1515use Illuminate \Testing \TestResponse ;
1616use Tests \TestCase ;
1717
18- class RolesTest extends TestCase
18+ class RolePermissionsTest extends TestCase
1919{
2020 protected User $ user
2121
@@ -25,208 +25,6 @@ protected function setUp(): void
2525 $ this user = $ this users ->viewer ();
2626 }
2727
28- public function test_admin_can_see_settings ()
29- {
30- $ this asAdmin ()->get ('/settings/features ' )->assertSee ('Settings ' );
31- }
32-
33- public function test_cannot_delete_admin_role ()
34- {
35- $ adminRolegetRole ('admin ' );
36- $ deletePageUrl'/settings/roles/delete/ ' . $ adminRoleid ;
37-
38- $ this asAdmin ()->get ($ deletePageUrl
39- $ this delete ($ deletePageUrlassertRedirect ($ deletePageUrl
40- $ this get ($ deletePageUrlassertSee ('cannot be deleted ' );
41- }
42-
43- public function test_role_cannot_be_deleted_if_default ()
44- {
45- $ newRole$ this users ->createRole ();
46- $ this setSettings (['registration-role ' => $ newRoleid ]);
47-
48- $ deletePageUrl'/settings/roles/delete/ ' . $ newRoleid ;
49- $ this asAdmin ()->get ($ deletePageUrl
50- $ this delete ($ deletePageUrlassertRedirect ($ deletePageUrl
51- $ this get ($ deletePageUrlassertSee ('cannot be deleted ' );
52- }
53-
54- public function test_role_create_update_delete_flow ()
55- {
56- $ testRoleName'Test Role ' ;
57- $ testRoleDesc'a little test description ' ;
58- $ testRoleUpdateName'An Super Updated role ' ;
59-
60- // Creation
61- $ resp$ this asAdmin ()->get ('/settings/features ' );
62- $ this withHtml ($ respassertElementContains ('a[href=" ' . url ('/settings/roles ' ) . '"] ' , 'Roles ' );
63-
64- $ resp$ this get ('/settings/roles ' );
65- $ this withHtml ($ respassertElementContains ('a[href=" ' . url ('/settings/roles/new ' ) . '"] ' , 'Create New Role ' );
66-
67- $ resp$ this get ('/settings/roles/new ' );
68- $ this withHtml ($ respassertElementContains ('form[action=" ' . url ('/settings/roles/new ' ) . '"] ' , 'Save Role ' );
69-
70- $ resp$ this post ('/settings/roles/new ' , [
71- 'display_name ' => $ testRoleName
72- 'description ' => $ testRoleDesc
73- ]);
74- $ respassertRedirect ('/settings/roles ' );
75-
76- $ resp$ this get ('/settings/roles ' );
77- $ respassertSee ($ testRoleName
78- $ respassertSee ($ testRoleDesc
79- $ this assertDatabaseHas ('roles ' , [
80- 'display_name ' => $ testRoleName
81- 'description ' => $ testRoleDesc
82- 'mfa_enforced ' => false ,
83- ]);
84-
85- /** @var Role $role */
86- $ rolequery ()->where ('display_name ' , '= ' , $ testRoleNamefirst ();
87-
88- // Updating
89- $ resp$ this get ('/settings/roles/ ' . $ roleid );
90- $ respassertSee ($ testRoleName
91- $ respassertSee ($ testRoleDesc
92- $ this withHtml ($ respassertElementContains ('form[action=" ' . url ('/settings/roles/ ' . $ roleid ) . '"] ' , 'Save Role ' );
93-
94- $ resp$ this put ('/settings/roles/ ' . $ roleid , [
95- 'display_name ' => $ testRoleUpdateName
96- 'description ' => $ testRoleDesc
97- 'mfa_enforced ' => 'true ' ,
98- ]);
99- $ respassertRedirect ('/settings/roles ' );
100- $ this assertDatabaseHas ('roles ' , [
101- 'display_name ' => $ testRoleUpdateName
102- 'description ' => $ testRoleDesc
103- 'mfa_enforced ' => true ,
104- ]);
105-
106- // Deleting
107- $ resp$ this get ('/settings/roles/ ' . $ roleid );
108- $ this withHtml ($ respassertElementContains ('a[href=" ' . url ("/settings/roles/delete/ $ roleid " ) . '"] ' , 'Delete Role ' );
109-
110- $ resp$ this get ("/settings/roles/delete/ $ roleid " );
111- $ respassertSee ($ testRoleUpdateName
112- $ this withHtml ($ respassertElementContains ('form[action=" ' . url ("/settings/roles/delete/ $ roleid " ) . '"] ' , 'Confirm ' );
113-
114- $ resp$ this delete ("/settings/roles/delete/ $ roleid " );
115- $ respassertRedirect ('/settings/roles ' );
116- $ this get ('/settings/roles ' )->assertSee ('Role successfully deleted ' );
117- $ this assertActivityExists (ActivityType::ROLE_DELETE );
118- }
119-
