diff --git a/src/Kodeine/Acl/Helper/Helper.php b/src/Kodeine/Acl/Helper/Helper.php index e586022..6166b36 100644 --- a/src/Kodeine/Acl/Helper/Helper.php +++ b/src/Kodeine/Acl/Helper/Helper.php @@ -93,7 +93,7 @@ protected function hasDelimiterToArray($str) /** * @param $item - * @param callable $closure + * @param \Closure $closure * @return array */ protected function mapArray($item, \Closure $closure) diff --git a/src/Kodeine/Acl/Models/Eloquent/Role.php b/src/Kodeine/Acl/Models/Eloquent/Role.php index dea7856..b88e6bf 100644 --- a/src/Kodeine/Acl/Models/Eloquent/Role.php +++ b/src/Kodeine/Acl/Models/Eloquent/Role.php @@ -51,11 +51,13 @@ function () { * Checks if the role has the given permission. * * @param string $permission + * @param string $model + * @param int $reference_id * @param string $operator * @param array $mergePermissions * @return bool */ - public function can($permission, $operator = null, $mergePermissions = []) + public function can($permission, $model = '', $reference_id = 0, $operator = null, $mergePermissions = []) { $operator = is_null($operator) ? $this->parseOperator($permission) : $operator; @@ -76,22 +78,57 @@ public function can($permission, $operator = null, $mergePermissions = []) $call = 'canWith' . ucwords($operator); - return $this->$call($permission, $permissions); + return $this->$call($permission, $permissions, $model, $reference_id); } - // validate single permission - return isset($permissions[$permission]) && $permissions[$permission] == true; + // Validate single permission. + $permission_model = "{$permission}:{$model}"; + $permission_reference = "{$permission}:{$model}:{$reference_id}"; + $checks = [ + // If user have global permission. + $permission, + // If user have permission to this model. + $permission_model, + // If user have permission to this model and reference_id. + $permission_reference + ]; + foreach ($checks as $c) { + if (isset($permissions[$c]) && $permissions[$c] == true) { + return true; + } + } + + return false; } /** - * @param $permission - * @param $permissions + * @param string $permission + * @param array $permissions + * @param string $model + * @param int $reference_id + * * @return bool */ - protected function canWithAnd($permission, $permissions) + protected function canWithAnd($permission, $permissions, $model = '', $reference_id = 0) { foreach ($permission as $check) { - if ( ! in_array($check, $permissions) || ! isset($permissions[$check]) || $permissions[$check] != true ) { + $permission_ok = false; + $permission_model = "{$check}:{$model}"; + $permission_reference = "{$check}:{$model}:{$reference_id}"; + $checks = [ + // If user have global permission. + $check, + // If user have permission to this model. + $permission_model, + // If user have permission to this model and reference_id. + $permission_reference + ]; + foreach ($checks as $c) { + if (isset($permissions[$c]) && $permissions[$c] == true) { + $permission_ok = true; + } + } + if ( ! $permission_ok) { return false; } } @@ -99,16 +136,32 @@ protected function canWithAnd($permission, $permissions) return true; } + /** - * @param $permission - * @param $permissions + * @param string $permission + * @param array $permissions + * @param string $model + * @param int $reference_id + * * @return bool */ - protected function canWithOr($permission, $permissions) + protected function canWithOr($permission, $permissions, $model = '', $reference_id = 0) { foreach ($permission as $check) { - if ( in_array($check, $permissions) && isset($permissions[$check]) && $permissions[$check] == true ) { - return true; + $permission_model = "{$check}:{$model}"; + $permission_reference = "{$check}:{$model}:{$reference_id}"; + $checks = [ + // If user have global permission. + $check, + // If