mirror of
				https://github.com/BookStackApp/BookStack.git
				synced 2025-10-25 06:37:36 +03:00 
			
		
		
		
	DB: Updated handling of deleted user ID handling in DB
Updated uses of user ID to nullify on delete. Added testing to cover deletion of user relations. Added model factories to support changes and potential other tests. Cleans existing ID references in the DB via migration.
This commit is contained in:
		| @@ -4,6 +4,7 @@ namespace BookStack\Access\Mfa; | |||||||
|  |  | ||||||
| use BookStack\Users\Models\User; | use BookStack\Users\Models\User; | ||||||
| use Carbon\Carbon; | use Carbon\Carbon; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\HasFactory; | ||||||
| use Illuminate\Database\Eloquent\Model; | use Illuminate\Database\Eloquent\Model; | ||||||
|  |  | ||||||
| /** | /** | ||||||
| @@ -16,6 +17,8 @@ use Illuminate\Database\Eloquent\Model; | |||||||
|  */ |  */ | ||||||
| class MfaValue extends Model | class MfaValue extends Model | ||||||
| { | { | ||||||
|  |     use HasFactory; | ||||||
|  |  | ||||||
|     protected static $unguarded = true; |     protected static $unguarded = true; | ||||||
|  |  | ||||||
|     const METHOD_TOTP = 'totp'; |     const METHOD_TOTP = 'totp'; | ||||||
|   | |||||||
| @@ -5,18 +5,23 @@ namespace BookStack\Access; | |||||||
| use BookStack\Activity\Models\Loggable; | use BookStack\Activity\Models\Loggable; | ||||||
| use BookStack\App\Model; | use BookStack\App\Model; | ||||||
| use BookStack\Users\Models\User; | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\HasFactory; | ||||||
|  | use Illuminate\Database\Eloquent\Relations\BelongsTo; | ||||||
|  |  | ||||||
| /** | /** | ||||||
|  * Class SocialAccount. |  | ||||||
|  * |  | ||||||
|  * @property string $driver |  * @property string $driver | ||||||
|  * @property User   $user |  * @property User   $user | ||||||
|  */ |  */ | ||||||
| class SocialAccount extends Model implements Loggable | class SocialAccount extends Model implements Loggable | ||||||
| { | { | ||||||
|     protected $fillable = ['user_id', 'driver', 'driver_id', 'timestamps']; |     use HasFactory; | ||||||
|  |  | ||||||
|     public function user() |     protected $fillable = ['user_id', 'driver', 'driver_id']; | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * @return BelongsTo<User, $this> | ||||||
|  |      */ | ||||||
|  |     public function user(): BelongsTo | ||||||
|     { |     { | ||||||
|         return $this->belongsTo(User::class); |         return $this->belongsTo(User::class); | ||||||
|     } |     } | ||||||
|   | |||||||
| @@ -6,6 +6,7 @@ use BookStack\App\Model; | |||||||
| use BookStack\Entities\Models\Entity; | use BookStack\Entities\Models\Entity; | ||||||
| use BookStack\Permissions\Models\JointPermission; | use BookStack\Permissions\Models\JointPermission; | ||||||
| use BookStack\Users\Models\User; | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\HasFactory; | ||||||
| use Illuminate\Database\Eloquent\Relations\BelongsTo; | use Illuminate\Database\Eloquent\Relations\BelongsTo; | ||||||
| use Illuminate\Database\Eloquent\Relations\HasMany; | use Illuminate\Database\Eloquent\Relations\HasMany; | ||||||
| use Illuminate\Database\Eloquent\Relations\MorphTo; | use Illuminate\Database\Eloquent\Relations\MorphTo; | ||||||
| @@ -24,6 +25,8 @@ use Illuminate\Support\Str; | |||||||
|  */ |  */ | ||||||
| class Activity extends Model | class Activity extends Model | ||||||
| { | { | ||||||
|  |     use HasFactory; | ||||||
|  |  | ||||||
|     /** |     /** | ||||||
|      * Get the loggable model related to this activity. |      * Get the loggable model related to this activity. | ||||||
|      * Currently only used for entities (previously entity_[id/type] columns). |      * Currently only used for entities (previously entity_[id/type] columns). | ||||||
|   | |||||||
| @@ -4,11 +4,14 @@ namespace BookStack\Activity\Models; | |||||||
|  |  | ||||||
| use BookStack\App\Model; | use BookStack\App\Model; | ||||||
| use BookStack\Permissions\Models\JointPermission; | use BookStack\Permissions\Models\JointPermission; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\HasFactory; | ||||||
| use Illuminate\Database\Eloquent\Relations\HasMany; | use Illuminate\Database\Eloquent\Relations\HasMany; | ||||||
| use Illuminate\Database\Eloquent\Relations\MorphTo; | use Illuminate\Database\Eloquent\Relations\MorphTo; | ||||||
|  |  | ||||||
| class Favourite extends Model | class Favourite extends Model | ||||||
| { | { | ||||||
|  |     use HasFactory; | ||||||
|  |  | ||||||
|     protected $fillable = ['user_id']; |     protected $fillable = ['user_id']; | ||||||
|  |  | ||||||
|     /** |     /** | ||||||
|   | |||||||
| @@ -5,6 +5,7 @@ namespace BookStack\Activity\Models; | |||||||
| use BookStack\Activity\WatchLevels; | use BookStack\Activity\WatchLevels; | ||||||
| use BookStack\Permissions\Models\JointPermission; | use BookStack\Permissions\Models\JointPermission; | ||||||
| use Carbon\Carbon; | use Carbon\Carbon; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\HasFactory; | ||||||
