setAuthToken(AuthKeysFixture::ADMIN_API_KEY); $faker = \Faker\Factory::create(); $uuid = $faker->uuid; $this->post( self::ENDPOINT, [ 'uuid' => $uuid, 'authkey' => $faker->sha1, 'expiration' => 0, 'user_id' => UsersFixture::USER_ADMIN_ID, 'comment' => $faker->text ] ); $this->assertResponseOk(); $this->assertResponseContains(sprintf('"uuid": "%s"', $uuid)); $this->assertDbRecordExists('AuthKeys', ['uuid' => $uuid]); } public function testAddAdminAuthKeyNotAllowedAsRegularUser(): void { $this->setAuthToken(AuthKeysFixture::REGULAR_USER_API_KEY); $faker = \Faker\Factory::create(); $uuid = $faker->uuid; $this->post( self::ENDPOINT, [ 'uuid' => $uuid, 'authkey' => $faker->sha1, 'expiration' => 0, 'user_id' => UsersFixture::USER_ADMIN_ID, 'comment' => $faker->text ] ); $this->assertResponseCode(404); $this->addWarning('Should return 405 Method Not Allowed instead of 404 Not Found'); $this->assertDbRecordNotExists('AuthKeys', ['uuid' => $uuid]); } }