- Permissions tests (#97)

* - added some test

* - cr fix

* - cr fix

* - cr fix

* - cr fix

tests/Feature/MonthlyUsageTest.php

@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Feature;
+
+use Illuminate\Foundation\Testing\DatabaseMigrations;
+use Tests\FeatureTestCase;
+use Toby\Eloquent\Models\User;
+
+class MonthlyUsageTest extends FeatureTestCase
+{
+    use DatabaseMigrations;
+
+    public function testAdministatorCanSeeVacationsMonthlyUsage(): void
+    {
+        $admin = User::factory()->admin()->createQuietly();
+
+        $this->actingAs($admin)
+            ->get("/monthly-usage")
+            ->assertOk();
+    }
+
+    public function testEmployeeCannotSeeVacationsMonthlyUsage(): void
+    {
+        $user = User::factory()->createQuietly();
+
+        $this->actingAs($user)
+            ->get("/monthly-usage")
+            ->assertForbidden();
+    }
+}

tests/Feature/VacationCalendarTest.php

@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Feature;
+
+use Illuminate\Foundation\Testing\DatabaseMigrations;
+use Tests\FeatureTestCase;
+use Toby\Eloquent\Models\User;
+
+class VacationCalendarTest extends FeatureTestCase
+{
+    use DatabaseMigrations;
+
+    public function testAdministrativeApproverCanDownloadTimesheet(): void
+    {
+        $administrativeApprover = User::factory()->administrativeApprover()->createQuietly();
+
+        $this->actingAs($administrativeApprover)
+            ->get("/timesheet/january")
+            ->assertOk();
+    }
+
+    public function testEmployeeCannotDownloadTimesheet(): void
+    {
+        $user = User::factory()->createQuietly();
+
+        $this->actingAs($user)
+            ->get("/timesheet/january")
+            ->assertForbidden();
+    }
+}

tests/Feature/VacationRequestTest.php

@@ -13,6 +13,7 @@ use Tests\FeatureTestCase;
 use Toby\Domain\Enums\VacationType;
 use Toby\Domain\PolishHolidaysRetriever;
 use Toby\Domain\States\VacationRequest\Approved;
+use Toby\Domain\States\VacationRequest\Cancelled;
 use Toby\Domain\States\VacationRequest\Rejected;
 use Toby\Domain\States\VacationRequest\WaitingForAdministrative;
 use Toby\Domain\States\VacationRequest\WaitingForTechnical;
@@ -79,7 +80,7 @@ class VacationRequestTest extends FeatureTestCase
                 "to" => Carbon::create($currentYearPeriod->year, 2, 11)->toDateString(),
                 "comment" => "Comment for the vacation request.",
             ])
-            ->assertSessionHasNoErrors();
+            ->assertRedirect();
 
         $this->assertDatabaseHas("vacation_requests", [
             "user_id" => $user->id,
@@ -114,7 +115,7 @@ class VacationRequestTest extends FeatureTestCase
                 "to" => Carbon::create($currentYearPeriod->year, 2, 11)->toDateString(),
                 "comment" => "Comment for the vacation request.",
             ])
-            ->assertSessionHasNoErrors();
+            ->assertRedirect();
 
         $this->assertDatabaseHas("vacation_requests", [
             "user_id" => $user->id,
@@ -151,7 +152,7 @@ class VacationRequestTest extends FeatureTestCase
                 "comment" => "Comment for the vacation request.",
                 "flowSkipped" => true,
             ])
-            ->assertSessionHasNoErrors();
+            ->assertRedirect();
 
         $this->assertDatabaseHas("vacation_requests", [
             "user_id" => $user->id,
@@ -181,7 +182,7 @@ class VacationRequestTest extends FeatureTestCase
 
         $this->actingAs($technicalApprover)
             ->post("/vacation-requests/{$vacationRequest->id}/accept-as-technical")
-            ->assertSessionHasNoErrors();
+            ->assertRedirect();
 
         $vacationRequest->refresh();
 
@@ -204,7 +205,7 @@ class VacationRequestTest extends FeatureTestCase
 
         $this->actingAs($administrativeApprover)
             ->post("/vacation-requests/{$vacationRequest->id}/accept-as-administrative")
-            ->assertSessionHasNoErrors();
+            ->assertRedirect();
 
         $vacationRequest->refresh();
 
@@ -235,7 +236,7 @@ class VacationRequestTest extends FeatureTestCase
 
         $this->actingAs($technicalApprover)
             ->post("/vacation-requests/{$vacationRequest->id}/reject")
-            ->assertSessionHasNoErrors();
+            ->assertRedirect();
 
         $vacationRequest->refresh();
 
