Merge pull request #4 from fumeapp/ability-tests

Creates additional tests for session token abilities

composer.json

@@ -6,6 +6,11 @@
   "keywords": [
     "Laravel", "API", "authentication", "passwordless", "PHP"
   ],
+  "config": {
+    "sort-packages": true
+  },
+  "minimum-stability": "dev",
+  "prefer-stable": true,
   "authors": [
     {
       "name": "Kevin Olson",
@@ -19,14 +24,20 @@
     "torann/geoip": "^3.0"
   },
   "require-dev": {
+    "laravel/pint": "^1.1.1",
     "mockery/mockery": "^1.0",
+    "nunomaduro/collision": "^5.10",
     "orchestra/testbench": "^6.2",
-    "laravel/pint": "^0.2.1",
     "phpunit/phpunit": "^8.0|^9.3"
   },
   "autoload": {
     "psr-4": {
-     "Fumeapp\\Humble\\": "src"
+      "Fumeapp\\Humble\\": "src"
+    }
+  },
+  "autoload-dev": {
+    "psr-4": {
+      "Fumeapp\\Humble\\Tests\\": "tests"
     }
   },
   "extra": {
@@ -41,16 +52,15 @@
       "vendor/bin/pint"
     ],
     "test": [
-      "vendor/bin/phpunit"
+      "./vendor/bin/testbench package:test --no-coverage"
+    ],
+    "test-coverage": [
+      "XDEBUG_MODE=coverage ./vendor/bin/phpunit --colors=always --testdox --coverage-text"
     ]
   },
   "scripts-descriptions": {
     "pint": "Run the Pint Linter and Fixer.",
-    "test": "Run the PHPUnit tests."
-  },
-  "config": {
-    "sort-packages": true
-  },
-  "minimum-stability": "dev",
-  "prefer-stable": true
+    "test": "Run the PHPUnit tests.",
+    "test-coverage": "Run the PHPUnit tests with code coverage."
+  }
 }

phpunit.xml

@@ -16,4 +16,9 @@
             <directory suffix=".php">./tests/</directory>
         </testsuite>
     </testsuites>
+    <coverage processUncoveredFiles="true">
+        <include>
+            <directory suffix=".php">./src</directory>
+        </include>
+    </coverage>
 </phpunit>

src/Guards/HumbleGuard.php

@@ -2,10 +2,10 @@
 
 namespace Fumeapp\Humble\Guards;
 
-use Fumeapp\Humble\Models\Attempt;
-use Fumeapp\Humble\Models\Session;
 use App\Models\User as UserModel;
 use Exception;
+use Fumeapp\Humble\Models\Attempt;
+use Fumeapp\Humble\Models\Session;
 use Illuminate\Contracts\Auth\Authenticatable;
 use Illuminate\Contracts\Auth\Guard;
 use Illuminate\Database\Eloquent\Model;

src/Models/Session.php

@@ -2,9 +2,9 @@
 
 namespace Fumeapp\Humble\Models;
 
+use Eloquent;
 use Fumeapp\Humble\Contracts\HasAbilities;
 use Fumeapp\Humble\Guards\HumbleGuard;
-use Eloquent;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 

src/Traits/Humble.php

@@ -71,14 +71,14 @@ public function tokenCannot(string $ability)
      */
     public function createToken(string $source, array $abilities = ['*']): string
     {
-        return ($this->sessions()->create([
+        return $this->sessions()->create([
             'token' => Session::hash(),
             'source' => $source,
             'abilities' => $abilities,
             'ip' => auth()->ip() ?? request()->ip(),
             'location' => auth()->geoip() ?? null,
             'agent' => request()->Header('User-Agent'),
-        ]))
+        ])
             ->getKey();
     }
 }

