X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/ec775aec02c0887d5cf2dc23c938a75b7eaf67d2..refs/pull/4467/head:/tests/PublicActionTest.php

diff --git a/tests/PublicActionTest.php b/tests/PublicActionTest.php
index 6f0e2f1d3..1e4dcbfb7 100644
--- a/tests/PublicActionTest.php
+++ b/tests/PublicActionTest.php
@@ -207,4 +207,16 @@ class PublicActionTest extends TestCase
 
         $this->withHtml($resp)->assertLinkExists($page->getUrl('/edit'));
     }
+
+    public function test_public_user_cannot_view_or_update_their_profile()
+    {
+        $this->setSettings(['app-public' => 'true']);
+        $guest = $this->users->guest();
+
+        $resp = $this->get($guest->getEditUrl());
+        $this->assertPermissionError($resp);
+
+        $resp = $this->put($guest->getEditUrl(), ['name' => 'My new guest name']);
+        $this->assertPermissionError($resp);
+    }
 }