From 5ef9d7ce6e499587f6c8bc48acf008c8d0864c59 Mon Sep 17 00:00:00 2001 From: Derek Goetz Date: Tue, 16 Jan 2024 11:15:37 -0500 Subject: [PATCH 1/7] Add license checks to premium features. --- .../Resources/ApplicationResource.php | 9 ++ .../src/Filament/Resources/FormResource.php | 9 ++ .../src/Filament/Pages/UserChat.php | 5 + .../Resources/KnowledgeBaseItemResource.php | 9 ++ .../src/Filament/Resources/EventResource.php | 9 ++ .../src/Filament/Resources/SurveyResource.php | 9 ++ .../survey/src/Policies/SurveyPolicy.php | 110 ++++++++++++++++++ 7 files changed, 160 insertions(+) create mode 100644 app-modules/survey/src/Policies/SurveyPolicy.php diff --git a/app-modules/application/src/Filament/Resources/ApplicationResource.php b/app-modules/application/src/Filament/Resources/ApplicationResource.php index 5c9a737ba5..a03de9539d 100644 --- a/app-modules/application/src/Filament/Resources/ApplicationResource.php +++ b/app-modules/application/src/Filament/Resources/ApplicationResource.php @@ -40,6 +40,7 @@ use Filament\Resources\Pages\Page; use Illuminate\Database\Eloquent\Builder; use AdvisingApp\Application\Models\Application; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\Application\Filament\Resources\ApplicationResource\Pages\EditApplication; use AdvisingApp\Application\Filament\Resources\ApplicationResource\Pages\ListApplications; use AdvisingApp\Application\Filament\Resources\ApplicationResource\Pages\CreateApplication; @@ -63,6 +64,14 @@ class ApplicationResource extends Resource protected static ?string $recordTitleAttribute = 'name'; + public static function canAccess(): bool + { + /** @var User $user */ + $user = auth()->user(); + + return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); + } + public static function getEloquentQuery(): Builder { return parent::getEloquentQuery()->with(['fields']); diff --git a/app-modules/form/src/Filament/Resources/FormResource.php b/app-modules/form/src/Filament/Resources/FormResource.php index 1a7c462d18..6963593909 100644 --- a/app-modules/form/src/Filament/Resources/FormResource.php +++ b/app-modules/form/src/Filament/Resources/FormResource.php @@ -40,6 +40,7 @@ use AdvisingApp\Form\Models\Form; use Filament\Resources\Pages\Page; use Illuminate\Database\Eloquent\Builder; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\Form\Filament\Resources\FormResource\Pages\EditForm; use AdvisingApp\Form\Filament\Resources\FormResource\Pages\ListForms; use AdvisingApp\Form\Filament\Resources\FormResource\Pages\CreateForm; @@ -63,6 +64,14 @@ class FormResource extends Resource protected static ?string $recordTitleAttribute = 'name'; + public static function canAccess(): bool + { + /** @var User $user */ + $user = auth()->user(); + + return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); + } + public static function getEloquentQuery(): Builder { return parent::getEloquentQuery()->with(['fields']); diff --git a/app-modules/in-app-communication/src/Filament/Pages/UserChat.php b/app-modules/in-app-communication/src/Filament/Pages/UserChat.php index 043bf68391..e70bb6c8a5 100644 --- a/app-modules/in-app-communication/src/Filament/Pages/UserChat.php +++ b/app-modules/in-app-communication/src/Filament/Pages/UserChat.php @@ -53,6 +53,7 @@ use Filament\Actions\Contracts\HasActions; use Illuminate\Database\Eloquent\Collection; use Filament\Forms\Concerns\InteractsWithForms; +use AdvisingApp\Authorization\Enums\LicenseType; use Filament\Actions\Concerns\InteractsWithActions; use AdvisingApp\InAppCommunication\Enums\ConversationType; use AdvisingApp\IntegrationTwilio\Actions\GetTwilioApiKey; @@ -87,6 +88,10 @@ public static function canAccess(): bool /** @var User $user */ $user = auth()->user(); + if (! $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm])) { + return false; + } + return Gate::check(Feature::RealtimeChat->getGateName()) && $user->can('in-app-communication.realtime-chat.access'); } diff --git a/app-modules/knowledge-base/src/Filament/Resources/KnowledgeBaseItemResource.php b/app-modules/knowledge-base/src/Filament/Resources/KnowledgeBaseItemResource.php index 7b208bcbb8..467ee95e88 100644 --- a/app-modules/knowledge-base/src/Filament/Resources/KnowledgeBaseItemResource.php +++ b/app-modules/knowledge-base/src/Filament/Resources/KnowledgeBaseItemResource.php @@ -39,6 +39,7 @@ use Filament\Resources\Resource; use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\Builder; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseItem; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseItemResource\Pages\EditKnowledgeBaseItem; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseItemResource\Pages\ViewKnowledgeBaseItem; @@ -63,6 +64,14 @@ class KnowledgeBaseItemResource extends Resource protected static ?string $recordTitleAttribute = 'question'; + public static function canAccess(): bool + { + /** @var User $user */ + $user = auth()->user(); + + return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); + } + public static function getGloballySearchableAttributes(): array { return ['question', 'solution']; diff --git a/app-modules/meeting-center/src/Filament/Resources/EventResource.php b/app-modules/meeting-center/src/Filament/Resources/EventResource.php index 3ca9495a75..b771688390 100644 --- a/app-modules/meeting-center/src/Filament/Resources/EventResource.php +++ b/app-modules/meeting-center/src/Filament/Resources/EventResource.php @@ -39,6 +39,7 @@ use Filament\Resources\Resource; use Filament\Resources\Pages\Page; use AdvisingApp\MeetingCenter\Models\Event; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\MeetingCenter\Filament\Resources\EventResource\Pages\EditEvent; use AdvisingApp\MeetingCenter\Filament\Resources\EventResource\Pages\ViewEvent; use AdvisingApp\MeetingCenter\Filament\Resources\EventResource\Pages\ListEvents; @@ -63,6 +64,14 @@ class EventResource extends Resource protected static ?string $recordTitleAttribute = 'title'; + public static function canAccess(): bool + { + /** @var User $user */ + $user = auth()->user(); + + return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); + } + public static function getRecordSubNavigation(Page $page): array { return $page->generateNavigationItems([ diff --git a/app-modules/survey/src/Filament/Resources/SurveyResource.php b/app-modules/survey/src/Filament/Resources/SurveyResource.php index 9fa349ce4f..0137183899 100644 --- a/app-modules/survey/src/Filament/Resources/SurveyResource.php +++ b/app-modules/survey/src/Filament/Resources/SurveyResource.php @@ -40,6 +40,7 @@ use Filament\Resources\Pages\Page; use AdvisingApp\Survey\Models\Survey; use Illuminate\Database\Eloquent\Builder; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\Survey\Filament\Resources\SurveyResource\Pages\EditSurvey; use AdvisingApp\Survey\Filament\Resources\SurveyResource\Pages\ListSurveys; use AdvisingApp\Survey\Filament\Resources\SurveyResource\Pages\CreateSurvey; @@ -63,6 +64,14 @@ class SurveyResource extends Resource protected static ?string $recordTitleAttribute = 'name'; + public static function canAccess(): bool + { + /** @var User $user */ + $user = auth()->user(); + + return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); + } + public static function getEloquentQuery(): Builder { return parent::getEloquentQuery()->with(['fields']); diff --git a/app-modules/survey/src/Policies/SurveyPolicy.php b/app-modules/survey/src/Policies/SurveyPolicy.php new file mode 100644 index 0000000000..6fd84682fd --- /dev/null +++ b/app-modules/survey/src/Policies/SurveyPolicy.php @@ -0,0 +1,110 @@ + + + Copyright © 2022-2023, Canyon GBS LLC. All rights reserved. + + Advising App™ is licensed under the Elastic License 2.0. For more details, + see https://github.com/canyongbs/advisingapp/blob/main/LICENSE. + + Notice: + + - You may not provide the software to third parties as a hosted or managed + service, where the service provides users with access to any substantial set of + the features or functionality of the software. + - You may not move, change, disable, or circumvent the license key functionality + in the software, and you may not remove or obscure any functionality in the + software that is protected by the license key. + - You may not alter, remove, or obscure any licensing, copyright, or other notices + of the licensor