diff --git a/app/Entities/Tools/ExportFormatter.php b/app/Entities/Tools/ExportFormatter.php
index 9cf8b56af..eb8f6862f 100644
--- a/app/Entities/Tools/ExportFormatter.php
+++ b/app/Entities/Tools/ExportFormatter.php
@@ -204,7 +204,7 @@ class ExportFormatter
{
$text = $chapter->name . "\n\n";
$text .= $chapter->description . "\n\n";
- foreach ($chapter->pages as $page) {
+ foreach ($chapter->getVisiblePages() as $page) {
$text .= $this->pageToPlainText($page);
}
return $text;
@@ -215,7 +215,7 @@ class ExportFormatter
*/
public function bookToPlainText(Book $book): string
{
- $bookTree = (new BookContents($book))->getTree(false, true);
+ $bookTree = (new BookContents($book))->getTree(false, false);
$text = $book->name . "\n\n";
foreach ($bookTree as $bookChild) {
if ($bookChild->isA('chapter')) {
diff --git a/app/Uploads/ImageRepo.php b/app/Uploads/ImageRepo.php
index 087fe67c9..b4d743b73 100644
--- a/app/Uploads/ImageRepo.php
+++ b/app/Uploads/ImageRepo.php
@@ -112,7 +112,7 @@ class ImageRepo
if ($filterType === 'page') {
$query->where('uploaded_to', '=', $contextPage->id);
} elseif ($filterType === 'book') {
- $validPageIds = $contextPage->book->pages()->get(['id'])->pluck('id')->toArray();
+ $validPageIds = $contextPage->book->pages()->visible()->get(['id'])->pluck('id')->toArray();
$query->whereIn('uploaded_to', $validPageIds);
}
};
diff --git a/tests/Permissions/ExportPermissionsTest.php b/tests/Permissions/ExportPermissionsTest.php
new file mode 100644
index 000000000..32ee9e7d6
--- /dev/null
+++ b/tests/Permissions/ExportPermissionsTest.php
@@ -0,0 +1,67 @@
+first();
+ $page = $chapter->pages()->firstOrFail();
+ $pageContent = Str::random(48);
+ $page->html = '' . $pageContent . '
';
+ $page->save();
+ $viewer = $this->getViewer();
+ $this->actingAs($viewer);
+ $formats = ['html', 'plaintext'];
+
+ foreach ($formats as $format) {
+ $resp = $this->get($chapter->getUrl("export/{$format}"));
+ $resp->assertStatus(200);
+ $resp->assertSee($page->name);
+ $resp->assertSee($pageContent);
+ }
+
+ $this->setEntityRestrictions($page, []);
+
+ foreach ($formats as $format) {
+ $resp = $this->get($chapter->getUrl("export/{$format}"));
+ $resp->assertStatus(200);
+ $resp->assertDontSee($page->name);
+ $resp->assertDontSee($pageContent);
+ }
+ }
+
+ public function test_page_content_without_view_access_hidden_on_book_export()
+ {
+ $book = Book::query()->first();
+ $page = $book->pages()->firstOrFail();
+ $pageContent = Str::random(48);
+ $page->html = '' . $pageContent . '
';
+ $page->save();
+ $viewer = $this->getViewer();
+ $this->actingAs($viewer);
+ $formats = ['html', 'plaintext'];
+
+ foreach ($formats as $format) {
+ $resp = $this->get($book->getUrl("export/{$format}"));
+ $resp->assertStatus(200);
+ $resp->assertSee($page->name);
+ $resp->assertSee($pageContent);
+ }
+
+ $this->setEntityRestrictions($page, []);
+
+ foreach ($formats as $format) {
+ $resp = $this->get($book->getUrl("export/{$format}"));
+ $resp->assertStatus(200);
+ $resp->assertDontSee($page->name);
+ $resp->assertDontSee($pageContent);
+ }
+ }
+
+}
\ No newline at end of file