einundzwanzig/einundzwanzig-verein
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-nostr.git synced 2026-02-04 15:53:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

🛠️ Add checks to prevent unauthenticated users from voting and hide voting buttons accordingly

Browse Source 
 Add tests to ensure proper handling of unauthenticated users during voting interactions
This commit is contained in:
HolgerHatGarKeineNode
2026-02-04 13:34:09 +01:00
parent 2957e89c79
commit 064ed68638
2 changed files with 56 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
resources/views/livewire/association/project-support/show.blade.php
View File

@@ -60,30 +60,32 @@ new class extends Component {
public function handleApprove(): void public function handleApprove(): void
{ {
if (! $this->currentPleb) {
return;
}
Vote::query()->updateOrCreate([ Vote::query()->updateOrCreate([
'project_proposal_id' => $this->projectProposal->id, 'project_proposal_id' => $this->projectProposal->id,
'einundzwanzig_pleb_id' => $this->currentPleb->id, 'einundzwanzig_pleb_id' => $this->currentPleb->id,
], [ ], [
'value' => true, 'value' => true,
]); ]);
$this->ownVoteExists = Vote::query() $this->ownVoteExists = true;
->where('project_proposal_id', $this->projectProposal->id)
->where('einundzwanzig_pleb_id', $this->currentPleb->id)
->exists();
} }
public function handleNotApprove(): void public function handleNotApprove(): void
{ {
if (! $this->currentPleb) {
return;
}
Vote::query()->updateOrCreate([ Vote::query()->updateOrCreate([
'project_proposal_id' => $this->projectProposal->id, 'project_proposal_id' => $this->projectProposal->id,
'einundzwanzig_pleb_id' => $this->currentPleb->id, 'einundzwanzig_pleb_id' => $this->currentPleb->id,
], [ ], [
'value' => false, 'value' => false,
]); ]);
$this->ownVoteExists = Vote::query() $this->ownVoteExists = true;
->where('project_proposal_id', $this->projectProposal->id)
->where('einundzwanzig_pleb_id', $this->currentPleb->id)
->exists();
} }
} }
?> ?>
@@ -144,22 +146,24 @@ new class extends Component {
</div> </div>
<div class="lg:w-80 xl:w-96 shrink-0 space-y-4"> <div class="lg:w-80 xl:w-96 shrink-0 space-y-4">
<div class="bg-white dark:bg-zinc-800 p-5 shadow-sm rounded-xl"> @if($isAllowed)
@if(!$ownVoteExists) <div class="bg-white dark:bg-zinc-800 p-5 shadow-sm rounded-xl">
<div class="space-y-2"> @if(!$ownVoteExists)
<flux:button wire:click="handleApprove" class="w-full"> <div class="space-y-2">
<i class="fill-current shrink-0 fa-sharp-duotone fa-solid fa-thumbs-up mr-2"></i> <flux:button wire:click="handleApprove" class="w-full">
Zustimmen <i class="fill-current shrink-0 fa-sharp-duotone fa-solid fa-thumbs-up mr-2"></i>
</flux:button> Zustimmen
<flux:button wire:click="handleNotApprove" variant="danger" class="w-full"> </flux:button>
<i class="fill-current shrink-0 fa-sharp-duotone fa-solid fa-thumbs-down mr-2"></i> <flux:button wire:click="handleNotApprove" variant="danger" class="w-full">
Ablehnen <i class="fill-current shrink-0 fa-sharp-duotone fa-solid fa-thumbs-down mr-2"></i>
</flux:button> Ablehnen
</div> </flux:button>
@else </div>
<p class="text-sm text-zinc-700 dark:text-zinc-300">Du hast bereits abgestimmt.</p> @else
@endif <p class="text-sm text-zinc-700 dark:text-zinc-300">Du hast bereits abgestimmt.</p>
</div> @endif
</div>
@endif
<div class="bg-white dark:bg-zinc-800 p-5 shadow-sm rounded-xl"> <div class="bg-white dark:bg-zinc-800 p-5 shadow-sm rounded-xl">
<div class="text-sm font-semibold text-zinc-800 dark:text-zinc-100 mb-2"> <div class="text-sm font-semibold text-zinc-800 dark:text-zinc-100 mb-2">

28
tests/Feature/Livewire/Association/ProjectSupportTest.php
View File

@@ -304,3 +304,31 @@ it('can handle not approve vote', function () {
expect($vote)->not->toBeNull() expect($vote)->not->toBeNull()
->and($vote->value)->toBeFalse(); ->and($vote->value)->toBeFalse();
}); });
it('does not throw error when unauthenticated user calls handleApprove', function () {
$project = ProjectProposal::factory()->create();
Livewire::test('association.project-support.show', ['projectProposal' => $project->slug])
->call('handleApprove')
->assertHasNoErrors();
expect(\App\Models\Vote::where('project_proposal_id', $project->id)->exists())->toBeFalse();
});
it('does not throw error when unauthenticated user calls handleNotApprove', function () {
$project = ProjectProposal::factory()->create();
Livewire::test('association.project-support.show', ['projectProposal' => $project->slug])
->call('handleNotApprove')
->assertHasNoErrors();
expect(\App\Models\Vote::where('project_proposal_id', $project->id)->exists())->toBeFalse();
});
it('hides voting buttons from unauthenticated users', function () {
$project = ProjectProposal::factory()->create();
Livewire::test('association.project-support.show', ['projectProposal' => $project->slug])
->assertDontSee('Zustimmen')
->assertDontSee('Ablehnen');
});