Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-07-08 04:12:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
65579214e2
BookStack/tests/Permissions/RestrictionsTest.php

544 lines
19 KiB
PHP
Raw Normal View History

Namespaced tests to align with new laravel default
2017-02-04 11:58:42 +00:00
<?php namespace Tests;
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
Upgraded to Laravel 5.4
2017-01-25 19:35:40 +00:00
class RestrictionsTest extends BrowserKitTest
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
{
protected $user;
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
protected $viewer;
Rolled out new permissions system throughout application
2016-04-24 15:54:20 +00:00
protected $restrictionService;
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
public function setUp()
{
parent::setUp();
Added further attribute endpoints and added tests
2016-05-07 13:29:43 +00:00
$this->user = $this->getEditor();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
$this->viewer = $this->getViewer();
Major permission naming refactor and database migration cleanup
2016-05-01 20:20:50 +00:00
$this->restrictionService = $this->app[\BookStack\Services\PermissionService::class];
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
}
protected function getViewer()
{
$role = \BookStack\Role::getRole('viewer');
$viewer = $this->getNewBlankUser();
$viewer->attachRole($role);;
return $viewer;
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
}
/**
Major permission naming refactor and database migration cleanup
2016-05-01 20:20:50 +00:00
* Manually set some permissions on an entity.
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
* @param \BookStack\Entity $entity
* @param $actions
*/
protected function setEntityRestrictions(\BookStack\Entity $entity, $actions)
{
$entity->restricted = true;
Major permission naming refactor and database migration cleanup
2016-05-01 20:20:50 +00:00
$entity->permissions()->delete();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
$role = $this->user->roles->first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
$viewerRole = $this->viewer->roles->first();
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
foreach ($actions as $action) {
Major permission naming refactor and database migration cleanup
2016-05-01 20:20:50 +00:00
$entity->permissions()->create([
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
'role_id' => $role->id,
'action' => strtolower($action)
]);
Major permission naming refactor and database migration cleanup
2016-05-01 20:20:50 +00:00
$entity->permissions()->create([
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
'role_id' => $viewerRole->id,
'action' => strtolower($action)
]);
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
}
$entity->save();
Rolled out new permissions system throughout application
2016-04-24 15:54:20 +00:00
$entity->load('permissions');
Major permission naming refactor and database migration cleanup
2016-05-01 20:20:50 +00:00
$this->restrictionService->buildJointPermissionsForEntity($entity);
$entity->load('jointPermissions');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
}
public function test_book_view_restriction()
{
$book = \BookStack\Book::first();
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->user)
->visit($bookUrl)
->seePageIs($bookUrl);
$this->setEntityRestrictions($book, []);
$this->forceVisit($bookUrl)
->see('Book not found');
$this->forceVisit($bookPage->getUrl())
Started refactor to merge entity repos
2017-01-01 16:05:44 +00:00
->see('Page not found');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
$this->forceVisit($bookChapter->getUrl())
Started refactor to merge entity repos
2017-01-01 16:05:44 +00:00
->see('Chapter not found');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
$this->setEntityRestrictions($book, ['view']);
$this->visit($bookUrl)
->see($book->name);
$this->visit($bookPage->getUrl())
->see($bookPage->name);
$this->visit($bookChapter->getUrl())
->see($bookChapter->name);
}
public function test_book_create_restriction()
{
$book = \BookStack\Book::first();
$bookUrl = $book->getUrl();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
$this->actingAs($this->viewer)
->visit($bookUrl)
->dontSeeInElement('.action-buttons', 'New Page')
->dontSeeInElement('.action-buttons', 'New Chapter');
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
$this->actingAs($this->user)
->visit($bookUrl)
->seeInElement('.action-buttons', 'New Page')
->seeInElement('.action-buttons', 'New Chapter');
$this->setEntityRestrictions($book, ['view', 'delete', 'update']);
$this->forceVisit($bookUrl . '/chapter/create')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookUrl . '/page/create')
->see('You do not have permission')->seePageIs('/');
$this->visit($bookUrl)->dontSeeInElement('.action-buttons', 'New Page')
->dontSeeInElement('.action-buttons', 'New Chapter');
