daengdeni/basicdata
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

feat(basicdata): tambah otorisasi berbasis peran dan pengujian pada BranchController

Browse Source 
- Implementasi otorisasi berbasis peran untuk seluruh aksi di BranchController seperti index, create, store, edit, update, delete, dan export.
- Tambahan utilitas `getUser` untuk mendapatkan pengguna yang diautentikasi dan mempermudah pengecekan otorisasi.
- Semua aksi pada controller sekarang memeriksa izin pengguna sebelum melanjutkan:
  - `basic-data.read` untuk melihat data.
  - `basic-data.create` untuk membuat cabang baru.
  - `basic-data.update` untuk memperbarui data cabang.
  - `basic-data.delete` untuk menghapus data cabang.
  - `basic-data.export` untuk mengekspor data cabang.
- Penyesuaian pada view:
  - Tombol aksi seperti `Save`, `Delete Selected`, dan `Export to Excel` hanya tampil jika pengguna memiliki izin terkait.
- Tambahan pengujian (unit test) pada `BranchControllerTest` untuk memastikan logika otorisasi:
  - Pengguna dengan izin dapat melakukan aksi sesuai dengan perannya.
  - Pengguna tanpa izin mendapatkan respon 403 atau dicegah melakukan aksi tertentu.
- Update logika tombol aksi di datatables untuk mendukung pengecekan izin sebelum menampilkan opsi edit/hapus.
- Update respons JSON dalam aksi hapus tunggal dan hapus banyak untuk kejelasan struktur pesan.

Commit ini mengamankan BranchController dari akses tak sah dan meningkatkan fleksibilitas sistem terkait kendali peran dan izin.

Signed-off-by: Daeng Deni Mardaeni <ddeni05@gmail.com>
This commit is contained in:
Daeng Deni Mardaeni
2025-05-17 11:32:06 +07:00
parent 32e620299b
commit 52b48263a2
4 changed files with 377 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

