colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bookstack/tests/Permissions/RestrictionsTest.php

726 lines
24 KiB
PHP
Raw Normal View History

Namespaced tests to align with new laravel default
2017-02-04 19:58:42 +08:00
<?php namespace Tests;
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
use BookStack\Entities\Book;
use BookStack\Entities\Bookshelf;
use BookStack\Entities\Chapter;
use BookStack\Entities\Entity;
use BookStack\Auth\User;
use BookStack\Entities\Page;
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
Upgraded to Laravel 5.4
2017-01-26 03:35:40 +08:00
class RestrictionsTest extends BrowserKitTest
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
/**
Entity Repo & Controller Refactor (#1690) * Started mass-refactoring of the current entity repos * Rewrote book tree logic - Now does two simple queries instead of one really complex one. - Extracted logic into its own class. - Remove model-level akward union field listing. - Logic now more readable than being large separate query and compilation functions. * Extracted and split book sort logic * Finished up Book controller/repo organisation * Refactored bookshelves controllers and repo parts * Fixed issues found via phpunit * Refactored Chapter controller * Updated Chapter export controller * Started Page controller/repo refactor * Refactored another chunk of PageController * Completed initial pagecontroller refactor pass * Fixed tests and continued reduction of old repos * Removed old page remove and further reduced entity repo * Removed old entity repo, split out page controller * Ran phpcbf and split out some page content methods * Tidied up some EntityProvider elements * Fixed issued caused by viewservice change
2019-10-05 19:55:01 +08:00
* @var User
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
*/
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
protected $user;
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
/**
* @var User
*/
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
protected $viewer;
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
Updated to Laravel 5.8
2019-09-14 06:58:40 +08:00
public function setUp(): void
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
{
parent::setUp();
Added further attribute endpoints and added tests
2016-05-07 21:29:43 +08:00
$this->user = $this->getEditor();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$this->viewer = $this->getViewer();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
}
Added destination permission checking to entity move
2018-04-15 01:47:13 +08:00
protected function setEntityRestrictions(Entity $entity, $actions = [], $roles = [])
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
{
Added destination permission checking to entity move
2018-04-15 01:47:13 +08:00
$roles = [
$this->user->roles->first(),
$this->viewer->roles->first(),
];
parent::setEntityRestrictions($entity, $actions, $roles);
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
}
Added testing coverage for Bookshelves Created modified TestResponse so we can use DOM operations in new Testcases as we move away from the BrowserKit tests.
2018-09-21 22:15:16 +08:00
public function test_bookshelf_view_restriction()
{
$shelf = Bookshelf::first();
$this->actingAs($this->user)
->visit($shelf->getUrl())
->seePageIs($shelf->getUrl());
$this->setEntityRestrictions($shelf, []);
$this->forceVisit($shelf->getUrl())
->see('Bookshelf not found');
$this->setEntityRestrictions($shelf, ['view']);
$this->visit($shelf->getUrl())
->see($shelf->name);
}
public function test_bookshelf_update_restriction()
{
$shelf = BookShelf::first();
$this->actingAs($this->user)
->visit($shelf->getUrl('/edit'))
->see('Edit Book');
$this->setEntityRestrictions($shelf, ['view', 'delete']);
$this->forceVisit($shelf->getUrl('/edit'))
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($shelf, ['view', 'update']);
$this->visit($shelf->getUrl('/edit'))
->seePageIs($shelf->getUrl('/edit'));
}
public function test_bookshelf_delete_restriction()
{
$shelf = Book::first();
$this->actingAs($this->user)
->visit($shelf->getUrl('/delete'))
->see('Delete Book');
$this->setEntityRestrictions($shelf, ['view', 'update']);
$this->forceVisit($shelf->getUrl('/delete'))
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($shelf, ['view', 'delete']);
$this->visit($shelf->getUrl('/delete'))
->seePageIs($shelf->getUrl('/delete'))->see('Delete Book');
}
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
public function test_book_view_restriction()
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$book = Book::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->user)
->visit($bookUrl)
->seePageIs($bookUrl);
$this->setEntityRestrictions($book, []);