user have permission to this model. + $permission_model, + // If user have permission to this model and reference_id. + $permission_reference + ]; + foreach ($checks as $c) { + if (isset($permissions[$c]) && $permissions[$c] == true) { + return true; + } } } diff --git a/src/Kodeine/Acl/Traits/HasPermission.php b/src/Kodeine/Acl/Traits/HasPermission.php index c50664f..7ba443f 100644 --- a/src/Kodeine/Acl/Traits/HasPermission.php +++ b/src/Kodeine/Acl/Traits/HasPermission.php @@ -46,16 +46,24 @@ function () { // more permissive permission wins // if user has multiple roles we keep // true values. - foreach ($this->roles as $role) { + foreach ($this->roles()->get() as $role) { + $model_string = $role->pivot->model; + $reference_id = $role->pivot->reference_id; + $model_reference_key = ''; + if ( ! empty($model_string) && !empty($reference_id)) { + $model_reference_key = "{$model_string}:{$reference_id}"; + } + foreach ($role->getPermissions() as $slug => $array) { - if ( array_key_exists($slug, $permissions) ) { + $permission_key = empty($model_reference_key) ? $slug : "{$slug}:{$model_reference_key}"; + if ( array_key_exists($permission_key, $permissions) ) { foreach ($array as $clearance => $value) { - if( !array_key_exists( $clearance, $permissions[$slug] ) ) { - ! $value ?: $permissions[$slug][$clearance] = true; + if( !array_key_exists( $clearance, $permissions[$permission_key] ) ) { + ! $value ?: $permissions[$permission_key][$clearance] = true; } } } else { - $permissions = array_merge($permissions, [$slug => $array]); + $permissions = array_merge($permissions, [$permission_key => $array]); } } } @@ -66,11 +74,13 @@ function () { /** * Check if User has the given permission. * - * @param string $permission - * @param string $operator + * @param $permission + * @param string $model_string + * @param int $reference_id + * @param string $operator * @return bool */ - public function can($permission, $operator = null) + public function can($permission, $model_string = '', $reference_id = 0, $operator = null) { // user permissions including // all of user role permissions @@ -87,7 +97,7 @@ function () { // has user & role permissions $model = config('acl.role', 'Kodeine\Acl\Models\Eloquent\Role'); - return (new $model)->can($permission, $operator, $merge); + return (new $model)->can($permission, $model_string, $reference_id, $operator, $merge); } /** diff --git a/src/Kodeine/Acl/Traits/HasPermissionInheritance.php b/src/Kodeine/Acl/Traits/HasPermissionInheritance.php index f8c4ed0..5b2c64c 100644 --- a/src/Kodeine/Acl/Traits/HasPermissionInheritance.php +++ b/src/Kodeine/Acl/Traits/HasPermissionInheritance.php @@ -15,7 +15,7 @@ trait HasPermissionInheritance public function getPermissionsInherited() { $rights = []; - $permissions = $this->permissions; + $permissions = $this->permissions()->get(); // ntfs permissions // determine if ntfs is enabled @@ -48,7 +48,7 @@ public function getPermissionsInherited() $merge = $permissions->where('name', $row->name); $merge = method_exists($merge, 'pluck') ? $merge->pluck('slug', 'name') : $merge->lists('slug', 'name'); - // fix for l5.1 and backward compatibility. + // fix for l5.1 and backward compatibility. // lists() method should return as an array. $merge = $this->collectionAsArray($merge); diff --git a/src/Kodeine/Acl/Traits/HasRole.php b/src/Kodeine/Acl/Traits/HasRole.php index 17dfbe1..bc0f0af 100644 --- a/src/Kodeine/Acl/Traits/HasRole.php +++ b/src/Kodeine/Acl/Traits/HasRole.php @@ -1,5 +1,7 @@ belongsToMany($model)->withTimestamps(); + return $this->belongsToMany($model)->withPivot(['model', 'reference_id'])->withTimestamps(); } /** @@ -37,17 +39,14 @@ public function roles() public function getRoles() { $this_roles = \Cache::remember( - 'acl.getRolesById_'.