aa

2026-03-23 15:35:21 +01:00
parent f0002ae7cb
commit 8a42a3dde4
1 changed files with 62 additions and 0 deletions
--- a/tests/Controller/AccountControllerTest.php
+++ b/tests/Controller/AccountControllerTest.php
@@ -16,6 +16,68 @@ class AccountControllerTest extends WebTestCase
        self::assertResponseRedirects();
    }

+    public function testEventQrCodeAccessAndResponse(): void
+    {
+        $client = static::createClient();
+        $em = static::getContainer()->get(EntityManagerInterface::class);
+
+        // 1. Setup Organizer and their Event
+        $user = $this->createUser(['ROLE_ORGANIZER'], true);
+        $event = $this->createEvent($em, $user);
+        $event->setSlug('test-event-slug');
+        $em->flush();
+
+        // 2. Authenticate
+        $client->loginUser($user);
+
+        // 3. Request the QR Code
+        $client->request('GET', '/mon-compte/evenement/' . $event->getId() . '/qrcode');
+
+        // 4. Assertions for Successful Response
+        self::assertResponseIsSuccessful();
+        self::assertResponseHeaderSame('Content-Type', 'image/png');
+        self::assertResponseHeaderSame(
+            'Content-Disposition',
+            'attachment; filename="qrcode-test-event-slug.png"'
+        );
+
+        // 5. Verify the content is a valid PNG binary (Magic numbers: \x89PNG)
+        $content = $client->getResponse()->getContent();
+        self::assertStringStartsWith("\x89PNG", $content);
+    }
+
+    public function testEventQrCodeDeniedForOtherOrganizer(): void
+    {
+        $client = static::createClient();
+        $em = static::getContainer()->get(EntityManagerInterface::class);
+
+        $owner = $this->createUser(['ROLE_ORGANIZER'], true);
+        $other = $this->createUser(['ROLE_ORGANIZER'], true);
+        $event = $this->createEvent($em, $owner);
+
+        $client->loginUser($other);
+        $client->request('GET', '/mon-compte/evenement/' . $event->getId() . '/qrcode');
+
+        // Access denied because the event belongs to $owner, not $other
+        self::assertResponseStatusCodeSame(403);
+    }
+
+    public function testEventQrCodeDeniedForSimpleUser(): void
+    {
+        $client = static::createClient();
+        $em = static::getContainer()->get(EntityManagerInterface::class);
+
+        $owner = $this->createUser(['ROLE_ORGANIZER'], true);
+        $simpleUser = $this->createUser(['ROLE_USER'], false);
+        $event = $this->createEvent($em, $owner);
+
+        $client->loginUser($simpleUser);
+        $client->request('GET', '/mon-compte/evenement/' . $event->getId() . '/qrcode');
+
+        // Denied because ROLE_ORGANIZER is required
+        self::assertResponseStatusCodeSame(403);
+    }
+
    public function testAccountReturnsSuccessWhenAuthenticated(): void
    {
        $client = static::createClient();