BookStack Code Mirror - bookstack/blobdiff - tests/Permissions/RolesTest.php

index 3604a3cac4b95942cffafeccc678afe3abf9a624..88d400259e0e683a8c4d3a21906b0842aa6e6e7e 100644 (file)

--- a/tests/Permissions/RolesTest.php

+++ b/tests/Permissions/RolesTest.php

@@ -17,7 +17,7 @@ use Tests\TestCase;

class RolesTest extends TestCase

{

class RolesTest extends TestCase

{

- protected $user;

+ protected User $user;

protected function setUp(): void

{

protected function setUp(): void

{

@@ -163,6 +163,37 @@ class RolesTest extends TestCase

$this->assertEquals($this->user->id, $roleA->users()->first()->id);

}

$this->assertEquals($this->user->id, $roleA->users()->first()->id);

}

+ public function test_entity_permissions_are_removed_on_delete()

+ {

+ /** @var Role $roleA */

+ $roleA = Role::query()->create(['display_name' => 'Entity Permissions Delete Test']);

+ $page = $this->entities->page();

+ $this->entities->setPermissions($page, ['view'], [$roleA]);

+ $this->assertDatabaseHas('entity_permissions', [

+ 'role_id' => $roleA->id,

+ 'entity_id' => $page->id,

+ 'entity_type' => $page->getMorphClass(),

+ ]);

+ $this->asAdmin()->delete("/settings/roles/delete/$roleA->id");

+ $this->assertDatabaseMissing('entity_permissions', [

+ 'role_id' => $roleA->id,

+ 'entity_id' => $page->id,

+ 'entity_type' => $page->getMorphClass(),

+ ]);

+ }

+ public function test_image_view_notice_shown_on_role_form()

+ {

+ /** @var Role $role */

+ $role = Role::query()->first();

+ $this->asAdmin()->get("/settings/roles/{$role->id}")

+ ->assertSee('Actual access of uploaded image files will be dependant upon system image storage option');

+ }

public function test_copy_role_button_shown()

{

/** @var Role $role */

public function test_copy_role_button_shown()

{

/** @var Role $role */

@@ -277,7 +308,7 @@ class RolesTest extends TestCase

{

/** @var Page $otherUsersPage */

$otherUsersPage = Page::query()->first();

{

/** @var Page $otherUsersPage */

$otherUsersPage = Page::query()->first();

- $content = $this->createEntityChainBelongingToUser($this->user);

+ $content = $this->entities->createChainBelongingToUser($this->user);

// Set a different creator on the page we're checking to ensure

// that the owner fields are checked

// Set a different creator on the page we're checking to ensure

// that the owner fields are checked

@@ -347,9 +378,9 @@ class RolesTest extends TestCase

{

/** @var Bookshelf $otherShelf */

$otherShelf = Bookshelf::query()->first();

{

/** @var Bookshelf $otherShelf */

$otherShelf = Bookshelf::query()->first();

- $ownShelf = $this->newShelf(['name' => 'test-shelf', 'slug' => 'test-shelf']);

+ $ownShelf = $this->entities->newShelf(['name' => 'test-shelf', 'slug' => 'test-shelf']);

$ownShelf->forceFill(['owned_by' => $this->user->id, 'updated_by' => $this->user->id])->save();

- $this->regenEntityPermissions($ownShelf);

+ $this->entities->regenPermissions($ownShelf);

$this->checkAccessPermission('bookshelf-update-own', [

$ownShelf->getUrl('/edit'),

$this->checkAccessPermission('bookshelf-update-own', [

$ownShelf->getUrl('/edit'),

@@ -378,9 +409,9 @@ class RolesTest extends TestCase

$this->giveUserPermissions($this->user, ['bookshelf-update-all']);

/** @var Bookshelf $otherShelf */

$otherShelf = Bookshelf::query()->first();

$this->giveUserPermissions($this->user, ['bookshelf-update-all']);

/** @var Bookshelf $otherShelf */

$otherShelf = Bookshelf::query()->first();

- $ownShelf = $this->newShelf(['name' => 'test-shelf', 'slug' => 'test-shelf']);

+ $ownShelf = $this->entities->newShelf(['name' => 'test-shelf', 'slug' => 'test-shelf']);

$ownShelf->forceFill(['owned_by' => $this->user->id, 'updated_by' => $this->user->id])->save();

