public function test_user_password_update() { $user = \BookStack\User::all()->last(); $userProfilePage = '/users/' . $user->id; $this->asAdmin()->visit($userProfilePage)->type('newpassword', '#password')->press('Save')->seePageIs($userProfilePage)->see('Password confirmation required')->type('newpassword', '#password')->type('newpassword', '#password-confirm')->press('Save')->seePageIs('/users'); $userPassword = \BookStack\User::find($user->id)->password; $this->assertTrue(Hash::check('newpassword', $userPassword)); }
/** * Run the migrations. * * @return void */ public function up() { // Create table for storing roles Schema::create('roles', function (Blueprint $table) { $table->increments('id'); $table->string('name')->unique(); $table->string('display_name')->nullable(); $table->string('description')->nullable(); $table->timestamps(); }); // Create table for associating roles to users (Many-to-Many) Schema::create('role_user', function (Blueprint $table) { $table->integer('user_id')->unsigned(); $table->integer('role_id')->unsigned(); $table->foreign('user_id')->references('id')->on('users')->onUpdate('cascade')->onDelete('cascade'); $table->foreign('role_id')->references('id')->on('roles')->onUpdate('cascade')->onDelete('cascade'); $table->primary(['user_id', 'role_id']); }); // Create table for storing permissions Schema::create('permissions', function (Blueprint $table) { $table->increments('id'); $table->string('name')->unique(); $table->string('display_name')->nullable(); $table->string('description')->nullable(); $table->timestamps(); }); // Create table for associating permissions to roles (Many-to-Many) Schema::create('permission_role', function (Blueprint $table) { $table->integer('permission_id')->unsigned(); $table->integer('role_id')->unsigned(); $table->foreign('permission_id')->references('id')->on('permissions')->onUpdate('cascade')->onDelete('cascade'); $table->foreign('role_id')->references('id')->on('roles')->onUpdate('cascade')->onDelete('cascade'); $table->primary(['permission_id', 'role_id']); }); // Create default roles $admin = new \BookStack\Role(); $admin->name = 'admin'; $admin->display_name = 'Admin'; $admin->description = 'Administrator of the whole application'; $admin->save(); $editor = new \BookStack\Role(); $editor->name = 'editor'; $editor->display_name = 'Editor'; $editor->description = 'User can edit Books, Chapters & Pages'; $editor->save(); $viewer = new \BookStack\Role(); $viewer->name = 'viewer'; $viewer->display_name = 'Viewer'; $viewer->description = 'User can view books & their content behind authentication'; $viewer->save(); // Create default CRUD permissions and allocate to admins and editors $entities = ['Book', 'Page', 'Chapter', 'Image']; $ops = ['Create', 'Update', 'Delete']; foreach ($entities as $entity) { foreach ($ops as $op) { $newPermission = new \BookStack\Permission(); $newPermission->name = strtolower($entity) . '-' . strtolower($op); $newPermission->display_name = $op . ' ' . $entity . 's'; $newPermission->save(); $admin->attachPermission($newPermission); $editor->attachPermission($newPermission); } } // Create admin permissions $entities = ['Settings', 'User']; $ops = ['Create', 'Update', 'Delete']; foreach ($entities as $entity) { foreach ($ops as $op) { $newPermission = new \BookStack\Permission(); $newPermission->name = strtolower($entity) . '-' . strtolower($op); $newPermission->display_name = $op . ' ' . $entity; $newPermission->save(); $admin->attachPermission($newPermission); } } // Set all current users as admins // (At this point only the initially create user should be an admin) $users = \BookStack\User::all(); foreach ($users as $user) { $user->attachRole($admin); } }
public function test_non_admins_cannot_change_auth_id() { $testUser = User::all()->last(); $this->actingAs($testUser)->visit('/users/' . $testUser->id)->dontSee('External Authentication'); }
public function setUp() { parent::setUp(); $this->user = \BookStack\User::all()->last(); }