]> BookStack Code Mirror - bookstack/blobdiff - tests/Permissions/RestrictionsTest.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
added Arabic to locales
[bookstack] / tests / Permissions / RestrictionsTest.php
diff --git a/tests/Permissions/RestrictionsTest.php b/tests/Permissions/RestrictionsTest.php
index 8f37b2517b9b94e317bd2b3335452db9f47c474f..2bbb1a5faeee9d08a37ebf704834da732ec4f70f 100644 (file)
--- a/tests/Permissions/RestrictionsTest.php
+++ b/tests/Permissions/RestrictionsTest.php
@@ -1,7 +1,7 @@
 <?php namespace Tests;
 
 use BookStack\Book;
-use BookStack\Services\PermissionService;
+use BookStack\Entity;
 use BookStack\User;
 use BookStack\Repos\EntityRepo;
 
@@ -18,49 +18,20 @@ class RestrictionsTest extends BrowserKitTest
      */
     protected $viewer;
 
-    /**
-     * @var PermissionService
-     */
-    protected $permissionService;
-
     public function setUp()
     {
         parent::setUp();
         $this->user = $this->getEditor();
         $this->viewer = $this->getViewer();
-        $this->permissionService = $this->app[PermissionService::class];
     }
 
-    /**
-     * Manually set some permissions on an entity.
-     * @param \BookStack\Entity $entity
-     * @param $actions
-     */
-    protected function setEntityRestrictions(\BookStack\Entity $entity, $actions)
+    protected function setEntityRestrictions(Entity $entity, $actions = [], $roles = [])
     {
-        $entity->restricted = true;
-        $entity->permissions()->delete();
-
-        $role = $this->user->roles->first();
-        $viewerRole = $this->viewer->roles->first();
-
-        $permissions = [];
-        foreach ($actions as $action) {
-            $permissions[] = [
-                'role_id' => $role->id,
-                'action' => strtolower($action)
-            ];
-            $permissions[] = [
-                'role_id' => $viewerRole->id,
-                'action' => strtolower($action)
-            ];
-        }
-        $entity->permissions()->createMany($permissions);
-
-        $entity->save();
-        $entity->load('permissions');
-        $this->permissionService->buildJointPermissionsForEntity($entity);
-        $entity->load('jointPermissions');
+        $roles = [
+            $this->user->roles->first(),
+            $this->viewer->roles->first(),
+        ];
+        parent::setEntityRestrictions($entity, $actions, $roles);
     }
 
     public function test_book_view_restriction()
@@ -109,21 +80,21 @@ class RestrictionsTest extends BrowserKitTest
 
         $this->setEntityRestrictions($book, ['view', 'delete', 'update']);
 
-        $this->forceVisit($bookUrl . '/chapter/create')
+        $this->forceVisit($bookUrl . '/create-chapter')
             ->see('You do not have permission')->seePageIs('/');
-        $this->forceVisit($bookUrl . '/page/create')
+        $this->forceVisit($bookUrl . '/create-page')
             ->see('You do not have permission')->seePageIs('/');
         $this->visit($bookUrl)->dontSeeInElement('.action-buttons', 'New Page')
             ->dontSeeInElement('.action-buttons', 'New Chapter');
 
         $this->setEntityRestrictions($book, ['view', 'create']);
 
-        $this->visit($bookUrl . '/chapter/create')
+        $this->visit($bookUrl . '/create-chapter')
             ->type('test chapter', 'name')
             ->type('test description for chapter', 'description')
             ->press('Save Chapter')
             ->seePageIs($bookUrl . '/chapter/test-chapter');
-        $this->visit($bookUrl . '/page/create')
+        $this->visit($bookUrl . '/create-page')
             ->type('test page', 'name')
             ->type('test content', 'html')
             ->press('Save Page')
@@ -454,21 +425,21 @@ class RestrictionsTest extends BrowserKitTest
 
         $this->setEntityRestrictions($book, ['view', 'delete', 'update']);
 
-        $this->forceVisit($bookUrl . '/chapter/create')
+        $this->forceVisit($bookUrl . '/create-chapter')
             ->see('You do not have permission')->seePageIs('/');
-        $this->forceVisit($bookUrl . '/page/create')
+        $this->forceVisit($bookUrl . '/create-page')
             ->see('You do not have permission')->seePageIs('/');
         $this->visit($bookUrl)->dontSeeInElement('.action-buttons', 'New Page')
             ->dontSeeInElement('.action-buttons', 'New Chapter');
 
         $this->setEntityRestrictions($book, ['view', 'create']);
 
-        $this->visit($bookUrl . '/chapter/create')
+        $this->visit($bookUrl . '/create-chapter')
             ->type('test chapter', 'name')
             ->type('test description for chapter', 'description')
             ->press('Save Chapter')
             ->seePageIs($bookUrl . '/chapter/test-chapter');
-        $this->visit($bookUrl . '/page/create')
+        $this->visit($bookUrl . '/create-page')
             ->type('test page', 'name')
             ->type('test content', 'html')
             ->press('Save Page')
@@ -621,4 +592,26 @@ class RestrictionsTest extends BrowserKitTest
                 ->see('You do not have permission')
                 ->seePageIs('/');
     }
+
+    public function test_can_create_page_if_chapter_has_permissions_when_book_not_visible()
+    {
+        $book = Book::first();
+        $this->setEntityRestrictions($book, []);
+        $bookChapter = $book->chapters->first();
+        $this->setEntityRestrictions($bookChapter, ['view']);
+
+        $this->actingAs($this->user)->visit($bookChapter->getUrl())
+            ->dontSee('New Page');
+
+        $this->setEntityRestrictions($bookChapter, ['view', 'create']);
+
+        $this->actingAs($this->user)->visit($bookChapter->getUrl())
+            ->click('New Page')
+            ->seeStatusCode(200)
+            ->type('test page', 'name')
+            ->type('test content', 'html')
+            ->press('Save Page')
+            ->seePageIs($book->getUrl('/page/test-page'))
+            ->seeStatusCode(200);
+    }
 }
The core source code for the BookStack project.