first commit

tests/Feature/Tasks/CountTest.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace Tests\Feature\Tasks;
+
+use App\Models\Task;
+use App\Models\User;
+use Tests\Facades\TaskFactory;
+use Tests\Facades\UserFactory;
+use Tests\TestCase;
+
+class CountTest extends TestCase
+{
+    private const URI = 'tasks/count';
+
+    private const TASKS_AMOUNT = 10;
+
+    private User $admin;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->admin = UserFactory::asAdmin()->withTokens()->create();
+
+        TaskFactory::createMany(self::TASKS_AMOUNT);
+    }
+
+    public function test_count(): void
+    {
+        $response = $this->actingAs($this->admin)->getJson(self::URI);
+
+        $response->assertOk();
+        $response->assertJson(['total' => Task::count()]);
+    }
+
+    public function test_unauthorized(): void
+    {
+        $response = $this->getJson(self::URI);
+
+        $response->assertUnauthorized();
+    }
+}

tests/Feature/Tasks/CreateTest.php

@@ -0,0 +1,235 @@
+<?php
+
+namespace Tests\Feature\Tasks;
+
+use App\Models\User;
+use Tests\Facades\ProjectFactory;
+use Tests\Facades\TaskFactory;
+use Tests\Facades\UserFactory;
+use Tests\TestCase;
+
+class CreateTest extends TestCase
+{
+    private const URI = 'tasks/create';
+
+    /** @var User $admin */
+    private User $admin;
+    /** @var User $manager */
+    private User $manager;
+    /** @var User $auditor */
+    private User $auditor;
+    /** @var User $user */
+    private User $user;
+
+    /** @var User $projectManager */
+    private User $projectManager;
+    /** @var User $projectAuditor */
+    private User $projectAuditor;
+    /** @var User $projectUser */
+    private User $projectUser;
+
+    /** @var array */
+    private $taskData;
+    /** @var array */
+    private $taskRequest;
+    /** @var array */
+    private $taskRequestWithMultipleUsers;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->admin = UserFactory::refresh()->asAdmin()->withTokens()->create();
+        $this->manager = UserFactory::refresh()->asManager()->withTokens()->create();
+        $this->auditor = UserFactory::refresh()->asAuditor()->withTokens()->create();
+        $this->user = UserFactory::refresh()->asUser()->withTokens()->create();
+
+        $this->taskData = array_merge(TaskFactory::createRandomModelData(), [
+            'project_id' => ProjectFactory::create()->id,
+        ]);
+
+        $this->taskRequest = array_merge($this->taskData, [
+            'users' => [UserFactory::create()->id],
+        ]);
+
+        $this->taskRequestWithMultipleUsers = array_merge($this->taskData, [
+            'users' => [
+                UserFactory::create()->id,
+                UserFactory::create()->id,
+                UserFactory::create()->id,
+            ],
+        ]);
+
+        $this->projectManager = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectManager->projects()->attach($this->taskData['project_id'], ['role_id' => 1]);
+
+        $this->projectAuditor = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectAuditor->projects()->attach($this->taskData['project_id'], ['role_id' => 3]);
+
+        $this->projectUser = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectUser->projects()->attach($this->taskData['project_id'], ['role_id' => 2]);
+    }
+
+    public function test_create_without_user(): void
+    {
+        $this->taskRequest['users'] = [];
+
+        $this->assertDatabaseMissing('tasks', $this->taskData);
+
+        $response = $this->actingAs($this->admin)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertSuccess();
+        $response->assertJson(['res' => $this->taskData]);
+        $this->assertDatabaseHas('tasks', $this->taskData);
+    }
+
+    public function test_create_as_admin(): void
+    {
+        $this->assertDatabaseMissing('tasks', $this->taskData);
+
+        $response = $this->actingAs($this->admin)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->taskData]);
+        $this->assertDatabaseHas('tasks', $this->taskData);
+
+        foreach ($this->taskRequest['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_create_with_multiple_users_as_admin(): void
+    {
+        $this->assertDatabaseMissing('tasks', $this->taskData);
+
+        $response = $this->actingAs($this->admin)->postJson(self::URI, $this->taskRequestWithMultipleUsers);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->taskData]);
+        $this->assertDatabaseHas('tasks', $this->taskData);
+
+        foreach ($this->taskRequestWithMultipleUsers['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_create_as_manager(): void
+    {
+        $this->assertDatabaseMissing('tasks', $this->taskData);
+
+        $response = $this->actingAs($this->manager)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->taskData]);
+        $this->assertDatabaseHas('tasks', $this->taskData);
+
+        foreach ($this->taskRequest['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_create_with_multiple_users_as_manager(): void
+    {
+        $this->assertDatabaseMissing('tasks', $this->taskData);
+
+        $response = $this->actingAs($this->manager)->postJson(self::URI, $this->taskRequestWithMultipleUsers);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->taskData]);
+        $this->assertDatabaseHas('tasks', $this->taskData);
+
+        foreach ($this->taskRequestWithMultipleUsers['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_create_as_auditor(): void
+    {
+        $response = $this->actingAs($this->auditor)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertForbidden();
+    }
+
+    public function test_create_as_user(): void
+    {
+        $response = $this->actingAs($this->user)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertForbidden();
+    }
+
+    public function test_create_as_project_manager(): void
+    {
+        $this->assertDatabaseMissing('tasks', $this->taskData);
+
+        $response = $this->actingAs($this->projectManager)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->taskData]);
+        $this->assertDatabaseHas('tasks', $this->taskData);
+
+        foreach ($this->taskRequest['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_create_with_multiple_users_as_project_manager(): void
+    {
+        $this->assertDatabaseMissing('tasks', $this->taskData);
+
+        $response = $this->actingAs($this->projectManager)->postJson(self::URI, $this->taskRequestWithMultipleUsers);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->taskData]);
+        $this->assertDatabaseHas('tasks', $this->taskData);
+
+        foreach ($this->taskRequestWithMultipleUsers['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_create_as_project_auditor(): void
+    {
+        $response = $this->actingAs($this->projectAuditor)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertForbidden();
+    }
+
+    public function test_create_as_project_user(): void
+    {
+        $response = $this->actingAs($this->projectUser)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertForbidden();
+    }
+
+    public function test_unauthorized(): void
+    {
+        $response = $this->postJson(self::URI);
+
+        $response->assertUnauthorized();
+    }
+
+    public function test_without_params(): void
+    {
+        $response = $this->actingAs($this->admin)->postJson(self::URI);
+
+        $response->assertValidationError();
+    }
+}

tests/Feature/Tasks/EditTest.php

@@ -0,0 +1,251 @@
+<?php
+
+namespace Tests\Feature\Tasks;
+
+use App\Models\Task;
+use App\Models\User;
+use Illuminate\Foundation\Testing\WithFaker;
+use Tests\Facades\TaskFactory;
+use Tests\Facades\UserFactory;
+use Tests\TestCase;
+
+class EditTest extends TestCase
+{
+    use WithFaker;
+
+    private const URI = 'tasks/edit';
+
+    /** @var User $admin */
+    private User $admin;
+    /** @var User $manager */
+    private User $manager;
+    /** @var User $auditor */
+    private User $auditor;
+    /** @var User $user */
+    private User $user;
+
+    /** @var User $projectManager */
+    private User $projectManager;
+    /** @var User $projectAuditor */
+    private User $projectAuditor;
+    /** @var User $projectUser */
+    private User $projectUser;
+
+    /** @var Task $task */
+    private Task $task;
+    /** @var array $taskRequest */
+    private array $taskRequest;
+    /** @var array */
+    private $taskRequestWithMultipleUsers;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->admin = UserFactory::refresh()->asAdmin()->withTokens()->create();
+        $this->manager = UserFactory::refresh()->asManager()->withTokens()->create();
+        $this->auditor = UserFactory::refresh()->asAuditor()->withTokens()->create();
+        $this->user = UserFactory::refresh()->asUser()->withTokens()->create();
+
+        $this->task = TaskFactory::create();
+
+        $this->taskRequest = array_merge($this->task->toArray(), [
+            'users' => [UserFactory::create()->id],
+        ]);
+
+        $this->taskRequestWithMultipleUsers = array_merge($this->task->toArray(), [
+            'users' => [
+                UserFactory::create()->id,
+                UserFactory::create()->id,
+                UserFactory::create()->id,
+            ],
+        ]);
+
+        $this->projectManager = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectManager->projects()->attach($this->task->project_id, ['role_id' => 1]);
+
+        $this->projectAuditor = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectAuditor->projects()->attach($this->task->project_id, ['role_id' => 3]);
+
+        $this->projectUser = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectUser->projects()->attach($this->task->project_id, ['role_id' => 2]);
+    }
+
+    public function test_edit_without_user(): void
+    {
+        $this->task->users = $this->taskRequest['users'] = [];
+
+        $response = $this->actingAs($this->admin)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertSuccess();
+        $response->assertJson(['res' => $this->task->toArray()]);
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id]);
+    }
+
+    public function test_edit_as_admin(): void
+    {
+        $this->task->description = $this->taskRequest['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->admin)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->task->toArray()]);
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id, 'description' => $this->taskRequest['description']]);
+
+        foreach ($this->taskRequest['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_edit_with_multiple_users_as_admin(): void
+    {
+        $this->task->description = $this->taskRequestWithMultipleUsers['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->admin)->postJson(self::URI, $this->taskRequestWithMultipleUsers);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->task->toArray()]);
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id, 'description' => $this->taskRequestWithMultipleUsers['description']]);
+
+        foreach ($this->taskRequestWithMultipleUsers['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_edit_as_manager(): void
+    {
+        $this->task->description = $this->taskRequest['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->manager)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->task->toArray()]);
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id, 'description' => $this->taskRequest['description']]);
+
+        foreach ($this->taskRequest['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_edit_with_multiple_users_as_manager(): void
+    {
+        $this->task->description = $this->taskRequestWithMultipleUsers['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->manager)->postJson(self::URI, $this->taskRequestWithMultipleUsers);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->task->toArray()]);
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id, 'description' => $this->taskRequestWithMultipleUsers['description']]);
+
+        foreach ($this->taskRequestWithMultipleUsers['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_edit_as_auditor(): void
+    {
+        $this->task->description = $this->taskRequest['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->auditor)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertForbidden();
+    }
+
+    public function test_edit_as_user(): void
+    {
+        $this->task->description = $this->taskRequest['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->user)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertForbidden();
+    }
+
+    public function test_edit_as_project_manager(): void
+    {
+        $this->task->description = $this->taskRequest['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->projectManager)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->task->toArray()]);
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id, 'description' => $this->taskRequest['description']]);
+
+        foreach ($this->taskRequest['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_edit_with_multiple_users_as_project_manager(): void
+    {
+        $this->task->description = $this->taskRequestWithMultipleUsers['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->projectManager)->postJson(self::URI, $this->taskRequestWithMultipleUsers);
+
+        $response->assertOk();
+        $response->assertJson(['res' => $this->task->toArray()]);
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id, 'description' => $this->taskRequestWithMultipleUsers['description']]);
+
+        foreach ($this->taskRequestWithMultipleUsers['users'] as $user) {
+            $this->assertDatabaseHas('tasks_users', [
+                'task_id' => $response->json()['res']['id'],
+                'user_id' => $user,
+            ]);
+        }
+    }
+
+    public function test_edit_as_project_auditor(): void
+    {
+        $this->task->description = $this->taskRequest['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->projectAuditor)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertForbidden();
+    }
+
+    public function test_edit_as_project_project_user(): void
+    {
+        $this->task->description = $this->taskRequest['description'] = $this->faker->text;
+
+        $response = $this->actingAs($this->projectUser)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertForbidden();
+    }
+
+    public function test_edit_not_existing(): void
+    {
+        $this->taskRequest['id'] = Task::withoutGlobalScopes()->count() + 20;
+
+        $response = $this->actingAs($this->admin)->postJson(self::URI, $this->taskRequest);
+
+        $response->assertValidationError();
+    }
+
+    public function test_unauthorized(): void
+    {
+        $response = $this->postJson(self::URI);
+
+        $response->assertUnauthorized();
+    }
+
+    public function test_without_params(): void
+    {
+        $response = $this->actingAs($this->admin)->postJson(self::URI);
+
+        $response->assertValidationError();
+    }
+}

