DEV Community: Martin Betz

How to use AlpineJS with Laravel Mix

Martin Betz — Thu, 09 Jul 2020 00:22:25 +0000

This is another thing I do over and over and tend to forget how to properly do it: How can I use AlpineJS with Laravel Mix?

AlpineJS is a great lightweight library to sprinkle some interactivity into your website. I struggled a lot in the past with the question: "Do I really need to learn VueJS to get a simple dropdown account menu?" With AlpineJS, this is super simple to do.

If you want to use AlpineJS within your Laravel app, you can of course simply use the CDN version (<script src="https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.3.5/dist/alpine.min.js" defer></script>), but when I use other scripts as well, I prefer to have it bundled to one file to reduce requests.

Here's how to use AlpineJS with Laravel Mix:

npm install alpinejs
(in resources/js/app.js) Add the line import 'alpinejs';
(in webpack.mix.js) Make sure mix.js('resources/js/app.js', 'public/js') is there
npm run dev (or production or watch instead of dev)
(in the Blade file where you want to use Alpine) Insert <script src="{{ asset('js/app.js') }}" defer></script> in the <head> section
Use Alpine as described in the docs, such as the following account dropdown

<div x-data="{ open: false }">
    <button @click="open = true">Open Dropdown</button>

    <ul
        x-show="open"
        @click.away="open = false"
    >
        Dropdown Body
    </ul>
</div>

Laravel Forms 101

Martin Betz — Wed, 08 Jul 2020 01:21:14 +0000

I need to admit, I always have to look up how forms work in Laravel. So consider this blog post a quick overview – and a cheatsheet for myself in several months.

Here is how a simple form with one input field, say a fullname, and server-side validation looks like. I will annotate every line. I use TailwindCSS together with the form plugin to get a decent UI with minimal extra markup.

<!-- Blade, e.g. welcome.blade.php -->
<form action="{{ route('form.submit') }}" method="POST" class="space-y-4">
        @csrf

        <div>
            @error('fullname')
            <div class="text-red-500">{{ $message }}</div>
            @enderror

            <label for="fullname">Fullname</label>
            <input type="text" name="fullname" value="{{ old('fullname') ?? '' }}" class="form-input">

        </div>

        <div>

            <button type="submit">Submit</button>

        </div>

    </form>

L1: action="{{ route('form.submit') }}" - I use named routes to stay flexible
L1: method="POST" - you can set GET and POST directly in the <form> tag, for PUT/PATCH/DELETE you would need to add a @method('PUT') helper in the form
L2: @csrf this is to protect your app from submission abuse, if you forget it, you get a 419 error (I often forget it…)
L3: Wrap each form element in a <div> to style it later (I actually just use space-y-4 on the form so there will be vertical space between every element on the form…
L4: @error('fullname') you can display an error for the field with the name fullname if it exists
L5: {{ $message }} - I often try and fail with {{ $error }} first, but a good hint is that it's about the error's message…
L7: <label for="fullname">Fullname</label> Use the name of the field and a text and put it before the field
L8: name="fullname", name is what matters to Laravel, not id. As MDN defines: "Name of the input form control. Submitted with the form as part of a name/value pair."
L8: value="{{ old('fullname') ?? '' }}" - this will get the old input if your previous submission did not validate properly and will stay empty if it's a fresh attempt. The ?? is called null-coalescing-operator and translates to "If there is an old value, use it, if not, use an empty string"
L11: <button type="submit"> - I always use a <button> for submission and not <input type="submit"> because I can put and style content in the buttons body (opposed to only value="Submit" on the input)

To get your form working, you need to catch the submission. Here's the code for that with some basic validation:

// routes/web.php
<?php

use Illuminate\Support\Facades\Route;
use Illuminate\Http\Request;

Route::get('/', function () {
    return view('welcome');
});

Route::post('/submit', function (Request $request) {
    $request->validate([
        'fullname' => 'required|alpha|min:3',
    ]);

    return 'Submission allowed';
})->name('form.submit');

L3: use Illuminate\Support\Facades\Route; - this is the right import for Routes (your editor might help you with the import)
L4: use Illuminate\Http\Request; - this is the only right import for a request (editor might help)
L8: Route::post('/submit', function (Request $request) { … } this is how you pass the request to this route callback function
L9: $request->validate([array]) the array holds the criteria to check the submitted fields
L10: 'fullname' => 'required|alpha, so the pipe (|) is the easiest way to separate multiple validations for a field, not , or ;
L13: ->name('form.submit') - this is how to give your route a name that you can then use with {{ route('form.submit') }} in your Blade files

Quick setup Laravel (with Tailwind scaffold)

Martin Betz — Tue, 30 Jun 2020 06:21:07 +0000

I often install a fresh Laravel app to test a new package or replicate the setup for a tutorial. This is the fastest way to get a vanilla Laravel with Auth and Tailwind. The first step is only required if you have not installed the Laravel installer before ($ means that you have to enter that to your terminal):

($ composer global require laravel/installer)
$ laravel new project
$ cd project && code . (opens in VSCode)
Open .env
Change DB_CONNECTION=mysql to DB_CONNECTION=sqlite
Remove all lines not needed for SQLite: DB_HOST, DB_PORT, DB_DATABASE, DB_USERNAME and DB_PASSWORD
$ touch database/database.sqlite to create the SQLite database
$ composer require laravel-frontend-presets/tailwindcss --dev
$ php artisan ui tailwindcss --auth to scaffold Tailwind frontend
$ npm install && npm run dev to install the frontend
$ php artisan migrate to migrate the database
$ valet open or $ php artisan serve to open the site

Source: https://twitter.com/Martin_Betz/status/1256610649716723716

P.S. If you want to automate the installation and add Git and some more, you might find Tighten Co's Lambo useful.

Lessons Learnt: Confident Laravel

Martin Betz — Mon, 08 Jun 2020 00:00:00 +0000

I took the course Confident Laravel when I was on vacation. It is suitable for total testing beginners.

Here are my takeaways in the format of question and answer. They are sorted by occurence in the course but you can use whatever you need for your application and testing – not everything is related to testing:

How to create a basic PHPUnit test (= extend test case)?

class PHPUnit extends TestCase
{
  public function testAssertions() 
  {
    $this->assertTrue(true);
  }
}

What are the testing definitions?

What is $subject in our tests??
- The thing we want to test
What is $expected?
- The result we expect!
What is $actual?
- Result we actually get
What is the difference between $expected and $actual?
- $expected is hardcoded, you just enter a number, a string, a result
- $actual is a method that returns the actual result

What is the order of loading test settings

.env
.env.testing
phpunit.xml
system environment variables

How to make stuff available to all tests?

