seed(RoleSeeder::class); } public function test_authenticated_user_can_get_profile(): void { $user = User::factory()->create(); $organisation = Organisation::factory()->create(); $organisation->users()->attach($user, ['role' => 'org_admin']); Sanctum::actingAs($user); $response = $this->getJson('/api/v1/auth/me'); $response->assertOk() ->assertJsonStructure([ 'success', 'data' => [ 'id', 'name', 'email', 'timezone', 'locale', 'organisations', 'app_roles', 'permissions', ], ]); $this->assertCount(1, $response->json('data.organisations')); } public function test_me_returns_app_roles_and_permissions(): void { $user = User::factory()->create(); $user->assignRole('super_admin'); Sanctum::actingAs($user); $response = $this->getJson('/api/v1/auth/me'); $response->assertOk(); $this->assertContains('super_admin', $response->json('data.app_roles')); $this->assertIsArray($response->json('data.permissions')); } public function test_unauthenticated_user_cannot_get_profile(): void { $response = $this->getJson('/api/v1/auth/me'); $response->assertUnauthorized(); } }