A fully responsive and dynamic web app to present all products for a start-up called Zarafah

Hello Mostafa,

Congratulations on your project and your journey. Very good project presentation!

I got to know about you in Laravel Daily and wanted to contribute with your project.

There are some interesting changes on this Pull Request: https://github.com/MooseSaeed/Zarafah/pull/1. Do you know how what Pull Requests are and how to manage them? If not, just comment!

My Pull Request is about automated tests.

Tests can be a controversial topic, people have their own opinion about it. Me, myself, I wish I was introduced to testing in my first day, when I started as a developer.

I believe tests save time, headache, improve quality and makes maintenance easier.

It is virtually impossible for you to test different things every time you make a change in your application. How do you know if your new code did not break some other feature? We do not have time to test every single page or rule of our applications when new code is added.

For this, we have automated tests.

My approach is to test whatever is critical to my application. For example, if I have a blog system, I want to make sure a user can create, update, view, and delete a post. I want to guarantee that guests cannot create posts or view admin pages.

These are the tests I would start to write, and I did write some of

These are the tests currently running in your application. I have created the PostTest and RouteTest.

My test framework of choice is Pest PHP.

To run tests, you can type ./vendor/bin/pest in your Terminal (or composer test).

Green tests mean everything is okay, yellow is skipped and red is a failed test.

For example,

This test visits your home page and verifies that it loads. (Status 200 means OK, page loads)

test('Home page loads', function () {
    //Requests the page
    $response = $this->get(route('home'));

    //Page could be loaded
    $response->assertStatus(200);
});

According to your rule, only the user MooseS94 can access the Dashboard. As mentioned in the PR #1, this logic could/should be modified, but let's say this is the final objective. I wrote a test for that:

test('Dashboard: Random user can NOT access dashboard', function () {

    // Create an user for this test
    $user = User::factory()->create(['username' => 'random1234']);

    $response = $this->actingAs($user)
        ->get(route('dashboard'));
    
    //403 Forbidden access
    $response->assertStatus(403);
});

In the test above, we verified that a user random1234 will not be able to access the Dashboard.

And in the next test, we verified that MooseS94 can do it.

test('Dashboard: MooseS94 can access dashboard', function () {

    // Create MooseS94 for this test
    $user = User::factory()->create(['username' => 'MooseS94']);

    $response = $this->actingAs($user)
        ->get(route('dashboard'));

    $response->assertStatus(200);
});

Now, how can you make sure these tests are working?

Just for an exercise, modify your MustBeAdmin middleware to:

    public function handle(Request $request, Closure $next)
    {

       if (auth()->user()?->username != 'Dan1234') {

            abort(Response::HTTP_FORBIDDEN);
        }

        return $next($request);
    }

Now, only dansysanalyst can access the Dashboard, but the test is written to verify if MooseS94 can do it.

So, it will make your test fail:

You can follow this playlist to see a bit more about tests:

https://www.youtube.com/watch?v=gTU-y6HlmzU&list=PLNXrjfSe7qHncCyQYOqJBTsTbYPotMaZ8&ab_channel=MichaelDyrynda

I wish you the all best,

Greetings

Dan

run php artisan init:project and you will see some majic there. Also added form requests . you can update rest of requests like this. Many more things to be added