Files
CFDivePlatform/tests/Feature/ProviderVerificationTest.php
T
a620906209 43720482c4
Run Tests / test (pull_request) Successful in 2m3s
feat(verification): 教練審核流程完整版——狀態機/證照送審/Admin 裁決/通知
實作 openspec change provider-verification-workflow(25/25 tasks):
- is_verified 升級為 verification_status 四狀態機(unsubmitted/pending/
  approved/rejected),migration 自動轉換既有資料,API 以 accessor 保留
  is_verified 相容輸出
- 教練端:證照上傳(≤3 張、複用 CompressesImages)、送審、駁回原因
  顯示與重送(/coach/verification 新頁面)
- Admin 端:審核佇列、通過/駁回(原因必填)、撤銷 approved;移除
  toggle-verified 端點(防繞過狀態機);裁決後 flush 課程快取
- 通知:審核通過/駁回(站內+Email,駁回含原因)
- 可見性與預約入口改判 approved(行為等價)
- 測試 +18(ProviderVerificationTest 10、AdminVerificationTest 8),
  既有 4 個測試檔 helper 遷移;Swagger 同步
- 規格同步:provider-verification 全面改寫、admin-user-management
  toggle 段落改為移除聲明

容器內全套件 173 passed / 439 assertions。

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-12 00:26:12 +08:00

164 lines
5.8 KiB
PHP

<?php
namespace Tests\Feature;
use App\Models\ProviderCertification;
use App\Models\ProviderProfile;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Http\UploadedFile;
use Illuminate\Support\Facades\Storage;
use Tests\TestCase;
/**
* 教練端驗證申請流程(provider-verification 規格)。
*
* 證照是 Admin 的審核依據:pending/approved 期間若可變更,
* 等於審核通過後可抽換證照,狀態機與鎖定規則是審核公信力的基礎。
*/
class ProviderVerificationTest extends TestCase
{
use RefreshDatabase;
private function makeProvider(string $status = 'unsubmitted'): User
{
$provider = User::factory()->create(['role' => 'provider']);
ProviderProfile::create(['user_id' => $provider->id, 'verification_status' => $status]);
return $provider;
}
private function addCertification(User $provider): ProviderCertification
{
return ProviderCertification::create([
'user_id' => $provider->id,
'image_path' => "providers/{$provider->id}/certifications/test.jpg",
]);
}
// ── 查詢 ─────────────────────────────────────────────────
public function test_provider_can_view_own_verification_state(): void
{
$provider = $this->makeProvider('rejected');
$provider->providerProfile->update(['rejection_reason' => '證照不清晰']);
$this->addCertification($provider);
$this->actingAs($provider)->getJson('/api/provider/verification')
->assertOk()
->assertJsonPath('data.verification_status', 'rejected')
->assertJsonPath('data.rejection_reason', '證照不清晰')
->assertJsonCount(1, 'data.certifications');
}
// ── 證照上傳與鎖定 ───────────────────────────────────────
public function test_unsubmitted_provider_can_upload_certification(): void
{
Storage::fake('public');
$provider = $this->makeProvider();
$this->actingAs($provider)
->postJson('/api/provider/verification/certifications', [
'image' => UploadedFile::fake()->image('cert.jpg', 800, 600),
])->assertStatus(201);
$this->assertSame(1, $provider->providerCertifications()->count());
}
public function test_certification_limit_is_three(): void
{
Storage::fake('public');
$provider = $this->makeProvider();
foreach (range(1, 3) as $i) {
$this->addCertification($provider);
}
$this->actingAs($provider)
->postJson('/api/provider/verification/certifications', [
'image' => UploadedFile::fake()->image('cert4.jpg', 800, 600),
])->assertStatus(422);
}
public function test_certifications_are_locked_while_pending(): void
{
Storage::fake('public');
$provider = $this->makeProvider('pending');
$cert = $this->addCertification($provider);
$this->actingAs($provider)
->postJson('/api/provider/verification/certifications', [
'image' => UploadedFile::fake()->image('late.jpg', 800, 600),
])->assertStatus(422);
$this->actingAs($provider)
->deleteJson("/api/provider/verification/certifications/{$cert->id}")
->assertStatus(422);
}
public function test_provider_cannot_delete_others_certification(): void
{
$owner = $this->makeProvider();
$cert = $this->addCertification($owner);
$intruder = $this->makeProvider();
$this->actingAs($intruder)
->deleteJson("/api/provider/verification/certifications/{$cert->id}")
->assertStatus(403);
}
// ── 送審狀態機 ───────────────────────────────────────────
public function test_submit_requires_at_least_one_certification(): void
{
$provider = $this->makeProvider();
$this->actingAs($provider)
->postJson('/api/provider/verification/submit')
->assertStatus(422);
$this->assertSame('unsubmitted', $provider->providerProfile->fresh()->verification_status->value);
}
public function test_submit_moves_unsubmitted_to_pending(): void
{
$provider = $this->makeProvider();
$this->addCertification($provider);
$this->actingAs($provider)
->postJson('/api/provider/verification/submit')
->assertOk();
$this->assertSame('pending', $provider->providerProfile->fresh()->verification_status->value);
}
public function test_rejected_provider_can_resubmit_and_reason_is_cleared(): void
{
$provider = $this->makeProvider('rejected');
$provider->providerProfile->update(['rejection_reason' => '證照過期']);
$this->addCertification($provider);
$this->actingAs($provider)
->postJson('/api/provider/verification/submit')
->assertOk();
$profile = $provider->providerProfile->fresh();
$this->assertSame('pending', $profile->verification_status->value);
$this->assertNull($profile->rejection_reason);
}
public function test_pending_or_approved_provider_cannot_submit_again(): void
{
foreach (['pending', 'approved'] as $status) {
$provider = $this->makeProvider($status);
$this->addCertification($provider);
$this->actingAs($provider)
->postJson('/api/provider/verification/submit')
->assertStatus(422);
$this->assertSame($status, $provider->providerProfile->fresh()->verification_status->value);
}
}
}