| use Illuminate\Database\Eloquent\Model; | use Illuminate\Database\Eloquent\Model; | ||||||
| use Illuminate\Database\Eloquent\Relations\HasMany; | use Illuminate\Database\Eloquent\Relations\HasMany; | ||||||
| use Illuminate\Database\Eloquent\Relations\MorphTo; | use Illuminate\Database\Eloquent\Relations\MorphTo; | ||||||
| @@ -20,6 +21,8 @@ use Illuminate\Database\Eloquent\Relations\MorphTo; | |||||||
|  */ |  */ | ||||||
| class Watch extends Model | class Watch extends Model | ||||||
| { | { | ||||||
|  |     use HasFactory; | ||||||
|  |  | ||||||
|     protected $guarded = []; |     protected $guarded = []; | ||||||
|  |  | ||||||
|     public function watchable(): MorphTo |     public function watchable(): MorphTo | ||||||
|   | |||||||
| @@ -4,6 +4,7 @@ namespace BookStack\Entities\Models; | |||||||
|  |  | ||||||
| use BookStack\Activity\Models\Loggable; | use BookStack\Activity\Models\Loggable; | ||||||
| use BookStack\Users\Models\User; | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\HasFactory; | ||||||
| use Illuminate\Database\Eloquent\Model; | use Illuminate\Database\Eloquent\Model; | ||||||
| use Illuminate\Database\Eloquent\Relations\BelongsTo; | use Illuminate\Database\Eloquent\Relations\BelongsTo; | ||||||
| use Illuminate\Database\Eloquent\Relations\MorphTo; | use Illuminate\Database\Eloquent\Relations\MorphTo; | ||||||
| @@ -17,6 +18,8 @@ use Illuminate\Database\Eloquent\Relations\MorphTo; | |||||||
|  */ |  */ | ||||||
| class Deletion extends Model implements Loggable | class Deletion extends Model implements Loggable | ||||||
| { | { | ||||||
|  |     use HasFactory; | ||||||
|  |  | ||||||
|     protected $hidden = []; |     protected $hidden = []; | ||||||
|  |  | ||||||
|     /** |     /** | ||||||
|   | |||||||
| @@ -6,6 +6,7 @@ use BookStack\Activity\Models\Loggable; | |||||||
| use BookStack\App\Model; | use BookStack\App\Model; | ||||||
| use BookStack\Users\Models\User; | use BookStack\Users\Models\User; | ||||||
| use Carbon\Carbon; | use Carbon\Carbon; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\HasFactory; | ||||||
| use Illuminate\Database\Eloquent\Relations\BelongsTo; | use Illuminate\Database\Eloquent\Relations\BelongsTo; | ||||||
|  |  | ||||||
| /** | /** | ||||||
| @@ -30,6 +31,8 @@ use Illuminate\Database\Eloquent\Relations\BelongsTo; | |||||||
|  */ |  */ | ||||||
| class PageRevision extends Model implements Loggable | class PageRevision extends Model implements Loggable | ||||||
| { | { | ||||||
|  |     use HasFactory; | ||||||
|  |  | ||||||
|     protected $fillable = ['name', 'text', 'summary']; |     protected $fillable = ['name', 'text', 'summary']; | ||||||
|     protected $hidden = ['html', 'markdown', 'text']; |     protected $hidden = ['html', 'markdown', 'text']; | ||||||
|  |  | ||||||
|   | |||||||
| @@ -31,8 +31,6 @@ use Illuminate\Notifications\Notifiable; | |||||||
| use Illuminate\Support\Collection; | use Illuminate\Support\Collection; | ||||||
|  |  | ||||||
| /** | /** | ||||||
|  * Class User. |  | ||||||
|  * |  | ||||||
|  * @property int        $id |  * @property int        $id | ||||||
|  * @property string     $name |  * @property string     $name | ||||||
|  * @property string     $slug |  * @property string     $slug | ||||||
|   | |||||||
| @@ -5,8 +5,6 @@ namespace BookStack\Users; | |||||||
| use BookStack\Access\UserInviteException; | use BookStack\Access\UserInviteException; | ||||||
| use BookStack\Access\UserInviteService; | use BookStack\Access\UserInviteService; | ||||||
| use BookStack\Activity\ActivityType; | use BookStack\Activity\ActivityType; | ||||||
| use BookStack\Entities\EntityProvider; |  | ||||||
| use BookStack\Entities\Models\Entity; |  | ||||||
| use BookStack\Exceptions\NotifyException; | use BookStack\Exceptions\NotifyException; | ||||||
| use BookStack\Exceptions\UserUpdateException; | use BookStack\Exceptions\UserUpdateException; | ||||||
| use BookStack\Facades\Activity; | use BookStack\Facades\Activity; | ||||||
| @@ -27,7 +25,6 @@ class UserRepo | |||||||
|     ) { |     ) { | ||||||
|     } |     } | ||||||
|  |  | ||||||
|  |  | ||||||
|     /** |     /** | ||||||
|      * Get a user by their email address. |      * Get a user by their email address. | ||||||
|      */ |      */ | ||||||
| @@ -161,15 +158,12 @@ class UserRepo | |||||||
|      * |      * | ||||||
|      * @throws Exception |      * @throws Exception | ||||||
|      */ |      */ | ||||||
|     public function destroy(User $user, ?int $newOwnerId = null) |     public function destroy(User $user, ?int $newOwnerId = null): void | ||||||
|     { |     { | ||||||
|         $this->ensureDeletable($user); |         $this->ensureDeletable($user); | ||||||
|  |  | ||||||
|         $user->socialAccounts()->delete(); |         $this->removeUserDependantRelations($user); | ||||||
|         $user->apiTokens()->delete(); |         $this->nullifyUserNonDependantRelations($user); | ||||||
|         $user->favourites()->delete(); |  | ||||||
|         $user->mfaValues()->delete(); |  | ||||||
|         $user->watches()->delete(); |  | ||||||
|         $user->delete(); |         $user->delete(); | ||||||
