profile test passes now

2025-03-27 13:40:25 +00:00
parent a9b69d1a0e
commit a4f2dcf7fd
3 changed files with 34 additions and 1 deletions
--- a/app/Http/Controllers/Settings/ProfileController.php
+++ b/app/Http/Controllers/Settings/ProfileController.php
@@ -51,6 +51,14 @@ class ProfileController extends Controller

        $user = $request->user();

+        if ($user->ownedOrganisations()->count()) {
+            return back()->withErrors(['password' => __('You must delete or transfer your organisations before you can delete your account.')]);
+        }
+
+        if ($user->organisations()->count()) {
+            return back()->withErrors(['password' => __('You must leave your organisations before you can delete your account.')]);
+        }
+
        Auth::logout();

        $user->delete();
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -6,6 +6,8 @@ namespace App\Models;

 use App\Enums\OrganisationRole;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
+use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;

@@ -47,7 +49,12 @@ class User extends Authenticatable
        ];
    }

-    public function organisations()
+    public function ownedOrganisations(): HasMany
+    {
+        return $this->hasMany(Organisation::class, 'owner_id');
+    }
+
+    public function organisations(): BelongsToMany
    {
        return $this->belongsToMany(Organisation::class)
            ->withPivot('role')
--- a/tests/Feature/Settings/ProfileUpdateTest.php
+++ b/tests/Feature/Settings/ProfileUpdateTest.php
@@ -50,9 +50,27 @@ test('email verification status is unchanged when the email address is unchanged
    expect($user->refresh()->email_verified_at)->not->toBeNull();
 });

+test('user is prevented from deleting their account if they own organisations', function () {
+    $user = User::factory()->create();
+
+    $response = $this
+        ->actingAs($user)
+        ->delete('/settings/profile', [
+            'password' => 'password',
+        ]);
+
+    $response
+        ->assertSessionHasErrors('password');
+
+    expect($user->fresh())->not->toBeNull();
+});
+
 test('user can delete their account', function () {
    $user = User::factory()->create();

+    $user->ownedOrganisations()->delete();
+    $user->organisations()->delete();
+
    $response = $this
        ->actingAs($user)
        ->delete('/settings/profile', [