OIDC Userinfo: Fixed issues with validation logic from changes

[bookstack] / tests / PublicActionTest.php

diff --git a/tests/PublicActionTest.php b/tests/PublicActionTest.php
index 6f0e2f1d3bb4d886684af5e7ee3863926a552460..875b279a81c381d2394da96d4b7892bc161ee9b6 100644 (file)
--- a/tests/PublicActionTest.php
+++ b/tests/PublicActionTest.php
@@ -103,7 +103,7 @@ class PublicActionTest extends TestCase
         $resp = $this->post($chapter->getUrl('/create-guest-page'), ['name' => 'My guest page']);
         $resp->assertRedirect($chapter->book->getUrl('/page/my-guest-page/edit'));
 
-        $user = User::getDefault();
+        $user = $this->users->guest();
         $this->assertDatabaseHas('pages', [
             'name'       => 'My guest page',
             'chapter_id' => $chapter->id,
@@ -197,7 +197,7 @@ class PublicActionTest extends TestCase
     public function test_public_view_can_take_on_other_roles()
     {
         $this->setSettings(['app-public' => 'true']);
-        $newRole = $this->users->attachNewRole(User::getDefault(), []);
+        $newRole = $this->users->attachNewRole($this->users->guest(), []);
         $page = $this->entities->page();
         $this->permissions->disableEntityInheritedPermissions($page);
         $this->permissions->addEntityPermission($page, ['view', 'update'], $newRole);
@@ -207,4 +207,16 @@ class PublicActionTest extends TestCase
 
         $this->withHtml($resp)->assertLinkExists($page->getUrl('/edit'));
     }
+
+    public function test_public_user_cannot_view_or_update_their_profile()
+    {
+        $this->setSettings(['app-public' => 'true']);
+        $guest = $this->users->guest();
+
+        $resp = $this->get($guest->getEditUrl());
+        $this->assertPermissionError($resp);
+
+        $resp = $this->put($guest->getEditUrl(), ['name' => 'My new guest name']);
+        $this->assertPermissionError($resp);
+    }
 }