|  |  | ||||||
|         // Delete user profile images |         // Delete user profile images | ||||||
| @@ -178,17 +172,53 @@ class UserRepo | |||||||
|         // Delete related activities |         // Delete related activities | ||||||
|         setting()->deleteUserSettings($user->id); |         setting()->deleteUserSettings($user->id); | ||||||
|  |  | ||||||
|  |         // Migrate or nullify ownership | ||||||
|  |         $newOwner = null; | ||||||
|         if (!empty($newOwnerId)) { |         if (!empty($newOwnerId)) { | ||||||
|             $newOwner = User::query()->find($newOwnerId); |             $newOwner = User::query()->find($newOwnerId); | ||||||
|             if (!is_null($newOwner)) { |         } | ||||||
|         $this->migrateOwnership($user, $newOwner); |         $this->migrateOwnership($user, $newOwner); | ||||||
|             } |  | ||||||
|             // TODO - Should be be nullifying ownership instead? |  | ||||||
|         } |  | ||||||
|  |  | ||||||
|         Activity::add(ActivityType::USER_DELETE, $user); |         Activity::add(ActivityType::USER_DELETE, $user); | ||||||
|     } |     } | ||||||
|  |  | ||||||
|  |     protected function removeUserDependantRelations(User $user): void | ||||||
|  |     { | ||||||
|  |         $user->apiTokens()->delete(); | ||||||
|  |         $user->socialAccounts()->delete(); | ||||||
|  |         $user->favourites()->delete(); | ||||||
|  |         $user->mfaValues()->delete(); | ||||||
|  |         $user->watches()->delete(); | ||||||
|  |  | ||||||
|  |         $tables = ['email_confirmations', 'user_invites', 'views']; | ||||||
|  |         foreach ($tables as $table) { | ||||||
|  |             DB::table($table)->where('user_id', '=', $user->id)->delete(); | ||||||
|  |         } | ||||||
|  |     } | ||||||
|  |     protected function nullifyUserNonDependantRelations(User $user): void | ||||||
|  |     { | ||||||
|  |         $toNullify = [ | ||||||
|  |             'activities' => ['user_id'], | ||||||
|  |             'attachments' => ['created_by', 'updated_by'], | ||||||
|  |             'comments' => ['created_by', 'updated_by'], | ||||||
|  |             'deletions' => ['deleted_by'], | ||||||
|  |             'entities' => ['created_by', 'updated_by'], | ||||||
|  |             'images' => ['created_by', 'updated_by'], | ||||||
|  |             'imports' => ['created_by'], | ||||||
|  |             'joint_permissions' => ['owner_id'], | ||||||
|  |             'page_revisions' => ['created_by'], | ||||||
|  |             'sessions' => ['user_id'], | ||||||
|  |         ]; | ||||||
|  |  | ||||||
|  |         foreach ($toNullify as $table => $columns) { | ||||||
|  |             foreach ($columns as $column) { | ||||||
|  |                 DB::table($table) | ||||||
|  |                     ->where($column, '=', $user->id) | ||||||
|  |                     ->update([$column => null]); | ||||||
|  |             } | ||||||
|  |         } | ||||||
|  |     } | ||||||
|  |  | ||||||
|     /** |     /** | ||||||
|      * @throws NotifyException |      * @throws NotifyException | ||||||
|      */ |      */ | ||||||
| @@ -206,11 +236,12 @@ class UserRepo | |||||||
|     /** |     /** | ||||||
|      * Migrate ownership of items in the system from one user to another. |      * Migrate ownership of items in the system from one user to another. | ||||||
|      */ |      */ | ||||||
|     protected function migrateOwnership(User $fromUser, User $toUser): void |     protected function migrateOwnership(User $fromUser, User|null $toUser): void | ||||||
|     { |     { | ||||||
|  |         $newOwnerValue = $toUser ? $toUser->id : null; | ||||||
|         DB::table('entities') |         DB::table('entities') | ||||||
|             ->where('owned_by', '=', $fromUser->id) |             ->where('owned_by', '=', $fromUser->id) | ||||||
|             ->update(['owned_by' => $toUser->id]); |             ->update(['owned_by' => $newOwnerValue]); | ||||||
|     } |     } | ||||||
|  |  | ||||||
|     /** |     /** | ||||||
| @@ -248,7 +279,7 @@ class UserRepo | |||||||
|      * |      * | ||||||
|      * @throws UserUpdateException |      * @throws UserUpdateException | ||||||
|      */ |      */ | ||||||
|     protected function setUserRoles(User $user, array $roles) |     protected function setUserRoles(User $user, array $roles): void | ||||||
|     { |     { | ||||||
|         $roles = array_filter(array_values($roles)); |         $roles = array_filter(array_values($roles)); | ||||||
|  |  | ||||||
| @@ -261,7 +292,7 @@ class UserRepo | |||||||
|  |  | ||||||
|     /** |     /** | ||||||
|      * Check if the given user is the last admin and their new roles no longer |      * Check if the given user is the last admin and their new roles no longer | ||||||
|      * contains the admin role. |      * contain the admin role. | ||||||
|      */ |      */ | ||||||
|     protected function demotingLastAdmin(User $user, array $newRoles): bool |     protected function demotingLastAdmin(User $user, array $newRoles): bool | ||||||
|     { |     { | ||||||
|   | |||||||
							