Add it to tests/TestCase.php

When and why should I use `PHPUnit\Framework\TestCase` directly?

When Laravel tests features are not needed
May boost speed when 1000s of tests

How to structure tests in the `feature` folder?

Just mimic the app folder

How to name Dusk (= BDD) tests?

Give it the name of the feature you test, i.e. GithubLinksTest
No need to mimic the folder structure of your app

How to customize Dusk's settings?

Create .env.dusk.local
Make your Dusk specific settings

How to generate tests with subfolders?

php artisan make:test Http/Controllers/HomeControllerTest
No leading app
No trailing .php

How to name factories?

ModelnameFactory
e.g. UserFactory (php artisan make:factory UserFactory)

public function() {
  return $this;

}

How to filter `php artisan route:list` for entries containing `invoice`?

php artisan route:list --name invoice

How to test whether the right view gets loaded?

$this->assertViewIs('invoice.create')

What is the happy path?

Testing when the subject is working as expected

How to check in controller if column `expired` with timestamp is not set?

Model::whereNull('expired')->get()

How to put sth like a coupon in the session cookie?

$request->session()->put('name', 'value')

How to name general controller tests?

it_does_this_and_that()
e.g. it_stores_coupon_and_redirects()

How to check whether data exists in a session?

$response->assertSessionHas('key', 'value');

How to get the full error message in Laravel tests?

$this->withoutExceptionHandling(); in test method

How many sad paths should you test?

Enough to feel confident
There are potentially unlimited sad paths

How to assert that sth is not in a session?

$this->assertSessionMissing('key', 'value');

What's the running order in a test?

Arrange
$response = $this->get(route('name'));
$response->assert…();

How to mark test incomplete so it gets skipped when running the test suite?

$this->markTestIncomplete();

How to test that user is logged in (and not redirected)?

$this->assertAuthenticatedAs($user);
Do not assert on $response but on global state $this

How to assert that a view has a variable `now_playing` with value `1`?

$response->assertViewHas('now_playing', 1);

How to fake a heading or title?

$faker->sentence or $faker->word(3, true)
Use true as 2nd argument in $faker->word to get words, otherwise you get an array

How to fake an ID?

$faker->md5

How to assert the model data you already have in your test?

Goal: Refresh user record, because it go changed
Not using: $this->assertDatabaseHas()
$user->refresh();
Assert properties of model
Example: $this->assertEquals(1, $user->last_viewed_vidoe_id)

How to add `$faker` to your test?

Add use WithFaker; trait to your test class

How to create a password hash?

Hash::make('STRING')

How to assert two hashes?

NOT: $this->assertEquals(Hash::make($password, $user->password);
BUT: $this->assertTrue(Hash::check($password, $user->password);

What is the difference between asserting `Hash::check()` and hardcoding a password value?

Hash:check: tie test to the implementation of the HASH function
Hardcoding: Setting a sample value is more flexible but also more error prone

How to check if session contains error 'name'?

$response->assertSessionHasErrors('name');

Why do form requests not auto redirect back and how to work around that?

They send referrer URL
These are fresh with every request => no history available
Instead: Set the referrer URL manually in the setup
$this->from(route('user.edit'))

How to avoid writing dozens of assertions in form validations?

Use Form Requests
Assert that Form Request gets used by the controller
Use Jason McCreary's Laravel Test Asserts for that

<?php

// In test method
$this->assertActionUsesFormRequest(
  UsersController::class, // Controller
  'update', // Method
  UserUpdateRequest::class); // Form Request
);

How to find incomplete tests?

phpunit -v

How to directly assert non-auth cannot access?

$this->assertForbidden();

How to manually set response 'forbidden' on controller?

abort(403)

How to get `Product::STARTER`?

This is a constant in the product model

What is a mock?

Stand-in replacement for real object
Emulates echo behaviour

// What is the simplest mock you can create?
class ExampleTest extends \PHPUnit\Framework\TestCase
{
  public function testMocking()
  {
    $mock = \Mockery::mock();
    $mock->shouldReceive('foo') // method name
      ->with('bar') // arg
      ->andReturn('baz'); // arg
    $this->assertEquals('baz', $mock->foo('bar'));
  }
}

What are mocks great for?

Testing integratin with 3rd party libraries without calling them
Control testing in complex situations, because you break down problems in small chunks

When will mocks fail?

If not set
If it does not have an expectation

What is a spy?

It secretly captures behavior
Returns null if not setup at all
More forgiving than mock

What's the easiest spy you can write?

public function testSpying()
{
  $spy = Mockery::spy();
  $this->assertNull($spy->quix());

  // assert behavior
  $spy->shouldHaveReceived('quix')->once();
}

What are test doubles?

Replace production object for testing purposes

Why are facades easy to test in Laravel?

Every facade has mocks & spies

How to return nothing (do nothing after a request)?

return response(null, 204)

How to mock Laravel's `Log` facade?

$mock = \Mockery::mock();
$mock->shouldReceive('info') // method name
  ->once()
  ->with('video.watched', [$video->id]);
Log::swap($mock);

What is the difficulty with shared facades?

Facades like Event or Log get used all over Laravel
If you swap them in your test, they get swapped everywhere
This may cause trouble
You can use Event::fake() instead of Event::swap()
Example: To check if event was fired: $event->assertDispatched();

What to do instead of mocks?

When you can't fake or don't want to create dozens of mock classes
Wrape it and decouple from tests

What happens in this mock?

The real Log:: class gets swapped by the mock
The mock tells what should happen as a result
As there is an expectation (= log vars), you need no extra assertion

Why do I need the `Log::` facade at all?

It's the original code
It would go untested otherwise

Why do you use `->once()` in a mock?

Otherwise the test will pass if the double in the real code is not called at all
i.e. only with ->once(), you can make sure that the facade got used in the real code

What is a shortcut for `$mock->shouldReceive('info')->once()`?

$mock->expects('info'); // method name

How to create a setup method that runs for all tests in a file?

protected function setUp(): void
{
  parent::setUp();
  $this->subject = new UserUpdateRequest();
}

Use it with $this->subject in the tests

How to run a validation in an unit test?

$subject = new UserUpdateRequest();
// will call the file App\Http\Requests\UserUpdateRequest;

How to create a coverage report

You need xdebug
You can use a docker image with xdebug
Run phpunit --coverage-html report
Spin up a PHP server to view reports with php -S 0:8080 -t report/

Lessons Learnt: PHPUnit for Beginners

Martin Betz — Mon, 08 Jun 2020 00:00:00 +0000

I took the course PHPUnit for Beginners by Laravel Daily. It is suitable for total testing beginners and walks you through a simple CRUD application.

