opnform/tests/Feature/Forms/FormPasswordTest.php

97 lines
3.2 KiB
PHP
Raw Permalink Normal View History

2022-09-20 19:59:52 +00:00
<?php
2024-02-23 10:54:12 +00:00
2022-09-20 19:59:52 +00:00
use Illuminate\Testing\Fluent\AssertableJson;
use Tests\Helpers\FormSubmissionDataFactory;
beforeEach(function () {
2024-02-23 10:54:12 +00:00
$this->password = '12345';
2022-09-20 19:59:52 +00:00
$user = $this->actingAsUser();
$workspace = $this->createUserWorkspace($user);
$this->form = $this->createForm($user, $workspace, [
'password' => $this->password,
]);
$this->formData = FormSubmissionDataFactory::generateSubmissionData($this->form);
});
it('can allow form owner to access and submit form without password', function () {
// As Form Owner so can access form without password
$this->getJson(route('forms.show', $this->form->slug))
->assertSuccessful()
->assertJson(function (AssertableJson $json) {
return $json->where('id', $this->form->id)
->where('has_password', true)
->where('is_password_protected', false)
->etc();
});
// As Form Owner so can submit form without password
$this->postJson(route('forms.answer', $this->form->slug), $this->formData)
->assertSuccessful()
->assertJson([
'type' => 'success',
2024-02-23 10:54:12 +00:00
'message' => 'Form submission saved.',
2022-09-20 19:59:52 +00:00
]);
});
it('can not access form without password for guest user', function () {
$this->actingAsGuest();
$this->getJson(route('forms.show', $this->form->slug))
->assertSuccessful()
->assertJson(function (AssertableJson $json) {
return $json->where('id', $this->form->id)
->where('has_password', true)
->where('is_password_protected', true)
->etc();
});
});
it('can not submit form without password for guest user', function () {
$this->actingAsGuest();
$this->postJson(route('forms.answer', $this->form->slug), $this->formData)
->assertStatus(403)
->assertJson([
'status' => 'Unauthorized',
2024-02-23 10:54:12 +00:00
'message' => 'Form is protected.',
2022-09-20 19:59:52 +00:00
]);
});
it('can not submit form with wrong password for guest user', function () {
$this->actingAsGuest();
2024-02-23 10:54:12 +00:00
$this->withHeaders(['form-password' => hash('sha256', 'WRONGPASSWORD')])
2022-09-20 19:59:52 +00:00
->postJson(route('forms.answer', $this->form->slug), $this->formData)
->assertStatus(403)
->assertJson([
'status' => 'Unauthorized',
2024-02-23 10:54:12 +00:00
'message' => 'Form is protected.',
2022-09-20 19:59:52 +00:00
]);
});
it('can access form with right password for guest user', function () {
$this->actingAsGuest();
2024-02-23 10:54:12 +00:00
$this->withHeaders(['form-password' => hash('sha256', $this->password)])
2022-09-20 19:59:52 +00:00
->getJson(route('forms.show', $this->form->slug))
->assertSuccessful()
->assertJson(function (AssertableJson $json) {
return $json->where('id', $this->form->id)
->where('has_password', true)
->where('is_password_protected', false)
->etc();
});
});
it('can submit form with right password for guest user', function () {
$this->actingAsGuest();
2024-02-23 10:54:12 +00:00
$this->withHeaders(['form-password' => hash('sha256', $this->password)])
2022-09-20 19:59:52 +00:00
->postJson(route('forms.answer', $this->form->slug), $this->formData)
->assertSuccessful()
->assertJson([
'type' => 'success',
2024-02-23 10:54:12 +00:00
'message' => 'Form submission saved.',
2022-09-20 19:59:52 +00:00
]);
});