BookStack Code Mirror - bookstack/blob - tests/Permissions/Scenarios/EntityRolePermissions.php

   1 <?php
   2
   3 namespace Tests\Permissions\Scenarios;
   4
   5 class EntityRolePermissions extends PermissionScenarioTestCase
   6 {
   7     public function test_01_explicit_allow()
   8     {
   9         [$user, $role] = $this->users->newUserWithRole();
  10         $page = $this->entities->page();
  11         $this->permissions->setEntityPermissions($page, ['view'], [$role], false);
  12
  13         $this->assertVisibleToUser($page, $user);
  14     }
  15
  16     public function test_02_explicit_deny()
  17     {
  18         [$user, $role] = $this->users->newUserWithRole();
  19         $page = $this->entities->page();
  20         $this->permissions->setEntityPermissions($page, [], [$role], false);
  21
  22         $this->assertNotVisibleToUser($page, $user);
  23     }
  24
  25     public function test_03_same_level_conflicting()
  26     {
  27         [$user, $roleA] = $this->users->newUserWithRole();
  28         $roleB = $this->users->attachNewRole($user);
  29         $page = $this->entities->page();
  30
  31         $this->permissions->disableEntityInheritedPermissions($page);
  32         $this->permissions->addEntityPermission($page, [], $roleA);
  33         $this->permissions->addEntityPermission($page, ['view'], $roleB);
  34
  35         $this->assertVisibleToUser($page, $user);
  36     }
  37
  38     public function test_20_inherit_allow()
  39     {
  40         [$user, $roleA] = $this->users->newUserWithRole();
  41         $page = $this->entities->pageWithinChapter();
  42         $chapter = $page->chapter;
  43
  44         $this->permissions->disableEntityInheritedPermissions($chapter);
  45         $this->permissions->addEntityPermission($chapter, ['view'], $roleA);
  46
  47         $this->assertVisibleToUser($page, $user);
  48     }
  49
  50     public function test_21_inherit_deny()
  51     {
  52         [$user, $roleA] = $this->users->newUserWithRole();
  53         $page = $this->entities->pageWithinChapter();
  54         $chapter = $page->chapter;
  55
  56         $this->permissions->disableEntityInheritedPermissions($chapter);
  57         $this->permissions->addEntityPermission($chapter, [], $roleA);
  58
  59         $this->assertNotVisibleToUser($page, $user);
  60     }
  61
  62     public function test_22_same_level_conflict_inherit()
  63     {
  64         [$user, $roleA] = $this->users->newUserWithRole();
  65         $roleB = $this->users->attachNewRole($user);
  66         $page = $this->entities->pageWithinChapter();
  67         $chapter = $page->chapter;
  68
  69         $this->permissions->disableEntityInheritedPermissions($chapter);
  70         $this->permissions->addEntityPermission($chapter, [], $roleA);
  71         $this->permissions->addEntityPermission($chapter, ['view'], $roleB);
  72
  73         $this->assertVisibleToUser($page, $user);
  74     }
  75
  76     public function test_30_child_inherit_override_allow()
  77     {
  78         [$user, $roleA] = $this->users->newUserWithRole();
  79         $page = $this->entities->pageWithinChapter();
  80         $chapter = $page->chapter;
  81
  82         $this->permissions->disableEntityInheritedPermissions($chapter);
  83         $this->permissions->addEntityPermission($chapter, [], $roleA);
  84         $this->permissions->addEntityPermission($page, ['view'], $roleA);
  85
  86         $this->assertVisibleToUser($page, $user);
  87     }
  88
  89     public function test_31_child_inherit_override_deny()
  90     {
  91         [$user, $roleA] = $this->users->newUserWithRole();
  92         $page = $this->entities->pageWithinChapter();
  93         $chapter = $page->chapter;
  94
  95         $this->permissions->disableEntityInheritedPermissions($chapter);
  96         $this->permissions->addEntityPermission($chapter, ['view'], $roleA);
  97         $this->permissions->addEntityPermission($page, [], $roleA);
  98
  99         $this->assertNotVisibleToUser($page, $user);
 100     }
 101
 102     public function test_40_multi_role_inherit_conflict_override_deny()
 103     {
 104         [$user, $roleA] = $this->users->newUserWithRole();
 105         $roleB = $this->users->attachNewRole($user);
 106         $page = $this->entities->pageWithinChapter();
 107         $chapter = $page->chapter;
 108
 109         $this->permissions->disableEntityInheritedPermissions($chapter);
 110         $this->permissions->addEntityPermission($page, [], $roleA);
 111         $this->permissions->addEntityPermission($chapter, ['view'], $roleB);
 112
 113         $this->assertVisibleToUser($page, $user);
 114     }
 115
 116     public function test_41_multi_role_inherit_conflict_retain_allow()
 117     {
 118         [$user, $roleA] = $this->users->newUserWithRole();
 119         $roleB = $this->users->attachNewRole($user);
 120         $page = $this->entities->pageWithinChapter();
 121         $chapter = $page->chapter;
 122
 123         $this->permissions->disableEntityInheritedPermissions($chapter);
 124         $this->permissions->addEntityPermission($page, ['view'], $roleA);
 125         $this->permissions->addEntityPermission($chapter, [], $roleB);
 126
 127         $this->assertVisibleToUser($page, $user);
 128     }
 129 }