X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/097d9c9f3cb1941b372b44c9868c4c177a3b8f80..refs/pull/665/head:/tests/Permissions/RestrictionsTest.php diff --git a/tests/Permissions/RestrictionsTest.php b/tests/Permissions/RestrictionsTest.php index 4ecf5fb20..218b7a0d8 100644 --- a/tests/Permissions/RestrictionsTest.php +++ b/tests/Permissions/RestrictionsTest.php @@ -1,53 +1,70 @@ -user = $this->getNewUser(); + $this->user = $this->getEditor(); $this->viewer = $this->getViewer(); - } - - protected function getViewer() - { - $role = \BookStack\Role::getRole('viewer'); - $viewer = $this->getNewBlankUser(); - $viewer->attachRole($role);; - return $viewer; + $this->permissionService = $this->app[PermissionService::class]; } /** - * Manually set some restrictions on an entity. + * Manually set some permissions on an entity. * @param \BookStack\Entity $entity * @param $actions */ protected function setEntityRestrictions(\BookStack\Entity $entity, $actions) { $entity->restricted = true; - $entity->restrictions()->delete(); + $entity->permissions()->delete(); + $role = $this->user->roles->first(); $viewerRole = $this->viewer->roles->first(); + + $permissions = []; foreach ($actions as $action) { - $entity->restrictions()->create([ + $permissions[] = [ 'role_id' => $role->id, 'action' => strtolower($action) - ]); - $entity->restrictions()->create([ + ]; + $permissions[] = [ 'role_id' => $viewerRole->id, 'action' => strtolower($action) - ]); + ]; } + $entity->permissions()->createMany($permissions); + $entity->save(); - $entity->load('restrictions'); + $entity->load('permissions'); + $this->permissionService->buildJointPermissionsForEntity($entity); + $entity->load('jointPermissions'); } public function test_book_view_restriction() { - $book = \BookStack\Book::first(); + $book = Book::first(); $bookPage = $book->pages->first(); $bookChapter = $book->chapters->first(); @@ -61,9 +78,9 @@ class RestrictionsTest extends TestCase $this->forceVisit($bookUrl) ->see('Book not found'); $this->forceVisit($bookPage->getUrl()) - ->see('Book not found'); + ->see('Page not found'); $this->forceVisit($bookChapter->getUrl()) - ->see('Book not found'); + ->see('Chapter not found'); $this->setEntityRestrictions($book, ['view']); @@ -77,7 +94,7 @@ class RestrictionsTest extends TestCase public function test_book_create_restriction() { - $book = \BookStack\Book::first(); + $book = Book::first(); $bookUrl = $book->getUrl(); $this->actingAs($this->viewer) @@ -116,7 +133,7 @@ class RestrictionsTest extends TestCase public function test_book_update_restriction() { - $book = \BookStack\Book::first(); + $book = Book::first(); $bookPage = $book->pages->first(); $bookChapter = $book->chapters->first(); @@ -146,7 +163,7 @@ class RestrictionsTest extends TestCase public function test_book_delete_restriction() { - $book = \BookStack\Book::first(); + $book = Book::first(); $bookPage = $book->pages->first(); $bookChapter = $book->chapters->first(); @@ -222,6 +239,7 @@ class RestrictionsTest extends TestCase ->type('test content', 'html') ->press('Save Page') ->seePageIs($chapter->book->getUrl() . '/page/test-page'); + $this->visit($chapterUrl)->seeInElement('.action-buttons', 'New Page'); } @@ -337,14 +355,14 @@ class RestrictionsTest extends TestCase public function test_book_restriction_form() { - $book = \BookStack\Book::first(); + $book = Book::first(); $this->asAdmin()->visit($book->getUrl() . '/permissions') ->see('Book Permissions') ->check('restricted') ->check('restrictions[2][view]') ->press('Save Permissions') ->seeInDatabase('books', ['id' => $book->id, 'restricted' => true]) - ->seeInDatabase('restrictions', [ + ->seeInDatabase('entity_permissions', [ 'restrictable_id' => $book->id, 'restrictable_type' => 'BookStack\Book', 'role_id' => '2', @@ -361,7 +379,7 @@ class RestrictionsTest extends TestCase ->check('restrictions[2][update]') ->press('Save Permissions') ->seeInDatabase('chapters', ['id' => $chapter->id, 'restricted' => true]) - ->seeInDatabase('restrictions', [ + ->seeInDatabase('entity_permissions', [ 'restrictable_id' => $chapter->id, 'restrictable_type' => 'BookStack\Chapter', 'role_id' => '2', @@ -378,7 +396,7 @@ class RestrictionsTest extends TestCase ->check('restrictions[2][delete]') ->press('Save Permissions') ->seeInDatabase('pages', ['id' => $page->id, 'restricted' => true]) - ->seeInDatabase('restrictions', [ + ->seeInDatabase('entity_permissions', [ 'restrictable_id' => $page->id, 'restrictable_type' => 'BookStack\Page', 'role_id' => '2', @@ -425,7 +443,7 @@ class RestrictionsTest extends TestCase public function test_book_create_restriction_override() { - $book = \BookStack\Book::first(); + $book = Book::first(); $bookUrl = $book->getUrl(); $this->actingAs($this->viewer) @@ -460,7 +478,7 @@ class RestrictionsTest extends TestCase public function test_book_update_restriction_override() { - $book = \BookStack\Book::first(); + $book = Book::first(); $bookPage = $book->pages->first(); $bookChapter = $book->chapters->first(); @@ -490,7 +508,7 @@ class RestrictionsTest extends TestCase public function test_book_delete_restriction_override() { - $book = \BookStack\Book::first(); + $book = Book::first(); $bookPage = $book->pages->first(); $bookChapter = $book->chapters->first(); @@ -518,4 +536,22 @@ class RestrictionsTest extends TestCase ->see('Delete Chapter'); } + public function test_page_visible_if_has_permissions_when_book_not_visible() + { + $book = Book::first(); + + $this->setEntityRestrictions($book, []); + + $bookChapter = $book->chapters->first(); + $bookPage = $bookChapter->pages->first(); + $this->setEntityRestrictions($bookPage, ['view']); + + $this->actingAs($this->viewer); + $this->get($bookPage->getUrl()); + $this->assertResponseOk(); + $this->see($bookPage->name); + $this->dontSee(substr($book->name, 0, 15)); + $this->dontSee(substr($bookChapter->name, 0, 15)); + } + }