mirror of
https://github.com/BookStackApp/BookStack.git
synced 2025-05-28 11:05:43 +08:00
@ -106,7 +106,13 @@ class PageController extends Controller
|
|||||||
$this->checkOwnablePermission('page-create', $book);
|
$this->checkOwnablePermission('page-create', $book);
|
||||||
$this->setPageTitle('Edit Page Draft');
|
$this->setPageTitle('Edit Page Draft');
|
||||||
|
|
||||||
return view('pages/edit', ['page' => $draft, 'book' => $book, 'isDraft' => true]);
|
$draftsEnabled = $this->signedIn;
|
||||||
|
return view('pages/edit', [
|
||||||
|
'page' => $draft,
|
||||||
|
'book' => $book,
|
||||||
|
'isDraft' => true,
|
||||||
|
'draftsEnabled' => $draftsEnabled
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -187,7 +187,7 @@ class UserController extends Controller
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Show the user delete page.
|
* Show the user delete page.
|
||||||
* @param $id
|
* @param int $id
|
||||||
* @return \Illuminate\View\View
|
* @return \Illuminate\View\View
|
||||||
*/
|
*/
|
||||||
public function delete($id)
|
public function delete($id)
|
||||||
@ -220,6 +220,11 @@ class UserController extends Controller
|
|||||||
return redirect($user->getEditUrl());
|
return redirect($user->getEditUrl());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($user->system_name === 'public') {
|
||||||
|
session()->flash('error', 'You cannot delete the guest user');
|
||||||
|
return redirect($user->getEditUrl());
|
||||||
|
}
|
||||||
|
|
||||||
$this->userRepo->destroy($user);
|
$this->userRepo->destroy($user);
|
||||||
session()->flash('success', 'User successfully removed');
|
session()->flash('success', 'User successfully removed');
|
||||||
|
|
||||||
|
@ -66,7 +66,7 @@ class Role extends Model
|
|||||||
/**
|
/**
|
||||||
* Get the role object for the specified role.
|
* Get the role object for the specified role.
|
||||||
* @param $roleName
|
* @param $roleName
|
||||||
* @return mixed
|
* @return Role
|
||||||
*/
|
*/
|
||||||
public static function getRole($roleName)
|
public static function getRole($roleName)
|
||||||
{
|
{
|
||||||
@ -76,7 +76,7 @@ class Role extends Model
|
|||||||
/**
|
/**
|
||||||
* Get the role object for the specified system role.
|
* Get the role object for the specified system role.
|
||||||
* @param $roleName
|
* @param $roleName
|
||||||
* @return mixed
|
* @return Role
|
||||||
*/
|
*/
|
||||||
public static function getSystemRole($roleName)
|
public static function getSystemRole($roleName)
|
||||||
{
|
{
|
||||||
|
@ -15,7 +15,9 @@
|
|||||||
</div>
|
</div>
|
||||||
<div class="col-sm-4">
|
<div class="col-sm-4">
|
||||||
<p></p>
|
<p></p>
|
||||||
|
@if($authMethod !== 'system')
|
||||||
<a href="{{ baseUrl("/settings/users/{$user->id}/delete") }}" class="neg button float right">Delete User</a>
|
<a href="{{ baseUrl("/settings/users/{$user->id}/delete") }}" class="neg button float right">Delete User</a>
|
||||||
|
@endif
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="row">
|
<div class="row">
|
||||||
|
@ -146,7 +146,7 @@ class AuthTest extends TestCase
|
|||||||
|
|
||||||
public function test_user_updating()
|
public function test_user_updating()
|
||||||
{
|
{
|
||||||
$user = \BookStack\User::all()->last();
|
$user = $this->getNormalUser();
|
||||||
$password = $user->password;
|
$password = $user->password;
|
||||||
$this->asAdmin()
|
$this->asAdmin()
|
||||||
->visit('/settings/users')
|
->visit('/settings/users')
|
||||||
@ -162,7 +162,7 @@ class AuthTest extends TestCase
|
|||||||
|
|
||||||
public function test_user_password_update()
|
public function test_user_password_update()
|
||||||
{
|
{
|
||||||
$user = \BookStack\User::all()->last();
|
$user = $this->getNormalUser();
|
||||||
$userProfilePage = '/settings/users/' . $user->id;
|
$userProfilePage = '/settings/users/' . $user->id;
|
||||||
$this->asAdmin()
|
$this->asAdmin()
|
||||||
->visit($userProfilePage)
|
->visit($userProfilePage)
|
||||||
|
@ -108,7 +108,7 @@ class LdapTest extends \TestCase
|
|||||||
|
|
||||||
public function test_user_edit_form()
|
public function test_user_edit_form()
|
||||||
{
|
{
|
||||||
$editUser = User::all()->last();
|
$editUser = $this->getNormalUser();
|
||||||
$this->asAdmin()->visit('/settings/users/' . $editUser->id)
|
$this->asAdmin()->visit('/settings/users/' . $editUser->id)
|
||||||
->see('Edit User')
|
->see('Edit User')
|
||||||
