hello!
>']); @@ -23,8 +23,8 @@ class EntityAccessTest extends TestCase public function test_entities_viewable_after_updater_deletion() { // Create required assets and revisions - $creator = $this->getViewer(); - $updater = $this->getEditor(); + $creator = $this->users->viewer(); + $updater = $this->users->editor(); $entities = $this->entities->createChainBelongingToUser($creator, $updater); app()->make(UserRepo::class)->destroy($updater); $this->entities->updatePage($entities['page'], ['html' => 'Hello there!
']); diff --git a/tests/Entity/EntitySearchTest.php b/tests/Entity/EntitySearchTest.php index 2650b6743..4563fb651 100644 --- a/tests/Entity/EntitySearchTest.php +++ b/tests/Entity/EntitySearchTest.php @@ -132,7 +132,7 @@ class EntitySearchTest extends TestCase public function test_search_filters() { $page = $this->entities->newPage(['name' => 'My new test quaffleachits', 'html' => 'this is about an orange donkey danzorbhsing']); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); // Viewed filter searches @@ -171,7 +171,7 @@ class EntitySearchTest extends TestCase // Restricted filter $this->get('/search?term=' . urlencode('danzorbhsing {is_restricted}'))->assertDontSee($page->name); - $this->entities->setPermissions($page, ['view'], [$editor->roles->first()]); + $this->permissions->setEntityPermissions($page, ['view'], [$editor->roles->first()]); $this->get('/search?term=' . urlencode('danzorbhsing {is_restricted}'))->assertSee($page->name); // Date filters @@ -235,7 +235,7 @@ class EntitySearchTest extends TestCase $this->withHtml($resp)->assertElementContains($baseSelector, $page->name); $this->withHtml($resp)->assertElementNotContains($baseSelector, "You don't have the required permissions to select this item"); - $resp = $this->actingAs($this->getViewer())->get($searchUrl); + $resp = $this->actingAs($this->users->viewer())->get($searchUrl); $this->withHtml($resp)->assertElementContains($baseSelector, $page->name); $this->withHtml($resp)->assertElementContains($baseSelector, "You don't have the required permissions to select this item"); } @@ -246,7 +246,7 @@ class EntitySearchTest extends TestCase $this->assertGreaterThan(2, count($chapter->pages), 'Ensure we\'re testing with at least 1 sibling'); $page = $chapter->pages->first(); - $search = $this->actingAs($this->getViewer())->get("/search/entity/siblings?entity_id={$page->id}&entity_type=page"); + $search = $this->actingAs($this->users->viewer())->get("/search/entity/siblings?entity_id={$page->id}&entity_type=page"); $search->assertSuccessful(); foreach ($chapter->pages as $page) { $search->assertSee($page->name); @@ -261,7 +261,7 @@ class EntitySearchTest extends TestCase $bookChildren = $page->book->getDirectChildren(); $this->assertGreaterThan(2, count($bookChildren), 'Ensure we\'re testing with at least 1 sibling'); - $search = $this->actingAs($this->getViewer())->get("/search/entity/siblings?entity_id={$page->id}&entity_type=page"); + $search = $this->actingAs($this->users->viewer())->get("/search/entity/siblings?entity_id={$page->id}&entity_type=page"); $search->assertSuccessful(); foreach ($bookChildren as $child) { $search->assertSee($child->name); @@ -276,7 +276,7 @@ class EntitySearchTest extends TestCase $bookChildren = $chapter->book->getDirectChildren(); $this->assertGreaterThan(2, count($bookChildren), 'Ensure we\'re testing with at least 1 sibling'); - $search = $this->actingAs($this->getViewer())->get("/search/entity/siblings?entity_id={$chapter->id}&entity_type=chapter"); + $search = $this->actingAs($this->users->viewer())->get("/search/entity/siblings?entity_id={$chapter->id}&entity_type=chapter"); $search->assertSuccessful(); foreach ($bookChildren as $child) { $search->assertSee($child->name); @@ -291,7 +291,7 @@ class EntitySearchTest extends TestCase $book = $books->first(); $this->assertGreaterThan(2, count($books), 'Ensure we\'re testing with at least 1 sibling'); - $search = $this->actingAs($this->getViewer())->get("/search/entity/siblings?entity_id={$book->id}&entity_type=book"); + $search = $this->actingAs($this->users->viewer())->get("/search/entity/siblings?entity_id={$book->id}&entity_type=book"); $search->assertSuccessful(); foreach ($books as $expectedBook) { $search->assertSee($expectedBook->name); @@ -304,7 +304,7 @@ class EntitySearchTest extends TestCase $shelf = $shelves->first(); $this->assertGreaterThan(2, count($shelves), 'Ensure we\'re testing with at least 1 sibling'); - $search = $this->actingAs($this->getViewer())->get("/search/entity/siblings?entity_id={$shelf->id}&entity_type=bookshelf"); + $search = $this->actingAs($this->users->viewer())->get("/search/entity/siblings?entity_id={$shelf->id}&entity_type=bookshelf"); $search->assertSuccessful(); foreach ($shelves as $expectedShelf) { $search->assertSee($expectedShelf->name); diff --git a/tests/Entity/ExportTest.php b/tests/Entity/ExportTest.php index 0f80bdd49..0f8d0f48c 100644 --- a/tests/Entity/ExportTest.php +++ b/tests/Entity/ExportTest.php @@ -275,7 +275,7 @@ class ExportTest extends TestCase public function test_page_export_with_deleted_creator_and_updater() { - $user = $this->getViewer(['name' => 'ExportWizardTheFifth']); + $user = $this->users->viewer(['name' => 'ExportWizardTheFifth']); $page = $this->entities->page(); $page->created_by = $user->id; $page->updated_by = $user->id; @@ -409,7 +409,7 @@ class ExportTest extends TestCase $chapter = $book->chapters()->first(); $page = $chapter->pages()->first(); $entities = [$book, $chapter, $page]; - $user = $this->getViewer(); + $user = $this->users->viewer(); $this->actingAs($user); foreach ($entities as $entity) { @@ -417,8 +417,7 @@ class ExportTest extends TestCase $resp->assertSee('/export/pdf'); } - /** @var Role $role */ - $this->removePermissionFromUser($user, 'content-export'); + $this->permissions->removeUserRolePermissions($user, ['content-export']); foreach ($entities as $entity) { $resp = $this->get($entity->getUrl()); diff --git a/tests/Entity/PageContentTest.php b/tests/Entity/PageContentTest.php index 0c9854206..e24ee4fb5 100644 --- a/tests/Entity/PageContentTest.php +++ b/tests/Entity/PageContentTest.php @@ -483,7 +483,7 @@ class PageContentTest extends TestCase { $page = $this->entities->page(); - $this->actingAs($this->getAdmin()) + $this->actingAs($this->users->admin()) ->put($page->getUrl(''), [ 'name' => 'Testing', 'html' => '"Hello & welcome"
', diff --git a/tests/Entity/PageDraftTest.php b/tests/Entity/PageDraftTest.php index 010173852..75b1933ea 100644 --- a/tests/Entity/PageDraftTest.php +++ b/tests/Entity/PageDraftTest.php @@ -39,7 +39,7 @@ class PageDraftTest extends TestCase $this->withHtml($resp)->assertElementNotContains('[name="html"]', $addedContent); $newContent = $this->page->html . $addedContent; - $newUser = $this->getEditor(); + $newUser = $this->users->editor(); $this->pageRepo->updatePageDraft($this->page, ['html' => $newContent]); $resp = $this->actingAs($newUser)->get($this->page->getUrl('/edit')); @@ -62,7 +62,7 @@ class PageDraftTest extends TestCase $this->withHtml($resp)->assertElementNotContains('[name="html"]', $addedContent); $newContent = $this->page->html . $addedContent; - $newUser = $this->getEditor(); + $newUser = $this->users->editor(); $this->pageRepo->updatePageDraft($this->page, ['html' => $newContent]); $this->actingAs($newUser) @@ -75,8 +75,8 @@ class PageDraftTest extends TestCase public function test_draft_save_shows_alert_if_draft_older_than_last_page_update() { - $admin = $this->getAdmin(); - $editor = $this->getEditor(); + $admin = $this->users->admin(); + $editor = $this->users->editor(); $page = $this->entities->page(); $this->actingAs($editor)->put('/ajax/page/' . $page->id . '/save-draft', [ @@ -109,8 +109,8 @@ class PageDraftTest extends TestCase public function test_draft_save_shows_alert_if_draft_edit_started_by_someone_else() { - $admin = $this->getAdmin(); - $editor = $this->getEditor(); + $admin = $this->users->admin(); + $editor = $this->users->editor(); $page = $this->entities->page(); $this->actingAs($admin)->put('/ajax/page/' . $page->id . '/save-draft', [ @@ -143,7 +143,7 @@ class PageDraftTest extends TestCase { $book = $this->entities->book(); $chapter = $book->chapters->first(); - $newUser = $this->getEditor(); + $newUser = $this->users->editor(); $this->actingAs($newUser)->get($book->getUrl('/create-page')); $this->get($chapter->getUrl('/create-page')); diff --git a/tests/Entity/PageRevisionTest.php b/tests/Entity/PageRevisionTest.php index 0749888c8..0df37728e 100644 --- a/tests/Entity/PageRevisionTest.php +++ b/tests/Entity/PageRevisionTest.php @@ -208,13 +208,13 @@ class PageRevisionTest extends TestCase $page = $this->entities->page(); $this->createRevisions($page, 2); - $viewer = $this->getViewer(); + $viewer = $this->users->viewer(); $this->actingAs($viewer); $respHtml = $this->withHtml($this->get($page->getUrl('/revisions'))); $respHtml->assertElementNotContains('.actions a', 'Restore'); $respHtml->assertElementNotExists('form[action$="/restore"]'); - $this->giveUserPermissions($viewer, ['page-update-all']); + $this->permissions->grantUserRolePermissions($viewer, ['page-update-all']); $respHtml = $this->withHtml($this->get($page->getUrl('/revisions'))); $respHtml->assertElementContains('.actions a', 'Restore'); @@ -226,13 +226,13 @@ class PageRevisionTest extends TestCase $page = $this->entities->page(); $this->createRevisions($page, 2); - $viewer = $this->getViewer(); + $viewer = $this->users->viewer(); $this->actingAs($viewer); $respHtml = $this->withHtml($this->get($page->getUrl('/revisions'))); $respHtml->assertElementNotContains('.actions a', 'Delete'); $respHtml->assertElementNotExists('form[action$="/delete"]'); - $this->giveUserPermissions($viewer, ['page-delete-all']); + $this->permissions->grantUserRolePermissions($viewer, ['page-delete-all']); $respHtml = $this->withHtml($this->get($page->getUrl('/revisions'))); $respHtml->assertElementContains('.actions a', 'Delete'); diff --git a/tests/Entity/PageTemplateTest.php b/tests/Entity/PageTemplateTest.php index dc45fcfb8..6a68c3ab1 100644 --- a/tests/Entity/PageTemplateTest.php +++ b/tests/Entity/PageTemplateTest.php @@ -25,7 +25,7 @@ class PageTemplateTest extends TestCase public function test_manage_templates_permission_required_to_change_page_template_status() { $page = $this->entities->page(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); $pageUpdateData = [ @@ -40,7 +40,7 @@ class PageTemplateTest extends TestCase 'template' => false, ]); - $this->giveUserPermissions($editor, ['templates-manage']); + $this->permissions->grantUserRolePermissions($editor, ['templates-manage']); $this->put($page->getUrl(), $pageUpdateData); $this->assertDatabaseHas('pages', [ @@ -53,7 +53,7 @@ class PageTemplateTest extends TestCase { $content = 'Updated content
