webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-07-30 04:23:11 +03:00
Code Activity

Prevent empty-state actions visible without permission.

Browse Source 
Fixes #411
This commit is contained in:
Dan Brown
2017-07-02 15:59:40 +01:00
parent cbff801aec
commit 4db2c274e2
3 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
tests/Permissions/RolesTest.php
View File

@ -639,4 +639,22 @@ class RolesTest extends BrowserKitTest
$this->actingAs($viewer)->visit($page->getUrl())->assertResponseStatus(404);
}
public function test_empty_state_actions_not_visible_without_permission()
{
$admin = $this->getAdmin();
// Book links
$book = factory(\BookStack\Book::class)->create(['created_by' => $admin->id, 'updated_by' => $admin->id]);
$this->updateEntityPermissions($book);
$this->actingAs($this->getViewer())->visit($book->getUrl())
->dontSee('Create a new page')
->dontSee('Add a chapter');
// Chapter links
$chapter = factory(\BookStack\Chapter::class)->create(['created_by' => $admin->id, 'updated_by' => $admin->id, 'book_id' => $book->id]);
$this->updateEntityPermissions($chapter);
$this->actingAs($this->getViewer())->visit($chapter->getUrl())
->dontSee('Create a new page')
->dontSee('Sort the current book');
}
}