Why choose `@forelse … @empty … @endforelse` for loops?

It covers the case where there is no data

@forelse ($users as $user)
     <li>{{ $user->name }}</li>
@empty
    <p>No users</p>
@endforelse

How to create content with custom values with Eloquent

$product = Product:create([
  'name' => 'Product 1',
  'price' => 99.99
]);

// in your test
$response->assertSee($product->name);

How to setup test database?

phpunit.xml overwrites .env.testing
Edit DB_CONNECTION for MySQL/sqlite
Change value of DB_DATABASE into value=":memory:" to get fast in memory store

What does `RefreshDatabase` trait do?

It Runs migrations
Creates a fresh database
Usage
- use Illuminate\Foundation\Testing\RefreshDatabase; above class
- use RefreshDatabase; in class, not single test

When should you use a MySQL test database?

When you use raw MySQL statements for the following features:
- Date formatting
- String functions
- Date differences
- Geospatial features

How to set up a MySQL test database in `phpunit.xml`?

<server name="DB_CONNECTION" value="MySQL"/>
<server name="DB_DATABASE" value="name_of_db"/>

Why to test data and not visuals (assertSee)?

To avoid false positives because of incomplete results
Example
- Blade: show product name {{ $product->name }}
- Data: ['name' => 'Product 1000]
- Visual test: $response->assertSee('Product 1') would turn green and create a false positive

How to get view data of e.g. $products to test?

$view = $response->viewData('products') // was passed to view in controller
$this->assertEquals($product->name, $view->first()->name);

What do unit tests capture?

Internal logic
No Endpoint
Data processing

How to create a Laravel service to translate currency

Create service in app\services -> CurrencyService.php
Import using use App\Services\CurrencyService
Call new CurrencyService()->convert();
No changes in database needed

How to create temporary database/accessor field (e.g. dynamic price in another currency)?

This is also called accessor
On model Product.php

public function getPriceEurAttribute() {
    return $this->price*0.8;
}

How to create an unit test?

art make:test NAME --unit

How to paginate in controller and view?

(In Controller): $products = Product::paginate(10);
In View: {{ $products->links() }}

How to call factories?

factory(Product::class, 10)->create();

How to echo variable result into log?

Call info($var) in your code

How to test if login works?

Create user
Post login data and set response

$response = $this->post('login', [
  'email' => 'EMAIL',
  'password' => 'PW'
]);
// assert where you expect to be redirected to, e.g. home
$response->assertRedirect('/home');

How to quickly log in for tests?

$this->actingAs($user)->get('/')

How to protect a route via auth?

Route::get('/')->middleware('auth')

Easiest way to add admin?

Add field to user model: is_admin
Add to fillable in model
Create middleware app\Http\Middleware\IsAdmin (see following snippet)
Add middleware to App\Kernel
Add middleware to your route Route::middleware('auth', 'is_admin')

public function handle($request, Closure $next) 
{
  if (! auth()->user()->is_admin) 
  {
    abort(403);
  }
  return $next($request);
}

Which visual assertions are usual?

$response->assertSee()
$response->assertDontSee()

How to create simple factory states?

Example: is_admin, yes/no
Create private function with factory and optional parameter in it

private function create_user(is_admin = 0)
{
  $this->user = factory(User::class)->create([
    'is_admin' => $is_admin,
  ]);
}

How to store everything you get via form?

// Controller

public function store(Request $request)
{
    Product::create($request->all());
    return redirect()->route('home');
}

How to test a POST request with parameter `name = 'Test 1'`?

$this->post('products', ['name' => 'Test 1', 'price' => 99.99]);

How to assert that something is in the database? (db side)

$this->assertDatabaseHas('products', ['name' => 'Test 1', 'price' => 99.99]);

How to test whether saved data gets returned?

$product = Product::orderBy('id', 'desc')->first();
$this->assertEquals('String', $product->name);
$this->assertEquals('price', $product->price);

How to check whether data for edit is available in view?

$product = Product::first();
$response->assertSee('value="' . $product->price . '"');

How to update all data from a request?

public function update(Product $product, UpdateProductRequest $request)
{
  $product->update($request->all());
  return redirect()->route('products.index');
}

Where and how to create a form request?

app/Http/Requests/UpdateProductRequest.php

public rules() {
  return [
    'name' => 'required',
    'price' => 'required',
  ];
}

How to test an update request?

$response = $this->put('/products/' . $product->id, ['name' => 'Test']);

How to test for session error on 'name'?

$response->assertSessionHasErrors(['name']);

How to update as json API call?

$response = $this->actingAs($this->user)
  ->put('/products/' . $product->id,
  [
    'name' => 'Test',
    'price' => 99.99,
  ],
  [
   'Accept' => 'Application/json', 
  ]);

How to create a delete item view?

<form action={{ route('products.destroy' . $product->id) }} method="POST" onsubmit="confirm('Sure?')">
<input type="hidden" name="_method" value="DELETE">
<input type="hidden" name="_token" value="{{ csrf_token() }}">

How to delete item in controller?

public function destroy(Product $product) {
  $product->delete();
  return redirect()->route('products.index');
}

How to assert that data gets deleted?

Create product with factory
$this->assertEquals(1, Product::all())
$response = $this->actingAs($this->user)->delete('products/' . $product->id); (Route missing?)
$response->assertStatus(302)
$this->assertEquals(0, Product::count());

How to protect URLs with a PIN code in Laravel

Martin Betz — Tue, 26 May 2020 16:10:15 +0000

Here is the user story for this post: As a website owner I only want to allow access to my website for visitors who enter the correct PIN.

How the minimum version will work

When you enter the page for the first time, you will just see an input to enter a PIN. When you enter the wrong PIN, it fails silently and just reloads the page. If you enter the right PIN, it will save a cookie access and shows you the welcome page. If you try more than 3 times within a minute, you get a message Too Many Requests.