in the software. Any use of the licensor’s trademarks is subject + to applicable law. + - Canyon GBS LLC respects the intellectual property rights of others and expects the + same in return. Canyon GBS™ and Advising App™ are registered trademarks of + Canyon GBS LLC, and we are committed to enforcing and protecting our trademarks + vigorously. + - The software solution, including services, infrastructure, and code, is offered as a + Software as a Service (SaaS) by Canyon GBS LLC. + - Use of this software implies agreement to the license terms and conditions as stated + in the Elastic License 2.0. + + For more information or inquiries please visit our website at + https://www.canyongbs.com or contact us via email at legal@canyongbs.com. + + +*/ + +namespace AdvisingApp\Survey\Policies; + +use App\Enums\Feature; +use App\Models\Authenticatable; +use Illuminate\Auth\Access\Response; +use AdvisingApp\Survey\Models\Survey; +use App\Concerns\FeatureAccessEnforcedPolicyBefore; +use App\Policies\Contracts\FeatureAccessEnforcedPolicy; + +class SurveyPolicy implements FeatureAccessEnforcedPolicy +{ + use FeatureAccessEnforcedPolicyBefore; + + public function viewAny(Authenticatable $authenticatable): Response + { + return $authenticatable->canOrElse( + abilities: 'survey.view-any', + denyResponse: 'You do not have permission to view surveys.' + ); + } + + public function view(Authenticatable $authenticatable, Survey $survey): Response + { + return $authenticatable->canOrElse( + abilities: ['survey.*.view', "survey.{$survey->id}.view"], + denyResponse: 'You do not have permission to view this survey.' + ); + } + + public function create(Authenticatable $authenticatable): Response + { + return $authenticatable->canOrElse( + abilities: 'survey.create', + denyResponse: 'You do not have permission to create surveys.' + ); + } + + public function update(Authenticatable $authenticatable, Survey $survey): Response + { + return $authenticatable->canOrElse( + abilities: ['survey.*.update', "survey.{$survey->id}.update"], + denyResponse: 'You do not have permission to update this survey.' + ); + } + + public function delete(Authenticatable $authenticatable, Survey $survey): Response + { + return $authenticatable->canOrElse( + abilities: ['survey.*.delete', "survey.{$survey->id}.delete"], + denyResponse: 'You do not have permission to delete this survey.' + ); + } + + public function restore(Authenticatable $authenticatable, Survey $survey): Response + { + return $authenticatable->canOrElse( + abilities: ['survey.*.restore', "survey.{$survey->id}.restore"], + denyResponse: 'You do not have permission to restore this survey.' + ); + } + + public function forceDelete(Authenticatable $authenticatable, Survey $survey): Response + { + return $authenticatable->canOrElse( + abilities: ['survey.*.force-delete', "survey.{$survey->id}.force-delete"], + denyResponse: 'You do not have permission to permanently delete this survey.' + ); + } + + protected function requiredFeatures(): array + { + return [Feature::OnlineSurveys]; + } +} From 4e21d8c5f3a3710acd4f6d2ddca319cd76bfd418 Mon Sep 17 00:00:00 2001 From: Derek Goetz Date: Tue, 16 Jan 2024 13:00:44 -0500 Subject: [PATCH 2/7] Fix tests. --- .../Application/CreateApplicationTest.php | 5 +++-- .../tests/Application/EditApplicationTest.php | 19 ++++++++++--------- .../Application/ListApplicationsTest.php | 5 +++-- 3 files changed, 16 insertions(+), 13 deletions(-) diff --git a/app-modules/application/tests/Application/CreateApplicationTest.php b/app-modules/application/tests/Application/CreateApplicationTest.php index ef060bdc31..ea5d704283 100644 --- a/app-modules/application/tests/Application/CreateApplicationTest.php +++ b/app-modules/application/tests/Application/CreateApplicationTest.php @@ -40,6 +40,7 @@ use function Pest\Laravel\actingAs; use function Pest\Livewire\livewire; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\Application\Filament\Resources\ApplicationResource; // TODO: Write CreateApplication tests @@ -50,7 +51,7 @@ // Permission Tests test('CreateApplication is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -78,7 +79,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( diff --git a/app-modules/application/tests/Application/EditApplicationTest.php b/app-modules/application/tests/Application/EditApplicationTest.php index 7dc4d496a4..baa9133b47 100644 --- a/app-modules/application/tests/Application/EditApplicationTest.php +++ b/app-modules/application/tests/Application/EditApplicationTest.php @@ -34,19 +34,20 @@ */ -use App\Models\User; +use AdvisingApp\Application\Database\Seeders\ApplicationSubmissionStateSeeder; -use function Pest\Laravel\seed; +use AdvisingApp\Application\Filament\Resources\ApplicationResource; -use App\Settings\LicenseSettings; +use AdvisingApp\Application\Models\Application; + +use AdvisingApp\Authorization\Enums\LicenseType; +use App\Models\User; +use App\Settings\LicenseSettings; use function Pest\Laravel\actingAs; +use function Pest\Laravel\seed; use function Pest\Livewire\livewire; -use AdvisingApp\Application\Models\Application; -use AdvisingApp\Application\Filament\Resources\ApplicationResource; -use AdvisingApp\Application\Database\Seeders\ApplicationSubmissionStateSeeder; - // TODO: Write EditApplication tests //test('A successful action on the EditApplication page', function () {}); // @@ -57,7 +58,7 @@ test('EditApplication is gated with proper access control', function () { seed(ApplicationSubmissionStateSeeder::class); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $application = Application::factory()->create(); @@ -95,7 +96,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('application.view-any'); $user->givePermissionTo('application.*.update'); diff --git a/app-modules/application/tests/Application/ListApplicationsTest.php b/app-modules/application/tests/Application/ListApplicationsTest.php index 9cf560224d..a7f21499ee 100644 --- a/app-modules/application/tests/Application/ListApplicationsTest.php +++ b/app-modules/application/tests/Application/ListApplicationsTest.php @@ -39,6 +39,7 @@ use function Pest\Laravel\actingAs; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\Application\Filament\Resources\ApplicationResource; // TODO: Write ListApplications tests @@ -49,7 +50,7 @@ // Permission Tests test('ListApplications is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -71,7 +72,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('application.view-any'); From 87ff059dc97485a5a2b34ca17e9d771e48d4cfe9 Mon Sep 17 00:00:00 2001 From: dgoetzit Date: Tue, 16 Jan 2024 18:03:16 +0000 Subject: [PATCH 3/7] chore: fix code style --- .../tests/Application/EditApplicationTest.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/app-modules/application/tests/Application/EditApplicationTest.php b/app-modules/application/tests/Application/EditApplicationTest.php index baa9133b47..9aba26cc1d 100644 --- a/app-modules/application/tests/Application/EditApplicationTest.php +++ b/app-modules/application/tests/Application/EditApplicationTest.php @@ -34,20 +34,20 @@ */ -use AdvisingApp\Application\Database\Seeders\ApplicationSubmissionStateSeeder; - -use AdvisingApp\Application\Filament\Resources\ApplicationResource; - -use AdvisingApp\Application\Models\Application; - -use AdvisingApp\Authorization\Enums\LicenseType; use App\Models\User; +use function Pest\Laravel\seed; + use App\Settings\LicenseSettings; + use function Pest\Laravel\actingAs; -use function Pest\Laravel\seed; use function Pest\Livewire\livewire; +use AdvisingApp\Application\Models\Application; +use AdvisingApp\Authorization\Enums\LicenseType; +use AdvisingApp\Application\Filament\Resources\ApplicationResource; +use AdvisingApp\Application\Database\Seeders\ApplicationSubmissionStateSeeder; + // TODO: Write EditApplication tests //test('A successful action on the EditApplication page', function () {}); // From 479daf52acb9f632233c82fd7bad1fa9d7ab7293 Mon Sep 17 00:00:00 2001 From: Derek Goetz Date: Tue, 16 Jan 2024 16:44:29 -0500 Subject: [PATCH 4/7] Add license checks to policies. --- .../roles/web/application_management.php | 14 ++++- .../Resources/ApplicationResource.php | 9 --- .../src/Policies/ApplicationPolicy.php | 24 ++++++-- .../src/Filament/Resources/FormResource.php | 9 --- app-modules/form/src/Policies/FormPolicy.php | 24 ++++++-- .../Resources/KnowledgeBaseItemResource.php | 9 --- .../Policies/KnowledgeBaseCategoryPolicy.php | 24 ++++++-- .../src/Policies/KnowledgeBaseItemPolicy.php | 24 ++++++-- .../Policies/KnowledgeBaseQualityPolicy.php | 24 ++++++-- .../Policies/KnowledgeBaseStatusPolicy.php | 24 ++++++-- .../src/Filament/Resources/EventResource.php | 1 + .../src/Filament/Resources/SurveyResource.php | 9 --- .../survey/src/Policies/SurveyPolicy.php | 24 ++++++-- ...cyBefore.php => PerformsFeatureChecks.php} | 4 +- app/Concerns/PerformsLicenseChecks.php | 58 +++++++++++++++++++ app/Filament/Clusters/ServiceManagement.php | 10 ++++ ... => PerformsChecksBeforeAuthorization.php} | 7 ++- 17 files changed, 228 insertions(+), 70 deletions(-) rename app/Concerns/{FeatureAccessEnforcedPolicyBefore.php => PerformsFeatureChecks.php} (95%) create mode 100644 app/Concerns/PerformsLicenseChecks.php rename app/Policies/Contracts/{FeatureAccessEnforcedPolicy.php => PerformsChecksBeforeAuthorization.php} (89%) diff --git a/app-modules/application/config/roles/web/application_management.php b/app-modules/application/config/roles/web/application_management.php index d79c3f1ef1..c3d7d586c6 100644 --- a/app-modules/application/config/roles/web/application_management.php +++ b/app-modules/application/config/roles/web/application_management.php @@ -36,7 +36,19 @@ return [ 'model' => [ - 'form' => [ + 'application' => [ + '*', + ], + 'application_field' => [ + '*', + ], + 'application_submission' => [ + '*', + ], + 'application_step' => [ + '*', + ], + 'application_authentication' => [ '*', ], ], diff --git a/app-modules/application/src/Filament/Resources/ApplicationResource.php b/app-modules/application/src/Filament/Resources/ApplicationResource.php index a03de9539d..5c9a737ba5 100644 --- a/app-modules/application/src/Filament/Resources/ApplicationResource.php +++ b/app-modules/application/src/Filament/Resources/ApplicationResource.php @@ -40,7 +40,6 @@ use Filament\Resources\Pages\Page; use Illuminate\Database\Eloquent\Builder; use AdvisingApp\Application\Models\Application; -use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\Application\Filament\Resources\ApplicationResource\Pages\EditApplication; use AdvisingApp\Application\Filament\Resources\ApplicationResource\Pages\ListApplications; use AdvisingApp\Application\Filament\Resources\ApplicationResource\Pages\CreateApplication; @@ -64,14 +63,6 @@ class ApplicationResource extends Resource protected static ?string $recordTitleAttribute = 'name'; - public static function canAccess(): bool - { - /** @var User $user */ - $user = auth()->user(); - - return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); - } - public static function getEloquentQuery(): Builder { return parent::getEloquentQuery()->with(['fields']); diff --git a/app-modules/application/src/Policies/ApplicationPolicy.php b/app-modules/application/src/Policies/ApplicationPolicy.php index 5b7282db4f..970313f3a8 100644 --- a/app-modules/application/src/Policies/ApplicationPolicy.php +++ b/app-modules/application/src/Policies/ApplicationPolicy.php @@ -39,13 +39,29 @@ use App\Enums\Feature; use App\Models\Authenticatable; use Illuminate\Auth\Access\Response; +use App\Concerns\PerformsFeatureChecks; +use App\Concerns\PerformsLicenseChecks; use AdvisingApp\Application\Models\Application; -use App\Concerns\FeatureAccessEnforcedPolicyBefore; -use App\Policies\Contracts\FeatureAccessEnforcedPolicy; +use AdvisingApp\Authorization\Enums\LicenseType; +use App\Policies\Contracts\PerformsChecksBeforeAuthorization; -class ApplicationPolicy implements FeatureAccessEnforcedPolicy +class ApplicationPolicy implements PerformsChecksBeforeAuthorization { - use FeatureAccessEnforcedPolicyBefore; + use PerformsLicenseChecks; + use PerformsFeatureChecks; + + public function before(Authenticatable $authenticatable): ?Response + { + if (! is_null($response = $this->hasAnyLicense($authenticatable, [LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]))) { + return $response; + } + + if (! is_null($response = $this->hasFeatures())) { + return $response; + } + + return null; + } public function viewAny(Authenticatable $authenticatable): Response { diff --git a/app-modules/form/src/Filament/Resources/FormResource.php b/app-modules/form/src/Filament/Resources/FormResource.php index 6963593909..1a7c462d18 100644 --- a/app-modules/form/src/Filament/Resources/FormResource.php +++ b/app-modules/form/src/Filament/Resources/FormResource.php @@ -40,7 +40,6 @@ use AdvisingApp\Form\Models\Form; use Filament\Resources\Pages\Page; use Illuminate\Database\Eloquent\Builder; -use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\Form\Filament\Resources\FormResource\Pages\EditForm; use AdvisingApp\Form\Filament\Resources\FormResource\Pages\ListForms; use AdvisingApp\Form\Filament\Resources\FormResource\Pages\CreateForm; @@ -64,14 +63,6 @@ class FormResource extends Resource protected static ?string $recordTitleAttribute = 'name'; - public static function canAccess(): bool - { - /** @var User $user */ - $user = auth()->user(); - - return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); - } - public static function getEloquentQuery(): Builder { return parent::getEloquentQuery()->with(['fields']); diff --git a/app-modules/form/src/Policies/FormPolicy.php b/app-modules/form/src/Policies/FormPolicy.php index 14c33e8645..c2d969d54e 100644 --- a/app-modules/form/src/Policies/FormPolicy.php +++ b/app-modules/form/src/Policies/FormPolicy.php @@ -40,12 +40,28 @@ use App\Models\Authenticatable; use AdvisingApp\Form\Models\Form; use Illuminate\Auth\Access\Response; -use App\Concerns\FeatureAccessEnforcedPolicyBefore; -use App\Policies\Contracts\FeatureAccessEnforcedPolicy; +use App\Concerns\PerformsFeatureChecks; +use App\Concerns\PerformsLicenseChecks; +use AdvisingApp\Authorization\Enums\LicenseType; +use App\Policies\Contracts\PerformsChecksBeforeAuthorization; -class FormPolicy implements FeatureAccessEnforcedPolicy +class FormPolicy implements PerformsChecksBeforeAuthorization { - use FeatureAccessEnforcedPolicyBefore; + use PerformsLicenseChecks; + use PerformsFeatureChecks; + + public function before(Authenticatable $authenticatable): ?Response + { + if (! is_null($response = $this->hasAnyLicense($authenticatable, [LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]))) { + return $response; + } + + if (! is_null($response = $this->hasFeatures())) { + return $response; + } + + return null; + } public function viewAny(Authenticatable $authenticatable): Response { diff --git a/app-modules/knowledge-base/src/Filament/Resources/KnowledgeBaseItemResource.php b/app-modules/knowledge-base/src/Filament/Resources/KnowledgeBaseItemResource.php index 467ee95e88..7b208bcbb8 100644 --- a/app-modules/knowledge-base/src/Filament/Resources/KnowledgeBaseItemResource.php +++ b/app-modules/knowledge-base/src/Filament/Resources/KnowledgeBaseItemResource.php @@ -39,7 +39,6 @@ use Filament\Resources\Resource; use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\Builder; -use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseItem; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseItemResource\Pages\EditKnowledgeBaseItem; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseItemResource\Pages\ViewKnowledgeBaseItem; @@ -64,14 +63,6 @@ class KnowledgeBaseItemResource extends Resource protected static ?string $recordTitleAttribute = 'question'; - public static function canAccess(): bool - { - /** @var User $user */ - $user = auth()->user(); - - return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); - } - public static function getGloballySearchableAttributes(): array { return ['question', 'solution']; diff --git a/app-modules/knowledge-base/src/Policies/KnowledgeBaseCategoryPolicy.php b/app-modules/knowledge-base/src/Policies/KnowledgeBaseCategoryPolicy.php index 04ce6748b4..ed85b77a81 100644 --- a/app-modules/knowledge-base/src/Policies/KnowledgeBaseCategoryPolicy.php +++ b/app-modules/knowledge-base/src/Policies/KnowledgeBaseCategoryPolicy.php @@ -39,13 +39,29 @@ use App\Enums\Feature; use App\Models\Authenticatable; use Illuminate\Auth\Access\Response; -use App\Concerns\FeatureAccessEnforcedPolicyBefore; -use App\Policies\Contracts\FeatureAccessEnforcedPolicy; +use