mirror of
https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git
synced 2026-06-17 16:40:31 +00:00
- 🏗️ Introduced CoursePolicy and CourseEventPolicy for authorization.
- ✨ Added `StoreCourseRequest` and `UpdateCourseRequest` for structured validation. - ✨ Introduced `StoreCourseEventRequest` and `UpdateCourseEventRequest` for consistent request validation. - 🖼️ Created `CourseResource` and `CourseEventResource` for API responses. - 🔄 Refactored `CourseController` and `CourseEventController` to use Policies and FormRequests. - ✨ Added dedicated `uploadLogo` and `uploadAvatar` API endpoints with shared media validation. - 🚀 Improved API by aligning Course and CourseEvent behavior with other entities.
This commit is contained in:
HolgerHatGarKeineNode
@@ -36,7 +36,8 @@ it('lets a lecturer create a course', function () {
|
||||
'description' => 'Hardware-Wallet selbst bauen.',
|
||||
])
|
||||
->assertCreated()
|
||||
->assertJsonPath('name', 'Specter Shield Lite Workshop');
|
||||
->assertJsonPath('data.name', 'Specter Shield Lite Workshop')
|
||||
->assertJsonPath('data.created_by', $user->id);
|
||||
|
||||
$this->assertDatabaseHas('courses', [
|
||||
'name' => 'Specter Shield Lite Workshop',
|
||||
@@ -44,6 +45,36 @@ it('lets a lecturer create a course', function () {
|
||||
]);
|
||||
});
|
||||
|
||||
it('fails course validation without required fields', function () {
|
||||
Sanctum::actingAs(User::factory()->lecturer()->create());
|
||||
|
||||
$this->postJson('/api/courses', [])
|
||||
->assertUnprocessable()
|
||||
->assertJsonValidationErrors(['name', 'lecturer_id']);
|
||||
});
|
||||
|
||||
it('lets the owner update their course', function () {
|
||||
Sanctum::actingAs($user = User::factory()->lecturer()->create());
|
||||
$course = Course::factory()->create(['created_by' => $user->id]);
|
||||
|
||||
$this->patchJson('/api/courses/'.$course->id, [
|
||||
'name' => 'Aktualisierter Kurs',
|
||||
])
|
||||
->assertSuccessful()
|
||||
->assertJsonPath('data.name', 'Aktualisierter Kurs');
|
||||
});
|
||||
|
||||
it('forbids updating a course owned by someone else', function () {
|
||||
$owner = User::factory()->lecturer()->create();
|
||||
$course = Course::factory()->create(['created_by' => $owner->id]);
|
||||
|
||||
Sanctum::actingAs(User::factory()->lecturer()->create());
|
||||
|
||||
$this->patchJson('/api/courses/'.$course->id, [
|
||||
'name' => 'Übernommen',
|
||||
])->assertForbidden();
|
||||
});
|
||||
|
||||
it('lets a lecturer create a course event', function () {
|
||||
Sanctum::actingAs($user = User::factory()->lecturer()->create());
|
||||
$course = Course::factory()->create();
|
||||
@@ -57,7 +88,7 @@ it('lets a lecturer create a course event', function () {
|
||||
'link' => 'https://clavastack.com/produkt/specter-shield-lite-workshop',
|
||||
])
|
||||
->assertCreated()
|
||||
->assertJsonPath('course_id', $course->id);
|
||||
->assertJsonPath('data.course_id', $course->id);
|
||||
|
||||
$this->assertDatabaseHas('course_events', [
|
||||
'course_id' => $course->id,
|
||||
@@ -66,6 +97,20 @@ it('lets a lecturer create a course event', function () {
|
||||
]);
|
||||
});
|
||||
|
||||
it('forbids a non-lecturer from creating a course event', function () {
|
||||
Sanctum::actingAs(User::factory()->create(['is_lecturer' => false]));
|
||||
$course = Course::factory()->create();
|
||||
$venue = Venue::factory()->create();
|
||||
|
||||
$this->postJson('/api/course-events', [
|
||||
'course_id' => $course->id,
|
||||
'venue_id' => $venue->id,
|
||||
'from' => '2026-07-01 18:00:00',
|
||||
'to' => '2026-07-01 21:00:00',
