webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-08-06 12:02:45 +03:00
Code Activity

Added role permissions for exporting content

Browse Source
This commit is contained in:
Dan Brown
2021-08-28 21:48:17 +01:00
parent 82c6597a60
commit eda9e89c55
20 changed files with 196 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
tests/SharedTestHelpers.php
View File

@@ -4,6 +4,7 @@ namespace Tests;
use BookStack\Auth\Permissions\PermissionService;
use BookStack\Auth\Permissions\PermissionsRepo;
use BookStack\Auth\Permissions\RolePermission;
use BookStack\Auth\Role;
use BookStack\Auth\User;
use BookStack\Entities\Models\Book;
@@ -18,6 +19,7 @@ use BookStack\Entities\Repos\PageRepo;
use BookStack\Settings\SettingService;
use BookStack\Uploads\HttpFetcher;
use Illuminate\Foundation\Testing\Assert as PHPUnit;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Env;
use Illuminate\Support\Facades\Log;
use Mockery;
@@ -184,6 +186,19 @@ trait SharedTestHelpers
$user->clearPermissionCache();
}
/**
* Completely remove the given permission name from the given user.
*/
protected function removePermissionFromUser(User $user, string $permission)
{
$permission = RolePermission::query()->where('name', '=', $permission)->first();
/** @var Role $role */
foreach ($user->roles as $role) {
$role->detachPermission($permission);
}
$user->clearPermissionCache();
}
/**
* Create a new basic role for testing purposes.
*/
@@ -274,8 +289,17 @@ trait SharedTestHelpers
private function isPermissionError($response): bool
{
return $response->status() === 302
&& $response->headers->get('Location') === url('/')
&& strpos(session()->pull('error', ''), 'You do not have permission to access') === 0;
&& (
(
$response->headers->get('Location') === url('/')
&& strpos(session()->pull('error', ''), 'You do not have permission to access') === 0
)
||
(
$response instanceof JsonResponse &&
$response->json(['error' => 'You do not have permission to perform the requested action.'])
)
);
}
/**