App\Concerns\PerformsFeatureChecks; +use App\Concerns\PerformsLicenseChecks; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; +use App\Policies\Contracts\PerformsChecksBeforeAuthorization; -class KnowledgeBaseCategoryPolicy implements FeatureAccessEnforcedPolicy +class KnowledgeBaseCategoryPolicy implements PerformsChecksBeforeAuthorization { - use FeatureAccessEnforcedPolicyBefore; + use PerformsLicenseChecks; + use PerformsFeatureChecks; + + public function before(Authenticatable $authenticatable): ?Response + { + if (! is_null($response = $this->hasAnyLicense($authenticatable, [LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]))) { + return $response; + } + + if (! is_null($response = $this->hasFeatures())) { + return $response; + } + + return null; + } public function viewAny(Authenticatable $authenticatable): Response { diff --git a/app-modules/knowledge-base/src/Policies/KnowledgeBaseItemPolicy.php b/app-modules/knowledge-base/src/Policies/KnowledgeBaseItemPolicy.php index e0942047f6..8b7087ece4 100644 --- a/app-modules/knowledge-base/src/Policies/KnowledgeBaseItemPolicy.php +++ b/app-modules/knowledge-base/src/Policies/KnowledgeBaseItemPolicy.php @@ -39,13 +39,29 @@ use App\Enums\Feature; use App\Models\Authenticatable; use Illuminate\Auth\Access\Response; -use App\Concerns\FeatureAccessEnforcedPolicyBefore; +use App\Concerns\PerformsFeatureChecks; +use App\Concerns\PerformsLicenseChecks; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseItem; -use App\Policies\Contracts\FeatureAccessEnforcedPolicy; +use App\Policies\Contracts\PerformsChecksBeforeAuthorization; -class KnowledgeBaseItemPolicy implements FeatureAccessEnforcedPolicy +class KnowledgeBaseItemPolicy implements PerformsChecksBeforeAuthorization { - use FeatureAccessEnforcedPolicyBefore; + use PerformsLicenseChecks; + use PerformsFeatureChecks; + + public function before(Authenticatable $authenticatable): ?Response + { + if (! is_null($response = $this->hasAnyLicense($authenticatable, [LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]))) { + return $response; + } + + if (! is_null($response = $this->hasFeatures())) { + return $response; + } + + return null; + } public function viewAny(Authenticatable $authenticatable): Response { diff --git a/app-modules/knowledge-base/src/Policies/KnowledgeBaseQualityPolicy.php b/app-modules/knowledge-base/src/Policies/KnowledgeBaseQualityPolicy.php index 97ca3894cd..dd16423279 100644 --- a/app-modules/knowledge-base/src/Policies/KnowledgeBaseQualityPolicy.php +++ b/app-modules/knowledge-base/src/Policies/KnowledgeBaseQualityPolicy.php @@ -39,13 +39,29 @@ use App\Enums\Feature; use App\Models\Authenticatable; use Illuminate\Auth\Access\Response; -use App\Concerns\FeatureAccessEnforcedPolicyBefore; -use App\Policies\Contracts\FeatureAccessEnforcedPolicy; +use App\Concerns\PerformsFeatureChecks; +use App\Concerns\PerformsLicenseChecks; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseQuality; +use App\Policies\Contracts\PerformsChecksBeforeAuthorization; -class KnowledgeBaseQualityPolicy implements FeatureAccessEnforcedPolicy +class KnowledgeBaseQualityPolicy implements PerformsChecksBeforeAuthorization { - use FeatureAccessEnforcedPolicyBefore; + use PerformsLicenseChecks; + use PerformsFeatureChecks; + + public function before(Authenticatable $authenticatable): ?Response + { + if (! is_null($response = $this->hasAnyLicense($authenticatable, [LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]))) { + return $response; + } + + if (! is_null($response = $this->hasFeatures())) { + return $response; + } + + return null; + } public function viewAny(Authenticatable $authenticatable): Response { diff --git a/app-modules/knowledge-base/src/Policies/KnowledgeBaseStatusPolicy.php b/app-modules/knowledge-base/src/Policies/KnowledgeBaseStatusPolicy.php index 6428da24de..2ae8569e38 100644 --- a/app-modules/knowledge-base/src/Policies/KnowledgeBaseStatusPolicy.php +++ b/app-modules/knowledge-base/src/Policies/KnowledgeBaseStatusPolicy.php @@ -39,13 +39,29 @@ use App\Enums\Feature; use App\Models\Authenticatable; use Illuminate\Auth\Access\Response; -use App\Concerns\FeatureAccessEnforcedPolicyBefore; -use App\Policies\Contracts\FeatureAccessEnforcedPolicy; +use App\Concerns\PerformsFeatureChecks; +use App\Concerns\PerformsLicenseChecks; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseStatus; +use App\Policies\Contracts\PerformsChecksBeforeAuthorization; -class KnowledgeBaseStatusPolicy implements FeatureAccessEnforcedPolicy +class KnowledgeBaseStatusPolicy implements PerformsChecksBeforeAuthorization { - use FeatureAccessEnforcedPolicyBefore; + use PerformsLicenseChecks; + use PerformsFeatureChecks; + + public function before(Authenticatable $authenticatable): ?Response + { + if (! is_null($response = $this->hasAnyLicense($authenticatable, [LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]))) { + return $response; + } + + if (! is_null($response = $this->hasFeatures())) { + return $response; + } + + return null; + } public function viewAny(Authenticatable $authenticatable): Response { diff --git a/app-modules/meeting-center/src/Filament/Resources/EventResource.php b/app-modules/meeting-center/src/Filament/Resources/EventResource.php index b771688390..f64356ffab 100644 --- a/app-modules/meeting-center/src/Filament/Resources/EventResource.php +++ b/app-modules/meeting-center/src/Filament/Resources/EventResource.php @@ -64,6 +64,7 @@ class EventResource extends Resource protected static ?string $recordTitleAttribute = 'title'; + // TODO Move into policy once created... public static function canAccess(): bool { /** @var User $user */ diff --git a/app-modules/survey/src/Filament/Resources/SurveyResource.php b/app-modules/survey/src/Filament/Resources/SurveyResource.php index 0137183899..9fa349ce4f 100644 --- a/app-modules/survey/src/Filament/Resources/SurveyResource.php +++ b/app-modules/survey/src/Filament/Resources/SurveyResource.php @@ -40,7 +40,6 @@ use Filament\Resources\Pages\Page; use AdvisingApp\Survey\Models\Survey; use Illuminate\Database\Eloquent\Builder; -use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\Survey\Filament\Resources\SurveyResource\Pages\EditSurvey; use AdvisingApp\Survey\Filament\Resources\SurveyResource\Pages\ListSurveys; use AdvisingApp\Survey\Filament\Resources\SurveyResource\Pages\CreateSurvey; @@ -64,14 +63,6 @@ class SurveyResource extends Resource protected static ?string $recordTitleAttribute = 'name'; - public static function canAccess(): bool - { - /** @var User $user */ - $user = auth()->user(); - - return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); - } - public static function getEloquentQuery(): Builder { return parent::getEloquentQuery()->with(['fields']); diff --git a/app-modules/survey/src/Policies/SurveyPolicy.php b/app-modules/survey/src/Policies/SurveyPolicy.php index 6fd84682fd..d9f8f80cea 100644 --- a/app-modules/survey/src/Policies/SurveyPolicy.php +++ b/app-modules/survey/src/Policies/SurveyPolicy.php @@ -40,12 +40,28 @@ use App\Models\Authenticatable; use Illuminate\Auth\Access\Response; use AdvisingApp\Survey\Models\Survey; -use App\Concerns\FeatureAccessEnforcedPolicyBefore; -use App\Policies\Contracts\FeatureAccessEnforcedPolicy; +use App\Concerns\PerformsFeatureChecks; +use App\Concerns\PerformsLicenseChecks; +use AdvisingApp\Authorization\Enums\LicenseType; +use App\Policies\Contracts\PerformsChecksBeforeAuthorization; -class SurveyPolicy implements FeatureAccessEnforcedPolicy +class SurveyPolicy implements PerformsChecksBeforeAuthorization { - use FeatureAccessEnforcedPolicyBefore; + use PerformsLicenseChecks; + use PerformsFeatureChecks; + + public function before(Authenticatable $authenticatable): ?Response + { + if (! is_null($response = $this->hasAnyLicense($authenticatable, [LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]))) { + return $response; + } + + if (! is_null($response = $this->hasFeatures())) { + return $response; + } + + return null; + } public function viewAny(Authenticatable $authenticatable): Response { diff --git a/app/Concerns/FeatureAccessEnforcedPolicyBefore.php b/app/Concerns/PerformsFeatureChecks.php similarity index 95% rename from app/Concerns/FeatureAccessEnforcedPolicyBefore.php rename to