280
tests/Feature/BranchControllerTest.php Normal file
View File

@@ -0,0 +1,280 @@
<?php
namespace Modules\Basicdata\Tests\Feature;
use Tests\TestCase;
use Modules\Basicdata\Models\Branch;
use Modules\Usermanagement\Models\User;
use Modules\Usermanagement\Models\Role;
use Modules\Usermanagement\Models\Permission;
use Modules\Usermanagement\Models\PermissionGroup;
use Illuminate\Foundation\Testing\RefreshDatabase;
use PHPUnit\Framework\Attributes\Test;
class BranchControllerTest extends TestCase
{
use RefreshDatabase;
protected $user;
protected $adminRole;
protected $branch;
protected function setUp(): void
{
parent::setUp();
// Create permission group first
$permissionGroup = PermissionGroup::create([
'name' => 'basic-data',
'slug' => 'basic-data'
]);
// Create permissions with permission_group_id
Permission::create([
'name' => 'basic-data.create',
'guard_name' => 'web',
'permission_group_id' => $permissionGroup->id
]);
Permission::create([
'name' => 'basic-data.read',
'guard_name' => 'web',
'permission_group_id' => $permissionGroup->id
]);
Permission::create([
'name' => 'basic-data.update',
'guard_name' => 'web',
'permission_group_id' => $permissionGroup->id
]);
Permission::create([
'name' => 'basic-data.delete',
'guard_name' => 'web',
'permission_group_id' => $permissionGroup->id
]);
Permission::create([
'name' => 'basic-data.export',
'guard_name' => 'web',
'permission_group_id' => $permissionGroup->id
]);
// Create admin role with all permissions
$this->adminRole = Role::create(['name' => 'admin', 'guard_name' => 'web']);
$this->adminRole->givePermissionTo(Permission::all());
// Create a user with admin role
$this->user = User::factory()->create();
$this->user->assignRole($this->adminRole);
// Create a branch for testing
$this->branch = Branch::create([
'code' => 'TEST',
'name' => 'Test Branch'
]);
}
#[Test]
public function user_with_permission_can_view_branches_index()
{
$response = $this->actingAs($this->user)
->get(route('basicdata.branch.index'));
$response->assertStatus(200);
}
#[Test]
public function user_without_permission_cannot_view_branches_index()
{
// Create a role without permissions
$role = Role::create(['name' => 'viewer', 'guard_name' => 'web']);
// Create a user with the viewer role
$user = User::factory()->create();
$user->assignRole($role);
$response = $this->actingAs($user)
->get(route('basicdata.branch.index'));
$response->assertStatus(403);
}
#[Test]
public function user_with_permission_can_create_branch()
{
$response = $this->actingAs($this->user)
->get(route('basicdata.branch.create'));
$response->assertStatus(200);
}
#[Test]
public function user_without_permission_cannot_create_branch()
{
// Create a role with only read permission
$role = Role::create(['name' => 'reader', 'guard_name' => 'web']);
$role->givePermissionTo('basic-data.read');
// Create a user with the reader role
$user = User::factory()->create();
$user->assignRole($role);
$response = $this->actingAs($user)
->get(route('basicdata.branch.create'));
$response->assertStatus(403);
}
#[Test]
public function user_with_permission_can_store_branch()
{
$branchData = [
'code' => 'NEW',
'name' => 'New Branch'
];
$response = $this->actingAs($this->user)
->post(route('basicdata.branch.store'), $branchData);
$response->assertRedirect(route('basicdata.branch.index'));
$this->assertDatabaseHas('branches', $branchData);
}
#[Test]
public function user_without_permission_cannot_store_branch()
{
// Create a role with only read permission
$role = Role::create(['name' => 'reader', 'guard_name' => 'web']);
$role->givePermissionTo('basic-data.read');
// Create a user with the reader role
$user = User::factory()->create();
$user->assignRole($role);
$branchData = [
'code' => 'NEW',
'name' => 'New Branch'
];
$response = $this->actingAs($user)
->post(route('basicdata.branch.store'), $branchData);
$response->assertStatus(403);
$this->assertDatabaseMissing('branches', $branchData);
}
#[Test]
public function user_with_permission_can_edit_branch()
{
$response = $this->actingAs($this->user)
->get(route('basicdata.branch.edit', $this->branch->id));
$response->assertStatus(200);
}
#[Test]
public function user_without_permission_cannot_edit_branch()
{
// Create a role with only read permission
$role = Role::create(['name' => 'reader', 'guard_name' => 'web']);
$role->givePermissionTo('basic-data.read');
// Create a user with the reader role
$user = User::factory()->create();
$user->assignRole($role);
$response = $this->actingAs($user)
->get(route('basicdata.branch.edit', $this->branch->id));
$response->assertStatus(403);
}
#[Test]
public function user_with_permission_can_update_branch()
{
$updatedData = [
'code' => 'UPD',
'name' => 'Updated Branch'
];
$response = $this->actingAs($this->user)
->put(route('basicdata.branch.update', $this->branch->id), $updatedData);
$response->assertRedirect(route('basicdata.branch.index'));
$this->assertDatabaseHas('branches', $updatedData);
}
#[Test]
public function user_without_permission_cannot_update_branch()
{
// Create a role with only read permission
$role = Role::create(['name' => 'reader', 'guard_name' => 'web']);
$role->givePermissionTo('basic-data.read');
// Create a user with the reader role
$user = User::factory()->create();
$user->assignRole($role);
$updatedData = [
'code' => 'UPD',
'name' => 'Updated Branch'
];
$response = $this->actingAs($user)
->put(route('basicdata.branch.update', $this->branch->id), $updatedData);
$response->assertStatus(403);
$this->assertDatabaseMissing('branches', $updatedData);
}
#[Test]
public function user_with_permission_can_delete_branch()
{
$response = $this->actingAs($this->user)
->delete(route('basicdata.branch.destroy', $this->branch->id));
$response->assertJson(['success' => true]);
$this->assertSoftDeleted($this->branch);
}
#[Test]
public function user_without_permission_cannot_delete_branch()
{
// Create a role with only read permission
$role = Role::create(['name' => 'reader', 'guard_name' => 'web']);
$role->givePermissionTo('basic-data.read');
// Create a user with the reader role
$user = User::factory()->create();
$user->assignRole($role);
$response = $this->actingAs($user)
->delete(route('basicdata.branch.destroy', $this->branch->id));
$response->assertStatus(403);
$this->assertDatabaseHas('branches', ['id' => $this->branch->id, 'deleted_at' => null]);
}
#[Test]
public function user_with_permission_can_export_branches()
{
$response = $this->actingAs($this->user)
->get(route('basicdata.branch.export'));
$response->assertStatus(200);
}
#[Test]
public function user_without_permission_cannot_export_branches()
{
// Create a role with only read permission
$role = Role::create(['name' => 'reader', 'guard_name' => 'web']);
$role->givePermissionTo('basic-data.read');
// Create a user with the reader role
$user = User::factory()->create();
$user->assignRole($role);
$response = $this->actingAs($user)
->get(route('basicdata.branch.export'));
$response->assertStatus(403);
}
}