diff --git a/app/Http/Controllers/ClubController.php b/app/Http/Controllers/ClubController.php index 2a73d7a7..262e5600 100644 --- a/app/Http/Controllers/ClubController.php +++ b/app/Http/Controllers/ClubController.php @@ -10,6 +10,11 @@ class ClubController extends Controller { + public function __construct() + { + $this->authorizeResource(Club::class, 'club'); + } + public function index(): View { return view('CRUD.clubs.index', ['clubs' => Club::orderBy('name')->paginate(15)]); diff --git a/app/Http/Controllers/TeamController.php b/app/Http/Controllers/TeamController.php index e0019457..13a5b214 100644 --- a/app/Http/Controllers/TeamController.php +++ b/app/Http/Controllers/TeamController.php @@ -15,6 +15,8 @@ class TeamController extends Controller { public function index(Club $club): View { + $this->authorize('viewAny', [Team::class, $club]); + $teams = Team::query()->inClub($club)->orderByName()->get(); return view('CRUD.teams.index', compact('club', 'teams')); @@ -22,6 +24,8 @@ public function index(Club $club): View public function create(Club $club): View { + $this->authorize('create', [Team::class, $club]); + $venues = Venue::all(); return view('CRUD.teams.create', compact('club', 'venues')); @@ -29,6 +33,8 @@ public function create(Club $club): View public function store(Request $request, Club $club): RedirectResponse { + $this->authorize('create', [Team::class, $club]); + $this->validate($request, [ 'club_id' => 'required|exists:clubs,id', @@ -55,6 +61,8 @@ public function store(Request $request, Club $club): RedirectResponse public function edit(Club $club, Team $team): View { + $this->authorize('update', $team); + $venues = Venue::all(); return view('CRUD.teams.edit', compact('club', 'team', 'venues')); @@ -62,6 +70,8 @@ public function edit(Club $club, Team $team): View public function update(Request $request, Club $club, Team $team): RedirectResponse { + $this->authorize('update', $team); + $this->validate($request, [ 'name' => [ @@ -89,6 +99,8 @@ public function update(Request $request, Club $club, Team $team): RedirectRespon public function destroy(Club $club, Team $team): RedirectResponse { + $this->authorize('delete', $team); + $team->delete(); return redirect() diff --git a/app/Http/Controllers/VenueController.php b/app/Http/Controllers/VenueController.php index 5900225d..3b143d86 100644 --- a/app/Http/Controllers/VenueController.php +++ b/app/Http/Controllers/VenueController.php @@ -9,6 +9,11 @@ class VenueController extends Controller { + public function __construct() + { + $this->authorizeResource(Venue::class, 'venue'); + } + public function index(): View { return view('CRUD.venues.index', ['venues' => Venue::paginate(15)]); diff --git a/app/Policies/CheckRoles.php b/app/Policies/CheckRoles.php index 75922409..7780cddf 100644 --- a/app/Policies/CheckRoles.php +++ b/app/Policies/CheckRoles.php @@ -48,9 +48,13 @@ public function hasAnyClubSecretaryRole(User $user): bool })->toArray()); } - public function hasAnyTeamSecretaryRole(User $user): bool + public function hasAnyTeamSecretaryRole(User $user, ?Club $club = null): bool { - return $user->hasRole(Team::all()->map(function (Team $team): string { + $teams = $club + ? $club->getTeams() + : Team::all(); + + return $user->hasRole($teams->map(function (Team $team): string { return RolesHelper::teamSecretaryName($team); })->toArray()); } diff --git a/app/Policies/ClubPolicy.php b/app/Policies/ClubPolicy.php new file mode 100644 index 00000000..fbc8ca29 --- /dev/null +++ b/app/Policies/ClubPolicy.php @@ -0,0 +1,35 @@ +hasAnyClubSecretaryRole($user); + } + + public function create(User $user): bool + { + // No-one but Site Administrator can create a new season + return false; + } + + public function update(User $user, Club $club): bool + { + return $user->hasRole(RolesHelper::clubSecretaryName($club)); + } + + public function delete(User $user, Club $club): bool + { + // No-one but Site Administrator can create a new season + return false; + } +} diff --git a/app/Policies/TeamPolicy.php b/app/Policies/TeamPolicy.php new file mode 100644 index 00000000..b0a55c73 --- /dev/null +++ b/app/Policies/TeamPolicy.php @@ -0,0 +1,41 @@ +hasRole(RolesHelper::clubSecretaryName($club))) { + return true; + } + + return $this->hasAnyTeamSecretaryRole($user, $club); + } + + public function create(User $user, Club $club): bool + { + return $user->hasRole(RolesHelper::clubSecretaryName($club)); + } + + public function update(User $user, Team $team): bool + { + return $user->hasAnyRole( + RolesHelper::clubSecretaryName($team->getClub()), + RolesHelper::teamSecretaryName($team) + ); + } + + public function delete(User $user, Team $team): bool + { + return $user->hasRole(RolesHelper::clubSecretaryName($team->getClub())); + } +} diff --git a/app/Policies/VenuePolicy.php b/app/Policies/VenuePolicy.php new file mode 100644 index 00000000..5985cdcc --- /dev/null +++ b/app/Policies/VenuePolicy.php @@ -0,0 +1,38 @@ + CompetitionPolicy::class, Division::class => DivisionPolicy::class, Fixture::class => FixturePolicy::class, + Club::class => ClubPolicy::class, + Team::class => TeamPolicy::class, + Venue::class => VenuePolicy::class, ]; /** diff --git a/database/seeds/UsersTableSeeder.php b/database/seeds/UsersTableSeeder.php index b665e986..d1e20242 100644 --- a/database/seeds/UsersTableSeeder.php +++ b/database/seeds/UsersTableSeeder.php @@ -1,5 +1,6 @@ initProgressBar(Role::count()); + $this->initProgressBar(Role::count() + 1); + + factory(User::class)->create([ + 'name' => "Test User", + 'email' => "test-user@example.com", + ]); + $this->advanceProgressBar(); $user = factory(User::class)->create([ 'name' => "Site Administrator", @@ -25,10 +32,10 @@ public function run(): void $this->advanceProgressBar(); $user = factory(User::class)->create([ - 'name' => "Referee Administrator", - 'email' => "referee-administrator@example.com", + 'name' => "Referees Administrator", + 'email' => "referees-administrator@example.com", ]); - $user->assignRole("Referee Administrator"); + $user->assignRole("Referees Administrator"); $this->advanceProgressBar(); Season::all()->each(function (Season $season) { @@ -36,7 +43,7 @@ public function run(): void 'name' => "Season {$season->getId()} Administrator", 'email' => "season-{$season->getId()}-administrator@example.com", ]); - $user->assignRole("Season {$season->getId()} Administrator"); + $user->assignRole(RolesHelper::seasonAdminName($season)); $this->advanceProgressBar(); }); Competition::all()->each(function (Competition $competition) { @@ -44,7 +51,7 @@ public function run(): void 'name' => "Competition {$competition->getId()} Administrator", 'email' => "competition-{$competition->getId()}-administrator@example.com", ]); - $user->assignRole("Competition {$competition->getId()} Administrator"); + $user->assignRole(RolesHelper::competitionAdminName($competition)); $this->advanceProgressBar(); }); Division::all()->each(function (Division $division) { @@ -52,7 +59,7 @@ public function run(): void 'name' => "Division {$division->getId()} Administrator", 'email' => "division-{$division->getId()}-administrator@example.com", ]); - $user->assignRole("Division {$division->getId()} Administrator"); + $user->assignRole(RolesHelper::divisionAdminName($division)); $this->advanceProgressBar(); }); @@ -61,7 +68,7 @@ public function run(): void 'name' => "Club {$club->getId()} Secretary", 'email' => "club-{$club->getId()}-secretary@example.com", ]); - $user->assignRole("Club {$club->getId()} Secretary"); + $user->assignRole(RolesHelper::clubSecretaryName($club)); $this->advanceProgressBar(); }); Team::all()->each(function (Team $team) { @@ -69,7 +76,7 @@ public function run(): void 'name' => "Team {$team->getId()} Secretary", 'email' => "team-{$team->getId()}-secretary@example.com", ]); - $user->assignRole("Team {$team->getId()} Secretary"); + $user->assignRole(RolesHelper::teamSecretaryName($team)); $this->advanceProgressBar(); }); diff --git a/routes/web.php b/routes/web.php index 1ad5ee49..8fc8cd0a 100644 --- a/routes/web.php +++ b/routes/web.php @@ -22,13 +22,10 @@ Route::get('fixtures') ->uses('FixturesController@index') ->name('fixtures.index'); - Route::middleware(['can:view-seasons']) + Route::resource('clubs', 'ClubController')->except('show'); + Route::prefix('clubs/{club}') ->group(function (): void { - Route::resource('clubs', 'ClubController')->except('show'); - Route::prefix('clubs/{club}') - ->group(function (): void { - Route::resource('teams', 'TeamController')->except('show'); - }); - Route::resource('venues', 'VenueController'); + Route::resource('teams', 'TeamController')->except('show'); }); + Route::resource('venues', 'VenueController'); }); diff --git a/tests/Browser/CRUD/ClubTest.php b/tests/Browser/CRUD/ClubTest.php index e2834443..d8f6cfb2 100644 --- a/tests/Browser/CRUD/ClubTest.php +++ b/tests/Browser/CRUD/ClubTest.php @@ -26,7 +26,7 @@ protected function setUp(): void public function testListingAllClubs(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $browser->visit('/clubs') ->assertSeeIn('@list', 'There are no clubs yet.'); @@ -77,7 +77,7 @@ public function testListingAllClubs(): void public function testAddingAClub(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); // Check we can add a club from the landing page $browser->visit('/clubs') @@ -137,7 +137,7 @@ public function testAddingAClub(): void public function testEditingAClub(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $browser->visit("/clubs/1/edit") ->assertTitle('Not Found') @@ -212,7 +212,7 @@ public function testEditingAClub(): void public function testDeletingAClub(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $clubId = aClub()->build()->getId(); @@ -248,7 +248,7 @@ public function testDeletingAClub(): void public function testViewingTheClubTeams(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); /** @var Club $club */ $club = aClub()->build(); diff --git a/tests/Browser/CRUD/TeamTest.php b/tests/Browser/CRUD/TeamTest.php index e7b98b8a..20e9002b 100644 --- a/tests/Browser/CRUD/TeamTest.php +++ b/tests/Browser/CRUD/TeamTest.php @@ -17,7 +17,7 @@ class TeamTest extends DuskTestCase public function testListingAllTeamsForNonExistingClub(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $browser->visit("/clubs/1/teams/") ->assertTitle('Not Found') @@ -32,7 +32,7 @@ public function testListingAllTeamsForNonExistingClub(): void public function testListingAllTeamsForClub(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $venue = factory(Venue::class)->create(['name' => 'Sobell SC']); $club = aClub()->withVenue($venue)->withName('Global Warriors')->build(); @@ -69,7 +69,7 @@ public function testListingAllTeamsForClub(): void public function testAddingATeam(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $browser->visit("/clubs/1/teams/create") ->assertTitle('Not Found') @@ -166,7 +166,7 @@ public function testAddingATeam(): void public function testEditingATeam(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $browser->visit("/clubs/1/teams/1/edit") ->assertTitle('Not Found') @@ -275,7 +275,7 @@ public function testEditingATeam(): void public function testDeletingATeam(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $club = aClub()->build(); $teamId = aTeam()->withName('London Warriors')->inClub($club)->build()->getId(); diff --git a/tests/Browser/CRUD/VenueTest.php b/tests/Browser/CRUD/VenueTest.php