120- public function test_admin_role_cannot_be_removed_if_user_last_admin ()
121- {
122- /** @var Role $adminRole */
123- $ adminRolequery ()->where ('system_name ' , '= ' , 'admin ' )->first ();
124- $ adminUser$ this users ->admin ();
125- $ adminRoleusers ()->where ('id ' , '!= ' , $ adminUserid )->delete ();
126- $ this assertEquals (1 , $ adminRoleusers ()->count ());
127-
128- $ viewerRole$ this users ->viewer ()->roles ()->first ();
129-
130- $ editUrl'/settings/users/ ' . $ adminUserid ;
131- $ resp$ this actingAs ($ adminUserput ($ editUrl
132- 'name ' => $ adminUsername ,
133- 'email ' => $ adminUseremail ,
134- 'roles ' => [
135- 'viewer ' => strval ($ viewerRoleid ),
136- ],
137- ]);
138-
139- $ respassertRedirect ($ editUrl
140-
141- $ resp$ this get ($ editUrl
142- $ respassertSee ('This user is the only user assigned to the administrator role ' );
143- }
144-
145- public function test_migrate_users_on_delete_works ()
146- {
147- /** @var Role $roleA */
148- $ roleAquery ()->create (['display_name ' => 'Delete Test A ' ]);
149- /** @var Role $roleB */
150- $ roleBquery ()->create (['display_name ' => 'Delete Test B ' ]);
151- $ this user ->attachRole ($ roleB
152-
153- $ this assertCount (0 , $ roleAusers ()->get ());
154- $ this assertCount (1 , $ roleBusers ()->get ());
155-
156- $ deletePage$ this asAdmin ()->get ("/settings/roles/delete/ $ roleBid " );
157- $ this withHtml ($ deletePageassertElementExists ('select[name=migrate_role_id] ' );
158- $ this asAdmin ()->delete ("/settings/roles/delete/ $ roleBid " , [
159- 'migrate_role_id ' => $ roleAid ,
160- ]);
161-
162- $ this assertCount (1 , $ roleAusers ()->get ());
163- $ this assertEquals ($ this user ->id , $ roleAusers ()->first ()->id );
164- }
165-
166- public function test_delete_with_empty_migrate_option_works ()
167- {
168- $ role$ this users ->attachNewRole ($ this user );
169-
170- $ this assertCount (1 , $ roleusers ()->get ());
171-
172- $ deletePage$ this asAdmin ()->get ("/settings/roles/delete/ $ roleid " );
173- $ this withHtml ($ deletePageassertElementExists ('select[name=migrate_role_id] ' );
174- $ resp$ this asAdmin ()->delete ("/settings/roles/delete/ $ roleid " , [
175- 'migrate_role_id ' => '' ,
176- ]);
177-
178- $ respassertRedirect ('/settings/roles ' );
179- $ this assertDatabaseMissing ('roles ' , ['id ' => $ roleid ]);
180- }
181-
182- public function test_entity_permissions_are_removed_on_delete ()
183- {
184- /** @var Role $roleA */
185- $ roleAquery ()->create (['display_name ' => 'Entity Permissions Delete Test ' ]);
186- $ page$ this entities ->page ();
187-
188- $ this permissions ->setEntityPermissions ($ page'view ' ], [$ roleA
189-
190- $ this assertDatabaseHas ('entity_permissions ' , [
191- 'role_id ' => $ roleAid ,
192- 'entity_id ' => $ pageid ,
193- 'entity_type ' => $ pagegetMorphClass (),
194- ]);
195-
196- $ this asAdmin ()->delete ("/settings/roles/delete/ $ roleAid " );
197-
198- $ this assertDatabaseMissing ('entity_permissions ' , [
199- 'role_id ' => $ roleAid ,
200- 'entity_id ' => $ pageid ,
201- 'entity_type ' => $ pagegetMorphClass (),
202- ]);
203- }
204-
205- public function test_image_view_notice_shown_on_role_form ()
206- {
207- /** @var Role $role */
208- $ rolequery ()->first ();
209- $ this asAdmin ()->get ("/settings/roles/ {$ roleid }" )
210- ->assertSee ('Actual access of uploaded image files will be dependant upon system image storage option ' );
211- }
212-
213- public function test_copy_role_button_shown ()
214- {
215- /** @var Role $role */
216- $ rolequery ()->first ();
217- $ resp$ this asAdmin ()->get ("/settings/roles/ {$ roleid }" );
218- $ this withHtml ($ respassertElementContains ('a[href$="/roles/new?copy_from= ' . $ roleid . '"] ' , 'Copy ' );
219- }
220-
221- public function test_copy_from_param_on_create_prefills_with_other_role_data ()
222- {
223- /** @var Role $role */
224- $ rolequery ()->first ();
225- $ resp$ this asAdmin ()->get ("/settings/roles/new?copy_from= {$ roleid }" );
