more coverage

app/Actions/Statistics/Spaces.php

@@ -22,13 +22,13 @@ class Spaces
 	 */
 	public function getFullSpacePerUser(?int $owner_id = null): Collection
 	{
-		return DB::table('size_variants')
-			->join('photos', 'photos.id', '=', 'size_variants.photo_id')
-			->when($owner_id !== null, fn ($query) => $query->where('photos.owner_id', '=', $owner_id))
-			->join('user', 'photos.owner_id', '=', 'user.id')
+		return DB::table('users')
+			->when($owner_id !== null, fn ($query) => $query->where('users.id', '=', $owner_id))
+			->leftJoin('photos', 'photos.owner_id', '=', 'users.id')
+			->leftJoin('size_variants', 'size_variants.photo_id', '=', 'photos.id')
 			->select(
 				'username',
-				DB::raw('SUM(filesize) as size')
+				DB::raw('SUM(size_variants.filesize) as size')
 			)
 			->groupBy('username')
 			->get()

app/Http/Requests/Album/SetAlbumProtectionPolicyRequest.php

@@ -5,23 +5,38 @@
 use App\Contracts\Http\Requests\HasAbstractAlbum;
 use App\Contracts\Http\Requests\HasPassword;
 use App\Contracts\Http\Requests\RequestAttribute;
+use App\Contracts\Models\AbstractAlbum;
 use App\Http\Requests\BaseApiRequest;
-use App\Http\Requests\Traits\Authorize\AuthorizeCanEditAlbumTrait;
 use App\Http\Requests\Traits\HasAbstractAlbumTrait;
 use App\Http\Requests\Traits\HasPasswordTrait;
 use App\Http\Resources\Models\Utils\AlbumProtectionPolicy;
+use App\Policies\AlbumPolicy;
 use App\Rules\AlbumIDRule;
 use App\Rules\PasswordRule;
+use App\SmartAlbums\BaseSmartAlbum;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Gate;
 
 class SetAlbumProtectionPolicyRequest extends BaseApiRequest implements HasAbstractAlbum, HasPassword
 {
 	use HasAbstractAlbumTrait;
 	use HasPasswordTrait;
-	use AuthorizeCanEditAlbumTrait;
 
 	protected bool $isPasswordProvided;
 	protected AlbumProtectionPolicy $albumProtectionPolicy;
 
+	/**
+	 * {@inheritDoc}
+	 */
+	public function authorize(): bool
+	{
+		if ($this->album instanceof BaseSmartAlbum) {
+			return Auth::user()?->may_administrate === true;
+		}
+
+		return Gate::check(AlbumPolicy::CAN_EDIT, [AbstractAlbum::class, $this->album]);
+	}
+
 	/**
 	 * {@inheritDoc}
 	 */

app/Http/Requests/Statistics/SpacePerAlbumRequest.php

@@ -49,7 +49,7 @@ public function rules(): array
 	protected function processValidatedValues(array $values, array $files): void
 	{
 		/** @var string|null */
-		$albumID = $values[RequestAttribute::PARENT_ID_ATTRIBUTE] ?? null;
+		$albumID = $values[RequestAttribute::ALBUM_ID_ATTRIBUTE] ?? null;
 		$this->album = $albumID === null ? null : Album::query()->findOrFail($albumID);
 
 		// Filter only to user if user is not admin

resources/js/views/Diagnostics.vue

@@ -12,12 +12,10 @@
 
 		<template #end> </template>
 	</Toolbar>
-	<Panel>
-		<ErrorsDiagnotics />
-		<InfoDiagnostics v-if="user?.id" />
-		<SpaceDiagnostics v-if="user?.id" />
-		<ConfigurationsDiagnostics v-if="user?.id" />
-	</Panel>
+	<ErrorsDiagnotics />
+	<InfoDiagnostics v-if="user?.id" />
+	<SpaceDiagnostics v-if="user?.id" />
+	<ConfigurationsDiagnostics v-if="user?.id" />
 </template>
 <script setup lang="ts">
 import Toolbar from "primevue/toolbar";