|
||||
'link' => 'https://example.com/event',
|
||||
])->assertForbidden();
|
||||
});
|
||||
|
||||
it('fails course event validation without required fields', function () {
|
||||
Sanctum::actingAs(User::factory()->lecturer()->create());
|
||||
|
||||
@@ -84,8 +129,8 @@ it('returns only the authenticated user\'s own course events', function () {
|
||||
$response = $this->getJson('/api/course-events');
|
||||
|
||||
$response->assertSuccessful();
|
||||
expect($response->json())->toHaveCount(2);
|
||||
collect($response->json())->each(
|
||||
expect($response->json('data'))->toHaveCount(2);
|
||||
collect($response->json('data'))->each(
|
||||
fn ($event) => expect($event['created_by'])->toBe($user->id)
|
||||
);
|
||||
});
|
||||
@@ -99,8 +144,8 @@ it('filters own course events by course_id', function () {
|
||||
$response = $this->getJson('/api/course-events?course_id='.$event->course_id);
|
||||
|
||||
$response->assertSuccessful();
|
||||
expect($response->json())->toHaveCount(1)
|
||||
->and($response->json('0.id'))->toBe($event->id);
|
||||
expect($response->json('data'))->toHaveCount(1)
|
||||
->and($response->json('data.0.id'))->toBe($event->id);
|
||||
});
|
||||
|
||||
it('lets the owner update their course event', function () {
|
||||
@@ -111,7 +156,7 @@ it('lets the owner update their course event', function () {
|
||||
'link' => 'https://einundzwanzig.space/courses/updated',
|
||||
])
|
||||
->assertSuccessful()
|
||||
->assertJsonPath('link', 'https://einundzwanzig.space/courses/updated');
|
||||
->assertJsonPath('data.link', 'https://einundzwanzig.space/courses/updated');
|
||||
});
|
||||
|
||||
it('forbids updating a course event owned by someone else', function () {
|
||||
|
||||
@@ -0,0 +1,108 @@
|
||||
<?php
|
||||
|
||||
use App\Models\Course;
|
||||
use App\Models\Lecturer;
|
||||
use App\Models\Meetup;
|
||||
use App\Models\User;
|
||||
use Illuminate\Http\UploadedFile;
|
||||
use Illuminate\Support\Facades\Storage;
|
||||
use Laravel\Sanctum\Sanctum;
|
||||
|
||||
beforeEach(function () {
|
||||
Storage::fake('public');
|
||||
});
|
||||
|
||||
it('lets the owner upload a meetup logo', function () {
|
||||
Sanctum::actingAs($user = User::factory()->create());
|
||||
$meetup = Meetup::factory()->create(['created_by' => $user->id]);
|
||||
|
||||
$response = $this->postJson('/api/meetup/'.$meetup->id.'/logo', [
|
||||
'file' => UploadedFile::fake()->image('logo.png', 512, 512),
|
||||
]);
|
||||
|
||||
$response->assertSuccessful();
|
||||
expect($response->json('data.logo'))->not->toBeEmpty();
|
||||
expect($meetup->fresh()->getFirstMedia('logo'))->not->toBeNull();
|
||||
});
|
||||
|
||||
it('lets the owner upload a lecturer avatar', function () {
|
||||
Sanctum::actingAs($user = User::factory()->create());
|
||||
$lecturer = Lecturer::factory()->create(['created_by' => $user->id]);
|
||||
|
||||
$response = $this->postJson('/api/lecturers/'.$lecturer->id.'/avatar', [
|
||||
'file' => UploadedFile::fake()->image('avatar.jpg', 512, 512),
|
||||
]);
|
||||
|
||||
$response->assertSuccessful();
|
||||
expect($response->json('data.avatar'))->not->toBeEmpty();
|
||||
expect($lecturer->fresh()->getFirstMedia('avatar'))->not->toBeNull();
|
||||
});
|
||||
|
||||
it('lets the owner upload a course logo', function () {
|
||||
Sanctum::actingAs($user = User::factory()->lecturer()->create());
|
||||
$course = Course::factory()->create(['created_by' => $user->id]);
|
||||
|
||||
$response = $this->postJson('/api/courses/'.$course->id.'/logo', [
|
||||
'file' => UploadedFile::fake()->image('logo.webp', 512, 512),
