I have controller Post with typical CRUD method's. I have a PostPolicy, in which:
public function destroy(User $user, Post $post)
{
$user->id === $post->author_id;
}
I want to write test for this. When I check if user delete his own post - all OK.
But when I test if other user user can delete not his own post, laravel test send error:
Illuminate\Auth\Access\AuthorizationException: This action is unauthorized.
How bypass it or which has another method for write this test?
Code
$user = factory(User::class)->create([
'id' => 3,
'role_id' => 2
]);
factory(Post::class)->create([
'id' => 30,
'editor_id' => 2,
]);
$this->delete('/api/posts/30', [], [
'authorization' => "Bearer {$user->api_token}",
'accept' => 'application/json',
])->assertJson([
]);;
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire