mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
404: Fixed entity list issue with entity with non-visible parent
Adds our mixed entity list loader to popular queries for more efficient loading.
This commit is contained in:
parent
2009d4d6a8
commit
f5f96f84e7
@ -4,10 +4,8 @@ namespace BookStack\Entities\Queries;
|
|||||||
|
|
||||||
use BookStack\Activity\Models\View;
|
use BookStack\Activity\Models\View;
|
||||||
use BookStack\Entities\EntityProvider;
|
use BookStack\Entities\EntityProvider;
|
||||||
use BookStack\Entities\Models\BookChild;
|
use BookStack\Entities\Tools\MixedEntityListLoader;
|
||||||
use BookStack\Entities\Models\Entity;
|
|
||||||
use BookStack\Permissions\PermissionApplicator;
|
use BookStack\Permissions\PermissionApplicator;
|
||||||
use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
|
||||||
use Illuminate\Support\Collection;
|
use Illuminate\Support\Collection;
|
||||||
use Illuminate\Support\Facades\DB;
|
use Illuminate\Support\Facades\DB;
|
||||||
|
|
||||||
@ -16,10 +14,11 @@ class QueryPopular
|
|||||||
public function __construct(
|
public function __construct(
|
||||||
protected PermissionApplicator $permissions,
|
protected PermissionApplicator $permissions,
|
||||||
protected EntityProvider $entityProvider,
|
protected EntityProvider $entityProvider,
|
||||||
|
protected MixedEntityListLoader $listLoader,
|
||||||
) {
|
) {
|
||||||
}
|
}
|
||||||
|
|
||||||
public function run(int $count, int $page, array $filterModels = null)
|
public function run(int $count, int $page, array $filterModels = null): Collection
|
||||||
{
|
{
|
||||||
$query = $this->permissions
|
$query = $this->permissions
|
||||||
->restrictEntityRelationQuery(View::query(), 'views', 'viewable_id', 'viewable_type')
|
->restrictEntityRelationQuery(View::query(), 'views', 'viewable_id', 'viewable_type')
|
||||||
@ -31,24 +30,13 @@ class QueryPopular
|
|||||||
$query->whereIn('viewable_type', $this->entityProvider->getMorphClasses($filterModels));
|
$query->whereIn('viewable_type', $this->entityProvider->getMorphClasses($filterModels));
|
||||||
}
|
}
|
||||||
|
|
||||||
$entities = $query->with('viewable')
|
$views = $query
|
||||||
->skip($count * ($page - 1))
|
->skip($count * ($page - 1))
|
||||||
->take($count)
|
->take($count)
|
||||||
->get()
|
->get();
|
||||||
->pluck('viewable')
|
|
||||||
->filter();
|
|
||||||
|
|
||||||
$this->loadBooksForChildren($entities);
|
$this->listLoader->loadIntoRelations($views->all(), 'viewable', false);
|
||||||
|
|
||||||
return $entities;
|
return $views->pluck('viewable')->filter();
|
||||||
}
|
|
||||||
|
|
||||||
protected function loadBooksForChildren(Collection $entities): void
|
|
||||||
{
|
|
||||||
$bookChildren = $entities->filter(fn(Entity $entity) => $entity instanceof BookChild);
|
|
||||||
$eloquent = (new \Illuminate\Database\Eloquent\Collection($bookChildren));
|
|
||||||
$eloquent->load(['book' => function (BelongsTo $query) {
|
|
||||||
$query->scopes('visible');
|
|
||||||
}]);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -23,6 +23,35 @@ class ErrorTest extends TestCase
|
|||||||
$notFound->assertSeeText('tester');
|
$notFound->assertSeeText('tester');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function test_404_page_does_not_non_visible_content()
|
||||||
|
{
|
||||||
|
$editor = $this->users->editor();
|
||||||
|
$book = $this->entities->book();
|
||||||
|
|
||||||
|
$this->actingAs($editor)->get($book->getUrl())->assertOk();
|
||||||
|
|
||||||
|
$this->permissions->disableEntityInheritedPermissions($book);
|
||||||
|
|
||||||
|
$this->actingAs($editor)->get($book->getUrl())->assertNotFound();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_404_page_shows_visible_content_within_non_visible_parent()
|
||||||
|
{
|
||||||
|
$editor = $this->users->editor();
|
||||||
|
$book = $this->entities->book();
|
||||||
|
$page = $book->pages()->first();
|
||||||
|
|
||||||
|
$this->actingAs($editor)->get($page->getUrl())->assertOk();
|
||||||
|
|
||||||
|
$this->permissions->disableEntityInheritedPermissions($book);
|
||||||
|
$this->permissions->addEntityPermission($page, ['view'], $editor->roles()->first());
|
||||||
|
|
||||||
|
$resp = $this->actingAs($editor)->get($book->getUrl());
|
||||||
|
$resp->assertNotFound();
|
||||||
|
$resp->assertSee($page->name);
|
||||||
|
$resp->assertDontSee($book->name);
|
||||||
|
}
|
||||||
|
|
||||||
public function test_item_not_found_does_not_get_logged_to_file()
|
public function test_item_not_found_does_not_get_logged_to_file()
|
||||||
{
|
{
|
||||||
$this->actingAs($this->users->viewer());
|
$this->actingAs($this->users->viewer());
|
||||||
|
Loading…
Reference in New Issue
Block a user