->dontSee('Password')
|
->dontSee('Password')
|
||||||
@ -126,7 +126,7 @@ class LdapTest extends \TestCase
|
|||||||
|
|
||||||
public function test_non_admins_cannot_change_auth_id()
|
public function test_non_admins_cannot_change_auth_id()
|
||||||
{
|
{
|
||||||
$testUser = User::all()->last();
|
$testUser = $this->getNormalUser();
|
||||||
$this->actingAs($testUser)->visit('/settings/users/' . $testUser->id)
|
$this->actingAs($testUser)->visit('/settings/users/' . $testUser->id)
|
||||||
->dontSee('External Authentication');
|
->dontSee('External Authentication');
|
||||||
}
|
}
|
||||||
|
@ -544,27 +544,38 @@ class RolesTest extends TestCase
|
|||||||
->dontSeeInElement('.book-content', $otherPage->name);
|
->dontSeeInElement('.book-content', $otherPage->name);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_public_role_not_visible_in_user_edit_screen()
|
public function test_public_role_visible_in_user_edit_screen()
|
||||||
{
|
{
|
||||||
$user = \BookStack\User::first();
|
$user = \BookStack\User::first();
|
||||||
$this->asAdmin()->visit('/settings/users/' . $user->id)
|
$this->asAdmin()->visit('/settings/users/' . $user->id)
|
||||||
->seeElement('#roles-admin')
|
->seeElement('#roles-admin')
|
||||||
->dontSeeElement('#roles-public');
|
->seeElement('#roles-public');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_public_role_not_visible_in_role_listing()
|
public function test_public_role_visible_in_role_listing()
|
||||||
{
|
{
|
||||||
$this->asAdmin()->visit('/settings/roles')
|
$this->asAdmin()->visit('/settings/roles')
|
||||||
->see('Admin')
|
->see('Admin')
|
||||||
->dontSee('Public');
|
->see('Public');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_public_role_not_visible_in_default_role_setting()
|
public function test_public_role_visible_in_default_role_setting()
|
||||||
{
|
{
|
||||||
$this->asAdmin()->visit('/settings')
|
$this->asAdmin()->visit('/settings')
|
||||||
->seeElement('[data-role-name="admin"]')
|
->seeElement('[data-role-name="admin"]')
|
||||||
->dontSeeElement('[data-role-name="public"]');
|
->seeElement('[data-role-name="public"]');
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function test_public_role_not_deleteable()
|
||||||
|
{
|
||||||
|
$this->asAdmin()->visit('/settings/roles')
|
||||||
|
->click('Public')
|
||||||
|
->see('Edit Role')
|
||||||
|
->click('Delete Role')
|
||||||
|
->press('Confirm')
|
||||||
|
->see('Delete Role')
|
||||||
|
->see('Cannot be deleted');
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
83
tests/PublicActionTest.php
Normal file
83
tests/PublicActionTest.php
Normal file
@ -0,0 +1,83 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
class PublicActionTest extends TestCase
|
||||||
|
{
|
||||||
|
|
||||||
|
public function test_app_not_public()
|
||||||
|
{
|
||||||
|
$this->setSettings(['app-public' => 'false']);
|
||||||
|
$book = \BookStack\Book::orderBy('name', 'asc')->first();
|
||||||
|
$this->visit('/books')->seePageIs('/login');
|
||||||
|
$this->visit($book->getUrl())->seePageIs('/login');
|
||||||
|
|
||||||
|
$page = \BookStack\Page::first();
|
||||||
|
$this->visit($page->getUrl())->seePageIs('/login');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_books_viewable()
|
||||||
|
{
|
||||||
|
$this->setSettings(['app-public' => 'true']);
|
||||||
|
$books = \BookStack\Book::orderBy('name', 'asc')->take(10)->get();
|
||||||
|
$bookToVisit = $books[1];
|
||||||
|
|
||||||
|
// Check books index page is showing
|
||||||
|
$this->visit('/books')
|
||||||
|
->seeStatusCode(200)
|
||||||
|
->see($books[0]->name)
|
||||||
|
// Check individual book page is showing and it's child contents are visible.
|
||||||
|
->click($bookToVisit->name)
|
||||||
|
->seePageIs($bookToVisit->getUrl())
|
||||||
|
->see($bookToVisit->name)
|
||||||
|
->see($bookToVisit->chapters()->first()->name);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_chapters_viewable()
|
||||||
|
{
|
||||||
|
$this->setSettings(['app-public' => 'true']);
|
||||||
|
$chapterToVisit = \BookStack\Chapter::first();
|
||||||
|
$pageToVisit = $chapterToVisit->pages()->first();
|
||||||
|
|
||||||
|
// Check chapters index page is showing
|
||||||
|
$this->visit($chapterToVisit->getUrl())
|
||||||
|
->seeStatusCode(200)
|
||||||
|
->see($chapterToVisit->name)
|
||||||
|
// Check individual chapter page is showing and it's child contents are visible.