$this->setEntityRestrictions($book, ['view', 'create']);
$this->visit($bookUrl . '/chapter/create')
->type('test chapter', 'name')
->type('test description for chapter', 'description')
->press('Save Chapter')
->seePageIs($bookUrl . '/chapter/test-chapter');
$this->visit($bookUrl . '/page/create')
->type('test page', 'name')
->type('test content', 'html')
->press('Save Page')
->seePageIs($bookUrl . '/page/test-page');
$this->visit($bookUrl)->seeInElement('.action-buttons', 'New Page')
->seeInElement('.action-buttons', 'New Chapter');
}
public function test_book_update_restriction()
{
$book = \BookStack\Book::first();
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->user)
->visit($bookUrl . '/edit')
->see('Edit Book');
$this->setEntityRestrictions($book, ['view', 'delete']);
$this->forceVisit($bookUrl . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookPage->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookChapter->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($book, ['view', 'update']);
$this->visit($bookUrl . '/edit')
->seePageIs($bookUrl . '/edit');
$this->visit($bookPage->getUrl() . '/edit')
->seePageIs($bookPage->getUrl() . '/edit');
$this->visit($bookChapter->getUrl() . '/edit')
->see('Edit Chapter');
}
public function test_book_delete_restriction()
{
$book = \BookStack\Book::first();
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->user)
->visit($bookUrl . '/delete')
->see('Delete Book');
$this->setEntityRestrictions($book, ['view', 'update']);
$this->forceVisit($bookUrl . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookPage->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookChapter->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($book, ['view', 'delete']);
$this->visit($bookUrl . '/delete')
->seePageIs($bookUrl . '/delete')->see('Delete Book');
$this->visit($bookPage->getUrl() . '/delete')
->seePageIs($bookPage->getUrl() . '/delete')->see('Delete Page');
$this->visit($bookChapter->getUrl() . '/delete')
->see('Delete Chapter');
}
public function test_chapter_view_restriction()
{
$chapter = \BookStack\Chapter::first();
$chapterPage = $chapter->pages->first();
$chapterUrl = $chapter->getUrl();
$this->actingAs($this->user)
->visit($chapterUrl)
->seePageIs($chapterUrl);
$this->setEntityRestrictions($chapter, []);
$this->forceVisit($chapterUrl)
->see('Chapter not found');
$this->forceVisit($chapterPage->getUrl())
->see('Page not found');
$this->setEntityRestrictions($chapter, ['view']);
$this->visit($chapterUrl)
->see($chapter->name);
$this->visit($chapterPage->getUrl())
->see($chapterPage->name);
}
public function test_chapter_create_restriction()
{
$chapter = \BookStack\Chapter::first();
$chapterUrl = $chapter->getUrl();
$this->actingAs($this->user)
->visit($chapterUrl)
->seeInElement('.action-buttons', 'New Page');
$this->setEntityRestrictions($chapter, ['view', 'delete', 'update']);
$this->forceVisit($chapterUrl . '/create-page')
->see('You do not have permission')->seePageIs('/');
$this->visit($chapterUrl)->dontSeeInElement('.action-buttons', 'New Page');
$this->setEntityRestrictions($chapter, ['view', 'create']);
$this->visit($chapterUrl . '/create-page')
->type('test page', 'name')
->type('test content', 'html')
->press('Save Page')
->seePageIs($chapter->book->getUrl() . '/page/test-page');
Refactored permission system components Split joint permission creation into chunks Fixes #374
2017-04-29 21:01:43 +00:00
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
$this->visit($chapterUrl)->seeInElement('.action-buttons', 'New Page');
}
public function test_chapter_update_restriction()
{
$chapter = \BookStack\Chapter::first();
$chapterPage = $chapter->pages->first();
$chapterUrl = $chapter->getUrl();
$this->actingAs($this->user)
->visit($chapterUrl . '/edit')
->see('Edit Chapter');
$this->setEntityRestrictions($chapter, ['view', 'delete']);
$this->forceVisit($chapterUrl . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($chapterPage->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($chapter, ['view', 'update']);
$this->visit($chapterUrl . '/edit')
->seePageIs($chapterUrl . '/edit')->see('Edit Chapter');
$this->visit($chapterPage->getUrl() . '/edit')
->seePageIs($chapterPage->getUrl() . '/edit');
}
public function test_chapter_delete_restriction()
{
$chapter = \BookStack\Chapter::first();
$chapterPage = $chapter->pages->first();
$chapterUrl = $chapter->getUrl();
$this->actingAs($this->user)
->visit($chapterUrl . '/delete')
->see('Delete Chapter');
$this->setEntityRestrictions($chapter, ['view', 'update']);
$this->forceVisit($chapterUrl . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($chapterPage->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($chapter, ['view', 'delete']);
$this->visit($chapterUrl . '/delete')
->seePageIs($chapterUrl . '/delete')->see('Delete Chapter');
$this->visit($chapterPage->getUrl() . '/delete')
->seePageIs($chapterPage->getUrl() . '/delete')->see('Delete Page');