@@ -430,4 +431,171 @@ class VacationRequestTest extends FeatureTestCase
                 "vacationRequest" => __("The vacation request cannot be created at the turn of the year."),
             ]);
     }
+
+    public function testEmployeeCanSeeOnlyHisVacationRequests(): void
+    {
+        $user = User::factory()->createQuietly();
+
+        $this->actingAs($user)
+            ->get("/vacation-requests")
+            ->assertRedirect("/vacation-requests/me");
+    }
+
+    public function testEmployeeCannotCreateVacationRequestForAnotherEmployee(): void
+    {
+        $user = User::factory()->createQuietly();
+        $anotherUser = User::factory()->createQuietly();
+
+        $currentYearPeriod = YearPeriod::current();
+
+        $this->actingAs($user)
+            ->post("/vacation-requests", [
+                "user" => $anotherUser->id,
+                "type" => VacationType::Vacation->value,
+                "from" => Carbon::create($currentYearPeriod->year, 2, 7)->toDateString(),
+                "to" => Carbon::create($currentYearPeriod->year, 2, 11)->toDateString(),
+                "comment" => "Comment for the vacation request.",
+            ])
+            ->assertForbidden();
+    }
+
+    public function testEmployeeCanCancelVacationRequestWithWaitingForAdministrativeStatus(): void
+    {
+        $user = User::factory()->createQuietly();
+        $currentYearPeriod = YearPeriod::current();
+
+        VacationLimit::factory([
+            "days" => 20,
+        ])
+            ->for($user)
+            ->for($currentYearPeriod)
+            ->create();
+
+        /** @var VacationRequest $vacationRequest */
+        $vacationRequest = VacationRequest::factory([
+            "state" => WaitingForAdministrative::class,
+            "type" => VacationType::Vacation,
+        ])
+            ->for($user)
+            ->for($currentYearPeriod)
+            ->create();
+
+        $this->actingAs($user)
+            ->post("/vacation-requests/{$vacationRequest->id}/cancel")
+            ->assertRedirect();
+
+        $vacationRequest->refresh();
+
+        $this->assertTrue($vacationRequest->state->equals(Cancelled::class));
+    }
+
+    public function testEmployeeCannotCancelVacationRequestWithApprovedStatus(): void
+    {
+        $user = User::factory()->createQuietly();
+        $currentYearPeriod = YearPeriod::current();
+
+        VacationLimit::factory([
+            "days" => 20,
+        ])
+            ->for($user)
+            ->for($currentYearPeriod)
+            ->create();
+
+        /** @var VacationRequest $vacationRequest */
+        $vacationRequest = VacationRequest::factory([
+            "state" => Approved::class,
+            "type" => VacationType::Vacation,
+        ])
+            ->for($user)
+            ->for($currentYearPeriod)
+            ->create();
+
+        $this->actingAs($user)
+            ->post("/vacation-requests/{$vacationRequest->id}/cancel")
+            ->assertForbidden();
+    }
+
+    public function testAdministrativeApproverCanCancelVacationRequestWithApprovedStatus(): void
+    {
+        $user = User::factory()->createQuietly();
+        $administrativeApprover = User::factory()->administrativeApprover()->createQuietly();
+        $currentYearPeriod = YearPeriod::current();
+
+        VacationLimit::factory([
+            "days" => 20,
+        ])
+            ->for($user)
+            ->for($currentYearPeriod)
+            ->create();
+
+        /** @var VacationRequest $vacationRequest */
+        $vacationRequest = VacationRequest::factory([
+            "state" => Approved::class,
+            "type" => VacationType::Vacation,
+        ])
+            ->for($user)
+            ->for($currentYearPeriod)
+            ->create();
+
+        $this->actingAs($administrativeApprover)
+            ->post("/vacation-requests/{$vacationRequest->id}/cancel")
+            ->assertRedirect();
+
+        $vacationRequest->refresh();
+
+        $this->assertTrue($vacationRequest->state->equals(Cancelled::class));
+    }
+
+    public function testEmployeeCanDownloadHisVacationRequestAsPdf(): void
+    {
+        $user = User::factory()->createQuietly();
+        $currentYearPeriod = YearPeriod::current();
+
+        VacationLimit::factory([
+            "days" => 20,
+        ])
+            ->for($user)
+            ->for($currentYearPeriod)
+            ->create();
+
+        /** @var VacationRequest $vacationRequest */
+        $vacationRequest = VacationRequest::factory([
+            "state" => WaitingForTechnical::class,
+            "type" => VacationType::Vacation,
+        ])
+            ->for($user)
+            ->for($currentYearPeriod)
+            ->create();
+
+        $this->actingAs($user)
+            ->get("/vacation-requests/{$vacationRequest->id}/download")
+            ->assertSuccessful();
+    }
+
+    public function testEmployeeCannotDownloadAnotherEmployeesVacationRequestAsPdf(): void
+    {
+        $user = User::factory()->createQuietly();
+        $anotherUser = User::factory()->createQuietly();
+        $currentYearPeriod = YearPeriod::current();
+
+        VacationLimit::factory([
+            "days" => 20,
+        ])
+            ->for($anotherUser)
+            ->for($currentYearPeriod)
+            ->create();
+
+        /** @var VacationRequest $vacationRequest */
+        $vacationRequest = VacationRequest::factory([
+            "state" => WaitingForTechnical::class,
+            "type" => VacationType::Vacation,
+        ])
+            ->for($anotherUser)
+            ->for($currentYearPeriod)
+            ->create();
+
+        $this->actingAs($user)
+            ->get("/vacation-requests/{$vacationRequest->id}/download")
+            ->assertForbidden();
+    }
 }