Added method for using enity ownership in relation queries

[bookstack] / tests / Uploads / ImageTest.php

diff --git a/tests/Uploads/ImageTest.php b/tests/Uploads/ImageTest.php
index e929d63ec60733e87846a8e7d43e2d5af93cf7f5..c6e678ff2f73ecbf94141958dc7a015ea3ac4cac 100644 (file)
--- a/tests/Uploads/ImageTest.php
+++ b/tests/Uploads/ImageTest.php
@@ -16,7 +16,7 @@ class ImageTest extends TestCase
     public function test_image_upload()
     {
         $page = $this->entities->page();
-        $admin = $this->getAdmin();
+        $admin = $this->users->admin();
         $this->actingAs($admin);
 
         $imgDetails = $this->uploadGalleryImage($page);
@@ -40,7 +40,7 @@ class ImageTest extends TestCase
     public function test_image_display_thumbnail_generation_does_not_increase_image_size()
     {
         $page = $this->entities->page();
-        $admin = $this->getAdmin();
+        $admin = $this->users->admin();
         $this->actingAs($admin);
 
         $originalFile = $this->getTestImageFilePath('compressed.png');
@@ -64,7 +64,7 @@ class ImageTest extends TestCase
     public function test_image_display_thumbnail_generation_for_apng_images_uses_original_file()
     {
         $page = $this->entities->page();
-        $admin = $this->getAdmin();
+        $admin = $this->users->admin();
         $this->actingAs($admin);
 
         $imgDetails = $this->uploadGalleryImage($page, 'animated.png');
@@ -76,7 +76,7 @@ class ImageTest extends TestCase
 
     public function test_image_edit()
     {
-        $editor = $this->getEditor();
+        $editor = $this->users->editor();
         $this->actingAs($editor);
 
         $imgDetails = $this->uploadGalleryImage();
@@ -126,7 +126,7 @@ class ImageTest extends TestCase
     public function test_image_usage()
     {
         $page = $this->entities->page();
-        $editor = $this->getEditor();
+        $editor = $this->users->editor();
         $this->actingAs($editor);
 
         $imgDetails = $this->uploadGalleryImage($page);
@@ -146,7 +146,7 @@ class ImageTest extends TestCase
     public function test_php_files_cannot_be_uploaded()
     {
         $page = $this->entities->page();
-        $admin = $this->getAdmin();
+        $admin = $this->users->admin();
         $this->actingAs($admin);
 
         $fileName = 'bad.php';
@@ -168,7 +168,7 @@ class ImageTest extends TestCase
     public function test_php_like_files_cannot_be_uploaded()
     {
         $page = $this->entities->page();
-        $admin = $this->getAdmin();
+        $admin = $this->users->admin();
         $this->actingAs($admin);
 
         $fileName = 'bad.phtml';
@@ -185,7 +185,7 @@ class ImageTest extends TestCase
     public function test_files_with_double_extensions_will_get_sanitized()
     {
         $page = $this->entities->page();
-        $admin = $this->getAdmin();
+        $admin = $this->users->admin();
         $this->actingAs($admin);
 
         $fileName = 'bad.phtml.png';
@@ -310,7 +310,7 @@ class ImageTest extends TestCase
         }
     }
 
-    public function test_system_images_remain_public()
+    public function test_system_images_remain_public_with_local_secure()
     {
         config()->set('filesystems.images', 'local_secure');
         $this->asAdmin();
@@ -327,6 +327,23 @@ class ImageTest extends TestCase
         }
     }
 
+    public function test_system_images_remain_public_with_local_secure_restricted()
+    {
+        config()->set('filesystems.images', 'local_secure_restricted');
+        $this->asAdmin();
+        $galleryFile = $this->getTestImage('my-system-test-restricted-upload.png');
+        $expectedPath = public_path('uploads/images/system/' . date('Y-m') . '/my-system-test-restricted-upload.png');
+
+        $upload = $this->call('POST', '/settings/customization', [], [], ['app_logo' => $galleryFile], []);
+        $upload->assertRedirect('/settings/customization');
+
+        $this->assertTrue(file_exists($expectedPath), 'Uploaded image not found at path: ' . $expectedPath);
+
+        if (file_exists($expectedPath)) {
+            unlink($expectedPath);
+        }
+    }
+
     public function test_secure_restricted_images_inaccessible_without_relation_permission()
     {
         config()->set('filesystems.images', 'local_secure_restricted');
@@ -341,7 +358,7 @@ class ImageTest extends TestCase
 
         $this->get($expectedUrl)->assertOk();
 
-        $this->entities->setPermissions($page, [], []);
+        $this->permissions->setEntityPermissions($page, [], []);
 
         $resp = $this->get($expectedUrl);
         $resp->assertNotFound();
@@ -365,7 +382,7 @@ class ImageTest extends TestCase
 
         $this->get($expectedUrl)->assertOk();
 
-        $this->entities->setPermissions($page, [], []);
+        $this->permissions->setEntityPermissions($page, [], []);
 
         $resp = $this->get($expectedUrl);
         $resp->assertNotFound();
@@ -398,7 +415,7 @@ class ImageTest extends TestCase
         $export = $this->get($pageB->getUrl('/export/html'));
         $this->assertStringContainsString($encodedImageContent, $export->getContent());
 
-        $this->entities->setPermissions($pageA, [], []);
+        $this->permissions->setEntityPermissions($pageA, [], []);
 
         $export = $this->get($pageB->getUrl('/export/html'));
         $this->assertStringNotContainsString($encodedImageContent, $export->getContent());
@@ -462,7 +479,7 @@ class ImageTest extends TestCase
         $imageName = 'first-image.png';
         $relPath = $this->getTestImagePath('gallery', $imageName);
         $this->deleteImage($relPath);
-        $viewer = $this->getViewer();
+        $viewer = $this->users->viewer();
 
         $this->uploadImage($imageName, $page->id);
         $image = Image::first();
@@ -473,7 +490,7 @@ class ImageTest extends TestCase
         $resp = $this->actingAs($viewer)->get("/images/edit/{$image->id}");
         $this->withHtml($resp)->assertElementNotExists('button#image-manager-delete[title="Delete"]');
 
-        $this->giveUserPermissions($viewer, ['image-delete-all']);
+        $this->permissions->grantUserRolePermissions($viewer, ['image-delete-all']);
 
         $resp = $this->actingAs($viewer)->get("/images/edit/{$image->id}");
         $this->withHtml($resp)->assertElementExists('button#image-manager-delete[title="Delete"]');
@@ -492,8 +509,8 @@ class ImageTest extends TestCase
 
     public function test_user_image_upload()
     {
-        $editor = $this->getEditor();
-        $admin = $this->getAdmin();
+        $editor = $this->users->editor();
+        $admin = $this->users->admin();
         $this->actingAs($admin);
 
         $file = $this->getTestProfileImage();
@@ -508,7 +525,7 @@ class ImageTest extends TestCase
 
     public function test_user_images_deleted_on_user_deletion()
     {
-        $editor = $this->getEditor();
+        $editor = $this->users->editor();
         $this->actingAs($editor);
 
         $file = $this->getTestProfileImage();
@@ -538,7 +555,7 @@ class ImageTest extends TestCase
     public function test_deleted_unused_images()
     {
         $page = $this->entities->page();
-        $admin = $this->getAdmin();
+        $admin = $this->users->admin();
         $this->actingAs($admin);
 
         $imageName = 'unused-image.png';