BookStack Code Mirror - bookstack/blobdiff - tests/Permissions/RestrictionsTest.php

-<?php

+<?php namespace Tests;

-class RestrictionsTest extends TestCase

+class RestrictionsTest extends BrowserKitTest

{

protected $user;

{

protected $user;

+ protected $viewer;

+ protected $restrictionService;

public function setUp()

{

parent::setUp();

public function setUp()

{

parent::setUp();

- $this->user = $this->getNewUser();

+ $this->user = $this->getEditor();

+ $this->viewer = $this->getViewer();

+ $this->restrictionService = $this->app[\BookStack\Services\PermissionService::class];

+ }

+

+ protected function getViewer()

+ {

+ $role = \BookStack\Role::getRole('viewer');

+ $viewer = $this->getNewBlankUser();

+ $viewer->attachRole($role);;

+ return $viewer;

}

/**

}

/**

- * Manually set some restrictions on an entity.

+ * Manually set some permissions on an entity.

* @param \BookStack\Entity $entity

* @param $actions

*/

protected function setEntityRestrictions(\BookStack\Entity $entity, $actions)

{

$entity->restricted = true;

* @param \BookStack\Entity $entity

* @param $actions

*/

protected function setEntityRestrictions(\BookStack\Entity $entity, $actions)

{

$entity->restricted = true;

- $entity->restrictions()->delete();

+ $entity->permissions()->delete();

$role = $this->user->roles->first();

+ $viewerRole = $this->viewer->roles->first();

foreach ($actions as $action) {

- $entity->restrictions()->create([

+ $entity->permissions()->create([

'role_id' => $role->id,

'action' => strtolower($action)

]);

'role_id' => $role->id,

'action' => strtolower($action)

]);

+ $entity->permissions()->create([

+ 'role_id' => $viewerRole->id,

+ 'action' => strtolower($action)

+ ]);

}

$entity->save();

}

$entity->save();

- $entity->load('restrictions');

+ $entity->load('permissions');

+ $this->restrictionService->buildJointPermissionsForEntity($entity);

+ $entity->load('jointPermissions');

}

public function test_book_view_restriction()

}

public function test_book_view_restriction()

$this->forceVisit($bookUrl)

->see('Book not found');

$this->forceVisit($bookPage->getUrl())

$this->forceVisit($bookUrl)

->see('Book not found');

$this->forceVisit($bookPage->getUrl())

- ->see('Book not found');

+ ->see('Page not found');

$this->forceVisit($bookChapter->getUrl())

- ->see('Book not found');

+ ->see('Chapter not found');

$this->setEntityRestrictions($book, ['view']);

$book = \BookStack\Book::first();

$bookUrl = $book->getUrl();

$book = \BookStack\Book::first();

$bookUrl = $book->getUrl();

+ $this->actingAs($this->viewer)

+ ->visit($bookUrl)

+ ->dontSeeInElement('.action-buttons', 'New Page')

+ ->dontSeeInElement('.action-buttons', 'New Chapter');

$this->actingAs($this->user)

->visit($bookUrl)

->seeInElement('.action-buttons', 'New Page')

$this->actingAs($this->user)

->visit($bookUrl)

->seeInElement('.action-buttons', 'New Page')

->type('test content', 'html')

->press('Save Page')

->seePageIs($chapter->book->getUrl() . '/page/test-page');

->type('test content', 'html')

->press('Save Page')

->seePageIs($chapter->book->getUrl() . '/page/test-page');

+

$this->visit($chapterUrl)->seeInElement('.action-buttons', 'New Page');

}

$this->visit($chapterUrl)->seeInElement('.action-buttons', 'New Page');

}

public function test_book_restriction_form()

{

$book = \BookStack\Book::first();

public function test_book_restriction_form()

{

$book = \BookStack\Book::first();

- $this->asAdmin()->visit($book->getUrl() . '/restrict')

- ->see('Book Restrictions')

+ $this->asAdmin()->visit($book->getUrl() . '/permissions')

+ ->see('Book Permissions')

->check('restricted')

->check('restrictions[2][view]')

->check('restricted')

->check('restrictions[2][view]')

- ->press('Save Restrictions')

+ ->press('Save Permissions')

->seeInDatabase('books', ['id' => $book->id, 'restricted' => true])

- ->seeInDatabase('restrictions', [

+ ->seeInDatabase('entity_permissions', [

'restrictable_id' => $book->id,

'restrictable_type' => 'BookStack\Book',

'role_id' => '2',

'restrictable_id' => $book->id,

'restrictable_type' => 'BookStack\Book',

'role_id' => '2',

public function test_chapter_restriction_form()

{

$chapter = \BookStack\Chapter::first();

public function test_chapter_restriction_form()

{

$chapter = \BookStack\Chapter::first();

- $this->asAdmin()->visit($chapter->getUrl() . '/restrict')

- ->see('Chapter Restrictions')

+ $this->asAdmin()->visit($chapter->getUrl() . '/permissions')

+ ->see('Chapter Permissions')

->check('restricted')

->check('restrictions[2][update]')

->check('restricted')

->check('restrictions[2][update]')

- ->press('Save Restrictions')

+ ->press('Save Permissions')

->seeInDatabase('chapters', ['id' => $chapter->id, 'restricted' => true])

- ->seeInDatabase('restrictions', [

+ ->seeInDatabase('entity_permissions', [

'restrictable_id' => $chapter->id,

'restrictable_type' => 'BookStack\Chapter',

'role_id' => '2',

'restrictable_id' => $chapter->id,

'restrictable_type' => 'BookStack\Chapter',

'role_id' => '2',

public function test_page_restriction_form()

{

$page = \BookStack\Page::first();

public function test_page_restriction_form()

