1
0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-29 23:22:34 +01:00

Updated test for perms. changes and fixed static issues

This commit is contained in:
Dan Brown 2022-10-12 12:12:36 +01:00
parent 7792da99ce
commit bd412ddbf9
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
8 changed files with 51 additions and 37 deletions

View File

@ -83,7 +83,7 @@ class PermissionApplicator
->pluck($action, 'role_id');
// Continue up the chain if no applicable entity permission overrides.
if (empty($allowedByRoleId)) {
if ($allowedByRoleId->isEmpty()) {
continue;
}

View File

@ -47,7 +47,7 @@ class PermissionFormData
*/
public function everyoneElseEntityPermission(): EntityPermission
{
/** @var EntityPermission $permission */
/** @var ?EntityPermission $permission */
$permission = $this->entity->permissions()
->where('role_id', '=', 0)
->first();

View File

@ -19,7 +19,7 @@ class CopyShelfPermissionsCommandTest extends TestCase
$shelf = $this->entities->shelf();
$child = $shelf->books()->first();
$editorRole = $this->getEditor()->roles()->first();
$this->assertFalse(boolval($child->hasPermissions()), 'Child book should not be restricted by default');
$this->assertFalse($child->hasPermissions(), 'Child book should not be restricted by default');
$this->assertTrue($child->permissions()->count() === 0, 'Child book should have no permissions by default');
$this->entities->setPermissions($shelf, ['view', 'update'], [$editorRole]);
@ -28,10 +28,14 @@ class CopyShelfPermissionsCommandTest extends TestCase
]);
$child = $shelf->books()->first();
$this->assertTrue(boolval($child->hasPermissions()), 'Child book should now be restricted');
$this->assertTrue($child->permissions()->count() === 2, 'Child book should have copied permissions');
$this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'view', 'role_id' => $editorRole->id]);
$this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'update', 'role_id' => $editorRole->id]);
$this->assertTrue($child->hasPermissions(), 'Child book should now be restricted');
$this->assertEquals(2, $child->permissions()->count(), 'Child book should have copied permissions');
$this->assertDatabaseHas('entity_permissions', [
'entity_type' => 'book',
'entity_id' => $child->id,
'role_id' => $editorRole->id,
'view' => true, 'update' => true, 'create' => false, 'delete' => false,
]);
}
public function test_copy_shelf_permissions_command_using_all()
@ -40,7 +44,7 @@ class CopyShelfPermissionsCommandTest extends TestCase
Bookshelf::query()->where('id', '!=', $shelf->id)->delete();
$child = $shelf->books()->first();
$editorRole = $this->getEditor()->roles()->first();
$this->assertFalse(boolval($child->hasPermissions()), 'Child book should not be restricted by default');
$this->assertFalse($child->hasPermissions(), 'Child book should not be restricted by default');
$this->assertTrue($child->permissions()->count() === 0, 'Child book should have no permissions by default');
$this->entities->setPermissions($shelf, ['view', 'update'], [$editorRole]);
@ -48,9 +52,13 @@ class CopyShelfPermissionsCommandTest extends TestCase
->expectsQuestion('Permission settings for all shelves will be cascaded. Books assigned to multiple shelves will receive only the permissions of it\'s last processed shelf. Are you sure you want to proceed?', 'y');
$child = $shelf->books()->first();
$this->assertTrue(boolval($child->hasPermissions()), 'Child book should now be restricted');
$this->assertTrue($child->permissions()->count() === 2, 'Child book should have copied permissions');
$this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'view', 'role_id' => $editorRole->id]);
$this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'update', 'role_id' => $editorRole->id]);
$this->assertTrue($child->hasPermissions(), 'Child book should now be restricted');
$this->assertEquals(2, $child->permissions()->count(), 'Child book should have copied permissions');
$this->assertDatabaseHas('entity_permissions', [
'entity_type' => 'book',
'entity_id' => $child->id,
'role_id' => $editorRole->id,
'view' => true, 'update' => true, 'create' => false, 'delete' => false,
]);
}
}

View File

@ -295,7 +295,7 @@ class BookShelfTest extends TestCase
$child = $shelf->books()->first();
$editorRole = $this->getEditor()->roles()->first();
$this->assertFalse(boolval($child->hasPermissions()), 'Child book should not be restricted by default');
$this->assertFalse($child->hasPermissions(), 'Child book should not be restricted by default');
$this->assertTrue($child->permissions()->count() === 0, 'Child book should have no permissions by default');
$this->entities->setPermissions($shelf, ['view', 'update'], [$editorRole]);
@ -303,10 +303,14 @@ class BookShelfTest extends TestCase
$child = $shelf->books()->first();
$resp->assertRedirect($shelf->getUrl());
$this->assertTrue(boolval($child->hasPermissions()), 'Child book should now be restricted');
$this->assertTrue($child->hasPermissions(), 'Child book should now be restricted');
$this->assertTrue($child->permissions()->count() === 2, 'Child book should have copied permissions');
$this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'view', 'role_id' => $editorRole->id]);
$this->assertDatabaseHas('entity_permissions', ['restrictable_id' => $child->id, 'action' => 'update', 'role_id' => $editorRole->id]);
$this->assertDatabaseHas('entity_permissions', [
'entity_type' => 'book',
'entity_id' => $child->id,
'role_id' => $editorRole->id,
'view' => true, 'update' => true, 'create' => false, 'delete' => false,
]);
}
public function test_permission_page_has_a_warning_about_no_cascading()

