43 lines
1.4 KiB
PHP
43 lines
1.4 KiB
PHP
<?php
|
|
|
|
use App\Jobs\TestMailProfileConnection;
|
|
use App\Models\MailProfile;
|
|
use App\Models\Permission;
|
|
use App\Models\Role;
|
|
use App\Models\User;
|
|
use Illuminate\Support\Facades\Queue;
|
|
|
|
function adminUserSecurity(): User
|
|
{
|
|
$user = User::factory()->create();
|
|
$role = Role::firstOrCreate(['slug' => 'admin'], ['name' => 'Admin']);
|
|
Permission::firstOrCreate(['slug' => 'manage-settings'], ['name' => 'Manage Settings']);
|
|
$user->roles()->syncWithoutDetaching([$role->id]);
|
|
|
|
return $user;
|
|
}
|
|
|
|
it('does not leak encrypted_password in json endpoint', function () {
|
|
$user = adminUserSecurity();
|
|
test()->actingAs($user);
|
|
$profile = MailProfile::factory()->create(['name' => 'SecureProfile']);
|
|
$resp = test()->get(route('admin.mail-profiles.json'));
|
|
$resp->assertSuccessful();
|
|
$resp->assertJsonMissingPath('0.encrypted_password');
|
|
$resp->assertJsonFragment(['name' => 'SecureProfile']);
|
|
});
|
|
|
|
it('queues test connection job and updates queued status', function () {
|
|
Queue::fake();
|
|
$user = adminUserSecurity();
|
|
test()->actingAs($user);
|
|
$profile = MailProfile::factory()->create(['test_status' => null]);
|
|
$resp = test()->post(route('admin.mail-profiles.test', $profile));
|
|
$resp->assertRedirect();
|
|
$profile->refresh();
|
|
expect($profile->test_status)->toBe('queued');
|
|
Queue::assertPushed(TestMailProfileConnection::class, function ($job) use ($profile) {
|
|
return $job->mailProfileId === $profile->id;
|
|
});
|
|
});
|