Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-07-17 00:32:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated shelf-list view to enforce view permissions for child books

Browse Source 
- Aligned shelf-homepage behaviour to match
- Updated testing to cover.

For #2111
This commit is contained in:
Dan Brown 2020-05-12 22:21:45 +01:00
parent d3ec38bee3
commit 9666c8c0f7
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
4 changed files with 24 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Entities/Repos/BookshelfRepo.php
View File

@ -28,8 +28,10 @@ class BookshelfRepo
*/ */
public function getAllPaginated(int $count = 20, string $sort = 'name', string $order = 'asc'): LengthAwarePaginator public function getAllPaginated(int $count = 20, string $sort = 'name', string $order = 'asc'): LengthAwarePaginator
{ {
return Bookshelf::visible()->with('visibleBooks') return Bookshelf::visible()
->orderBy($sort, $order)->paginate($count); ->with('visibleBooks')
->orderBy($sort, $order)
->paginate($count);
} }
/** /**

4
app/Http/Controllers/HomeController.php
View File

@ -69,11 +69,7 @@ class HomeController extends Controller
} }
if ($homepageOption === 'bookshelves') { if ($homepageOption === 'bookshelves') {
$shelfRepo = app(BookshelfRepo::class);
$shelves = app(BookshelfRepo::class)->getAllPaginated(18, $commonData['sort'], $commonData['order']); $shelves = app(BookshelfRepo::class)->getAllPaginated(18, $commonData['sort'], $commonData['order']);
foreach ($shelves as $shelf) {
$shelf->books = $shelf->visibleBooks;
}
$data = array_merge($commonData, ['shelves' => $shelves]); $data = array_merge($commonData, ['shelves' => $shelves]);
return view('common.home-shelves', $data); return view('common.home-shelves', $data);
} }

2
resources/views/shelves/list-item.blade.php
View File

@ -10,7 +10,7 @@
</div> </div>
</a> </a>
<div class="entity-shelf-books grid third gap-y-xs entity-list-item-children"> <div class="entity-shelf-books grid third gap-y-xs entity-list-item-children">
@foreach($shelf->books as $book) @foreach($shelf->visibleBooks as $book)
<div> <div>
<a href="{{ $book->getUrl('?shelf=' . $shelf->id) }}" class="entity-chip text-book"> <a href="{{ $book->getUrl('?shelf=' . $shelf->id) }}" class="entity-chip text-book">
@icon('book') @icon('book')

19
tests/Entity/BookShelfTest.php
View File

@ -56,6 +56,25 @@ class BookShelfTest extends TestCase
$resp->assertElementContains('a', 'New Shelf'); $resp->assertElementContains('a', 'New Shelf');
} }
public function test_book_not_visible_in_shelf_list_view_if_user_cant_view_shelf()
{
config()->set([
'app.views.bookshelves' => 'list',
]);
$shelf = Bookshelf::query()->first();
$book = $shelf->books()->first();
$resp = $this->asEditor()->get('/shelves');
$resp->assertSee($book->name);
$resp->assertSee($book->getUrl());
$this->setEntityRestrictions($book, []);
$resp = $this->asEditor()->get('/shelves');
$resp->assertDontSee($book->name);
$resp->assertDontSee($book->getUrl());
}
public function test_shelves_create() public function test_shelves_create()
{ {
$booksToInclude = Book::take(2)->get(); $booksToInclude = Book::take(2)->get();