webapp/bookstack
webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-06-05 17:16:52 +03:00
Code

Shelf permissions: Removed unused 'create' permission from view

Browse Source 
Was causing confusion.
Added test to cover.
Also added migration to remove existing create entries to pre-emptively
avoid issues in future if 'create' is used again.
This commit is contained in:
Dan Brown 2023-06-25 23:22:49 +01:00
parent c74a2608c4
commit 847a57a49a
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
database/migrations/2023_06_25_181952_remove_bookshelf_create_entity_permissions.php Normal file
View File

@ -0,0 +1,29 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Support\Facades\DB;
return new class extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
DB::table('entity_permissions')
->where('entity_type', '=', 'bookshelf')
->update(['create' => 0]);
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
// No structural changes to make, and we cannot know the permissions to re-assign.
}
};

2
resources/views/form/entity-permissions-row.blade.php
View File

@ -44,7 +44,7 @@ $inheriting - Boolean if the current row should be marked as inheriting default
'disabled' => $inheriting 'disabled' => $inheriting
]) ])
</div> </div>
@if($entityType !== 'page') @if($entityType !== 'page' && $entityType !== 'bookshelf')
<div class="px-l"> <div class="px-l">
@include('form.custom-checkbox', [ @include('form.custom-checkbox', [
'name' => 'permissions[' . $role->id . '][create]', 'name' => 'permissions[' . $role->id . '][create]',

9
tests/Permissions/EntityPermissionsTest.php
View File

@ -413,6 +413,15 @@ class EntityPermissionsTest extends TestCase
$this->entityRestrictionFormTest(Page::class, 'Page Permissions', 'delete', '2'); $this->entityRestrictionFormTest(Page::class, 'Page Permissions', 'delete', '2');
} }
public function test_shelf_create_permission_not_visible()
{
$shelf = $this->entities->shelf();
$resp = $this->asAdmin()->get($shelf->getUrl('/permissions'));
$html = $this->withHtml($resp);
$html->assertElementNotExists('input[name$="[create]"]');
}
public function test_restricted_pages_not_visible_in_book_navigation_on_pages() public function test_restricted_pages_not_visible_in_book_navigation_on_pages()
{ {
$chapter = $this->entities->chapter(); $chapter = $this->entities->chapter();