37 lines
1.2 KiB
PHP
37 lines
1.2 KiB
PHP
<?php
|
||
|
||
use App\Models\PersonalData;
|
||
use App\Models\User;
|
||
use Database\Seeders\RolesAndPermissionsSeeder;
|
||
|
||
use function Pest\Laravel\seed;
|
||
|
||
beforeEach(fn () => seed(RolesAndPermissionsSeeder::class));
|
||
|
||
it('разграничивает доступ к ПДн по ролям (УПД.2, УПД.5)', function () {
|
||
$admin = User::factory()->create();
|
||
$admin->assignRole('admin');
|
||
|
||
$owner = User::factory()->create();
|
||
$owner->assignRole('user');
|
||
|
||
$stranger = User::factory()->create();
|
||
$stranger->assignRole('user');
|
||
|
||
$data = PersonalData::create(['owner_id' => $owner->id, 'last_name' => 'Сидоров']);
|
||
|
||
expect($admin->can('view', $data))->toBeTrue()
|
||
->and($owner->can('view', $data))->toBeTrue()
|
||
->and($stranger->can('view', $data))->toBeFalse();
|
||
});
|
||
|
||
it('аудитор не имеет прав на работу с ПДн (разделение обязанностей)', function () {
|
||
$auditor = User::factory()->create();
|
||
$auditor->assignRole('auditor');
|
||
|
||
$data = PersonalData::create(['last_name' => 'Кузнецов']);
|
||
|
||
expect($auditor->can('view', $data))->toBeFalse()
|
||
->and($auditor->hasPermissionTo('audit.view'))->toBeTrue();
|
||
});
|