- $this->regenEntityPermissions($ownShelf);

+ $this->entities->regenPermissions($ownShelf);

$this->checkAccessPermission('bookshelf-delete-own', [

$ownShelf->getUrl('/delete'),

$this->checkAccessPermission('bookshelf-delete-own', [

$ownShelf->getUrl('/delete'),

@@ -430,7 +461,7 @@ class RolesTest extends TestCase

{

/** @var Book $otherBook */

$otherBook = Book::query()->take(1)->get()->first();

{

/** @var Book $otherBook */

$otherBook = Book::query()->take(1)->get()->first();

- $ownBook = $this->createEntityChainBelongingToUser($this->user)['book'];

+ $ownBook = $this->entities->createChainBelongingToUser($this->user)['book'];

$this->checkAccessPermission('book-update-own', [

$ownBook->getUrl() . '/edit',

], [

$this->checkAccessPermission('book-update-own', [

$ownBook->getUrl() . '/edit',

], [

@@ -458,7 +489,7 @@ class RolesTest extends TestCase

$this->giveUserPermissions($this->user, ['book-update-all']);

/** @var Book $otherBook */

$otherBook = Book::query()->take(1)->get()->first();

$this->giveUserPermissions($this->user, ['book-update-all']);

/** @var Book $otherBook */

$otherBook = Book::query()->take(1)->get()->first();

- $ownBook = $this->createEntityChainBelongingToUser($this->user)['book'];

+ $ownBook = $this->entities->createChainBelongingToUser($this->user)['book'];

$this->checkAccessPermission('book-delete-own', [

$ownBook->getUrl() . '/delete',

], [

$this->checkAccessPermission('book-delete-own', [

$ownBook->getUrl() . '/delete',

], [

@@ -493,7 +524,7 @@ class RolesTest extends TestCase

{

/** @var Book $book */

$book = Book::query()->take(1)->get()->first();

{

/** @var Book $book */

$book = Book::query()->take(1)->get()->first();

- $ownBook = $this->createEntityChainBelongingToUser($this->user)['book'];

+ $ownBook = $this->entities->createChainBelongingToUser($this->user)['book'];

$this->checkAccessPermission('chapter-create-own', [

$ownBook->getUrl('/create-chapter'),

], [

$this->checkAccessPermission('chapter-create-own', [

$ownBook->getUrl('/create-chapter'),

], [

@@ -512,8 +543,7 @@ class RolesTest extends TestCase

public function test_chapter_create_all_permissions()

{

public function test_chapter_create_all_permissions()

{

- /** @var Book $book */

- $book = Book::query()->first();

+ $book = $this->entities->book();

$this->checkAccessPermission('chapter-create-all', [

$book->getUrl('/create-chapter'),

], [

$this->checkAccessPermission('chapter-create-all', [

$book->getUrl('/create-chapter'),

], [

@@ -530,7 +560,7 @@ class RolesTest extends TestCase

{

/** @var Chapter $otherChapter */

$otherChapter = Chapter::query()->first();

{

/** @var Chapter $otherChapter */

$otherChapter = Chapter::query()->first();

- $ownChapter = $this->createEntityChainBelongingToUser($this->user)['chapter'];

+ $ownChapter = $this->entities->createChainBelongingToUser($this->user)['chapter'];

$this->checkAccessPermission('chapter-update-own', [

$ownChapter->getUrl() . '/edit',

], [

$this->checkAccessPermission('chapter-update-own', [

$ownChapter->getUrl() . '/edit',

], [

@@ -558,7 +588,7 @@ class RolesTest extends TestCase

$this->giveUserPermissions($this->user, ['chapter-update-all']);

/** @var Chapter $otherChapter */

$otherChapter = Chapter::query()->first();

$this->giveUserPermissions($this->user, ['chapter-update-all']);

/** @var Chapter $otherChapter */

$otherChapter = Chapter::query()->first();

- $ownChapter = $this->createEntityChainBelongingToUser($this->user)['chapter'];

+ $ownChapter = $this->entities->createChainBelongingToUser($this->user)['chapter'];

$this->checkAccessPermission('chapter-delete-own', [

$ownChapter->getUrl() . '/delete',

], [

$this->checkAccessPermission('chapter-delete-own', [

$ownChapter->getUrl() . '/delete',

], [

@@ -595,12 +625,10 @@ class RolesTest extends TestCase

public function test_page_create_own_permissions()

