X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/7c9937e9240b9656fe865de85a89c97b734656ab..99ce3067c7325bad066cde5eeb512ae421b869b4:/tests/Entity/SortTest.php diff --git a/tests/Entity/SortTest.php b/tests/Entity/SortTest.php index 3b0831029..3c83d626a 100644 --- a/tests/Entity/SortTest.php +++ b/tests/Entity/SortTest.php @@ -1,24 +1,25 @@ book = \BookStack\Book::first(); + $this->book = Book::first(); } public function test_drafts_do_not_show_up() { $this->asAdmin(); - $entityRepo = app(EntityRepo::class); - $draft = $entityRepo->getDraftPage($this->book); + $pageRepo = app(PageRepo::class); + $draft = $pageRepo->getNewDraftPage($this->book); $resp = $this->get($this->book->getUrl()); $resp->assertSee($draft->name); @@ -29,17 +30,17 @@ class SortTest extends TestCase public function test_page_move() { - $page = \BookStack\Page::first(); + $page = Page::first(); $currentBook = $page->book; - $newBook = \BookStack\Book::where('id', '!=', $currentBook->id)->first(); + $newBook = Book::where('id', '!=', $currentBook->id)->first(); - $resp = $this->asAdmin()->get($page->getUrl() . '/move'); + $resp = $this->asEditor()->get($page->getUrl('/move')); $resp->assertSee('Move Page'); - $movePageResp = $this->put($page->getUrl() . '/move', [ + $movePageResp = $this->put($page->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id ]); - $page = \BookStack\Page::find($page->id); + $page = Page::find($page->id); $movePageResp->assertRedirect($page->getUrl()); $this->assertTrue($page->book->id == $newBook->id, 'Page book is now the new book'); @@ -49,21 +50,73 @@ class SortTest extends TestCase $newBookResp->assertSee($page->name); } + public function test_page_move_requires_create_permissions_on_parent() + { + $page = Page::first(); + $currentBook = $page->book; + $newBook = Book::where('id', '!=', $currentBook->id)->first(); + $editor = $this->getEditor(); + + $this->setEntityRestrictions($newBook, ['view', 'update', 'delete'], $editor->roles); + + $movePageResp = $this->actingAs($editor)->put($page->getUrl('/move'), [ + 'entity_selection' => 'book:' . $newBook->id + ]); + $this->assertPermissionError($movePageResp); + + $this->setEntityRestrictions($newBook, ['view', 'update', 'delete', 'create'], $editor->roles); + $movePageResp = $this->put($page->getUrl('/move'), [ + 'entity_selection' => 'book:' . $newBook->id + ]); + + $page = Page::find($page->id); + $movePageResp->assertRedirect($page->getUrl()); + + $this->assertTrue($page->book->id == $newBook->id, 'Page book is now the new book'); + } + + public function test_page_move_requires_delete_permissions() + { + $page = Page::first(); + $currentBook = $page->book; + $newBook = Book::where('id', '!=', $currentBook->id)->first(); + $editor = $this->getEditor(); + + $this->setEntityRestrictions($newBook, ['view', 'update', 'create', 'delete'], $editor->roles); + $this->setEntityRestrictions($page, ['view', 'update', 'create'], $editor->roles); + + $movePageResp = $this->actingAs($editor)->put($page->getUrl('/move'), [ + 'entity_selection' => 'book:' . $newBook->id + ]); + $this->assertPermissionError($movePageResp); + $pageView = $this->get($page->getUrl()); + $pageView->assertDontSee($page->getUrl('/move')); + + $this->setEntityRestrictions($page, ['view', 'update', 'create', 'delete'], $editor->roles); + $movePageResp = $this->put($page->getUrl('/move'), [ + 'entity_selection' => 'book:' . $newBook->id + ]); + + $page = Page::find($page->id); + $movePageResp->assertRedirect($page->getUrl()); + $this->assertTrue($page->book->id == $newBook->id, 'Page book is now the new book'); + } + public function test_chapter_move() { - $chapter = \BookStack\Chapter::first(); + $chapter = Chapter::first(); $currentBook = $chapter->book; $pageToCheck = $chapter->pages->first(); - $newBook = \BookStack\Book::where('id', '!=', $currentBook->id)->first(); + $newBook = Book::where('id', '!