headroom/backend/tests/Unit/Policies/TeamMemberPolicyTest.php

<?php

namespace Tests\Unit\Policies;

use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
use App\Models\User;
use App\Models\TeamMember;
use App\Models\Role;
use Illuminate\Support\Facades\Gate;

class TeamMemberPolicyTest extends TestCase
{
    use RefreshDatabase;

    // 2.1.18 Unit test: TeamMemberPolicy authorization
    public function test_team_member_policy_authorization()
    {
        $superuser = User::factory()->create(['role' => 'superuser']);
        $manager = User::factory()->create(['role' => 'manager']);
        $developer = User::factory()->create(['role' => 'developer']);
        $teamMember = TeamMember::factory()->create();

        // Superuser can perform all actions
        $this->actingAs($superuser);
        $this->assertTrue(Gate::allows('viewAny', TeamMember::class));
        $this->assertTrue(Gate::allows('view', $teamMember));
        $this->assertTrue(Gate::allows('create', TeamMember::class));
        $this->assertTrue(Gate::allows('update', $teamMember));
        $this->assertTrue(Gate::allows('delete', $teamMember));

        // Manager can perform all actions
        $this->actingAs($manager);
        $this->assertTrue(Gate::allows('viewAny', TeamMember::class));
        $this->assertTrue(Gate::allows('view', $teamMember));
        $this->assertTrue(Gate::allows('create', TeamMember::class));
        $this->assertTrue(Gate::allows('update', $teamMember));
        $this->assertTrue(Gate::allows('delete', $teamMember));

        // Developer can only view
        $this->actingAs($developer);
        $this->assertTrue(Gate::allows('viewAny', TeamMember::class));
        $this->assertTrue(Gate::allows('view', $teamMember));
    }
}