$this->id, + "acl.getRolesById_{$this->id}", config('acl.cacheMinutes'), function () { - return $this->roles; + return $this->roles()->get(); } ); - $slugs = method_exists($this_roles, 'pluck') ? $this_roles->pluck('slug','id') : $this_roles->lists('slug','id'); - return is_null($this_roles) - ? [] - : $this->collectionAsArray($slugs); + return $this->getRolesMap($this_roles); } /** @@ -81,10 +80,14 @@ public function scopeRole($query, $role, $column = null) /** * Checks if the user has the given role. * - * @param string $slug + * @param string $slug + * @param string $model + * @param int $reference_id + * @param string $operator + * * @return bool */ - public function hasRole($slug, $operator = null) + public function hasRole($slug, $model = '', $reference_id = 0, $operator = null) { $operator = is_null($operator) ? $this->parseOperator($slug) : $operator; @@ -102,27 +105,77 @@ public function hasRole($slug, $operator = null) $call = 'isWith' . ucwords($operator); - return $this->$call($slug, $roles); + return $this->$call($slug, $roles, $model, $reference_id); } // single slug - return in_array($slug, $roles); + return $this->checkRole($slug, $roles, $model, $reference_id); } + /** - * Assigns the given role to the user. + * @param $role_slug + * @param $roles + * @param string $model + * @param int $reference_id * - * @param collection|object|array|string|int $role * @return bool */ - public function assignRole($role) + private function checkRole($role_slug, $roles, $model = '', $reference_id = 0) + { + if ($role_slug instanceof Role) { + $role_slug = $role_slug->slug; + } + + $roles_exist = array_map(function ($role_slugs) use ($role_slug, $model, $reference_id) { + $role_exist = false; + $role_model = "{$role_slug}:{$model}"; + $role_reference = "{$role_slug}:{$model}:{$reference_id}"; + $checks = [ + // If user have global role. + $role_slug, + // If user have role to this model. + $role_model, + // If user have role to this model and reference_id. + $role_reference + ]; + + foreach ($checks as $c) { + if (in_array($c, $role_slugs)) { + $role_exist = true; + } + } + + return (int)$role_exist; + }, $roles); + + return (bool)array_sum($roles_exist); + } + + /** + * Assigns the given role to the user. + * + * @param collection|object|array|string|int $role + * @param string $model + * @param int $reference_id + * + * @return bool|array + */ + public function assignRole($role, $model = '', $reference_id = 0) { - return $this->mapArray($role, function ($role) { + $id = $this->id; + return $this->mapArray($role, function ($role) use ($model, $reference_id, $id) { $roleId = $this->parseRoleId($role); if ( ! $this->roles->keyBy('id')->has($roleId) ) { - $this->roles()->attach($roleId); + $this->roles()->attach($roleId, [ + 'model' => $model, + 'reference_id' => $reference_id + ]); + + // Reset caches. + \Cache::forget("acl.getRolesById_{$id}"); return $role; } @@ -134,16 +187,31 @@ public function assignRole($role) /** * Revokes the given role from the user. * - * @param collection|object|array|string|int $role - * @return bool + * @param collection|object|array|string|int $role + * @param string $model + * @param int $reference_id + * + * @return bool|array */ - public function revokeRole($role) + public function revokeRole($role, $model = '', $reference_id = 0) { - return $this->mapArray($role, function ($role) { + $id = $this->id; + return $this->mapArray($role, function ($role) use ($model, $reference_id, $id) { $roleId = $this->parseRoleId($role); - return $this->roles()->detach($roleId); + $result = $this->roles()->newPivotStatementForId($roleId) + // Laravel couldn't detach pivot records with provided constraints, but this should work: + ->where('model', $model) + ->where('reference_id', $reference_id) + ->delete(); + // Update when Laravel would support this. + //->detach($roleId, ['model' => $model, 'reference_id' => $reference_id]); + + // Reset caches. + \Cache::forget("acl.getRolesById_{$id}"); + return $result; + }); } @@ -184,14 +252,17 @@ public function revokeAllRoles() */ /** - * @param $slug - * @param $roles + * @param $slug + * @param $roles + * @param string $model + * @param int $reference_id + * * @return bool */ - protected function isWithAnd($slug, $roles) + protected function isWithAnd($slug, $roles, $model = '', $reference_id = 0) { foreach ($slug as $check) { - if ( ! in_array($check, $roles) ) { + if ( ! $this->checkRole($check, $roles, $model, $reference_id)) { return false; } } @@ -199,15 +270,19 @@ protected function isWithAnd($slug, $roles) return true; } + /** - * @param $slug - * @param $roles + * @param $slug + * @param $roles + * @param string $model + * @param int $reference_id + * * @return bool */ - protected function isWithOr($slug, $roles) + protected function isWithOr($slug, $roles, $model = '', $reference_id = 0) { foreach ($slug as $check) { - if ( in_array($check, $roles) ) { + if ($this->checkRole($check, $roles, $model, $reference_id)) { return true; } } @@ -263,21 +338,75 @@ public function __call($method, $arguments) { // Handle isRoleSlug() methods if ( starts_with($method, 'is') and $method !== 'is' and ! starts_with($method, 'isWith') ) { - $role = substr($method, 2); + $role = substr($method, 2); + $model = empty($arguments[0]) ? '' : $arguments[0]; + $reference_id = empty($arguments[1]) ? 0 : $arguments[1]; + $operator = empty($arguments[2]) ? null : $arguments[2]; - return $this->hasRole($role); + return $this->hasRole($role, $model, $reference_id, $operator); } // Handle canDoSomething() methods if ( starts_with($method, 'can') and $method !== 'can' and ! starts_with($method, 'canWith') ) { - $permission = substr($method, 3); - $permission = snake_case($permission, '.'); + $permission = substr($method, 3); + $permission = snake_case($permission, '.'); + $model = empty($arguments[0]) ? '' : $arguments[0]; + $reference_id = empty($arguments[1]) ? 0 : $arguments[1]; + $operator = empty($arguments[2]) ? null : $arguments[2]; - return $this->can($permission); + return $this->can($permission, $model, $reference_id, $operator); } return parent::__call($method, $arguments); } + + + /** + * Get sorted map from roles. + * @return array + */ + private function getRolesMap($roles) + { + if (empty($roles)) { + return []; + } + $roles = $roles->map(function ($r) { + return [ + 'id' => $r->id, + 'slug' => $r->slug, + 'model' => $r->pivot->model, + 'reference_id' => $r->pivot->reference_id, + ]; + }); + $roles = $this->collectionAsArray($roles); + + $map = []; + array_walk($roles, function ($role) use (&$map) { + $id = $role['id']; + $slug = $role['slug']; + if (empty($map[$id])) { + $map[$id] = []; + } + $model_reference_keys = [ + $role['model'], + // Do not count reference_id == 0 as model id. + $role['reference_id'] ? $role['reference_id'] : '' + ]; + $model_reference_keys = array_filter($model_reference_keys, function ($key) { + return $key !== ''; + }); + $model_reference_key = join(':', $model_reference_keys); + + $map[$id][] = $model_reference_key ? "{$slug}:{$model_reference_key}" : "{$slug}"; + }); + + foreach ($map as $role_id => $roles) { + sort($roles); + $map[$role_id] = $roles; + } + + return $map; + } } $laravel = app(); diff --git a/src/migrations/2015_02_07_172633_create_role_user_table.php b/src/migrations/2015_02_07_172633_create_role_user_table.php index 547a3c9..97c352a 100644 --- a/src/migrations/2015_02_07_172633_create_role_user_table.php +++ b/src/migrations/2015_02_07_172633_create_role_user_table.php @@ -17,6 +17,8 @@ public function up() $table->increments('id'); $table->integer('role_id')->unsigned()->index()->foreign()->references("id")->on("roles")->onDelete("cascade"); $table->integer('user_id')->unsigned()->index()->foreign()->references("id")->on("users")->onDelete("cascade"); + $table->string('model')->index()->default(''); + $table->integer('reference_id')->unsigned()->index()->default(0); $table->timestamps(); }); } diff --git a/tests/Integration/IntegrationTest.php b/tests/Integration/IntegrationTest.php new file mode 100644 index 0000000..57ed227 --- /dev/null +++ b/tests/Integration/IntegrationTest.php @@ -0,0 +1,24 @@ +migrate(); + } + + + public function tearDown() + { + parent::tearDown(); + } +} diff --git a/tests/Integration/UserRoleTest.php b/tests/Integration/UserRoleTest.php new file mode 100644 index 0000000..2404740 --- /dev/null +++ b/tests/Integration/UserRoleTest.php @@ -0,0 +1,306 @@ +userModel = new User; + } + + + public function tearDown() + { + parent::tearDown(); + + unset($this->userModel); + } + + /* ------------------------------------------------------------------------------------------------ + | Test Functions + | ------------------------------------------------------------------------------------------------ + */ + + /** @test */ + public function itCanAssignRevokeRolesForModelId() + { + list($role, $permissions, $user) = $this->createRolesPermissionUser(); + if ($user instanceof User) { + } + $models = [ + 'first' => [ + 'model' => 'example_model', + 'id' => 42, + ], + 'second' => [ + 'model' => 'example_model', + 'id' => 43, + ], + 'third' => [ + 'model' => 'another_model', + 'id' => 0, + ], + ]; + + $objRole = new Role(); + $manager_role_slug = str_slug('Manager role', config('laravel-auth.slug-separator')); + $roleAttributes = [ + 'name' => 'Manager', + 'slug' => $manager_role_slug, + 'description' => 'Manager role description.', + ]; + $manager_role = $objRole->create($roleAttributes); + + // No roles assigned yet. + $this->assertEquals([], $user->getRoles(), 'Expected empty roles set'); + + // Assign user role to three model entities. + foreach ($models as $m) { + $user->assignRole($role, $m['model'], $m['id']); + } + $role_slug = str_slug('Admin role', config('laravel-auth.slug-separator')); + + // Sorted by slug:model_reference_key. + $this->assertEquals([ + 1 => [ + "{$role_slug}:{$models['third']['model']}", + "{$role_slug}:{$models['first']['model']}:{$models['first']['id']}", + "{$role_slug}:{$models['second']['model']}:{$models['second']['id']}", + ] + ], $user->getRoles(), 'Expected assigned "admin" role to different models'); + // + $user->assignRole($manager_role); + $this->assertEquals([ + 1 => [ + "{$role_slug}:{$models['third']['model']}", + "{$role_slug}:{$models['first']['model']}:{$models['first']['id']}", + "{$role_slug}:{$models['second']['model']}:{$models['second']['id']}", + ], + 2 => [ + "{$manager_role_slug}", + ] + ], $user->getRoles(), 'Expected assigned "manager" role to all models(="") and ids(=0)'); + + $user->assignRole($role); + $this->assertEquals([ + 1 => [ + "{$role_slug}", + "{$role_slug}:{$models['third']['model']}", + "{$role_slug}:{$models['first']['model']}:{$models['first']['id']}", + "{$role_slug}:{$models['second']['model']}:{$models['second']['id']}", + ], + 2 => [ + "{$manager_role_slug}", + ] + ], $user->getRoles(), 'Expected assigned "admin" role to all models(="") and ids(=0)'); + + $user->revokeRole($manager_role); + $this->assertEquals([ + 1 => [ + "{$role_slug}", + "{$role_slug}:{$models['third']['model']}", + "{$role_slug}:{$models['first']['model']}:{$models['first']['id']}", + "{$role_slug}:{$models['second']['model']}:{$models['second']['id']}", + ] + ], $user->getRoles(), 'Expected revoked "manager" role'); + } + + + private function createRolesPermissionUser() + { + $objRole = new Role(); + $roleAttributes = [ + 'name' => 'Admin', + 'slug' => str_slug('Admin role', config('laravel-auth.slug-separator')), + 'description' => 'Admin role descriptions.', + ]; + $role = $objRole->create($roleAttributes); + + $objPermission = new Permission(); + + $permissionAttributes = [ + 'name' => 'post', + 'slug' => [ + 'create' => true, + 'view' => true, + 'update' => true, + 'delete' => false, + ], + 'description' => 'manage post permissions' + ]; + $permission = $objPermission->create($permissionAttributes); + + $role->syncPermissions($permission); + $permissions = $role->getPermissions(); + + $user = new User(); + $user->username = 'Role test'; + $user->email = 'role@test.com'; + $user->password = 'RoleTest'; + $user->save(); + + return [ $role, $permissions, $user ]; + } + + + /** @test */ + public function itCanCheckRolesForModelId() + { + list($role, $permissions, $user) = $this->createRolesPermissionUser(); + if ($user instanceof User) { + } + $models = [ + 'first' => [ + 'model' => 'example_model', + 'id' => 42, + ], + 'second' => [ + 'model' => 'example_model_2', + 'id' => 43, + ], + 'third' => [ + 'model' => 'example_model_3', + 'id' => 0, + ], + ]; + + $objRole = new Role(); + $manager_role_slug = str_slug('Manager role', config('laravel-auth.slug-separator')); + $roleAttributes = [ + 'name' => 'Manager', + 'slug' => $manager_role_slug, + 'description' => 'Manager role description.', + ]; + $manager_role = $objRole->create($roleAttributes); + + // Assign user role to three model entities. + foreach ($models as $m) { + $user->assignRole($role, $m['model'], $m['id']); + } + + $this->assertEquals(true, $user->hasRole($role, $models['first']['model'], $models['first']['id']), + 'User has role on selected model & reference_id'); + + $this->assertEquals(false, $user->hasRole($role, $models['first']['model'], $models['second']['id']), + 'User doesn\'t have role on selected model but different reference_id'); + + $this->assertEquals(true, $user->hasRole($role, $models['third']['model'], $models['third']['id']), + 'User has role on selected model'); + + $this->assertEquals(true, $user->hasRole($role, $models['third']['model'], $models['first']['id']), + 'User still have role on selected model but different reference_id, because reference_id == 0 means "all".'); + + // Two roles. + $user->assignRole($manager_role, $models['second']['model'], $models['second']['id']); + + $this->assertEquals(true, $user->hasRole([ + $role, + $manager_role + ], $models['second']['model'], $models['second']['id']), 'User have roles on both models/reference_ids'); + + $this->assertEquals(false, $user->hasRole([ + $role, + $manager_role + ], $models['first']['model'], $models['first']['id']), 'User have both roles only on "second" model though.'); + + } + + + /** @test */ + public function itCanCheckRolePermissionsForModelId() + { + list($role, $permissions, $user) = $this->createRolesPermissionUser(); + // Assign user role to model entity & id. + $example_model = 'example_model'; + $example_model_id = 42; + $user->assignRole($role, $example_model, $example_model_id); + + $this->assertEquals($user->getRoles(), [ + 1 => [ + str_slug('Admin role', config('laravel-auth.slug-separator')).":{$example_model}:{$example_model_id}" + ] + ], 'Expected "admin" role assigned to model and id'); + // User have permissions on `model` = 'example_model', where `id` = 42. + // 'post:example_model:42' => array(...) + $this->assertEquals($user->getPermissions(), + [ "post:{$example_model}:{$example_model_id}" => $permissions['post'] ], + 'Expected permissions from "admin" role assigned to model and id'); + + // Permissions given to certain model and