github-mirror/BookStack
github-mirror/BookStack
2
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-04-17 00:39:06 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

#47 - Added more test cases to test the APIs and permission for comments.

Browse Source
This commit is contained in:
Abijeet 2017-06-13 02:31:17 +05:30
parent fd50efb503
commit 7d02f77e67
4 changed files with 264 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
database/factories/ModelFactory.php
View File

@ -77,7 +77,7 @@ $factory->define(BookStack\Comment::class, function($faker) {
$html = '<p>' . $text. '</p>'; $html = '<p>' . $text. '</p>';
return [ return [
'html' => $html, 'html' => $html,
'text' => '#' . $text, 'text' => $text,
'active' => 1 'active' => 1
]; ];
}); });

47
database/migrations/2017_01_01_130541_create_comments_table.php
View File

@ -17,7 +17,7 @@ class CreateCommentsTable extends Migration
return; return;
} }
Schema::create('comments', function (Blueprint $table) { Schema::create('comments', function (Blueprint $table) {
$table->increments('id')->unsigned(); $table->increments('id')->unsigned();
$table->integer('page_id')->unsigned(); $table->integer('page_id')->unsigned();
$table->longText('text')->nullable(); $table->longText('text')->nullable();
$table->longText('html')->nullable(); $table->longText('html')->nullable();
@ -45,6 +45,51 @@ class CreateCommentsTable extends Migration
'permission_id' => $permissionId 'permission_id' => $permissionId
]); ]);
} }
// Get roles with permissions we need to change
/*
$editorRole = DB::table('roles')->where('name', '=', 'editor')->first();
if (!empty($editorRole)) {
$editorRoleId = $editorRole->id;
// Create & attach new entity permissions
$ops = ['Create All', 'Create Own', 'Update Own', 'Delete Own'];
$entity = 'Comment';
foreach ($ops as $op) {
$permissionId = DB::table('role_permissions')->insertGetId([
'name' => strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)),
'display_name' => $op . ' ' . $entity . 's',
'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
]);
DB::table('permission_role')->insert([
'role_id' => $editorRoleId,
'permission_id' => $permissionId
]);
}
}
// Get roles with permissions we need to change
$viewerRole = DB::table('roles')->where('name', '=', 'viewer')->first();
if (!empty($viewerRole)) {
$viewerRoleId = $viewerRole->id;
// Create & attach new entity permissions
$ops = ['Create All'];
$entity = 'Comment';
foreach ($ops as $op) {
$permissionId = DB::table('role_permissions')->insertGetId([
'name' => strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)),
'display_name' => $op . ' ' . $entity . 's',
'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
]);
DB::table('permission_role')->insert([
'role_id' => $viewerRoleId,
'permission_id' => $permissionId
]);
}
}
*/
}); });
} }

111
tests/Entity/CommentTest.php Normal file
View File

@ -0,0 +1,111 @@
<?php namespace Tests;
use BookStack\Page;
use BookStack\Comment;
class CommentTest extends BrowserKitTest
{
public function test_add_comment()
{
$this->asAdmin();
$page = $this->getPage();
$this->addComment($page);
}
public function test_comment_reply()
{
$this->asAdmin();
$page = $this->getPage();
// add a normal comment
$createdComment = $this->addComment($page);
// reply to the added comment
$this->addComment($page, $createdComment['id']);
}
public function test_comment_edit()
{
$this->asAdmin();
$page = $this->getPage();
$createdComment = $this->addComment($page);
$comment = [
'id' => $createdComment['id'],
'page_id' => $createdComment['page_id']
];
$this->updateComment($comment);
}
public function test_comment_delete()
{
$this->asAdmin();
$page = $this->getPage();
$createdComment = $this->addComment($page);
$this->deleteComment($createdComment['id']);
}
private function getPage() {
$page = Page::first();
return $page;
}
private function addComment($page, $parentCommentId = null) {
$comment = factory(Comment::class)->make();
$url = "/ajax/page/$page->id/comment/";
$request = [
'text' => $comment->text,
'html' => $comment->html
];
if (!empty($parentCommentId)) {
$request['parent_id'] = $parentCommentId;
}
$this->call('POST', $url, $request);
$createdComment = $this->checkResponse();
return $createdComment;
}
private function updateComment($comment) {
$tmpComment = factory(Comment::class)->make();
$url = '/ajax/page/' . $comment['page_id'] . '/comment/ ' . $comment['id'];
$request = [
'text' => $tmpComment->text,
'html' => $tmpComment->html
];
$this->call('PUT', $url, $request);
$updatedComment = $this->checkResponse();
return $updatedComment;
}
private function deleteComment($commentId) {
// Route::delete('/ajax/comment/{id}', 'CommentController@destroy');
$url = '/ajax/comment/' . $commentId;
$this->call('DELETE', $url);
$deletedComment = $this->checkResponse();
return $deletedComment;
}
private function checkResponse() {
$expectedResp = [
'status' => 'success'
];
$this->assertResponseOk();
$this->seeJsonContains($expectedResp);
$resp = $this->decodeResponseJson();
$createdComment = $resp['comment'];
$this->assertArrayHasKey('id', $createdComment);
return $createdComment;
}
}