tests/Feature/Tasks/ListTest.php

@@ -0,0 +1,192 @@
+<?php
+
+namespace Tests\Feature\Tasks;
+
+use App\Models\Task;
+use App\Models\User;
+use Tests\Facades\TaskFactory;
+use Tests\Facades\UserFactory;
+use Tests\TestCase;
+
+class ListTest extends TestCase
+{
+    private const URI = 'tasks/list';
+
+    private const TASKS_AMOUNT = 10;
+
+    /** @var User $admin */
+    private User $admin;
+    /** @var User $manager */
+    private User $manager;
+    /** @var User $auditor */
+    private User $auditor;
+    /** @var User $user */
+    private User $user;
+
+    /** @var User $projectManager */
+    private User $projectManager;
+    /** @var User $projectAuditor */
+    private User $projectAuditor;
+    /** @var User $projectUser */
+    private User $projectUser;
+
+    /** @var User $assignedUser */
+    private User $assignedUser;
+    /** @var Task $assignedTask */
+    private Task $assignedTask;
+
+    /** @var User $assignedProjectUser */
+    private User $assignedProjectUser;
+    /** @var Task $assignedProjectTask */
+    private Task $assignedProjectTask;
+
+    /** @var Task $task */
+    private Task $task;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->admin = UserFactory::refresh()->asAdmin()->withTokens()->create();
+        $this->manager = UserFactory::refresh()->asManager()->withTokens()->create();
+        $this->auditor = UserFactory::refresh()->asAuditor()->withTokens()->create();
+        $this->user = UserFactory::refresh()->asUser()->withTokens()->create();
+
+        $this->task = TaskFactory::create();
+
+        $this->projectManager = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectManager->projects()->attach($this->task->project_id, ['role_id' => 1]);
+
+        $this->projectAuditor = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectAuditor->projects()->attach($this->task->project_id, ['role_id' => 3]);
+
+        $this->projectUser = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectUser->projects()->attach($this->task->project_id, ['role_id' => 2]);
+
+        $this->assignedUser = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->assignedTask = TaskFactory::refresh()->forUser($this->assignedUser)->create();
+
+        $this->assignedProjectUser = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->assignedProjectTask = TaskFactory::refresh()->forUser($this->assignedProjectUser)->create();
+        $this->assignedProjectUser->projects()->attach($this->assignedProjectTask->project_id, ['role_id' => 2]);
+    }
+
+    public function test_list_as_admin(): void
+    {
+        $response = $this->actingAs($this->admin)->getJson(self::URI);
+
+        $response->assertOk();
+
+        $tasks = Task::query()
+            ->leftJoin('statuses as s', 'tasks.status_id', '=', 's.id')
+            ->select('tasks.*')
+            ->orderBy('s.active', 'desc')
+            ->orderBy('tasks.created_at', 'desc')
+            ->get();
+
+        $response->assertJson($tasks->toArray());
+    }
+
+    public function test_list_as_manager(): void
+    {
+        $response = $this->actingAs($this->manager)->getJson(self::URI);
+
+        $response->assertOk();
+
+        $tasks = Task::query()
+            ->leftJoin('statuses as s', 'tasks.status_id', '=', 's.id')
+            ->select('tasks.*')
+            ->orderBy('s.active', 'desc')
+            ->orderBy('tasks.created_at', 'desc')
+            ->get();
+
+        $response->assertJson($tasks->toArray());
+    }
+
+    public function test_list_as_auditor(): void
+    {
+        $response = $this->actingAs($this->auditor)->getJson(self::URI);
+
+        $response->assertOk();
+
+        $tasks = Task::query()
+            ->leftJoin('statuses as s', 'tasks.status_id', '=', 's.id')
+            ->select('tasks.*')
+            ->orderBy('s.active', 'desc')
+            ->orderBy('tasks.created_at', 'desc')
+            ->get();
+
+        $response->assertJson($tasks->toArray());
+    }
+
+    public function test_list_as_user(): void
+    {
+        $response = $this->actingAs($this->user)->getJson(self::URI);
+
+        $response->assertOk();
+        $response->assertExactJson([]);
+    }
+
+    public function test_list_as_assigned_user(): void
+    {
+        $response = $this->actingAs($this->assignedUser)->getJson(self::URI);
+
+        $response->assertOk();
+        $response->assertExactJson(
+            Task::query()
+                ->where('id', '=', $this->assignedTask->id)
+                ->get()->toArray()
+        );
+    }
+
+    public function test_list_as_project_manager(): void
+    {
+        $response = $this->actingAs($this->projectManager)->getJson(self::URI);
+
+        $task = Task::where('project_id', $this->task->project_id)->get()->toArray();
+
+        $response->assertOk();
+        $response->assertExactJson($task);
+    }
+
+    public function test_list_as_project_auditor(): void
+    {
+        $response = $this->actingAs($this->projectAuditor)->getJson(self::URI);
+
+        $task = Task::where('project_id', $this->task->project_id)->get()->toArray();
+
+        $response->assertOk();
+        $response->assertExactJson($task);
+    }
+
+    public function test_list_as_project_user(): void
+    {
+        $response = $this->actingAs($this->projectUser)->getJson(self::URI);
+
+        $task = Task::where('project_id', $this->task->project_id)->get()->toArray();
+
+        $response->assertOk();
+        $response->assertExactJson($task);
+    }
+
+    public function test_list_as_assigned_project_user(): void
+    {
+        $response = $this
+            ->actingAs($this->assignedProjectUser)
+            ->postJson(self::URI, $this->assignedProjectTask->only('id'));
+
+        $task = Task::where('project_id', $this->assignedProjectTask->project_id)
+            ->get()
+            ->toArray();
+
+        $response->assertOk();
+        $response->assertExactJson($task);
+    }
+
+    public function test_unauthorized(): void
+    {
+        $response = $this->getJson(self::URI);
+
+        $response->assertUnauthorized();
+    }
+}