', ]); - $this->entities->setPermissions($page->book); - $this->entities->setPermissions($page, ['view'], [$user->roles->first()]); + $this->permissions->setEntityPermissions($page->book); + $this->permissions->setEntityPermissions($page, ['view'], [$user->roles->first()]); $resp = $this->get('/pages/recently-updated'); $resp->assertDontSee($page->book->getShortName(42)); diff --git a/tests/Entity/SortTest.php b/tests/Entity/SortTest.php index f02e15d21..9a5a2fe17 100644 --- a/tests/Entity/SortTest.php +++ b/tests/Entity/SortTest.php @@ -53,7 +53,7 @@ class SortTest extends TestCase $newBook = Book::query()->where('id', '!=', $currentBook->id)->first(); $newChapter = $newBook->chapters()->first(); - $movePageResp = $this->actingAs($this->getEditor())->put($page->getUrl('/move'), [ + $movePageResp = $this->actingAs($this->users->editor())->put($page->getUrl('/move'), [ 'entity_selection' => 'chapter:' . $newChapter->id, ]); $page->refresh(); @@ -71,7 +71,7 @@ class SortTest extends TestCase $page = $oldChapter->pages()->first(); $newBook = Book::query()->where('id', '!=', $oldChapter->book_id)->first(); - $movePageResp = $this->actingAs($this->getEditor())->put($page->getUrl('/move'), [ + $movePageResp = $this->actingAs($this->users->editor())->put($page->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id, ]); $page->refresh(); @@ -89,16 +89,16 @@ class SortTest extends TestCase $page = $this->entities->page(); $currentBook = $page->book; $newBook = Book::query()->where('id', '!=', $currentBook->id)->first(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); - $this->entities->setPermissions($newBook, ['view', 'update', 'delete'], $editor->roles->all()); + $this->permissions->setEntityPermissions($newBook, ['view', 'update', 'delete'], $editor->roles->all()); $movePageResp = $this->actingAs($editor)->put($page->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id, ]); $this->assertPermissionError($movePageResp); - $this->entities->setPermissions($newBook, ['view', 'update', 'delete', 'create'], $editor->roles->all()); + $this->permissions->setEntityPermissions($newBook, ['view', 'update', 'delete', 'create'], $editor->roles->all()); $movePageResp = $this->put($page->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id, ]); @@ -114,10 +114,10 @@ class SortTest extends TestCase $page = $this->entities->page(); $currentBook = $page->book; $newBook = Book::query()->where('id', '!=', $currentBook->id)->first(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); - $this->entities->setPermissions($newBook, ['view', 'update', 'create', 'delete'], $editor->roles->all()); - $this->entities->setPermissions($page, ['view', 'update', 'create'], $editor->roles->all()); + $this->permissions->setEntityPermissions($newBook, ['view', 'update', 'create', 'delete'], $editor->roles->all()); + $this->permissions->setEntityPermissions($page, ['view', 'update', 'create'], $editor->roles->all()); $movePageResp = $this->actingAs($editor)->put($page->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id, @@ -126,7 +126,7 @@ class SortTest extends TestCase $pageView = $this->get($page->getUrl()); $pageView->assertDontSee($page->getUrl('/move')); - $this->entities->setPermissions($page, ['view', 'update', 'create', 'delete'], $editor->roles->all()); + $this->permissions->setEntityPermissions($page, ['view', 'update', 'create', 'delete'], $editor->roles->all()); $movePageResp = $this->put($page->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id, ]); @@ -169,10 +169,10 @@ class SortTest extends TestCase $chapter = $this->entities->chapter(); $currentBook = $chapter->book; $newBook = Book::query()->where('id', '!=', $currentBook->id)->first(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); - $this->entities->setPermissions($newBook, ['view', 'update', 'create', 'delete'], $editor->roles->all()); - $this->entities->setPermissions($chapter, ['view', 'update', 'create'], $editor->roles->all()); + $this->permissions->setEntityPermissions($newBook, ['view', 'update', 'create', 'delete'], $editor->roles->all()); + $this->permissions->setEntityPermissions($chapter, ['view', 'update', 'create'], $editor->roles->all()); $moveChapterResp = $this->actingAs($editor)->put($chapter->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id, @@ -181,7 +181,7 @@ class SortTest extends TestCase $pageView = $this->get($chapter->getUrl()); $pageView->assertDontSee($chapter->getUrl('/move')); - $this->entities->setPermissions($chapter, ['view', 'update', 'create', 'delete'], $editor->roles->all()); + $this->permissions->setEntityPermissions($chapter, ['view', 'update', 'create', 'delete'], $editor->roles->all()); $moveChapterResp = $this->put($chapter->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id, ]); @@ -196,17 +196,17 @@ class SortTest extends TestCase $chapter = $this->entities->chapter(); $currentBook = $chapter->book; $newBook = Book::query()->where('id', '!=', $currentBook->id)->first(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); - $this->entities->setPermissions($newBook, ['view', 'update', 'delete'], [$editor->roles->first()]); - $this->entities->setPermissions($chapter, ['view', 'update', 'create', 'delete'], [$editor->roles->first()]); + $this->permissions->setEntityPermissions($newBook, ['view', 'update', 'delete'], [$editor->roles->first()]); + $this->permissions->setEntityPermissions($chapter, ['view', 'update', 'create', 'delete'], [$editor->roles->first()]); $moveChapterResp = $this->actingAs($editor)->put($chapter->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id, ]); $this->assertPermissionError($moveChapterResp); - $this->entities->setPermissions($newBook, ['view', 'update', 'create', 'delete'], [$editor->roles->first()]); + $this->permissions->setEntityPermissions($newBook, ['view', 'update', 'create', 'delete'], [$editor->roles->first()]); $moveChapterResp = $this->put($chapter->getUrl('/move'), [ 'entity_selection' => 'book:' . $newBook->id, ]); @@ -313,7 +313,7 @@ class SortTest extends TestCase $page = $this->entities->pageWithinChapter(); /** @var Chapter $otherChapter */ $otherChapter = Chapter::query()->where('book_id', '!=', $page->book_id)->first(); - $this->entities->setPermissions($otherChapter); + $this->permissions->setEntityPermissions($otherChapter); $sortData = [ 'id' => $page->id, @@ -334,8 +334,8 @@ class SortTest extends TestCase $page = $this->entities->pageWithinChapter(); /** @var Chapter $otherChapter */ $otherChapter = Chapter::query()->where('book_id', '!=', $page->book_id)->first(); - $editor = $this->getEditor(); - $this->entities->setPermissions($otherChapter->book, ['update', 'delete'], [$editor->roles()->first()]); + $editor = $this->users->editor(); + $this->permissions->setEntityPermissions($otherChapter->book, ['update', 'delete'], [$editor->roles()->first()]); $sortData = [ 'id' => $page->id, @@ -356,8 +356,8 @@ class SortTest extends TestCase $page = $this->entities->pageWithinChapter(); /** @var Chapter $otherChapter */ $otherChapter = Chapter::query()->where('book_id', '!=', $page->book_id)->first(); - $editor = $this->getEditor(); - $this->entities->setPermissions($otherChapter, ['view', 'delete'], [$editor->roles()->first()]); + $editor = $this->users->editor(); + $this->permissions->setEntityPermissions($otherChapter, ['view', 'delete'], [$editor->roles()->first()]); $sortData = [ 'id' => $page->id, @@ -378,8 +378,8 @@ class SortTest extends TestCase $page = $this->entities->pageWithinChapter(); /** @var Chapter $otherChapter */ $otherChapter = Chapter::query()->where('book_id', '!=', $page->book_id)->first(); - $editor = $this->getEditor(); - $this->entities->setPermissions($page, ['view', 'delete'], [$editor->roles()->first()]); + $editor = $this->users->editor(); + $this->permissions->setEntityPermissions($page, ['view', 'delete'], [$editor->roles()->first()]); $sortData = [ 'id' => $page->id, @@ -400,8 +400,8 @@ class SortTest extends TestCase $page = $this->entities->pageWithinChapter(); /** @var Chapter $otherChapter */ $otherChapter = Chapter::query()->where('book_id', '!=', $page->book_id)->first(); - $editor = $this->getEditor(); - $this->entities->setPermissions($page, ['view', 'update'], [$editor->roles()->first()]); + $editor = $this->users->editor(); + $this->permissions->setEntityPermissions($page, ['view', 'update'], [$editor->roles()->first()]); $sortData = [ 'id' => $page->id, diff --git a/tests/Entity/TagTest.php b/tests/Entity/TagTest.php index ab06686e0..7e6674959 100644 --- a/tests/Entity/TagTest.php +++ b/tests/Entity/TagTest.php @@ -75,7 +75,7 @@ class TagTest extends TestCase $this->asEditor()->get('/ajax/tags/suggest/names?search=co')->assertSimilarJson(['color', 'country']); // Set restricted permission the page - $this->entities->setPermissions($page, [], []); + $this->permissions->setEntityPermissions($page, [], []); $this->asAdmin()->get('/ajax/tags/suggest/names?search=co')->assertSimilarJson(['color', 'country']); $this->asEditor()->get('/ajax/tags/suggest/names?search=co')->assertSimilarJson([]); @@ -178,7 +178,7 @@ class TagTest extends TestCase $resp = $this->get('/tags?name=SuperCategory'); $resp->assertSee('GreatTestContent'); - $this->entities->setPermissions($page, [], []); + $this->permissions->setEntityPermissions($page, [], []); $resp = $this->asEditor()->get('/tags'); $resp->assertDontSee('SuperCategory'); diff --git a/tests/ErrorTest.php b/tests/ErrorTest.php index ebd9874d3..6ba01dd88 100644 --- a/tests/ErrorTest.php +++ b/tests/ErrorTest.php @@ -11,7 +11,7 @@ class ErrorTest extends TestCase // Due to middleware being handled differently this will not fail // if our custom, middleware-loaded handler fails but this is here // as a reminder and as a general check in the event of other issues. - $editor = $this->getEditor(); + $editor = $this->users->editor(); $editor->name = 'tester'; $editor->save(); @@ -24,7 +24,7 @@ class ErrorTest extends TestCase public function test_item_not_found_does_not_get_logged_to_file() { - $this->actingAs($this->getViewer()); + $this->actingAs($this->users->viewer()); $handler = $this->withTestLogger(); $book = $this->entities->book(); @@ -41,7 +41,7 @@ class ErrorTest extends TestCase public function test_access_to_non_existing_image_location_provides_404_response() { - $resp = $this->actingAs($this->getViewer())->get('/uploads/images/gallery/2021-05/anonexistingimage.png'); + $resp = $this->actingAs($this->users->viewer())->get('/uploads/images/gallery/2021-05/anonexistingimage.png'); $resp->assertStatus(404); $resp->assertSeeText('Image Not Found'); } diff --git a/tests/FavouriteTest.php b/tests/FavouriteTest.php index 456f2213c..7778aa8e9 100644 --- a/tests/FavouriteTest.php +++ b/tests/FavouriteTest.php @@ -10,7 +10,7 @@ class FavouriteTest extends TestCase public function test_page_add_favourite_flow() { $page = $this->entities->page(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->actingAs($editor)->get($page->getUrl()); $this->withHtml($resp)->assertElementContains('button', 'Favourite'); @@ -33,7 +33,7 @@ class FavouriteTest extends TestCase public function test_page_remove_favourite_flow() { $page = $this->entities->page(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); Favourite::query()->forceCreate([ 'user_id' => $editor->id, 'favouritable_id' => $page->id, @@ -63,7 +63,7 @@ class FavouriteTest extends TestCase $book->owned_by = $user->id; $book->save(); - $this->giveUserPermissions($user, ['book-view-own']); + $this->permissions->grantUserRolePermissions($user, ['book-view-own']); $this->actingAs($user)->get($book->getUrl()); $resp = $this->post('/favourites/add', [ @@ -81,7 +81,7 @@ class FavouriteTest extends TestCase public function test_each_entity_type_shows_favourite_button() { - $this->actingAs($this->getEditor()); + $this->actingAs($this->users->editor()); foreach ($this->entities->all() as $entity) { $resp = $this->get($entity->getUrl()); @@ -94,13 +94,13 @@ class FavouriteTest extends TestCase $this->setSettings(['app-public' => 'true']); $resp = $this->get('/'); $this->withHtml($resp)->assertElementNotContains('header', 'My Favourites'); - $resp = $this->actingAs($this->getViewer())->get('/'); + $resp = $this->actingAs($this->users->viewer())->get('/'); $this->withHtml($resp)->assertElementContains('header a', 'My Favourites'); } public function test_favourites_shown_on_homepage() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->actingAs($editor)->get('/'); $this->withHtml($resp)->assertElementNotExists('#top-favourites'); @@ -116,7 +116,7 @@ class FavouriteTest extends TestCase public function test_favourites_list_page_shows_favourites_and_has_working_pagination() { $page = $this->entities->page(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->actingAs($editor)->get('/favourites'); $resp->assertDontSee($page->name); diff --git a/tests/Helpers/EntityProvider.php b/tests/Helpers/EntityProvider.php index 9e8cf0b73..d79015f75 100644 --- a/tests/Helpers/EntityProvider.php +++ b/tests/Helpers/EntityProvider.php @@ -2,8 +2,6 @@ namespace Tests\Helpers; -use BookStack\Auth\Permissions\EntityPermission; -use BookStack\Auth\Role; use BookStack\Auth\User; use BookStack\Entities\Models\Book; use BookStack\Entities\Models\Bookshelf; @@ -186,44 +184,6 @@ class EntityProvider return $pageRepo->publishDraft($draftPage, $input); } - /** - * Regenerate the permission for an entity. - * Centralised to manage clearing of cached elements between requests. - */ - public function regenPermissions(Entity $entity): void - { - $entity->rebuildPermissions(); - $entity->load('jointPermissions'); - } - - /** - * Set the given entity as having restricted permissions, and apply the given - * permissions for the given roles. - * @param string[] $actions - * @param Role[] $roles - */ - public function setPermissions(Entity $entity, array $actions = [], array $roles = []): void - { - $entity->permissions()->delete(); - - $permissions = [ - // Set default permissions to not allow actions so that only the provided role permissions are at play. - ['role_id' => 0, 'view' => false, 'create' => false, 'update' => false, 'delete' => false], - ]; - - foreach ($roles as $role) { - $permission = ['role_id' => $role->id]; - foreach (EntityPermission::PERMISSIONS as $possibleAction) { - $permission[$possibleAction] = in_array($possibleAction, $actions); - } - $permissions[] = $permission; - } - - $entity->permissions()->createMany($permissions); - $entity->load('permissions'); - $this->regenPermissions($entity); - } - /** * @param Entity|Entity[] $entities */ diff --git a/tests/Helpers/PermissionsProvider.php b/tests/Helpers/PermissionsProvider.php new file mode 100644 index 000000000..ac9a2a68a --- /dev/null +++ b/tests/Helpers/PermissionsProvider.php @@ -0,0 +1,136 @@ +userRoleProvider = $userRoleProvider; + } + + /** + * Grant role permissions to the provided user. + */ + public function grantUserRolePermissions(User $user, array $permissions): void + { + $newRole = $this->userRoleProvider->createRole($permissions); + $user->attachRole($newRole); + $user->load('roles'); + $user->clearPermissionCache(); + } + + /** + * Completely remove specific role permissions from the provided user. + */ + public function removeUserRolePermissions(User $user, array $permissions): void + { + foreach ($permissions as $permissionName) { + /** @var RolePermission $permission */ + $permission = RolePermission::query() + ->where('name', '=', $permissionName) + ->firstOrFail(); + + $roles = $user->roles()->whereHas('permissions', function ($query) use ($permission) { + $query->where('id', '=', $permission->id); + })->get(); + + /** @var Role $role */ + foreach ($roles as $role) { + $role->detachPermission($permission); + } + + $user->clearPermissionCache(); + } + } + + /** + * Change the owner of the given entity to the given user. + */ + public function changeEntityOwner(Entity $entity, User $newOwner): void + { + $entity->owned_by = $newOwner->id; + $entity->save(); + $entity->rebuildPermissions(); + } + + /** + * Regenerate the permission for an entity. + * Centralised to manage clearing of cached elements between requests. + */ + public function regenerateForEntity(Entity $entity): void + { + $entity->rebuildPermissions(); + } + + /** + * Set the given entity as having restricted permissions, and apply the given + * permissions for the given roles. + * @param string[] $actions + * @param Role[] $roles + */ + public function setEntityPermissions(Entity $entity, array $actions = [], array $roles = [], $inherit = false): void + { + $entity->permissions()->delete(); + + $permissions = []; + + if (!$inherit) { + // Set default permissions to not allow actions so that only the provided role permissions are at play. + $permissions[] = ['role_id' => null, 'user_id' => null, 'view' => false, 'create' => false, 'update' => false, 'delete' => false]; + } + + foreach ($roles as $role) { + $permissions[] = $this->actionListToEntityPermissionData($actions, $role->id); + } + + $this->addEntityPermissionEntries($entity, $permissions); + } + + public function addEntityPermission(Entity $entity, array $actionList, ?Role $role = null, ?User $user = null) + { + $permissionData = $this->actionListToEntityPermissionData($actionList, $role->id ?? null, $user->id ?? null); + $this->addEntityPermissionEntries($entity, [$permissionData]); + } + + /** + * Disable inherited permissions on the given entity. + * Effectively sets the "Other Users" UI permission option to not inherit, with no permissions. + */ + public function disableEntityInheritedPermissions(Entity $entity): void + { + $entity->permissions()->whereNull(['user_id', 'role_id'])->delete(); + $fallback = $this->actionListToEntityPermissionData([]); + $this->addEntityPermissionEntries($entity, [$fallback]); + } + + protected function addEntityPermissionEntries(Entity $entity, array $entityPermissionData): void + { + $entity->permissions()->createMany($entityPermissionData); + $entity->load('permissions'); + $this->regenerateForEntity($entity); + } + + /** + * For the given simple array of string actions (view, create, update, delete), convert + * the format to entity permission data, where permission is granted if the action is in the + * given actionList array. + */ + protected function actionListToEntityPermissionData(array $actionList, int $roleId = null, int $userId = null): array + { + $permissionData = ['role_id' => $roleId, 'user_id' => $userId]; + foreach (EntityPermission::PERMISSIONS as $possibleAction) { + $permissionData[$possibleAction] = in_array($possibleAction, $actionList); + } + + return $permissionData; + } +} diff --git a/tests/Helpers/UserRoleProvider.php b/tests/Helpers/UserRoleProvider.php new file mode 100644 index 000000000..355c1687c --- /dev/null +++ b/tests/Helpers/UserRoleProvider.php @@ -0,0 +1,97 @@ +admin)) { + $adminRole = Role::getSystemRole('admin'); + $this->admin = $adminRole->users->first(); + } + + return $this->admin; + } + + /** + * Get a typical "Editor" user. + */ + public function editor(): User + { + if ($this->editor === null) { + $editorRole = Role::getRole('editor'); + $this->editor = $editorRole->users->first(); + } + + return $this->editor; + } + + /** + * Get a typical "Viewer" user. + */ + public function viewer(array $attributes = []): User + { + $user = Role::getRole('viewer')->users()->first(); + if (!empty($attributes)) { + $user->forceFill($attributes)->save(); + } + + return $user; + } + + /** + * Create a new fresh user without any relations. + */ + public function newUser(array $attrs = []): User + { + return User::factory()->create($attrs); + } + + /** + * Create a new fresh user, with the given attrs, that has assigned a fresh role + * that has the given role permissions. + * Intended as a helper to create a blank slate baseline user and role. + * @return array{0: User, 1: Role} + */ + public function newUserWithRole(array $userAttrs = [], array $rolePermissions = []): array + { + $user = $this->newUser($userAttrs); + $role = $this->attachNewRole($user, $rolePermissions); + + return [$user, $role]; + } + + /** + * Attach a new role, with the given role permissions, to the given user + * and return that role. + */ + public function attachNewRole(User $user, array $rolePermissions = []): Role + { + $role = $this->createRole($rolePermissions); + $user->attachRole($role); + return $role; + } + + /** + * Create a new basic role with the given role permissions. + */ + public function createRole(array $rolePermissions = []): Role + { + $permissionRepo = app(PermissionsRepo::class); + $roleData = Role::factory()->make()->toArray(); + $roleData['permissions'] = array_flip($rolePermissions); + + return $permissionRepo->saveNewRole($roleData); + } +} diff --git a/tests/HomepageTest.php b/tests/HomepageTest.php index cf69425fb..c7e8b69bb 100644 --- a/tests/HomepageTest.php +++ b/tests/HomepageTest.php @@ -114,7 +114,7 @@ class HomepageTest extends TestCase public function test_set_book_homepage() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); setting()->putUser($editor, 'books_view_type', 'grid'); $this->setSettings(['app-homepage-type' => 'books']); @@ -133,7 +133,7 @@ class HomepageTest extends TestCase public function test_set_bookshelves_homepage() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); setting()->putUser($editor, 'bookshelves_view_type', 'grid'); $shelf = $this->entities->shelf(); @@ -152,7 +152,7 @@ class HomepageTest extends TestCase public function test_shelves_list_homepage_adheres_to_book_visibility_permissions() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); setting()->putUser($editor, 'bookshelves_view_type', 'list'); $this->setSettings(['app-homepage-type' => 'bookshelves']); $this->asEditor(); @@ -167,13 +167,13 @@ class HomepageTest extends TestCase // Ensure book no longer visible without view permission $editor->roles()->detach(); - $this->giveUserPermissions($editor, ['bookshelf-view-all']); + $this->permissions->grantUserRolePermissions($editor, ['bookshelf-view-all']); $homeVisit = $this->get('/'); $this->withHtml($homeVisit)->assertElementContains('.content-wrap', $shelf->name); $this->withHtml($homeVisit)->assertElementNotContains('.content-wrap', $book->name); // Ensure is visible again with entity-level view permission - $this->entities->setPermissions($book, ['view'], [$editor->roles()->first()]); + $this->permissions->setEntityPermissions($book, ['view'], [$editor->roles()->first()]); $homeVisit = $this->get('/'); $this->withHtml($homeVisit)->assertElementContains('.content-wrap', $shelf->name); $this->withHtml($homeVisit)->assertElementContains('.content-wrap', $book->name); diff --git a/tests/LanguageTest.php b/tests/LanguageTest.php index 27de5f875..ba522a74e 100644 --- a/tests/LanguageTest.php +++ b/tests/LanguageTest.php @@ -4,7 +4,7 @@ namespace Tests; class LanguageTest extends TestCase { - protected array $langs; + protected $langs; /** * LanguageTest constructor. @@ -77,20 +77,8 @@ class LanguageTest extends TestCase { $this->asEditor(); $this->assertFalse(config('app.rtl'), 'App RTL config should be false by default'); - setting()->putUser($this->getEditor(), 'language', 'ar'); + setting()->putUser($this->users->editor(), 'language', 'ar'); $this->get('/'); $this->assertTrue(config('app.rtl'), 'App RTL config should have been set to true by middleware'); } - - public function test_pluralisation_for_non_standard_locales() - { - $text = trans_choice('entities.x_pages', 1, [], 'de_informal'); - $this->assertEquals('1 Seite', $text); - - $text = trans_choice('entities.x_pages', 2, [], 'de_informal'); - $this->assertEquals('2 Seiten', $text); - - $text = trans_choice('entities.x_pages', 0, [], 'de_informal'); - $this->assertEquals('0 Seiten', $text); - } } diff --git a/tests/Permissions/EntityPermissionsTest.php b/tests/Permissions/EntityPermissionsTest.php index 4b613b49c..68a4ed244 100644 --- a/tests/Permissions/EntityPermissionsTest.php +++ b/tests/Permissions/EntityPermissionsTest.php @@ -2,6 +2,7 @@ namespace Tests\Permissions; +use BookStack\Auth\Role; use BookStack\Auth\User; use BookStack\Entities\Models\Book; use BookStack\Entities\Models\Bookshelf; @@ -20,8 +21,8 @@ class EntityPermissionsTest extends TestCase protected function setUp(): void { parent::setUp(); - $this->user = $this->getEditor(); - $this->viewer = $this->getViewer(); + $this->user = $this->users->editor(); + $this->viewer = $this->users->viewer(); } protected function setRestrictionsForTestRoles(Entity $entity, array $actions = []) @@ -30,7 +31,7 @@ class EntityPermissionsTest extends TestCase $this->user->roles->first(), $this->viewer->roles->first(), ]; - $this->entities->setPermissions($entity, $actions, $roles); + $this->permissions->setEntityPermissions($entity, $actions, $roles); } public function test_bookshelf_view_restriction() @@ -378,8 +379,10 @@ class EntityPermissionsTest extends TestCase $this->put($modelInstance->getUrl('/permissions'), [ 'permissions' => [ - $roleId => [ - $permission => 'true', + 'role' => [ + $roleId => [ + $permission => 'true', + ], ], ], ]); @@ -655,6 +658,34 @@ class EntityPermissionsTest extends TestCase $resp->assertRedirect($book->getUrl('/page/test-page')); } + public function test_access_to_item_prevented_if_inheritance_active_but_permission_prevented_via_role() + { + $user = $this->users->viewer(); + $viewerRole = $user->roles->first(); + $chapter = $this->entities->chapter(); + $book = $chapter->book; + + $this->permissions->setEntityPermissions($book, ['edit'], [$viewerRole], false); + $this->permissions->setEntityPermissions($chapter, [], [$viewerRole], true); + + $this->assertFalse(userCan('chapter-update', $chapter)); + } + + public function test_access_to_item_allowed_if_inheritance_active_and_permission_prevented_via_role_but_allowed_via_parent() + { + $user = $this->users->viewer(); + $viewerRole = $user->roles->first(); + $editorRole = Role::getRole('Editor'); + $user->attachRole($editorRole); + $chapter = $this->entities->chapter(); + $book = $chapter->book; + + $this->permissions->setEntityPermissions($book, ['edit'], [$editorRole], false); + $this->permissions->setEntityPermissions($chapter, [], [$viewerRole], true); + + $this->assertTrue(userCan('chapter-update', $chapter)); + } + public function test_book_permissions_can_be_generated_without_error_if_child_chapter_is_in_recycle_bin() { $book = $this->entities->bookHasChaptersAndPages(); @@ -665,7 +696,7 @@ class EntityPermissionsTest extends TestCase $error = null; try { - $this->entities->setPermissions($book, ['view'], []); + $this->permissions->setEntityPermissions($book, ['view'], []); } catch (Exception $e) { $error = $e; } diff --git a/tests/Permissions/ExportPermissionsTest.php b/tests/Permissions/ExportPermissionsTest.php index 642cf1beb..8072221e5 100644 --- a/tests/Permissions/ExportPermissionsTest.php +++ b/tests/Permissions/ExportPermissionsTest.php @@ -14,7 +14,7 @@ class ExportPermissionsTest extends TestCase $pageContent = Str::random(48); $page->html = '' . $pageContent . '
