use BookStack\Auth\Role;
use BookStack\Auth\User;
-use BookStack\Entities\Page;
+use BookStack\Entities\Models\Page;
use BookStack\Notifications\ConfirmEmail;
use BookStack\Notifications\ResetPassword;
use BookStack\Settings\SettingService;
->seePageIs('/register/confirm')
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
+ $this->visit('/')
+ ->seePageIs('/register/confirm/awaiting');
+
+ auth()->logout();
+
$this->visit('/')->seePageIs('/login')
->type($user->email, '#email')
->type($user->password, '#password')
->seePageIs('/register/confirm')
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
+ $this->visit('/')
+ ->seePageIs('/register/confirm/awaiting');
+
+ auth()->logout();
$this->visit('/')->seePageIs('/login')
->type($user->email, '#email')
->type($user->password, '#password')
public function test_user_creation()
{
$user = factory(User::class)->make();
+ $adminRole = Role::getRole('admin');
$this->asAdmin()
->visit('/settings/users')
->click('Add New User')
->type($user->name, '#name')
->type($user->email, '#email')
- ->check('roles[admin]')
+ ->check("roles[{$adminRole->id}]")
->type($user->password, '#password')
->type($user->password, '#password-confirm')
->press('Save')
->seePageUrlIs($page->getUrl());
}
+ public function test_login_intended_redirect_does_not_redirect_to_external_pages()
+ {
+ config()->set('app.url', 'http://localhost');
+ $this->setSettings(['app-public' => true]);
+
+ $this->get('/login', ['referer' => 'https://example.com']);
+ $login = $this->post('/login', ['email' => '
[email protected]', 'password' => 'password']);
+
+ $login->assertRedirectedTo('http://localhost');
+ }
+
public function test_login_authenticates_admins_on_all_guards()
{