tests/Feature/Tasks/RemoveTest.php

@@ -0,0 +1,132 @@
+<?php
+
+namespace Tests\Feature\Tasks;
+
+use App\Models\Task;
+use App\Models\User;
+use Tests\Facades\TaskFactory;
+use Tests\Facades\UserFactory;
+use Tests\TestCase;
+
+class RemoveTest extends TestCase
+{
+    private const URI = 'tasks/remove';
+
+    /** @var User $admin */
+    private User $admin;
+    /** @var User $manager */
+    private User $manager;
+    /** @var User $auditor */
+    private User $auditor;
+    /** @var User $user */
+    private User $user;
+
+    /** @var User $projectManager */
+    private User $projectManager;
+    /** @var User $projectAuditor */
+    private User $projectAuditor;
+    /** @var User $projectUser */
+    private User $projectUser;
+
+    /** @var Task $task */
+    private Task $task;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->admin = UserFactory::refresh()->asAdmin()->withTokens()->create();
+        $this->manager = UserFactory::refresh()->asManager()->withTokens()->create();
+        $this->auditor = UserFactory::refresh()->asAuditor()->withTokens()->create();
+        $this->user = UserFactory::refresh()->asUser()->withTokens()->create();
+
+        $this->task = TaskFactory::create();
+
+        $this->projectManager = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectManager->projects()->attach($this->task->project_id, ['role_id' => 1]);
+
+        $this->projectAuditor = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectAuditor->projects()->attach($this->task->project_id, ['role_id' => 3]);
+
+        $this->projectUser = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectUser->projects()->attach($this->task->project_id, ['role_id' => 2]);
+    }
+
+    public function test_remove_as_admin(): void
+    {
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id]);
+
+        $response = $this->actingAs($this->admin)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertOk();
+        $this->assertSoftDeleted('tasks', $this->task->only('id'));
+    }
+
+    public function test_remove_as_manager(): void
+    {
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id]);
+
+        $response = $this->actingAs($this->manager)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertOk();
+        $this->assertSoftDeleted('tasks', $this->task->only('id'));
+    }
+
+    public function test_remove_as_auditor(): void
+    {
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id]);
+
+        $response = $this->actingAs($this->auditor)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertForbidden();
+    }
+
+    public function test_remove_as_project_manager(): void
+    {
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id]);
+
+        $response = $this->actingAs($this->projectManager)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertOk();
+        $this->assertSoftDeleted('tasks', $this->task->only('id'));
+    }
+
+    public function test_remove_as_project_auditor(): void
+    {
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id]);
+
+        $response = $this->actingAs($this->projectAuditor)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertForbidden();
+    }
+
+    public function test_remove_as_project_user(): void
+    {
+        $this->assertDatabaseHas('tasks', ['id' => $this->task->id]);
+
+        $response = $this->actingAs($this->projectUser)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertForbidden();
+    }
+
+    public function test_remove_not_existing(): void
+    {
+        $response = $this->actingAs($this->admin)->postJson(self::URI);
+
+        $response->assertValidationError();
+    }
+
+    public function test_unauthorized(): void
+    {
+        $response = $this->postJson(self::URI);
+
+        $response->assertUnauthorized();
+    }
+
+    public function test_without_params(): void
+    {
+        $response = $this->actingAs($this->admin)->postJson(self::URI);
+
+        $response->assertValidationError();
+    }
+}

