From 85ce47f5bbfb54713e9d203e91d732b97cac1aab Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Thu, 27 Jun 2024 14:21:27 +0100
Subject: [PATCH] Updated tests

Signed-off-by: snipe <snipe@snipe.net>
---
 tests/Feature/Users/Api/UpdateUserTest.php | 45 +++++++++++++++++-----
 1 file changed, 36 insertions(+), 9 deletions(-)

diff --git a/tests/Feature/Users/Api/UpdateUserTest.php b/tests/Feature/Users/Api/UpdateUserTest.php
index 020bb9a07..1c66bbdda 100644
--- a/tests/Feature/Users/Api/UpdateUserTest.php
+++ b/tests/Feature/Users/Api/UpdateUserTest.php
@@ -153,47 +153,74 @@ class UpdateUserTest extends TestCase
         // Admin for Company A should allow updating user from Company A
         $this->actingAsForApi($adminA)
             ->patchJson(route('api.users.update', $scoped_user_in_companyA))
-            ->assertStatus(200);
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('success')
+            ->json();
 
         // Admin for Company A should get denied updating user from Company B
         $this->actingAsForApi($adminA)
             ->patchJson(route('api.users.update', $scoped_user_in_companyB))
-            ->assertStatus(403);
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
 
         // Admin for Company A should get denied updating user without a company
         $this->actingAsForApi($adminA)
             ->patchJson(route('api.users.update', $scoped_user_in_no_company))
-            ->assertStatus(403);
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
 
         // Admin for Company B should allow updating user from Company B
         $this->actingAsForApi($adminB)
             ->patchJson(route('api.users.update', $scoped_user_in_companyB))
-            ->assertStatus(200);
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('success')
+            ->json();
 
         // Admin for Company B should get denied updating user from Company A
         $this->actingAsForApi($adminB)
             ->patchJson(route('api.users.update', $scoped_user_in_companyA))
-            ->assertStatus(403);
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
 
         // Admin for Company B should get denied updating user without a company
         $this->actingAsForApi($adminB)
             ->patchJson(route('api.users.update', $scoped_user_in_no_company))
-            ->assertStatus(403);
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
 
         // Admin without a company should allow updating user without a company
         $this->actingAsForApi($adminNoCompany)
             ->patchJson(route('api.users.update', $scoped_user_in_no_company))
-            ->assertStatus(200);
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('success')
+            ->json();
 
         // Admin without a company should get denied updating user from Company A
         $this->actingAsForApi($adminNoCompany)
             ->patchJson(route('api.users.update', $scoped_user_in_companyA))
-            ->assertStatus(403);
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
 
         // Admin without a company should get denied updating user from Company B
         $this->actingAsForApi($adminNoCompany)
             ->patchJson(route('api.users.update', $scoped_user_in_companyB))
-            ->assertStatus(403);
+            ->assertOk()
+            ->assertStatus(200)
+            ->assertStatusMessageIs('error')
+            ->json();
     }
 
     public function testUserGroupsAreOnlyUpdatedIfAuthenticatedUserIsSuperUser()