use BookStack\Auth\Permissions\PermissionService;
use BookStack\Auth\Permissions\PermissionsRepo;
+use BookStack\Auth\Permissions\RolePermission;
use BookStack\Auth\Role;
use BookStack\Auth\User;
use BookStack\Entities\Models\Book;
use BookStack\Entities\Repos\PageRepo;
use BookStack\Settings\SettingService;
use BookStack\Uploads\HttpFetcher;
-use Illuminate\Foundation\Testing\Assert as PHPUnit;
+use GuzzleHttp\Client;
+use GuzzleHttp\Handler\MockHandler;
+use GuzzleHttp\HandlerStack;
+use GuzzleHttp\Middleware;
+use Illuminate\Http\JsonResponse;
use Illuminate\Support\Env;
use Illuminate\Support\Facades\Log;
+use Illuminate\Testing\Assert as PHPUnit;
use Mockery;
use Monolog\Handler\TestHandler;
use Monolog\Logger;
+use Psr\Http\Client\ClientInterface;
trait SharedTestHelpers
{
/**
* Get a user that's not a system user such as the guest user.
*/
- public function getNormalUser()
+ public function getNormalUser(): User
{
return User::query()->where('system_name', '=', null)->get()->last();
}
/**
* Create and return a new test chapter.
*/
- public function newChapter(array $input = ['name' => 'test chapter', 'description' => 'My new test chapter'], Book $book): Chapter
+ public function newChapter(array $input, Book $book): Chapter
{
return app(ChapterRepo::class)->create($input, $book);
}
$user->clearPermissionCache();
}
+ /**
+ * Completely remove the given permission name from the given user.
+ */
+ protected function removePermissionFromUser(User $user, string $permission)
+ {
+ $permission = RolePermission::query()->where('name', '=', $permission)->first();
+ /** @var Role $role */
+ foreach ($user->roles as $role) {
+ $role->detachPermission($permission);
+ }
+ $user->clearPermissionCache();
+ }
+
/**
* Create a new basic role for testing purposes.
*/
protected function createNewRole(array $permissions = []): Role
{
$permissionRepo = app(PermissionsRepo::class);
- $roleData = factory(Role::class)->make()->toArray();
+ $roleData = Role::factory()->make()->toArray();
$roleData['permissions'] = array_flip($permissions);
return $permissionRepo->saveNewRole($roleData);
}
+ /**
+ * Create a group of entities that belong to a specific user.
+ *
+ * @return array{book: Book, chapter: Chapter, page: Page}
+ */
+ protected function createEntityChainBelongingToUser(User $creatorUser, ?User $updaterUser = null): array
+ {
+ if (empty($updaterUser)) {
+ $updaterUser = $creatorUser;
+ }
+
+ $userAttrs = ['created_by' => $creatorUser->id, 'owned_by' => $creatorUser->id, 'updated_by' => $updaterUser->id];
+ $book = Book::factory()->create($userAttrs);
+ $chapter = Chapter::factory()->create(array_merge(['book_id' => $book->id], $userAttrs));
+ $page = Page::factory()->create(array_merge(['book_id' => $book->id, 'chapter_id' => $chapter->id], $userAttrs));
+ $restrictionService = $this->app[PermissionService::class];
+ $restrictionService->buildJointPermissionsForEntity($book);
+
+ return compact('book', 'chapter', 'page');
+ }
+
/**
* Mock the HttpFetcher service and return the given data on fetch.
*/
->andReturn($returnData);
}
+ /**
+ * Mock the http client used in BookStack.
+ * Returns a reference to the container which holds all history of http transactions.
+ *
+ * @link https://docs.guzzlephp.org/en/stable/testing.html#history-middleware
+ */
+ protected function &mockHttpClient(array $responses = []): array
+ {
+ $container = [];
+ $history = Middleware::history($container);
+ $mock = new MockHandler($responses);
+ $handlerStack = new HandlerStack($mock);
+ $handlerStack->push($history);
+ $this->app[ClientInterface::class] = new Client(['handler' => $handlerStack]);
+
+ return $container;
+ }
+
/**
* Run a set test with the given env variable.
* Remembers the original and resets the value after test.
private function isPermissionError($response): bool
{
return $response->status() === 302
- && $response->headers->get('Location') === url('/')
- && strpos(session()->pull('error', ''), 'You do not have permission to access') === 0;
+ && (
+ (
+ $response->headers->get('Location') === url('/')
+ && strpos(session()->pull('error', ''), 'You do not have permission to access') === 0
+ )
+ ||
+ (
+ $response instanceof JsonResponse &&
+ $response->json(['error' => 'You do not have permission to perform the requested action.'])
+ )
+ );
+ }
+
+ /**
+ * Assert that the session has a particular error notification message set.
+ */
+ protected function assertSessionError(string $message)
+ {
+ $error = session()->get('error');
+ PHPUnit::assertTrue($error === $message, "Failed asserting the session contains an error. \nFound: {$error}\nExpecting: {$message}");
}
/**
projects / bookstack / blobdiff