X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/1d1cc19596ac30d40a74ee751011b9bac038c47c..refs/pull/3593/head:/tests/TestCase.php

diff --git a/tests/TestCase.php b/tests/TestCase.php
index 94751b004..9ffce917e 100644
--- a/tests/TestCase.php
+++ b/tests/TestCase.php
@@ -1,30 +1,54 @@
-<?php namespace Tests;
+<?php
 
-use BookStack\Book;
-use BookStack\Chapter;
-use BookStack\Repos\EntityRepo;
-use BookStack\Role;
-use BookStack\Services\SettingService;
+namespace Tests;
+
+use BookStack\Auth\Permissions\JointPermissionBuilder;
+use BookStack\Auth\Permissions\PermissionsRepo;
+use BookStack\Auth\Permissions\RolePermission;
+use BookStack\Auth\Role;
+use BookStack\Auth\User;
+use BookStack\Entities\Models\Book;
+use BookStack\Entities\Models\Bookshelf;
+use BookStack\Entities\Models\Chapter;
+use BookStack\Entities\Models\Entity;
+use BookStack\Entities\Models\Page;
+use BookStack\Entities\Repos\BookRepo;
+use BookStack\Entities\Repos\BookshelfRepo;
+use BookStack\Entities\Repos\ChapterRepo;
+use BookStack\Entities\Repos\PageRepo;
+use BookStack\Settings\SettingService;
+use BookStack\Uploads\HttpFetcher;
+use GuzzleHttp\Client;
+use GuzzleHttp\Handler\MockHandler;
+use GuzzleHttp\HandlerStack;
+use GuzzleHttp\Middleware;
 use Illuminate\Foundation\Testing\DatabaseTransactions;
 use Illuminate\Foundation\Testing\TestCase as BaseTestCase;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Env;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Testing\Assert as PHPUnit;
+use Monolog\Handler\TestHandler;
+use Monolog\Logger;
+use Psr\Http\Client\ClientInterface;
+use Ssddanbrown\AssertHtml\TestsHtml;
 
 abstract class TestCase extends BaseTestCase
 {
     use CreatesApplication;
     use DatabaseTransactions;
+    use TestsHtml;
 
-    protected $admin;
-    protected $editor;
+    protected ?User $admin = null;
+    protected ?User $editor = null;
 
     /**
      * The base URL to use while testing the application.
-     * @var string
      */
-    protected $baseUrl = 'http://localhost';
+    protected string $baseUrl = 'http://localhost';
 
     /**
      * Set the current user context to be an admin.
-     * @return $this
      */
     public function asAdmin()
     {
@@ -33,78 +57,388 @@ abstract class TestCase extends BaseTestCase
 
     /**
      * Get the current admin user.
-     * @return mixed
      */
-    public function getAdmin() {
-        if($this->admin === null) {
+    public function getAdmin(): User
+    {
+        if (is_null($this->admin)) {
             $adminRole = Role::getSystemRole('admin');
             $this->admin = $adminRole->users->first();
         }
+
         return $this->admin;
     }
 
     /**
      * Set the current user context to be an editor.
-     * @return $this
      */
     public function asEditor()
     {
         return $this->actingAs($this->getEditor());
     }
 
-
     /**
      * Get a editor user.
-     * @return mixed
      */
-    public function getEditor() {
-        if($this->editor === null) {
+    protected function getEditor(): User
+    {
+        if ($this->editor === null) {
             $editorRole = Role::getRole('editor');
             $this->editor = $editorRole->users->first();
         }
+
         return $this->editor;
     }
 