tests/HumbleTest.php

@@ -0,0 +1,62 @@
+<?php
+
+namespace Fumeapp\Humble\Tests;
+
+use Fumeapp\Humble\Tests\Models\User;
+
+class HumbleTest extends TestCase
+{
+    public function test_session_token_can_be_created()
+    {
+        $user = User::create([
+            'name' => 'John Doe',
+        ]);
+
+        $newToken = $user->createToken('action');
+        $storedToken = $user->sessions()->first()->getKey();
+
+        $this->assertEquals($newToken, $storedToken);
+    }
+
+    public function test_session_token_can_be_created_with_abilities()
+    {
+        $user = User::create([
+            'name' => 'John Doe',
+        ]);
+
+        $abilities = ['create', 'update', 'delete'];
+
+        $newToken = $user->createToken('action', $abilities);
+        $storedToken = $user->sessions()->find($newToken);
+
+        $this->assertEquals($storedToken->abilities, $abilities);
+    }
+
+    public function test_token_can_return_true_with_correct_abilities()
+    {
+        $user = User::create([
+            'name' => 'John Doe',
+        ]);
+
+        $abilities = ['create', 'update', 'delete'];
+
+        $newToken = $user->createToken('action', $abilities);
+        $storedToken = $user->sessions()->find($newToken);
+
+        $this->assertTrue($storedToken->can('delete'));
+    }
+
+    public function test_token_can_return_false_if_it_does_not_have_correct_abilities()
+    {
+        $user = User::create([
+            'name' => 'John Doe',
+        ]);
+
+        $abilities = ['create', 'update'];
+
+        $newToken = $user->createToken('action', $abilities);
+        $storedToken = $user->sessions()->find($newToken);
+
+        $this->assertFalse($storedToken->can('delete'));
+    }
+}

tests/Models/User.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace Fumeapp\Humble\Tests\Models;
+
+use Fumeapp\Humble\Models\Session;
+use Fumeapp\Humble\Traits\Humble;
+use Illuminate\Foundation\Auth\User as Authenticatable;
+
+class User extends Authenticatable
+{
+    protected $guarded = [];
+
+    use Humble;
+
+    /**
+     * Override the default session model since in testing we don't have the request object.
+     */
+    public function createToken(string $source, array $abilities = ['*']): string
+    {
+        return $this->sessions()->create([
+            'token' => Session::hash(),
+            'source' => $source,
+            'abilities' => $abilities,
+            'ip' => null,
+            'location' => null,
+            'agent' => null,
+        ])
+            ->getKey();
+    }
+}

tests/TestCase.php

@@ -0,0 +1,69 @@
+<?php
+
+namespace Fumeapp\Humble\Tests;
+
+use Fumeapp\Humble\HumbleServiceProvider;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+use Orchestra\Testbench\TestCase as Orchestra;
+
+abstract class TestCase extends Orchestra
+{
+    public function setUp(): void
+    {
+        parent::setUp();
+    }
+
+    protected function getPackageProviders($app)
+    {
+        return [
+            HumbleServiceProvider::class,
+        ];
+    }
+
+    public function getEnvironmentSetUp($app)
+    {
+        $app['config']->set('database.default', 'testbench');
+
+        $app['config']->set('database.connections.testbench', [
+            'driver' => 'sqlite',
+            'database' => ':memory:',
+            'prefix' => '',
+        ]);
+
+        $this->migrateDatabase();
+    }
+
+    public function migrateDatabase()
+    {
+        Schema::create('users', function (Blueprint $table) {
+            $table->id();
+            $table->string('name');
+            $table->timestamps();
+        });
+
+        Schema::create('sessions', function (Blueprint $table) {
+            $table->string('token', 64)->unique();
+            $table->bigInteger('user_id')->unsigned();
+            $table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
+            $table->string('source')->nullable();
+            $table->json('abilities')->nullable();
+            $table->string('ip', 300)->nullable();
+            $table->string('agent')->nullable();
+            $table->string('location')->nullable();
+            $table->timestamps();
+            $table->primary('token');
+        });
+
+        Schema::create('attempts', function (Blueprint $table) {
+            $table->string('token', 64)->unique();
+            $table->json('action')->nullable();
+            $table->bigInteger('user_id')->unsigned();
+            $table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
+            $table->string('ip', 300)->nullable();
+            $table->string('agent')->nullable();
+            $table->timestamps();
+            $table->primary('token');
+        });
+    }
+}