seed(RoleSeeder::class); $this->organisation = Organisation::factory()->create(); $this->volunteerCrowdType = CrowdType::factory()->systemType('VOLUNTEER')->create([ 'organisation_id' => $this->organisation->id, ]); $this->event = Event::factory()->create([ 'organisation_id' => $this->organisation->id, 'status' => 'registration_open', ]); $this->section = FestivalSection::factory()->create([ 'event_id' => $this->event->id, ]); $this->timeSlot = TimeSlot::factory()->create([ 'event_id' => $this->event->id, ]); } // ─── Anonymous Registration ───────────────────────────────────────── public function test_volunteer_can_register_with_all_fields(): void { $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Jan', 'last_name' => 'de Vries', 'email' => 'jan@voorbeeld.nl', 'phone' => '+31612345678', 'tshirt_size' => 'L', 'motivation' => 'Ik wil graag helpen bij dit festival!', 'availabilities' => [ ['time_slot_id' => $this->timeSlot->id, 'preference_level' => 5], ], ]); $response->assertStatus(201); $this->assertDatabaseHas('persons', [ 'email' => 'jan@voorbeeld.nl', 'event_id' => $this->event->id, 'status' => PersonStatus::PENDING->value, ]); } public function test_volunteer_can_register_with_minimal_fields(): void { $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Sophie', 'last_name' => 'Bakker', 'email' => 'sophie@voorbeeld.nl', ]); $response->assertStatus(201); $this->assertDatabaseHas('persons', [ 'email' => 'sophie@voorbeeld.nl', 'first_name' => 'Sophie', 'last_name' => 'Bakker', 'event_id' => $this->event->id, ]); } public function test_registration_resolves_to_parent_event(): void { $festival = Event::factory()->festival()->create([ 'organisation_id' => $this->organisation->id, 'status' => 'registration_open', ]); $subEvent = Event::factory()->subEvent($festival)->create([ 'status' => 'registration_open', ]); TimeSlot::factory()->create(['event_id' => $festival->id]); $response = $this->postJson("/api/v1/events/{$subEvent->id}/volunteer-register", [ 'first_name' => 'Pieter', 'last_name' => 'Jansen', 'email' => 'pieter@voorbeeld.nl', ]); $response->assertStatus(201); $this->assertDatabaseHas('persons', [ 'email' => 'pieter@voorbeeld.nl', 'event_id' => $festival->id, ]); } public function test_registration_syncs_availabilities(): void { $timeSlot2 = TimeSlot::factory()->create(['event_id' => $this->event->id]); $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Fleur', 'last_name' => 'Vermeer', 'email' => 'fleur@voorbeeld.nl', 'availabilities' => [ ['time_slot_id' => $this->timeSlot->id, 'preference_level' => 4], ['time_slot_id' => $timeSlot2->id, 'preference_level' => 2], ], ]); $response->assertStatus(201); $person = Person::where('email', 'fleur@voorbeeld.nl')->first(); $this->assertDatabaseHas('volunteer_availabilities', [ 'person_id' => $person->id, 'time_slot_id' => $this->timeSlot->id, 'preference_level' => 4, ]); $this->assertDatabaseHas('volunteer_availabilities', [ 'person_id' => $person->id, 'time_slot_id' => $timeSlot2->id, 'preference_level' => 2, ]); } public function test_registration_stores_custom_fields(): void { $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Daan', 'last_name' => 'Mulder', 'email' => 'daan@voorbeeld.nl', 'tshirt_size' => 'XL', 'motivation' => 'Ik vind festivals geweldig.', 'section_preferences' => [ ['section_name' => $this->section->name, 'priority' => 1], ], ]); $response->assertStatus(201); $person = Person::where('email', 'daan@voorbeeld.nl')->first(); $customFields = $person->custom_fields; $this->assertEquals('XL', $customFields['tshirt_size']); $this->assertEquals('Ik vind festivals geweldig.', $customFields['motivation']); $this->assertNotEmpty($customFields['section_preferences']); } public function test_volunteer_can_register_with_date_of_birth(): void { $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Mila', 'last_name' => 'de Boer', 'email' => 'mila@voorbeeld.nl', 'date_of_birth' => '1998-05-12', ]); $response->assertStatus(201); $person = Person::where('email', 'mila@voorbeeld.nl')->first(); $this->assertEquals('1998-05-12', $person->date_of_birth->format('Y-m-d')); } public function test_volunteer_can_register_without_date_of_birth(): void { $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Sem', 'last_name' => 'van Beek', 'email' => 'sem@voorbeeld.nl', ]); $response->assertStatus(201); $person = Person::where('email', 'sem@voorbeeld.nl')->first(); $this->assertNull($person->date_of_birth); } public function test_date_of_birth_must_be_before_today(): void { $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Tijn', 'last_name' => 'Kuiper', 'email' => 'tijn@voorbeeld.nl', 'date_of_birth' => now()->addDay()->format('Y-m-d'), ]); $response->assertStatus(422); $response->assertJsonValidationErrors('date_of_birth'); } public function test_duplicate_email_rejected(): void { $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Anna', 'last_name' => 'Smit', 'email' => 'anna@voorbeeld.nl', ]); $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Anna', 'last_name' => 'Smit', 'email' => 'anna@voorbeeld.nl', ]); $response->assertStatus(422); $response->assertJsonValidationErrors('email'); } public function test_rejected_person_can_reregister(): void { Person::factory()->rejected()->create([ 