{

public function test_page_create_own_permissions()

{

- /** @var Book $book */

- $book = Book::query()->first();

- /** @var Chapter $chapter */

- $chapter = Chapter::query()->first();

+ $book = $this->entities->book();

+ $chapter = $this->entities->chapter();

- $entities = $this->createEntityChainBelongingToUser($this->user);

+ $entities = $this->entities->createChainBelongingToUser($this->user);

$ownBook = $entities['book'];

$ownChapter = $entities['chapter'];

$ownBook = $entities['book'];

$ownChapter = $entities['chapter'];

@@ -644,10 +672,8 @@ class RolesTest extends TestCase

public function test_page_create_all_permissions()

{

public function test_page_create_all_permissions()

{

- /** @var Book $book */

- $book = Book::query()->first();

- /** @var Chapter $chapter */

- $chapter = Chapter::query()->first();

+ $book = $this->entities->book();

+ $chapter = $this->entities->chapter();

$createUrl = $book->getUrl('/create-page');

$createUrlChapter = $chapter->getUrl('/create-page');

$createUrl = $book->getUrl('/create-page');

$createUrlChapter = $chapter->getUrl('/create-page');

@@ -691,7 +717,7 @@ class RolesTest extends TestCase

{

/** @var Page $otherPage */

$otherPage = Page::query()->first();

{

/** @var Page $otherPage */

$otherPage = Page::query()->first();

- $ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];

+ $ownPage = $this->entities->createChainBelongingToUser($this->user)['page'];

$this->checkAccessPermission('page-update-own', [

$ownPage->getUrl() . '/edit',

], [

$this->checkAccessPermission('page-update-own', [

$ownPage->getUrl() . '/edit',

], [

@@ -719,7 +745,7 @@ class RolesTest extends TestCase

$this->giveUserPermissions($this->user, ['page-update-all']);

/** @var Page $otherPage */

$otherPage = Page::query()->first();

$this->giveUserPermissions($this->user, ['page-update-all']);

/** @var Page $otherPage */

$otherPage = Page::query()->first();

- $ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];

+ $ownPage = $this->entities->createChainBelongingToUser($this->user)['page'];

$this->checkAccessPermission('page-delete-own', [

$ownPage->getUrl() . '/delete',

], [

$this->checkAccessPermission('page-delete-own', [

$ownPage->getUrl() . '/delete',

], [

@@ -798,8 +824,7 @@ class RolesTest extends TestCase

public function test_image_delete_own_permission()

{

$this->giveUserPermissions($this->user, ['image-update-all']);

public function test_image_delete_own_permission()

{

$this->giveUserPermissions($this->user, ['image-update-all']);

- /** @var Page $page */

- $page = Page::query()->first();

+ $page = $this->entities->page();

$image = Image::factory()->create([

'uploaded_to' => $page->id,

'created_by' => $this->user->id,

$image = Image::factory()->create([

'uploaded_to' => $page->id,

'created_by' => $this->user->id,

@@ -818,8 +843,7 @@ class RolesTest extends TestCase

{

$this->giveUserPermissions($this->user, ['image-update-all']);

$admin = $this->getAdmin();

{

$this->giveUserPermissions($this->user, ['image-update-all']);

$admin = $this->getAdmin();

- /** @var Page $page */

- $page = Page::query()->first();

+ $page = $this->entities->page();

$image = Image::factory()->create(['uploaded_to' => $page->id, 'created_by' => $admin->id, 'updated_by' => $admin->id]);

$this->actingAs($this->user)->json('delete', '/images/' . $image->id)->assertStatus(403);

$image = Image::factory()->create(['uploaded_to' => $page->id, 'created_by' => $admin->id, 'updated_by' => $admin->id]);

$this->actingAs($this->user)->json('delete', '/images/' . $image->id)->assertStatus(403);

@@ -837,8 +861,7 @@ class RolesTest extends TestCase

public function test_role_permission_removal()

{

// To cover issue fixed in f99c8ff99aee9beb8c692f36d4b84dc6e651e50a.

public function test_role_permission_removal()

{

// To cover issue fixed in f99c8ff99aee9beb8c692f36d4b84dc6e651e50a.