								
								
									
										28
									
								
								database/factories/Access/Mfa/MfaValueFactory.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										28
									
								
								database/factories/Access/Mfa/MfaValueFactory.php
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,28 @@ | |||||||
|  | <?php | ||||||
|  |  | ||||||
|  | namespace Database\Factories\Access\Mfa; | ||||||
|  |  | ||||||
|  | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\Factory; | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * @extends \Illuminate\Database\Eloquent\Factories\Factory<\BookStack\Access\Mfa\MfaValue> | ||||||
|  |  */ | ||||||
|  | class MfaValueFactory extends Factory | ||||||
|  | { | ||||||
|  |     protected $model = \BookStack\Access\Mfa\MfaValue::class; | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Define the model's default state. | ||||||
|  |      * | ||||||
|  |      * @return array<string, mixed> | ||||||
|  |      */ | ||||||
|  |     public function definition(): array | ||||||
|  |     { | ||||||
|  |         return [ | ||||||
|  |             'user_id' => User::factory(), | ||||||
|  |             'method' => 'totp', | ||||||
|  |             'value' => '123456', | ||||||
|  |         ]; | ||||||
|  |     } | ||||||
|  | } | ||||||
							
								
								
									
										29
									
								
								database/factories/Access/SocialAccountFactory.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										29
									
								
								database/factories/Access/SocialAccountFactory.php
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,29 @@ | |||||||
|  | <?php | ||||||
|  |  | ||||||
|  | namespace Database\Factories\Access; | ||||||
|  |  | ||||||
|  | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\Factory; | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * @extends \Illuminate\Database\Eloquent\Factories\Factory<\BookStack\Access\SocialAccount> | ||||||
|  |  */ | ||||||
|  | class SocialAccountFactory extends Factory | ||||||
|  | { | ||||||
|  |     protected $model = \BookStack\Access\SocialAccount::class; | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Define the model's default state. | ||||||
|  |      * | ||||||
|  |      * @return array<string, mixed> | ||||||
|  |      */ | ||||||
|  |     public function definition(): array | ||||||
|  |     { | ||||||
|  |         return [ | ||||||
|  |             'user_id' => User::factory(), | ||||||
|  |             'driver' => 'github', | ||||||
|  |             'driver_id' => '123456', | ||||||
|  |             'avatar' => '', | ||||||
|  |         ]; | ||||||
|  |     } | ||||||
|  | } | ||||||
							
								
								
									
										34
									
								
								database/factories/Activity/Models/ActivityFactory.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										34
									
								
								database/factories/Activity/Models/ActivityFactory.php
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,34 @@ | |||||||
|  | <?php | ||||||
|  |  | ||||||
|  | namespace Database\Factories\Activity\Models; | ||||||
|  |  | ||||||
|  | use BookStack\Activity\ActivityType; | ||||||
|  | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\Factory; | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * @extends \Illuminate\Database\Eloquent\Factories\Factory<\BookStack\Activity\Models\Activity> | ||||||
|  |  */ | ||||||
|  | class ActivityFactory extends Factory | ||||||
|  | { | ||||||
|  |     protected $model = \BookStack\Activity\Models\Activity::class; | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Define the model's default state. | ||||||
|  |      * | ||||||
|  |      * @return array<string, mixed> | ||||||
|  |      */ | ||||||
|  |     public function definition(): array | ||||||
|  |     { | ||||||
|  |         $activities = ActivityType::all(); | ||||||
|  |         $activity = $activities[array_rand($activities)]; | ||||||
|  |         return [ | ||||||
|  |             'type' => $activity, | ||||||
|  |             'detail' => 'Activity detail for ' . $activity, | ||||||
|  |             'user_id' => User::factory(), | ||||||
|  |             'ip' => $this->faker->ipv4(), | ||||||
|  |             'loggable_id' => null, | ||||||
|  |             'loggable_type' => null, | ||||||
|  |         ]; | ||||||
|  |     } | ||||||
|  | } | ||||||
							
