X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/9135a85de4eef32a91c7a3ee0aa405ed454e5a4c..refs/pull/5676/head:/tests/PublicActionTest.php

diff --git a/tests/PublicActionTest.php b/tests/PublicActionTest.php
index e21afdf33..76745aaac 100644
--- a/tests/PublicActionTest.php
+++ b/tests/PublicActionTest.php
@@ -2,11 +2,11 @@
 
 namespace Tests;
 
-use BookStack\Auth\Permissions\RolePermission;
-use BookStack\Auth\Role;
-use BookStack\Auth\User;
 use BookStack\Entities\Models\Book;
 use BookStack\Entities\Models\Chapter;
+use BookStack\Permissions\Models\RolePermission;
+use BookStack\Users\Models\Role;
+use BookStack\Users\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\View;
 
@@ -103,7 +103,7 @@ class PublicActionTest extends TestCase
         $resp = $this->post($chapter->getUrl('/create-guest-page'), ['name' => 'My guest page']);
         $resp->assertRedirect($chapter->book->getUrl('/page/my-guest-page/edit'));
 
-        $user = User::getDefault();
+        $user = $this->users->guest();
         $this->assertDatabaseHas('pages', [
             'name'       => 'My guest page',
             'chapter_id' => $chapter->id,
@@ -128,33 +128,6 @@ class PublicActionTest extends TestCase
         $resp->assertDontSee($page->name);
     }
 
-    public function test_robots_effected_by_public_status()
-    {
-        $this->get('/robots.txt')->assertSee("User-agent: *\nDisallow: /");
-
-        $this->setSettings(['app-public' => 'true']);
-
-        $resp = $this->get('/robots.txt');
-        $resp->assertSee("User-agent: *\nDisallow:");
-        $resp->assertDontSee('Disallow: /');
-    }
-
-    public function test_robots_effected_by_setting()
-    {
-        $this->get('/robots.txt')->assertSee("User-agent: *\nDisallow: /");
-
-        config()->set('app.allow_robots', true);
-
-        $resp = $this->get('/robots.txt');
-        $resp->assertSee("User-agent: *\nDisallow:");
-        $resp->assertDontSee('Disallow: /');
-
-        // Check config overrides app-public setting
-        config()->set('app.allow_robots', false);
-        $this->setSettings(['app-public' => 'true']);
-        $this->get('/robots.txt')->assertSee("User-agent: *\nDisallow: /");
-    }
-
     public function test_default_favicon_file_created_upon_access()
     {
         $faviconPath = public_path('favicon.ico');
@@ -193,4 +166,30 @@ class PublicActionTest extends TestCase
         $resp->assertRedirect($book->getUrl());
         $this->followRedirects($resp)->assertSee($book->name);
     }
+
+    public function test_public_view_can_take_on_other_roles()
+    {
+        $this->setSettings(['app-public' => 'true']);
+        $newRole = $this->users->attachNewRole($this->users->guest(), []);
+        $page = $this->entities->page();
+        $this->permissions->disableEntityInheritedPermissions($page);
+        $this->permissions->addEntityPermission($page, ['view', 'update'], $newRole);
+
+        $resp = $this->get($page->getUrl());
+        $resp->assertOk();
+
+        $this->withHtml($resp)->assertLinkExists($page->getUrl('/edit'));
+    }
+
+    public function test_public_user_cannot_view_or_update_their_profile()
+    {
+        $this->setSettings(['app-public' => 'true']);
+        $guest = $this->users->guest();
+
+        $resp = $this->get($guest->getEditUrl());
+        $this->assertPermissionError($resp);
+
+        $resp = $this->put($guest->getEditUrl(), ['name' => 'My new guest name']);
+        $this->assertPermissionError($resp);
+    }
 }