Skrytí osobních údajů #1

Nezobrazovat detail logu anonymnímu uživateli #2
2026-01-10 12:50:45 +01:00
parent 41e3ce6f25
commit 1e484aef47
7 changed files with 419 additions and 203 deletions
--- a/tests/Feature/Logs/LogControllerTest.php
+++ b/tests/Feature/Logs/LogControllerTest.php
@@ -35,16 +35,66 @@ class LogControllerTest extends TestCase
        $this->assertCount(1, $ids);
    }

-    public function test_show_returns_log(): void
+    public function test_show_requires_admin(): void
    {
        $log = $this->createLog();

+        $this->getJson("/api/logs/{$log->id}")
+            ->assertStatus(403);
+    }
+
+    public function test_admin_can_view_log(): void
+    {
+        $this->actingAsAdmin();
+        $log = $this->createLog();
+
        $response = $this->getJson("/api/logs/{$log->id}");

        $response->assertStatus(200)
            ->assertJsonFragment(['id' => $log->id]);
    }

+    public function test_public_show_requires_final_results(): void
+    {
+        $log = $this->createLog();
+
+        $this->getJson("/api/logs/{$log->id}/public")
+            ->assertStatus(403);
+    }
+
+    public function test_public_show_returns_whitelisted_fields(): void
+    {
+        $round = $this->createRound();
+        $log = $this->createLog([
+            'round_id' => $round->id,
+            'pcall' => 'OK1PUBLIC',
+            'rcall' => 'OK1SECRET',
+            'padr1' => 'Secret Street',
+            'pband' => '144',
+            'claimed_qso_count' => 50,
+        ]);
+        $run = $this->createEvaluationRun([
+            'round_id' => $round->id,
+            'status' => 'SUCCEEDED',
+            'result_type' => 'FINAL',
+            'rules_version' => 'OFFICIAL',
+        ]);
+        $round->official_evaluation_run_id = $run->id;
+        $round->save();
+
+        $response = $this->getJson("/api/logs/{$log->id}/public");
+
+        $response->assertStatus(200)
+            ->assertJsonFragment([
+                'id' => $log->id,
+                'pcall' => 'OK1PUBLIC',
+                'pband' => '144',
+                'claimed_qso_count' => 50,
+            ])
+            ->assertJsonMissing(['rcall' => 'OK1SECRET'])
+            ->assertJsonMissing(['padr1' => 'Secret Street']);
+    }
+
    public function test_admin_can_create_update_and_delete_log(): void
    {
        $this->actingAsAdmin();
--- a/tests/Feature/Logs/LogQsoTableTest.php
+++ b/tests/Feature/Logs/LogQsoTableTest.php
@@ -11,6 +11,7 @@ class LogQsoTableTest extends TestCase

    public function test_qso_table_uses_latest_succeeded_non_claimed_run_by_default(): void
    {
+        $this->actingAsAdmin();
        $round = $this->createRound();
        $log = $this->createLog(['round_id' => $round->id]);

@@ -77,6 +78,7 @@ class LogQsoTableTest extends TestCase

    public function test_qso_table_respects_explicit_evaluation_run_id(): void
    {
+        $this->actingAsAdmin();
        $round = $this->createRound();
        $log = $this->createLog(['round_id' => $round->id]);