And here is how it will look in the browser:

The tests

I will first create the sad path where I cannot access the welcome page as I did not enter the right PIN. Then I will simulate that I previously entered the right PIN and have a cookie that lets me pass. Then I will test that actual entering of the PIN and check whether I get a cookie. Lastly I check that I get banned if I enter three wrong PINs in a very short time:

<?php

namespace Tests\Feature\Http\Controllers;

use Illuminate\Support\Facades\Config;
use Tests\TestCase;

class WelcomeTest extends TestCase
{

    /** @test */
    public function can_not_access_welcome_page_without_pin() {
        $response = $this->get(route('root'));
        $response->assertStatus(302);
        $response->assertRedirect(route('pin.create'));
    }

    /** @test */
    public function can_access_welcome_page_with_pin_cookie() {
        $response = $this->withCookie('access', 'pass')->get(route('root'));
        $response->assertStatus(200);
    }

    /** @test */
    public function can_enter_pin_and_access_root_page() {
        Config::set('settings.PIN', '5678');
        $response = $this->post(route('pin.store', [
            'pin' => '5678',
        ]));
        $response->assertCookie('access', 'pass');
    }

    /** @test */
    public function blocks_for_one_minute_after_three_attemps() {
        $this->post(route('pin.store', [
            'pin' => '1',
        ]));
        $this->post(route('pin.store', [
            'pin' => '2',
        ]));
        $this->post(route('pin.store', [
            'pin' => '3',
        ]));
        $response = $this->post(route('pin.store', [
            'pin' => '3',
        ]));
        $response->assertStatus(429);
    }
}

The code

I wrote the tests first and added the code one error after another. You may replicate by just running the tests above and go through the errors yourself.

Here's the files you need with a short explanation what they do:

routes/web.php: for adding the routes, adding the middleware to restrict access and limit the trials
app/Http/Middleware/CheckPin.php: this is the middleware that checks whether you have a cookie that allows you to enter the welcome page
app/Http/Kernel.php: this is were you register the custom middleware
app/Http/Controllers/PinController.php: this is were you check the PIN entered and create the cookie on success
resources/views/create.blade.php: the view for entering the PIN
resources/views/welcome.blade.php: the view with the protected content
config/settings.php: you define the PIN setting here to get the value from the .env file and provide a fallback value
`

And here are the important sections of the files. I marked omissions with (…). You can find the full source code on https://github.com/minthemiddle/pin-tutorial:

`php
// routes/web.php
<?php

use Illuminate\Support\Facades\Route;

Route::get('/', function () {
return view('welcome');
})->name('root')->middleware('pin');

Route::get('pin/create', function () {
return view('create');
})->name('pin.create');

Route::post('pin/store', 'PinController@store')->name('pin.store')->middleware('throttle:3,1');

`php
// app/Http/Middleware/CheckPin.php
<?php

namespace App\Http\Middleware;

use Closure;

class CheckPin
{
public function handle($request, Closure $next)
{
if ($request->cookie('access') === 'pass') {
return $next($request);
}

    return redirect(route('pin.create'));
}

}

`php
// app/Http/Kernel.php
<?php

namespace App\Http;

use App\Http\Middleware\CheckPin;
use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel
{
(…)

protected $routeMiddleware = [
    (…)
    \App\Http\Middleware\CheckPin::class,
];

}

`php
// app/Http/Controllers/PinController.php
<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Config;

class PinController extends Controller
{
public function store(Request $request)
{
if ($request->pin === Config::get('settings.PIN')) {
return redirect(route('root'))->withCookie('access', 'pass', 60);
}

    return redirect(route('pin.create'));
}

}

`html
// resources/views/create.blade.php
<!DOCTYPE html>

Enter PIN

@csrf Save

`php
// resources/views/welcome.blade.php
// I just used the standard welcome page that ships with Laravel

`php
// config/settings.php
<?php

return [
'PIN' => env('PIN', '1234'),
];

`yaml

.env

(…)
PIN=5678
(…)
`

Testing mails in Laravel

Martin Betz — Tue, 28 Apr 2020 00:00:00 +0000

The case: Test that users can send mails to other users

Imagine a simple social network where users can send emails to other users. We will use Laravel and test driven development to create an app that does exactly this.

An user visits the profile of another user and when he clicks on "Message" he can send a customized email to the other user via the system. He can even give a custom subject.

I know that for such a simple use case we could just use <a href="mailto:name@domain.com"></a> but I want to show you how to use and test email in Laravel.

The setup

You just need a fresh Laravel app. At the time of writing this article this was v7.8.1, but anything after v5.6 should be 80% matching (please report issues). For a minimal setup, remove all lines starting with DB_ in your .env, add DB_CONNECTION=sqlite, create a file called database.sqlite in the /database folder and run php artisan migrate.

The test

We will first right an automated test. This will fail and we will add code step by step to fix the problems to finally get a test that gives us confidence that the code works as intended.

Let's create the test: php artisan make:test ContactUserTest. I will show you how my initial test looks like, but please be aware that I spent around 10 minute into thinking "How should this work?". Writing the test is when you define how you wish your app should work. We are first testing the expected action (it_does_send_a_mail_from_one_user_to_another). This is called the happy path. We will later check that unexpected behavior does not happen – the sad path.

I'll explain the details after the code, but I left some problems in there so you can see how test driven development (TDD) works. Write a failing test and fix one problem after the other until you get a passing test.

<?php

namespace Tests\Feature;

use App\User;
use Illuminate\Support\Facades\Mail;
use Tests\TestCase;

class ContactUserTest extends TestCase
{
    /** @test */
    public function it_does_send_a_mail_from_one_user_to_another()
    {
        $user_from = factory(User::class)->create();
        $user_to = factory(User::class)->create();

        Mail::fake();

        $response = $this->post(route('contactUserMail'), [
            'user_to' => $user_to,
            'subject' => 'My subject',
            'body' => 'My body',
        ]);

        $response->assertSuccessful();

        Mail::assertSent(ContactUserMail::class);
    }
}

I first create two users, the sender and the receiver ($user_to)
We will use the logged in user as the sender, so we don't need to send this info with the request
Mail::fake() will swap the actual Mail class with a test library. No real mails will be sent and we can make assertions on what should happen
I decided that sending a mail should be a POST request from a form and have user_to, subject and body arguments. I will get the user_from automatically from the currently logged in user to prevent that you can send in someone else's name
$response->assertSuccessful() will check whether the POST request was successful
Finally, I check whether the Mail class ContactUserMail was sent

As expected, there are a couple of errors, but let phpunit tell us what's wrong…

Just run phpunit within your project - with Laravel 7+ you can also use php artisan test.

Problem 01: No database being used

The error: SQLSTATE[HY000]: General error: 1 no such table: users

Our test is not using the database yet, let's add the RefreshDatabase trait to solve this.