'event_id' => $this->event->id, 'crowd_type_id' => $this->volunteerCrowdType->id, 'email' => 'herkan@voorbeeld.nl', ]); $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Herkan', 'last_name' => 'Poging', 'email' => 'herkan@voorbeeld.nl', ]); $response->assertStatus(200); $this->assertDatabaseHas('persons', [ 'email' => 'herkan@voorbeeld.nl', 'status' => PersonStatus::PENDING->value, ]); } public function test_event_not_registration_open(): void { $draftEvent = Event::factory()->create([ 'organisation_id' => $this->organisation->id, 'status' => 'draft', ]); $response = $this->postJson("/api/v1/events/{$draftEvent->id}/volunteer-register", [ 'first_name' => 'Test', 'last_name' => 'Persoon', 'email' => 'test@voorbeeld.nl', ]); $response->assertStatus(422); } public function test_invalid_time_slot_rejected(): void { $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'first_name' => 'Bas', 'last_name' => 'van Dijk', 'email' => 'bas@voorbeeld.nl', 'availabilities' => [ ['time_slot_id' => '01JNONEXISTENT00000000000', 'preference_level' => 3], ], ]); $response->assertStatus(422); $response->assertJsonValidationErrors('availabilities.0.time_slot_id'); } // ─── Authenticated Registration ───────────────────────────────────── public function test_authenticated_user_registration(): void { $user = User::factory()->create([ 'first_name' => 'Lisa', 'last_name' => 'de Groot', 'email' => 'lisa@voorbeeld.nl', ]); $this->organisation->users()->attach($user, ['role' => 'org_member']); Sanctum::actingAs($user); $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", []); $response->assertStatus(201); $this->assertDatabaseHas('persons', [ 'email' => 'lisa@voorbeeld.nl', 'user_id' => $user->id, 'event_id' => $this->event->id, ]); } public function test_authenticated_ignores_request_email(): void { $user = User::factory()->create([ 'first_name' => 'Mark', 'last_name' => 'Visser', 'email' => 'mark@voorbeeld.nl', ]); $this->organisation->users()->attach($user, ['role' => 'org_member']); Sanctum::actingAs($user); $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", [ 'email' => 'nep@voorbeeld.nl', ]); $response->assertStatus(201); $person = Person::where('user_id', $user->id)->first(); $this->assertEquals('mark@voorbeeld.nl', $person->email); } public function test_authenticated_duplicate_rejected(): void { $user = User::factory()->create([ 'first_name' => 'Eva', 'last_name' => 'Hendriks', 'email' => 'eva@voorbeeld.nl', ]); $this->organisation->users()->attach($user, ['role' => 'org_member']); Sanctum::actingAs($user); $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", []); $response = $this->postJson("/api/v1/events/{$this->event->id}/volunteer-register", []); $response->assertStatus(422); $response->assertJsonValidationErrors('email'); } // ─── Portal Token Auth ────────────────────────────────────────────── public function test_missing_token_returns_error(): void { $response = $this->postJson('/api/v1/portal/token-auth', []); $response->assertStatus(422); $response->assertJsonValidationErrors('token'); } public function test_invalid_token_returns_401(): void { // artists table exists via migration, so an invalid token returns 401 $response = $this->postJson('/api/v1/portal/token-auth', [ 'token' => 'some-random-invalid-token', ]); $response->assertStatus(401); $response->assertJson(['message' => 'Invalid or expired portal token']); } public function test_token_auth_returns_501_when_no_tables(): void { // Drop the artists table to simulate no token tables existing Schema::dropIfExists('artists'); $response = $this->postJson('/api/v1/portal/token-auth', [ 'token' => '01JTEST000000000000000000', ]); $response->assertStatus(501); $response->assertJson(['message' => 'Token-based portal access is not yet available']); } // ─── Portal Me ────────────────────────────────────────────────────── public function test_authenticated_user_gets_person(): void { $user = User::factory()->create(['first_name' => 'Karin', 'last_name' => 'Bos']); $this->organisation->users()->attach($user, ['role' => 'org_member']); Person::factory()->create([ 'event_id' => $this->event->id, 'crowd_type_id' => $this->volunteerCrowdType->id, 'user_id' => $user->id, 'email' => $user->email, ]); Sanctum::actingAs($user); $response = $this->getJson("/api/v1/portal/me?event_id={$this->event->id}"); $response->assertStatus(200); $response->assertJsonPath('data.email', $user->email); } public function test_authenticated_user_no_person_returns_404(): void { $user = User::factory()->create(['first_name' => 'Tom', 'last_name' => 'Kuiper']); Sanctum::actingAs($user); $response = $this->getJson("/api/v1/portal/me?event_id={$this->event->id}"); $response->assertStatus(404); $response->assertJson(['message' => 'No registration found for this event']); } public function test_missing_event_id_returns_422(): void { $user = User::factory()->create(['first_name' => 'Sanne', 'last_name' => 'Bruin']); Sanctum::actingAs($user); $response = $this->getJson('/api/v1/portal/me'); $response->assertStatus(422); $response->assertJsonValidationErrors('event_id'); } public function test_unauthenticated_returns_401(): void { $response = $this->getJson("/api/v1/portal/me?event_id={$this->event->id}"); $response->assertStatus(401); } }