nothingworksinc/ticketbeast
1
0
Fork 0
mirror of https://github.com/nothingworksinc/ticketbeast.git synced 2026-02-16 04:53:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

116 - Restricting Updates to Unpublished Concerts

Browse Source
This commit is contained in:
Adam Wathan
2017-06-29 14:59:51 -04:00
parent 8c6b2cbb24
commit 70e1c8f16b
5 changed files with 165 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/Http/Controllers/Backstage/ConcertsController.php
View File

@@ -69,8 +69,14 @@ class ConcertsController extends Controller
public function update($id) public function update($id)
{ {
$this->validate(request(), [
'title' => ['required'],
]);
$concert = Auth::user()->concerts()->findOrFail($id); $concert = Auth::user()->concerts()->findOrFail($id);
abort_if($concert->isPublished(), 403);
$concert->update([ $concert->update([
'title' => request('title'), 'title' => request('title'),
'subtitle' => request('subtitle'), 'subtitle' => request('subtitle'),

2
routes/web.php
View File

@@ -24,6 +24,6 @@ Route::group(['middleware' => 'auth', 'prefix' => 'backstage', 'namespace' => 'B
Route::get('/concerts/new', 'ConcertsController@create')->name('backstage.concerts.new'); Route::get('/concerts/new', 'ConcertsController@create')->name('backstage.concerts.new');
Route::post('/concerts', 'ConcertsController@store'); Route::post('/concerts', 'ConcertsController@store');
Route::get('/concerts/{id}/edit', 'ConcertsController@edit')->name('backstage.concerts.edit'); Route::get('/concerts/{id}/edit', 'ConcertsController@edit')->name('backstage.concerts.edit');
Route::patch('/concerts/{id}', 'ConcertsController@update')->name('backstage.concerts.update');
}); });
Route::patch('/backstage/concerts/{id}', 'Backstage\ConcertsController@update')->name('backstage.concerts.update');

6
tests/Feature/Backstage/AddConcertTest.php
View File

@@ -30,12 +30,6 @@ class AddConcertTest extends TestCase
], $overrides); ], $overrides);
} }
private function from($url)
{
session()->setPreviousUrl(url($url));
return $this;
}
/** @test */ /** @test */
function promoters_can_view_the_add_concert_form() function promoters_can_view_the_add_concert_form()
{ {

