create(); $dynamic = Dynamic::factory()->create(); $dynamic->participants()->attach($owner->id, ['role' => 'owner']); $this->actingAs($owner); // Can view form $this->get(route('dynamics.ledgers.create', $dynamic->uuid))->assertOk(); // Can store ledger $response = $this->post(route('dynamics.ledgers.store', $dynamic->uuid), [ 'name' => 'Chores Ledger', 'rules' => 'Do the tasks.', 'alignment' => 'positive', ]); $response->assertSessionHasNoErrors(); $response->assertRedirect(route('dynamics.show', $dynamic->uuid)); $this->assertDatabaseHas('ledgers', [ 'dynamic_id' => $dynamic->id, 'name' => 'Chores Ledger', 'alignment' => 'positive', ]); }); test('non-owners cannot view ledger creation form or store ledgers', function () { $owner = User::factory()->create(); $participant = User::factory()->create(); $dynamic = Dynamic::factory()->create(); $dynamic->participants()->attach($owner->id, ['role' => 'owner']); $dynamic->participants()->attach($participant->id, ['role' => 'participant']); $this->actingAs($participant); // Cannot view form $this->get(route('dynamics.ledgers.create', $dynamic->uuid))->assertStatus(403); // Cannot store ledger $response = $this->post(route('dynamics.ledgers.store', $dynamic->uuid), [ 'name' => 'Illegal Ledger', 'rules' => 'This should fail.', 'alignment' => 'positive', ]); $response->assertStatus(403); $this->assertDatabaseMissing('ledgers', [ 'name' => 'Illegal Ledger', ]); });