diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index 4c396d3cd..4660c16d5 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -76,8 +76,9 @@ class LoginController extends Controller ]); } - if ($request->has('intended')) { - redirect()->setIntendedUrl($request->get('intended')); + $previous = url()->previous(''); + if (setting('app-public') && $previous && $previous !== url('/login')) { + redirect()->setIntendedUrl($previous); } return view('auth.login', [ diff --git a/resources/lang/en/errors.php b/resources/lang/en/errors.php index 38f1ce28a..06a5285f5 100644 --- a/resources/lang/en/errors.php +++ b/resources/lang/en/errors.php @@ -83,6 +83,7 @@ return [ // Error pages '404_page_not_found' => 'Page Not Found', 'sorry_page_not_found' => 'Sorry, The page you were looking for could not be found.', + 'sorry_page_not_found_permission_warning' => 'If you expected this page to exist, you might not have permission to view it.', 'return_home' => 'Return to home', 'error_occurred' => 'An Error Occurred', 'app_down' => ':appName is down right now', diff --git a/resources/views/common/header.blade.php b/resources/views/common/header.blade.php index 3004acf3c..ec90739ee 100644 --- a/resources/views/common/header.blade.php +++ b/resources/views/common/header.blade.php @@ -45,7 +45,7 @@ @if(setting('registration-enabled') && config('auth.method') === 'standard') @icon('new-user'){{ trans('auth.sign_up') }} @endif - @icon('login'){{ trans('auth.log_in') }} + @icon('login'){{ trans('auth.log_in') }} @endif @if(signedInUser()) diff --git a/resources/views/errors/404.blade.php b/resources/views/errors/404.blade.php index 9c599307e..02f97fc54 100644 --- a/resources/views/errors/404.blade.php +++ b/resources/views/errors/404.blade.php @@ -3,13 +3,17 @@ @section('content')
-
+

{{ $message ?? trans('errors.404_page_not_found') }}

{{ trans('errors.sorry_page_not_found') }}
+

{{ trans('errors.sorry_page_not_found_permission_warning') }}

+ @if(!signedInUser()) + {{ trans('auth.log_in') }} + @endif {{ trans('errors.return_home') }}
diff --git a/tests/PublicActionTest.php b/tests/PublicActionTest.php index 27b4822fa..3670df87d 100644 --- a/tests/PublicActionTest.php +++ b/tests/PublicActionTest.php @@ -1,16 +1,25 @@ setSettings(['app-public' => 'false']); - $book = \BookStack\Entities\Book::orderBy('name', 'asc')->first(); + $book = Book::orderBy('name', 'asc')->first(); $this->visit('/books')->seePageIs('/login'); $this->visit($book->getUrl())->seePageIs('/login'); - $page = \BookStack\Entities\Page::first(); + $page = Page::first(); $this->visit($page->getUrl())->seePageIs('/login'); } @@ -35,7 +44,7 @@ class PublicActionTest extends BrowserKitTest public function test_books_viewable() { $this->setSettings(['app-public' => 'true']); - $books = \BookStack\Entities\Book::orderBy('name', 'asc')->take(10)->get(); + $books = Book::orderBy('name', 'asc')->take(10)->get(); $bookToVisit = $books[1]; // Check books index page is showing @@ -52,7 +61,7 @@ class PublicActionTest extends BrowserKitTest public function test_chapters_viewable() { $this->setSettings(['app-public' => 'true']); - $chapterToVisit = \BookStack\Entities\Chapter::first(); + $chapterToVisit = Chapter::first(); $pageToVisit = $chapterToVisit->pages()->first(); // Check chapters index page is showing @@ -70,15 +79,15 @@ class PublicActionTest extends BrowserKitTest public function test_public_page_creation() { $this->setSettings(['app-public' => 'true']); - $publicRole = \BookStack\Auth\Role::getSystemRole('public'); + $publicRole = Role::getSystemRole('public'); // Grant all permissions to public $publicRole->permissions()->detach(); - foreach (\BookStack\Auth\Permissions\RolePermission::all() as $perm) { + foreach (RolePermission::all() as $perm) { $publicRole->attachPermission($perm); } - $this->app[\BookStack\Auth\Permissions\PermissionService::class]->buildJointPermissionForRole($publicRole); + $this->app[PermissionService::class]->buildJointPermissionForRole($publicRole); - $chapter = \BookStack\Entities\Chapter::first(); + $chapter = Chapter::first(); $this->visit($chapter->book->getUrl()); $this->visit($chapter->getUrl()) ->click('New Page') @@ -89,7 +98,7 @@ class PublicActionTest extends BrowserKitTest 'name' => 'My guest page' ])->seePageIs($chapter->book->getUrl('/page/my-guest-page/edit')); - $user = \BookStack\Auth\User::getDefault(); + $user = User::getDefault(); $this->seeInDatabase('pages', [ 'name' => 'My guest page', 'chapter_id' => $chapter->id, @@ -100,9 +109,9 @@ class PublicActionTest extends BrowserKitTest public function test_content_not_listed_on_404_for_public_users() { - $page = \BookStack\Entities\Page::first(); + $page = Page::first(); $this->asAdmin()->visit($page->getUrl()); - \Auth::logout(); + Auth::logout(); view()->share('pageTitle', ''); $this->forceVisit('/cats/dogs/hippos'); $this->dontSee($page->name); @@ -139,4 +148,36 @@ class PublicActionTest extends BrowserKitTest $this->seeText("User-agent: *\nDisallow: /"); } + public function test_public_view_then_login_redirects_to_previous_content() + { + $this->setSettings(['app-public' => 'true']); + $book = Book::query()->first(); + $this->visit($book->getUrl()) + ->see($book->name) + ->visit('/login') + ->type('admin@admin.com', '#email') + ->type('password', '#password') + ->press('Log In') + ->seePageUrlIs($book->getUrl()); + } + + public function test_access_hidden_content_then_login_redirects_to_intended_content() + { + $this->setSettings(['app-public' => 'true']); + $book = Book::query()->first(); + $this->setEntityRestrictions($book); + + try { + $this->visit($book->getUrl()); + } catch (\Exception $exception) {} + + $this->see('Book not found') + ->dontSee($book->name) + ->visit('/login') + ->type('admin@admin.com', '#email') + ->type('password', '#password') + ->press('Log In') + ->seePageUrlIs($book->getUrl()) + ->see($book->name); + } } \ No newline at end of file