226- $ respassertOk ();
227- $ this withHtml ($ respassertElementExists ('input[name="display_name"][value=" ' . ($ roledisplay_name . ' (Copy) ' ) . '"] ' );
228- }
229-
23028 public function test_manage_user_permission ()
23129 {
23230 $ this actingAs ($ this user )->get ('/settings/users ' )->assertRedirect ('/ ' );
@@ -306,7 +104,7 @@ public function test_settings_manage_permission()
306104
307105 public function test_restrictions_manage_all_permission ()
308106 {
309- $ pagePage:: query ()-> get ()-> first ();
107+ $ page$ this -> entities -> page ();
310108
311109 $ this actingAs ($ this user )->get ($ pagegetUrl ())->assertDontSee ('Permissions ' );
312110 $ this get ($ pagegetUrl ('/permissions ' ))->assertRedirect ('/ ' );
@@ -322,8 +120,7 @@ public function test_restrictions_manage_all_permission()
322120
323121 public function test_restrictions_manage_own_permission ()
324122 {
325- /** @var Page $otherUsersPage */
326- $ otherUsersPagequery ()->first ();
123+ $ otherUsersPage$ this entities ->page ();
327124 $ content$ this entities ->createChainBelongingToUser ($ this user );
328125
329126 // Set a different creator on the page we're checking to ensure
@@ -798,44 +595,6 @@ public function test_page_delete_all_permission()
798595 $ this get ($ parentgetUrl ())->assertDontSee ($ otherPagename );
799596 }
800597
801- public function test_public_role_visible_in_user_edit_screen ()
802- {
803- /** @var User $user */
804- $ userquery ()->first ();
805- $ adminRolegetSystemRole ('admin ' );
806- $ publicRolegetSystemRole ('public ' );
807- $ resp$ this asAdmin ()->get ('/settings/users/ ' . $ userid );
808- $ this withHtml ($ respassertElementExists ('[name="roles[ ' . $ adminRoleid . ']"] ' )
809- ->assertElementExists ('[name="roles[ ' . $ publicRoleid . ']"] ' );
810- }
811-
812- public function test_public_role_visible_in_role_listing ()
813- {
814- $ this asAdmin ()->get ('/settings/roles ' )
815- ->assertSee ('Admin ' )
816- ->assertSee ('Public ' );
817- }
818-
819- public function test_public_role_visible_in_default_role_setting ()
820- {
821- $ resp$ this asAdmin ()->get ('/settings/registration ' );
822- $ this withHtml ($ respassertElementExists ('[data-system-role-name="admin"] ' )
823- ->assertElementExists ('[data-system-role-name="public"] ' );
824- }
825-
826- public function test_public_role_not_deletable ()
827- {
828- /** @var Role $publicRole */
829- $ publicRolegetSystemRole ('public ' );
830- $ resp$ this asAdmin ()->delete ('/settings/roles/delete/ ' . $ publicRoleid );
831- $ respassertRedirect ('/ ' );
832-
833- $ this get ('/settings/roles/delete/ ' . $ publicRoleid );
834- $ resp$ this delete ('/settings/roles/delete/ ' . $ publicRoleid );
835- $ respassertRedirect ('/settings/roles/delete/ ' . $ publicRoleid );
836- $ resp$ this get ('/settings/roles/delete/ ' . $ publicRoleid );
837- $ respassertSee ('This role is a system role and cannot be deleted ' );
838- }
839598
840599 public function test_image_delete_own_permission ()
841600 {
@@ -874,23 +633,6 @@ public function test_image_delete_all_permission()
874633 $ this assertDatabaseMissing ('images ' , ['id ' => $ imageid ]);
875634 }
876635
877- public function test_role_permission_removal ()
878- {
879- // To cover issue fixed in f99c8ff99aee9beb8c692f36d4b84dc6e651e50a.
880- $ page$ this entities ->page ();
881- $ viewerRolegetRole ('viewer ' );
882- $ viewer$ this users ->viewer ();
883- $ this actingAs ($ viewerget ($ pagegetUrl ())->assertOk ();
884-
885- $ this asAdmin ()->put ('/settings/roles/ ' . $ viewerRoleid , [
886- 'display_name ' => $ viewerRoledisplay_name ,
887- 'description ' => $ viewerRoledescription ,
888- 'permissions ' => [],
889- ])->assertStatus (302 );
890-
891- $ this actingAs ($ viewerget ($ pagegetUrl ())->assertStatus (404 );
892- }
893-
894636 public function test_empty_state_actions_not_visible_without_permission ()
895637 {
896638 $ admin$ this users ->admin ();
0 commit comments