tests/Feature_v2/Album/AlbumListTest.php

@@ -0,0 +1,34 @@
+<?php
+
+/**
+ * We don't care for unhandled exceptions in tests.
+ * It is the nature of a test to throw an exception.
+ * Without this suppression we had 100+ Linter warning in this file which
+ * don't help anything.
+ *
+ * @noinspection PhpDocMissingThrowsInspection
+ * @noinspection PhpUnhandledExceptionInspection
+ */
+
+namespace Tests\Feature_v2\Album;
+
+use Tests\Feature_v2\Base\BaseApiV2Test;
+
+class AlbumListTest extends BaseApiV2Test
+{
+	public function testListTargetAlbumUnauthorizedForbidden(): void
+	{
+		$response = $this->getJson('Album::getTargetListAlbums?album_id=' . $this->album1->id);
+		$this->assertUnauthorized($response);
+
+		$response = $this->actingAs($this->userLocked)->getJson('Album::getTargetListAlbums?album_id=' . $this->album1->id);
+		$this->assertForbidden($response);
+	}
+
+	public function testListTargetAlbumAuthorizedOwner(): void
+	{
+		$response = $this->actingAs($this->admin)->getJson('Album::getTargetListAlbums?album_id=' . $this->album1->id);
+		$this->assertOk($response);
+		$response->assertDontSee($this->subAlbum1->id);
+	}
+}

tests/Feature_v2/Album/AlbumUpdateTest.php

@@ -148,6 +148,16 @@ public function testUpdateProtectionPolicyUnauthorizedForbidden(): void
 			'grants_full_photo_access' => false,
 		]);
 		$this->assertForbidden($response);
+
+		$response = $this->actingAs($this->userMayUpload1)->postJson('Album::updateProtectionPolicy', [
+			'album_id' => 'unsorted',
+			'is_public' => true,
+			'is_link_required' => false,
+			'is_nsfw' => false,
+			'grants_download' => false,
+			'grants_full_photo_access' => false,
+		]);
+		$this->assertForbidden($response);
 	}
 
 	public function testUpdateProtectionPolicyAuthorized(): void
@@ -171,6 +181,26 @@ public function testUpdateProtectionPolicyAuthorized(): void
 			'grants_full_photo_access' => false,
 		]);
 
+		$response = $this->actingAs($this->admin)->postJson('Album::updateProtectionPolicy', [
+			'album_id' => 'unsorted',
+			'is_public' => true,
+			'is_link_required' => false,
+			'is_nsfw' => false,
+			'grants_download' => false,
+			'grants_full_photo_access' => false,
+		]);
+		$this->assertCreated($response);
+
+		$response = $this->actingAs($this->admin)->postJson('Album::updateProtectionPolicy', [
+			'album_id' => 'unsorted',
+			'is_public' => false,
+			'is_link_required' => false,
+			'is_nsfw' => false,
+			'grants_download' => false,
+			'grants_full_photo_access' => false,
+		]);
+		$this->assertCreated($response);
+
 		// Logout.
 		$response = $this->postJson('Auth::logout', []);
 		$this->assertNoContent($response);