- /** @var Page $page */

- $page = Page::query()->first();

+ $page = $this->entities->page();

$viewerRole = Role::getRole('viewer');

$viewer = $this->getViewer();

$this->actingAs($viewer)->get($page->getUrl())->assertOk();

$viewerRole = Role::getRole('viewer');

$viewer = $this->getViewer();

$this->actingAs($viewer)->get($page->getUrl())->assertOk();

@@ -857,14 +880,14 @@ class RolesTest extends TestCase

$admin = $this->getAdmin();

// Book links

$book = Book::factory()->create(['created_by' => $admin->id, 'updated_by' => $admin->id]);

$admin = $this->getAdmin();

// Book links

$book = Book::factory()->create(['created_by' => $admin->id, 'updated_by' => $admin->id]);

- $this->regenEntityPermissions($book);

+ $this->entities->regenPermissions($book);

$this->actingAs($this->getViewer())->get($book->getUrl())

->assertDontSee('Create a new page')

->assertDontSee('Add a chapter');

// Chapter links

$chapter = Chapter::factory()->create(['created_by' => $admin->id, 'updated_by' => $admin->id, 'book_id' => $book->id]);

$this->actingAs($this->getViewer())->get($book->getUrl())

->assertDontSee('Create a new page')

->assertDontSee('Add a chapter');

// Chapter links

$chapter = Chapter::factory()->create(['created_by' => $admin->id, 'updated_by' => $admin->id, 'book_id' => $book->id]);

- $this->regenEntityPermissions($chapter);

+ $this->entities->regenPermissions($chapter);

$this->actingAs($this->getViewer())->get($chapter->getUrl())

->assertDontSee('Create a new page')

->assertDontSee('Sort the current book');

$this->actingAs($this->getViewer())->get($chapter->getUrl())

->assertDontSee('Create a new page')

->assertDontSee('Sort the current book');

@@ -872,7 +895,7 @@ class RolesTest extends TestCase

public function test_comment_create_permission()

{

public function test_comment_create_permission()

{

- $ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];

+ $ownPage = $this->entities->createChainBelongingToUser($this->user)['page'];

$this->actingAs($this->user)

->addComment($ownPage)

$this->actingAs($this->user)

->addComment($ownPage)

@@ -887,7 +910,7 @@ class RolesTest extends TestCase

public function test_comment_update_own_permission()

{

public function test_comment_update_own_permission()

{

- $ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];

+ $ownPage = $this->entities->createChainBelongingToUser($this->user)['page'];

$this->giveUserPermissions($this->user, ['comment-create-all']);

$this->actingAs($this->user)->addComment($ownPage);

/** @var Comment $comment */

$this->giveUserPermissions($this->user, ['comment-create-all']);

$this->actingAs($this->user)->addComment($ownPage);

/** @var Comment $comment */

@@ -905,7 +928,7 @@ class RolesTest extends TestCase

public function test_comment_update_all_permission()

{

/** @var Page $ownPage */

public function test_comment_update_all_permission()

{

/** @var Page $ownPage */

- $ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];

+ $ownPage = $this->entities->createChainBelongingToUser($this->user)['page'];

$this->asAdmin()->addComment($ownPage);

/** @var Comment $comment */

$comment = $ownPage->comments()->latest()->first();

$this->asAdmin()->addComment($ownPage);

/** @var Comment $comment */

$comment = $ownPage->comments()->latest()->first();

@@ -922,7 +945,7 @@ class RolesTest extends TestCase

public function test_comment_delete_own_permission()

{

/** @var Page $ownPage */

public function test_comment_delete_own_permission()

{

/** @var Page $ownPage */

- $ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];

+ $ownPage = $this->entities->createChainBelongingToUser($this->user)['page'];

$this->giveUserPermissions($this->user, ['comment-create-all']);

$this->actingAs($this->user)->addComment($ownPage);

$this->giveUserPermissions($this->user, ['comment-create-all']);

$this->actingAs($this->user)->addComment($ownPage);

@@ -941,7 +964,7 @@ class RolesTest extends TestCase

public function test_comment_delete_all_permission()

{

/** @var Page $ownPage */

public function test_comment_delete_all_permission()

{

/** @var Page $ownPage */

- $ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];

+ $ownPage = $this->entities->createChainBelongingToUser($this->user)['page'];

$this->asAdmin()->addComment($ownPage);

/** @var Comment $comment */

$comment = $ownPage->comments()->latest()->first();

$this->asAdmin()->addComment($ownPage);

/** @var Comment $comment */

$comment = $ownPage->comments()->latest()->first();