einundzwanzig/einundzwanzig-app
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git synced 2026-06-16 04:10:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

**Add authenticated API endpoints for managing Meetups, Cities, Venues, and Lecturers**

Browse Source 
-  Introduced `store`, `update`, `mine`, and `mineShow` endpoints for `Meetups`, `Cities`, `Venues`, and `Lecturers` with validation and authorization.
- 🔒 Added `Policies` for `Meetups`, `Cities`, `Venues`, and `Lecturers` leveraging `ChecksCreatorOwnership` for ownership checks.
- 🌐 Created `Resources` for structured API responses: `MeetupResource`, `CityResource`, `VenueResource`, and `LecturerResource`.
-  Added dedicated `Request` classes for input validation: `Store` and `Update` variants for all models.
- 🛠️ Updated controllers to support new functionalities with localized error messages and proper HTTP responses.
This commit is contained in:
HolgerHatGarKeineNode
2026-06-08 01:58:37 +02:00
parent 7510946f38
commit 3b93e22e95
33 changed files with 1515 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/Feature/Api/CityWriteApiTest.php
+93
View File
@@ -0,0 +1,93 @@
<?php
use App\Models\City;
use App\Models\Country;
use App\Models\User;
use Laravel\Sanctum\Sanctum;
it('rejects a guest', function () {
$response = $this->postJson('/api/cities', [
'name' => 'Ansbach',
'country_id' => Country::factory()->create()->id,
]);
$response->assertUnauthorized();
});
it('lets an authenticated user create', function () {
Sanctum::actingAs($user = User::factory()->create());
$response = $this->postJson('/api/cities', [
'name' => 'Ansbach',
'country_id' => Country::factory()->create()->id,
'longitude' => 10.5806,
'latitude' => 49.3034,
]);
$response->assertCreated();
$this->assertDatabaseHas('cities', [
'name' => 'Ansbach',
'created_by' => $user->id,
]);
});
it('fails validation', function () {
Sanctum::actingAs(User::factory()->create());
$response = $this->postJson('/api/cities', []);
$response->assertUnprocessable()
->assertJsonValidationErrors(['name', 'country_id']);
});
it('lets the owner update', function () {
Sanctum::actingAs($user = User::factory()->create());
$model = City::factory()->create(['created_by' => $user->id]);
$response = $this->patchJson("/api/cities/{$model->id}", [
'name' => 'Nürnberg',
]);
$response->assertSuccessful()
->assertJsonPath('data.name', 'Nürnberg');
});
it('forbids updating someone elses', function () {
$owner = User::factory()->create();
$model = City::factory()->create(['created_by' => $owner->id]);
Sanctum::actingAs(User::factory()->create());
$response = $this->patchJson("/api/cities/{$model->id}", [
'name' => 'Nürnberg',
]);
$response->assertForbidden();
});
it('returns only own in mine index', function () {
Sanctum::actingAs($user = User::factory()->create());
City::factory()->create(['created_by' => $user->id]);
City::factory()->create(['created_by' => $user->id]);
City::factory()->create(['created_by' => User::factory()->create()->id]);
$response = $this->getJson('/api/my-cities');
$response->assertSuccessful();
expect($response->json('data'))->toHaveCount(2);
});
it('forbids viewing someone elses in mine show', function () {
$owner = User::factory()->create();
$model = City::factory()->create(['created_by' => $owner->id]);
Sanctum::actingAs(User::factory()->create());
$response = $this->getJson("/api/my-cities/{$model->id}");
$response->assertForbidden();
});