|
||||
]);
|
||||
|
||||
$response->assertSuccessful();
|
||||
expect($response->json('data.logo'))->not->toBeEmpty();
|
||||
expect($course->fresh()->getFirstMedia('logo'))->not->toBeNull();
|
||||
});
|
||||
|
||||
it('replaces the previous logo on re-upload (singleFile)', function () {
|
||||
Sanctum::actingAs($user = User::factory()->create());
|
||||
$meetup = Meetup::factory()->create(['created_by' => $user->id]);
|
||||
|
||||
$this->postJson('/api/meetup/'.$meetup->id.'/logo', [
|
||||
'file' => UploadedFile::fake()->image('first.png', 256, 256),
|
||||
])->assertSuccessful();
|
||||
|
||||
$this->postJson('/api/meetup/'.$meetup->id.'/logo', [
|
||||
'file' => UploadedFile::fake()->image('second.png', 256, 256),
|
||||
])->assertSuccessful();
|
||||
|
||||
expect($meetup->fresh()->getMedia('logo'))->toHaveCount(1);
|
||||
});
|
||||
|
||||
it('rejects a guest uploading a logo', function () {
|
||||
$meetup = Meetup::factory()->create();
|
||||
|
||||
$this->postJson('/api/meetup/'.$meetup->id.'/logo', [
|
||||
'file' => UploadedFile::fake()->image('logo.png', 256, 256),
|
||||
])->assertUnauthorized();
|
||||
});
|
||||
|
||||
it('forbids uploading a logo to a meetup owned by someone else', function () {
|
||||
$owner = User::factory()->create();
|
||||
$meetup = Meetup::factory()->create(['created_by' => $owner->id]);
|
||||
|
||||
Sanctum::actingAs(User::factory()->create());
|
||||
|
||||
$this->postJson('/api/meetup/'.$meetup->id.'/logo', [
|
||||
'file' => UploadedFile::fake()->image('logo.png', 256, 256),
|
||||
])->assertForbidden();
|
||||
});
|
||||
|
||||
it('rejects invalid uploads', function (UploadedFile $file) {
|
||||
Sanctum::actingAs($user = User::factory()->create());
|
||||
$meetup = Meetup::factory()->create(['created_by' => $user->id]);
|
||||
|
||||
$this->postJson('/api/meetup/'.$meetup->id.'/logo', [
|
||||
'file' => $file,
|
||||
])->assertUnprocessable()->assertJsonValidationErrors('file');
|
||||
})->with([
|
||||
'wrong mime' => fn () => UploadedFile::fake()->create('document.pdf', 100, 'application/pdf'),
|
||||
'too large in size' => fn () => UploadedFile::fake()->image('huge.png', 256, 256)->size(6000),
|
||||
'too large in dimensions' => fn () => UploadedFile::fake()->image('giant.png', 4200, 4200),
|
||||
]);
|
||||
|
||||
it('requires a file', function () {
|
||||
Sanctum::actingAs($user = User::factory()->create());
|
||||
$meetup = Meetup::factory()->create(['created_by' => $user->id]);
|
||||
|
||||
$this->postJson('/api/meetup/'.$meetup->id.'/logo', [])
|
||||
->assertUnprocessable()
|
||||
->assertJsonValidationErrors('file');
|
||||
});
|
||||
@@ -0,0 +1,93 @@
|
||||
<?php
|
||||
|
||||
use App\Models\Meetup;
|
||||
use App\Models\MeetupEvent;
|
||||
use App\Models\User;
|
||||
use Laravel\Sanctum\Sanctum;
|
||||
|
||||
it('creates a weekly series of individual events', function () {
|
||||
Sanctum::actingAs($user = User::factory()->create());
|
||||
$meetup = Meetup::factory()->create();
|
||||
|
||||
$response = $this->postJson('/api/meetup-events', [
|
||||
'meetup_id' => $meetup->id,
|
||||
'start' => '2026-07-01 18:00:00',
|
||||
'location' => 'Marktplatz',
|
||||
'description' => 'Wöchentlicher Stammtisch',
|
||||
'link' => 'https://einundzwanzig.space',
|
||||
'recurrence_type' => 'weekly',
|
||||
'recurrence_end_date' => '2026-07-29 18:00:00',
|
||||
]);
|
||||
|
||||
// 2026-07-01, 07-08, 07-15, 07-22, 07-29 = 5 occurrences
|
||||
$response->assertCreated()->assertJsonCount(5, 'data');
|
||||
|
||||
expect(MeetupEvent::where('meetup_id', $meetup->id)->count())->toBe(5);
|
