modelWithPolicy('collections', ['permission:collections.delete']) ->loginAs(['collections.delete']) ->deleteJson(route("api.collections.destroy", $collection = $this->one(Collection::class))) ->assertOk(); $this->loginAsAdmin() ->getJson(route("api.collections.show", $collection)) ->assertNotFound(); } public function test_collection_restore_success() { $this->modelWithPolicy('collections', ['permission:collections.restore']) ->loginAsUser(['collections.restore']) ->deleteJson(route("api.collections.destroy", $collection = $this->trashed(Collection::class))) ->assertOk(); $this->loginAsAdmin() ->getJson(route("api.collections.show", $collection)) ->assertOk(); } public function test_collection_delete_forbidden() { $this->modelWithPolicy('collections', ['permission:collections.delete']) ->loginAs(['wrong.permission']) ->deleteJson(route("api.collections.destroy", $collection = $this->one(Collection::class))) ->assertForbidden(); } public function test_collection_restore_forbidden() { $this->modelWithPolicy('collections', ['permission:collections.restore']) ->loginAs(['wrong.permission']) ->deleteJson(route("api.collections.destroy", $collection = $this->trashed(Collection::class))) ->assertForbidden(); } public function test_collection_delete_notFound() { $this->loginAsAdmin() ->deleteJson(route("api.collections.destroy", 0)) ->assertNotFound(); } }