app/Concerns/PerformsFeatureChecks.php index d2d40f11be..20dfe2343e 100644 --- a/app/Concerns/FeatureAccessEnforcedPolicyBefore.php +++ b/app/Concerns/PerformsFeatureChecks.php @@ -40,9 +40,9 @@ use Illuminate\Support\Facades\Gate; use App\Support\FeatureAccessResponse; -trait FeatureAccessEnforcedPolicyBefore +trait PerformsFeatureChecks { - public function before(): FeatureAccessResponse | null | bool + public function hasFeatures(): FeatureAccessResponse | null | bool { return Gate::check( collect($this->requiredFeatures())->map(fn (Feature $feature) => $feature->getGateName()) diff --git a/app/Concerns/PerformsLicenseChecks.php b/app/Concerns/PerformsLicenseChecks.php new file mode 100644 index 0000000000..b3e240d410 --- /dev/null +++ b/app/Concerns/PerformsLicenseChecks.php @@ -0,0 +1,58 @@ + + + Copyright © 2022-2023, Canyon GBS LLC. All rights reserved. + + Advising App™ is licensed under the Elastic License 2.0. For more details, + see https://github.com/canyongbs/advisingapp/blob/main/LICENSE. + + Notice: + + - You may not provide the software to third parties as a hosted or managed + service, where the service provides users with access to any substantial set of + the features or functionality of the software. + - You may not move, change, disable, or circumvent the license key functionality + in the software, and you may not remove or obscure any functionality in the + software that is protected by the license key. + - You may not alter, remove, or obscure any licensing, copyright, or other notices + of the licensor in the software. Any use of the licensor’s trademarks is subject + to applicable law. + - Canyon GBS LLC respects the intellectual property rights of others and expects the + same in return. Canyon GBS™ and Advising App™ are registered trademarks of + Canyon GBS LLC, and we are committed to enforcing and protecting our trademarks + vigorously. + - The software solution, including services, infrastructure, and code, is offered as a + Software as a Service (SaaS) by Canyon GBS LLC. + - Use of this software implies agreement to the license terms and conditions as stated + in the Elastic License 2.0. + + For more information or inquiries please visit our website at + https://www.canyongbs.com or contact us via email at legal@canyongbs.com. + + +*/ + +namespace App\Concerns; + +use App\Models\Authenticatable; +use Illuminate\Auth\Access\Response; +use AdvisingApp\Authorization\Enums\LicenseType; + +trait PerformsLicenseChecks +{ + public function hasLicenses(Authenticatable $authenticatable, LicenseType | string | array $licenses): ?Response + { + return $authenticatable->hasLicense($licenses) + ? null + : Response::deny('You are not licensed to access this resource.'); + } + + public function hasAnyLicense(Authenticatable $authenticatable, LicenseType | string | array $licenses): ?Response + { + return $authenticatable->hasAnyLicense($licenses) + ? null + : Response::deny('You are not licensed to access this resource.'); + } +} diff --git a/app/Filament/Clusters/ServiceManagement.php b/app/Filament/Clusters/ServiceManagement.php index c1adadb421..3abb54596a 100644 --- a/app/Filament/Clusters/ServiceManagement.php +++ b/app/Filament/Clusters/ServiceManagement.php @@ -37,6 +37,7 @@ namespace App\Filament\Clusters; use Filament\Clusters\Cluster; +use AdvisingApp\Authorization\Enums\LicenseType; class ServiceManagement extends Cluster { @@ -45,4 +46,13 @@ class ServiceManagement extends Cluster protected static ?string $navigationGroup = 'Premium Features'; protected static ?int $navigationSort = 30; + + // TODO Move into policy once created... + public static function canAccess(): bool + { + /** @var User $user */ + $user = auth()->user(); + + return $user->hasAnyLicense([LicenseType::RetentionCrm, LicenseType::RecruitmentCrm]); + } } diff --git a/app/Policies/Contracts/FeatureAccessEnforcedPolicy.php b/app/Policies/Contracts/PerformsChecksBeforeAuthorization.php similarity index 89% rename from app/Policies/Contracts/FeatureAccessEnforcedPolicy.php rename to app/Policies/Contracts/PerformsChecksBeforeAuthorization.php index f1bc223657..4de030a39a 100644 --- a/app/Policies/Contracts/FeatureAccessEnforcedPolicy.php +++ b/app/Policies/Contracts/PerformsChecksBeforeAuthorization.php @@ -36,9 +36,10 @@ namespace App\Policies\Contracts; -use App\Support\FeatureAccessResponse; +use App\Models\Authenticatable; +use Illuminate\Auth\Access\Response; -interface FeatureAccessEnforcedPolicy +interface PerformsChecksBeforeAuthorization { - public function before(): FeatureAccessResponse | null | bool; + public function before(Authenticatable $authenticatable): ?Response; } From 82b4445638e506a0180b7b3b6244f23f2ed6a20d Mon Sep 17 00:00:00 2001 From: Derek Goetz Date: Tue, 16 Jan 2024 16:59:01 -0500 Subject: [PATCH 5/7] Fix tests. --- .../CreateKnowledgeBaseCategoryTest.php | 17 +++++++++-------- .../EditKnowledgeBaseCategoryTest.php | 17 +++++++++-------- .../ListKnowledgeBaseCategoryTest.php | 11 ++++++----- .../ViewKnowledgeBaseCategoryTest.php | 5 +++-- .../CreateKnowledgeBaseItemTest.php | 5 +++-- .../EditKnowledgeBaseItemTest.php | 5 +++-- .../ListKnowledgeBaseItemsTest.php | 5 +++-- .../ViewKnowledgeBaseItemTest.php | 5 +++-- .../CreateKnowledgeBaseQualityTest.php | 5 +++-- .../EditKnowledgeBaseCategoryTest.php | 5 +++-- .../ListKnowledgeBaseQualityTest.php | 5 +++-- .../ViewKnowledgeBaseQualityTest.php | 5 +++-- .../CreateKnowledgeBaseStatusTest.php | 17 +++++++++-------- .../EditKnowledgeBaseStatusTest.php | 5 +++-- .../ListKnowledgeBaseStatusesTest.php | 5 +++-- .../ViewKnowledgeBaseStatusTest.php | 5 +++-- 16 files changed, 69 insertions(+), 53 deletions(-) diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/CreateKnowledgeBaseCategoryTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/CreateKnowledgeBaseCategoryTest.php index a17d94b018..bcd08a7b8d 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/CreateKnowledgeBaseCategoryTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/CreateKnowledgeBaseCategoryTest.php @@ -34,17 +34,18 @@ */ +use AdvisingApp\Authorization\Enums\LicenseType; +use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; + +use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; +use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseCategory\RequestFactories\CreateKnowledgeBaseCategoryRequestFactory; use App\Models\User; use App\Settings\LicenseSettings; -use function Pest\Laravel\actingAs; -use function Pest\Livewire\livewire; use function PHPUnit\Framework\assertCount; +use function Pest\Laravel\actingAs; use function Pest\Laravel\assertDatabaseHas; - -use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; -use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; -use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseCategory\RequestFactories\CreateKnowledgeBaseCategoryRequestFactory; +use function Pest\Livewire\livewire; // TODO: Write CreateKnowledgeBaseCategory tests //test('A successful action on the CreateKnowledgeBaseCategory page', function () {}); @@ -54,7 +55,7 @@ // Permission Tests test('CreateKnowledgeBaseCategory is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -91,7 +92,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_category.view-any'); $user->givePermissionTo('knowledge_base_category.create'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/EditKnowledgeBaseCategoryTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/EditKnowledgeBaseCategoryTest.php index 1c943c9015..c243fc0804 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/EditKnowledgeBaseCategoryTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/EditKnowledgeBaseCategoryTest.php @@ -34,16 +34,17 @@ */ +use AdvisingApp\Authorization\Enums\LicenseType; +use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; + +use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; +use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseCategory\RequestFactories\EditKnowledgeBaseCategoryRequestFactory; use App\Models\User; -use App\Settings\LicenseSettings; +use App\Settings\LicenseSettings; +use function PHPUnit\Framework\assertEquals; use function Pest\Laravel\actingAs; use function Pest\Livewire\livewire; -use function PHPUnit\Framework\assertEquals; - -use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; -use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; -use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseCategory\RequestFactories\EditKnowledgeBaseCategoryRequestFactory; // TODO: Write EditKnowledgeBaseCategory tests //test('A successful action on the EditKnowledgeBaseCategory page', function () {}); @@ -53,7 +54,7 @@ // Permission Tests test('EditKnowledgeBaseCategory is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $knowledgeBaseCategory = KnowledgeBaseCategory::factory()->create(); @@ -98,7 +99,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_category.view-any'); $user->givePermissionTo('knowledge_base_category.