feature: add api for categories

feature: add initial docker build and compose for development mode
2026-01-15 15:29:42 +00:00 · 2026-01-15 15:29:42 +00:00 · f980be8e28
commit f980be8e28
parent 6bf486e52b
14 changed files with 520 additions and 0 deletions
--- a/tests/Feature/CategoryApiTest.php
+++ b/tests/Feature/CategoryApiTest.php
@ -0,0 +1,171 @@
+<?php
+
+use App\Models\Category;
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+
+use function Pest\Laravel\actingAs;
+use function Pest\Laravel\deleteJson;
+use function Pest\Laravel\getJson;
+use function Pest\Laravel\postJson;
+use function Pest\Laravel\putJson;
+
+uses(RefreshDatabase::class);
+
+test('index returns all categories', function () {
+    $user = User::factory()->create();
+
+    Category::factory()->count(3)->create();
+
+    actingAs($user)
+        ->getJson('/api/categories')
+        ->assertSuccessful()
+        ->assertJsonCount(3, 'data');
+});
+
+test('index requires authentication', function () {
+    getJson('/api/categories')->assertUnauthorized();
+});
+
+test('store creates a new category when user is admin', function () {
+    $adminEmail = config('app.admin_email');
+    $admin = User::factory()->create(['email' => $adminEmail]);
+
+    actingAs($admin)
+        ->postJson('/api/categories', ['name' => 'Technology'])
+        ->assertSuccessful()
+        ->assertJsonPath('data.name', 'Technology');
+
+    expect(Category::where('name', 'Technology')->exists())->toBeTrue();
+});
+
+test('store fails when name is missing', function () {
+    $adminEmail = config('app.admin_email');
+    $admin = User::factory()->create(['email' => $adminEmail]);
+
+    actingAs($admin)
+        ->postJson('/api/categories', [])
+        ->assertUnprocessable()
+        ->assertJsonValidationErrors(['name']);
+});
+
+test('store fails when name is not unique', function () {
+    $adminEmail = config('app.admin_email');
+    $admin = User::factory()->create(['email' => $adminEmail]);
+
+    Category::factory()->create(['name' => 'Existing']);
+
+    actingAs($admin)
+        ->postJson('/api/categories', ['name' => 'Existing'])
+        ->assertUnprocessable()
+        ->assertJsonValidationErrors(['name']);
+});
+
+test('store fails when user is not admin', function () {
+    $user = User::factory()->create();
+
+    actingAs($user)
+        ->postJson('/api/categories', ['name' => 'Technology'])
+        ->assertForbidden();
+});
+
+test('store requires authentication', function () {
+    postJson('/api/categories', ['name' => 'Technology'])->assertUnauthorized();
+});
+
+test('show returns a single category', function () {
+    $user = User::factory()->create();
+    $category = Category::factory()->create(['name' => 'Science']);
+
+    actingAs($user)
+        ->getJson("/api/categories/{$category->id}")
+        ->assertSuccessful()
+        ->assertJsonPath('data.name', 'Science')
+        ->assertJsonPath('data.id', $category->id);
+});
+
+test('show requires authentication', function () {
+    $category = Category::factory()->create();
+
+    getJson("/api/categories/{$category->id}")->assertUnauthorized();
+});
+
+test('update modifies an existing category when user is admin', function () {
+    $adminEmail = config('app.admin_email');
+    $admin = User::factory()->create(['email' => $adminEmail]);
+    $category = Category::factory()->create(['name' => 'Old Name']);
+
+    actingAs($admin)
+        ->putJson("/api/categories/{$category->id}", ['name' => 'New Name'])
+        ->assertSuccessful()
+        ->assertJsonPath('data.name', 'New Name');
+
+    expect($category->refresh()->name)->toBe('New Name');
+});
+
+test('update allows partial updates', function () {
+    $adminEmail = config('app.admin_email');
+    $admin = User::factory()->create(['email' => $adminEmail]);
+    $category = Category::factory()->create(['name' => 'Original']);
+
+    actingAs($admin)
+        ->putJson("/api/categories/{$category->id}", [])
+        ->assertSuccessful();
+
+    expect($category->refresh()->name)->toBe('Original');
+});
+
+test('update fails when name is not unique', function () {
+    $adminEmail = config('app.admin_email');
+    $admin = User::factory()->create(['email' => $adminEmail]);
+
+    Category::factory()->create(['name' => 'Existing']);
+    $category = Category::factory()->create(['name' => 'Original']);
+
+    actingAs($admin)
+        ->putJson("/api/categories/{$category->id}", ['name' => 'Existing'])
+        ->assertUnprocessable()
+        ->assertJsonValidationErrors(['name']);
+});
+
+test('update fails when user is not admin', function () {
+    $user = User::factory()->create();
+    $category = Category::factory()->create();
+
+    actingAs($user)
+        ->putJson("/api/categories/{$category->id}", ['name' => 'New Name'])
+        ->assertForbidden();
+});
+
+test('update requires authentication', function () {
+    $category = Category::factory()->create();
+
+    putJson("/api/categories/{$category->id}", ['name' => 'New Name'])->assertUnauthorized();
+});
+
+test('destroy deletes a category when user is admin', function () {
+    $adminEmail = config('app.admin_email');
+    $admin = User::factory()->create(['email' => $adminEmail]);
+    $category = Category::factory()->create();
+
+    actingAs($admin)
+        ->deleteJson("/api/categories/{$category->id}")
+        ->assertNoContent();
+
+    expect(Category::find($category->id))->toBeNull();
+});
+
+test('destroy fails when user is not admin', function () {
+    $user = User::factory()->create();
+    $category = Category::factory()->create();
+
+    actingAs($user)
+        ->deleteJson("/api/categories/{$category->id}")
+        ->assertForbidden();
+});
+
+test('destroy requires authentication', function () {
+    $category = Category::factory()->create();
+
+    deleteJson("/api/categories/{$category->id}")->assertUnauthorized();
+});