								
								
									
										31
									
								
								database/factories/Activity/Models/FavouriteFactory.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										31
									
								
								database/factories/Activity/Models/FavouriteFactory.php
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,31 @@ | |||||||
|  | <?php | ||||||
|  |  | ||||||
|  | namespace Database\Factories\Activity\Models; | ||||||
|  |  | ||||||
|  | use BookStack\Entities\Models\Book; | ||||||
|  | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\Factory; | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * @extends \Illuminate\Database\Eloquent\Factories\Factory<\BookStack\Activity\Models\Favourite> | ||||||
|  |  */ | ||||||
|  | class FavouriteFactory extends Factory | ||||||
|  | { | ||||||
|  |     protected $model = \BookStack\Activity\Models\Favourite::class; | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Define the model's default state. | ||||||
|  |      * | ||||||
|  |      * @return array<string, mixed> | ||||||
|  |      */ | ||||||
|  |     public function definition(): array | ||||||
|  |     { | ||||||
|  |         $book = Book::query()->first(); | ||||||
|  |  | ||||||
|  |         return [ | ||||||
|  |             'user_id' => User::factory(), | ||||||
|  |             'favouritable_id' => $book->id, | ||||||
|  |             'favouritable_type' => 'book', | ||||||
|  |         ]; | ||||||
|  |     } | ||||||
|  | } | ||||||
							
								
								
									
										33
									
								
								database/factories/Activity/Models/WatchFactory.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								database/factories/Activity/Models/WatchFactory.php
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,33 @@ | |||||||
|  | <?php | ||||||
|  |  | ||||||
|  | namespace Database\Factories\Activity\Models; | ||||||
|  |  | ||||||
|  | use BookStack\Activity\WatchLevels; | ||||||
|  | use BookStack\Entities\Models\Book; | ||||||
|  | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\Factory; | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * @extends \Illuminate\Database\Eloquent\Factories\Factory<\BookStack\Activity\Models\Watch> | ||||||
|  |  */ | ||||||
|  | class WatchFactory extends Factory | ||||||
|  | { | ||||||
|  |     protected $model = \BookStack\Activity\Models\Watch::class; | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Define the model's default state. | ||||||
|  |      * | ||||||
|  |      * @return array<string, mixed> | ||||||
|  |      */ | ||||||
|  |     public function definition(): array | ||||||
|  |     { | ||||||
|  |         $book = Book::factory()->create(); | ||||||
|  |  | ||||||
|  |         return [ | ||||||
|  |             'user_id' => User::factory(), | ||||||
|  |             'watchable_id' => $book->id, | ||||||
|  |             'watchable_type' => 'book', | ||||||
|  |             'level' => WatchLevels::NEW, | ||||||
|  |         ]; | ||||||
|  |     } | ||||||
|  | } | ||||||
							
								
								
									
										29
									
								
								database/factories/Entities/Models/DeletionFactory.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										29
									
								
								database/factories/Entities/Models/DeletionFactory.php
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,29 @@ | |||||||
|  | <?php | ||||||
|  |  | ||||||
|  | namespace Database\Factories\Entities\Models; | ||||||
|  |  | ||||||
|  | use BookStack\Entities\Models\Page; | ||||||
|  | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\Factory; | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * @extends \Illuminate\Database\Eloquent\Factories\Factory<\BookStack\Entities\Models\Deletion> | ||||||
|  |  */ | ||||||
|  | class DeletionFactory extends Factory | ||||||
|  | { | ||||||
|  |     protected $model = \BookStack\Entities\Models\Deletion::class; | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Define the model's default state. | ||||||
|  |      * | ||||||
|  |      * @return array<string, mixed> | ||||||
|  |      */ | ||||||
|  |     public function definition(): array | ||||||
|  |     { | ||||||
|  |         return [ | ||||||
|  |             'deleted_by' => User::factory(), | ||||||
|  |             'deletable_id' => Page::factory(), | ||||||
|  |             'deletable_type' => 'page', | ||||||
|  |         ]; | ||||||
|  |     } | ||||||
|  | } | ||||||
| @@ -17,10 +17,8 @@ class PageFactory extends Factory | |||||||
|  |  | ||||||
|     /** |     /** | ||||||
|      * Define the model's default state. |      * Define the model's default state. | ||||||
|      * |  | ||||||
|      * @return array |  | ||||||
|      */ |      */ | ||||||
|     public function definition() |     public function definition(): array | ||||||
|     { |     { | ||||||
|         $html = '<p>' . implode('</p>', $this->faker->paragraphs(5)) . '</p>'; |         $html = '<p>' . implode('</p>', $this->faker->paragraphs(5)) . '</p>'; | ||||||
|  |  | ||||||
|   | |||||||
							