*.update'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ListKnowledgeBaseCategoryTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ListKnowledgeBaseCategoryTest.php index c08496916f..067cefdab2 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ListKnowledgeBaseCategoryTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ListKnowledgeBaseCategoryTest.php @@ -34,13 +34,14 @@ */ +use AdvisingApp\Authorization\Enums\LicenseType; +use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; + use App\Models\User; -use App\Settings\LicenseSettings; +use App\Settings\LicenseSettings; use function Pest\Laravel\actingAs; -use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; - // TODO: Write ListKnowledgeBaseCategory tests //test('The correct details are displayed on the ListKnowledgeBaseCategory page', function () {}); @@ -49,7 +50,7 @@ // Permission Tests test('ListKnowledgeBaseCategory is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -71,7 +72,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_category.view-any'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ViewKnowledgeBaseCategoryTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ViewKnowledgeBaseCategoryTest.php index 784ad5eace..db3e132382 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ViewKnowledgeBaseCategoryTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ViewKnowledgeBaseCategoryTest.php @@ -39,6 +39,7 @@ use function Pest\Laravel\actingAs; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; @@ -48,7 +49,7 @@ // Permission Tests test('ViewKnowledgeBaseCategory is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $knowledgeBaseCategory = KnowledgeBaseCategory::factory()->create(); @@ -77,7 +78,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_category.view-any'); $user->givePermissionTo('knowledge_base_category.*.view'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseItem/CreateKnowledgeBaseItemTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseItem/CreateKnowledgeBaseItemTest.php index 243efc7da2..ab2be4b29b 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseItem/CreateKnowledgeBaseItemTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseItem/CreateKnowledgeBaseItemTest.php @@ -42,6 +42,7 @@ use function PHPUnit\Framework\assertCount; use function Pest\Laravel\assertDatabaseHas; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseItem; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseItemResource; use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseItem\RequestFactories\CreateKnowledgeBaseItemRequestFactory; @@ -54,7 +55,7 @@ // Permission Tests test('CreateKnowledgeBaseItem is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -99,7 +100,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseItem/EditKnowledgeBaseItemTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseItem/EditKnowledgeBaseItemTest.php index 29de0c9f93..c173aadd0d 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseItem/EditKnowledgeBaseItemTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseItem/EditKnowledgeBaseItemTest.php @@ -40,6 +40,7 @@ use function Pest\Laravel\actingAs; use function Pest\Livewire\livewire; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseItem; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseItemResource; use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseItem\RequestFactories\EditKnowledgeBaseItemRequestFactory; @@ -52,7 +53,7 @@ // Permission Tests test('EditKnowledgeBaseItem is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $knowledgeBaseItem = KnowledgeBaseItem::factory()->create(); @@ -99,7 +100,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_item.view-any'); $user->givePermissionTo('knowledge_base_item.*.update'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseItem/ListKnowledgeBaseItemsTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseItem/ListKnowledgeBaseItemsTest.php index ab70786fc3..4c4c1dd41e 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseItem/ListKnowledgeBaseItemsTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseItem/ListKnowledgeBaseItemsTest.php @@ -39,6 +39,7 @@ use function Pest\Laravel\actingAs; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseItemResource; // TODO: Write ListKnowledgeBaseItems tests @@ -49,7 +50,7 @@ // Permission Tests test('ListKnowledgeBaseItems is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -71,7 +72,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_item.view-any'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseItem/ViewKnowledgeBaseItemTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseItem/ViewKnowledgeBaseItemTest.php index 844660d135..0195676bef 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseItem/ViewKnowledgeBaseItemTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseItem/ViewKnowledgeBaseItemTest.php @@ -39,6 +39,7 @@ use function Pest\Laravel\actingAs; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseItem; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseItemResource; @@ -48,7 +49,7 @@ // Permission Tests test('ViewKnowledgeBaseItem is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $knowledgeBaseItem = KnowledgeBaseItem::factory()->create(); @@ -77,7 +78,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_item.view-any'); $user->givePermissionTo('knowledge_base_item.*.view'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/CreateKnowledgeBaseQualityTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/CreateKnowledgeBaseQualityTest.php index 7c968d887d..3521f02375 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/CreateKnowledgeBaseQualityTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/CreateKnowledgeBaseQualityTest.php @@ -42,6 +42,7 @@ use function PHPUnit\Framework\assertCount; use function Pest\Laravel\assertDatabaseHas; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseQuality; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseQualityResource; use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseQuality\RequestFactories\CreateKnowledgeBaseQualityRequestFactory; @@ -54,7 +55,7 @@ // Permission Tests test('CreateKnowledgeBaseQuality is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -91,7 +92,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_quality.view-any'); $user->givePermissionTo('knowledge_base_quality.create'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/EditKnowledgeBaseCategoryTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/EditKnowledgeBaseCategoryTest.php index 71ab1f4b0d..8bcdeca713 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/EditKnowledgeBaseCategoryTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/EditKnowledgeBaseCategoryTest.php @@ -41,6 +41,7 @@ use function Pest\Livewire\livewire; use function PHPUnit\Framework\assertEquals; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseQuality; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseQualityResource; use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseQuality\RequestFactories\EditKnowledgeBaseQualityRequestFactory; @@ -53,7 +54,7 @@ // Permission Tests test('EditKnowledgeBaseQuality is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $knowledgeBaseQuality = KnowledgeBaseQuality::factory()->create(); @@ -98,7 +99,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_quality.view-any'); $user->givePermissionTo('knowledge_base_quality.