index 5701c76f..c30a2d08 100644 --- a/tests/Browser/CRUD/VenueTest.php +++ b/tests/Browser/CRUD/VenueTest.php @@ -16,7 +16,7 @@ class VenueTest extends DuskTestCase public function testListingAllVenues(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $browser->visit('/venues') ->assertSeeIn('@list', 'There are no venues yet.'); @@ -63,7 +63,7 @@ public function testListingAllVenues(): void public function testAddingAVenue(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); // Check we can add a venue from the landing page $browser->visit('/venues') @@ -107,7 +107,7 @@ public function testAddingAVenue(): void public function testEditingAVenue(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $browser->visit('/venues/1/edit') ->assertTitle('Not Found') @@ -181,7 +181,7 @@ public function testEditingAVenue(): void public function testDeletingAVenue(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); $venueId = factory(Venue::class)->create(['name' => 'Sobell S.C.'])->getId(); @@ -217,7 +217,7 @@ public function testDeletingAVenue(): void public function testViewVenue(): void { $this->browse(function (Browser $browser): void { - $browser->loginAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $browser->loginAs($this->siteAdmin); /** @var Venue $venue */ $venue = factory(Venue::class)->create(['name' => 'Olympic Stadium']); diff --git a/tests/Feature/CRUD/ClubTest.php b/tests/Feature/CRUD/ClubTest.php index 5f8ae3ff..aae805e9 100644 --- a/tests/Feature/CRUD/ClubTest.php +++ b/tests/Feature/CRUD/ClubTest.php @@ -3,6 +3,7 @@ namespace Tests\Feature\CRUD; use App\Events\ClubCreated; +use App\Helpers\RolesHelper; use App\Models\Club; use App\Models\User; use App\Models\Venue; @@ -35,7 +36,7 @@ public function testAccessForGuests(): void ->assertRedirect('/login'); } - public function testAccessForUserWithoutThePermission(): void + public function testAccessForUsersWithoutAnyCorrectRoles(): void { /** @var Club $club */ $club = aClub()->build(); @@ -63,12 +64,12 @@ public function testAccessForUserWithoutThePermission(): void ->assertForbidden(); } - public function testAccessForSuperAdmin(): void + public function testAccessForSiteAdministrators(): void { /** @var Club $club */ $club = aClub()->buildWithoutSaving(); - $this->actingAs(factory(User::class)->create()->assignRole('Site Administrator')); + $this->actingAs($this->siteAdmin); $this->get('/clubs') ->assertOk(); @@ -117,9 +118,43 @@ public function testAccessForUnverifiedUsers(): void ->assertRedirect('/email/verify'); } + public function testAccessForClubSecretaries(): void + { + /** @var Club $club */ + $club = factory(Club::class)->create(); + + $this->be(factory(User::class)->create()->assignRole(RolesHelper::clubSecretaryName($club))); + + $this->get('/clubs') + ->assertOk(); + + $this->get('/clubs/create') + ->assertForbidden(); + + $this->post('/clubs', $club->toArray()) + ->assertForbidden(); + + $this->get('/clubs/' . $club->getId() . '/edit') + ->assertOk(); + + $this->put('/clubs/' . $club->getId(), $club->toArray()) + ->assertRedirect('clubs'); + + $this->delete('/clubs/' . $club->getId()) + ->assertForbidden(); + + $anotherClub = factory(Club::class)->create(); + + $this->get('/clubs/' . $anotherClub->getId() . '/edit') + ->assertForbidden(); + + $this->put('/clubs/' . $anotherClub->getId(), $club->toArray()) + ->assertForbidden(); + } + public function testAddingAClub(): void { - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->actingAs($this->siteAdmin); $this->post('/clubs', []) ->assertSessionHasErrors('name', 'The name is required.') @@ -146,7 +181,7 @@ public function testAddingAClub(): void public function testEditingAClub(): void { - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->actingAs($this->siteAdmin); $this->put('/clubs/1') ->assertNotFound(); @@ -188,7 +223,7 @@ public function testEditingAClub(): void public function testDeletingAClub(): void { - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->actingAs($this->siteAdmin); $this->delete('/clubs/1') ->assertNotFound(); @@ -205,7 +240,7 @@ public function testAddingClubWillDispatchTheEvent(): void { Event::fake(); - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->actingAs($this->siteAdmin); $this->post('/clubs', ['name' => 'London Giants', 'venue_id' => null]); diff --git a/tests/Feature/CRUD/TeamTest.php b/tests/Feature/CRUD/TeamTest.php index d5363ecd..afb95186 100644 --- a/tests/Feature/CRUD/TeamTest.php +++ b/tests/Feature/CRUD/TeamTest.php @@ -3,6 +3,8 @@ namespace Tests\Feature\CRUD; use App\Events\TeamCreated; +use App\Helpers\RolesHelper; +use App\Models\Club; use App\Models\Team; use App\Models\User; use App\Models\Venue; @@ -36,7 +38,7 @@ public function testAccessForGuests(): void ->assertRedirect('/login'); } - public function testAccessForUserWithoutThePermission(): void + public function testAccessForUsersWithoutAnyCorrectRoles(): void { /** @var Team $team */ $team = aTeam()->build(); @@ -63,7 +65,7 @@ public function testAccessForUserWithoutThePermission(): void ->assertForbidden(); } - public function testAccessForSuperAdmin(): void + public function testAccessForSiteAdministrators(): void { /** @var Team $team */ $team = aTeam()->buildWithoutSaving(); @@ -119,13 +121,115 @@ public function testAccessForUnverifiedUsers(): void ->assertRedirect('/email/verify'); } + public function testAccessForClubAdministrators(): void + { + /** @var Club $club */ + $club = aClub()->build(); + $clubId = $club->getId(); + + /** @var Team $team */ + $team = aTeam()->inClub($club)->buildWithoutSaving(); + + $this->actingAs(factory(User::class)->create()->assignRole(RolesHelper::clubSecretaryName($club))); + + $this->get("/clubs/$clubId/teams") + ->assertOk(); + + $this->get("/clubs/$clubId/teams/create") + ->assertOk(); + + $this->post("/clubs/$clubId/teams", $team->toArray()) + ->assertRedirect("/clubs/$clubId/teams"); + + $team = Team::first(); + $teamId = $team->getId(); + + $this->get("/clubs/$clubId/teams/$teamId/edit") + ->assertOk(); + + $this->put("/clubs/$clubId/teams/$teamId", $team->toArray()) + ->assertRedirect("/clubs/$clubId/teams"); + + $this->delete("/clubs/$clubId/teams/$teamId") + ->assertRedirect("/clubs/$clubId/teams"); + } + + public function testAccessForTeamAdministrators(): void + { + /** @var Club $club */ + $club = aClub()->build(); + $clubId = $club->getId(); + + /** @var Team $team */ + $team = aTeam()->inClub($club)->build(); + $teamId = $team->getId(); + + $this->actingAs(factory(User::class)->create()->assignRole(RolesHelper::teamSecretaryName($team))); + + $this->get("/clubs/$clubId/teams") + ->assertOk(); + + $this->get("/clubs/$clubId/teams/create") + ->assertForbidden(); + + $this->post("/clubs/$clubId/teams", $team->toArray()) + ->assertForbidden(); + + $this->get("/clubs/$clubId/teams/$teamId/edit") + ->assertOk(); + + $this->put("/clubs/$clubId/teams/$teamId", $team->toArray()) + ->assertRedirect("/clubs/$clubId/teams"); + + $this->delete("/clubs/$clubId/teams/$teamId") + ->assertForbidden(); + + /** @var Team $anotherTeam */ + $anotherTeam = aTeam()->inClub($club)->build(); + $anotherTeamId = $anotherTeam->getId(); + + $this->get("/clubs/$clubId/teams/$anotherTeamId/edit") + ->assertForbidden(); + + $this->put("/clubs/$clubId/teams/$anotherTeamId", $team->toArray()) + ->assertForbidden(); + + $this->delete("/clubs/$clubId/teams/$teamId") + ->assertForbidden(); + + /** @var Club $anotherClub */ + $anotherClub = aClub()->build(); + $anotherClubId = $anotherClub->getId(); + + $yetAnotherTeam = aTeam()->inClub($anotherClub)->build(); + $yetAnotherTeamId = $yetAnotherTeam->getId(); + + $this->get("/clubs/$anotherClubId/teams") + ->assertForbidden(); + + $this->get("/clubs/$anotherClubId/teams/create") + ->assertForbidden(); + + $this->post("/clubs/$anotherClubId/teams", $team->toArray()) + ->assertForbidden(); + + $this->get("/clubs/$anotherClubId/teams/$yetAnotherTeamId/edit") + ->assertForbidden(); + + $this->put("/clubs/$anotherClubId/teams/$yetAnotherTeamId", $team->toArray()) + ->assertForbidden(); + + $this->delete("/clubs/$anotherClubId/teams/$yetAnotherTeamId") + ->assertForbidden(); + } + public function testAddingATeam(): void { /** @var Venue $sobellSC */ $sobellSC = factory(Venue::class)->create(['name' => 'Sobell SC']); $clubId = aClub()->build()->getId(); - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->actingAs($this->siteAdmin); $this->post("/clubs/$clubId/teams", []) ->assertSessionHasErrors('name', 'The name is required.'); @@ -169,7 +273,7 @@ public function testEditingATeam(): void $team = factory(Team::class)->create(['name' => 'London Scarlets', 'venue_id' => $sobellSC->getId()]); $clubId = $team->getClub()->getId(); - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->actingAs($this->siteAdmin); $this->put("/clubs/$clubId/teams/" . $team->getId(), []) ->assertSessionHasErrors('name', 'The name is required.'); @@ -220,7 +324,7 @@ public function testDeletingATeam(): void $team = factory(Team::class)->create(['name' => 'London Scarlets']); $clubId = $team->getClub()->getId(); - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->actingAs($this->siteAdmin); $this->delete("/clubs/$clubId/teams/" . $team->getId()) ->assertSessionHasNoErrors(); @@ -237,7 +341,7 @@ public function testAddingTeamWillDispatchTheEvent(): void // Cannot create a venue as the events are faked and the Venue model // needs to create a UUID $clubId = aClub()->withoutVenue()->build()->getId(); - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->actingAs($this->siteAdmin); $this->post("/clubs/$clubId/teams", ['club_id' => $clubId, 'name' => 'London Scarlets', 'venue_id' => null]); diff --git a/tests/Feature/CRUD/VenueTest.php b/tests/Feature/CRUD/VenueTest.php index f195bd8b..ed97e56a 100644 --- a/tests/Feature/CRUD/VenueTest.php +++ b/tests/Feature/CRUD/VenueTest.php @@ -36,7 +36,7 @@ public function testAccessForGuests(): void ->assertRedirect('/login'); } - public function testAccessForUserWithoutThePermission(): void + public function testAccessForUsersWithoutAnyCorrectRoles(): void { /** @var Venue $venue */ $venue = factory(Venue::class)->create(); @@ -65,12 +65,12 @@ public function testAccessForUserWithoutThePermission(): void ->assertForbidden(); } - public function testAccessForSuperAdmin(): void + public function testAccessForSiteAdministrators(): void { /** @var Venue $venue */ $venue = factory(Venue::class)->make(); - $this->be(factory(User::class)->create()->assignRole('Site Administrator')); + $this->be($this->siteAdmin); $this->get('/venues') ->assertOk(); @@ -127,7 +127,7 @@ public function testAccessForUnverifiedUsers(): void public function testAddingAVenue(): void { - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->be($this->siteAdmin); $this->post('/venues', []) ->assertSessionHasErrors('name', 'The name is required.'); @@ -147,7 +147,7 @@ public function testAddingAVenue(): void */ public function testEditingAVenue(): void { - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->be($this->siteAdmin); $this->put('/venues/' . Uuid::generate()->string) ->assertNotFound(); @@ -176,7 +176,7 @@ public function testEditingAVenue(): void */ public function testDeletingAVenue(): void { - $this->actingAs(factory(User::class)->create()->givePermissionTo('view-seasons')); + $this->be($this->siteAdmin); $this->delete('/venues/' . Uuid::generate()->string) ->assertNotFound();