tests/Feature_v2/Statistics/AlbumSpaceTest.php

@@ -0,0 +1,45 @@
+<?php
+
+/**
+ * We don't care for unhandled exceptions in tests.
+ * It is the nature of a test to throw an exception.
+ * Without this suppression we had 100+ Linter warning in this file which
+ * don't help anything.
+ *
+ * @noinspection PhpDocMissingThrowsInspection
+ * @noinspection PhpUnhandledExceptionInspection
+ */
+// Route::get('/Statistics::albumSpace', [StatisticsController::class, 'getSpacePerAlbum'])->middleware(['support:se']);
+// Route::get('/Statistics::totalAlbumSpace', [StatisticsController::class, 'getTotalSpacePerAlbum'])->middleware(['support:se']);
+
+namespace Tests\Feature_v2\Statistics;
+
+use LycheeVerify\Http\Middleware\VerifySupporterStatus;
+use Tests\Feature_v2\Base\BaseApiV2Test;
+
+class AlbumSpaceTest extends BaseApiV2Test
+{
+	public function testAlbumSpaceTestUnauthorized(): void
+	{
+		$response = $this->getJson('Statistics::albumSpace');
+		$this->assertSupporterRequired($response);
+
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->getJson('Statistics::albumSpace');
+		$this->assertUnauthorized($response);
+
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->actingAs($this->userMayUpload1)->getJson('Statistics::albumSpace');
+		$this->assertForbidden($response);
+	}
+
+	public function testAlbumSpaceTestAuthorized(): void
+	{
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->actingAs($this->userMayUpload1)->getJson('Statistics::albumSpace?album_id=' . $this->album1->id);
+		$this->assertOk($response);
+		$this->assertCount(1, $response->json());
+		$this->assertEquals($this->album1->title, $response->json()[0]['title']);
+
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->actingAs($this->admin)->getJson('Statistics::albumSpace');
+		$this->assertOk($response);
+		$this->assertCount(7, $response->json());
+	}
+}

tests/Feature_v2/Statistics/SizeVariantSpaceTest.php

@@ -0,0 +1,47 @@
+<?php
+
+/**
+ * We don't care for unhandled exceptions in tests.
+ * It is the nature of a test to throw an exception.
+ * Without this suppression we had 100+ Linter warning in this file which
+ * don't help anything.
+ *
+ * @noinspection PhpDocMissingThrowsInspection
+ * @noinspection PhpUnhandledExceptionInspection
+ */
+// Route::get('/Statistics::userSpace', [StatisticsController::class, 'getSpacePerUser'])->middleware(['support:se']);
+// Route::get('/Statistics::sizeVariantSpace', [StatisticsController::class, 'getSpacePerSizeVariantType'])->middleware(['support:se']);
+// Route::get('/Statistics::albumSpace', [StatisticsController::class, 'getSpacePerAlbum'])->middleware(['support:se']);
+// Route::get('/Statistics::totalAlbumSpace', [StatisticsController::class, 'getTotalSpacePerAlbum'])->middleware(['support:se']);
+
+namespace Tests\Feature_v2\Statistics;
+
+use App\Enum\SizeVariantType;
+use LycheeVerify\Http\Middleware\VerifySupporterStatus;
+use Tests\Feature_v2\Base\BaseApiV2Test;
+
+class SizeVariantSpaceTest extends BaseApiV2Test
+{
+	public function testSizeVariantSpaceUnauthorized(): void
+	{
+		$response = $this->getJson('Statistics::sizeVariantSpace');
+		$this->assertSupporterRequired($response);
+
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->getJson('Statistics::sizeVariantSpace');
+		$this->assertUnauthorized($response);
+	}
+
+	public function testSizeVariantSpaceAuthorized(): void
+	{
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->actingAs($this->userMayUpload1)->getJson('Statistics::sizeVariantSpace');
+		$this->assertOk($response);
+		$this->assertCount(7, $response->json());
+		$this->assertEquals(SizeVariantType::ORIGINAL->value, $response->json()[0]['type']);
+		$this->assertEquals(SizeVariantType::MEDIUM2X->value, $response->json()[1]['type']);
+		$this->assertEquals(SizeVariantType::MEDIUM->value, $response->json()[2]['type']);
+		$this->assertEquals(SizeVariantType::SMALL2X->value, $response->json()[3]['type']);
+		$this->assertEquals(SizeVariantType::SMALL->value, $response->json()[4]['type']);
+		$this->assertEquals(SizeVariantType::THUMB2X->value, $response->json()[5]['type']);
+		$this->assertEquals(SizeVariantType::THUMB->value, $response->json()[6]['type']);
+	}
+}

