create(['role' => 'superuser']); $manager = User::factory()->create(['role' => 'manager']); $developer = User::factory()->create(['role' => 'developer']); $teamMember = TeamMember::factory()->create(); // Superuser can perform all actions $this->actingAs($superuser); $this->assertTrue(Gate::allows('viewAny', TeamMember::class)); $this->assertTrue(Gate::allows('view', $teamMember)); $this->assertTrue(Gate::allows('create', TeamMember::class)); $this->assertTrue(Gate::allows('update', $teamMember)); $this->assertTrue(Gate::allows('delete', $teamMember)); // Manager can perform all actions $this->actingAs($manager); $this->assertTrue(Gate::allows('viewAny', TeamMember::class)); $this->assertTrue(Gate::allows('view', $teamMember)); $this->assertTrue(Gate::allows('create', TeamMember::class)); $this->assertTrue(Gate::allows('update', $teamMember)); $this->assertTrue(Gate::allows('delete', $teamMember)); // Developer can only view $this->actingAs($developer); $this->assertTrue(Gate::allows('viewAny', TeamMember::class)); $this->assertTrue(Gate::allows('view', $teamMember)); } }