$this->forceVisit($bookUrl)
->see('Book not found');
$this->forceVisit($bookPage->getUrl())
Started refactor to merge entity repos
2017-01-02 00:05:44 +08:00
->see('Page not found');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$this->forceVisit($bookChapter->getUrl())
Started refactor to merge entity repos
2017-01-02 00:05:44 +08:00
->see('Chapter not found');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$this->setEntityRestrictions($book, ['view']);
$this->visit($bookUrl)
->see($book->name);
$this->visit($bookPage->getUrl())
->see($bookPage->name);
$this->visit($bookChapter->getUrl())
->see($bookChapter->name);
}
public function test_book_create_restriction()
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$book = Book::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$bookUrl = $book->getUrl();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$this->actingAs($this->viewer)
->visit($bookUrl)
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
->dontSeeInElement('.actions', 'New Page')
->dontSeeInElement('.actions', 'New Chapter');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$this->actingAs($this->user)
->visit($bookUrl)
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
->seeInElement('.actions', 'New Page')
->seeInElement('.actions', 'New Chapter');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$this->setEntityRestrictions($book, ['view', 'delete', 'update']);
Updated create routes to prevent slug clashes Fixes #758
2018-03-25 18:34:42 +08:00
$this->forceVisit($bookUrl . '/create-chapter')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->see('You do not have permission')->seePageIs('/');
Updated create routes to prevent slug clashes Fixes #758
2018-03-25 18:34:42 +08:00
$this->forceVisit($bookUrl . '/create-page')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->see('You do not have permission')->seePageIs('/');
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
$this->visit($bookUrl)->dontSeeInElement('.actions', 'New Page')
->dontSeeInElement('.actions', 'New Chapter');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$this->setEntityRestrictions($book, ['view', 'create']);
Updated create routes to prevent slug clashes Fixes #758
2018-03-25 18:34:42 +08:00
$this->visit($bookUrl . '/create-chapter')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->type('test chapter', 'name')
->type('test description for chapter', 'description')
->press('Save Chapter')
->seePageIs($bookUrl . '/chapter/test-chapter');
Updated create routes to prevent slug clashes Fixes #758
2018-03-25 18:34:42 +08:00
$this->visit($bookUrl . '/create-page')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->type('test page', 'name')
->type('test content', 'html')
->press('Save Page')
->seePageIs($bookUrl . '/page/test-page');
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
$this->visit($bookUrl)->seeInElement('.actions', 'New Page')
->seeInElement('.actions', 'New Chapter');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
}
public function test_book_update_restriction()
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$book = Book::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->user)
->visit($bookUrl . '/edit')
->see('Edit Book');
$this->setEntityRestrictions($book, ['view', 'delete']);
$this->forceVisit($bookUrl . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookPage->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookChapter->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($book, ['view', 'update']);
$this->visit($bookUrl . '/edit')
->seePageIs($bookUrl . '/edit');
$this->visit($bookPage->getUrl() . '/edit')
->seePageIs($bookPage->getUrl() . '/edit');
$this->visit($bookChapter->getUrl() . '/edit')
->see('Edit Chapter');
}
public function test_book_delete_restriction()
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$book = Book::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->user)
->visit($bookUrl . '/delete')
->see('Delete Book');
$this->setEntityRestrictions($book, ['view', 'update']);
$this->forceVisit($bookUrl . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookPage->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookChapter->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($book, ['view', 'delete']);
$this->visit($bookUrl . '/delete')
->seePageIs($bookUrl . '/delete')->see('Delete Book');
$this->visit($bookPage->getUrl() . '/delete')
->seePageIs($bookPage->getUrl() . '/delete')->see('Delete Page');
$this->visit($bookChapter->getUrl() . '/delete')
->see('Delete Chapter');
}
public function test_chapter_view_restriction()
{
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
$chapter = Chapter::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$chapterPage = $chapter->pages->first();