tests/Feature_v2/Statistics/TotalAlbumSpaceTest.php

@@ -0,0 +1,43 @@
+<?php
+
+/**
+ * We don't care for unhandled exceptions in tests.
+ * It is the nature of a test to throw an exception.
+ * Without this suppression we had 100+ Linter warning in this file which
+ * don't help anything.
+ *
+ * @noinspection PhpDocMissingThrowsInspection
+ * @noinspection PhpUnhandledExceptionInspection
+ */
+
+namespace Tests\Feature_v2\Statistics;
+
+use LycheeVerify\Http\Middleware\VerifySupporterStatus;
+use Tests\Feature_v2\Base\BaseApiV2Test;
+
+class TotalAlbumSpaceTest extends BaseApiV2Test
+{
+	public function testTotalAlbumSpaceTestUnauthorized(): void
+	{
+		$response = $this->getJson('Statistics::totalAlbumSpace');
+		$this->assertSupporterRequired($response);
+
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->getJson('Statistics::totalAlbumSpace');
+		$this->assertUnauthorized($response);
+
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->actingAs($this->userMayUpload1)->getJson('Statistics::totalAlbumSpace');
+		$this->assertForbidden($response);
+	}
+
+	public function testTotalAlbumSpaceTestAuthorized(): void
+	{
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->actingAs($this->userMayUpload1)->getJson('Statistics::totalAlbumSpace?album_id=' . $this->album1->id);
+		$this->assertOk($response);
+		$this->assertCount(1, $response->json());
+		$this->assertEquals($this->album1->title, $response->json()[0]['title']);
+
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->actingAs($this->admin)->getJson('Statistics::totalAlbumSpace');
+		$this->assertOk($response);
+		$this->assertCount(7, $response->json());
+	}
+}

tests/Feature_v2/Statistics/UserSpaceTest.php

@@ -0,0 +1,44 @@
+<?php
+
+/**
+ * We don't care for unhandled exceptions in tests.
+ * It is the nature of a test to throw an exception.
+ * Without this suppression we had 100+ Linter warning in this file which
+ * don't help anything.
+ *
+ * @noinspection PhpDocMissingThrowsInspection
+ * @noinspection PhpUnhandledExceptionInspection
+ */
+
+namespace Tests\Feature_v2\Statistics;
+
+use LycheeVerify\Http\Middleware\VerifySupporterStatus;
+use Tests\Feature_v2\Base\BaseApiV2Test;
+
+class UserSpaceTest extends BaseApiV2Test
+{
+	public function testUserSpaceUnauthorized(): void
+	{
+		$response = $this->getJson('Statistics::userSpace');
+		$this->assertSupporterRequired($response);
+
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->getJson('Statistics::userSpace');
+		$this->assertUnauthorized($response);
+	}
+
+	public function testUserSpaceAuthorized(): void
+	{
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->actingAs($this->userMayUpload1)->getJson('Statistics::userSpace');
+		$this->assertOk($response);
+		$this->assertCount(1, $response->json());
+		$this->assertEquals($this->userMayUpload1->username(), $response->json()[0]['username']);
+	}
+
+	public function testUserSpaceAdmin(): void
+	{
+		$response = $this->withoutMiddleware(VerifySupporterStatus::class)->actingAs($this->admin)->getJson('Statistics::userSpace');
+		$this->assertOk($response);
+		// We have 5 registered users during the tests.
+		$this->assertCount(5, $response->json());
+	}
+}

tests/Traits/CatchFailures.php

@@ -123,6 +123,16 @@ protected function assertUnauthorized(TestResponse $response): void
 		$this->assertStatus($response, 401);
 	}
 
+	/**
+	 * @param TestResponse<\Illuminate\Http\JsonResponse> $response
+	 *
+	 * @return void
+	 */
+	protected function assertSupporterRequired(TestResponse $response): void
+	{
+		$this->assertStatus($response, 402);
+	}
+
 	/**
 	 * @param TestResponse<\Illuminate\Http\JsonResponse> $response
 	 *