-
-
Notifications
You must be signed in to change notification settings - Fork 2.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7745 from filamentphp/fix/tenant-profile-authoriz…
…ation fix: Tenant profile auth policy method
- Loading branch information
Showing
6 changed files
with
136 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
<?php | ||
|
||
namespace Filament\Tests\Database\Factories; | ||
|
||
use Filament\Tests\Models\Team; | ||
use Filament\Tests\Models\User; | ||
use Illuminate\Database\Eloquent\Factories\Factory; | ||
use Illuminate\Support\Str; | ||
|
||
class TeamFactory extends Factory | ||
{ | ||
protected $model = Team::class; | ||
|
||
public function definition(): array | ||
{ | ||
return [ | ||
'name' => $this->faker->company(), | ||
]; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
<?php | ||
|
||
use Illuminate\Database\Migrations\Migration; | ||
use Illuminate\Database\Schema\Blueprint; | ||
use Illuminate\Support\Facades\Schema; | ||
|
||
return new class() extends Migration | ||
{ | ||
public function up(): void | ||
{ | ||
Schema::create('teams', function (Blueprint $table): void { | ||
$table->id(); | ||
$table->string('name'); | ||
$table->timestamps(); | ||
}); | ||
} | ||
|
||
public function down(): void | ||
{ | ||
Schema::dropIfExists('teams'); | ||
} | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
<?php | ||
|
||
namespace Filament\Tests\Models; | ||
|
||
use Filament\Models\Contracts\FilamentUser; | ||
use Filament\Panel; | ||
use Filament\Tests\Database\Factories\TeamFactory; | ||
use Filament\Tests\Database\Factories\UserFactory; | ||
use Illuminate\Contracts\Auth\MustVerifyEmail; | ||
use Illuminate\Database\Eloquent\Factories\HasFactory; | ||
use Illuminate\Database\Eloquent\Model; | ||
use Illuminate\Database\Eloquent\Relations\HasMany; | ||
use Illuminate\Foundation\Auth\User as Authenticatable; | ||
use Illuminate\Notifications\Notifiable; | ||
|
||
class Team extends Model | ||
{ | ||
use HasFactory; | ||
|
||
protected $guarded = []; | ||
|
||
protected static function newFactory() | ||
{ | ||
return TeamFactory::new(); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
<?php | ||
|
||
use Filament\Facades\Filament; | ||
use Filament\Pages\Tenancy\EditTenantProfile; | ||
use Filament\Tests\Models\Team; | ||
use Filament\Tests\Models\User; | ||
use Filament\Tests\Panels\Pages\TestCase; | ||
use Illuminate\Support\Facades\Gate; | ||
use function Filament\Tests\livewire; | ||
|
||
uses(TestCase::class); | ||
|
||
it('allows the user access to the tenant profile page if the user is authorized', function () { | ||
Filament::setTenant(Team::factory()->create()); | ||
|
||
Gate::policy(Team::class, TeamPolicyWithAccess::class); | ||
|
||
livewire(EditTeamProfile::class) | ||
->assertSuccessful(); | ||
}); | ||
|
||
it('denies the user access to the tenant profile page if the user is unauthorized', function () { | ||
Filament::setTenant(Team::factory()->create()); | ||
|
||
Gate::policy(Team::class, TeamPolicyWithoutAccess::class); | ||
|
||
livewire(EditTeamProfile::class) | ||
->assertNotFound(); | ||
}); | ||
|
||
class EditTeamProfile extends EditTenantProfile | ||
{ | ||
public static function getLabel(): string | ||
{ | ||
return 'Edit team'; | ||
} | ||
} | ||
|
||
class TeamPolicyWithAccess | ||
{ | ||
public function update(User $user, Team $team): bool | ||
{ | ||
return true; | ||
} | ||
} | ||
|
||
class TeamPolicyWithoutAccess | ||
{ | ||
public function update(User $user, Team $team): bool | ||
{ | ||
return false; | ||
} | ||
} |