From 7c12e2c464cd655ead487a127dd0fb7b724e668d Mon Sep 17 00:00:00 2001
From: Alexander Skvortsov <sasha.skvortsov109@gmail.com>
Date: Tue, 16 Nov 2021 16:48:09 -0500
Subject: [PATCH] Add integration tests for settings API endpoint

---
 src/Settings/SettingsValidator.php         |  9 +--
 tests/integration/api/settings/SetTest.php | 86 ++++++++++++++++++++++
 2 files changed, 87 insertions(+), 8 deletions(-)
 create mode 100644 tests/integration/api/settings/SetTest.php

diff --git a/src/Settings/SettingsValidator.php b/src/Settings/SettingsValidator.php
index cf73aa5be..f967cf40f 100644
--- a/src/Settings/SettingsValidator.php
+++ b/src/Settings/SettingsValidator.php
@@ -13,11 +13,6 @@ use Flarum\Foundation\AbstractValidator;
 
 class SettingsValidator extends AbstractValidator
 {
-    /**
-     * @var array
-     */
-    protected $rules = [];
-
     /**
      * These rules apply to all attributes.
      *
@@ -45,9 +40,7 @@ class SettingsValidator extends AbstractValidator
 
         // Apply attribute specific rules.
         foreach ($rules as $key => $value) {
-            if (array_key_exists($key, $this->rules)) {
-                $rules[$key] = array_merge($rules[$key], $this->rules[$key]);
-            }
+            $rules[$key] = array_merge($rules[$key], $this->rules[$key] ?? []);
         }
 
         $validator = $this->validator->make($attributes, $rules, $this->getMessages());
diff --git a/tests/integration/api/settings/SetTest.php b/tests/integration/api/settings/SetTest.php
new file mode 100644
index 000000000..3ecbfbeb0
--- /dev/null
+++ b/tests/integration/api/settings/SetTest.php
@@ -0,0 +1,86 @@
+<?php
+
+/*
+ * This file is part of Flarum.
+ *
+ * For detailed copyright and license information, please view the
+ * LICENSE file that was distributed with this source code.
+ */
+
+namespace Flarum\Tests\integration\api\settings;
+
+use Flarum\Testing\integration\RetrievesAuthorizedUsers;
+use Flarum\Testing\integration\TestCase;
+
+class SetTest extends TestCase
+{
+    use RetrievesAuthorizedUsers;
+    /**
+     * @inheritDoc
+     */
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->prepareDatabase([
+            'users' => [
+                $this->normalUser(),
+            ],
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function settings_cant_be_updated_by_user()
+    {
+        $response = $this->send(
+            $this->request('POST', '/api/settings', [
+                'authenticatedAs' => 2,
+                'json' => [
+                    'hello' => 'world',
+                ],
+            ])
+        );
+
+        // Test for successful response and that the email is included in the response
+        $this->assertEquals(200, $response->getStatusCode());
+    }
+
+    /**
+     * @test
+     */
+    public function settings_can_be_updated_by_admin()
+    {
+        $response = $this->send(
+            $this->request('POST', '/api/settings', [
+                'authenticatedAs' => 1,
+                'json' => [
+                    'hello' => 'world',
+                ],
+            ])
+        );
+
+        // Test for successful response and that the email is included in the response
+        $this->assertEquals(200, $response->getStatusCode());
+    }
+
+
+    /**
+     * @test
+     */
+    public function max_setting_length_validated()
+    {
+        $response = $this->send(
+            $this->request('POST', '/api/settings', [
+                'authenticatedAs' => 1,
+                'json' => [
+                    'hello' => str_repeat('a', 66000),
+                ],
+            ])
+        );
+
+        // Test for successful response and that the email is included in the response
+        $this->assertEquals(422, $response->getStatusCode());
+    }
+}