+    /**
+     * Get an instance of a user with 'viewer' permissions.
+     */
+    protected function getViewer(array $attributes = []): User
+    {
+        $user = Role::getRole('viewer')->users()->first();
+        if (!empty($attributes)) {
+            $user->forceFill($attributes)->save();
+        }
+
+        return $user;
+    }
+
+    /**
+     * Get a user that's not a system user such as the guest user.
+     */
+    public function getNormalUser(): User
+    {
+        return User::query()->where('system_name', '=', null)->get()->last();
+    }
+
+    /**
+     * Regenerate the permission for an entity.
+     */
+    protected function regenEntityPermissions(Entity $entity): void
+    {
+        $entity->rebuildPermissions();
+        $entity->load('jointPermissions');
+    }
+
+    /**
+     * Create and return a new bookshelf.
+     */
+    public function newShelf(array $input = ['name' => 'test shelf', 'description' => 'My new test shelf']): Bookshelf
+    {
+        return app(BookshelfRepo::class)->create($input, []);
+    }
+
     /**
      * Create and return a new book.
-     * @param array $input
-     * @return Book
      */
-    public function newBook($input = ['name' => 'test book', 'description' => 'My new test book']) {
-        return $this->app[EntityRepo::class]->createFromInput('book', $input, false);
+    public function newBook(array $input = ['name' => 'test book', 'description' => 'My new test book']): Book
+    {
+        return app(BookRepo::class)->create($input);
     }
 
     /**
-     * Create and return a new test chapter
-     * @param array $input
-     * @param Book $book
-     * @return Chapter
+     * Create and return a new test chapter.
      */
-    public function newChapter($input = ['name' => 'test chapter', 'description' => 'My new test chapter'], Book $book) {
-        return $this->app[EntityRepo::class]->createFromInput('chapter', $input, $book);
+    public function newChapter(array $input, Book $book): Chapter
+    {
+        return app(ChapterRepo::class)->create($input, $book);
     }
 
     /**
-     * Create and return a new test page
-     * @param array $input
-     * @return Chapter
+     * Create and return a new test page.
      */
-    public function newPage($input = ['name' => 'test page', 'html' => 'My new test page']) {
-        $book = Book::first();
-        $entityRepo = $this->app[EntityRepo::class];
-        $draftPage = $entityRepo->getDraftPage($book);
-        return $entityRepo->publishPageDraft($draftPage, $input);
+    public function newPage(array $input = ['name' => 'test page', 'html' => 'My new test page']): Page
+    {
+        $book = Book::query()->first();
+        $pageRepo = app(PageRepo::class);
+        $draftPage = $pageRepo->getNewDraftPage($book);
+
+        return $pageRepo->publishDraft($draftPage, $input);
     }
 