								
								
									
										40
									
								
								database/factories/Entities/Models/PageRevisionFactory.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										40
									
								
								database/factories/Entities/Models/PageRevisionFactory.php
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,40 @@ | |||||||
|  | <?php | ||||||
|  |  | ||||||
|  | namespace Database\Factories\Entities\Models; | ||||||
|  |  | ||||||
|  | use BookStack\Entities\Models\Page; | ||||||
|  | use BookStack\Users\Models\User; | ||||||
|  | use Illuminate\Database\Eloquent\Factories\Factory; | ||||||
|  |  | ||||||
|  | class PageRevisionFactory extends Factory | ||||||
|  | { | ||||||
|  |     /** | ||||||
|  |      * The name of the factory's corresponding model. | ||||||
|  |      * | ||||||
|  |      * @var string | ||||||
|  |      */ | ||||||
|  |     protected $model = \BookStack\Entities\Models\PageRevision::class; | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Define the model's default state. | ||||||
|  |      */ | ||||||
|  |     public function definition(): array | ||||||
|  |     { | ||||||
|  |         $html = '<p>' . implode('</p>', $this->faker->paragraphs(5)) . '</p>'; | ||||||
|  |         $page = Page::query()->first(); | ||||||
|  |  | ||||||
|  |         return [ | ||||||
|  |             'page_id'        => $page->id, | ||||||
|  |             'name'           => $this->faker->sentence(), | ||||||
|  |             'html'           => $html, | ||||||
|  |             'text'           => strip_tags($html), | ||||||
|  |             'created_by'     => User::factory(), | ||||||
|  |             'slug'           => $page->slug, | ||||||
|  |             'book_slug'      => $page->book->slug, | ||||||
|  |             'type'           => 'version', | ||||||
|  |             'markdown'       => strip_tags($html), | ||||||
|  |             'summary'        => $this->faker->sentence(), | ||||||
|  |             'revision_number' => rand(1, 4000), | ||||||
|  |         ]; | ||||||
|  |     } | ||||||
|  | } | ||||||
| @@ -62,8 +62,9 @@ return new class extends Migration | |||||||
|             }); |             }); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|         // Convert image zero values to null |         // Convert image and activity zero values to null | ||||||
|         DB::table('images')->where('uploaded_to', '=', 0)->update(['uploaded_to' => null]); |         DB::table('images')->where('uploaded_to', '=', 0)->update(['uploaded_to' => null]); | ||||||
|  |         DB::table('activities')->where('loggable_id', '=', 0)->update(['loggable_id' => null]); | ||||||
|  |  | ||||||
|         // Rebuild joint permissions if needed |         // Rebuild joint permissions if needed | ||||||
|         // This was moved here from 2023_01_24_104625_refactor_joint_permissions_storage since the changes |         // This was moved here from 2023_01_24_104625_refactor_joint_permissions_storage since the changes | ||||||
|   | |||||||
| @@ -0,0 +1,80 @@ | |||||||
|  | <?php | ||||||
|  |  | ||||||
|  | use Illuminate\Database\Migrations\Migration; | ||||||
|  | use Illuminate\Database\Schema\Blueprint; | ||||||
|  | use Illuminate\Support\Facades\Schema; | ||||||
|  |  | ||||||
|  | return new class extends Migration { | ||||||
|  |     protected static array $toNullify = [ | ||||||
|  |         'activities' => ['user_id'], | ||||||
|  |         'attachments' => ['created_by', 'updated_by'], | ||||||
|  |         'comments' => ['created_by', 'updated_by'], | ||||||
|  |         'deletions' => ['deleted_by'], | ||||||
|  |         'entities' => ['created_by', 'updated_by', 'owned_by'], | ||||||
|  |         'images' => ['created_by', 'updated_by'], | ||||||
|  |         'imports' => ['created_by'], | ||||||
|  |         'joint_permissions' => ['owner_id'], | ||||||
|  |         'page_revisions' => ['created_by'], | ||||||
|  |     ]; | ||||||
|  |  | ||||||
|  |     protected static array $toClean = [ | ||||||
|  |         'api_tokens' => ['user_id'], | ||||||
|  |         'email_confirmations' => ['user_id'], | ||||||
|  |         'favourites' => ['user_id'], | ||||||
|  |         'mfa_values' => ['user_id'], | ||||||
|  |         'role_user' => ['user_id'], | ||||||
|  |         'sessions' => ['user_id'], | ||||||
|  |         'social_accounts' => ['user_id'], | ||||||
|  |         'user_invites' => ['user_id'], | ||||||
|  |         'views' => ['user_id'], | ||||||
|  |         'watches' => ['user_id'], | ||||||
|  |     ]; | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Run the migrations. | ||||||
|  |      */ | ||||||
|  |     public function up(): void | ||||||
|  |     { | ||||||
|  |         $idSelectQuery = DB::table('users')->select('id'); | ||||||
|  |  | ||||||
|  |         foreach (self::$toNullify as $tableName => $columns) { | ||||||
