->pluck($action, 'role_id');
// Continue up the chain if no applicable entity permission overrides.
- if (empty($allowedByRoleId)) {
+ if ($allowedByRoleId->isEmpty()) {
continue;
}
*/
public function everyoneElseEntityPermission(): EntityPermission
{
- /** @var EntityPermission $permission */
+ /** @var ?EntityPermission $permission */
$permission = $this->entity->permissions()
->where('role_id', '=', 0)
->first();
$shelf = $this->entities->shelf();
$child = $shelf->books()->first();
$editorRole = $this->getEditor()->roles()->first();
- $this->assertFalse(boolval($child->hasPermissions()), 'Child book should not be restricted by default');
+ $this->assertFalse($child->hasPermissions(), 'Child book should not be restricted by default');
$this->assertTrue($child->permissions()->count() === 0, 'Child book should have no permissions by default');
$this->entities->setPermissions($shelf, ['view', 'update'], [$editorRole]);
]);
$child = $shelf->books()->first();
- $this->assertTrue(boolval($child->hasPermissions()), 'Child book should now be restricted');
- $this->assertTrue($child->permissions()->count() === 2, 'Child book should have copied permissions');
- $this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'view', 'role_id' => $editorRole->id]);
- $this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'update', 'role_id' => $editorRole->id]);
+ $this->assertTrue($child->hasPermissions(), 'Child book should now be restricted');
+ $this->assertEquals(2, $child->permissions()->count(), 'Child book should have copied permissions');
+ $this->assertDatabaseHas('entity_permissions', [
+ 'entity_type' => 'book',
+ 'entity_id' => $child->id,
+ 'role_id' => $editorRole->id,
+ 'view' => true, 'update' => true, 'create' => false, 'delete' => false,
+ ]);
}
public function test_copy_shelf_permissions_command_using_all()
Bookshelf::query()->where('id', '!=', $shelf->id)->delete();
$child = $shelf->books()->first();
$editorRole = $this->getEditor()->roles()->first();
- $this->assertFalse(boolval($child->hasPermissions()), 'Child book should not be restricted by default');
+ $this->assertFalse($child->hasPermissions(), 'Child book should not be restricted by default');
$this->assertTrue($child->permissions()->count() === 0, 'Child book should have no permissions by default');
$this->entities->setPermissions($shelf, ['view', 'update'], [$editorRole]);
->expectsQuestion('Permission settings for all shelves will be cascaded. Books assigned to multiple shelves will receive only the permissions of it\'s last processed shelf. Are you sure you want to proceed?', 'y');
$child = $shelf->books()->first();
- $this->assertTrue(boolval($child->hasPermissions()), 'Child book should now be restricted');
- $this->assertTrue($child->permissions()->count() === 2, 'Child book should have copied permissions');
- $this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'view', 'role_id' => $editorRole->id]);
- $this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'update', 'role_id' => $editorRole->id]);
+ $this->assertTrue($child->hasPermissions(), 'Child book should now be restricted');
+ $this->assertEquals(2, $child->permissions()->count(), 'Child book should have copied permissions');
+ $this->assertDatabaseHas('entity_permissions', [
+ 'entity_type' => 'book',
+ 'entity_id' => $child->id,
+ 'role_id' => $editorRole->id,
+ 'view' => true, 'update' => true, 'create' => false, 'delete' => false,
+ ]);
}
}
$child = $shelf->books()->first();
$editorRole = $this->getEditor()->roles()->first();
- $this->assertFalse(boolval($child->hasPermissions()), 'Child book should not be restricted by default');
+ $this->assertFalse($child->hasPermissions(), 'Child book should not be restricted by default');
$this->assertTrue($child->permissions()->count() === 0, 'Child book should have no permissions by default');
$this->entities->setPermissions($shelf, ['view', 'update'], [$editorRole]);
$child = $shelf->books()->first();
$resp->assertRedirect($shelf->getUrl());
- $this->assertTrue(boolval($child->hasPermissions()), 'Child book should now be restricted');
+ $this->assertTrue($child->hasPermissions(), 'Child book should now be restricted');
$this->assertTrue($child->permissions()->count() === 2, 'Child book should have copied permissions');
- $this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'view', 'role_id' => $editorRole->id]);
- $this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'update', 'role_id' => $editorRole->id]);
+ $this->assertDatabaseHas('entity_permissions', [
+ 'entity_type' => 'book',
