use BookStack\Entities\Models\Chapter;
use BookStack\Entities\Models\Entity;
use BookStack\Entities\Queries\BookQueries;
+use BookStack\Entities\Queries\PageQueries;
use BookStack\Entities\Repos\BookRepo;
use BookStack\Entities\Tools\BookContents;
use BookStack\Http\ApiController;
public function __construct(
protected BookRepo $bookRepo,
protected BookQueries $queries,
+ protected PageQueries $pageQueries,
) {
}
->withType()
->withField('pages', function (Entity $entity) {
if ($entity instanceof Chapter) {
- return (new ApiEntityListFormatter($entity->pages->all()))->format();
+ $pages = $this->pageQueries->visibleForChapterList($entity->id)->get()->all();
+ return (new ApiEntityListFormatter($pages))->format();
}
return null;
})->format();
]);
}
+ public function test_read_endpoint_contents_nested_pages_has_permissions_applied()
+ {
+ $this->actingAsApiEditor();
+
+ $book = $this->entities->bookHasChaptersAndPages();
+ $chapter = $book->chapters()->first();
+ $chapterPage = $chapter->pages()->first();
+ $customName = 'MyNonVisiblePageWithinAChapter';
+ $chapterPage->name = $customName;
+ $chapterPage->save();
+
+ $this->permissions->disableEntityInheritedPermissions($chapterPage);
+
+ $resp = $this->getJson($this->baseEndpoint . "/{$book->id}");
+ $resp->assertJsonMissing(['name' => $customName]);
+ }
+
public function test_update_endpoint()
{
$this->actingAsApiEditor();
projects / bookstack / commitdiff