}
public function test_page_view_restriction()
{
$page = \BookStack\Page::first();
$pageUrl = $page->getUrl();
$this->actingAs($this->user)
->visit($pageUrl)
->seePageIs($pageUrl);
$this->setEntityRestrictions($page, ['update', 'delete']);
$this->forceVisit($pageUrl)
->see('Page not found');
$this->setEntityRestrictions($page, ['view']);
$this->visit($pageUrl)
->see($page->name);
}
public function test_page_update_restriction()
{
$page = \BookStack\Chapter::first();
$pageUrl = $page->getUrl();
$this->actingAs($this->user)
->visit($pageUrl . '/edit')
->seeInField('name', $page->name);
$this->setEntityRestrictions($page, ['view', 'delete']);
$this->forceVisit($pageUrl . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($page, ['view', 'update']);
$this->visit($pageUrl . '/edit')
->seePageIs($pageUrl . '/edit')->seeInField('name', $page->name);
}
public function test_page_delete_restriction()
{
$page = \BookStack\Page::first();
$pageUrl = $page->getUrl();
$this->actingAs($this->user)
->visit($pageUrl . '/delete')
->see('Delete Page');
$this->setEntityRestrictions($page, ['view', 'update']);
$this->forceVisit($pageUrl . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($page, ['view', 'delete']);
$this->visit($pageUrl . '/delete')
->seePageIs($pageUrl . '/delete')->see('Delete Page');
}
public function test_book_restriction_form()
{
$book = \BookStack\Book::first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
$this->asAdmin()->visit($book->getUrl() . '/permissions')
->see('Book Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
->check('restricted')
->check('restrictions[2][view]')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
->press('Save Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
->seeInDatabase('books', ['id' => $book->id, 'restricted' => true])
Major permission naming refactor and database migration cleanup
2016-05-01 20:20:50 +00:00
->seeInDatabase('entity_permissions', [
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
'restrictable_id' => $book->id,
'restrictable_type' => 'BookStack\Book',
'role_id' => '2',
'action' => 'view'
]);
}
public function test_chapter_restriction_form()
{
$chapter = \BookStack\Chapter::first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
$this->asAdmin()->visit($chapter->getUrl() . '/permissions')
->see('Chapter Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
->check('restricted')
->check('restrictions[2][update]')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
->press('Save Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
->seeInDatabase('chapters', ['id' => $chapter->id, 'restricted' => true])
Major permission naming refactor and database migration cleanup
2016-05-01 20:20:50 +00:00
->seeInDatabase('entity_permissions', [
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
'restrictable_id' => $chapter->id,
'restrictable_type' => 'BookStack\Chapter',
'role_id' => '2',
'action' => 'update'
]);
}
public function test_page_restriction_form()
{
$page = \BookStack\Page::first();
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
$this->asAdmin()->visit($page->getUrl() . '/permissions')
->see('Page Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
->check('restricted')
->check('restrictions[2][delete]')
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
->press('Save Permissions')
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
->seeInDatabase('pages', ['id' => $page->id, 'restricted' => true])
Major permission naming refactor and database migration cleanup
2016-05-01 20:20:50 +00:00
->seeInDatabase('entity_permissions', [
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
'restrictable_id' => $page->id,
'restrictable_type' => 'BookStack\Page',
'role_id' => '2',
'action' => 'delete'
]);
}
public function test_restricted_pages_not_visible_in_book_navigation_on_pages()
{
$chapter = \BookStack\Chapter::first();
$page = $chapter->pages->first();
$page2 = $chapter->pages[2];
$this->setEntityRestrictions($page, []);
$this->actingAs($this->user)
->visit($page2->getUrl())
->dontSeeInElement('.sidebar-page-list', $page->name);
}
public function test_restricted_pages_not_visible_in_book_navigation_on_chapters()
{
$chapter = \BookStack\Chapter::first();
$page = $chapter->pages->first();
$this->setEntityRestrictions($page, []);
$this->actingAs($this->user)
->visit($chapter->getUrl())
->dontSeeInElement('.sidebar-page-list', $page->name);
}
public function test_restricted_pages_not_visible_on_chapter_pages()
{
$chapter = \BookStack\Chapter::first();
$page = $chapter->pages->first();
$this->setEntityRestrictions($page, []);
$this->actingAs($this->user)
->visit($chapter->getUrl())
->dontSee($page->name);
}
Updated entity restrictions to allow permissions, Not just restrict Also changed wording from 'Restrictions' to 'Permissions' to keep things more familiar and to better reflect what they do. Referenced in issue #89.
