mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-12-03 14:23:42 +08:00
137 lines
4.2 KiB
PHP
137 lines
4.2 KiB
PHP
<?php
|
|
|
|
namespace Tests\Api;
|
|
|
|
use BookStack\Entities\Models\Book;
|
|
use BookStack\Entities\Models\Chapter;
|
|
use BookStack\Entities\Models\Deletion;
|
|
use BookStack\Entities\Models\Page;
|
|
use Carbon\Carbon;
|
|
use Illuminate\Support\Collection;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Tests\TestCase;
|
|
|
|
class RecycleBinApiTest extends TestCase
|
|
{
|
|
use TestsApi;
|
|
|
|
protected string $baseEndpoint = '/api/recycle_bin';
|
|
|
|
protected array $endpointMap = [
|
|
['get', '/api/recycle_bin'],
|
|
['put', '/api/recycle_bin/1'],
|
|
['delete', '/api/recycle_bin/1'],
|
|
];
|
|
|
|
public function test_settings_manage_permission_needed_for_all_endpoints()
|
|
{
|
|
$editor = $this->getEditor();
|
|
$this->giveUserPermissions($editor, ['settings-manage']);
|
|
$this->actingAs($editor);
|
|
|
|
foreach ($this->endpointMap as [$method, $uri]) {
|
|
$resp = $this->json($method, $uri);
|
|
$resp->assertStatus(403);
|
|
$resp->assertJson($this->permissionErrorResponse());
|
|
}
|
|
}
|
|
|
|
public function test_restrictions_manage_all_permission_neeed_for_all_endpoints()
|
|
{
|
|
$editor = $this->getEditor();
|
|
$this->giveUserPermissions($editor, ['restrictions-manage-all']);
|
|
$this->actingAs($editor);
|
|
|
|
foreach ($this->endpointMap as [$method, $uri]) {
|
|
$resp = $this->json($method, $uri);
|
|
$resp->assertStatus(403);
|
|
$resp->assertJson($this->permissionErrorResponse());
|
|
}
|
|
}
|
|
|
|
public function test_index_endpoint_returns_expected_page()
|
|
{
|
|
$this->actingAsAuthorizedUser();
|
|
|
|
$page = Page::query()->first();
|
|
$book = Book::query()->whereHas('pages')->whereHas('chapters')->withCount(['pages', 'chapters'])->first();
|
|
$editor = $this->getEditor();
|
|
$this->actingAs($editor)->delete($page->getUrl());
|
|
$this->actingAs($editor)->delete($book->getUrl());
|
|
|
|
$deletions = Deletion::query()->orderBy('id')->get();
|
|
|
|
$resp = $this->getJson($this->baseEndpoint);
|
|
|
|
$expectedData = $deletions
|
|
->zip([$page, $book])
|
|
->map(function (Collection $data) use ($editor) {
|
|
return [
|
|
'id' => $data[0]->id,
|
|
'deleted_by' => $editor->getKey(),
|
|
'created_at' => $data[0]->created_at->toJson(),
|
|
'updated_at' => $data[0]->updated_at->toJson(),
|
|
'deletable_type' => $data[1]->getMorphClass(),
|
|
'deletable_id' => $data[1]->getKey()
|
|
];
|
|
});
|
|
|
|
$resp->assertJson([
|
|
'data' => $expectedData->values()->all(),
|
|
'total' => 2
|
|
]);
|
|
}
|
|
|
|
public function test_restore_endpoint()
|
|
{
|
|
$this->actingAsAuthorizedUser();
|
|
|
|
$page = Page::query()->first();
|
|
$editor = $this->getEditor();
|
|
$this->actingAs($editor)->delete($page->getUrl());
|
|
$page->refresh();
|
|
|
|
$deletion = Deletion::query()->orderBy('id')->first();
|
|
|
|
$this->assertDatabaseHas('pages', [
|
|
'id' => $page->getKey(),
|
|
'deleted_at' => $page->deleted_at
|
|
]);
|
|
|
|
$this->putJson($this->baseEndpoint . '/' . $deletion->getKey());
|
|
|
|
$this->assertDatabaseHas('pages', [
|
|
'id' => $page->getKey(),
|
|
'deleted_at' => null
|
|
]);
|
|
}
|
|
|
|
public function test_destroy_endpoint()
|
|
{
|
|
$this->actingAsAuthorizedUser();
|
|
|
|
$page = Page::query()->first();
|
|
$editor = $this->getEditor();
|
|
$this->actingAs($editor)->delete($page->getUrl());
|
|
$page->refresh();
|
|
|
|
$deletion = Deletion::query()->orderBy('id')->first();
|
|
|
|
$this->assertDatabaseHas('pages', [
|
|
'id' => $page->getKey(),
|
|
'deleted_at' => $page->deleted_at
|
|
]);
|
|
|
|
$this->deleteJson($this->baseEndpoint . '/' . $deletion->getKey());
|
|
$this->assertDatabaseMissing('pages', ['id' => $page->getKey()]);
|
|
}
|
|
|
|
private function actingAsAuthorizedUser()
|
|
{
|
|
$editor = $this->getEditor();
|
|
$this->giveUserPermissions($editor, ['restrictions-manage-all']);
|
|
$this->giveUserPermissions($editor, ['settings-manage']);
|
|
$this->actingAs($editor);
|
|
}
|
|
}
|