'; $page->save(); - $viewer = $this->getViewer(); + $viewer = $this->users->viewer(); $this->actingAs($viewer); $formats = ['html', 'plaintext']; @@ -25,7 +25,7 @@ class ExportPermissionsTest extends TestCase $resp->assertSee($pageContent); } - $this->entities->setPermissions($page, []); + $this->permissions->setEntityPermissions($page, []); foreach ($formats as $format) { $resp = $this->get($chapter->getUrl("export/{$format}")); @@ -42,7 +42,7 @@ class ExportPermissionsTest extends TestCase $pageContent = Str::random(48); $page->html = '' . $pageContent . '
'; $page->save(); - $viewer = $this->getViewer(); + $viewer = $this->users->viewer(); $this->actingAs($viewer); $formats = ['html', 'plaintext']; @@ -53,7 +53,7 @@ class ExportPermissionsTest extends TestCase $resp->assertSee($pageContent); } - $this->entities->setPermissions($page, []); + $this->permissions->setEntityPermissions($page, []); foreach ($formats as $format) { $resp = $this->get($book->getUrl("export/{$format}")); diff --git a/tests/Permissions/RolesTest.php b/tests/Permissions/RolesTest.php index 88d400259..8bf700c07 100644 --- a/tests/Permissions/RolesTest.php +++ b/tests/Permissions/RolesTest.php @@ -22,7 +22,7 @@ class RolesTest extends TestCase protected function setUp(): void { parent::setUp(); - $this->user = $this->getViewer(); + $this->user = $this->users->viewer(); } public function test_admin_can_see_settings() @@ -42,7 +42,7 @@ class RolesTest extends TestCase public function test_role_cannot_be_deleted_if_default() { - $newRole = $this->createNewRole(); + $newRole = $this->users->createRole(); $this->setSettings(['registration-role' => $newRole->id]); $deletePageUrl = '/settings/roles/delete/' . $newRole->id; @@ -121,11 +121,11 @@ class RolesTest extends TestCase { /** @var Role $adminRole */ $adminRole = Role::query()->where('system_name', '=', 'admin')->first(); - $adminUser = $this->getAdmin(); + $adminUser = $this->users->admin(); $adminRole->users()->where('id', '!=', $adminUser->id)->delete(); $this->assertEquals(1, $adminRole->users()->count()); - $viewerRole = $this->getViewer()->roles()->first(); + $viewerRole = $this->users->viewer()->roles()->first(); $editUrl = '/settings/users/' . $adminUser->id; $resp = $this->actingAs($adminUser)->put($editUrl, [ @@ -169,7 +169,7 @@ class RolesTest extends TestCase $roleA = Role::query()->create(['display_name' => 'Entity Permissions Delete Test']); $page = $this->entities->page(); - $this->entities->setPermissions($page, ['view'], [$roleA]); + $this->permissions->setEntityPermissions($page, ['view'], [$roleA]); $this->assertDatabaseHas('entity_permissions', [ 'role_id' => $roleA->id, @@ -214,7 +214,7 @@ class RolesTest extends TestCase public function test_manage_user_permission() { $this->actingAs($this->user)->get('/settings/users')->assertRedirect('/'); - $this->giveUserPermissions($this->user, ['users-manage']); + $this->permissions->grantUserRolePermissions($this->user, ['users-manage']); $this->actingAs($this->user)->get('/settings/users')->assertOk(); } @@ -222,9 +222,9 @@ class RolesTest extends TestCase { $usersLink = 'href="' . url('/settings/users') . '"'; $this->actingAs($this->user)->get('/')->assertDontSee($usersLink, false); - $this->giveUserPermissions($this->user, ['users-manage']); + $this->permissions->grantUserRolePermissions($this->user, ['users-manage']); $this->actingAs($this->user)->get('/')->assertSee($usersLink, false); - $this->giveUserPermissions($this->user, ['settings-manage', 'users-manage']); + $this->permissions->grantUserRolePermissions($this->user, ['settings-manage', 'users-manage']); $this->actingAs($this->user)->get('/')->assertDontSee($usersLink, false); } @@ -247,7 +247,7 @@ class RolesTest extends TestCase 'name' => 'my_new_name', ]); - $this->giveUserPermissions($this->user, ['users-manage']); + $this->permissions->grantUserRolePermissions($this->user, ['users-manage']); $resp = $this->get($userProfileUrl) ->assertOk(); @@ -269,7 +269,7 @@ class RolesTest extends TestCase { $this->actingAs($this->user)->get('/settings/roles')->assertRedirect('/'); $this->get('/settings/roles/1')->assertRedirect('/'); - $this->giveUserPermissions($this->user, ['user-roles-manage']); + $this->permissions->grantUserRolePermissions($this->user, ['user-roles-manage']); $this->actingAs($this->user)->get('/settings/roles')->assertOk(); $this->get('/settings/roles/1') ->assertOk() @@ -279,7 +279,7 @@ class RolesTest extends TestCase public function test_settings_manage_permission() { $this->actingAs($this->user)->get('/settings/features')->assertRedirect('/'); - $this->giveUserPermissions($this->user, ['settings-manage']); + $this->permissions->grantUserRolePermissions($this->user, ['settings-manage']); $this->get('/settings/features')->assertOk(); $resp = $this->post('/settings/features', []); @@ -295,7 +295,7 @@ class RolesTest extends TestCase $this->actingAs($this->user)->get($page->getUrl())->assertDontSee('Permissions'); $this->get($page->getUrl('/permissions'))->assertRedirect('/'); - $this->giveUserPermissions($this->user, ['restrictions-manage-all']); + $this->permissions->grantUserRolePermissions($this->user, ['restrictions-manage-all']); $this->actingAs($this->user)->get($page->getUrl())->assertSee('Permissions'); @@ -325,7 +325,7 @@ class RolesTest extends TestCase $this->actingAs($this->user)->get($page->getUrl())->assertDontSee('Permissions'); $this->get($page->getUrl('/permissions'))->assertRedirect('/'); - $this->giveUserPermissions($this->user, ['restrictions-manage-own']); + $this->permissions->grantUserRolePermissions($this->user, ['restrictions-manage-own']); // Check can't restrict other's content $this->actingAs($this->user)->get($otherUsersPage->getUrl())->assertDontSee('Permissions'); @@ -350,7 +350,7 @@ class RolesTest extends TestCase $this->withHtml($resp)->assertElementNotContains('.action-buttons', $text); } - $this->giveUserPermissions($this->user, [$permission]); + $this->permissions->grantUserRolePermissions($this->user, [$permission]); foreach ($accessUrls as $url) { $this->actingAs($this->user)->get($url)->assertOk(); @@ -380,7 +380,7 @@ class RolesTest extends TestCase $otherShelf = Bookshelf::query()->first(); $ownShelf = $this->entities->newShelf(['name' => 'test-shelf', 'slug' => 'test-shelf']); $ownShelf->forceFill(['owned_by' => $this->user->id, 'updated_by' => $this->user->id])->save(); - $this->entities->regenPermissions($ownShelf); + $this->permissions->regenerateForEntity($ownShelf); $this->checkAccessPermission('bookshelf-update-own', [ $ownShelf->getUrl('/edit'), @@ -406,12 +406,12 @@ class RolesTest extends TestCase public function test_bookshelves_delete_own_permission() { - $this->giveUserPermissions($this->user, ['bookshelf-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['bookshelf-update-all']); /** @var Bookshelf $otherShelf */ $otherShelf = Bookshelf::query()->first(); $ownShelf = $this->entities->newShelf(['name' => 'test-shelf', 'slug' => 'test-shelf']); $ownShelf->forceFill(['owned_by' => $this->user->id, 'updated_by' => $this->user->id])->save(); - $this->entities->regenPermissions($ownShelf); + $this->permissions->regenerateForEntity($ownShelf); $this->checkAccessPermission('bookshelf-delete-own', [ $ownShelf->getUrl('/delete'), @@ -430,7 +430,7 @@ class RolesTest extends TestCase public function test_bookshelves_delete_all_permission() { - $this->giveUserPermissions($this->user, ['bookshelf-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['bookshelf-update-all']); /** @var Bookshelf $otherShelf */ $otherShelf = Bookshelf::query()->first(); $this->checkAccessPermission('bookshelf-delete-all', [ @@ -486,7 +486,7 @@ class RolesTest extends TestCase public function test_books_delete_own_permission() { - $this->giveUserPermissions($this->user, ['book-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['book-update-all']); /** @var Book $otherBook */ $otherBook = Book::query()->take(1)->get()->first(); $ownBook = $this->entities->createChainBelongingToUser($this->user)['book']; @@ -506,7 +506,7 @@ class RolesTest extends TestCase public function test_books_delete_all_permission() { - $this->giveUserPermissions($this->user, ['book-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['book-update-all']); /** @var Book $otherBook */ $otherBook = Book::query()->take(1)->get()->first(); $this->checkAccessPermission('book-delete-all', [ @@ -585,7 +585,7 @@ class RolesTest extends TestCase public function test_chapter_delete_own_permission() { - $this->giveUserPermissions($this->user, ['chapter-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['chapter-update-all']); /** @var Chapter $otherChapter */ $otherChapter = Chapter::query()->first(); $ownChapter = $this->entities->createChainBelongingToUser($this->user)['chapter']; @@ -607,7 +607,7 @@ class RolesTest extends TestCase public function test_chapter_delete_all_permission() { - $this->giveUserPermissions($this->user, ['chapter-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['chapter-update-all']); /** @var Chapter $otherChapter */ $otherChapter = Chapter::query()->first(); $this->checkAccessPermission('chapter-delete-all', [ @@ -645,7 +645,7 @@ class RolesTest extends TestCase $ownChapter->getUrl() => 'New Page', ]); - $this->giveUserPermissions($this->user, ['page-create-own']); + $this->permissions->grantUserRolePermissions($this->user, ['page-create-own']); foreach ($accessUrls as $index => $url) { $resp = $this->actingAs($this->user)->get($url); @@ -688,7 +688,7 @@ class RolesTest extends TestCase $chapter->getUrl() => 'New Page', ]); - $this->giveUserPermissions($this->user, ['page-create-all']); + $this->permissions->grantUserRolePermissions($this->user, ['page-create-all']); foreach ($accessUrls as $index => $url) { $resp = $this->actingAs($this->user)->get($url); @@ -742,7 +742,7 @@ class RolesTest extends TestCase public function test_page_delete_own_permission() { - $this->giveUserPermissions($this->user, ['page-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['page-update-all']); /** @var Page $otherPage */ $otherPage = Page::query()->first(); $ownPage = $this->entities->createChainBelongingToUser($this->user)['page']; @@ -764,7 +764,7 @@ class RolesTest extends TestCase public function test_page_delete_all_permission() { - $this->giveUserPermissions($this->user, ['page-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['page-update-all']); /** @var Page $otherPage */ $otherPage = Page::query()->first(); @@ -823,7 +823,7 @@ class RolesTest extends TestCase public function test_image_delete_own_permission() { - $this->giveUserPermissions($this->user, ['image-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['image-update-all']); $page = $this->entities->page(); $image = Image::factory()->create([ 'uploaded_to' => $page->id, @@ -833,7 +833,7 @@ class RolesTest extends TestCase $this->actingAs($this->user)->json('delete', '/images/' . $image->id)->assertStatus(403); - $this->giveUserPermissions($this->user, ['image-delete-own']); + $this->permissions->grantUserRolePermissions($this->user, ['image-delete-own']); $this->actingAs($this->user)->json('delete', '/images/' . $image->id)->assertOk(); $this->assertDatabaseMissing('images', ['id' => $image->id]); @@ -841,18 +841,18 @@ class RolesTest extends TestCase public function test_image_delete_all_permission() { - $this->giveUserPermissions($this->user, ['image-update-all']); - $admin = $this->getAdmin(); + $this->permissions->grantUserRolePermissions($this->user, ['image-update-all']); + $admin = $this->users->admin(); $page = $this->entities->page(); $image = Image::factory()->create(['uploaded_to' => $page->id, 'created_by' => $admin->id, 'updated_by' => $admin->id]); $this->actingAs($this->user)->json('delete', '/images/' . $image->id)->assertStatus(403); - $this->giveUserPermissions($this->user, ['image-delete-own']); + $this->permissions->grantUserRolePermissions($this->user, ['image-delete-own']); $this->actingAs($this->user)->json('delete', '/images/' . $image->id)->assertStatus(403); - $this->giveUserPermissions($this->user, ['image-delete-all']); + $this->permissions->grantUserRolePermissions($this->user, ['image-delete-all']); $this->actingAs($this->user)->json('delete', '/images/' . $image->id)->assertOk(); $this->assertDatabaseMissing('images', ['id' => $image->id]); @@ -863,7 +863,7 @@ class RolesTest extends TestCase // To cover issue fixed in f99c8ff99aee9beb8c692f36d4b84dc6e651e50a. $page = $this->entities->page(); $viewerRole = Role::getRole('viewer'); - $viewer = $this->getViewer(); + $viewer = $this->users->viewer(); $this->actingAs($viewer)->get($page->getUrl())->assertOk(); $this->asAdmin()->put('/settings/roles/' . $viewerRole->id, [ @@ -877,18 +877,18 @@ class RolesTest extends TestCase public function test_empty_state_actions_not_visible_without_permission() { - $admin = $this->getAdmin(); + $admin = $this->users->admin(); // Book links $book = Book::factory()->create(['created_by' => $admin->id, 'updated_by' => $admin->id]); - $this->entities->regenPermissions($book); - $this->actingAs($this->getViewer())->get($book->getUrl()) + $this->permissions->regenerateForEntity($book); + $this->actingAs($this->users->viewer())->get($book->getUrl()) ->assertDontSee('Create a new page') ->assertDontSee('Add a chapter'); // Chapter links $chapter = Chapter::factory()->create(['created_by' => $admin->id, 'updated_by' => $admin->id, 'book_id' => $book->id]); - $this->entities->regenPermissions($chapter); - $this->actingAs($this->getViewer())->get($chapter->getUrl()) + $this->permissions->regenerateForEntity($chapter); + $this->actingAs($this->users->viewer())->get($chapter->getUrl()) ->assertDontSee('Create a new page') ->assertDontSee('Sort the current book'); } @@ -901,7 +901,7 @@ class RolesTest extends TestCase ->addComment($ownPage) ->assertStatus(403); - $this->giveUserPermissions($this->user, ['comment-create-all']); + $this->permissions->grantUserRolePermissions($this->user, ['comment-create-all']); $this->actingAs($this->user) ->addComment($ownPage) @@ -911,7 +911,7 @@ class RolesTest extends TestCase public function test_comment_update_own_permission() { $ownPage = $this->entities->createChainBelongingToUser($this->user)['page']; - $this->giveUserPermissions($this->user, ['comment-create-all']); + $this->permissions->grantUserRolePermissions($this->user, ['comment-create-all']); $this->actingAs($this->user)->addComment($ownPage); /** @var Comment $comment */ $comment = $ownPage->comments()->latest()->first(); @@ -919,7 +919,7 @@ class RolesTest extends TestCase // no comment-update-own $this->actingAs($this->user)->updateComment($comment)->assertStatus(403); - $this->giveUserPermissions($this->user, ['comment-update-own']); + $this->permissions->grantUserRolePermissions($this->user, ['comment-update-own']); // now has comment-update-own $this->actingAs($this->user)->updateComment($comment)->assertOk(); @@ -936,7 +936,7 @@ class RolesTest extends TestCase // no comment-update-all $this->actingAs($this->user)->updateComment($comment)->assertStatus(403); - $this->giveUserPermissions($this->user, ['comment-update-all']); + $this->permissions->grantUserRolePermissions($this->user, ['comment-update-all']); // now has comment-update-all $this->actingAs($this->user)->updateComment($comment)->assertOk(); @@ -946,7 +946,7 @@ class RolesTest extends TestCase { /** @var Page $ownPage */ $ownPage = $this->entities->createChainBelongingToUser($this->user)['page']; - $this->giveUserPermissions($this->user, ['comment-create-all']); + $this->permissions->grantUserRolePermissions($this->user, ['comment-create-all']); $this->actingAs($this->user)->addComment($ownPage); /** @var Comment $comment */ @@ -955,7 +955,7 @@ class RolesTest extends TestCase // no comment-delete-own $this->actingAs($this->user)->deleteComment($comment)->assertStatus(403); - $this->giveUserPermissions($this->user, ['comment-delete-own']); + $this->permissions->grantUserRolePermissions($this->user, ['comment-delete-own']); // now has comment-update-own $this->actingAs($this->user)->deleteComment($comment)->assertOk(); @@ -972,7 +972,7 @@ class RolesTest extends TestCase // no comment-delete-all $this->actingAs($this->user)->deleteComment($comment)->assertStatus(403); - $this->giveUserPermissions($this->user, ['comment-delete-all']); + $this->permissions->grantUserRolePermissions($this->user, ['comment-delete-all']); // now has comment-delete-all $this->actingAs($this->user)->deleteComment($comment)->assertOk(); diff --git a/tests/Permissions/Scenarios/EntityRolePermissionsTest.php b/tests/Permissions/Scenarios/EntityRolePermissionsTest.php new file mode 100644 index 000000000..b92ce620b --- /dev/null +++ b/tests/Permissions/Scenarios/EntityRolePermissionsTest.php @@ -0,0 +1,201 @@ +users->newUserWithRole(); + $page = $this->entities->page(); + $this->permissions->setEntityPermissions($page, ['view'], [$role], false); + + $this->assertVisibleToUser($page, $user); + } + + public function test_02_explicit_deny() + { + [$user, $role] = $this->users->newUserWithRole(); + $page = $this->entities->page(); + $this->permissions->setEntityPermissions($page, [], [$role], false); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_03_same_level_conflicting() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $roleB = $this->users->attachNewRole($user); + $page = $this->entities->page(); + + $this->permissions->disableEntityInheritedPermissions($page); + $this->permissions->addEntityPermission($page, [], $roleA); + $this->permissions->addEntityPermission($page, ['view'], $roleB); + + $this->assertVisibleToUser($page, $user); + } + + public function test_20_inherit_allow() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, ['view'], $roleA); + + $this->assertVisibleToUser($page, $user); + } + + public function test_21_inherit_deny() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, [], $roleA); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_22_same_level_conflict_inherit() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $roleB = $this->users->attachNewRole($user); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, [], $roleA); + $this->permissions->addEntityPermission($chapter, ['view'], $roleB); + + $this->assertVisibleToUser($page, $user); + } + + public function test_30_child_inherit_override_allow() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, [], $roleA); + $this->permissions->addEntityPermission($page, ['view'], $roleA); + + $this->assertVisibleToUser($page, $user); + } + + public function test_31_child_inherit_override_deny() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, ['view'], $roleA); + $this->permissions->addEntityPermission($page, [], $roleA); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_40_multi_role_inherit_conflict_override_deny() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $roleB = $this->users->attachNewRole($user); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($page, [], $roleA); + $this->permissions->addEntityPermission($chapter, ['view'], $roleB); + + $this->assertVisibleToUser($page, $user); + } + + public function test_41_multi_role_inherit_conflict_retain_allow() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $roleB = $this->users->attachNewRole($user); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($page, ['view'], $roleA); + $this->permissions->addEntityPermission($chapter, [], $roleB); + + $this->assertVisibleToUser($page, $user); + } + + public function test_50_role_override_allow() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $page = $this->entities->page(); + $this->permissions->addEntityPermission($page, ['view'], $roleA); + + $this->assertVisibleToUser($page, $user); + } + + public function test_51_role_override_deny() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-all']); + $page = $this->entities->page(); + $this->permissions->addEntityPermission($page, [], $roleA); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_60_inherited_role_override_allow() + { + [$user, $roleA] = $this->users->newUserWithRole([], []); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->addEntityPermission($chapter, ['view'], $roleA); + + $this->assertVisibleToUser($page, $user); + } + + public function test_61_inherited_role_override_deny() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-all']); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->addEntityPermission($chapter, [], $roleA); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_62_inherited_role_override_deny_on_own() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-own']); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->addEntityPermission($chapter, [], $roleA); + $this->permissions->changeEntityOwner($page, $user); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_70_multi_role_inheriting_deny() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-all']); + $roleB = $this->users->attachNewRole($user); + $page = $this->entities->page(); + + $this->permissions->addEntityPermission($page, [], $roleB); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_80_multi_role_inherited_deny_via_parent() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-all']); + $roleB = $this->users->attachNewRole($user); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + + $this->permissions->addEntityPermission($chapter, [], $roleB); + + $this->assertNotVisibleToUser($page, $user); + } +} diff --git a/tests/Permissions/Scenarios/EntityUserPermissionsTest.php b/tests/Permissions/Scenarios/EntityUserPermissionsTest.php new file mode 100644 index 000000000..4fa805805 --- /dev/null +++ b/tests/Permissions/Scenarios/EntityUserPermissionsTest.php @@ -0,0 +1,209 @@ +users->newUser(); + $page = $this->entities->page(); + $this->permissions->disableEntityInheritedPermissions($page); + $this->permissions->addEntityPermission($page, ['view'], null, $user); + + $this->assertVisibleToUser($page, $user); + } + + public function test_02_explicit_deny() + { + $user = $this->users->newUser(); + $page = $this->entities->page(); + $this->permissions->disableEntityInheritedPermissions($page); + $this->permissions->addEntityPermission($page, [], null, $user); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_10_allow_inherit() + { + $user = $this->users->newUser(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, ['view'], null, $user); + + $this->assertVisibleToUser($page, $user); + } + + public function test_11_deny_inherit() + { + $user = $this->users->newUser(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, [], null, $user); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_12_allow_inherit_override() + { + $user = $this->users->newUser(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, [], null, $user); + $this->permissions->addEntityPermission($page, ['view'], null, $user); + + $this->assertVisibleToUser($page, $user); + } + + public function test_13_deny_inherit_override() + { + $user = $this->users->newUser(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, ['view'], null, $user); + $this->permissions->addEntityPermission($page, ['deny'], null, $user); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_40_entity_role_override_allow() + { + [$user, $role] = $this->users->newUserWithRole(); + $page = $this->entities->page(); + $this->permissions->disableEntityInheritedPermissions($page); + $this->permissions->addEntityPermission($page, ['view'], null, $user); + $this->permissions->addEntityPermission($page, [], $role); + + $this->assertVisibleToUser($page, $user); + } + + public function test_41_entity_role_override_deny() + { + [$user, $role] = $this->users->newUserWithRole(); + $page = $this->entities->page(); + $this->permissions->disableEntityInheritedPermissions($page); + $this->permissions->addEntityPermission($page, [], null, $user); + $this->permissions->addEntityPermission($page, ['view'], $role); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_42_entity_role_override_allow_via_inherit() + { + [$user, $role] = $this->users->newUserWithRole(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, ['view'], null, $user); + $this->permissions->addEntityPermission($page, [], $role); + + $this->assertVisibleToUser($page, $user); + } + + public function test_43_entity_role_override_deny_via_inherit() + { + [$user, $role] = $this->users->newUserWithRole(); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->disableEntityInheritedPermissions($chapter); + $this->permissions->addEntityPermission($chapter, [], null, $user); + $this->permissions->addEntityPermission($page, ['view'], $role); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_50_role_override_allow() + { + [$user, $roleA] = $this->users->newUserWithRole(); + $page = $this->entities->page(); + $this->permissions->addEntityPermission($page, ['view'], null, $user); + + $this->assertVisibleToUser($page, $user); + } + + public function test_51_role_override_deny() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-all']); + $page = $this->entities->page(); + $this->permissions->addEntityPermission($page, [], null, $user); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_60_inherited_role_override_allow() + { + [$user, $roleA] = $this->users->newUserWithRole([], []); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->addEntityPermission($chapter, ['view'], null, $user); + + $this->assertVisibleToUser($page, $user); + } + + public function test_61_inherited_role_override_deny() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-all']); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->addEntityPermission($chapter, [], null, $user); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_61_inherited_role_override_deny_on_own() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-own']); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->addEntityPermission($chapter, [], null, $user); + $this->permissions->changeEntityOwner($page, $user); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_70_all_override_allow() + { + [$user, $roleA] = $this->users->newUserWithRole([], []); + $page = $this->entities->page(); + $this->permissions->addEntityPermission($page, [], $roleA, null); + $this->permissions->addEntityPermission($page, ['view'], null, $user); + + $this->assertVisibleToUser($page, $user); + } + + public function test_71_all_override_deny() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-all']); + $page = $this->entities->page(); + $this->permissions->addEntityPermission($page, ['view'], $roleA, null); + $this->permissions->addEntityPermission($page, [], null, $user); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_80_inherited_all_override_allow() + { + [$user, $roleA] = $this->users->newUserWithRole([], []); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->addEntityPermission($chapter, [], $roleA, null); + $this->permissions->addEntityPermission($chapter, ['view'], null, $user); + + $this->assertVisibleToUser($page, $user); + } + + public function test_81_inherited_all_override_deny() + { + [$user, $roleA] = $this->users->newUserWithRole([], ['page-view-all']); + $page = $this->entities->pageWithinChapter(); + $chapter = $page->chapter; + $this->permissions->addEntityPermission($chapter, ['view'], $roleA, null); + $this->permissions->addEntityPermission($chapter, [], null, $user); + + $this->assertNotVisibleToUser($page, $user); + } +} diff --git a/tests/Permissions/Scenarios/PermissionScenarioTestCase.php b/tests/Permissions/Scenarios/PermissionScenarioTestCase.php new file mode 100644 index 000000000..5352f468a --- /dev/null +++ b/tests/Permissions/Scenarios/PermissionScenarioTestCase.php @@ -0,0 +1,38 @@ +actingAs($user); + $funcView = userCan($entity->getMorphClass() . '-view', $entity); + $queryView = $entity->newQuery()->scopes(['visible'])->find($entity->id) !== null; + + $id = $entity->getMorphClass() . ':' . $entity->id; + $msg = "Item [{$id}] should be visible but was not found via "; + $msg .= implode(' and ', array_filter([!$funcView ? 'userCan' : '', !$queryView ? 'query' : ''])); + + static::assertTrue($funcView && $queryView, $msg); + } + + protected function assertNotVisibleToUser(Entity $entity, User $user) + { + $this->actingAs($user); + $funcView = userCan($entity->getMorphClass() . '-view', $entity); + $queryView = $entity->newQuery()->scopes(['visible'])->find($entity->id) !== null; + + $id = $entity->getMorphClass() . ':' . $entity->id; + $msg = "Item [{$id}] should not be visible but was found via "; + $msg .= implode(' and ', array_filter([$funcView ? 'userCan' : '', $queryView ? 'query' : ''])); + + static::assertTrue(!$funcView && !$queryView, $msg); + } +} diff --git a/tests/Permissions/Scenarios/RoleContentPermissionsTest.php b/tests/Permissions/Scenarios/RoleContentPermissionsTest.php new file mode 100644 index 000000000..8b8c9031c --- /dev/null +++ b/tests/Permissions/Scenarios/RoleContentPermissionsTest.php @@ -0,0 +1,59 @@ +users->newUserWithRole([], ['page-view-all']); + $page = $this->entities->page(); + + $this->assertVisibleToUser($page, $user); + } + + public function test_02_deny() + { + [$user] = $this->users->newUserWithRole([], []); + $page = $this->entities->page(); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_10_allow_on_own_with_own() + { + [$user] = $this->users->newUserWithRole([], ['page-view-own']); + $page = $this->entities->page(); + $this->permissions->changeEntityOwner($page, $user); + + $this->assertVisibleToUser($page, $user); + } + + public function test_11_deny_on_other_with_own() + { + [$user] = $this->users->newUserWithRole([], ['page-view-own']); + $page = $this->entities->page(); + $this->permissions->changeEntityOwner($page, $this->users->editor()); + + $this->assertNotVisibleToUser($page, $user); + } + + public function test_20_multiple_role_conflicting_all() + { + [$user] = $this->users->newUserWithRole([], ['page-view-all']); + $this->users->attachNewRole($user, []); + $page = $this->entities->page(); + + $this->assertVisibleToUser($page, $user); + } + + public function test_21_multiple_role_conflicting_own() + { + [$user] = $this->users->newUserWithRole([], ['page-view-own']); + $this->users->attachNewRole($user, []); + $page = $this->entities->page(); + $this->permissions->changeEntityOwner($page, $user); + + $this->assertVisibleToUser($page, $user); + } +} diff --git a/tests/PublicActionTest.php b/tests/PublicActionTest.php index 7e3f7be00..afc7fcef3 100644 --- a/tests/PublicActionTest.php +++ b/tests/PublicActionTest.php @@ -2,7 +2,6 @@ namespace Tests; -use BookStack\Auth\Permissions\JointPermissionBuilder; use BookStack\Auth\Permissions\RolePermission; use BookStack\Auth\Role; use BookStack\Auth\User; @@ -89,7 +88,6 @@ class PublicActionTest extends TestCase foreach (RolePermission::all() as $perm) { $publicRole->attachPermission($perm); } - $this->app->make(JointPermissionBuilder::class)->rebuildForRole($publicRole); user()->clearPermissionCache(); $chapter = $this->entities->chapter(); @@ -173,7 +171,7 @@ class PublicActionTest extends TestCase { $this->setSettings(['app-public' => 'true']); $book = $this->entities->book(); - $this->entities->setPermissions($book); + $this->permissions->setEntityPermissions($book); $resp = $this->get($book->getUrl()); $resp->assertSee('Book not found'); diff --git a/tests/References/ReferencesTest.php b/tests/References/ReferencesTest.php index 148b2197c..4330598ba 100644 --- a/tests/References/ReferencesTest.php +++ b/tests/References/ReferencesTest.php @@ -91,7 +91,7 @@ class ReferencesTest extends TestCase $pageB = $this->entities->page(); $this->createReference($pageB, $page); - $this->entities->setPermissions($pageB); + $this->permissions->setEntityPermissions($pageB); $this->asEditor()->get($page->getUrl('/references'))->assertDontSee($pageB->name); $this->asAdmin()->get($page->getUrl('/references'))->assertSee($pageB->name); diff --git a/tests/Settings/RecycleBinTest.php b/tests/Settings/RecycleBinTest.php index 990df607e..8adc92f25 100644 --- a/tests/Settings/RecycleBinTest.php +++ b/tests/Settings/RecycleBinTest.php @@ -14,7 +14,7 @@ class RecycleBinTest extends TestCase public function test_recycle_bin_routes_permissions() { $page = $this->entities->page(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor)->delete($page->getUrl()); $deletion = Deletion::query()->firstOrFail(); @@ -33,7 +33,7 @@ class RecycleBinTest extends TestCase $this->assertPermissionError($resp); } - $this->giveUserPermissions($editor, ['restrictions-manage-all']); + $this->permissions->grantUserRolePermissions($editor, ['restrictions-manage-all']); foreach ($routes as $route) { [$method, $url] = explode(':', $route); @@ -41,7 +41,7 @@ class RecycleBinTest extends TestCase $this->assertPermissionError($resp); } - $this->giveUserPermissions($editor, ['settings-manage']); + $this->permissions->grantUserRolePermissions($editor, ['settings-manage']); foreach ($routes as $route) { DB::beginTransaction(); @@ -56,7 +56,7 @@ class RecycleBinTest extends TestCase { $page = $this->entities->page(); $book = Book::query()->whereHas('pages')->whereHas('chapters')->withCount(['pages', 'chapters'])->first(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor)->delete($page->getUrl()); $this->actingAs($editor)->delete($book->getUrl()); @@ -73,7 +73,7 @@ class RecycleBinTest extends TestCase { $page = $this->entities->page(); $book = Book::query()->where('id', '!=', $page->book_id)->whereHas('pages')->whereHas('chapters')->with(['pages', 'chapters'])->firstOrFail(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor)->delete($page->getUrl()); $this->actingAs($editor)->delete($book->getUrl()); diff --git a/tests/Settings/RegenerateReferencesTest.php b/tests/Settings/RegenerateReferencesTest.php index 0f3122074..239f50e76 100644 --- a/tests/Settings/RegenerateReferencesTest.php +++ b/tests/Settings/RegenerateReferencesTest.php @@ -32,11 +32,11 @@ class RegenerateReferencesTest extends TestCase public function test_settings_manage_permission_required() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->actingAs($editor)->post('/settings/maintenance/regenerate-references'); $this->assertPermissionError($resp); - $this->giveUserPermissions($editor, ['settings-manage']); + $this->permissions->grantUserRolePermissions($editor, ['settings-manage']); $resp = $this->actingAs($editor)->post('/settings/maintenance/regenerate-references'); $this->assertNotPermissionError($resp); diff --git a/tests/Settings/TestEmailTest.php b/tests/Settings/TestEmailTest.php index 31c51158f..322f90107 100644 --- a/tests/Settings/TestEmailTest.php +++ b/tests/Settings/TestEmailTest.php @@ -20,7 +20,7 @@ class TestEmailTest extends TestCase public function test_send_test_email_endpoint_sends_email_and_redirects_user_and_shows_notification() { Notification::fake(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $sendReq = $this->actingAs($admin)->post('/settings/maintenance/send-test-email'); $sendReq->assertRedirect('/settings/maintenance#image-cleanup'); @@ -37,7 +37,7 @@ class TestEmailTest extends TestCase $exception = new \Exception('A random error occurred when testing an email'); $mockDispatcher->shouldReceive('sendNow')->andThrow($exception); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $sendReq = $this->actingAs($admin)->post('/settings/maintenance/send-test-email'); $sendReq->assertRedirect('/settings/maintenance#image-cleanup'); $this->assertSessionHas('error'); @@ -50,12 +50,12 @@ class TestEmailTest extends TestCase public function test_send_test_email_requires_settings_manage_permission() { Notification::fake(); - $user = $this->getViewer(); + $user = $this->users->viewer(); $sendReq = $this->actingAs($user)->post('/settings/maintenance/send-test-email'); Notification::assertNothingSent(); - $this->giveUserPermissions($user, ['settings-manage']); + $this->permissions->grantUserRolePermissions($user, ['settings-manage']); $sendReq = $this->actingAs($user)->post('/settings/maintenance/send-test-email'); Notification::assertSentTo($user, TestEmail::class); } diff --git a/tests/TestCase.php b/tests/TestCase.php index d0dd7d772..70fd0da1d 100644 --- a/tests/TestCase.php +++ b/tests/TestCase.php @@ -2,11 +2,6 @@ namespace Tests; -use BookStack\Auth\Permissions\JointPermissionBuilder; -use BookStack\Auth\Permissions\PermissionsRepo; -use BookStack\Auth\Permissions\RolePermission; -use BookStack\Auth\Role; -use BookStack\Auth\User; use BookStack\Entities\Models\Entity; use BookStack\Settings\SettingService; use BookStack\Uploads\HttpFetcher; @@ -22,12 +17,15 @@ use Illuminate\Support\Env; use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Log; use Illuminate\Testing\Assert as PHPUnit; +use Mockery; use Monolog\Handler\TestHandler; use Monolog\Logger; use Psr\Http\Client\ClientInterface; use Ssddanbrown\AssertHtml\TestsHtml; use Tests\Helpers\EntityProvider; +use Tests\Helpers\PermissionsProvider; use Tests\Helpers\TestServiceProvider; +use Tests\Helpers\UserRoleProvider; abstract class TestCase extends BaseTestCase { @@ -35,13 +33,16 @@ abstract class TestCase extends BaseTestCase use DatabaseTransactions; use TestsHtml; - protected ?User $admin = null; - protected ?User $editor = null; protected EntityProvider $entities; + protected UserRoleProvider $users; + protected PermissionsProvider $permissions; protected function setUp(): void { $this->entities = new EntityProvider(); + $this->users = new UserRoleProvider(); + $this->permissions = new PermissionsProvider($this->users); + parent::setUp(); } @@ -70,20 +71,7 @@ abstract class TestCase extends BaseTestCase */ public function asAdmin() { - return $this->actingAs($this->getAdmin()); - } - - /** - * Get the current admin user. - */ - public function getAdmin(): User - { - if (is_null($this->admin)) { - $adminRole = Role::getSystemRole('admin'); - $this->admin = $adminRole->users->first(); - } - - return $this->admin; + return $this->actingAs($this->users->admin()); } /** @@ -91,20 +79,7 @@ abstract class TestCase extends BaseTestCase */ public function asEditor() { - return $this->actingAs($this->getEditor()); - } - - /** - * Get a editor user. - */ - protected function getEditor(): User - { - if ($this->editor === null) { - $editorRole = Role::getRole('editor'); - $this->editor = $editorRole->users->first(); - } - - return $this->editor; + return $this->actingAs($this->users->editor()); } /** @@ -112,28 +87,7 @@ abstract class TestCase extends BaseTestCase */ public function asViewer() { - return $this->actingAs($this->getViewer()); - } - - /** - * Get an instance of a user with 'viewer' permissions. - */ - protected function getViewer(array $attributes = []): User - { - $user = Role::getRole('viewer')->users()->first(); - if (!empty($attributes)) { - $user->forceFill($attributes)->save(); - } - - return $user; - } - - /** - * Get a user that's not a system user such as the guest user. - */ - public function getNormalUser(): User - { - return User::query()->where('system_name', '=', null)->get()->last(); + return $this->actingAs($this->users->viewer()); } /** @@ -147,52 +101,6 @@ abstract class TestCase extends BaseTestCase } } - /** - * Give the given user some permissions. - */ - protected function giveUserPermissions(User $user, array $permissions = []): void - { - $newRole = $this->createNewRole($permissions); - $user->attachRole($newRole); - $user->load('roles'); - $user->clearPermissionCache(); - } - - /** - * Completely remove the given permission name from the given user. - */ - protected function removePermissionFromUser(User $user, string $permissionName) - { - $permissionBuilder = app()->make(JointPermissionBuilder::class); - - /** @var RolePermission $permission */ - $permission = RolePermission::query()->where('name', '=', $permissionName)->firstOrFail(); - - $roles = $user->roles()->whereHas('permissions', function ($query) use ($permission) { - $query->where('id', '=', $permission->id); - })->get(); - - /** @var Role $role */ - foreach ($roles as $role) { - $role->detachPermission($permission); - $permissionBuilder->rebuildForRole($role); - } - - $user->clearPermissionCache(); - } - - /** - * Create a new basic role for testing purposes. - */ - protected function createNewRole(array $permissions = []): Role - { - $permissionRepo = app(PermissionsRepo::class); - $roleData = Role::factory()->make()->toArray(); - $roleData['permissions'] = array_flip($permissions); - - return $permissionRepo->saveNewRole($roleData); - } - /** * Mock the HttpFetcher service and return the given data on fetch. */ diff --git a/tests/ThemeTest.php b/tests/ThemeTest.php index efab53379..ee4f20f30 100644 --- a/tests/ThemeTest.php +++ b/tests/ThemeTest.php @@ -36,7 +36,7 @@ class ThemeTest extends TestCase '; file_put_contents($translationPath . '/entities.php', $customTranslations); - $homeRequest = $this->actingAs($this->getViewer())->get('/'); + $homeRequest = $this->actingAs($this->users->viewer())->get('/'); $this->withHtml($homeRequest)->assertElementContains('header nav', 'Sandwiches'); }); } diff --git a/tests/Unit/FrameworkAssumptionTest.php b/tests/Unit/FrameworkAssumptionTest.php index 54d315de9..d4feff60c 100644 --- a/tests/Unit/FrameworkAssumptionTest.php +++ b/tests/Unit/FrameworkAssumptionTest.php @@ -25,7 +25,7 @@ class FrameworkAssumptionTest extends TestCase // Page has SoftDeletes trait by default, so we apply our custom scope and ensure // it stacks on the global scope to filter out deleted items. $query = Page::query()->scopes('visible')->toSql(); - $this->assertStringContainsString('joint_permissions', $query); + $this->assertStringContainsString('entity_permissions_collapsed', $query); $this->assertStringContainsString('`deleted_at` is null', $query); } } diff --git a/tests/Uploads/AttachmentTest.php b/tests/Uploads/AttachmentTest.php index b6fcb8f69..f2f30ff2e 100644 --- a/tests/Uploads/AttachmentTest.php +++ b/tests/Uploads/AttachmentTest.php @@ -75,7 +75,7 @@ class AttachmentTest extends TestCase { $page = $this->entities->page(); $this->asAdmin(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $fileName = 'upload_test_file.txt'; $expectedResp = [ @@ -137,7 +137,7 @@ class AttachmentTest extends TestCase public function test_attaching_link_to_page() { $page = $this->entities->page(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $this->asAdmin(); $linkReq = $this->call('POST', 'attachments/link', [ @@ -245,15 +245,15 @@ class AttachmentTest extends TestCase public function test_attachment_access_without_permission_shows_404() { - $admin = $this->getAdmin(); - $viewer = $this->getViewer(); + $admin = $this->users->admin(); + $viewer = $this->users->viewer(); $page = $this->entities->page(); /** @var Page $page */ $this->actingAs($admin); $fileName = 'permission_test.txt'; $this->uploadFile($fileName, $page->id); $attachment = Attachment::orderBy('id', 'desc')->take(1)->first(); - $this->entities->setPermissions($page, [], []); + $this->permissions->setEntityPermissions($page, [], []); $this->actingAs($viewer); $attachmentGet = $this->get($attachment->getUrl()); diff --git a/tests/Uploads/DrawioTest.php b/tests/Uploads/DrawioTest.php index 2ed4da7ca..080f05d74 100644 --- a/tests/Uploads/DrawioTest.php +++ b/tests/Uploads/DrawioTest.php @@ -30,7 +30,7 @@ class DrawioTest extends TestCase public function test_drawing_base64_upload() { $page = Page::first(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); $upload = $this->postJson('images/drawio', [ @@ -58,7 +58,7 @@ class DrawioTest extends TestCase { config()->set('services.drawio', 'http://cats.com?dog=tree'); $page = Page::first(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->actingAs($editor)->get($page->getUrl('/edit')); $resp->assertSee('drawio-url="http://cats.com?dog=tree"', false); @@ -68,7 +68,7 @@ class DrawioTest extends TestCase { config()->set('services.drawio', true); $page = Page::first(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->actingAs($editor)->get($page->getUrl('/edit')); $resp->assertSee('drawio-url="https://embed.diagrams.net/?embed=1&proto=json&spin=1&configure=1"', false); diff --git a/tests/Uploads/ImageTest.php b/tests/Uploads/ImageTest.php index 0e4065a82..c6e678ff2 100644 --- a/tests/Uploads/ImageTest.php +++ b/tests/Uploads/ImageTest.php @@ -16,7 +16,7 @@ class ImageTest extends TestCase public function test_image_upload() { $page = $this->entities->page(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $this->actingAs($admin); $imgDetails = $this->uploadGalleryImage($page); @@ -40,7 +40,7 @@ class ImageTest extends TestCase public function test_image_display_thumbnail_generation_does_not_increase_image_size() { $page = $this->entities->page(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $this->actingAs($admin); $originalFile = $this->getTestImageFilePath('compressed.png'); @@ -64,7 +64,7 @@ class ImageTest extends TestCase public function test_image_display_thumbnail_generation_for_apng_images_uses_original_file() { $page = $this->entities->page(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $this->actingAs($admin); $imgDetails = $this->uploadGalleryImage($page, 'animated.png'); @@ -76,7 +76,7 @@ class ImageTest extends TestCase public function test_image_edit() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); $imgDetails = $this->uploadGalleryImage(); @@ -126,7 +126,7 @@ class ImageTest extends TestCase public function test_image_usage() { $page = $this->entities->page(); - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); $imgDetails = $this->uploadGalleryImage($page); @@ -146,7 +146,7 @@ class ImageTest extends TestCase public function test_php_files_cannot_be_uploaded() { $page = $this->entities->page(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $this->actingAs($admin); $fileName = 'bad.php'; @@ -168,7 +168,7 @@ class ImageTest extends TestCase public function test_php_like_files_cannot_be_uploaded() { $page = $this->entities->page(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $this->actingAs($admin); $fileName = 'bad.phtml'; @@ -185,7 +185,7 @@ class ImageTest extends TestCase public function test_files_with_double_extensions_will_get_sanitized() { $page = $this->entities->page(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $this->actingAs($admin); $fileName = 'bad.phtml.png'; @@ -358,7 +358,7 @@ class ImageTest extends TestCase $this->get($expectedUrl)->assertOk(); - $this->entities->setPermissions($page, [], []); + $this->permissions->setEntityPermissions($page, [], []); $resp = $this->get($expectedUrl); $resp->assertNotFound(); @@ -382,7 +382,7 @@ class ImageTest extends TestCase $this->get($expectedUrl)->assertOk(); - $this->entities->setPermissions($page, [], []); + $this->permissions->setEntityPermissions($page, [], []); $resp = $this->get($expectedUrl); $resp->assertNotFound(); @@ -415,7 +415,7 @@ class ImageTest extends TestCase $export = $this->get($pageB->getUrl('/export/html')); $this->assertStringContainsString($encodedImageContent, $export->getContent()); - $this->entities->setPermissions($pageA, [], []); + $this->permissions->setEntityPermissions($pageA, [], []); $export = $this->get($pageB->getUrl('/export/html')); $this->assertStringNotContainsString($encodedImageContent, $export->getContent()); @@ -479,7 +479,7 @@ class ImageTest extends TestCase $imageName = 'first-image.png'; $relPath = $this->getTestImagePath('gallery', $imageName); $this->deleteImage($relPath); - $viewer = $this->getViewer(); + $viewer = $this->users->viewer(); $this->uploadImage($imageName, $page->id); $image = Image::first(); @@ -490,7 +490,7 @@ class ImageTest extends TestCase $resp = $this->actingAs($viewer)->get("/images/edit/{$image->id}"); $this->withHtml($resp)->assertElementNotExists('button#image-manager-delete[title="Delete"]'); - $this->giveUserPermissions($viewer, ['image-delete-all']); + $this->permissions->grantUserRolePermissions($viewer, ['image-delete-all']); $resp = $this->actingAs($viewer)->get("/images/edit/{$image->id}"); $this->withHtml($resp)->assertElementExists('button#image-manager-delete[title="Delete"]'); @@ -509,8 +509,8 @@ class ImageTest extends TestCase public function test_user_image_upload() { - $editor = $this->getEditor(); - $admin = $this->getAdmin(); + $editor = $this->users->editor(); + $admin = $this->users->admin(); $this->actingAs($admin); $file = $this->getTestProfileImage(); @@ -525,7 +525,7 @@ class ImageTest extends TestCase public function test_user_images_deleted_on_user_deletion() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); $file = $this->getTestProfileImage(); @@ -555,7 +555,7 @@ class ImageTest extends TestCase public function test_deleted_unused_images() { $page = $this->entities->page(); - $admin = $this->getAdmin(); + $admin = $this->users->admin(); $this->actingAs($admin); $imageName = 'unused-image.png'; diff --git a/tests/User/UserApiTokenTest.php b/tests/User/UserApiTokenTest.php index 716f3614c..93070b712 100644 --- a/tests/User/UserApiTokenTest.php +++ b/tests/User/UserApiTokenTest.php @@ -16,12 +16,12 @@ class UserApiTokenTest extends TestCase public function test_tokens_section_not_visible_without_access_api_permission() { - $user = $this->getViewer(); + $user = $this->users->viewer(); $resp = $this->actingAs($user)->get($user->getEditUrl()); $resp->assertDontSeeText('API Tokens'); - $this->giveUserPermissions($user, ['access-api']); + $this->permissions->grantUserRolePermissions($user, ['access-api']); $resp = $this->actingAs($user)->get($user->getEditUrl()); $resp->assertSeeText('API Tokens'); @@ -30,9 +30,9 @@ class UserApiTokenTest extends TestCase public function test_those_with_manage_users_can_view_other_user_tokens_but_not_create() { - $viewer = $this->getViewer(); - $editor = $this->getEditor(); - $this->giveUserPermissions($viewer, ['users-manage']); + $viewer = $this->users->viewer(); + $editor = $this->users->editor(); + $this->permissions->grantUserRolePermissions($viewer, ['users-manage']); $resp = $this->actingAs($viewer)->get($editor->getEditUrl()); $resp->assertSeeText('API Tokens'); @@ -41,7 +41,7 @@ class UserApiTokenTest extends TestCase public function test_create_api_token() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->asAdmin()->get($editor->getEditUrl('/create-api-token')); $resp->assertStatus(200); @@ -74,7 +74,7 @@ class UserApiTokenTest extends TestCase public function test_create_with_no_expiry_sets_expiry_hundred_years_away() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->asAdmin()->post($editor->getEditUrl('/create-api-token'), ['name' => 'No expiry token', 'expires_at' => '']); $token = ApiToken::query()->latest()->first(); @@ -88,7 +88,7 @@ class UserApiTokenTest extends TestCase public function test_created_token_displays_on_profile_page() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->asAdmin()->post($editor->getEditUrl('/create-api-token'), $this->testTokenData); $token = ApiToken::query()->latest()->first(); @@ -101,7 +101,7 @@ class UserApiTokenTest extends TestCase public function test_secret_shown_once_after_creation() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->asAdmin()->followingRedirects()->post($editor->getEditUrl('/create-api-token'), $this->testTokenData); $resp->assertSeeText('Token Secret'); @@ -114,7 +114,7 @@ class UserApiTokenTest extends TestCase public function test_token_update() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->asAdmin()->post($editor->getEditUrl('/create-api-token'), $this->testTokenData); $token = ApiToken::query()->latest()->first(); $updateData = [ @@ -132,7 +132,7 @@ class UserApiTokenTest extends TestCase public function test_token_update_with_blank_expiry_sets_to_hundred_years_away() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->asAdmin()->post($editor->getEditUrl('/create-api-token'), $this->testTokenData); $token = ApiToken::query()->latest()->first(); @@ -152,7 +152,7 @@ class UserApiTokenTest extends TestCase public function test_token_delete() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->asAdmin()->post($editor->getEditUrl('/create-api-token'), $this->testTokenData); $token = ApiToken::query()->latest()->first(); @@ -171,9 +171,9 @@ class UserApiTokenTest extends TestCase public function test_user_manage_can_delete_token_without_api_permission_themselves() { - $viewer = $this->getViewer(); - $editor = $this->getEditor(); - $this->giveUserPermissions($editor, ['users-manage']); + $viewer = $this->users->viewer(); + $editor = $this->users->editor(); + $this->permissions->grantUserRolePermissions($editor, ['users-manage']); $this->asAdmin()->post($viewer->getEditUrl('/create-api-token'), $this->testTokenData); $token = ApiToken::query()->latest()->first(); diff --git a/tests/User/UserManagementTest.php b/tests/User/UserManagementTest.php index b5cd764da..1c5c040da 100644 --- a/tests/User/UserManagementTest.php +++ b/tests/User/UserManagementTest.php @@ -46,7 +46,7 @@ class UserManagementTest extends TestCase public function test_user_updating() { - $user = $this->getNormalUser(); + $user = $this->users->viewer(); $password = $user->password; $resp = $this->asAdmin()->get('/settings/users/' . $user->id); @@ -65,7 +65,7 @@ class UserManagementTest extends TestCase public function test_user_password_update() { - $user = $this->getNormalUser(); + $user = $this->users->viewer(); $userProfilePage = '/settings/users/' . $user->id; $this->asAdmin()->get($userProfilePage); @@ -113,7 +113,7 @@ class UserManagementTest extends TestCase public function test_delete() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->asAdmin()->delete("settings/users/{$editor->id}"); $resp->assertRedirect('/settings/users'); $resp = $this->followRedirects($resp); @@ -126,7 +126,7 @@ class UserManagementTest extends TestCase public function test_delete_offers_migrate_option() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->asAdmin()->get("settings/users/{$editor->id}/delete"); $resp->assertSee('Migrate Ownership'); $resp->assertSee('new_owner_id'); @@ -134,13 +134,13 @@ class UserManagementTest extends TestCase public function test_migrate_option_hidden_if_user_cannot_manage_users() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $resp = $this->asEditor()->get("settings/users/{$editor->id}/delete"); $resp->assertDontSee('Migrate Ownership'); $resp->assertDontSee('new_owner_id'); - $this->giveUserPermissions($editor, ['users-manage']); + $this->permissions->grantUserRolePermissions($editor, ['users-manage']); $resp = $this->asEditor()->get("settings/users/{$editor->id}/delete"); $resp->assertSee('Migrate Ownership'); @@ -162,7 +162,7 @@ class UserManagementTest extends TestCase public function test_delete_removes_user_preferences() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); setting()->putUser($editor, 'dark-mode-enabled', 'true'); $this->assertDatabaseHas('settings', [ @@ -253,7 +253,7 @@ class UserManagementTest extends TestCase public function test_user_create_update_fails_if_locale_is_invalid() { - $user = $this->getEditor(); + $user = $this->users->editor(); // Too long $resp = $this->asAdmin()->put($user->getEditUrl(), ['language' => 'this_is_too_long']); @@ -274,34 +274,4 @@ class UserManagementTest extends TestCase $resp->assertSessionHasErrors(['language' => 'The language may not be greater than 15 characters.']); $resp->assertSessionHasErrors(['language' => 'The language may only contain letters, numbers, dashes and underscores.']); } - - public function test_role_removal_on_user_edit_removes_all_role_assignments() - { - $user = $this->getEditor(); - - $this->assertEquals(1, $user->roles()->count()); - - // A roles[0] hidden fields is used to indicate the existence of role selection in the submission - // of the user edit form. We check that field is used and emulate its submission. - $resp = $this->asAdmin()->get("/settings/users/{$user->id}"); - $this->withHtml($resp)->assertElementExists('input[type="hidden"][name="roles[0]"][value="0"]'); - - $resp = $this->asAdmin()->put("/settings/users/{$user->id}", [ - 'name' => $user->name, - 'email' => $user->email, - 'roles' => ['0' => '0'], - ]); - $resp->assertRedirect("/settings/users"); - - $this->assertEquals(0, $user->roles()->count()); - } - - public function test_role_form_hidden_indicator_field_does_not_exist_where_roles_cannot_be_managed() - { - $user = $this->getEditor(); - $resp = $this->actingAs($user)->get("/settings/users/{$user->id}"); - $html = $this->withHtml($resp); - $html->assertElementExists('input[name="email"]'); - $html->assertElementNotExists('input[type="hidden"][name="roles[0]"]'); - } } diff --git a/tests/User/UserPreferencesTest.php b/tests/User/UserPreferencesTest.php index 03dad7990..e47a259a5 100644 --- a/tests/User/UserPreferencesTest.php +++ b/tests/User/UserPreferencesTest.php @@ -36,7 +36,7 @@ class UserPreferencesTest extends TestCase public function test_body_has_shortcuts_component_when_active() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); $this->withHtml($this->get('/'))->assertElementNotExists('body[component="shortcuts"]'); @@ -47,7 +47,7 @@ class UserPreferencesTest extends TestCase public function test_update_sort_preference() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); $updateRequest = $this->patch('/preferences/change-sort/books', [ @@ -70,7 +70,7 @@ class UserPreferencesTest extends TestCase public function test_update_sort_bad_entity_type_handled() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); $updateRequest = $this->patch('/preferences/change-sort/dogs', [ @@ -85,7 +85,7 @@ class UserPreferencesTest extends TestCase public function test_update_expansion_preference() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $this->actingAs($editor); $updateRequest = $this->patch('/preferences/change-expansion/home-details', ['expand' => 'true']); @@ -103,7 +103,7 @@ class UserPreferencesTest extends TestCase public function test_toggle_dark_mode() { - $home = $this->actingAs($this->getEditor())->get('/'); + $home = $this->actingAs($this->users->editor())->get('/'); $home->assertSee('Dark Mode'); $this->withHtml($home)->assertElementNotExists('.dark-mode'); @@ -112,7 +112,7 @@ class UserPreferencesTest extends TestCase $prefChange->assertRedirect(); $this->assertEquals(true, setting()->getForCurrentUser('dark-mode-enabled')); - $home = $this->actingAs($this->getEditor())->get('/'); + $home = $this->actingAs($this->users->editor())->get('/'); $this->withHtml($home)->assertElementExists('.dark-mode'); $home->assertDontSee('Dark Mode'); $home->assertSee('Light Mode'); @@ -133,7 +133,7 @@ class UserPreferencesTest extends TestCase public function test_books_view_type_preferences_when_list() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); setting()->putUser($editor, 'books_view_type', 'list'); $resp = $this->actingAs($editor)->get('/books'); @@ -144,7 +144,7 @@ class UserPreferencesTest extends TestCase public function test_books_view_type_preferences_when_grid() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); setting()->putUser($editor, 'books_view_type', 'grid'); $resp = $this->actingAs($editor)->get('/books'); @@ -153,7 +153,7 @@ class UserPreferencesTest extends TestCase public function test_shelf_view_type_change() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $shelf = $this->entities->shelf(); setting()->putUser($editor, 'bookshelf_view_type', 'list'); @@ -175,7 +175,7 @@ class UserPreferencesTest extends TestCase public function test_update_code_language_favourite() { - $editor = $this->getEditor(); + $editor = $this->users->editor(); $page = $this->entities->page(); $this->actingAs($editor); diff --git a/tests/User/UserProfileTest.php b/tests/User/UserProfileTest.php index 77f1644a5..c507e8fa6 100644 --- a/tests/User/UserProfileTest.php +++ b/tests/User/UserProfileTest.php @@ -88,8 +88,8 @@ class UserProfileTest extends TestCase public function test_profile_has_search_links_in_created_entity_lists() { - $user = $this->getEditor(); - $resp = $this->actingAs($this->getAdmin())->get('/user/' . $user->slug); + $user = $this->users->editor(); + $resp = $this->actingAs($this->users->admin())->get('/user/' . $user->slug); $expectedLinks = [ '/search?term=%7Bcreated_by%3A' . $user->slug . '%7D+%7Btype%3Apage%7D', diff --git a/tests/User/UserSearchTest.php b/tests/User/UserSearchTest.php index 243af1186..1b3ca8a35 100644 --- a/tests/User/UserSearchTest.php +++ b/tests/User/UserSearchTest.php @@ -9,8 +9,8 @@ class UserSearchTest extends TestCase { public function test_select_search_matches_by_name() { - $viewer = $this->getViewer(); - $admin = $this->getAdmin(); + $viewer = $this->users->viewer(); + $admin = $this->users->admin(); $resp = $this->actingAs($admin)->get('/search/users/select?search=' . urlencode($viewer->name)); $resp->assertOk(); @@ -30,8 +30,8 @@ class UserSearchTest extends TestCase public function test_select_search_does_not_match_by_email() { - $viewer = $this->getViewer(); - $editor = $this->getEditor(); + $viewer = $this->users->viewer(); + $editor = $this->users->editor(); $resp = $this->actingAs($editor)->get('/search/users/select?search=' . urlencode($viewer->email)); $resp->assertDontSee($viewer->name); @@ -40,13 +40,13 @@ class UserSearchTest extends TestCase public function test_select_requires_right_permission() { $permissions = ['users-manage', 'restrictions-manage-own', 'restrictions-manage-all']; - $user = $this->getViewer(); + $user = $this->users->viewer(); foreach ($permissions as $permission) { $resp = $this->actingAs($user)->get('/search/users/select?search=a'); $this->assertPermissionError($resp); - $this->giveUserPermissions($user, [$permission]); + $this->permissions->grantUserRolePermissions($user, [$permission]); $resp = $this->actingAs($user)->get('/search/users/select?search=a'); $resp->assertOk(); $user->roles()->delete(); @@ -58,7 +58,7 @@ class UserSearchTest extends TestCase { $this->setSettings(['app-public' => true]); $defaultUser = User::getDefault(); - $this->giveUserPermissions($defaultUser, ['users-manage']); + $this->permissions->grantUserRolePermissions($defaultUser, ['users-manage']); $resp = $this->get('/search/users/select?search=a'); $this->assertPermissionError($resp);