=', $currentBook->id)->first(); - $chapterMoveResp = $this->asAdmin()->get($chapter->getUrl() . '/move'); + $chapterMoveResp = $this->asEditor()->get($chapter->getUrl('/move')); $chapterMoveResp->assertSee('Move Chapter'); - $moveChapterResp = $this->put($chapter->getUrl() . '/move', [ + $moveChapterResp = $this->put($chapter->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id ]); - $chapter = \BookStack\Chapter::find($chapter->id); + $chapter = Chapter::find($chapter->id); $moveChapterResp->assertRedirect($chapter->getUrl()); $this->assertTrue($chapter->book->id === $newBook->id, 'Chapter Book is now the new book'); @@ -71,12 +124,39 @@ class SortTest extends TestCase $newBookResp->assertSee('moved chapter'); $newBookResp->assertSee($chapter->name); - $pageToCheck = \BookStack\Page::find($pageToCheck->id); + $pageToCheck = Page::find($pageToCheck->id); $this->assertTrue($pageToCheck->book_id === $newBook->id, 'Chapter child page\'s book id has changed to the new book'); $pageCheckResp = $this->get($pageToCheck->getUrl()); $pageCheckResp->assertSee($newBook->name); } + public function test_chapter_move_requires_delete_permissions() + { + $chapter = Chapter::first(); + $currentBook = $chapter->book; + $newBook = Book::where('id', '!=', $currentBook->id)->first(); + $editor = $this->getEditor(); + + $this->setEntityRestrictions($newBook, ['view', 'update', 'create', 'delete'], $editor->roles); + $this->setEntityRestrictions($chapter, ['view', 'update', 'create'], $editor->roles); + + $moveChapterResp = $this->actingAs($editor)->put($chapter->getUrl('/move'), [ + 'entity_selection' => 'book:' . $newBook->id + ]); + $this->assertPermissionError($moveChapterResp); + $pageView = $this->get($chapter->getUrl()); + $pageView->assertDontSee($chapter->getUrl('/move')); + + $this->setEntityRestrictions($chapter, ['view', 'update', 'create', 'delete'], $editor->roles); + $moveChapterResp = $this->put($chapter->getUrl('/move'), [ + 'entity_selection' => 'book:' . $newBook->id + ]); + + $chapter = Chapter::find($chapter->id); + $moveChapterResp->assertRedirect($chapter->getUrl()); + $this->assertTrue($chapter->book->id == $newBook->id, 'Page book is now the new book'); + } + public function test_book_sort() { $oldBook = Book::query()->first(); @@ -104,7 +184,7 @@ class SortTest extends TestCase ]; } - $sortResp = $this->asAdmin()->put($newBook->getUrl() . '/sort', ['sort-tree' => json_encode($reqData)]); + $sortResp = $this->asEditor()->put($newBook->getUrl() . '/sort', ['sort-tree' => json_encode($reqData)]); $sortResp->assertRedirect($newBook->getUrl()); $sortResp->assertStatus(302); $this->assertDatabaseHas('chapters', [ @@ -120,4 +200,73 @@ class SortTest extends TestCase $checkResp->assertSee($newBook->name); } + public function test_page_copy() + { + $page = Page::first(); + $currentBook = $page->book; + $newBook = Book::where('id', '!=', $currentBook->id)->first(); + + $resp = $this->asEditor()->get($page->getUrl('/copy')); + $resp->assertSee('Copy Page'); + + $movePageResp = $this->post($page->getUrl('/copy'), [ + 'entity_selection' => 'book:' . $newBook->id, + 'name' => 'My copied test page' + ]); + $pageCopy = Page::where('name', '=', 'My copied test page')->first(); + + $movePageResp->assertRedirect($pageCopy->getUrl()); + $this->assertTrue($pageCopy->book->id == $newBook->id, 'Page was copied to correct book'); + } + + public function test_page_copy_with_no_destination() + { + $page = Page::first(); + $currentBook = $page->book; + + $resp = $this->asEditor()->get($page->getUrl('/copy')); + $resp->assertSee('Copy Page'); + + $movePageResp = $this->post($page->getUrl('/copy'), [ + 'name' => 'My copied test page' + ]); + + $pageCopy = Page::where('name', '=', 'My copied test page')->first(); + + $movePageResp->assertRedirect($pageCopy->getUrl()); + $this->assertTrue($pageCopy->book->id == $currentBook->id, 'Page was copied to correct book'); + $this->assertTrue($pageCopy->id !== $page->id, 'Page copy is not the same instance'); + } + + public function test_page_can_be_copied_without_edit_permission() + { + $page = Page::first(); + $currentBook = $page->book; + $newBook = Book::where('id', '!=', $currentBook->id)->first(); + $viewer = $this->getViewer(); + + $resp = $this->actingAs($viewer)->get($page->getUrl()); + $resp->assertDontSee($page->getUrl('/copy')); + + $newBook->created_by = $viewer->id; + $newBook->save(); + $this->giveUserPermissions($viewer, ['page-create-own']); + $this->regenEntityPermissions($newBook); + + $resp = $this->actingAs($viewer)->get($page->getUrl()); + $resp->assertSee($page->getUrl('/copy')); + + $movePageResp = $this->post($page->getUrl('/copy'), [ + 'entity_selection' => 'book:' . $newBook->id, + 'name' => 'My copied test page' + ]); + $movePageResp->assertRedirect(); + + $this->assertDatabaseHas('pages', [ + 'name' => 'My copied test page', + 'created_by' => $viewer->id, + 'book_id' => $newBook->id, + ]); + } + } \ No newline at end of file