Adds test cases and fixes an issue with the permission checking.

[bookstack] / app / Repos / EntityRepo.php

diff --git a/app/Repos/EntityRepo.php b/app/Repos/EntityRepo.php
index d390f3e99a0975e841297f72729375a1c2909db9..c31ddfefe46dbee7d6957cfb230458e622bfa6d9 100644 (file)
--- a/app/Repos/EntityRepo.php
+++ b/app/Repos/EntityRepo.php
@@ -442,9 +442,10 @@ class EntityRepo
      */
     public function updateEntityPermissionsFromRequest($request, Entity $entity)
     {
-        $entity->restricted = $request->has('restricted') && $request->get('restricted') === 'true';
+        $entity->restricted = $request->get('restricted', '') === 'true';
         $entity->permissions()->delete();
-        if ($request->has('restrictions')) {
+
+        if ($request->filled('restrictions')) {
             foreach ($request->get('restrictions') as $roleId => $restrictions) {
                 foreach ($restrictions as $action => $value) {
                     $entity->permissions()->create([
@@ -454,6 +455,7 @@ class EntityRepo
                 }
             }
         }
+
         $entity->save();
         $this->permissionService->buildJointPermissionsForEntity($entity);
     }