einundzwanzig/einundzwanzig-app
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git synced 2026-06-11 02:50:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enhance meetup association and permissions management

Browse Source 
- 🔍 Added `resolveInScope` method to `ResolvesEntities` for scoped entity resolution with stricter control.
- 👥 Introduced `AddMeetupToMineTool` MCP tool for adding external meetups to "My Meetups."
- 🛠️ Updated `ListMyMeetupsTool` and `ShowMyMeetupTool` to include both created and joined meetups.
- 📚 Updated `Meetup` model with `associatedWith` scope for querying user-related meetups.
-  Expanded feature tests for meetup membership, creator permissions, and scoped tool usage.
- 🛡️ Unified access checks across Livewire and APIs to restrict editing meetup details to creators or super-admins.
- 🔗 Registered `AddMeetupToMineTool` in `EinundzwanzigServer`.
This commit is contained in:
HolgerHatGarKeineNode
2026-06-08 11:59:02 +02:00
parent dc2b828777
commit 3a507cced2
13 changed files with 260 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/Feature/Livewire/MeetupMountTest.php
+20 -17
View File
@@ -30,15 +30,28 @@ it('mounts meetups.create when authenticated', function () {
Livewire::test('meetups.create')->assertStatus(200);
});
it('mounts meetups.edit when the authenticated user has added the meetup to My-Meetups', function () {
$owner = actingAsUser();
$meetup = Meetup::factory()->create(['city_id' => $this->city->id]);
$meetup->users()->attach($owner);
it('mounts meetups.edit for the creator of the meetup', function () {
$creator = actingAsUser();
$meetup = Meetup::factory()->create([
'city_id' => $this->city->id,
'created_by' => $creator->id,
]);
$meetup->users()->attach($creator);
Livewire::test('meetups.edit', ['meetup' => $meetup])->assertStatus(200);
});
it('mounts meetups.edit for a My-Meetups member even if another user created the meetup', function () {
it('mounts meetups.edit for the creator even without a My-Meetups pivot entry', function () {
$creator = actingAsUser();
$meetup = Meetup::factory()->create([
'city_id' => $this->city->id,
'created_by' => $creator->id,
]);
Livewire::test('meetups.edit', ['meetup' => $meetup])->assertStatus(200);
});
it('aborts meetups.edit with 403 for a member who did not create the meetup', function () {
$creator = User::factory()->create();
$member = actingAsUser();
$meetup = Meetup::factory()->create([
@@ -47,25 +60,15 @@ it('mounts meetups.edit for a My-Meetups member even if another user created the
]);
$meetup->users()->attach($member);
Livewire::test('meetups.edit', ['meetup' => $meetup])->assertStatus(200);
Livewire::test('meetups.edit', ['meetup' => $meetup])->assertStatus(403);
});
it('aborts meetups.edit with 403 when the authenticated user has not added the meetup to My-Meetups', function () {
it('aborts meetups.edit with 403 when the user is neither creator nor super-admin', function () {
actingAsUser();
Livewire::test('meetups.edit', ['meetup' => $this->meetup])->assertStatus(403);
});
it('aborts meetups.edit with 403 when the authenticated user is only the creator but not in My-Meetups', function () {
$creator = actingAsUser();
$meetup = Meetup::factory()->create([
'city_id' => $this->city->id,
'created_by' => $creator->id,
]);
Livewire::test('meetups.edit', ['meetup' => $meetup])->assertStatus(403);
});
it('mounts meetups.create-edit-events for new event', function () {
actingAsUser();
Livewire::test('meetups.create-edit-events', ['meetup' => $this->meetup])->assertStatus(200);