Note: I will show git diffs for solving the problems. This diff compares before a/ and after b/. A + means that something was added, a - shows deleted lines.

diff --git a/tests/Feature/ContactUserTest.php b/tests/Feature/ContactUserTest.php
index 89de017..a611b89 100644
--- a/tests/Feature/ContactUserTest.php
+++ b/tests/Feature/ContactUserTest.php
@@ -3,11 +3,14 @@
 namespace Tests\Feature;

 use App\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
 use Illuminate\Support\Facades\Mail;
 use Tests\TestCase;

 class ContactUserTest extends TestCase
 {
+ use RefreshDatabase;
+
     /** @test */
     public function it_does_send_a_mail_from_one_user_to_another()
     {

Problem 02: Route not defined

The error: Symfony\Component\Routing\Exception\RouteNotFoundException: Route [contactUserMail] not defined.

Well, we called a route that does not exist yet. Let's create it:

diff --git a/routes/web.php b/routes/web.php
index b130397..4ecc7b7 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -16,3 +16,7 @@ use Illuminate\Support\Facades\Route;
 Route::get('/', function () {
     return view('welcome');
 });
+
+Route::post('contactUserMail', function() {
+ return true;
+})->name('contactUserMail');

This route may seem stupid, because I just return true, but for now it is just important to solve the error that phpunit showed.

Problem 03: Mail was not sent

The error: The expected [Tests\Feature\ContactUserMail] mailable was not sent.

Ok, let's create the email first and leave as is:

php art make:mail ContactUserMail -m emails.contactUserMail

This will create the mail class and a markdown template.

We have to update the route to actually send the mail with Mail::to('test@test.com')->send(new ContactUserMail);. Again, the goal is not to be right, but to get the test passing.

diff --git a/routes/web.php b/routes/web.php
index 4ecc7b7..9ed75ee 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -1,5 +1,7 @@
 <?php

+use App\Mail\ContactUserMail;
+use Illuminate\Support\Facades\Mail;
 use Illuminate\Support\Facades\Route;

 /*
@@ -18,5 +20,6 @@ Route::get('/', function () {
 });

 Route::post('contactUserMail', function() {
+ Mail::to('test@test.com')->send(new ContactUserMail);
     return true;
 })->name('contactUserMail');

Lastly, we need to import the Mail class to the test:

diff --git a/tests/Feature/ContactUserTest.php b/tests/Feature/ContactUserTest.php
index a611b89..4d208a6 100644
--- a/tests/Feature/ContactUserTest.php
+++ b/tests/Feature/ContactUserTest.php
@@ -2,6 +2,7 @@

 namespace Tests\Feature;

+use App\Mail\ContactUserMail;
 use App\User;
 use Illuminate\Foundation\Testing\RefreshDatabase;
 use Illuminate\Support\Facades\Mail;

Run phpunit again and… ✔ It does send a mail from one user to another.

Congratulations, our test is passing, we are sending the mail as expected.

But wait, we did not check that user_from and user_to are right. Our test is incomplete.

This is also a common case, so no worries. Just add more assertions to your test:

diff --git a/tests/Feature/ContactUserTest.php b/tests/Feature/ContactUserTest.php
index fb6532d..64df550 100644
--- a/tests/Feature/ContactUserTest.php
+++ b/tests/Feature/ContactUserTest.php
@@ -28,6 +28,10 @@ class ContactUserTest extends TestCase

         $response->assertSuccessful();

- Mail::assertSent(ContactUserMail::class);
+ Mail::assertSent(ContactUserMail::class, function($mail) use ($user_from, $user_to) {
+ $mail->build();
+ $this->assertEquals($user_from->email, $mail->from[0]['address']);
+ $this->assertTrue($mail->hasTo($user_to->email));
+ return true;
+ });
     }
 }

Run phpunit again.

Problem 04: From is not right

Error: ErrorException: Trying to get property 'address' of non-object

Ok, we did not set the sender yet. Let's do this.

diff --git a/app/Mail/ContactUserMail.php b/app/Mail/ContactUserMail.php
index 017b66c..0577a18 100644
--- a/app/Mail/ContactUserMail.php
+++ b/app/Mail/ContactUserMail.php
@@ -28,6 +28,6 @@ class ContactUserMail extends Mailable
      */
     public function build()
     {
- return $this->markdown('emails.contactUserMail');
+ return $this->from('sender@test.com')->markdown('emails.contactUserMail');
     }
 }

diff --git a/tests/Feature/ContactUserTest.php b/tests/Feature/ContactUserTest.php
index d47f85f..947757c 100644
--- a/tests/Feature/ContactUserTest.php
+++ b/tests/Feature/ContactUserTest.php
@@ -15,7 +15,9 @@ class ContactUserTest extends TestCase
     /** @test */
     public function it_does_send_a_mail_from_one_user_to_another()
     {
- $user_from = factory(User::class)->create();
+ $user_from = factory(User::class)->create([
+ 'email' => 'sender@test.com',
+ ]);
         $user_to = factory(User::class)->create();
     }
 }

Problem 05: From is not right

Error: Failed asserting that false is true(ContactUserTest.php:36)

So, now the to is not correct. Of course, we did not specify the email in the factory, so we have differing emails. Let's fix this!

diff --git a/tests/Feature/ContactUserTest.php b/tests/Feature/ContactUserTest.php
index 9f2b79d..3f72373 100644
--- a/tests/Feature/ContactUserTest.php
+++ b/tests/Feature/ContactUserTest.php
@@ -18,7 +18,9 @@ class ContactUserTest extends TestCase
         $user_from = factory(User::class)->create([
             'email' => 'sender@test.com',
         ]);
- $user_to = factory(User::class)->create();
+ $user_to = factory(User::class)->create([
+ 'email' => 'test@test.com',
+ ]);

         Mail::fake();

Run phpunit again and boom, from and to work as expected!

But subject is still missing. Add an assertion to the test:

diff --git a/tests/Feature/ContactUserTest.php b/tests/Feature/ContactUserTest.php
index 3f72373..9840e1b 100644
--- a/tests/Feature/ContactUserTest.php
+++ b/tests/Feature/ContactUserTest.php
@@ -36,6 +36,7 @@ class ContactUserTest extends TestCase
             $mail->build();
             $this->assertEquals($user_from->email, $mail->from[0]['address']);
             $this->assertTrue($mail->hasTo($user_to->email));
+ $this->assertEquals('My subject', $mail->subject);
             return true;
         });
     }

Problem 05: Subject not working

Error: TypeError: Argument 2 passed to PHPUnit\Framework\Assert::assertTrue() must be of the type string, null given (ContactUserTest.php:39)

This simply means that $mail->subject is empty.