*.update'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ListKnowledgeBaseQualityTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ListKnowledgeBaseQualityTest.php index a35229c169..c4a637b622 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ListKnowledgeBaseQualityTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ListKnowledgeBaseQualityTest.php @@ -39,6 +39,7 @@ use function Pest\Laravel\actingAs; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseQualityResource; // TODO: Write ListKnowledgeBaseQuality tests @@ -49,7 +50,7 @@ // Permission Tests test('ListKnowledgeBaseQuality is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -71,7 +72,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_quality.view-any'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ViewKnowledgeBaseQualityTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ViewKnowledgeBaseQualityTest.php index fed4ff9a20..50f11603db 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ViewKnowledgeBaseQualityTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ViewKnowledgeBaseQualityTest.php @@ -39,6 +39,7 @@ use function Pest\Laravel\actingAs; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseQuality; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseQualityResource; @@ -48,7 +49,7 @@ // Permission Tests test('ViewKnowledgeBaseQuality is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $knowledgeBaseQuality = KnowledgeBaseQuality::factory()->create(); @@ -77,7 +78,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_quality.view-any'); $user->givePermissionTo('knowledge_base_quality.*.view'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/CreateKnowledgeBaseStatusTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/CreateKnowledgeBaseStatusTest.php index 348fd86a0e..677e3dad61 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/CreateKnowledgeBaseStatusTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/CreateKnowledgeBaseStatusTest.php @@ -34,17 +34,18 @@ */ +use AdvisingApp\Authorization\Enums\LicenseType; +use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseStatusResource; + +use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseStatus; +use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseStatus\RequestFactories\CreateKnowledgeBaseStatusRequestFactory; use App\Models\User; use App\Settings\LicenseSettings; -use function Pest\Laravel\actingAs; -use function Pest\Livewire\livewire; use function PHPUnit\Framework\assertCount; +use function Pest\Laravel\actingAs; use function Pest\Laravel\assertDatabaseHas; - -use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseStatus; -use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseStatusResource; -use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseStatus\RequestFactories\CreateKnowledgeBaseStatusRequestFactory; +use function Pest\Livewire\livewire; // TODO: Write CreateKnowledgeBaseStatus tests //test('A successful action on the CreateKnowledgeBaseStatus page', function () {}); @@ -54,7 +55,7 @@ // Permission Tests test('CreateKnowledgeBaseStatus is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -91,7 +92,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_status.view-any'); $user->givePermissionTo('knowledge_base_status.create'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/EditKnowledgeBaseStatusTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/EditKnowledgeBaseStatusTest.php index 92edff4a92..da874d7865 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/EditKnowledgeBaseStatusTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/EditKnowledgeBaseStatusTest.php @@ -41,6 +41,7 @@ use function Pest\Livewire\livewire; use function PHPUnit\Framework\assertEquals; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseStatus; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseStatusResource; use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseStatus\RequestFactories\EditKnowledgeBaseStatusRequestFactory; @@ -53,7 +54,7 @@ // Permission Tests test('EditKnowledgeBaseStatus is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $knowledgeBaseStatus = KnowledgeBaseStatus::factory()->create(); @@ -98,7 +99,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_status.view-any'); $user->givePermissionTo('knowledge_base_status.*.update'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ListKnowledgeBaseStatusesTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ListKnowledgeBaseStatusesTest.php index 1521480ae8..6839c6956a 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ListKnowledgeBaseStatusesTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ListKnowledgeBaseStatusesTest.php @@ -39,6 +39,7 @@ use function Pest\Laravel\actingAs; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseStatusResource; // TODO: Write ListKnowledgeBaseStatuses tests @@ -49,7 +50,7 @@ // Permission Tests test('ListKnowledgeBaseStatuses is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); actingAs($user) ->get( @@ -71,7 +72,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_status.view-any'); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ViewKnowledgeBaseStatusTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ViewKnowledgeBaseStatusTest.php index dc51d10377..985fd316cf 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ViewKnowledgeBaseStatusTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ViewKnowledgeBaseStatusTest.php @@ -39,6 +39,7 @@ use function Pest\Laravel\actingAs; +use AdvisingApp\Authorization\Enums\LicenseType; use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseStatus; use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseStatusResource; @@ -48,7 +49,7 @@ // Permission Tests test('ViewKnowledgeBaseStatus is gated with proper access control', function () { - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $knowledgeBaseStatus = KnowledgeBaseStatus::factory()->create(); @@ -77,7 +78,7 @@ $settings->save(); - $user = User::factory()->create(); + $user = User::factory()->licensed(LicenseType::cases())->create(); $user->givePermissionTo('knowledge_base_status.view-any'); $user->givePermissionTo('knowledge_base_status.*.view'); From 648f157ca7de2689bcfc8649cbc1ebf7b8a40f13 Mon Sep 17 00:00:00 2001 From: Derek Goetz Date: Tue, 16 Jan 2024 17:10:28 -0500 Subject: [PATCH 6/7] Add license based tests. --- .../ListKnowledgeBaseCategoryTest.php | 38 +++++++++++++++++-- .../ListKnowledgeBaseItemsTest.php | 30 +++++++++++++++ .../ListKnowledgeBaseQualityTest.php | 30 +++++++++++++++ .../ListKnowledgeBaseStatusesTest.php | 30 +++++++++++++++ 4 files changed, 124 insertions(+), 4 deletions(-) diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ListKnowledgeBaseCategoryTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ListKnowledgeBaseCategoryTest.php index 067cefdab2..44495fbb79 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ListKnowledgeBaseCategoryTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/ListKnowledgeBaseCategoryTest.php @@ -34,14 +34,14 @@ */ -use AdvisingApp\Authorization\Enums\LicenseType; -use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; - use App\Models\User; - use App\Settings\LicenseSettings; + use function Pest\Laravel\actingAs; +use AdvisingApp\Authorization\Enums\LicenseType; +use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; + // TODO: Write ListKnowledgeBaseCategory tests //test('The correct details are displayed on the ListKnowledgeBaseCategory page', function () {}); @@ -90,3 +90,33 @@ KnowledgeBaseCategoryResource::getUrl('index') )->assertSuccessful(); }); + +test('ListKnowledgeBaseCategory is gated with proper license access control', function () { + $settings = app(LicenseSettings::class); + + // When the feature is enabled + $settings->data->addons->knowledgeManagement = true; + + $settings->save(); + + $user = User::factory()->create(); + + // And the authenticatable has the correct permissions + // But they do not have the appropriate license + $user->givePermissionTo('knowledge_base_category.view-any'); + + // They should not be able to access the resource + actingAs($user) + ->get( + KnowledgeBaseCategoryResource::getUrl('index') + )->assertForbidden(); + + $user->grantLicense(LicenseType::RecruitmentCrm); + + $user->refresh(); + + actingAs($user) + ->get( + KnowledgeBaseCategoryResource::getUrl('index') + )->assertSuccessful(); +}); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseItem/ListKnowledgeBaseItemsTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseItem/ListKnowledgeBaseItemsTest.php