+ 'entity_id' => $child->id,
+ 'role_id' => $editorRole->id,
+ 'view' => true, 'update' => true, 'create' => false, 'delete' => false,
+ ]);
}
public function test_permission_page_has_a_warning_about_no_cascading()
public function test_search_filters()
{
$page = $this->entities->newPage(['name' => 'My new test quaffleachits', 'html' => 'this is about an orange donkey danzorbhsing']);
- $this->asEditor();
- $editorId = $this->getEditor()->id;
- $editorSlug = $this->getEditor()->slug;
+ $editor = $this->getEditor();
+ $this->actingAs($editor);
// Viewed filter searches
$this->get('/search?term=' . urlencode('danzorbhsing {not_viewed_by_me}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {created_by:me}'))->assertDontSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:me}'))->assertDontSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:me}'))->assertDontSee($page->name);
- $this->get('/search?term=' . urlencode('danzorbhsing {updated_by:' . $editorSlug . '}'))->assertDontSee($page->name);
- $page->created_by = $editorId;
+ $this->get('/search?term=' . urlencode('danzorbhsing {updated_by:' . $editor->slug . '}'))->assertDontSee($page->name);
+ $page->created_by = $editor->id;
$page->save();
$this->get('/search?term=' . urlencode('danzorbhsing {created_by:me}'))->assertSee($page->name);
- $this->get('/search?term=' . urlencode('danzorbhsing {created_by: ' . $editorSlug . '}'))->assertSee($page->name);
+ $this->get('/search?term=' . urlencode('danzorbhsing {created_by: ' . $editor->slug . '}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:me}'))->assertDontSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:me}'))->assertDontSee($page->name);
- $page->updated_by = $editorId;
+ $page->updated_by = $editor->id;
$page->save();
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:me}'))->assertSee($page->name);
- $this->get('/search?term=' . urlencode('danzorbhsing {updated_by:' . $editorSlug . '}'))->assertSee($page->name);
+ $this->get('/search?term=' . urlencode('danzorbhsing {updated_by:' . $editor->slug . '}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:me}'))->assertDontSee($page->name);
- $page->owned_by = $editorId;
+ $page->owned_by = $editor->id;
$page->save();
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:me}'))->assertSee($page->name);
- $this->get('/search?term=' . urlencode('danzorbhsing {owned_by:' . $editorSlug . '}'))->assertSee($page->name);
+ $this->get('/search?term=' . urlencode('danzorbhsing {owned_by:' . $editor->slug . '}'))->assertSee($page->name);
// Content filters
$this->get('/search?term=' . urlencode('{in_name:danzorbhsing}'))->assertDontSee($page->name);
// Restricted filter
$this->get('/search?term=' . urlencode('danzorbhsing {is_restricted}'))->assertDontSee($page->name);
- $this->entities->setPermissions($page, [], []);
+ $this->entities->setPermissions($page, ['view'], [$editor->roles->first()]);
$this->get('/search?term=' . urlencode('danzorbhsing {is_restricted}'))->assertSee($page->name);
// Date filters
{
$entity->permissions()->delete();
- $permissions = [];
+ $permissions = [
+ // Set default permissions to not allow actions so that only the provided role permissions are at play.
+ ['role_id' => 0, 'view' => false, 'create' => false, 'update' => false, 'delete' => false],
+ ];
+
foreach ($roles as $role) {
$permission = ['role_id' => $role->id];
foreach (EntityPermission::PERMISSIONS as $possibleAction) {
->assertSee($title);
$this->put($modelInstance->getUrl('/permissions'), [
- 'restrictions' => [
+ 'permissions' => [
$roleId => [
$permission => 'true',
],
],
]);
- $this->assertDatabaseHas($modelInstance->getTable(), ['id' => $modelInstance->id, 'restricted' => true]);
$this->assertDatabaseHas('entity_permissions', [
- 'restrictable_id' => $modelInstance->id,
- 'restrictable_type' => $modelInstance->getMorphClass(),
+ 'entity_id' => $modelInstance->id,
+ 'entity_type' => $modelInstance->getMorphClass(),
'role_id' => $roleId,
- 'action' => $permission,
+ $permission => true,
]);
}
$this->assertDatabaseHas('entity_permissions', [
'role_id' => $roleA->id,
- 'restrictable_id' => $page->id,
- 'restrictable_type' => $page->getMorphClass(),
+ 'entity_id' => $page->id,
+ 'entity_type' => $page->getMorphClass(),
]);
$this->asAdmin()->delete("/settings/roles/delete/$roleA->id");
$this->assertDatabaseMissing('entity_permissions', [
'role_id' => $roleA->id,
- 'restrictable_id' => $page->id,
- 'restrictable_type' => $page->getMorphClass(),
+ 'entity_id' => $page->id,
+ 'entity_type' => $page->getMorphClass(),
]);
}
projects / bookstack / commitdiff