Let's solve this:

diff --git a/app/Mail/ContactUserMail.php b/app/Mail/ContactUserMail.php
index 0577a18..1e7258f 100644
--- a/app/Mail/ContactUserMail.php
+++ b/app/Mail/ContactUserMail.php
@@ -28,6 +28,6 @@ class ContactUserMail extends Mailable
      */
     public function build()
     {
- return $this->from('sender@test.com')->markdown('emails.contactUserMail');
+ return $this->from('sender@test.com')->subject('My subject')->markdown('emails.contactUserMail');
     }
 }

Run phpunit again and yay, the test is passing. You can be confident now that an email is sent with the expected from, to and subject.

Let's call it a day for now and tap yourself on the shoulder, this was massive.

There will be a part 2 because, to be honest, we did not completely solve it. Right now, all the values are hard coded and not coming from a user's request. We will tackle this soon.

Premium Laravel courses and books

Martin Betz — Mon, 27 Apr 2020 00:00:00 +0000

There are many premium paid video courses (📺) and books (📘) for Laravel.

I also list content that is not released yet (🚧).

The list is sorted alphabetically:

If you know more resources, please email me 👇.

Only allow owners to update their user profile in Laravel with a policy

Martin Betz — Fri, 10 Apr 2020 11:33:43 +0000

The problem: Only owners should be allowed to edit their profiles

You have a website that lists the profile of Laravel developers
The profile is just an extension of the User model, so you have extra fields
For sake of simplicity, you have only one field in your profile that is the numbers of years you've been coding with Laravel
Developers listed should only be able to edit their own profile and not foreign profiles

The solution: Use a policy for the User model

We will write a policy that will be triggered when a user updates a profile
The policy checks whether you are the owner of the user profile
If you are, you can update the profile
If you are not the owner, your request will be denied

The step by step explanation

I will show you how to add this policy test-driven
I assume that you already created a fresh Laravel app and set up your database

Step 1: Write a failing test `user_can_update_own_profile`

Create a test for the User model: php artisan make:test Http/Controllers/UserControllerTest
We will write a test with how we wish our app should work if we are the owner of a profile
This is called the Happy Path

// tests/Feature/Http/Controllers/UserControllerTest.php

<?php

namespace Tests\Feature\Http\Controllers;

use App\User;
use Tests\TestCase;
use Illuminate\Foundation\Testing\RefreshDatabase;

class UserControllerTest extends TestCase
{
    use RefreshDatabase;

    /** @test */
    public function user_can_update_own_profile()
    {
        $user = factory(User::class)->create();
        $response = $this->actingAs($user)->post(route('user.profile.update', $user), [
            'experience_years' => 5,
        ]);

        $response->assertSuccessful();
        $user->refresh();
        $this->assertEquals(5, $user->experience_years);
    }
}

This test will fail for many reasons
- We do not have a route named user.profile.update that we can send a POST request to
- We do not have a experience_years property on the User model
- We do not have a User controller that actually updates the model
In a normal test-driven process, I would solve this error by error
As this tutorial is about policies, I will just solve all problems at once to get to the policy part

Step 2: Fix the test to assert that you can update your own profile

The solution: Update your migration, User model, web.php routes file and create a UserController with an update method that updates with everything passed with a request
I marked all new files with a // ADD: comment
I deleted all comments and unneccessary lines

// Migration: database/migrations/2014_10_12_000000_create_users_table.php
// Your date in the filename should differ

<?php

use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;

class CreateUsersTable extends Migration
{
    public function up()
    {
        Schema::create('users', function (Blueprint $table) {
            $table->id();
            $table->string('name');
            $table->string('email')->unique();
            $table->integer('experience_years')->nullable(); // ADD: nullable integer
            $table->timestamp('email_verified_at')->nullable();
            $table->string('password');
            $table->rememberToken();
            $table->timestamps();
        });
    }

    public function down()
    {
        Schema::dropIfExists('users');
    }
}

// User Model: app/User.php

<?php

namespace App;

use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;

class User extends Authenticatable
{
    use Notifiable;

    protected $fillable = [
        'name', 'email', 'password', 'experience_years' // ADD: 'experience_years'
    ];

    protected $hidden = [
        'password', 'remember_token',
    ];

    protected $casts = [
        'email_verified_at' => 'datetime',
    ];
}

// Routes: routes/web.php

<?php

use Illuminate\Support\Facades\Route;

Route::post('/{user}/profile/update', 'UserController@update')->name('user.profile.update');

// Controller: app/Http/Controllers/UserController.php

<?php

namespace App\Http\Controllers;

use App\User;
use Illuminate\Http\Request;

class UserController extends Controller
{
    public function update(Request $request, User $user)
    {
        $user->update($request->all());
    }
}

You can now run the tests with php artisan test.
You should see two passing example tests and a passing test: ✓ user can update own profile
Let's try to update someone else's years of experience:

Step 3: Try to update someone else's profile – and fail

/** @test */
    public function user_cannot_update_foreign_profile()
    {
        $user = factory(User::class)->create();
        $foreign_user = factory(User::class)->create([
            'experience_years' => 2,
        ]);
        $response = $this->actingAs($user)->post(route('user.profile.update', $foreign_user), [
            'experience_years' => 5,
        ]);

        $response->assertForbidden();
        $foreign_user->refresh();
        $this->assertEquals(2, $foreign_user->experience_years);
    }

This test will fail Asserting that 5 is 2
This means: Yes, we can change someone else's profile
Not good!

Step 4: Add a policy to disallow changing someone else's profile

Solution: Add a policy to stopp this
Create the policy: php artisan make:policy UserPolicy

// Policy: app/Policies/UserPolicy.php

<?php

namespace App\Policies;

use App\User;
use Illuminate\Auth\Access\Response;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    public function update(User $user, User $user_model)
    {
        return $user->id === $user_model->id ? Response::allow() : Response::deny();
    }
}

Policies always have the current user passed via User $user
The second argument is the model that we want to protect
Because we want to protect the user model, we need to pass it twice with differing names
Interpretation of the command: If the ID of the currently logged in user is the same as the id of the user model that is being tried to update, allow the update. If not, reject the update
Because we named the policy like the model, Laravel automatically finds it
We only need to apply the policy on the route

// Routes with policy: routes/web.php

<?php

use Illuminate\Support\Facades\Route;

Route::post('/{user}/profile/update', 'UserController@update')->name('user.profile.update')->middleware('can:update,user');

The ->middleware('can:update,user) means: Authorize the update() action and pass the user URL parameter to the policy (that's our $user_model in the policy).