||||
|
||||
$this->assertDatabaseHas('meetup_events', [
|
||||
'meetup_id' => $meetup->id,
|
||||
'created_by' => $user->id,
|
||||
'recurrence_type' => null,
|
||||
]);
|
||||
});
|
||||
|
||||
it('creates a monthly series of individual events', function () {
|
||||
Sanctum::actingAs(User::factory()->create());
|
||||
$meetup = Meetup::factory()->create();
|
||||
|
||||
$response = $this->postJson('/api/meetup-events', [
|
||||
'meetup_id' => $meetup->id,
|
||||
'start' => '2026-07-01 18:00:00',
|
||||
'link' => 'https://einundzwanzig.space',
|
||||
'recurrence_type' => 'monthly',
|
||||
'recurrence_end_date' => '2026-10-01 18:00:00',
|
||||
]);
|
||||
|
||||
// 2026-07-01, 08-01, 09-01, 10-01 = 4 occurrences
|
||||
$response->assertCreated()->assertJsonCount(4, 'data');
|
||||
});
|
||||
|
||||
it('caps the series at 100 occurrences', function () {
|
||||
Sanctum::actingAs(User::factory()->create());
|
||||
$meetup = Meetup::factory()->create();
|
||||
|
||||
$response = $this->postJson('/api/meetup-events', [
|
||||
'meetup_id' => $meetup->id,
|
||||
'start' => '2026-01-01 18:00:00',
|
||||
'link' => 'https://einundzwanzig.space',
|
||||
'recurrence_type' => 'weekly',
|
||||
'recurrence_end_date' => '2030-01-01 18:00:00',
|
||||
]);
|
||||
|
||||
$response->assertCreated()->assertJsonCount(100, 'data');
|
||||
});
|
||||
|
||||
it('still creates a single event without recurrence fields', function () {
|
||||
Sanctum::actingAs(User::factory()->create());
|
||||
$meetup = Meetup::factory()->create();
|
||||
|
||||
$response = $this->postJson('/api/meetup-events', [
|
||||
'meetup_id' => $meetup->id,
|
||||
'start' => '2026-08-01 18:00:00',
|
||||
'location' => 'Marktplatz',
|
||||
]);
|
||||
|
||||
$response->assertCreated()->assertJsonPath('data.location', 'Marktplatz');
|
||||
|
||||
expect(MeetupEvent::where('meetup_id', $meetup->id)->count())->toBe(1);
|
||||
});
|
||||
|
||||
it('creates a single event when recurrence_type is set but no end date', function () {
|
||||
Sanctum::actingAs(User::factory()->create());
|
||||
$meetup = Meetup::factory()->create();
|
||||
|
||||
$response = $this->postJson('/api/meetup-events', [
|
||||
'meetup_id' => $meetup->id,
|
||||
'start' => '2026-08-01 18:00:00',
|
||||
'recurrence_type' => 'weekly',
|
||||
]);
|
||||
|
||||
$response->assertCreated()->assertJsonPath('data.recurrence_type', 'weekly');
|
||||
|
||||
expect(MeetupEvent::where('meetup_id', $meetup->id)->count())->toBe(1);
|
||||
});
|
||||
@@ -0,0 +1,42 @@
|
||||
<?php
|
||||
|
||||
use App\Enums\RecurrenceType;
|
||||
use App\Models\Meetup;
|
||||
use App\Models\MeetupEvent;
|
||||
use Livewire\Livewire;
|
||||
|
||||
it('creates a weekly series via the web editor using the shared action', function () {
|
||||
actingAsUser();
|
||||
$meetup = Meetup::factory()->create();
|
||||
|
||||
Livewire::test('meetups.create-edit-events', ['meetup' => $meetup])
|
||||
->set('seriesMode', true)
|
||||
->set('startDate', '2026-07-01')
|
||||
->set('startTime', '18:00')
|
||||
->set('endDate', '2026-07-29')
|
||||
->set('recurrenceType', RecurrenceType::Weekly->value)
|
||||
->set('location', 'Marktplatz')
|
||||
->set('description', 'Wöchentlicher Stammtisch')
|
||||
->set('link', 'https://einundzwanzig.space')
|
||||
->call('save')
|
||||
->assertHasNoErrors()
|
||||
->assertRedirect();
|
||||
|
||||
// The web editor parses the end date at midnight, so the occurrence on the end
|
||||
// date's evening falls outside the range: 2026-07-01, 07-08, 07-15, 07-22 = 4.
|
||||
// The shared action yields the identical result for the same inputs.