$chapterUrl = $chapter->getUrl();
$this->actingAs($this->user)
->visit($chapterUrl)
->seePageIs($chapterUrl);
$this->setEntityRestrictions($chapter, []);
$this->forceVisit($chapterUrl)
->see('Chapter not found');
$this->forceVisit($chapterPage->getUrl())
->see('Page not found');
$this->setEntityRestrictions($chapter, ['view']);
$this->visit($chapterUrl)
->see($chapter->name);
$this->visit($chapterPage->getUrl())
->see($chapterPage->name);
}
public function test_chapter_create_restriction()
{
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
$chapter = Chapter::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$chapterUrl = $chapter->getUrl();
$this->actingAs($this->user)
->visit($chapterUrl)
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
->seeInElement('.actions', 'New Page');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$this->setEntityRestrictions($chapter, ['view', 'delete', 'update']);
$this->forceVisit($chapterUrl . '/create-page')
->see('You do not have permission')->seePageIs('/');
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
$this->visit($chapterUrl)->dontSeeInElement('.actions', 'New Page');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$this->setEntityRestrictions($chapter, ['view', 'create']);
$this->visit($chapterUrl . '/create-page')
->type('test page', 'name')
->type('test content', 'html')
->press('Save Page')
->seePageIs($chapter->book->getUrl() . '/page/test-page');
Refactored permission system components Split joint permission creation into chunks Fixes #374
2017-04-30 05:01:43 +08:00
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
$this->visit($chapterUrl)->seeInElement('.actions', 'New Page');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
}
public function test_chapter_update_restriction()
{
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
$chapter = Chapter::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$chapterPage = $chapter->pages->first();
$chapterUrl = $chapter->getUrl();
$this->actingAs($this->user)
->visit($chapterUrl . '/edit')
->see('Edit Chapter');
$this->setEntityRestrictions($chapter, ['view', 'delete']);
$this->forceVisit($chapterUrl . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($chapterPage->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($chapter, ['view', 'update']);
$this->visit($chapterUrl . '/edit')
->seePageIs($chapterUrl . '/edit')->see('Edit Chapter');
$this->visit($chapterPage->getUrl() . '/edit')
->seePageIs($chapterPage->getUrl() . '/edit');
}
public function test_chapter_delete_restriction()
{
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
$chapter = Chapter::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$chapterPage = $chapter->pages->first();
$chapterUrl = $chapter->getUrl();
$this->actingAs($this->user)
->visit($chapterUrl . '/delete')
->see('Delete Chapter');
$this->setEntityRestrictions($chapter, ['view', 'update']);
$this->forceVisit($chapterUrl . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($chapterPage->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($chapter, ['view', 'delete']);
$this->visit($chapterUrl . '/delete')
->seePageIs($chapterUrl . '/delete')->see('Delete Chapter');
$this->visit($chapterPage->getUrl() . '/delete')
->seePageIs($chapterPage->getUrl() . '/delete')->see('Delete Page');
}
public function test_page_view_restriction()
{
Entity Repo & Controller Refactor (#1690) * Started mass-refactoring of the current entity repos * Rewrote book tree logic - Now does two simple queries instead of one really complex one. - Extracted logic into its own class. - Remove model-level akward union field listing. - Logic now more readable than being large separate query and compilation functions. * Extracted and split book sort logic * Finished up Book controller/repo organisation * Refactored bookshelves controllers and repo parts * Fixed issues found via phpunit * Refactored Chapter controller * Updated Chapter export controller * Started Page controller/repo refactor * Refactored another chunk of PageController * Completed initial pagecontroller refactor pass * Fixed tests and continued reduction of old repos * Removed old page remove and further reduced entity repo * Removed old entity repo, split out page controller * Ran phpcbf and split out some page content methods * Tidied up some EntityProvider elements * Fixed issued caused by viewservice change
2019-10-05 19:55:01 +08:00
$page = Page::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$pageUrl = $page->getUrl();
$this->actingAs($this->user)
->visit($pageUrl)
->seePageIs($pageUrl);
$this->setEntityRestrictions($page, ['update', 'delete']);
$this->forceVisit($pageUrl)
->see('Page not found');
$this->setEntityRestrictions($page, ['view']);
