Prevent article deletion for sponsored articles

Author: driesvints

app/Policies/ArticlePolicy.php

@@ -28,7 +28,7 @@ public function update(User $user, Article $article): bool
 
     public function delete(User $user, Article $article): bool
     {
-        return $article->isAuthoredBy($user) || $user->isModerator() || $user->isAdmin();
+        return ($article->isAuthoredBy($user) &&  ! $article->isSponsored()) || $user->isModerator() || $user->isAdmin();
     }
 
     public function approve(User $user, Article $article): bool

tests/Feature/ArticleTest.php

@@ -345,6 +345,7 @@
     Article::factory()->create([
         'author_id' => $user->id(),
         'slug' => 'my-first-article',
+        'is_sponsored' => false,
     ]);
 
     $this->loginAs($user);
@@ -363,6 +364,20 @@
         ->assertForbidden();
 });
 
+test('users cannot delete an article that is sponsored', function () {
+    $user = $this->createUser();
+    Article::factory()->create([
+        'author_id' => $user->id(),
+        'slug' => 'my-first-article',
+        'is_sponsored' => true,
+    ]);
+
+    $this->loginAs($user);
+
+    $this->delete('/articles/my-first-article')
+        ->assertForbidden();
+});
+
 test('canonical urls are rendered', function () {
     Article::factory()->create(['slug' => 'my-first-article', 'submitted_at' => now(), 'approved_at' => now()]);
 
@@ -560,4 +575,4 @@
     $this->get("/articles/{$article->slug()}")
         ->assertSee('My First Article')
         ->assertSee('10 views');
-});
+});

tests/Integration/Jobs/DeleteArticleTest.php

@@ -14,4 +14,4 @@
     $this->dispatch(new DeleteArticle($article));
 
     $this->assertDatabaseMissing('articles', ['id' => $article->id()]);
-});
+});