + public function viewDocumentByUser(Document $document): Livewire\Testing\TestableLivewire + { + return Livewire::test(DocumentResource\Pages\ViewDocument::class, ['record' => $document->id]) + ->assertSuccessful() + ->assertFormFieldIsVisible('organisation_id') + ->assertFormFieldIsVisible('name') + ->assertFormFieldIsVisible('type') + ->assertFormFieldIsHidden('signed_at') + ->assertFormFieldIsHidden('expires_at') + ->assertFormFieldIsHidden('never_expires') + ->assertFormFieldIsVisible('document'); + } + + public function editDocument(Document $document): Livewire\Testing\TestableLivewire + { + return Livewire::test(DocumentResource\Pages\EditDocument::class, ['record' => $document->id]) + ->assertSuccessful() + ->assertFormFieldIsVisible('organisation_id') + ->assertFormFieldIsEnabled('organisation_id') + ->assertFormFieldIsVisible('name') + ->assertFormFieldIsEnabled('name') + ->assertFormFieldIsVisible('type') + ->assertFormFieldIsEnabled('type') + ->assertFormFieldIsVisible('name') + ->assertFormFieldIsEnabled('name') + ->assertFormFieldIsVisible('document') + ->assertFormFieldIsEnabled('document'); + } +} diff --git a/tests/Feature/Documents/OrganisationAdminTest.php b/tests/Feature/Documents/OrganisationAdminTest.php new file mode 100644 index 0000000..69880cb --- /dev/null +++ b/tests/Feature/Documents/OrganisationAdminTest.php @@ -0,0 +1,243 @@ +createOrganisations(); + $this->createOrganisations(2, 'inactive'); + $this->user = User::query() + ->role(UserRole::ORG_ADMIN) + ->inRandomOrder() + ->first(); +// $this->actingAs($this->user); + } + + public function testOrgAdminCanViewDocuments(): void + { + $this->actingAs($this->user); + $userOganisationID = $this->user->organisation_id; + $documents = Document::query() + ->whereOrganisationId($userOganisationID) + ->get(); + $documentsFromAnotherOrg = Document::query() + ->whereNot('organisation_id', $userOganisationID) + ->get(); + Livewire::test(DocumentResource\Pages\ListDocuments::class) + ->assertSuccessful() + ->assertPageActionHidden('create') + ->assertPageActionDisabled('create') + ->assertCountTableRecords(3) + ->assertCanSeeTableRecords($documents) + ->assertCanNotSeeTableRecords($documentsFromAnotherOrg) + ->assertCanRenderTableColumn('name') + ->filterTable('type', DocumentType::contract->value) + ->assertCanSeeTableRecords($documents->where('type', DocumentType::contract)) + ->resetTableFilters() + ->sortTable('name') + ->assertCanSeeTableRecords($documents->sortBy('name'), inOrder: true) + ->assertCanNotRenderTableColumn('organisation.name') + ->assertCanRenderTableColumn('media.file_name') + ->sortTable('media.file_name') + ->assertCanSeeTableRecords($documents->sortBy('media.file_name'), inOrder: true) + ->assertCanRenderTableColumn('signed_at') + ->sortTable('signed_at') + ->assertCanSeeTableRecords($documents->sortBy('signed_at'), inOrder: true) + ->assertCanRenderTableColumn('expires_at') + ->sortTable('expires_at') + ->assertCanSeeTableRecords($documents->sortBy('expires_at'), inOrder: true); + } + + public function testViewDocumentsByInactiveOrgAdmin(): void + { + $url = DocumentResource::getUrl('index'); + + $this->createOrganisations(2, 'inactive'); + $orgAdmin = $this->getOrgAdminWithInactiveOrg(2); + $this->actingAs($orgAdmin) + ->get($url) + ->assertRedirect('/login'); + } + + public function testOrgAdminCanViewDocument(): void + { + $document = $this->user + ->organisation + ->documents + ->filter(fn ($item) => $item->type === DocumentType::protocol) + ->first(); + $this->actingAs($this->user); + + $this->viewProtocolDocumentByUser($document) + ->assertPageActionHidden('edit') + ->assertPageActionHidden('delete') + ->assertPageActionDisabled('edit') + ->assertPageActionDisabled('delete'); + + $document = $this->user + ->organisation + ->documents + ->filter(fn ($item) => $item->type !== DocumentType::protocol) + ->first(); + + $this->viewDocumentByUser($document) + ->assertPageActionHidden('edit') + ->assertPageActionHidden('delete') + ->assertPageActionDisabled('edit') + ->assertPageActionDisabled('delete'); + } + + public function testInactiveOrgAdminCanNotViewDocument(): void + { + $this->createOrganisations(2, 'inactive'); + $orgAdmins = $this->getOrgAdminWithInactiveOrg(); + + $document = Document::query() + ->inRandomOrder() + ->first(); + $url = DocumentResource::getUrl('view', ['record' => $document->id]); + + $this->actingAs($orgAdmins) + ->withSession(['banned' => false]) + ->get($url) + ->assertRedirect('/login'); + } + + public function testAnotherOrgAdminCanNotViewDocument(): void + { +// dd(Document::all()->count()); + $document = Document::query() + ->whereNot('organisation_id', $this->user->organisation_id) + ->inRandomOrder() + ->first(); +// dd($this->user->organisation_id, $document); + + Livewire::test(DocumentResource\Pages\ViewDocument::class, ['record' => $document->id]) + ->assertForbidden(); + } + + public