$this->visit($pageUrl)
->see($page->name);
}
public function test_page_update_restriction()
{
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
$page = Chapter::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$pageUrl = $page->getUrl();
$this->actingAs($this->user)
->visit($pageUrl . '/edit')
->seeInField('name', $page->name);
$this->setEntityRestrictions($page, ['view', 'delete']);
$this->forceVisit($pageUrl . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($page, ['view', 'update']);
$this->visit($pageUrl . '/edit')
->seePageIs($pageUrl . '/edit')->seeInField('name', $page->name);
}
public function test_page_delete_restriction()
{
Entity Repo & Controller Refactor (#1690) * Started mass-refactoring of the current entity repos * Rewrote book tree logic - Now does two simple queries instead of one really complex one. - Extracted logic into its own class. - Remove model-level akward union field listing. - Logic now more readable than being large separate query and compilation functions. * Extracted and split book sort logic * Finished up Book controller/repo organisation * Refactored bookshelves controllers and repo parts * Fixed issues found via phpunit * Refactored Chapter controller * Updated Chapter export controller * Started Page controller/repo refactor * Refactored another chunk of PageController * Completed initial pagecontroller refactor pass * Fixed tests and continued reduction of old repos * Removed old page remove and further reduced entity repo * Removed old entity repo, split out page controller * Ran phpcbf and split out some page content methods * Tidied up some EntityProvider elements * Fixed issued caused by viewservice change
2019-10-05 19:55:01 +08:00
$page = Page::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$pageUrl = $page->getUrl();
$this->actingAs($this->user)
->visit($pageUrl . '/delete')
->see('Delete Page');
$this->setEntityRestrictions($page, ['view', 'update']);
$this->forceVisit($pageUrl . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($page, ['view', 'delete']);
$this->visit($pageUrl . '/delete')
->seePageIs($pageUrl . '/delete')->see('Delete Page');
}
Added testing coverage for Bookshelves Created modified TestResponse so we can use DOM operations in new Testcases as we move away from the BrowserKit tests.
2018-09-21 22:15:16 +08:00
public function test_bookshelf_restriction_form()
{
$shelf = Bookshelf::first();
$this->asAdmin()->visit($shelf->getUrl('/permissions'))
->see('Bookshelf Permissions')
->check('restricted')
->check('restrictions[2][view]')
->press('Save Permissions')
->seeInDatabase('bookshelves', ['id' => $shelf->id, 'restricted' => true])
->seeInDatabase('entity_permissions', [
'restrictable_id' => $shelf->id,
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
'restrictable_type' => Bookshelf::newModelInstance()->getMorphClass(),
Added testing coverage for Bookshelves Created modified TestResponse so we can use DOM operations in new Testcases as we move away from the BrowserKit tests.
2018-09-21 22:15:16 +08:00
'role_id' => '2',
'action' => 'view'
]);
}
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
public function test_book_restriction_form()
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$book = Book::first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$this->asAdmin()->visit($book->getUrl() . '/permissions')
->see('Book Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->check('restricted')
->check('restrictions[2][view]')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
->press('Save Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->seeInDatabase('books', ['id' => $book->id, 'restricted' => true])
Major permission naming refactor and database migration cleanup
2016-05-02 04:20:50 +08:00
->seeInDatabase('entity_permissions', [
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
'restrictable_id' => $book->id,
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
'restrictable_type' => Book::newModelInstance()->getMorphClass(),
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
'role_id' => '2',
'action' => 'view'
]);
}
public function test_chapter_restriction_form()
{
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
$chapter = Chapter::first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$this->asAdmin()->visit($chapter->getUrl() . '/permissions')
->see('Chapter Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->check('restricted')
->check('restrictions[2][update]')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
->press('Save Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->seeInDatabase('chapters', ['id' => $chapter->id, 'restricted' => true])
Major permission naming refactor and database migration cleanup
2016-05-02 04:20:50 +08:00