|  |             Schema::table($tableName, function (Blueprint $table) use ($columns) { | ||||||
|  |                 foreach ($columns as $columnName) { | ||||||
|  |                     $table->unsignedInteger($columnName)->nullable()->change(); | ||||||
|  |                 } | ||||||
|  |             }); | ||||||
|  |  | ||||||
|  |             foreach ($columns as $columnName) { | ||||||
|  |                 DB::table($tableName)->where($columnName, '=', 0)->update([$columnName => null]); | ||||||
|  |                 DB::table($tableName)->whereNotIn($columnName, $idSelectQuery)->update([$columnName => null]); | ||||||
|  |             } | ||||||
|  |         } | ||||||
|  |  | ||||||
|  |         foreach (self::$toClean as $tableName => $columns) { | ||||||
|  |             foreach ($columns as $columnName) { | ||||||
|  |                 DB::table($tableName)->whereNotIn($columnName, $idSelectQuery)->delete(); | ||||||
|  |             } | ||||||
|  |         } | ||||||
|  |  | ||||||
|  |         // TODO - Ensure each is fully handled in user delete | ||||||
|  |         //    Start by writing tests for each of these columns | ||||||
|  |     } | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Reverse the migrations. | ||||||
|  |      */ | ||||||
|  |     public function down(): void | ||||||
|  |     { | ||||||
|  |         foreach (self::$toNullify as $tableName => $columns) { | ||||||
|  |             foreach ($columns as $columnName) { | ||||||
|  |                 DB::table($tableName)->whereNull($columnName)->update([$columnName => 0]); | ||||||
|  |             } | ||||||
|  |  | ||||||
|  |             Schema::table($tableName, function (Blueprint $table) use ($columns) { | ||||||
|  |                 foreach ($columns as $columnName) { | ||||||
|  |                     $table->unsignedInteger($columnName)->nullable(false)->change(); | ||||||
|  |                 } | ||||||
|  |             }); | ||||||
|  |         } | ||||||
|  |     } | ||||||
|  | }; | ||||||
| @@ -2,9 +2,21 @@ | |||||||
|  |  | ||||||
| namespace Tests\User; | namespace Tests\User; | ||||||
|  |  | ||||||
|  | use BookStack\Access\Mfa\MfaValue; | ||||||
|  | use BookStack\Access\SocialAccount; | ||||||
| use BookStack\Access\UserInviteException; | use BookStack\Access\UserInviteException; | ||||||
| use BookStack\Access\UserInviteService; | use BookStack\Access\UserInviteService; | ||||||
| use BookStack\Activity\ActivityType; | use BookStack\Activity\ActivityType; | ||||||
|  | use BookStack\Activity\Models\Activity; | ||||||
|  | use BookStack\Activity\Models\Comment; | ||||||
|  | use BookStack\Activity\Models\Favourite; | ||||||
|  | use BookStack\Activity\Models\View; | ||||||
|  | use BookStack\Activity\Models\Watch; | ||||||
|  | use BookStack\Api\ApiToken; | ||||||
|  | use BookStack\Entities\Models\Deletion; | ||||||
|  | use BookStack\Entities\Models\PageRevision; | ||||||
|  | use BookStack\Exports\Import; | ||||||
|  | use BookStack\Uploads\Attachment; | ||||||
| use BookStack\Uploads\Image; | use BookStack\Uploads\Image; | ||||||
| use BookStack\Users\Models\Role; | use BookStack\Users\Models\Role; | ||||||
| use BookStack\Users\Models\User; | use BookStack\Users\Models\User; | ||||||
| @@ -182,6 +194,90 @@ class UserManagementTest extends TestCase | |||||||
|         $this->assertSessionHas('success'); |         $this->assertSessionHas('success'); | ||||||
|     } |     } | ||||||
|  |  | ||||||
|  |     public function test_delete_with_empty_owner_migration_id_clears_relevant_id_uses() | ||||||
|  |     { | ||||||
|  |         $user = $this->users->editor(); | ||||||
|  |         $page = $this->entities->page(); | ||||||
|  |         $this->actingAs($user); | ||||||
|  |  | ||||||
|  |         // Create relations | ||||||
|  |         $activity = Activity::factory()->create(['user_id' => $user->id]); | ||||||
|  |         $attachment = Attachment::factory()->create(['created_by' => $user->id, 'updated_by' => $user->id]); | ||||||
|  |         $comment = Comment::factory()->create(['created_by' => $user->id, 'updated_by' => $user->id]); | ||||||
|  |         $deletion = Deletion::factory()->create(['deleted_by' => $user->id]); | ||||||
|  |         $page->forceFill(['owned_by' => $user->id, 'created_by' => $user->id, 'updated_by' => $user->id])->save(); | ||||||
|  |         $page->rebuildPermissions(); | ||||||
|  |         $image = Image::factory()->create(['created_by' => $user->id, 'updated_by' => $user->id]); | ||||||
|  |         $import = Import::factory()->create(['created_by' => $user->id]); | ||||||
|  |         $revision = PageRevision::factory()->create(['created_by' => $user->id]); | ||||||
|  |  | ||||||
|  |         $apiToken = ApiToken::factory()->create(['user_id' => $user->id]); | ||||||