Repo and extension

If you have problems following the code, check out the repo on Github.
If you want to extend this functionality, try to add an exception for admins: They should be able to change every profile

Only allow owner to update their user profile in Laravel with a policy

Martin Betz — Fri, 10 Apr 2020 00:00:00 +0000

The problem: Only owners should be allowed to edit their profiles

You have a website that lists the profile of Laravel developers
The profile is just an extension of the User model, so you have extra fields
For sake of simplicity, you have only one field in your profile that is the numbers of years you've been coding with Laravel
Developers listed should only be able to edit their own profile and not foreign profiles

The solution: Use a policy for the User model

We will write a policy that will be triggered when a user updates a profile
The policy checks whether you are the owner of the user profile
If you are, you can update the profile
If you are not the owner, your request will be denied

The step by step explanation

I will show you how to add this policy test-driven
I assume that you already created a fresh Laravel app and set up your database

Step 1: Write a failing test `user_can_update_own_profile`

Create a test for the User model: php artisan make:test Http/Controllers/UserControllerTest
We will write a test with how we wish our app should work if we are the owner of a profile
This is called the Happy Path

// tests/Feature/Http/Controllers/UserControllerTest.php

<?php

namespace Tests\Feature\Http\Controllers;

use App\User;
use Tests\TestCase;
use Illuminate\Foundation\Testing\RefreshDatabase;

class UserControllerTest extends TestCase
{
    use RefreshDatabase;

    /** @test */
    public function user_can_update_own_profile()
    {
        $user = factory(User::class)->create();
        $response = $this->actingAs($user)->post(route('user.profile.update', $user), [
            'experience_years' => 5,
        ]);

        $response->assertSuccessful();
        $user->refresh();
        $this->assertEquals(5, $user->experience_years);
    }
}

This test will fail for many reasons
- We do not have a route named user.profile.update that we can send a POST request to
- We do not have a experience_years property on the User model
- We do not have a User controller that actually updates the model
In a normal test-driven process, I would solve this error by error
As this tutorial is about policies, I will just solve all problems at once to get to the policy part

Step 2: Fix the test to assert that you can update your own profile

The solution: Update your migration, User model, web.php routes file and create a UserController with an update method that updates with everything passed with a request
I marked all new files with a // ADD: comment
I deleted all comments and unneccessary lines

// Migration: database/migrations/2014_10_12_000000_create_users_table.php
// Your date in the filename should differ

<?php

use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;

class CreateUsersTable extends Migration
{
    public function up()
    {
        Schema::create('users', function (Blueprint $table) {
            $table->id();
            $table->string('name');
            $table->string('email')->unique();
            $table->integer('experience_years')->nullable(); // ADD: nullable integer
            $table->timestamp('email_verified_at')->nullable();
            $table->string('password');
            $table->rememberToken();
            $table->timestamps();
        });
    }

    public function down()
    {
        Schema::dropIfExists('users');
    }
}


// User Model: app/User.php

<?php

namespace App;

use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;

class User extends Authenticatable
{
    use Notifiable;

    protected $fillable = [
        'name', 'email', 'password', 'experience_years' // ADD: 'experience_years'
    ];

    protected $hidden = [
        'password', 'remember_token',
    ];

    protected $casts = [
        'email_verified_at' => 'datetime',
    ];
}


// Routes: routes/web.php

<?php

use Illuminate\Support\Facades\Route;

Route::post('/{user}/profile/update', 'UserController@update')->name('user.profile.update');


// Controller: app/Http/Controllers/UserController.php

<?php

namespace App\Http\Controllers;

use App\User;
use Illuminate\Http\Request;

class UserController extends Controller
{
    public function update(Request $request, User $user)
    {
        $user->update($request->all());
    }
}

You can now run the tests with php artisan test.
You should see two passing example tests and a passing test: ✓ user can update own profile
Let's try to update someone else's years of experience:

Step 3: Try to update someone else's profile – and fail

/** @test */
    public function user_cannot_update_foreign_profile()
    {
        $user = factory(User::class)->create();
        $foreign_user = factory(User::class)->create([
            'experience_years' => 2,
        ]);
        $response = $this->actingAs($user)->post(route('user.profile.update', $foreign_user), [
            'experience_years' => 5,
        ]);

        $response->assertForbidden();
        $foreign_user->refresh();
        $this->assertEquals(2, $foreign_user->experience_years);
    }

This test will fail Asserting that 5 is 2
This means: Yes, we can change someone else's profile
Not good!

Step 4: Add a policy to disallow changing someone else's profile

Solution: Add a policy to stopp this
Create the policy: php artisan make:policy UserPolicy

// Policy: app/Policies/UserPolicy.php

<?php

namespace App\Policies;

use App\User;
use Illuminate\Auth\Access\Response;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    public function update(User $user, User $user_model)
    {
        return $user->id === $user_model->id ? Response::allow() : Response::deny();
    }
}

Policies always have the current user passed via User $user
The second argument is the model that we want to protect
Because we want to protect the user model, we need to pass it twice with differing names
Interpretation of the command: If the ID of the currently logged in user is the same as the id of the user model that is being tried to update, allow the update. If not, reject the update
Because we named the policy like the model, Laravel automatically finds it
We only need to apply the policy on the route

// Routes with policy: routes/web.php

<?php

use Illuminate\Support\Facades\Route;

Route::post('/{user}/profile/update', 'UserController@update')->name('user.profile.update')->middleware('can:update,user');

The ->middleware('can:update,user) means: Authorize the update() action and pass the user URL parameter to the policy (that's our $user_model in the policy).

Repo and extension

If you have problems following the code, check out the repo on Github.
If you want to extend this functionality, try to add an exception for admins: They should be able to change every profile

Laravel blogs to follow via RSS

Martin Betz — Mon, 06 Jan 2020 13:15:04 +0000

There are many high quality blogs on Laravel and related topics, such as Tailwind, Livewire, AlpineJS and VueJS. There are some well-known bloggers, such as Freek and Matt Stauffer, but also some lesser-known yet excellent ones.

Here are the direct links to the RSS feeds, the list is sorted alphabetically:

If you know more Laravel blogs to follow, just write a comment and I'll add them.

Updates:

20-01-13: Fixed Jonathan Reinink, added Matthias Geniar and LaraShout
20-01-08: Fixed link for Caleb Porzio

Simple user roles in Laravel

Martin Betz — Fri, 27 Dec 2019 15:23:28 +0000

If you do only have roles for your users – such as admin, contributor and user – and you want to restrict access to routes only, advanced (and excellent) packages may be too heavy for you.
Let me show you how to solve this authorization problem very easily.

Your user model needs an extra field to store the role of every user. Let's add a string field which will hold values such as user, manager or admin. Every user needs a role, so this field is not nullable and has a default of user. Of course you have more fields in your user model, I'll add an email field to the user for demonstration purposes.