|
||||
expect(MeetupEvent::where('meetup_id', $meetup->id)->count())->toBe(4);
|
||||
});
|
||||
|
||||
it('previews the same dates it will create', function () {
|
||||
actingAsUser();
|
||||
$meetup = Meetup::factory()->create();
|
||||
|
||||
Livewire::test('meetups.create-edit-events', ['meetup' => $meetup])
|
||||
->set('seriesMode', true)
|
||||
->set('startDate', '2026-07-01')
|
||||
->set('startTime', '18:00')
|
||||
->set('endDate', '2026-07-29')
|
||||
->set('recurrenceType', RecurrenceType::Weekly->value)
|
||||
->assertSet('previewDates', fn ($dates) => count($dates) === 4);
|
||||
});
|
||||
@@ -0,0 +1,76 @@
|
||||
<?php
|
||||
|
||||
use App\Actions\MeetupEvents\ExpandRecurrenceSeries;
|
||||
use App\Enums\RecurrenceType;
|
||||
use Carbon\Carbon;
|
||||
|
||||
beforeEach(function () {
|
||||
$this->action = new ExpandRecurrenceSeries;
|
||||
});
|
||||
|
||||
it('expands a basic weekly series', function () {
|
||||
$dates = $this->action->handle(
|
||||
Carbon::parse('2026-07-01 18:00:00'),
|
||||
Carbon::parse('2026-07-29 18:00:00'),
|
||||
RecurrenceType::Weekly,
|
||||
);
|
||||
|
||||
expect($dates)->toHaveCount(5)
|
||||
->and($dates[0]->format('Y-m-d H:i'))->toBe('2026-07-01 18:00')
|
||||
->and($dates[4]->format('Y-m-d H:i'))->toBe('2026-07-29 18:00');
|
||||
});
|
||||
|
||||
it('expands a basic monthly series', function () {
|
||||
$dates = $this->action->handle(
|
||||
Carbon::parse('2026-07-01 18:00:00'),
|
||||
Carbon::parse('2026-10-01 18:00:00'),
|
||||
RecurrenceType::Monthly,
|
||||
);
|
||||
|
||||
expect($dates)->toHaveCount(4)
|
||||
->and($dates[1]->format('Y-m-d'))->toBe('2026-08-01');
|
||||
});
|
||||
|
||||
it('shifts a weekly series to the requested weekday', function () {
|
||||
// 2026-07-01 is a Wednesday; ask for Friday occurrences.
|
||||
$dates = $this->action->handle(
|
||||
Carbon::parse('2026-07-01 18:00:00'),
|
||||
Carbon::parse('2026-07-31 18:00:00'),
|
||||
RecurrenceType::Weekly,
|
||||
'friday',
|
||||
);
|
||||
|
||||
expect($dates)->not->toBeEmpty();
|
||||
foreach ($dates as $date) {
|
||||
expect($date->dayOfWeek)->toBe(Carbon::FRIDAY);
|
||||
}
|
||||
// First Friday on/after 2026-07-01 is 2026-07-03.
|
||||
expect($dates[0]->format('Y-m-d'))->toBe('2026-07-03');
|
||||
});
|
||||
|
||||
it('expands a custom "last Friday of the month" rule', function () {
|
||||
$dates = $this->action->handle(
|
||||
Carbon::parse('2026-07-01 19:00:00'),
|
||||
Carbon::parse('2026-09-30 19:00:00'),
|
||||
RecurrenceType::Monthly,
|
||||
'friday',
|
||||
'last',
|
||||
);
|
||||
|
||||
// Last Fridays: 2026-07-31, 2026-08-28, 2026-09-25
|
||||
expect($dates)->toHaveCount(3)
|
||||
->and($dates[0]->format('Y-m-d'))->toBe('2026-07-31')
|
||||
->and($dates[1]->format('Y-m-d'))->toBe('2026-08-28')
|
||||
->and($dates[2]->format('Y-m-d'))->toBe('2026-09-25')
|
||||
->and($dates[0]->format('H:i'))->toBe('19:00');
|
||||
});
|
||||
|
||||
it('enforces the hard cap of 100 occurrences', function () {
|
||||
$dates = $this->action->handle(
|
||||
Carbon::parse('2026-01-01 18:00:00'),
|
||||
Carbon::parse('2030-01-01 18:00:00'),
|
||||
RecurrenceType::Weekly,
|
||||
);
|
||||
|
||||
expect($dates)->toHaveCount(ExpandRecurrenceSeries::MAX_OCCURRENCES);
|
||||
});
|
||||
Reference in New Issue
Block a user