106
tests/Permissions/RolesTest.php
View File

@ -620,4 +620,110 @@ class RolesTest extends BrowserKitTest
->dontSeeInDatabase('images', ['id' => $image->id]); ->dontSeeInDatabase('images', ['id' => $image->id]);
} }
public function test_comment_create_permission () {
$ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];
$this->actingAs($this->user)->addComment($ownPage);
$this->assertResponseStatus(403);
$this->giveUserPermissions($this->user, ['comment-create-all']);
$this->actingAs($this->user)->addComment($ownPage);
$this->assertResponseOk(200)->seeJsonContains(['status' => 'success']);
}
public function test_comment_update_own_permission () {
$ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];
$this->giveUserPermissions($this->user, ['comment-create-all']);
$comment = $this->actingAs($this->user)->addComment($ownPage);
// no comment-update-own
$this->actingAs($this->user)->updateComment($ownPage, $comment['id']);
$this->assertResponseStatus(403);
$this->giveUserPermissions($this->user, ['comment-update-own']);
// now has comment-update-own
$this->actingAs($this->user)->updateComment($ownPage, $comment['id']);
$this->assertResponseOk()->seeJsonContains(['status' => 'success']);
}
public function test_comment_update_all_permission () {
$ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];
$comment = $this->asAdmin()->addComment($ownPage);
// no comment-update-all
$this->actingAs($this->user)->updateComment($ownPage, $comment['id']);
$this->assertResponseStatus(403);
$this->giveUserPermissions($this->user, ['comment-update-all']);
// now has comment-update-all
$this->actingAs($this->user)->updateComment($ownPage, $comment['id']);
$this->assertResponseOk()->seeJsonContains(['status' => 'success']);
}
public function test_comment_delete_own_permission () {
$ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];
$this->giveUserPermissions($this->user, ['comment-create-all']);
$comment = $this->actingAs($this->user)->addComment($ownPage);
// no comment-delete-own
$this->actingAs($this->user)->deleteComment($comment['id']);
$this->assertResponseStatus(403);
$this->giveUserPermissions($this->user, ['comment-delete-own']);
// now has comment-update-own
$this->actingAs($this->user)->deleteComment($comment['id']);
$this->assertResponseOk()->seeJsonContains(['status' => 'success']);
}
public function test_comment_delete_all_permission () {
$ownPage = $this->createEntityChainBelongingToUser($this->user)['page'];
$comment = $this->asAdmin()->addComment($ownPage);
// no comment-delete-all
$this->actingAs($this->user)->deleteComment($comment['id']);
$this->assertResponseStatus(403);
$this->giveUserPermissions($this->user, ['comment-delete-all']);
// now has comment-delete-all
$this->actingAs($this->user)->deleteComment($comment['id']);
$this->assertResponseOk()->seeJsonContains(['status' => 'success']);
}
private function addComment($page) {
$comment = factory(\BookStack\Comment::class)->make();
$url = "/ajax/page/$page->id/comment/";
$request = [
'text' => $comment->text,
'html' => $comment->html
];
$this->json('POST', $url, $request);
$resp = $this->decodeResponseJson();
return $resp['comment'];
}
private function updateComment($page, $commentId) {
$comment = factory(\BookStack\Comment::class)->make();
$url = "/ajax/page/$page->id/comment/$commentId";
$request = [
'text' => $comment->text,
'html' => $comment->html
];
return $this->json('PUT', $url, $request);
}
private function deleteComment($commentId) {
$url = '/ajax/comment/' . $commentId;
return $this->json('DELETE', $url);
}
} }