// Create migration
// create_users_table.php

Schema::create('users', function (Blueprint $table) {
  ...
  $table->string('email')->unique();
  $table->string('role')->default('user');
  ...
}

Let's create a test user, using Laravel's tinker app, test it's default role and upgrade it to admin.
php artisan tinker

// Create test user
$user = App\User::create(['email' => 'test01@test.test']);
$user->role; // 'user'

// Upgrade user to admin
$user->role = 'admin';
$user->save();

Until now, the user role is just a string and does not do anything. Let's change this by generating a custom middleware. Middlewares can be attached to routes and control who has access to those routes.

For example, to restrict the access to /logged-in-users-only to logged in users, you would create the following function in your routes file:

// routes/web.php
Route::get('logged-in-users-only', function () {
  return 'Only logged in users can see this';
})->middleware('auth');

We can restrict routes to user roles with a custom middleware:

php artisan make:middleware UserRoles

This will create a middleware file that we can customize:

// Http/Middleware/UserRoles
public function handle($request, Closure $next, ...$roles)
{
  return collect($roles)->contains(auth()->user()->role) ? $next($request) : back();
}

This handle() method will only allow people access the route if their role is in the list of allowed roles in the protected route.

Here is the whole return one-liner in natural language:

If the collection of rules contains the logged in user's role, then allow and process the request, otherwise redirect the user back.

...$roles allows to pass multiple roles at once, the resulting $roles is an array with all parameters
With collect() I create a collection out of the array, so I can use collection methods and chain them, such as contains()
contains() will check whether the role is in the collection
return CONDITION ? THEN : ELSE is called a ternary operator and a shorter version of if (CONDITION) { then } else { }

To make use of this middleware, we need to register it in the kernel:

// Http/Kernel.php

use App\Http\Middleware\UserRoles;
...

protected $routeMiddleware = [
  ...
  'roles' => UserRoles::class,
];

To only allow users with role admin to a route, you create it like the following:

// routes/web.php
Route::get('types', function () {
  return 'Access granted';
})->name('test.roles')->middleware('roles:admin');

And because we allow to pass more than one role (remember the ...$roles) to the middleware, we can allow several roles to access the same route. Let's also give the manager access to this route:

// routes/web.php
Route::get('types', function () {
  return 'Access granted';
})->name('test.roles')->middleware('roles:admin,manager'); // no space after comma!

One risk with this approach is that you pass roles around as strings. You always need to remember which roles you have and how you named them. A small typo such as adnin instead of admin will be hard to spot and renaming a role (e.g. manager to become editor) can easily break your system.

In the next iteration of this article, I will introduce Enums to help reducing this risk, but for now this solution is lean and will solve your basic needs.

P.S. If you have suggestions on refactoring or improving, please leave a comment

DEV Community: Martin Betz

How to use AlpineJS with Laravel Mix

Laravel Forms 101

Quick setup Laravel (with Tailwind scaffold)

Lessons Learnt: Confident Laravel

How to create a basic PHPUnit test (= extend test case)?

What are the testing definitions?

What is the order of loading test settings

How to make stuff available to all tests?

When and why should I use PHPUnit\Framework\TestCase directly?

How to structure tests in the feature folder?

How to name Dusk (= BDD) tests?

How to customize Dusk's settings?

How to generate tests with subfolders?

How to name factories?

How to filter php artisan route:list for entries containing invoice?

How to test whether the right view gets loaded?

What is the happy path?

How to check in controller if column expired with timestamp is not set?

How to put sth like a coupon in the session cookie?

How to name general controller tests?

How to check whether data exists in a session?

How to get the full error message in Laravel tests?

How many sad paths should you test?

How to assert that sth is not in a session?

What's the running order in a test?

How to mark test incomplete so it gets skipped when running the test suite?

How to test that user is logged in (and not redirected)?

How to assert that a view has a variable now_playing with value 1?

How to fake a heading or title?

How to fake an ID?

How to assert the model data you already have in your test?

How to add $faker to your test?

How to create a password hash?

How to assert two hashes?

What is the difference between asserting Hash::check() and hardcoding a password value?

How to check if session contains error 'name'?

Why do form requests not auto redirect back and how to work around that?

How to avoid writing dozens of assertions in form validations?

How to find incomplete tests?

How to directly assert non-auth cannot access?

How to manually set response 'forbidden' on controller?

How to get Product::STARTER?

What is a mock?

What are mocks great for?

When will mocks fail?

What is a spy?

What's the easiest spy you can write?

What are test doubles?

Why are facades easy to test in Laravel?

How to return nothing (do nothing after a request)?

How to mock Laravel's Log facade?

What is the difficulty with shared facades?

What to do instead of mocks?

What happens in this mock?

Why do I need the Log:: facade at all?

Why do you use ->once() in a mock?

What is a shortcut for $mock->shouldReceive('info')->once()?

How to create a setup method that runs for all tests in a file?

How to run a validation in an unit test?

How to create a coverage report

Lessons Learnt: PHPUnit for Beginners

Why choose @forelse … @empty … @endforelse for loops?

How to create content with custom values with Eloquent

How to setup test database?

What does RefreshDatabase trait do?

When should you use a MySQL test database?

How to set up a MySQL test database in phpunit.xml?

Why to test data and not visuals (assertSee)?

How to get view data of e.g. $products to test?

What do unit tests capture?

How to create a Laravel service to translate currency

How to create temporary database/accessor field (e.g. dynamic price in another currency)?

How to create an unit test?

How to paginate in controller and view?

How to call factories?

How to echo variable result into log?

How to test if login works?

How to quickly log in for tests?

How to protect a route via auth?

When and why should I use `PHPUnit\Framework\TestCase` directly?

How to structure tests in the `feature` folder?

How to filter `php artisan route:list` for entries containing `invoice`?

How to check in controller if column `expired` with timestamp is not set?

How to assert that a view has a variable `now_playing` with value `1`?

How to add `$faker` to your test?

What is the difference between asserting `Hash::check()` and hardcoding a password value?

How to get `Product::STARTER`?

How to mock Laravel's `Log` facade?

Why do I need the `Log::` facade at all?

Why do you use `->once()` in a mock?

What is a shortcut for `$mock->shouldReceive('info')->once()`?

Why choose `@forelse … @empty … @endforelse` for loops?

What does `RefreshDatabase` trait do?

How to set up a MySQL test database in `phpunit.xml`?

How to test a POST request with parameter `name = 'Test 1'`?

Step 1: Write a failing test `user_can_update_own_profile`

Step 1: Write a failing test `user_can_update_own_profile`