Skip to content

Commit

Permalink
Bugfix100 error when owner of a department wants to promote a member …
Browse files Browse the repository at this point in the history 
…to admin (#101)
  • Loading branch information
@HabuTheTiger
HabuTheTiger authored Nov 6, 2024
2 parents 68a98b6 + 345720c commit dd61d18
Show file tree
Hide file tree
Showing 2 changed files with 54 additions and 4 deletions.
8 changes: 4 additions & 4 deletions app/Policies/GroupUserPolicy.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,14 @@ public function view(User $user, GroupUser $groupUser): bool
return ($user->scopeCheck('groups.read') && ($groupUser->isMember() || $groupUser->group->parent?->isMember($user)));
}

public function update(User $user, GroupUser $groupUserInitiator): bool
public function update(User $user, GroupUser $groupUser): bool
{
return $user->scopeCheck('groups.update') && ($groupUserInitiator->isAdmin() || $groupUserInitiator->group->parent?->isAdmin($user));
return $user->scopeCheck('groups.update') && ($groupUser->isAdmin() || $groupUser->group->isAdmin($user) || $groupUser->group->parent?->isAdmin($user));
}

public function create(User $user, GroupUser $groupUserInitiator): bool
public function create(User $user, GroupUser $groupUser): bool
{
return $user->scopeCheck('groups.update') && ($groupUserInitiator->isAdmin() || $groupUserInitiator->group->parent?->isAdmin($user));
return $user->scopeCheck('groups.update') && ($groupUser->isAdmin() || $groupUser->group->isAdmin($user) || $groupUser->group->parent?->isAdmin($user));
}

public function delete(User $user, GroupUser $groupUser): Response
Expand Down
50 changes: 50 additions & 0 deletions tests/Feature/Staff/GroupMemberTest.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
<?php

namespace Tests\Feature\Staff;

use App\Enums\GroupTypeEnum;
use App\Enums\GroupUserLevel;
use App\Models\Group;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use function Pest\Laravel\patchJson;

uses(RefreshDatabase::class);

test('Update member level to admin', function (GroupUserLevel $groupUserLevel) {
$group = Group::factory()->create();
$staffGroup = Group::factory()->create([
'system_name' => 'staff',
'type' => GroupTypeEnum::Automated,
'name' => 'Staff',
'description' => 'Staff members.',
'slug' => 'staff',
]);
$user = User::factory()->create();
$userToBeUpdated = User::factory()->create();

$staffGroup->users()->sync([
$user->id => ['level' => GroupUserLevel::Member],
]);
$group->users()->sync([
$user->id => ['level' => $groupUserLevel],
$userToBeUpdated->id => ['level' => GroupUserLevel::Member],
]);

$this->actingAs($user, 'staff');

var_dump(GroupUserLevel::Admin->name);

$response = patchJson(
route('staff.groups.members.update', ["group" => $group, 'member' => $userToBeUpdated]),
["level" => GroupUserLevel::Admin->value],
);

$response->assertRedirect(route('staff.groups.members.index', ["group" => $group]));

expect($group->users()->find($userToBeUpdated)->pivot->level)
->toBe(GroupUserLevel::Admin);
})->with([
'as owner of group' => GroupUserLevel::Owner,
'as admin of group' => GroupUserLevel::Admin,
]);

0 comments on commit dd61d18

Please sign in to comment.