BookStack Code Mirror - bookstack/blob - tests/PublicActionTest.php

   1 <?php namespace Tests;
   2
   3 use Auth;
   4 use BookStack\Auth\Permissions\PermissionService;
   5 use BookStack\Auth\Permissions\RolePermission;
   6 use BookStack\Auth\Role;
   7 use BookStack\Auth\User;
   8 use BookStack\Entities\Models\Book;
   9 use BookStack\Entities\Models\Chapter;
  10 use BookStack\Entities\Models\Page;
  11
  12 class PublicActionTest extends BrowserKitTest
  13 {
  14
  15     public function test_app_not_public()
  16     {
  17         $this->setSettings(['app-public' => 'false']);
  18         $book = Book::orderBy('name', 'asc')->first();
  19         $this->visit('/books')->seePageIs('/login');
  20         $this->visit($book->getUrl())->seePageIs('/login');
  21
  22         $page = Page::first();
  23         $this->visit($page->getUrl())->seePageIs('/login');
  24     }
  25
  26     public function test_login_link_visible()
  27     {
  28         $this->setSettings(['app-public' => 'true']);
  29         $this->visit('/')->see(url('/login'));
  30     }
  31
  32     public function test_register_link_visible_when_enabled()
  33     {
  34         $this->setSettings(['app-public' => 'true']);
  35
  36         $this->visit('/')->see(url('/login'));
  37         $this->visit('/')->dontSee(url('/register'));
  38
  39         $this->setSettings(['app-public' => 'true', 'registration-enabled' => 'true']);
  40         $this->visit('/')->see(url('/login'));
  41         $this->visit('/')->see(url('/register'));
  42     }
  43
  44     public function test_books_viewable()
  45     {
  46         $this->setSettings(['app-public' => 'true']);
  47         $books = Book::orderBy('name', 'asc')->take(10)->get();
  48         $bookToVisit = $books[1];
  49
  50         // Check books index page is showing
  51         $this->visit('/books')
  52             ->seeStatusCode(200)
  53             ->see($books[0]->name)
  54             // Check individual book page is showing and it's child contents are visible.
  55             ->click($bookToVisit->name)
  56             ->seePageIs($bookToVisit->getUrl())
  57             ->see($bookToVisit->name)
  58             ->see($bookToVisit->chapters()->first()->name);
  59     }
  60
  61     public function test_chapters_viewable()
  62     {
  63         $this->setSettings(['app-public' => 'true']);
  64         $chapterToVisit = Chapter::first();
  65         $pageToVisit = $chapterToVisit->pages()->first();
  66
  67         // Check chapters index page is showing
  68         $this->visit($chapterToVisit->getUrl())
  69             ->seeStatusCode(200)
  70             ->see($chapterToVisit->name)
  71             // Check individual chapter page is showing and it's child contents are visible.
  72             ->see($pageToVisit->name)
  73             ->click($pageToVisit->name)
  74             ->see($chapterToVisit->book->name)
  75             ->see($chapterToVisit->name)
  76             ->seePageIs($pageToVisit->getUrl());
  77     }
  78
  79     public function test_public_page_creation()
  80     {
  81         $this->setSettings(['app-public' => 'true']);
  82         $publicRole = Role::getSystemRole('public');
  83         // Grant all permissions to public
  84         $publicRole->permissions()->detach();
  85         foreach (RolePermission::all() as $perm) {
  86             $publicRole->attachPermission($perm);
  87         }
  88         $this->app[PermissionService::class]->buildJointPermissionForRole($publicRole);
  89
  90         $chapter = Chapter::first();
  91         $this->visit($chapter->book->getUrl());
  92         $this->visit($chapter->getUrl())
  93             ->click('New Page')
  94             ->see('New Page')
  95             ->seePageIs($chapter->getUrl('/create-page'));
  96
  97         $this->submitForm('Continue', [
  98             'name' => 'My guest page'
  99         ])->seePageIs($chapter->book->getUrl('/page/my-guest-page/edit'));
 100
 101         $user = User::getDefault();
 102         $this->seeInDatabase('pages', [
 103             'name' => 'My guest page',
 104             'chapter_id' => $chapter->id,
 105             'created_by' => $user->id,
 106             'updated_by' => $user->id
 107         ]);
 108     }
 109
 110     public function test_content_not_listed_on_404_for_public_users()
 111     {
 112         $page = Page::first();
 113         $this->asAdmin()->visit($page->getUrl());
 114         Auth::logout();
 115         view()->share('pageTitle', '');
 116         $this->forceVisit('/cats/dogs/hippos');
 117         $this->dontSee($page->name);
 118     }
 119
 120     public function test_robots_effected_by_public_status()
 121     {
 122         $this->visit('/robots.txt');
 123         $this->seeText("User-agent: *\nDisallow: /");
 124
 125         $this->setSettings(['app-public' => 'true']);
 126         $this->visit('/robots.txt');
 127
 128         $this->seeText("User-agent: *\nDisallow:");
 129         $this->dontSeeText("Disallow: /");
 130     }
 131
 132     public function test_robots_effected_by_setting()
 133     {
 134         $this->visit('/robots.txt');
 135         $this->seeText("User-agent: *\nDisallow: /");
 136
 137         config()->set('app.allow_robots', true);
 138         $this->visit('/robots.txt');
 139
 140         $this->seeText("User-agent: *\nDisallow:");
 141         $this->dontSeeText("Disallow: /");
 142
 143         // Check config overrides app-public setting
 144         config()->set('app.allow_robots', false);
 145         $this->setSettings(['app-public' => 'true']);
 146         $this->visit('/robots.txt');
 147
 148         $this->seeText("User-agent: *\nDisallow: /");
 149     }
 150
 151     public function test_public_view_then_login_redirects_to_previous_content()
 152     {
 153         $this->setSettings(['app-public' => 'true']);
 154         $book = Book::query()->first();
 155         $this->visit($book->getUrl())
 156             ->see($book->name)
 157             ->visit('/login')
 158             ->type('[email protected]', '#email')
 159             ->type('password', '#password')
 160             ->press('Log In')
 161             ->seePageUrlIs($book->getUrl());
 162     }
 163
 164     public function test_access_hidden_content_then_login_redirects_to_intended_content()
 165     {
 166         $this->setSettings(['app-public' => 'true']);
 167         $book = Book::query()->first();
 168         $this->setEntityRestrictions($book);
 169
 170         try {
 171             $this->visit($book->getUrl());
 172         } catch (\Exception $exception) {}
 173
 174         $this->see('Book not found')
 175             ->dontSee($book->name)
 176             ->visit('/login')
 177             ->type('[email protected]', '#email')
 178             ->type('password', '#password')
 179             ->press('Log In')
 180             ->seePageUrlIs($book->getUrl())
 181             ->see($book->name);
 182     }
 183 }