X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/5736919836cd54df1a03a40cba977f6b190d8f8a..refs/pull/3698/head:/tests/Uploads/ImageTest.php

diff --git a/tests/Uploads/ImageTest.php b/tests/Uploads/ImageTest.php
index 2a3023a9e..84f9e47f4 100644
--- a/tests/Uploads/ImageTest.php
+++ b/tests/Uploads/ImageTest.php
@@ -457,6 +457,32 @@ class ImageTest extends TestCase
         $this->assertFalse(file_exists(public_path($relPath)), 'Uploaded image has not been deleted as expected');
     }
 
+    public function test_image_manager_delete_button_only_shows_with_permission()
+    {
+        $page = Page::query()->first();
+        $this->asAdmin();
+        $imageName = 'first-image.png';
+        $relPath = $this->getTestImagePath('gallery', $imageName);
+        $this->deleteImage($relPath);
+        $viewer = $this->getViewer();
+
+        $this->uploadImage($imageName, $page->id);
+        $image = Image::first();
+
+        $resp = $this->get("/images/edit/{$image->id}");
+        $this->withHtml($resp)->assertElementExists('button#image-manager-delete[title="Delete"]');
+
+        $resp = $this->actingAs($viewer)->get("/images/edit/{$image->id}");
+        $this->withHtml($resp)->assertElementNotExists('button#image-manager-delete[title="Delete"]');
+
+        $this->giveUserPermissions($viewer, ['image-delete-all']);
+
+        $resp = $this->actingAs($viewer)->get("/images/edit/{$image->id}");
+        $this->withHtml($resp)->assertElementExists('button#image-manager-delete[title="Delete"]');
+
+        $this->deleteImage($relPath);
+    }
+
     protected function getTestProfileImage()
     {
         $imageName = 'profile.png';