{
protected ImageRepo $imageRepo;
+ protected array $settingCategories = ['features', 'customization', 'registration'];
+
public function __construct(ImageRepo $imageRepo)
{
$this->imageRepo = $imageRepo;
*/
public function index(string $category)
{
+ $this->ensureCategoryExists($category);
$this->checkPermission('settings-manage');
$this->setPageTitle(trans('settings.settings'));
*/
public function update(Request $request, string $category)
{
+ $this->ensureCategoryExists($category);
$this->preventAccessInDemoMode();
$this->checkPermission('settings-manage');
$this->validate($request, [
return redirect("/settings/${category}");
}
+
+ protected function ensureCategoryExists(string $category): void
+ {
+ if (!in_array($category, $this->settingCategories)) {
+ abort(404);
+ }
+ }
}
$resp->assertElementExists("form[action$=\"/settings/{$category}\"]");
}
}
+
+ public function test_not_found_setting_category_throws_404()
+ {
+ $resp = $this->asAdmin()->get('/settings/biscuits');
+
+ $resp->assertStatus(404);
+ $resp->assertSee('Page Not Found');
+ }
}
\ No newline at end of file
projects / bookstack / commitdiff