     /**
      * Quickly sets an array of settings.
-     * @param $settingsArray
      */
-    protected function setSettings($settingsArray)
+    protected function setSettings(array $settingsArray): void
     {
         $settings = app(SettingService::class);
         foreach ($settingsArray as $key => $value) {
             $settings->put($key, $value);
         }
     }
-}
\ No newline at end of file
+
+    /**
+     * Manually set some permissions on an entity.
+     */
+    protected function setEntityRestrictions(Entity $entity, array $actions = [], array $roles = []): void
+    {
+        $entity->restricted = true;
+        $entity->permissions()->delete();
+
+        $permissions = [];
+        foreach ($actions as $action) {
+            foreach ($roles as $role) {
+                $permissions[] = [
+                    'role_id' => $role->id,
+                    'action'  => strtolower($action),
+                ];
+            }
+        }
+        $entity->permissions()->createMany($permissions);
+
+        $entity->save();
+        $entity->load('permissions');
+        $this->app->make(JointPermissionBuilder::class)->rebuildForEntity($entity);
+        $entity->load('jointPermissions');
+    }
+
+    /**
+     * Give the given user some permissions.
+     */
+    protected function giveUserPermissions(User $user, array $permissions = []): void
+    {
+        $newRole = $this->createNewRole($permissions);
+        $user->attachRole($newRole);
+        $user->load('roles');
+        $user->clearPermissionCache();
+    }
+
+    /**
+     * Completely remove the given permission name from the given user.
+     */
+    protected function removePermissionFromUser(User $user, string $permissionName)
+    {
+        $permissionBuilder = app()->make(JointPermissionBuilder::class);
+
+        /** @var RolePermission $permission */
+        $permission = RolePermission::query()->where('name', '=', $permissionName)->firstOrFail();
+
+        $roles = $user->roles()->whereHas('permissions', function ($query) use ($permission) {
+            $query->where('id', '=', $permission->id);
+        })->get();
+
+        /** @var Role $role */
+        foreach ($roles as $role) {
+            $role->detachPermission($permission);
+            $permissionBuilder->rebuildForRole($role);
+        }
+
+        $user->clearPermissionCache();
+    }
+
+    /**
+     * Create a new basic role for testing purposes.
+     */
+    protected function createNewRole(array $permissions = []): Role
+    {
+        $permissionRepo = app(PermissionsRepo::class);
+        $roleData = Role::factory()->make()->toArray();
+        $roleData['permissions'] = array_flip($permissions);
+
+        return $permissionRepo->saveNewRole($roleData);
+    }
+
+    /**
+     * Create a group of entities that belong to a specific user.
+     *
+     * @return array{book: Book, chapter: Chapter, page: Page}
+     */
+    protected function createEntityChainBelongingToUser(User $creatorUser, ?User $updaterUser = null): array
+    {
+        if (empty($updaterUser)) {
+            $updaterUser = $creatorUser;
+        }
+
+        $userAttrs = ['created_by' => $creatorUser->id, 'owned_by' => $creatorUser->id, 'updated_by' => $updaterUser->id];
+        $book = Book::factory()->create($userAttrs);
+        $chapter = Chapter::factory()->create(array_merge(['book_id' => $book->id], $userAttrs));
+        $page = Page::factory()->create(array_merge(['book_id' => $book->id, 'chapter_id' => $chapter->id], $userAttrs));
+
+        $this->app->make(JointPermissionBuilder::class)->rebuildForEntity($book);
+
+        return compact('book', 'chapter', 'page');
+    }
+
+    /**
+     * Mock the HttpFetcher service and return the given data on fetch.
+     */
+    protected function mockHttpFetch($returnData, int $times = 1)
+    {
+        $mockHttp = Mockery::mock(HttpFetcher::class);
+        $this->app[HttpFetcher::class] = $mockHttp;
+        $mockHttp->shouldReceive('fetch')
+            ->times($times)
+            ->andReturn($returnData);
+    }
+
+    /**
+     * Mock the http client used in BookStack.
+     * Returns a reference to the container which holds all history of http transactions.
+     *
+     * @link https://docs.guzzlephp.org/en/stable/testing.html#history-middleware
+     */
+    protected function &mockHttpClient(array $responses = []): array
+    {
+        $container = [];
+        $history = Middleware::history($container);
+        $mock = new MockHandler($responses);
+        $handlerStack = new HandlerStack($mock);
+        $handlerStack->push($history);
+        $this->app[ClientInterface::class] = new Client(['handler' => $handlerStack]);
+
+        return $container;
+    }
+
+    /**
+     * Run a set test with the given env variable.
+     * Remembers the original and resets the value after test.
+     */
