diff --git a/app/Entities/Tools/PermissionsUpdater.php b/app/Entities/Tools/PermissionsUpdater.php index 324755e4d..9f3b8f952 100644 --- a/app/Entities/Tools/PermissionsUpdater.php +++ b/app/Entities/Tools/PermissionsUpdater.php @@ -55,9 +55,9 @@ class PermissionsUpdater } if (isset($data['fallback_permissions']['inheriting']) && $data['fallback_permissions']['inheriting'] !== true) { - $data = $data['fallback_permissions']; - $data['role_id'] = 0; - $rolePermissionData = $this->formatPermissionsFromApiRequestToEntityPermissions([$data], true); + $fallbackData = $data['fallback_permissions']; + $fallbackData['role_id'] = 0; + $rolePermissionData = $this->formatPermissionsFromApiRequestToEntityPermissions([$fallbackData], true); $entity->permissions()->createMany($rolePermissionData); } diff --git a/tests/Api/ContentPermissionsApiTest.php b/tests/Api/ContentPermissionsApiTest.php index 50b82e5c4..a62abacc7 100644 --- a/tests/Api/ContentPermissionsApiTest.php +++ b/tests/Api/ContentPermissionsApiTest.php @@ -259,4 +259,36 @@ class ContentPermissionsApiTest extends TestCase ], ]); } + + public function test_update_can_both_provide_owner_and_fallback_permissions() + { + $user = $this->users->viewer(); + $page = $this->entities->page(); + $page->owned_by = null; + $page->save(); + + $this->actingAsApiAdmin(); + $resp = $this->putJson($this->baseEndpoint . "/page/{$page->id}", [ + "owner_id" => $user->id, + 'fallback_permissions' => [ + 'inheriting' => false, + 'view' => false, + 'create' => false, + 'update' => false, + 'delete' => false, + ], + ]); + + $resp->assertOk(); + $this->assertDatabaseHas('pages', ['id' => $page->id, 'owned_by' => $user->id]); + $this->assertDatabaseHas('entity_permissions', [ + 'entity_id' => $page->id, + 'entity_type' => 'page', + 'role_id' => 0, + 'view' => false, + 'create' => false, + 'update' => false, + 'delete' => false, + ]); + } }