<?php namespace Tests;
-use BookStack\Book;
-use BookStack\Chapter;
-use BookStack\Page;
-use BookStack\Repos\EntityRepo;
+use BookStack\Entities\Book;
+use BookStack\Entities\Chapter;
+use BookStack\Entities\Page;
+use BookStack\Entities\Repos\PageRepo;
class SortTest extends TestCase
{
protected $book;
- public function setUp()
+ public function setUp(): void
{
parent::setUp();
$this->book = Book::first();
public function test_drafts_do_not_show_up()
{
$this->asAdmin();
- $entityRepo = app(EntityRepo::class);
- $draft = $entityRepo->getDraftPage($this->book);
+ $pageRepo = app(PageRepo::class);
+ $draft = $pageRepo->getNewDraftPage($this->book);
$resp = $this->get($this->book->getUrl());
$resp->assertSee($draft->name);
$newBook = Book::where('id', '!=', $currentBook->id)->first();
$editor = $this->getEditor();
- $this->setEntityRestrictions($newBook, ['view', 'edit', 'delete'], $editor->roles);
+ $this->setEntityRestrictions($newBook, ['view', 'update', 'delete'], $editor->roles);
$movePageResp = $this->actingAs($editor)->put($page->getUrl('/move'), [
'entity_selection' => 'book:' . $newBook->id
]);
$this->assertPermissionError($movePageResp);
- $this->setEntityRestrictions($newBook, ['view', 'edit', 'delete', 'create'], $editor->roles);
+ $this->setEntityRestrictions($newBook, ['view', 'update', 'delete', 'create'], $editor->roles);
$movePageResp = $this->put($page->getUrl('/move'), [
'entity_selection' => 'book:' . $newBook->id
]);
$this->assertTrue($page->book->id == $newBook->id, 'Page book is now the new book');
}
+ public function test_page_move_requires_delete_permissions()
+ {
+ $page = Page::first();
+ $currentBook = $page->book;
+ $newBook = Book::where('id', '!=', $currentBook->id)->first();
+ $editor = $this->getEditor();
+
+ $this->setEntityRestrictions($newBook, ['view', 'update', 'create', 'delete'], $editor->roles);
+ $this->setEntityRestrictions($page, ['view', 'update', 'create'], $editor->roles);
+
+ $movePageResp = $this->actingAs($editor)->put($page->getUrl('/move'), [
+ 'entity_selection' => 'book:' . $newBook->id
+ ]);
+ $this->assertPermissionError($movePageResp);
+ $pageView = $this->get($page->getUrl());
+ $pageView->assertDontSee($page->getUrl('/move'));
+
+ $this->setEntityRestrictions($page, ['view', 'update', 'create', 'delete'], $editor->roles);
+ $movePageResp = $this->put($page->getUrl('/move'), [
+ 'entity_selection' => 'book:' . $newBook->id
+ ]);
+
+ $page = Page::find($page->id);
+ $movePageResp->assertRedirect($page->getUrl());
+ $this->assertTrue($page->book->id == $newBook->id, 'Page book is now the new book');
+ }
+
public function test_chapter_move()
{
$chapter = Chapter::first();
$pageCheckResp->assertSee($newBook->name);
}
+ public function test_chapter_move_requires_delete_permissions()
+ {
+ $chapter = Chapter::first();
+ $currentBook = $chapter->book;
+ $newBook = Book::where('id', '!=', $currentBook->id)->first();
+ $editor = $this->getEditor();
+
+ $this->setEntityRestrictions($newBook, ['view', 'update', 'create', 'delete'], $editor->roles);
+ $this->setEntityRestrictions($chapter, ['view', 'update', 'create'], $editor->roles);
+
+ $moveChapterResp = $this->actingAs($editor)->put($chapter->getUrl('/move'), [
+ 'entity_selection' => 'book:' . $newBook->id
+ ]);
+ $this->assertPermissionError($moveChapterResp);
+ $pageView = $this->get($chapter->getUrl());
+ $pageView->assertDontSee($chapter->getUrl('/move'));
+
+ $this->setEntityRestrictions($chapter, ['view', 'update', 'create', 'delete'], $editor->roles);
+ $moveChapterResp = $this->put($chapter->getUrl('/move'), [
+ 'entity_selection' => 'book:' . $newBook->id
+ ]);
+
+ $chapter = Chapter::find($chapter->id);
+ $moveChapterResp->assertRedirect($chapter->getUrl());
+ $this->assertTrue($chapter->book->id == $newBook->id, 'Page book is now the new book');
+ }
+
public function test_book_sort()
{
$oldBook = Book::query()->first();
'entity_selection' => 'book:' . $newBook->id,
'name' => 'My copied test page'
]);
-
$pageCopy = Page::where('name', '=', 'My copied test page')->first();
$movePageResp->assertRedirect($pageCopy->getUrl());
$this->assertTrue($pageCopy->id !== $page->id, 'Page copy is not the same instance');
}
+ public function test_page_can_be_copied_without_edit_permission()
+ {
+ $page = Page::first();
+ $currentBook = $page->book;
+ $newBook = Book::where('id', '!=', $currentBook->id)->first();
+ $viewer = $this->getViewer();
+
+ $resp = $this->actingAs($viewer)->get($page->getUrl());
+ $resp->assertDontSee($page->getUrl('/copy'));
+
+ $newBook->created_by = $viewer->id;
+ $newBook->save();
+ $this->giveUserPermissions($viewer, ['page-create-own']);
+ $this->regenEntityPermissions($newBook);
+
+ $resp = $this->actingAs($viewer)->get($page->getUrl());
+ $resp->assertSee($page->getUrl('/copy'));
+
+ $movePageResp = $this->post($page->getUrl('/copy'), [
+ 'entity_selection' => 'book:' . $newBook->id,
+ 'name' => 'My copied test page'
+ ]);
+ $movePageResp->assertRedirect();
+
+ $this->assertDatabaseHas('pages', [
+ 'name' => 'My copied test page',
+ 'created_by' => $viewer->id,
+ 'book_id' => $newBook->id,
+ ]);
+ }
+
}
\ No newline at end of file
projects / bookstack / blobdiff