152
tests/Feature/Backstage/EditConcertTest.php
View File

@@ -12,6 +12,23 @@ class EditConcertTest extends TestCase
{ {
use DatabaseMigrations; use DatabaseMigrations;
private function validParams($overrides = [])
{
return array_merge([
'title' => 'New title',
'subtitle' => 'New subtitle',
'additional_information' => 'New additional information',
'date' => '2018-12-12',
'time' => '8:00pm',
'venue' => 'New venue',
'venue_address' => 'New address',
'city' => 'New city',
'state' => 'New state',
'zip' => '99999',
'ticket_price' => '72.50',
], $overrides);
}
/** @test */ /** @test */
function promoters_can_view_the_edit_form_for_their_own_unpublished_concerts() function promoters_can_view_the_edit_form_for_their_own_unpublished_concerts()
{ {
@@ -180,4 +197,139 @@ class EditConcertTest extends TestCase
$this->assertEquals(2000, $concert->ticket_price); $this->assertEquals(2000, $concert->ticket_price);
}); });
} }
/** @test */
function promoters_cannot_edit_published_concerts()
{
$user = factory(User::class)->create();
$concert = factory(Concert::class)->states('published')->create([
'user_id' => $user->id,
'title' => 'Old title',
'subtitle' => 'Old subtitle',
'additional_information' => 'Old additional information',
'date' => Carbon::parse('2017-01-01 5:00pm'),
'venue' => 'Old venue',
'venue_address' => 'Old address',
'city' => 'Old city',
'state' => 'Old state',
'zip' => '00000',
'ticket_price' => 2000,
]);
$this->assertTrue($concert->isPublished());
$response = $this->actingAs($user)->patch("/backstage/concerts/{$concert->id}", [
'title' => 'New title',
'subtitle' => 'New subtitle',
'additional_information' => 'New additional information',
'date' => '2018-12-12',
'time' => '8:00pm',
'venue' => 'New venue',
'venue_address' => 'New address',
'city' => 'New city',
'state' => 'New state',
'zip' => '99999',
'ticket_price' => '72.50',
]);
$response->assertStatus(403);
tap($concert->fresh(), function ($concert) {
$this->assertEquals('Old title', $concert->title);
$this->assertEquals('Old subtitle', $concert->subtitle);
$this->assertEquals('Old additional information', $concert->additional_information);
$this->assertEquals(Carbon::parse('2017-01-01 5:00pm'), $concert->date);
$this->assertEquals('Old venue', $concert->venue);
$this->assertEquals('Old address', $concert->venue_address);
$this->assertEquals('Old city', $concert->city);
$this->assertEquals('Old state', $concert->state);
$this->assertEquals('00000', $concert->zip);
$this->assertEquals(2000, $concert->ticket_price);
});
}
/** @test */
function guests_cannot_edit_concerts()
{
$user = factory(User::class)->create();
$concert = factory(Concert::class)->create([
'user_id' => $user->id,
'title' => 'Old title',
'subtitle' => 'Old subtitle',
'additional_information' => 'Old additional information',
'date' => Carbon::parse('2017-01-01 5:00pm'),
'venue' => 'Old venue',
'venue_address' => 'Old address',
'city' => 'Old city',
'state' => 'Old state',
'zip' => '00000',
'ticket_price' => 2000,
]);
$this->assertFalse($concert->isPublished());
$response = $this->patch("/backstage/concerts/{$concert->id}", [
'title' => 'New title',
'subtitle' => 'New subtitle',
'additional_information' => 'New additional information',
'date' => '2018-12-12',
'time' => '8:00pm',
'venue' => 'New venue',
'venue_address' => 'New address',
'city' => 'New city',
'state' => 'New state',
'zip' => '99999',
'ticket_price' => '72.50',
]);
$response->assertRedirect('/login');
tap($concert->fresh(), function ($concert) {
$this->assertEquals('Old title', $concert->title);
$this->assertEquals('Old subtitle', $concert->subtitle);
$this->assertEquals('Old additional information', $concert->additional_information);
$this->assertEquals(Carbon::parse('2017-01-01 5:00pm'), $concert->date);
$this->assertEquals('Old venue', $concert->venue);
$this->assertEquals('Old address', $concert->venue_address);
$this->assertEquals('Old city', $concert->city);
$this->assertEquals('Old state', $concert->state);
$this->assertEquals('00000', $concert->zip);
$this->assertEquals(2000, $concert->ticket_price);
});
}
/** @test */
function title_is_required()
{
$user = factory(User::class)->create();
$concert = factory(Concert::class)->create([
'user_id' => $user->id,
'title' => 'Old title',
'subtitle' => 'Old subtitle',
'additional_information' => 'Old additional information',
'date' => Carbon::parse('2017-01-01 5:00pm'),
'venue' => 'Old venue',
'venue_address' => 'Old address',
'city' => 'Old city',
'state' => 'Old state',
'zip' => '00000',
'ticket_price' => 2000,
]);
$this->assertFalse($concert->isPublished());
$response = $this->actingAs($user)->from("/backstage/concerts/{$concert->id}/edit")->patch("/backstage/concerts/{$concert->id}", $this->validParams([
'title' => '',
]));
$response->assertRedirect("/backstage/concerts/{$concert->id}/edit");
$response->assertSessionHasErrors('title');
tap($concert->fresh(), function ($concert) {
$this->assertEquals('Old title', $concert->title);
$this->assertEquals('Old subtitle', $concert->subtitle);
$this->assertEquals('Old additional information', $concert->additional_information);
$this->assertEquals(Carbon::parse('2017-01-01 5:00pm'), $concert->date);
$this->assertEquals('Old venue', $concert->venue);
$this->assertEquals('Old address', $concert->venue_address);
$this->assertEquals('Old city', $concert->city);
$this->assertEquals('Old state', $concert->state);
$this->assertEquals('00000', $concert->zip);
$this->assertEquals(2000, $concert->ticket_price);
});
}
} }

6
tests/TestCase.php
View File

@@ -37,4 +37,10 @@ abstract class TestCase extends \Illuminate\Foundation\Testing\TestCase
} }
}); });
} }
protected function from($url)
{
session()->setPreviousUrl(url($url));
return $this;
}
} }