]> BookStack Code Mirror - bookstack/blob - tests/Entity/CommentTest.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
fix image delete confirm text
[bookstack] / tests / Entity / CommentTest.php
1 <?php namespace Tests\Entity;
2
3 use BookStack\Entities\Models\Page;
4 use BookStack\Actions\Comment;
5 use Tests\TestCase;
6
7 class CommentTest extends TestCase
8 {
9
10     public function test_add_comment()
11     {
12         $this->asAdmin();
13         $page = Page::first();
14
15         $comment = factory(Comment::class)->make(['parent_id' => 2]);
16         $resp = $this->postJson("/comment/$page->id", $comment->getAttributes());
17
18         $resp->assertStatus(200);
19         $resp->assertSee($comment->text);
20
21         $pageResp = $this->get($page->getUrl());
22         $pageResp->assertSee($comment->text);
23
24         $this->assertDatabaseHas('comments', [
25             'local_id' => 1,
26             'entity_id' => $page->id,
27             'entity_type' => Page::newModelInstance()->getMorphClass(),
28             'text' => $comment->text,
29             'parent_id' => 2
30         ]);
31     }
32
33     public function test_comment_edit()
34     {
35         $this->asAdmin();
36         $page = Page::first();
37
38         $comment = factory(Comment::class)->make();
39         $this->postJson("/comment/$page->id", $comment->getAttributes());
40
41         $comment = $page->comments()->first();
42         $newText = 'updated text content';
43         $resp = $this->putJson("/comment/$comment->id", [
44             'text' => $newText,
45         ]);
46
47         $resp->assertStatus(200);
48         $resp->assertSee($newText);
49         $resp->assertDontSee($comment->text);
50
51         $this->assertDatabaseHas('comments', [
52             'text' => $newText,
53             'entity_id' => $page->id
54         ]);
55     }
56
57     public function test_comment_delete()
58     {
59         $this->asAdmin();
60         $page = Page::first();
61
62         $comment = factory(Comment::class)->make();
63         $this->postJson("/comment/$page->id", $comment->getAttributes());
64
65         $comment = $page->comments()->first();
66
67         $resp = $this->delete("/comment/$comment->id");
68         $resp->assertStatus(200);
69
70         $this->assertDatabaseMissing('comments', [
71             'id' => $comment->id
72         ]);
73     }
74
75     public function test_comments_converts_markdown_input_to_html()
76     {
77         $page = Page::first();
78         $this->asAdmin()->postJson("/comment/$page->id", [
79             'text' => '# My Title',
80         ]);
81
82         $this->assertDatabaseHas('comments', [
83             'entity_id' => $page->id,
84             'entity_type' => $page->getMorphClass(),
85             'text' => '# My Title',
86             'html' => "<h1>My Title</h1>\n",
87         ]);
88
89         $pageView = $this->get($page->getUrl());
90         $pageView->assertSee('<h1>My Title</h1>');
91     }
92
93     public function test_html_cannot_be_injected_via_comment_content()
94     {
95         $this->asAdmin();
96         $page = Page::first();
97
98         $script = '<script>const a = "script";</script>\n\n# sometextinthecomment';
99         $this->postJson("/comment/$page->id", [
100             'text' => $script,
101         ]);
102
103         $pageView = $this->get($page->getUrl());
104         $pageView->assertDontSee($script);
105         $pageView->assertSee('sometextinthecomment');
106
107         $comment = $page->comments()->first();
108         $this->putJson("/comment/$comment->id", [
109             'text' => $script . 'updated',
110         ]);
111
112         $pageView = $this->get($page->getUrl());
113         $pageView->assertDontSee($script);
114         $pageView->assertSee('sometextinthecommentupdated');
115     }
116 }
The core source code for the BookStack project.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.