index 4c4c1dd41e..d710237175 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseItem/ListKnowledgeBaseItemsTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseItem/ListKnowledgeBaseItemsTest.php @@ -90,3 +90,33 @@ KnowledgeBaseItemResource::getUrl('index') )->assertSuccessful(); }); + +test('ListKnowledgeBaseItems is gated with proper license access control', function () { + $settings = app(LicenseSettings::class); + + // When the feature is enabled + $settings->data->addons->knowledgeManagement = true; + + $settings->save(); + + $user = User::factory()->create(); + + // And the authenticatable has the correct permissions + // But they do not have the appropriate license + $user->givePermissionTo('knowledge_base_item.view-any'); + + // They should not be able to access the resource + actingAs($user) + ->get( + KnowledgeBaseItemResource::getUrl('index') + )->assertForbidden(); + + $user->grantLicense(LicenseType::RecruitmentCrm); + + $user->refresh(); + + actingAs($user) + ->get( + KnowledgeBaseItemResource::getUrl('index') + )->assertSuccessful(); +}); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ListKnowledgeBaseQualityTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ListKnowledgeBaseQualityTest.php index c4a637b622..5118cfa3cb 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ListKnowledgeBaseQualityTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseQuality/ListKnowledgeBaseQualityTest.php @@ -90,3 +90,33 @@ KnowledgeBaseQualityResource::getUrl('index') )->assertSuccessful(); }); + +test('ListKnowledgeBaseQuality is gated with proper license access control', function () { + $settings = app(LicenseSettings::class); + + // When the feature is enabled + $settings->data->addons->knowledgeManagement = true; + + $settings->save(); + + $user = User::factory()->create(); + + // And the authenticatable has the correct permissions + // But they do not have the appropriate license + $user->givePermissionTo('knowledge_base_quality.view-any'); + + // They should not be able to access the resource + actingAs($user) + ->get( + KnowledgeBaseQualityResource::getUrl('index') + )->assertForbidden(); + + $user->grantLicense(LicenseType::RecruitmentCrm); + + $user->refresh(); + + actingAs($user) + ->get( + KnowledgeBaseQualityResource::getUrl('index') + )->assertSuccessful(); +}); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ListKnowledgeBaseStatusesTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ListKnowledgeBaseStatusesTest.php index 6839c6956a..2757f01783 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ListKnowledgeBaseStatusesTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/ListKnowledgeBaseStatusesTest.php @@ -90,3 +90,33 @@ KnowledgeBaseStatusResource::getUrl('index') )->assertSuccessful(); }); + +test('ListKnowledgeBaseStatus is gated with proper license access control', function () { + $settings = app(LicenseSettings::class); + + // When the feature is enabled + $settings->data->addons->knowledgeManagement = true; + + $settings->save(); + + $user = User::factory()->create(); + + // And the authenticatable has the correct permissions + // But they do not have the appropriate license + $user->givePermissionTo('knowledge_base_status.view-any'); + + // They should not be able to access the resource + actingAs($user) + ->get( + KnowledgeBaseStatusResource::getUrl('index') + )->assertForbidden(); + + $user->grantLicense(LicenseType::RecruitmentCrm); + + $user->refresh(); + + actingAs($user) + ->get( + KnowledgeBaseStatusResource::getUrl('index') + )->assertSuccessful(); +}); From bf24c1f67364058d68cc8374c4863cade7ef95a8 Mon Sep 17 00:00:00 2001 From: dgoetzit Date: Tue, 16 Jan 2024 22:13:10 +0000 Subject: [PATCH 7/7] chore: fix code style --- .../CreateKnowledgeBaseCategoryTest.php | 14 +++++++------- .../EditKnowledgeBaseCategoryTest.php | 14 +++++++------- .../CreateKnowledgeBaseStatusTest.php | 14 +++++++------- 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/CreateKnowledgeBaseCategoryTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/CreateKnowledgeBaseCategoryTest.php index bcd08a7b8d..5fc75865f8 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/CreateKnowledgeBaseCategoryTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/CreateKnowledgeBaseCategoryTest.php @@ -34,18 +34,18 @@ */ -use AdvisingApp\Authorization\Enums\LicenseType; -use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; - -use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; -use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseCategory\RequestFactories\CreateKnowledgeBaseCategoryRequestFactory; use App\Models\User; use App\Settings\LicenseSettings; -use function PHPUnit\Framework\assertCount; use function Pest\Laravel\actingAs; -use function Pest\Laravel\assertDatabaseHas; use function Pest\Livewire\livewire; +use function PHPUnit\Framework\assertCount; +use function Pest\Laravel\assertDatabaseHas; + +use AdvisingApp\Authorization\Enums\LicenseType; +use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; +use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; +use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseCategory\RequestFactories\CreateKnowledgeBaseCategoryRequestFactory; // TODO: Write CreateKnowledgeBaseCategory tests //test('A successful action on the CreateKnowledgeBaseCategory page', function () {}); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/EditKnowledgeBaseCategoryTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/EditKnowledgeBaseCategoryTest.php index c243fc0804..920b82ee82 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseCategory/EditKnowledgeBaseCategoryTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseCategory/EditKnowledgeBaseCategoryTest.php @@ -34,17 +34,17 @@ */ -use AdvisingApp\Authorization\Enums\LicenseType; -use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; - -use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; -use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseCategory\RequestFactories\EditKnowledgeBaseCategoryRequestFactory; use App\Models\User; - use App\Settings\LicenseSettings; -use function PHPUnit\Framework\assertEquals; + use function Pest\Laravel\actingAs; use function Pest\Livewire\livewire; +use function PHPUnit\Framework\assertEquals; + +use AdvisingApp\Authorization\Enums\LicenseType; +use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseCategory; +use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseCategoryResource; +use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseCategory\RequestFactories\EditKnowledgeBaseCategoryRequestFactory; // TODO: Write EditKnowledgeBaseCategory tests //test('A successful action on the EditKnowledgeBaseCategory page', function () {}); diff --git a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/CreateKnowledgeBaseStatusTest.php b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/CreateKnowledgeBaseStatusTest.php index 677e3dad61..935873c91f 100644 --- a/app-modules/knowledge-base/tests/KnowledgeBaseStatus/CreateKnowledgeBaseStatusTest.php +++ b/app-modules/knowledge-base/tests/KnowledgeBaseStatus/CreateKnowledgeBaseStatusTest.php @@ -34,18 +34,18 @@ */ -use AdvisingApp\Authorization\Enums\LicenseType; -use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseStatusResource; - -use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseStatus; -use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseStatus\RequestFactories\CreateKnowledgeBaseStatusRequestFactory; use App\Models\User; use App\Settings\LicenseSettings; -use function PHPUnit\Framework\assertCount; use function Pest\Laravel\actingAs; -use function Pest\Laravel\assertDatabaseHas; use function Pest\Livewire\livewire; +use function PHPUnit\Framework\assertCount; +use function Pest\Laravel\assertDatabaseHas; + +use AdvisingApp\Authorization\Enums\LicenseType; +use AdvisingApp\KnowledgeBase\Models\KnowledgeBaseStatus; +use AdvisingApp\KnowledgeBase\Filament\Resources\KnowledgeBaseStatusResource; +use AdvisingApp\KnowledgeBase\Tests\KnowledgeBaseStatus\RequestFactories\CreateKnowledgeBaseStatusRequestFactory; // TODO: Write CreateKnowledgeBaseStatus tests //test('A successful action on the CreateKnowledgeBaseStatus page', function () {});