From c27a5954089431f77087c4922f25cdff5dbbe69b Mon Sep 17 00:00:00 2001
From: Henrik Hautakoski <henrik.hautakoski@gmail.com>
Date: Sun, 4 Jul 2021 18:21:30 +0200
Subject: [PATCH] User edit: add username to the form.

---
 app/Http/Controllers/UserController.php |  3 +-
 app/Http/Requests/UserRequest.php       | 18 ++++++++--
 resources/views/user/edit.blade.php     | 12 ++++++-
 tests/Feature/UserTest.php              | 45 ++++++++++++++++++++++++-
 4 files changed, 73 insertions(+), 5 deletions(-)

diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
index 7167dc5..4a0a867 100644
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -28,10 +28,11 @@ class UserController extends Controller
         $data = $request->validated();
 
         $user = $request->user();
+        $user->username = $data['username'];
         $user->password = Hash::make($data['password']);
         $user->save();
 
         return redirect()->route('user.index')
-            ->with('success', 'Password was updated');
+            ->with('success', 'Your account was updated!');
     }
 }
diff --git a/app/Http/Requests/UserRequest.php b/app/Http/Requests/UserRequest.php
index 06170d6..92de65b 100644
--- a/app/Http/Requests/UserRequest.php
+++ b/app/Http/Requests/UserRequest.php
@@ -3,6 +3,7 @@
 namespace App\Http\Requests;
 
 use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Validation\Rule;
 
 class UserRequest extends FormRequest
 {
@@ -16,6 +17,18 @@ class UserRequest extends FormRequest
         return auth()->user() !== null;
     }
 
+    /**
+     * Get the error messages for the defined validation rules.
+     *
+     * @return array
+     */
+    public function messages()
+    {
+        return [
+            'current_password.required_with' => __('validation.password'),
+        ];
+    }
+
     /**
      * Get the validation rules that apply to the request.
      *
@@ -24,8 +37,9 @@ class UserRequest extends FormRequest
     public function rules()
     {
         return [
-            'current_password' => 'required|current_password',
-            'password' => 'required|min:8|confirmed',
+            'username' => [ 'required', 'min:4', Rule::unique('users')->ignore(auth()->user()) ],
+            'current_password' => 'nullable|required_with:password|current_password',
+            'password' => 'nullable|min:8|confirmed',
         ];
     }
 }
diff --git a/resources/views/user/edit.blade.php b/resources/views/user/edit.blade.php
index d2d68fb..d6eca68 100644
--- a/resources/views/user/edit.blade.php
+++ b/resources/views/user/edit.blade.php
@@ -9,6 +9,16 @@
 <div class="mx-auto max-w-sm p-4">
 
     <x-form action="{{ route('user.update') }}">
+
+        <div class="mb-2">
+            <x-form.label for="username">{{ __('Username') }}</x-form.label>
+            <x-input name="username" :value="$user->username" />
+        </div>
+
+        <x-section-heading>
+            <h2 class="text-2xl">Password</h2>
+        </x-section-heading>
+
         <div class="mb-2">
             <x-form.label for="current_password">{{ __('Current Password') }}</x-form.label>
             <x-input-password name="current_password" />
@@ -20,7 +30,7 @@
         </div>
 
         <div class="mb-2">
-            <x-form.label for="password_confirmation">{{ __('Confirm Password') }}</x-form.label>
+            <x-form.label for="password_confirmation">{{ __('Confirm New Password') }}</x-form.label>
             <x-input-password name="password_confirmation" />
         </div>
 
diff --git a/tests/Feature/UserTest.php b/tests/Feature/UserTest.php
index cb466e1..08770fc 100644
--- a/tests/Feature/UserTest.php
+++ b/tests/Feature/UserTest.php
@@ -2,6 +2,7 @@
 
 namespace Tests\Feature;
 
+use Illuminate\Support\Facades\Hash;
 use Illuminate\Foundation\Testing\RefreshDatabase;
 use Illuminate\Foundation\Testing\WithFaker;
 use Tests\TestCase;
@@ -28,18 +29,60 @@ class UserTest extends TestCase
         $response->assertRedirect(route('auth.login'));
     }
 
-    public function test_user_can_update()
+    public function test_user_can_update_username()
     {
         $user = User::factory()->create();
 
         $response = $this->actingAs($user)
             ->post(route('user.update'), [
+                'username' => 'AnotherUsername',
+                'current_password' => null,
+                'password' => null,
+                'password_confirmation' => null
+            ]);
+
+        $response->assertRedirect(route('user.index'));
+
+        $this->assertDatabaseHas('users', [
+            'id' => $user->id,
+            'username' => 'AnotherUsername',
+            'password' => $user->password
+        ]);
+    }
+
+    public function test_user_can_update_password()
+    {
+        $fakeHash = '$2y$04$wiUTB.6ldFQ3TmxdSyizEubuKubDA45L/Bv0zlZ1.uoMcnm.ftIaK';
+
+        $user = User::factory()->create();
+
+        // Mock Hash::make() to return a fake password hash.
+        Hash::shouldReceive('make')
+            ->once()
+            ->with('newpassword')
+            ->andReturn($fakeHash);
+
+        // Also have to mock Hash::check() as i can not get
+        // partial mocks to work for facades.
+        Hash::shouldReceive('check')
+            ->with('password', $user->password)
+            ->andReturn(true);
+
+        $response = $this->actingAs($user)
+            ->post(route('user.update'), [
+                'username' => $user->username,
                 'current_password' => 'password',
                 'password' => 'newpassword',
                 'password_confirmation' => 'newpassword'
             ]);
 
         $response->assertRedirect(route('user.index'));
+
+        $this->assertDatabaseHas('users', [
+            'id' => $user->id,
+            'username' => $user->username,
+            'password' => $fakeHash
+        ]);
     }
 
     public function test_guest_can_not_update()