|
||||||
|
->see($pageToVisit->name)
|
||||||
|
->click($pageToVisit->name)
|
||||||
|
->see($chapterToVisit->book->name)
|
||||||
|
->see($chapterToVisit->name)
|
||||||
|
->seePageIs($pageToVisit->getUrl());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_public_page_creation()
|
||||||
|
{
|
||||||
|
$this->setSettings(['app-public' => 'true']);
|
||||||
|
$publicRole = \BookStack\Role::getSystemRole('public');
|
||||||
|
// Grant all permissions to public
|
||||||
|
$publicRole->permissions()->detach();
|
||||||
|
foreach (\BookStack\RolePermission::all() as $perm) {
|
||||||
|
$publicRole->attachPermission($perm);
|
||||||
|
}
|
||||||
|
$this->app[\BookStack\Services\PermissionService::class]->buildJointPermissionForRole($publicRole);
|
||||||
|
|
||||||
|
$chapter = \BookStack\Chapter::first();
|
||||||
|
$this->visit($chapter->book->getUrl());
|
||||||
|
$this->visit($chapter->getUrl())
|
||||||
|
->click('New Page')
|
||||||
|
->see('Create Page')
|
||||||
|
->seePageIs($chapter->getUrl('/create-page'));
|
||||||
|
|
||||||
|
$this->submitForm('Continue', [
|
||||||
|
'name' => 'My guest page'
|
||||||
|
])->seePageIs($chapter->book->getUrl('/page/my-guest-page/edit'));
|
||||||
|
|
||||||
|
$user = \BookStack\User::getDefault();
|
||||||
|
$this->seeInDatabase('pages', [
|
||||||
|
'name' => 'My guest page',
|
||||||
|
'chapter_id' => $chapter->id,
|
||||||
|
'created_by' => $user->id,
|
||||||
|
'updated_by' => $user->id
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -1,41 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
class PublicViewTest extends TestCase
|
|
||||||
{
|
|
||||||
|
|
||||||
public function test_books_viewable()
|
|
||||||
{
|
|
||||||
$this->setSettings(['app-public' => 'true']);
|
|
||||||
$books = \BookStack\Book::orderBy('name', 'asc')->take(10)->get();
|
|
||||||
$bookToVisit = $books[1];
|
|
||||||
|
|
||||||
// Check books index page is showing
|
|
||||||
$this->visit('/books')
|
|
||||||
->seeStatusCode(200)
|
|
||||||
->see($books[0]->name)
|
|
||||||
// Check individual book page is showing and it's child contents are visible.
|
|
||||||
->click($bookToVisit->name)
|
|
||||||
->seePageIs($bookToVisit->getUrl())
|
|
||||||
->see($bookToVisit->name)
|
|
||||||
->see($bookToVisit->chapters()->first()->name);
|
|
||||||
}
|
|
||||||
|
|
||||||
public function test_chapters_viewable()
|
|
||||||
{
|
|
||||||
$this->setSettings(['app-public' => 'true']);
|
|
||||||
$chapterToVisit = \BookStack\Chapter::first();
|
|
||||||
$pageToVisit = $chapterToVisit->pages()->first();
|
|
||||||
|
|
||||||
// Check chapters index page is showing
|
|
||||||
$this->visit($chapterToVisit->getUrl())
|
|
||||||
->seeStatusCode(200)
|
|
||||||
->see($chapterToVisit->name)
|
|
||||||
// Check individual chapter page is showing and it's child contents are visible.
|
|
||||||
->see($pageToVisit->name)
|
|
||||||
->click($pageToVisit->name)
|
|
||||||
->see($chapterToVisit->book->name)
|
|
||||||
->see($chapterToVisit->name)
|
|
||||||
->seePageIs($pageToVisit->getUrl());
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
@ -66,6 +66,14 @@ class TestCase extends Illuminate\Foundation\Testing\TestCase
|
|||||||
return $this->actingAs($this->editor);
|
return $this->actingAs($this->editor);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get a user that's not a system user such as the guest user.
|
||||||
|
*/
|
||||||
|
public function getNormalUser()
|
||||||
|
{
|
||||||
|
return \BookStack\User::where('system_name', '=', null)->get()->last();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Quickly sets an array of settings.
|
* Quickly sets an array of settings.
|
||||||
* @param $settingsArray
|
* @param $settingsArray
|
||||||
|
@ -77,4 +77,22 @@ class UserProfileTest extends TestCase
|
|||||||
->see($newUser->name);
|
->see($newUser->name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function test_guest_profile_shows_limited_form()
|
||||||
|
{
|
||||||
|
$this->asAdmin()
|
||||||
|
->visit('/settings/users')
|
||||||
|
->click('Guest')
|
||||||
|
->dontSeeElement('#password');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_guest_profile_cannot_be_deleted()
|
||||||
|
{
|
||||||
|
$guestUser = \BookStack\User::getDefault();
|
||||||
|
$this->asAdmin()->visit('/settings/users/' . $guestUser->id . '/delete')
|
||||||
|
->see('Delete User')->see('Guest')
|
||||||
|
->press('Confirm')
|
||||||
|
->seePageIs('/settings/users/' . $guestUser->id)
|
||||||
|
->see('cannot delete the guest user');
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user