1
0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-30 07:32:39 +01:00

Fixed role entity permissions ignoring inheritance

Added additional scnenario tests to cover
This commit is contained in:
Dan Brown 2023-01-24 21:26:41 +00:00
parent 8be36455ab
commit 1fa5a31960
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 54 additions and 0 deletions

View File

@ -66,6 +66,10 @@ class EntityPermissionEvaluator
$permitsByType[$type][$roleId] = $permission->{$this->action};
}
}
if (isset($permitsByType['fallback'][0])) {
break;
}
}
return $permitsByType;

View File

@ -317,4 +317,27 @@ User granted page permission.
- Role B has no entity chapter permissions.
- User has Role A & B.
User denied page permission.
#### test_90_fallback_overrides_parent_entity_role_deny
- Chapter permissions have inherit disabled.
- Page permissions have inherit disabled.
- Chapter fallback has entity deny permission.
- Page fallback has entity deny permission.
- Role A has entity allow chapter permission.
- User has Role A.
User denied page permission.
#### test_91_fallback_overrides_parent_entity_role_inherit
- Book permissions have inherit disabled.
- Chapter permissions have inherit disabled.
- Page permissions have inherit enabled.
- Book fallback has entity deny permission.
- Chapter fallback has entity deny permission.
- Role A has entity allow book permission.
- User has Role A.
User denied page permission.

View File

@ -293,4 +293,31 @@ class EntityRolePermissionsTest extends PermissionScenarioTestCase
$this->assertNotVisibleToUser($page, $user);
}
public function test_90_fallback_overrides_parent_entity_role_deny()
{
[$user, $roleA] = $this->users->newUserWithRole();
$page = $this->entities->page();
$chapter = $page->chapter;
$this->permissions->setFallbackPermissions($chapter, []);
$this->permissions->setFallbackPermissions($page, []);
$this->permissions->addEntityPermission($chapter, ['view'], $roleA);
$this->assertNotVisibleToUser($page, $user);
}
public function test_91_fallback_overrides_parent_entity_role_inherit()
{
[$user, $roleA] = $this->users->newUserWithRole();
$page = $this->entities->page();
$chapter = $page->chapter;
$book = $page->book;
$this->permissions->setFallbackPermissions($book, []);
$this->permissions->setFallbackPermissions($chapter, []);
$this->permissions->addEntityPermission($book, ['view'], $roleA);
$this->assertNotVisibleToUser($page, $user);
}
}