postJson('/api/admin/register', [ 'name' => 'Evil Admin', 'email' => 'evil@example.com', 'password' => 'password123', 'password_confirmation' => 'password123', ]); $response->assertStatus(404); $this->assertDatabaseMissing('users', ['email' => 'evil@example.com']); $this->assertDatabaseMissing('users', ['email' => 'evil@example.com', 'role' => 'admin']); } // ── artisan command 為唯一建立途徑 ─────────────────────── public function test_create_admin_command_creates_admin_with_profile(): void { $this->artisan('app:create-admin', [ 'name' => 'Ops Admin', 'email' => 'ops@example.com', '--password' => 'StrongPass99', ])->assertSuccessful(); $this->assertDatabaseHas('users', [ 'email' => 'ops@example.com', 'role' => 'admin', ]); $admin = User::where('email', 'ops@example.com')->first(); $this->assertDatabaseHas('admin_profiles', ['user_id' => $admin->id]); } public function test_create_admin_command_rejects_duplicate_email(): void { User::factory()->create(['email' => 'exists@example.com']); $this->artisan('app:create-admin', [ 'name' => 'Dup Admin', 'email' => 'exists@example.com', '--password' => 'StrongPass99', ])->assertFailed(); $this->assertDatabaseMissing('users', [ 'email' => 'exists@example.com', 'role' => 'admin', ]); } public function test_create_admin_command_rejects_weak_password(): void { $this->artisan('app:create-admin', [ 'name' => 'Weak Admin', 'email' => 'weak@example.com', '--password' => 'short', ])->assertFailed(); $this->assertDatabaseMissing('users', ['email' => 'weak@example.com']); } }