2016-03-30 19:15:44 +00:00
public function test_book_create_restriction_override()
{
$book = \BookStack\Book::first();
$bookUrl = $book->getUrl();
$this->actingAs($this->viewer)
->visit($bookUrl)
->dontSeeInElement('.action-buttons', 'New Page')
->dontSeeInElement('.action-buttons', 'New Chapter');
$this->setEntityRestrictions($book, ['view', 'delete', 'update']);
$this->forceVisit($bookUrl . '/chapter/create')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookUrl . '/page/create')
->see('You do not have permission')->seePageIs('/');
$this->visit($bookUrl)->dontSeeInElement('.action-buttons', 'New Page')
->dontSeeInElement('.action-buttons', 'New Chapter');
$this->setEntityRestrictions($book, ['view', 'create']);
$this->visit($bookUrl . '/chapter/create')
->type('test chapter', 'name')
->type('test description for chapter', 'description')
->press('Save Chapter')
->seePageIs($bookUrl . '/chapter/test-chapter');
$this->visit($bookUrl . '/page/create')
->type('test page', 'name')
->type('test content', 'html')
->press('Save Page')
->seePageIs($bookUrl . '/page/test-page');
$this->visit($bookUrl)->seeInElement('.action-buttons', 'New Page')
->seeInElement('.action-buttons', 'New Chapter');
}
public function test_book_update_restriction_override()
{
$book = \BookStack\Book::first();
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->viewer)
->visit($bookUrl . '/edit')
->dontSee('Edit Book');
$this->setEntityRestrictions($book, ['view', 'delete']);
$this->forceVisit($bookUrl . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookPage->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookChapter->getUrl() . '/edit')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($book, ['view', 'update']);
$this->visit($bookUrl . '/edit')
->seePageIs($bookUrl . '/edit');
$this->visit($bookPage->getUrl() . '/edit')
->seePageIs($bookPage->getUrl() . '/edit');
$this->visit($bookChapter->getUrl() . '/edit')
->see('Edit Chapter');
}
public function test_book_delete_restriction_override()
{
$book = \BookStack\Book::first();
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->viewer)
->visit($bookUrl . '/delete')
->dontSee('Delete Book');
$this->setEntityRestrictions($book, ['view', 'update']);
$this->forceVisit($bookUrl . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookPage->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookChapter->getUrl() . '/delete')
->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($book, ['view', 'delete']);
$this->visit($bookUrl . '/delete')
->seePageIs($bookUrl . '/delete')->see('Delete Book');
$this->visit($bookPage->getUrl() . '/delete')
->seePageIs($bookPage->getUrl() . '/delete')->see('Delete Page');
$this->visit($bookChapter->getUrl() . '/delete')
->see('Delete Chapter');
}
Allowed child entity permissions to override parent permissions Updated elements of a page display and sidebar render to allow child permissions to work even when parent entitites have permission set. This allows a page with a 'view' permission to be viewable even when the parent book or chapter is not viewable. Fixes #366
2017-04-22 12:39:34 +00:00
public function test_page_visible_if_has_permissions_when_book_not_visible()
{
$book = \BookStack\Book::first();
$bookChapter = $book->chapters->first();
$bookPage = $bookChapter->pages->first();
$this->setEntityRestrictions($book, []);
$this->setEntityRestrictions($bookPage, ['view']);
$this->actingAs($this->viewer);
$this->get($bookPage->getUrl());
$this->assertResponseOk();
$this->see($bookPage->name);
$this->dontSee(substr($book->name, 0, 15));
$this->dontSee(substr($bookChapter->name, 0, 15));
}
Added restriction tests and fixed any bugs in the process Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
}
Reference in New Issue Copy Permalink