->seeInDatabase('entity_permissions', [
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
'restrictable_id' => $chapter->id,
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
'restrictable_type' => Chapter::newModelInstance()->getMorphClass(),
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
'role_id' => '2',
'action' => 'update'
]);
}
public function test_page_restriction_form()
{
Entity Repo & Controller Refactor (#1690) * Started mass-refactoring of the current entity repos * Rewrote book tree logic - Now does two simple queries instead of one really complex one. - Extracted logic into its own class. - Remove model-level akward union field listing. - Logic now more readable than being large separate query and compilation functions. * Extracted and split book sort logic * Finished up Book controller/repo organisation * Refactored bookshelves controllers and repo parts * Fixed issues found via phpunit * Refactored Chapter controller * Updated Chapter export controller * Started Page controller/repo refactor * Refactored another chunk of PageController * Completed initial pagecontroller refactor pass * Fixed tests and continued reduction of old repos * Removed old page remove and further reduced entity repo * Removed old entity repo, split out page controller * Ran phpcbf and split out some page content methods * Tidied up some EntityProvider elements * Fixed issued caused by viewservice change
2019-10-05 19:55:01 +08:00
$page = Page::first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$this->asAdmin()->visit($page->getUrl() . '/permissions')
->see('Page Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->check('restricted')
->check('restrictions[2][delete]')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
->press('Save Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
->seeInDatabase('pages', ['id' => $page->id, 'restricted' => true])
Major permission naming refactor and database migration cleanup
2016-05-02 04:20:50 +08:00
->seeInDatabase('entity_permissions', [
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
'restrictable_id' => $page->id,
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
'restrictable_type' => Page::newModelInstance()->getMorphClass(),
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
'role_id' => '2',
'action' => 'delete'
]);
}
public function test_restricted_pages_not_visible_in_book_navigation_on_pages()
{
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
$chapter = Chapter::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$page = $chapter->pages->first();
$page2 = $chapter->pages[2];
$this->setEntityRestrictions($page, []);
$this->actingAs($this->user)
->visit($page2->getUrl())
->dontSeeInElement('.sidebar-page-list', $page->name);
}
public function test_restricted_pages_not_visible_in_book_navigation_on_chapters()
{
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
$chapter = Chapter::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$page = $chapter->pages->first();
$this->setEntityRestrictions($page, []);
$this->actingAs($this->user)
->visit($chapter->getUrl())
->dontSeeInElement('.sidebar-page-list', $page->name);
}
public function test_restricted_pages_not_visible_on_chapter_pages()
{
Re-structured the app code to be feature based rather than code type based
2018-09-25 19:30:50 +08:00
$chapter = Chapter::first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
$page = $chapter->pages->first();
$this->setEntityRestrictions($page, []);
$this->actingAs($this->user)
->visit($chapter->getUrl())
->dontSee($page->name);
}
Added testing coverage for Bookshelves Created modified TestResponse so we can use DOM operations in new Testcases as we move away from the BrowserKit tests.
2018-09-21 22:15:16 +08:00
public function test_bookshelf_update_restriction_override()
{
$shelf = Bookshelf::first();
$this->actingAs($this->viewer)
->visit($shelf->getUrl('/edit'))
->dontSee('Edit Book');
$this->setEntityRestrictions($shelf, ['view', 'delete']);
$this->forceVisit($shelf->getUrl('/edit'))
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($shelf, ['view', 'update']);
$this->visit($shelf->getUrl('/edit'))
->seePageIs($shelf->getUrl('/edit'));
}
public function test_bookshelf_delete_restriction_override()
{
$shelf = Bookshelf::first();
$this->actingAs($this->viewer)
->visit($shelf->getUrl('/delete'))
->dontSee('Delete Book');
$this->setEntityRestrictions($shelf, ['view', 'update']);
$this->forceVisit($shelf->getUrl('/delete'))
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($shelf, ['view', 'delete']);
$this->visit($shelf->getUrl('/delete'))
->seePageIs($shelf->getUrl('/delete'))->see('Delete Book');
}
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