|  |         \DB::table('email_confirmations')->insert(['user_id' => $user->id, 'token' => 'abc123']); | ||||||
|  |         $favourite = Favourite::factory()->create(['user_id' => $user->id]); | ||||||
|  |         $mfaValue = MfaValue::factory()->create(['user_id' => $user->id]); | ||||||
|  |         $socialAccount = SocialAccount::factory()->create(['user_id' => $user->id]); | ||||||
|  |         \DB::table('user_invites')->insert(['user_id' => $user->id, 'token' => 'abc123']); | ||||||
|  |         View::incrementFor($page); | ||||||
|  |         $watch = Watch::factory()->create(['user_id' => $user->id]); | ||||||
|  |  | ||||||
|  |         $userColumnsByTable = [ | ||||||
|  |             'activities' => ['user_id'], | ||||||
|  |             'api_tokens' => ['user_id'], | ||||||
|  |             'attachments' => ['created_by', 'updated_by'], | ||||||
|  |             'comments' => ['created_by', 'updated_by'], | ||||||
|  |             'deletions' => ['deleted_by'], | ||||||
|  |             'email_confirmations' => ['user_id'], | ||||||
|  |             'entities' => ['created_by', 'updated_by', 'owned_by'], | ||||||
|  |             'favourites' => ['user_id'], | ||||||
|  |             'images' => ['created_by', 'updated_by'], | ||||||
|  |             'imports' => ['created_by'], | ||||||
|  |             'joint_permissions' => ['owner_id'], | ||||||
|  |             'mfa_values' => ['user_id'], | ||||||
|  |             'page_revisions' => ['created_by'], | ||||||
|  |             'role_user' => ['user_id'], | ||||||
|  |             'social_accounts' => ['user_id'], | ||||||
|  |             'user_invites' => ['user_id'], | ||||||
|  |             'views' => ['user_id'], | ||||||
|  |             'watches' => ['user_id'], | ||||||
|  |         ]; | ||||||
|  |  | ||||||
|  |         // Ensure columns have user id before deletion | ||||||
|  |         foreach ($userColumnsByTable as $table => $columns) { | ||||||
|  |             foreach ($columns as $column) { | ||||||
|  |                 $this->assertDatabaseHas($table, [$column => $user->id]); | ||||||
|  |             } | ||||||
|  |         } | ||||||
|  |  | ||||||
|  |         $resp = $this->asAdmin()->delete("settings/users/{$user->id}", ['new_owner_id' => '']); | ||||||
|  |         $resp->assertRedirect('/settings/users'); | ||||||
|  |  | ||||||
|  |         // Ensure columns missing user id after deletion | ||||||
|  |         foreach ($userColumnsByTable as $table => $columns) { | ||||||
|  |             foreach ($columns as $column) { | ||||||
|  |                 $this->assertDatabaseMissing($table, [$column => $user->id]); | ||||||
|  |             } | ||||||
|  |         } | ||||||
|  |  | ||||||
|  |         // Check models exist where should be retained | ||||||
|  |         $this->assertDatabaseHas('activities', ['id' => $activity->id, 'user_id' => null]); | ||||||
|  |         $this->assertDatabaseHas('attachments', ['id' => $attachment->id, 'created_by' => null, 'updated_by' => null]); | ||||||
|  |         $this->assertDatabaseHas('comments', ['id' => $comment->id, 'created_by' => null, 'updated_by' => null]); | ||||||
|  |         $this->assertDatabaseHas('deletions', ['id' => $deletion->id, 'deleted_by' => null]); | ||||||
|  |         $this->assertDatabaseHas('entities', ['id' => $page->id, 'created_by' => null, 'updated_by' => null, 'owned_by' => null]); | ||||||
|  |         $this->assertDatabaseHas('images', ['id' => $image->id, 'created_by' => null, 'updated_by' => null]); | ||||||
|  |         $this->assertDatabaseHas('imports', ['id' => $import->id, 'created_by' => null]); | ||||||
|  |         $this->assertDatabaseHas('page_revisions', ['id' => $revision->id, 'created_by' => null]); | ||||||
|  |  | ||||||
|  |         // Check models no longer exist where should have been deleted with the user | ||||||
|  |         $this->assertDatabaseMissing('api_tokens', ['id' => $apiToken->id]); | ||||||
|  |         $this->assertDatabaseMissing('email_confirmations', ['token' => 'abc123']); | ||||||
|  |         $this->assertDatabaseMissing('favourites', ['id' => $favourite->id]); | ||||||
|  |         $this->assertDatabaseMissing('mfa_values', ['id' => $mfaValue->id]); | ||||||
|  |         $this->assertDatabaseMissing('social_accounts', ['id' => $socialAccount->id]); | ||||||
|  |         $this->assertDatabaseMissing('user_invites', ['token' => 'abc123']); | ||||||
|  |         $this->assertDatabaseMissing('watches', ['id' => $watch->id]); | ||||||
|  |     } | ||||||
|  |  | ||||||
|     public function test_delete_removes_user_preferences() |     public function test_delete_removes_user_preferences() | ||||||
|     { |     { | ||||||
|         $editor = $this->users->editor(); |         $editor = $this->users->editor(); | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user