]> BookStack Code Mirror - bookstack/blob - tests/PublicActionTest.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Applied StyleCI changes
[bookstack] / tests / PublicActionTest.php
1 <?php
2
3 namespace Tests;
4
5 use BookStack\Auth\Permissions\JointPermissionBuilder;
6 use BookStack\Auth\Permissions\RolePermission;
7 use BookStack\Auth\Role;
8 use BookStack\Auth\User;
9 use BookStack\Entities\Models\Book;
10 use BookStack\Entities\Models\Chapter;
11 use BookStack\Entities\Models\Page;
12 use Illuminate\Support\Facades\Auth;
13 use Illuminate\Support\Facades\View;
14
15 class PublicActionTest extends TestCase
16 {
17     public function test_app_not_public()
18     {
19         $this->setSettings(['app-public' => 'false']);
20         $book = Book::query()->first();
21         $this->get('/books')->assertRedirect('/login');
22         $this->get($book->getUrl())->assertRedirect('/login');
23
24         $page = Page::query()->first();
25         $this->get($page->getUrl())->assertRedirect('/login');
26     }
27
28     public function test_login_link_visible()
29     {
30         $this->setSettings(['app-public' => 'true']);
31         $this->get('/')->assertElementExists('a[href="' . url('/login') . '"]');
32     }
33
34     public function test_register_link_visible_when_enabled()
35     {
36         $this->setSettings(['app-public' => 'true']);
37         $home = $this->get('/');
38         $home->assertSee(url('/login'));
39         $home->assertDontSee(url('/register'));
40
41         $this->setSettings(['app-public' => 'true', 'registration-enabled' => 'true']);
42         $home = $this->get('/');
43         $home->assertSee(url('/login'));
44         $home->assertSee(url('/register'));
45     }
46
47     public function test_books_viewable()
48     {
49         $this->setSettings(['app-public' => 'true']);
50         $books = Book::query()->orderBy('name', 'asc')->take(10)->get();
51         $bookToVisit = $books[1];
52
53         // Check books index page is showing
54         $resp = $this->get('/books');
55         $resp->assertStatus(200);
56         $resp->assertSee($books[0]->name);
57
58         // Check individual book page is showing and it's child contents are visible.
59         $resp = $this->get($bookToVisit->getUrl());
60         $resp->assertSee($bookToVisit->name);
61         $resp->assertSee($bookToVisit->chapters()->first()->name);
62     }
63
64     public function test_chapters_viewable()
65     {
66         $this->setSettings(['app-public' => 'true']);
67         /** @var Chapter $chapterToVisit */
68         $chapterToVisit = Chapter::query()->first();
69         $pageToVisit = $chapterToVisit->pages()->first();
70
71         // Check chapters index page is showing
72         $resp = $this->get($chapterToVisit->getUrl());
73         $resp->assertStatus(200);
74         $resp->assertSee($chapterToVisit->name);
75         // Check individual chapter page is showing and it's child contents are visible.
76         $resp->assertSee($pageToVisit->name);
77         $resp = $this->get($pageToVisit->getUrl());
78         $resp->assertStatus(200);
79         $resp->assertSee($chapterToVisit->book->name);
80         $resp->assertSee($chapterToVisit->name);
81     }
82
83     public function test_public_page_creation()
84     {
85         $this->setSettings(['app-public' => 'true']);
86         $publicRole = Role::getSystemRole('public');
87         // Grant all permissions to public
88         $publicRole->permissions()->detach();
89         foreach (RolePermission::all() as $perm) {
90             $publicRole->attachPermission($perm);
91         }
92         $this->app->make(JointPermissionBuilder::class)->rebuildForRole($publicRole);
93         user()->clearPermissionCache();
94
95         /** @var Chapter $chapter */
96         $chapter = Chapter::query()->first();
97         $resp = $this->get($chapter->getUrl());
98         $resp->assertSee('New Page');
99         $resp->assertElementExists('a[href="' . $chapter->getUrl('/create-page') . '"]');
100
101         $resp = $this->get($chapter->getUrl('/create-page'));
102         $resp->assertSee('Continue');
103         $resp->assertSee('Page Name');
104         $resp->assertElementExists('form[action="' . $chapter->getUrl('/create-guest-page') . '"]');
105
106         $resp = $this->post($chapter->getUrl('/create-guest-page'), ['name' => 'My guest page']);
107         $resp->assertRedirect($chapter->book->getUrl('/page/my-guest-page/edit'));
108
109         $user = User::getDefault();
110         $this->assertDatabaseHas('pages', [
111             'name'       => 'My guest page',
112             'chapter_id' => $chapter->id,
113             'created_by' => $user->id,
114             'updated_by' => $user->id,
115         ]);
116     }
117
118     public function test_content_not_listed_on_404_for_public_users()
119     {
120         $page = Page::query()->first();
121         $page->fill(['name' => 'my testing random unique page name'])->save();
122         $this->asAdmin()->get($page->getUrl()); // Fake visit to show on recents
123         $resp = $this->get('/cats/dogs/hippos');
124         $resp->assertStatus(404);
125         $resp->assertSee($page->name);
126         View::share('pageTitle', '');
127
128         Auth::logout();
129         $resp = $this->get('/cats/dogs/hippos');
130         $resp->assertStatus(404);
131         $resp->assertDontSee($page->name);
132     }
133
134     public function test_robots_effected_by_public_status()
135     {
136         $this->get('/robots.txt')->assertSee("User-agent: *\nDisallow: /");
137
138         $this->setSettings(['app-public' => 'true']);
139
140         $resp = $this->get('/robots.txt');
141         $resp->assertSee("User-agent: *\nDisallow:");
142         $resp->assertDontSee('Disallow: /');
143     }
144
145     public function test_robots_effected_by_setting()
146     {
147         $this->get('/robots.txt')->assertSee("User-agent: *\nDisallow: /");
148
149         config()->set('app.allow_robots', true);
150
151         $resp = $this->get('/robots.txt');
152         $resp->assertSee("User-agent: *\nDisallow:");
153         $resp->assertDontSee('Disallow: /');
154
155         // Check config overrides app-public setting
156         config()->set('app.allow_robots', false);
157         $this->setSettings(['app-public' => 'true']);
158         $this->get('/robots.txt')->assertSee("User-agent: *\nDisallow: /");
159     }
160
161     public function test_public_view_then_login_redirects_to_previous_content()
162     {
163         $this->setSettings(['app-public' => 'true']);
164         /** @var Book $book */
165         $book = Book::query()->first();
166         $resp = $this->get($book->getUrl());
167         $resp->assertSee($book->name);
168
169         $this->get('/login');
170         $resp = $this->post('/login', ['email' => 'admin@admin.com', 'password' => 'password']);
171         $resp->assertRedirect($book->getUrl());
172     }
173
174     public function test_access_hidden_content_then_login_redirects_to_intended_content()
175     {
176         $this->setSettings(['app-public' => 'true']);
177         /** @var Book $book */
178         $book = Book::query()->first();
179         $this->setEntityRestrictions($book);
180
181         $resp = $this->get($book->getUrl());
182         $resp->assertSee('Book not found');
183
184         $this->get('/login');
185         $resp = $this->post('/login', ['email' => 'admin@admin.com', 'password' => 'password']);
186         $resp->assertRedirect($book->getUrl());
187         $this->followRedirects($resp)->assertSee($book->name);
188     }
189 }
The core source code for the BookStack project.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.