如何使用 Laravel 测试授权重定向

发布于08月13日

我已经手动测试了我想要的场景:

管理员用户可以访问网站的/codes部分.

手动测试通过，但LALAVEL测试失败.

我用的是laravel 5.1

Test for the admin user:

public function testAdminViewCodes()
    {
        //create an admin user
        $user = factory(App\User::class, 'admin')->create();

        $this->actingAs($user)
            ->visit('/codes')
            ->seePageIs('/codes')
            ->see('Codes');
    }

Test for normal user:个

    public function testNormalViewCodesFail()
    {
        //create a normal user
        $normal_user = factory(App\User::class)->create();

        //TODO: Fix this failing test FFS

        $this->actingAs($normal_user)
             ->visit('/qr')
             ->seePageIs('/dashboard')
             ->see('Sorry you are not allowed there');
}

test results;

There was 1 failure:

1) AdminTest::testNormalViewQRCodesFail
Did not land on expected page [http://localhost/dashboard].

Failed asserting that two strings are equal.
--- Expected
+++ Actual
@@ @@
-'http://localhost/dashboard'
+'http://localhost/codes'

I think there may be an issue with the factories, seems to be always creating an admin user:

$factory->define(App\User::class, function (Faker\Generator $faker) {
    return [
        'email' => $faker->email,
        'password' => bcrypt(str_random(10)),
        'remember_token' => str_random(10),
        'is_admin' => false,
    ];
});

$factory->defineAs(App\User::class, 'admin', function ($faker) use ($factory) {
    $user = $factory->raw(App\User::class);

    return array_merge($user, ['is_admin' => true]);
});

很抱歉这个问题有多长，但还有另一个紧迫的问题.我使用middleware来测试用户是否为admin:

<?php

namespace RMS\Http\Middleware;

use Closure;

class IsAdminMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (app()->env === 'testing') {
            return $next($request);
        }

        if (! $request->user()->isAdmin()) {
          return redirect()->route('dashboard')
              ->with('message', 'Sorry you are not allowed there');
        }

        return $next($request);
    }
}

Kernel.php年:

protected $routeMiddleware = [
        'auth' => \RMS\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'guest' => \RMS\Http\Middleware\RedirectIfAuthenticated::class,
        'isadmin' => \RMS\Http\Middleware\IsAdminMiddleware::class,
    ];

并应用于路由:

Route::group(['middleware' => ['auth', 'isadmin']], function()
{
    Route::resource('user', 'UserController');
});

中间件被忽略了吗？我肯定不会添加use WithoutMiddleware;条语句.

如何使用 Laravel 测试授权重定向

推荐答案

Laravel相关问答推荐

如何更改LIVE上的Filament占位符内容？

如何在 laravel 5.3 中验证没有 auth：api 中间件的用户？

Laravel 6 Passport 在错误的凭证上返回 400 Bad request

Laravel 不验证是否不需要字段

Laravel中具有两个外键字段的数据库一对多

Laravel 5 - 仅在特定页面/控制器(页面特定assets资源)上添加样式表

Laravel - 验证 - 如果字段为空则需要

错误：您的要求无法解析为一组可安装的软件包.

Laravel 判断约束违规

Laravel Artisan CLI 安全地停止守护进程队列工作者

Laravel Eloquent 模型中的字段

如何在laravel 5.1中使用url(路由)传递多个参数

在 Laravel 5 控制器中找不到类App\Http\Controllers\DB

Laravel - DecryptException：'MAC 无效'

如何判断是否在laravel中使用了分页

Laravel 在域和子域中共享 cookie 检测问题

登录后 DevTools 无法解析 SourceMap 错误将重定向到该 js 文件

Laravel 从公共删除目录

Laravel 5如何获取路由动作名称？

count() 参数必须是数组或在 laravel 中实现可数的对象