{

$page = \BookStack\Page::first();

- $this->asAdmin()->visit($page->getUrl() . '/restrict')

- ->see('Page Restrictions')

+ $this->asAdmin()->visit($page->getUrl() . '/permissions')

+ ->see('Page Permissions')

->check('restricted')

->check('restrictions[2][delete]')

->check('restricted')

->check('restrictions[2][delete]')

- ->press('Save Restrictions')

+ ->press('Save Permissions')

->seeInDatabase('pages', ['id' => $page->id, 'restricted' => true])

- ->seeInDatabase('restrictions', [

+ ->seeInDatabase('entity_permissions', [

'restrictable_id' => $page->id,

'restrictable_type' => 'BookStack\Page',

'role_id' => '2',

'restrictable_id' => $page->id,

'restrictable_type' => 'BookStack\Page',

'role_id' => '2',

->dontSee($page->name);

}

->dontSee($page->name);

}

+ public function test_book_create_restriction_override()

+ {

+ $book = \BookStack\Book::first();

+

+ $bookUrl = $book->getUrl();

+ $this->actingAs($this->viewer)

+ ->visit($bookUrl)

+ ->dontSeeInElement('.action-buttons', 'New Page')

+ ->dontSeeInElement('.action-buttons', 'New Chapter');

+

+ $this->setEntityRestrictions($book, ['view', 'delete', 'update']);

+

+ $this->forceVisit($bookUrl . '/chapter/create')

+ ->see('You do not have permission')->seePageIs('/');

+ $this->forceVisit($bookUrl . '/page/create')

+ ->see('You do not have permission')->seePageIs('/');

+ $this->visit($bookUrl)->dontSeeInElement('.action-buttons', 'New Page')

+ ->dontSeeInElement('.action-buttons', 'New Chapter');

+

+ $this->setEntityRestrictions($book, ['view', 'create']);

+

+ $this->visit($bookUrl . '/chapter/create')

+ ->type('test chapter', 'name')

+ ->type('test description for chapter', 'description')

+ ->press('Save Chapter')

+ ->seePageIs($bookUrl . '/chapter/test-chapter');

+ $this->visit($bookUrl . '/page/create')

+ ->type('test page', 'name')

+ ->type('test content', 'html')

+ ->press('Save Page')

+ ->seePageIs($bookUrl . '/page/test-page');

+ $this->visit($bookUrl)->seeInElement('.action-buttons', 'New Page')

+ ->seeInElement('.action-buttons', 'New Chapter');

+ }

+

+ public function test_book_update_restriction_override()

+ {

+ $book = \BookStack\Book::first();

+ $bookPage = $book->pages->first();

+ $bookChapter = $book->chapters->first();

+

+ $bookUrl = $book->getUrl();

+ $this->actingAs($this->viewer)

+ ->visit($bookUrl . '/edit')

+ ->dontSee('Edit Book');

+

+ $this->setEntityRestrictions($book, ['view', 'delete']);

+

+ $this->forceVisit($bookUrl . '/edit')

+ ->see('You do not have permission')->seePageIs('/');

+ $this->forceVisit($bookPage->getUrl() . '/edit')

+ ->see('You do not have permission')->seePageIs('/');

+ $this->forceVisit($bookChapter->getUrl() . '/edit')

+ ->see('You do not have permission')->seePageIs('/');

+

+ $this->setEntityRestrictions($book, ['view', 'update']);

+

+ $this->visit($bookUrl . '/edit')

+ ->seePageIs($bookUrl . '/edit');

+ $this->visit($bookPage->getUrl() . '/edit')

+ ->seePageIs($bookPage->getUrl() . '/edit');

+ $this->visit($bookChapter->getUrl() . '/edit')

+ ->see('Edit Chapter');

+ }

+

+ public function test_book_delete_restriction_override()

+ {

+ $book = \BookStack\Book::first();

+ $bookPage = $book->pages->first();

+ $bookChapter = $book->chapters->first();

+

+ $bookUrl = $book->getUrl();

+ $this->actingAs($this->viewer)

+ ->visit($bookUrl . '/delete')

+ ->dontSee('Delete Book');

+

+ $this->setEntityRestrictions($book, ['view', 'update']);

+

+ $this->forceVisit($bookUrl . '/delete')

+ ->see('You do not have permission')->seePageIs('/');

+ $this->forceVisit($bookPage->getUrl() . '/delete')

+ ->see('You do not have permission')->seePageIs('/');

+ $this->forceVisit($bookChapter->getUrl() . '/delete')

+ ->see('You do not have permission')->seePageIs('/');

+

+ $this->setEntityRestrictions($book, ['view', 'delete']);

+

+ $this->visit($bookUrl . '/delete')

+ ->seePageIs($bookUrl . '/delete')->see('Delete Book');

+ $this->visit($bookPage->getUrl() . '/delete')

+ ->seePageIs($bookPage->getUrl() . '/delete')->see('Delete Page');

+ $this->visit($bookChapter->getUrl() . '/delete')

+ ->see('Delete Chapter');

+ }

+

+ public function test_page_visible_if_has_permissions_when_book_not_visible()

+ {

+ $book = \BookStack\Book::first();

+ $bookChapter = $book->chapters->first();

+ $bookPage = $bookChapter->pages->first();

+

+ $this->setEntityRestrictions($book, []);

+ $this->setEntityRestrictions($bookPage, ['view']);

+

+ $this->actingAs($this->viewer);

+ $this->get($bookPage->getUrl());

+ $this->assertResponseOk();

+ $this->see($bookPage->name);

+ $this->dontSee(substr($book->name, 0, 15));

+ $this->dontSee(substr($bookChapter->name, 0, 15));

+ }

+

}