mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-30 07:32:39 +01:00
Fixed role entity permissions ignoring inheritance
Added additional scnenario tests to cover
This commit is contained in:
parent
8be36455ab
commit
1fa5a31960
@ -66,6 +66,10 @@ class EntityPermissionEvaluator
|
||||
$permitsByType[$type][$roleId] = $permission->{$this->action};
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($permitsByType['fallback'][0])) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return $permitsByType;
|
||||
|
@ -317,4 +317,27 @@ User granted page permission.
|
||||
- Role B has no entity chapter permissions.
|
||||
- User has Role A & B.
|
||||
|
||||
User denied page permission.
|
||||
|
||||
#### test_90_fallback_overrides_parent_entity_role_deny
|
||||
|
||||
- Chapter permissions have inherit disabled.
|
||||
- Page permissions have inherit disabled.
|
||||
- Chapter fallback has entity deny permission.
|
||||
- Page fallback has entity deny permission.
|
||||
- Role A has entity allow chapter permission.
|
||||
- User has Role A.
|
||||
|
||||
User denied page permission.
|
||||
|
||||
#### test_91_fallback_overrides_parent_entity_role_inherit
|
||||
|
||||
- Book permissions have inherit disabled.
|
||||
- Chapter permissions have inherit disabled.
|
||||
- Page permissions have inherit enabled.
|
||||
- Book fallback has entity deny permission.
|
||||
- Chapter fallback has entity deny permission.
|
||||
- Role A has entity allow book permission.
|
||||
- User has Role A.
|
||||
|
||||
User denied page permission.
|
@ -293,4 +293,31 @@ class EntityRolePermissionsTest extends PermissionScenarioTestCase
|
||||
|
||||
$this->assertNotVisibleToUser($page, $user);
|
||||
}
|
||||
|
||||
public function test_90_fallback_overrides_parent_entity_role_deny()
|
||||
{
|
||||
[$user, $roleA] = $this->users->newUserWithRole();
|
||||
$page = $this->entities->page();
|
||||
$chapter = $page->chapter;
|
||||
|
||||
$this->permissions->setFallbackPermissions($chapter, []);
|
||||
$this->permissions->setFallbackPermissions($page, []);
|
||||
$this->permissions->addEntityPermission($chapter, ['view'], $roleA);
|
||||
|
||||
$this->assertNotVisibleToUser($page, $user);
|
||||
}
|
||||
|
||||
public function test_91_fallback_overrides_parent_entity_role_inherit()
|
||||
{
|
||||
[$user, $roleA] = $this->users->newUserWithRole();
|
||||
$page = $this->entities->page();
|
||||
$chapter = $page->chapter;
|
||||
$book = $page->book;
|
||||
|
||||
$this->permissions->setFallbackPermissions($book, []);
|
||||
$this->permissions->setFallbackPermissions($chapter, []);
|
||||
$this->permissions->addEntityPermission($book, ['view'], $roleA);
|
||||
|
||||
$this->assertNotVisibleToUser($page, $user);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user