function testAnotherInactiveOrgAdminCanNotViewDocument(): void + { + $this->createOrganisations(2, 'inactive'); + $orgAdmin = $this->getOrgAdminWithInactiveOrg(); + + $document = Document::query() + ->whereNot('organisation_id', $orgAdmin->organisation_id) + ->inRandomOrder() + ->first(); + + $url = DocumentResource::getUrl('view', ['record' => $document->id]); + + $this->actingAs($orgAdmin) + ->withSession(['banned' => false]) + ->get($url) + ->assertRedirect('/login'); + } + + public function testOrgAdminCanNotEditDocument(): void + { + $document = $this->user + ->organisation + ->documents + ->first(); + + Livewire::test(DocumentResource\Pages\EditDocument::class, ['record' => $document->id]) + ->assertForbidden(); + } + + public function testInactiveOrgAdminCanNotEditDocument(): void + { + $this->createOrganisations(2, 'inactive'); + $orgAdmin = $this->getOrgAdminWithInactiveOrg(); + + $document = Document::query() + ->where('organisation_id', $orgAdmin->organisation_id) + ->inRandomOrder() + ->first(); + $url = DocumentResource::getUrl('edit', ['record' => $document->id]); + + $this->actingAs($orgAdmin) + ->withSession(['banned' => false]) + ->get($url) + ->assertRedirect('/login'); + } + + public function testAnotherOrgAdminCanNotEditDocument(): void + { + $document = Document::query() + ->whereNot('organisation_id', $this->user->organisation_id) + ->inRandomOrder() + ->first(); + + $url = DocumentResource::getUrl('edit', ['record' => $document->id]); + + $this->actingAs($this->user) + ->withSession(['banned' => false]) + ->get($url) + ->assertNotFound(); + } + + public function testAnotherInactiveOrgAdminCanNotEditDocument(): void + { + $this->createOrganisations(2, 'inactive'); + $orgAdmin = $this->getOrgAdminWithInactiveOrg(); + + $document = Document::query() + ->whereNot('organisation_id', $orgAdmin->organisation_id) + ->inRandomOrder() + ->first(); + + $url = DocumentResource::getUrl('edit', ['record' => $document->id]); + + $this->actingAs($orgAdmin) + ->withSession(['banned' => false]) + ->get($url) + ->assertRedirect('/login'); + } + + public function testInactiveOrgAdminCanNotDeleteDocument(): void + { + $this->createOrganisations(2, 'inactive'); + $orgAdmin = $this->getOrgAdminWithInactiveOrg(); + + $document = Document::query() + ->where('organisation_id', $orgAdmin->organisation_id) + ->inRandomOrder() + ->first(); + + Livewire::actingAs($orgAdmin); + Livewire::test(DocumentResource\Pages\ViewDocument::class, ['record' => $document->id]) + ->assertPageActionDisabled('delete'); + } + + public function testOrgAdminCanNotCreateDocument() + { + $orgAdmins = $this->getOrgAdmin()->random(); + + Livewire::actingAs($orgAdmins); + Livewire::test(DocumentResource\Pages\CreateDocument::class) + ->assertForbidden(); + } + + public function testInactiveOrgAdminCanNotCreateDocument() + { + $this->createOrganisations(2, 'inactive'); + $orgAdmins = $this->getOrgAdminWithInactiveOrg(); + + Livewire::actingAs($orgAdmins); + Livewire::test(DocumentResource\Pages\CreateDocument::class) + ->assertForbidden(); + } +} diff --git a/tests/Feature/Documents/PlatformCoordinatorTest.php b/tests/Feature/Documents/PlatformCoordinatorTest.php new file mode 100644 index 0000000..1168114 --- /dev/null +++ b/tests/Feature/Documents/PlatformCoordinatorTest.php @@ -0,0 +1,73 @@ +user = User::factory() + ->platformCoordinator() + ->create(); + Livewire::actingAs($this->user); + + $this->createOrganisations(3, 'random'); + } + + public function testPlatformCoordinatorCanViewDocuments(): void + { + $this->viewDocuments() + ->assertPageActionHidden('create') + ->assertPageActionDisabled('create'); + } + + public function testPlatformCoordinatorCanViewDocument(): void + { + $document = Document::query() + ->whereType(DocumentType::protocol) + ->inRandomOrder() + ->first(); + + $this->viewProtocolDocumentByUser($document) + ->assertPageActionHidden('edit') + ->assertPageActionHidden('delete') + ->assertPageActionDisabled('edit') + ->assertPageActionDisabled('delete'); + + $document = Document::query() + ->whereNot('type', DocumentType::protocol) + ->inRandomOrder() + ->first(); + + $this->viewDocumentByUser($document) + ->assertPageActionHidden('edit') + ->assertPageActionHidden('delete') + ->assertPageActionDisabled('edit') + ->assertPageActionDisabled('delete'); + } + + public function testPlatformCoordinatorCanNotEditDocument(): void + { + $document = Document::query() + ->inRandomOrder() + ->first(); + + Livewire::test(DocumentResource\Pages\EditDocument::class, ['record' => $document->id]) + ->assertForbidden(); + } + + public function testPlatformCoordinatorCanNotCreateDocument(): void + { + Livewire::test(DocumentResource\Pages\CreateDocument::class) + ->assertForbidden(); + } +}