View File

@ -132,9 +132,8 @@ class EntitySearchTest extends TestCase
public function test_search_filters()
{
$page = $this->entities->newPage(['name' => 'My new test quaffleachits', 'html' => 'this is about an orange donkey danzorbhsing']);
$this->asEditor();
$editorId = $this->getEditor()->id;
$editorSlug = $this->getEditor()->slug;
$editor = $this->getEditor();
$this->actingAs($editor);
// Viewed filter searches
$this->get('/search?term=' . urlencode('danzorbhsing {not_viewed_by_me}'))->assertSee($page->name);
@ -147,22 +146,22 @@ class EntitySearchTest extends TestCase
$this->get('/search?term=' . urlencode('danzorbhsing {created_by:me}'))->assertDontSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:me}'))->assertDontSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:me}'))->assertDontSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:' . $editorSlug . '}'))->assertDontSee($page->name);
$page->created_by = $editorId;
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:' . $editor->slug . '}'))->assertDontSee($page->name);
$page->created_by = $editor->id;
$page->save();
$this->get('/search?term=' . urlencode('danzorbhsing {created_by:me}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {created_by: ' . $editorSlug . '}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {created_by: ' . $editor->slug . '}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:me}'))->assertDontSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:me}'))->assertDontSee($page->name);
$page->updated_by = $editorId;
$page->updated_by = $editor->id;
$page->save();
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:me}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:' . $editorSlug . '}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {updated_by:' . $editor->slug . '}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:me}'))->assertDontSee($page->name);
$page->owned_by = $editorId;
$page->owned_by = $editor->id;
$page->save();
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:me}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:' . $editorSlug . '}'))->assertSee($page->name);
$this->get('/search?term=' . urlencode('danzorbhsing {owned_by:' . $editor->slug . '}'))->assertSee($page->name);
// Content filters
$this->get('/search?term=' . urlencode('{in_name:danzorbhsing}'))->assertDontSee($page->name);
@ -172,7 +171,7 @@ class EntitySearchTest extends TestCase
// Restricted filter
$this->get('/search?term=' . urlencode('danzorbhsing {is_restricted}'))->assertDontSee($page->name);
$this->entities->setPermissions($page, [], []);
$this->entities->setPermissions($page, ['view'], [$editor->roles->first()]);
$this->get('/search?term=' . urlencode('danzorbhsing {is_restricted}'))->assertSee($page->name);
// Date filters

View File

@ -206,7 +206,11 @@ class EntityProvider
{
$entity->permissions()->delete();
$permissions = [];
$permissions = [
// Set default permissions to not allow actions so that only the provided role permissions are at play.
['role_id' => 0, 'view' => false, 'create' => false, 'update' => false, 'delete' => false],
];
foreach ($roles as $role) {
$permission = ['role_id' => $role->id];
foreach (EntityPermission::PERMISSIONS as $possibleAction) {

View File

@ -376,19 +376,18 @@ class EntityPermissionsTest extends TestCase
->assertSee($title);
$this->put($modelInstance->getUrl('/permissions'), [
'restrictions' => [
'permissions' => [
$roleId => [
$permission => 'true',
],
],
]);
$this->assertDatabaseHas($modelInstance->getTable(), ['id' => $modelInstance->id, 'restricted' => true]);
$this->assertDatabaseHas('entity_permissions', [
'restrictable_id' => $modelInstance->id,
'restrictable_type' => $modelInstance->getMorphClass(),
'entity_id' => $modelInstance->id,
'entity_type' => $modelInstance->getMorphClass(),
'role_id' => $roleId,
'action' => $permission,
$permission => true,
]);
}

View File

@ -173,16 +173,16 @@ class RolesTest extends TestCase
$this->assertDatabaseHas('entity_permissions', [
'role_id' => $roleA->id,
'restrictable_id' => $page->id,
'restrictable_type' => $page->getMorphClass(),
'entity_id' => $page->id,
'entity_type' => $page->getMorphClass(),
]);
$this->asAdmin()->delete("/settings/roles/delete/$roleA->id");
$this->assertDatabaseMissing('entity_permissions', [
'role_id' => $roleA->id,
'restrictable_id' => $page->id,
'restrictable_type' => $page->getMorphClass(),
'entity_id' => $page->id,
'entity_type' => $page->getMorphClass(),
]);
}