Removed joint_permissions auto_increment id

Removed auto_incrementing id and set a primary key of the [role_id,
entity_type, entity_id, action] instead since this table could recieve a
lot of activity, especially when permission regeneration was automated,
leading to very high auto_increment counts which could max out the
integer limit.

Also updated some RolesTest comment endpoints to align with
recent route changes.

Should fix #2091

diff --git a/app/Auth/Permissions/JointPermission.php b/app/Auth/Permissions/JointPermission.php
index c48549b8f00c5cac2e9996fa9c4c4e0d483af365..8d1776bd8a45ad59d74d417a82b370ccf20b1fa0 100644 (file)
--- a/app/Auth/Permissions/JointPermission.php
+++ b/app/Auth/Permissions/JointPermission.php
@@ -3,25 +3,26 @@
 use BookStack\Auth\Role;
 use BookStack\Entities\Entity;
 use BookStack\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Database\Eloquent\Relations\MorphOne;
 
 class JointPermission extends Model
 {
+    protected $primaryKey = null;
     public $timestamps = false;
 
     /**
      * Get the role that this points to.
-     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
      */
-    public function role()
+    public function role(): BelongsTo
     {
         return $this->belongsTo(Role::class);
     }
 
     /**
      * Get the entity this points to.
-     * @return \Illuminate\Database\Eloquent\Relations\MorphOne
      */
-    public function entity()
+    public function entity(): MorphOne
     {
         return $this->morphOne(Entity::class, 'entity');
     }

diff --git a/database/migrations/2020_08_04_111754_drop_joint_permissions_id.php b/database/migrations/2020_08_04_111754_drop_joint_permissions_id.php
new file mode 100644 (file)
index 0000000..bb953a5
--- /dev/null
+++ b/database/migrations/2020_08_04_111754_drop_joint_permissions_id.php
@@ -0,0 +1,37 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class DropJointPermissionsId extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('joint_permissions', function (Blueprint $table) {
+            $table->dropColumn('id');
+            $table->primary(['role_id', 'entity_type', 'entity_id', 'action'], 'joint_primary');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('joint_permissions', function (Blueprint $table) {
+            $table->dropPrimary(['role_id', 'entity_type', 'entity_id', 'action']);
+        });
+
+        Schema::table('joint_permissions', function (Blueprint $table) {
+            $table->increments('id')->unsigned();
+        });
+    }
+}

diff --git a/tests/Permissions/RolesTest.php b/tests/Permissions/RolesTest.php
index 99080d354c4c239fae8261e8de53d06681b7e7fe..dff052891a1a9e9769cfe4c47701358576b6718d 100644 (file)
--- a/tests/Permissions/RolesTest.php
+++ b/tests/Permissions/RolesTest.php
@@ -2,10 +2,8 @@
 
 use BookStack\Entities\Bookshelf;
 use BookStack\Entities\Page;
-use BookStack\Auth\Permissions\PermissionsRepo;
 use BookStack\Auth\Role;
 use Laravel\BrowserKitTesting\HttpException;
-use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Tests\BrowserKitTest;
 
 class RolesTest extends BrowserKitTest
@@ -852,7 +850,7 @@ class RolesTest extends BrowserKitTest
 
     private function addComment($page) {
         $comment = factory(\BookStack\Actions\Comment::class)->make();
-        $url = "/ajax/page/$page->id/comment";
+        $url = "/comment/$page->id";
         $request = [
             'text' => $comment->text,
             'html' => $comment->html
@@ -865,7 +863,7 @@ class RolesTest extends BrowserKitTest
 
     private function updateComment($commentId) {
         $comment = factory(\BookStack\Actions\Comment::class)->make();
-        $url = "/ajax/comment/$commentId";
+        $url = "/comment/$commentId";
         $request = [
             'text' => $comment->text,
             'html' => $comment->html
@@ -875,7 +873,7 @@ class RolesTest extends BrowserKitTest
     }
 
     private function deleteComment($commentId) {
-         $url = '/ajax/comment/' . $commentId;
+         $url = '/comment/' . $commentId;
          return $this->json('DELETE', $url);
     }