X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/8be36455ab7007334ca26fff28ebb1a99886de65..refs/pull/4193/head:/tests/Permissions/Scenarios/EntityRolePermissionsTest.php

diff --git a/tests/Permissions/Scenarios/EntityRolePermissionsTest.php b/tests/Permissions/Scenarios/EntityRolePermissionsTest.php
index c8f1401e7..55761e08c 100644
--- a/tests/Permissions/Scenarios/EntityRolePermissionsTest.php
+++ b/tests/Permissions/Scenarios/EntityRolePermissionsTest.php
@@ -187,6 +187,19 @@ class EntityRolePermissionsTest extends PermissionScenarioTestCase
         $this->assertNotVisibleToUser($page, $user);
     }
 
+    public function test_71_multi_role_inheriting_deny_on_own()
+    {
+        [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-own']);
+        $roleB = $this->users->attachNewRole($user);
+        $page = $this->entities->page();
+        $this->permissions->changeEntityOwner($page, $user);
+
+        $this->permissions->addEntityPermission($page, [], $roleB);
+
+        $this->assertNotVisibleToUser($page, $user);
+    }
+
+
     public function test_75_multi_role_inherited_deny_via_parent()
     {
         [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-all']);
@@ -199,6 +212,19 @@ class EntityRolePermissionsTest extends PermissionScenarioTestCase
         $this->assertNotVisibleToUser($page, $user);
     }
 
+    public function test_76_multi_role_inherited_deny_via_parent_on_own()
+    {
+        [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-own']);
+        $roleB = $this->users->attachNewRole($user);
+        $page = $this->entities->pageWithinChapter();
+        $chapter = $page->chapter;
+        $this->permissions->changeEntityOwner($page, $user);
+
+        $this->permissions->addEntityPermission($chapter, [], $roleB);
+
+        $this->assertNotVisibleToUser($page, $user);
+    }
+
     public function test_80_fallback_override_allow()
     {
         [$user, $roleA] = $this->users->newUserWithRole();
@@ -293,4 +319,31 @@ class EntityRolePermissionsTest extends PermissionScenarioTestCase
 
         $this->assertNotVisibleToUser($page, $user);
     }
+
+    public function test_90_fallback_overrides_parent_entity_role_deny()
+    {
+        [$user, $roleA] = $this->users->newUserWithRole();
+        $page = $this->entities->page();
+        $chapter = $page->chapter;
+
+        $this->permissions->setFallbackPermissions($chapter, []);
+        $this->permissions->setFallbackPermissions($page, []);
+        $this->permissions->addEntityPermission($chapter, ['view'], $roleA);
+
+        $this->assertNotVisibleToUser($page, $user);
+    }
+
+    public function test_91_fallback_overrides_parent_entity_role_inherit()
+    {
+        [$user, $roleA] = $this->users->newUserWithRole();
+        $page = $this->entities->page();
+        $chapter = $page->chapter;
+        $book = $page->book;
+
+        $this->permissions->setFallbackPermissions($book, []);
+        $this->permissions->setFallbackPermissions($chapter, []);
+        $this->permissions->addEntityPermission($book, ['view'], $roleA);
+
+        $this->assertNotVisibleToUser($page, $user);
+    }
 }