id. + $this->assertTrue($user->can('create.post', $example_model, $example_model_id), + 'User have permissions on assigned model & id'); + // User doesn't have permissions on all models and ids. + $this->assertFalse($user->can('create.post'), 'User don\'t have permissions on all models & ids'); + // User role must have exact model id. + $this->assertFalse($user->can('create.post', $example_model), 'User don\'t have permissions on all model ids'); + + $user->assignRole($role); + $this->assertEquals($user->getPermissions(), [ + "post" => $permissions['post'], + "post:{$example_model}:{$example_model_id}" => $permissions['post'], + ], 'User have permissions from "admin" role assigned to model & id and as global role'); + + } + + + /** @test */ + public function itCanCheckMultipleRolePermissionsForModelId() + { + list($role, $permissions, $user) = $this->createRolesPermissionUser(); + // Assign user role to model entity & id. + $example_model = 'example_model'; + $example_model_id = 42; + $user->assignRole($role, $example_model, $example_model_id); + + // Multiple permissions. + $able_or = $permissions['post']['view'] || $permissions['post']['delete']; + $able_and = $permissions['post']['view'] && $permissions['post']['delete']; + $this->assertEquals($able_or, $user->can('view.post|delete.post', $example_model, $example_model_id), + 'Expected OR behavior when checking permissions'); + $this->assertEquals($able_and, $user->can('view.post,delete.post', $example_model, $example_model_id), + 'Expected AND behavior when checking permissions'); + + // Comparing with AND operator by default. + $this->assertEquals($able_and, $user->can([ + 'view.post', + 'delete.post' + ], $example_model, $example_model_id), 'Expected AND behavior by default'); + + // However, if we set operator to 'OR'. + $this->assertEquals($able_or, $user->can([ + 'view.post', + 'delete.post' + ], $example_model, $example_model_id, 'or'), 'Expected OR behavior when operator "OR" passed'); + + // Same applies to string permissions. + $this->assertEquals($able_and, $user->can('view.post|delete.post', $example_model, $example_model_id, 'and'), + 'Expected AND behavior when operator "AND" passed even with pipe as separator'); + $this->assertEquals($able_or, $user->can('view.post,delete.post', $example_model, $example_model_id, 'or'), + 'Expected OR behavior when operator "OR" passed even with comma as separator'); + + // Using method. + $this->assertEquals($permissions['post']['view'], $user->canViewPost($example_model, $example_model_id), + 'Expected correct permissions when using method with model & id as parameters'); + $this->assertEquals(! $permissions['post']['view'], $user->canViewPost($example_model), + 'Expected correct permissions when using method without parameters'); + } + +} diff --git a/tests/Models/UserTest.php b/tests/Models/UserTest.php index 5087667..f37a9df 100644 --- a/tests/Models/UserTest.php +++ b/tests/Models/UserTest.php @@ -67,7 +67,9 @@ public function itCanAttachRole() $user->syncRoles(str_slug('Admin role', config('laravel-auth.slug-separator'))); - $this->assertEquals($user->getRoles(), [ 1 => str_slug('Admin role', config('laravel-auth.slug-separator'))]); + $this->assertEquals($user->getRoles(), [ 1 => [ + str_slug('Admin role', config('laravel-auth.slug-separator')) + ]]); } /** @test */ @@ -103,7 +105,9 @@ public function itCanAttachRoleAndPermission() $user->save(); $user->syncRoles($role); - $this->assertEquals($user->getRoles(), [ 1 => str_slug('Admin role', config('laravel-auth.slug-separator'))]); + $this->assertEquals($user->getRoles(), [ 1 => [ + str_slug('Admin role', config('laravel-auth.slug-separator')) + ]]); $this->assertEquals($user->getPermissions(), ['post' => $permissionAttributes['slug']]); }