public function test_book_create_restriction_override()
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$book = Book::first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$bookUrl = $book->getUrl();
$this->actingAs($this->viewer)
->visit($bookUrl)
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
->dontSeeInElement('.actions', 'New Page')
->dontSeeInElement('.actions', 'New Chapter');
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$this->setEntityRestrictions($book, ['view', 'delete', 'update']);
Updated create routes to prevent slug clashes Fixes #758
2018-03-25 18:34:42 +08:00
$this->forceVisit($bookUrl . '/create-chapter')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
->see('You do not have permission')->seePageIs('/');
Updated create routes to prevent slug clashes Fixes #758
2018-03-25 18:34:42 +08:00
$this->forceVisit($bookUrl . '/create-page')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
->see('You do not have permission')->seePageIs('/');
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
$this->visit($bookUrl)->dontSeeInElement('.actions', 'New Page')
->dontSeeInElement('.actions', 'New Chapter');
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$this->setEntityRestrictions($book, ['view', 'create']);
Updated create routes to prevent slug clashes Fixes #758
2018-03-25 18:34:42 +08:00
$this->visit($bookUrl . '/create-chapter')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
->type('test chapter', 'name')
->type('test description for chapter', 'description')
->press('Save Chapter')
->seePageIs($bookUrl . '/chapter/test-chapter');
Updated create routes to prevent slug clashes Fixes #758
2018-03-25 18:34:42 +08:00
$this->visit($bookUrl . '/create-page')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
->type('test page', 'name')
->type('test content', 'html')
->press('Save Page')
->seePageIs($bookUrl . '/page/test-page');
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
$this->visit($bookUrl)->seeInElement('.actions', 'New Page')
->seeInElement('.actions', 'New Chapter');
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
}
public function test_book_update_restriction_override()
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$book = Book::first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->viewer)
->visit($bookUrl . '/edit')
->dontSee('Edit Book');
$this->setEntityRestrictions($book, ['view', 'delete']);
$this->forceVisit($bookUrl . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookPage->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookChapter->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($book, ['view', 'update']);
$this->visit($bookUrl . '/edit')
->seePageIs($bookUrl . '/edit');
$this->visit($bookPage->getUrl() . '/edit')
->seePageIs($bookPage->getUrl() . '/edit');
$this->visit($bookChapter->getUrl() . '/edit')
->see('Edit Chapter');
}
public function test_book_delete_restriction_override()
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$book = Book::first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-31 03:15:44 +08:00
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->viewer)
->visit($bookUrl . '/delete')
->dontSee('Delete Book');
$this->setEntityRestrictions($book, ['view', 'update']);
$this->forceVisit($bookUrl . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookPage->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookChapter->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($book, ['view', 'delete']);
$this->visit($bookUrl . '/delete')
->seePageIs($bookUrl . '/delete')->see('Delete Book');
$this->visit($bookPage->getUrl() . '/delete')
->seePageIs($bookPage->getUrl() . '/delete')->see('Delete Page');
$this->visit($bookChapter->getUrl() . '/delete')
->see('Delete Chapter');
}
Allowed child entity permissions to override parent permissions Updated elements of a page display and sidebar render to allow child permissions to work even when parent entitites have permission set. This allows a page with a 'view' permission to be viewable even when the parent book or chapter is not viewable. Fixes #366
2017-04-22 20:39:34 +08:00
public function test_page_visible_if_has_permissions_when_book_not_visible()
{
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$book = Book::first();
Allowed child entity permissions to override parent permissions Updated elements of a page display and sidebar render to allow child permissions to work even when parent entitites have permission set. This allows a page with a 'view' permission to be viewable even when the parent book or chapter is not viewable. Fixes #366
2017-04-22 20:39:34 +08:00
$this->setEntityRestrictions($book, []);
Updated to laravel 5.5 Closes #590
2017-11-19 23:56:06 +08:00
$bookChapter = $book->chapters->first();