+    protected function runWithEnv(string $name, $value, callable $callback)
+    {
+        Env::disablePutenv();
+        $originalVal = $_SERVER[$name] ?? null;
+
+        if (is_null($value)) {
+            unset($_SERVER[$name]);
+        } else {
+            $_SERVER[$name] = $value;
+        }
+
+        $this->refreshApplication();
+        $callback();
+
+        if (is_null($originalVal)) {
+            unset($_SERVER[$name]);
+        } else {
+            $_SERVER[$name] = $originalVal;
+        }
+    }
+
+    /**
+     * Check the keys and properties in the given map to include
+     * exist, albeit not exclusively, within the map to check.
+     */
+    protected function assertArrayMapIncludes(array $mapToInclude, array $mapToCheck, string $message = ''): void
+    {
+        $passed = true;
+
+        foreach ($mapToInclude as $key => $value) {
+            if (!isset($mapToCheck[$key]) || $mapToCheck[$key] !== $mapToInclude[$key]) {
+                $passed = false;
+            }
+        }
+
+        $toIncludeStr = print_r($mapToInclude, true);
+        $toCheckStr = print_r($mapToCheck, true);
+        self::assertThat($passed, self::isTrue(), "Failed asserting that given map:\n\n{$toCheckStr}\n\nincludes:\n\n{$toIncludeStr}");
+    }
+
+    /**
+     * Assert a permission error has occurred.
+     */
+    protected function assertPermissionError($response)
+    {
+        PHPUnit::assertTrue($this->isPermissionError($response->baseResponse ?? $response->response), 'Failed asserting the response contains a permission error.');
+    }
+
+    /**
+     * Assert a permission error has occurred.
+     */
+    protected function assertNotPermissionError($response)
+    {
+        PHPUnit::assertFalse($this->isPermissionError($response->baseResponse ?? $response->response), 'Failed asserting the response does not contain a permission error.');
+    }
+
+    /**
+     * Check if the given response is a permission error.
+     */
+    private function isPermissionError($response): bool
+    {
+        return $response->status() === 302
+            && (
+                (
+                    $response->headers->get('Location') === url('/')
+                    && strpos(session()->pull('error', ''), 'You do not have permission to access') === 0
+                )
+                ||
+                (
+                    $response instanceof JsonResponse &&
+                    $response->json(['error' => 'You do not have permission to perform the requested action.'])
+                )
+            );
+    }
+
+    /**
+     * Assert that the session has a particular error notification message set.
+     */
+    protected function assertSessionError(string $message)
+    {
+        $error = session()->get('error');
+        PHPUnit::assertTrue($error === $message, "Failed asserting the session contains an error. \nFound: {$error}\nExpecting: {$message}");
+    }
+
+    /**
+     * Assert the session contains a specific entry.
+     */
+    protected function assertSessionHas(string $key): self
+    {
+        $this->assertTrue(session()->has($key), "Session does not contain a [{$key}] entry");
+
+        return $this;
+    }
+
+    protected function assertNotificationContains(\Illuminate\Testing\TestResponse $resp, string $text)
+    {
+        return $this->withHtml($resp)->assertElementContains('[notification]', $text);
+    }
+
+    /**
+     * Set a test handler as the logging interface for the application.
+     * Allows capture of logs for checking against during tests.
+     */
+    protected function withTestLogger(): TestHandler
+    {
+        $monolog = new Logger('testing');
+        $testHandler = new TestHandler();
+        $monolog->pushHandler($testHandler);
+
+        Log::extend('testing', function () use ($monolog) {
+            return $monolog;
+        });
+        Log::setDefaultDriver('testing');
+
+        return $testHandler;
+    }
+
+    /**
+     * Assert that an activity entry exists of the given key.
+     * Checks the activity belongs to the given entity if provided.
+     */
+    protected function assertActivityExists(string $type, ?Entity $entity = null, string $detail = '')
+    {
+        $detailsToCheck = ['type' => $type];
+
+        if ($entity) {
+            $detailsToCheck['entity_type'] = $entity->getMorphClass();
+            $detailsToCheck['entity_id'] = $entity->id;
+        }
+
+        if ($detail) {
+            $detailsToCheck['detail'] = $detail;
+        }
+
+        $this->assertDatabaseHas('activities', $detailsToCheck);
+    }
+
+    /**
+     * @return Entity[]
+     */
+    protected function getEachEntityType(): array
+    {
+        return [
+            'page' => Page::query()->first(),
+            'chapter' => Chapter::query()->first(),
+            'book' => Book::query()->first(),
+            'bookshelf' => Bookshelf::query()->first(),
+        ];
+    }
+}