To test the integration of Spatie Permissions with Laravel Passport, you can follow these steps:
1. Set up the Test Environment
- Install the required packages:bash
composer require laravel/passport spatie/laravel-permission
- Publish the Passport and Spatie Permissions configurations:
bash
php artisan vendor:publish --provider="Laravel\Passport\PassportServiceProvider"
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"
- Run the migrations:
bash
php artisan migrate
2. Extend the Client Model
- Create a new `Client` model that extends the base `Client` model and uses the `HasRoles` trait from Spatie Permissions:php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Laravel\Passport\Client as BaseClient;
use Spatie\Permission\Traits\HasRoles;
class Client extends BaseClient
{
use HasRoles;
public $guard_name = 'api';
}
3. Configure the Client Model
- Update the `AuthServiceProvider` to use the extended `Client` model:php
namespace App\Providers;
use Illuminate\Support\Facades\Gate;
use Laravel\Passport\Passport;
use Spatie\Permission\PermissionRegistrar;
class AuthServiceProvider extends ServiceProvider
{
public function boot()
{
Passport::useClientModel(\App\Models\Client::class);
}
}
4. Create a Test Case
- Create a new test case that tests the integration of Spatie Permissions with Laravel Passport:php
namespace Tests\Feature;
use App\Models\Client;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Laravel\Passport\Passport;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
use Tests\TestCase;
class PassportPermissionsTest extends TestCase
{
use RefreshDatabase;
public function test_client_with_permission_can_access_protected_route()
{
// Create a client with the "admin" role
$client = Client::factory()->create();
$client->assignRole('admin');
// Create a permission and assign it to the "admin" role
$permission = Permission::create(['name' => 'access-protected-route']);
$client->getRole('admin')->givePermissionTo($permission);
// Authenticate the client and make a request to the protected route
Passport::actingAsClient($client, ['access-protected-route']);
$response = $this->get('/api/protected');
$response->assertStatus(200);
}
public function test_client_without_permission_cannot_access_protected_route()
{
// Create a client without any roles or permissions
$client = Client::factory()->create();
// Authenticate the client and make a request to the protected route
Passport::actingAsClient($client);
$response = $this->get('/api/protected');
$response->assertStatus(401);
}
}
5. Run the Tests
- Run the tests using the following command:bash
php artisan test
This test suite ensures that a client with the necessary permissions can access a protected route, while a client without the required permissions is denied access. You can customize the tests to fit your specific use case and requirements.
By following these steps, you can effectively test the integration of Spatie Permissions with Laravel Passport in your application.
Citations:[1] https://github.com/topics/laravel-passport?o=asc&s=stars
[2] https://spatie.be/docs/laravel-permission/v6/basic-usage/passport
[3] https://tenancyforlaravel.com/docs/v3/integrations/passport/
[4] https://kutia.net/making-laravel-passport-tenant-aware/
[5] https://laravel.com/docs/11.x/passport