$bookPage = $bookChapter->pages->first();
Allowed child entity permissions to override parent permissions Updated elements of a page display and sidebar render to allow child permissions to work even when parent entitites have permission set. This allows a page with a 'view' permission to be viewable even when the parent book or chapter is not viewable. Fixes #366
2017-04-22 20:39:34 +08:00
$this->setEntityRestrictions($bookPage, ['view']);
$this->actingAs($this->viewer);
$this->get($bookPage->getUrl());
$this->assertResponseOk();
$this->see($bookPage->name);
$this->dontSee(substr($book->name, 0, 15));
$this->dontSee(substr($bookChapter->name, 0, 15));
}
Adds test case for sorting permissions. Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-31 22:47:08 +08:00
public function test_book_sort_view_permission()
{
$firstBook = Book::first();
$secondBook = Book::find(2);
$this->setEntityRestrictions($firstBook, ['view', 'update']);
$this->setEntityRestrictions($secondBook, ['view']);
// Test sort page visibility
$this->actingAs($this->user)->visit($secondBook->getUrl() . '/sort')
->see('You do not have permission')
->seePageIs('/');
// Check sort page on first book
Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator
2019-04-07 01:36:17 +08:00
$this->actingAs($this->user)->visit($firstBook->getUrl() . '/sort');
Adds test case for sorting permissions. Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-31 22:47:08 +08:00
}
public function test_book_sort_permission() {
$firstBook = Book::first();
$secondBook = Book::find(2);
$this->setEntityRestrictions($firstBook, ['view', 'update']);
$this->setEntityRestrictions($secondBook, ['view']);
Entity Repo & Controller Refactor (#1690) * Started mass-refactoring of the current entity repos * Rewrote book tree logic - Now does two simple queries instead of one really complex one. - Extracted logic into its own class. - Remove model-level akward union field listing. - Logic now more readable than being large separate query and compilation functions. * Extracted and split book sort logic * Finished up Book controller/repo organisation * Refactored bookshelves controllers and repo parts * Fixed issues found via phpunit * Refactored Chapter controller * Updated Chapter export controller * Started Page controller/repo refactor * Refactored another chunk of PageController * Completed initial pagecontroller refactor pass * Fixed tests and continued reduction of old repos * Removed old page remove and further reduced entity repo * Removed old entity repo, split out page controller * Ran phpcbf and split out some page content methods * Tidied up some EntityProvider elements * Fixed issued caused by viewservice change
2019-10-05 19:55:01 +08:00
$firstBookChapter = $this->newChapter(['name' => 'first book chapter'], $firstBook);
$secondBookChapter = $this->newChapter(['name' => 'second book chapter'], $secondBook);
Adds test case for sorting permissions. Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-31 22:47:08 +08:00
// Create request data
$reqData = [
[
'id' => $firstBookChapter->id,
'sort' => 0,
'parentChapter' => false,
'type' => 'chapter',
'book' => $secondBook->id
]
];
// Move chapter from first book to a second book
$this->actingAs($this->user)->put($firstBook->getUrl() . '/sort', ['sort-tree' => json_encode($reqData)])
->followRedirects()
->see('You do not have permission')
->seePageIs('/');
$reqData = [
[
'id' => $secondBookChapter->id,
'sort' => 0,
'parentChapter' => false,
'type' => 'chapter',
'book' => $firstBook->id
]
];
// Move chapter from second book to first book
$this->actingAs($this->user)->put($firstBook->getUrl() . '/sort', ['sort-tree' => json_encode($reqData)])
->followRedirects()
->see('You do not have permission')
->seePageIs('/');
}
Allowed creating pages in visible chapters in invisible books Fixes permissions with test to cover in the event a page is created, with permission, in a chapter but the user does not have permission to see the parent book. Fixes #912
2018-07-14 21:12:29 +08:00
public function test_can_create_page_if_chapter_has_permissions_when_book_not_visible()
{
$book = Book::first();
$this->setEntityRestrictions($book, []);
$bookChapter = $book->chapters->first();
$this->setEntityRestrictions($bookChapter, ['view']);
$this->actingAs($this->user)->visit($bookChapter->getUrl())
->dontSee('New Page');
$this->setEntityRestrictions($bookChapter, ['view', 'create']);
$this->actingAs($this->user)->visit($bookChapter->getUrl())
->click('New Page')
->seeStatusCode(200)
->type('test page', 'name')
->type('test content', 'html')
->press('Save Page')
->seePageIs($book->getUrl('/page/test-page'))
->seeStatusCode(200);
}
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-06 02:09:21 +08:00
}