colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added proper entity permission removal on role deletion 

Added test to cover.
This commit is contained in:
Dan Brown 2022-10-07 13:12:33 +01:00
parent a03245e427
commit 1df9ec9647
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Auth/Permissions/PermissionsRepo.php
View File

@ -139,6 +139,7 @@ class PermissionsRepo
} }
} }
$role->entityPermissions()->delete();
$role->jointPermissions()->delete(); $role->jointPermissions()->delete();
Activity::add(ActivityType::ROLE_DELETE, $role); Activity::add(ActivityType::ROLE_DELETE, $role);
$role->delete(); $role->delete();

9
app/Auth/Role.php
View File

@ -2,6 +2,7 @@
namespace BookStack\Auth; namespace BookStack\Auth;
use BookStack\Auth\Permissions\EntityPermission;
use BookStack\Auth\Permissions\JointPermission; use BookStack\Auth\Permissions\JointPermission;
use BookStack\Auth\Permissions\RolePermission; use BookStack\Auth\Permissions\RolePermission;
use BookStack\Interfaces\Loggable; use BookStack\Interfaces\Loggable;
@ -54,6 +55,14 @@ class Role extends Model implements Loggable
return $this->belongsToMany(RolePermission::class, 'permission_role', 'role_id', 'permission_id'); return $this->belongsToMany(RolePermission::class, 'permission_role', 'role_id', 'permission_id');
} }
/**
* Get the entity permissions assigned to this role.
*/
public function entityPermissions(): HasMany
{
return $this->hasMany(EntityPermission::class);
}
/** /**
* Check if this role has a permission. * Check if this role has a permission.
*/ */

23
tests/Permissions/RolesTest.php
View File

@ -163,6 +163,29 @@ class RolesTest extends TestCase
$this->assertEquals($this->user->id, $roleA->users()->first()->id); $this->assertEquals($this->user->id, $roleA->users()->first()->id);
} }
public function test_entity_permissions_are_removed_on_delete()
{
/** @var Role $roleA */
$roleA = Role::query()->create(['display_name' => 'Entity Permissions Delete Test']);
$page = $this->entities->page();
$this->entities->setPermissions($page, ['view'], [$roleA]);
$this->assertDatabaseHas('entity_permissions', [
'role_id' => $roleA->id,
'restrictable_id' => $page->id,
'restrictable_type' => $page->getMorphClass(),
]);
$this->asAdmin()->delete("/settings/roles/delete/$roleA->id");
$this->assertDatabaseMissing('entity_permissions', [
'role_id' => $roleA->id,
'restrictable_id' => $page->id,
'restrictable_type' => $page->getMorphClass(),
]);
}
public function test_image_view_notice_shown_on_role_form() public function test_image_view_notice_shown_on_role_form()
{ {
/** @var Role $role */ /** @var Role $role */