tests/Feature/Tasks/ShowTest.php

@@ -0,0 +1,160 @@
+<?php
+
+namespace Tests\Feature\Tasks;
+
+use App\Models\Task;
+use App\Models\User;
+use Tests\Facades\TaskFactory;
+use Tests\Facades\UserFactory;
+use Tests\TestCase;
+
+class ShowTest extends TestCase
+{
+    private const URI = 'tasks/show';
+
+    /** @var User $admin */
+    private User $admin;
+    /** @var User $manager */
+    private User $manager;
+    /** @var User $auditor */
+    private User $auditor;
+    /** @var User $user */
+    private User $user;
+
+    /** @var User $projectManager */
+    private User $projectManager;
+    /** @var User $projectAuditor */
+    private User $projectAuditor;
+    /** @var User $projectUser */
+    private User $projectUser;
+
+    /** @var User $assignedUser */
+    private User $assignedUser;
+    /** @var Task $assignedTask */
+    private Task $assignedTask;
+
+    /** @var User $assignedProjectUser */
+    private User $assignedProjectUser;
+    /** @var Task $assignedProjectTask */
+    private Task $assignedProjectTask;
+
+    /** @var Task $task */
+    private Task $task;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->admin = UserFactory::refresh()->asAdmin()->withTokens()->create();
+        $this->manager = UserFactory::refresh()->asManager()->withTokens()->create();
+        $this->auditor = UserFactory::refresh()->asAuditor()->withTokens()->create();
+        $this->user = UserFactory::refresh()->asUser()->withTokens()->create();
+
+        $this->task = TaskFactory::create();
+
+        $this->projectManager = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectManager->projects()->attach($this->task->project_id, ['role_id' => 1]);
+
+        $this->projectAuditor = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectAuditor->projects()->attach($this->task->project_id, ['role_id' => 3]);
+
+        $this->projectUser = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->projectUser->projects()->attach($this->task->project_id, ['role_id' => 2]);
+
+        $this->assignedUser = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->assignedTask = TaskFactory::refresh()->forUser($this->assignedUser)->create();
+
+        $this->assignedProjectUser = UserFactory::refresh()->asUser()->withTokens()->create();
+        $this->assignedProjectTask = TaskFactory::refresh()->forUser($this->assignedProjectUser)->create();
+        $this->assignedProjectUser->projects()->attach($this->assignedProjectTask->project_id, ['role_id' => 2]);
+    }
+
+    public function test_show_as_admin(): void
+    {
+        $response = $this->actingAs($this->admin)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertOk();
+        $response->assertJson($this->task->toArray());
+    }
+
+    public function test_show_as_manager(): void
+    {
+        $response = $this->actingAs($this->manager)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertOk();
+        $response->assertJson($this->task->toArray());
+    }
+
+    public function test_show_as_auditor(): void
+    {
+        $response = $this->actingAs($this->auditor)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertOk();
+        $response->assertJson($this->task->toArray());
+    }
+
+    public function test_show_as_user(): void
+    {
+        $response = $this->actingAs($this->user)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertForbidden();
+    }
+
+    public function test_show_as_assigned_user(): void
+    {
+        $response = $this
+            ->actingAs($this->assignedUser)
+            ->postJson(self::URI, $this->assignedTask->only('id'));
+
+        $response->assertOk();
+        $response->assertJson($this->assignedTask->toArray());
+    }
+
+    public function test_show_as_project_manager(): void
+    {
+        $response = $this->actingAs($this->projectManager)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertOk();
+        $response->assertJson($this->task->toArray());
+    }
+
+    public function test_show_as_project_auditor(): void
+    {
+        $response = $this->actingAs($this->projectAuditor)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertOk();
+        $response->assertJson($this->task->toArray());
+    }
+
+    public function test_show_as_project_user(): void
+    {
+        $response = $this->actingAs($this->projectUser)->postJson(self::URI, $this->task->only('id'));
+
+        $response->assertOk();
+        $response->assertJson($this->task->toArray());
+    }
+
+    public function test_show_as_assigned_project_user(): void
+    {
+        $response = $this
+            ->actingAs($this->assignedProjectUser)
+            ->postJson(self::URI, $this->assignedProjectTask->only('id'));
+
+        $response->assertOk();
+        $response->assertJson($this->assignedProjectTask->toArray());
+    }
+
+    public function test_unauthorized(): void
+    {
+        $response = $this->postJson(self::URI);
+
+        $response->assertUnauthorized();
+    }
+
+    public function test_without_params(): void
+    {
+        $response = $this->actingAs($this->admin)->postJson(self::URI);
+
+        $response->assertValidationError();
+    }
+}