public function test_draft_pages_not_visible_by_others()
{
$book = \BookStack\Book::first();
$chapter = $book->chapters->first();
$newUser = $this->getEditor();
$this->actingAs($newUser)->visit('/')->visit($book->getUrl() . '/page/create')->visit($chapter->getUrl() . '/create-page')->visit($book->getUrl())->seeInElement('.page-list', 'New Page');
$this->asAdmin()->visit($book->getUrl())->dontSeeInElement('.page-list', 'New Page')->visit($chapter->getUrl())->dontSeeInElement('.page-list', 'New Page');
}
public function setUp()
{
parent::setUp();
$this->book = \BookStack\Book::first();
}
public function test_book_delete_restriction_override()
{
$book = \BookStack\Book::first();
$bookPage = $book->pages->first();
$bookChapter = $book->chapters->first();
$bookUrl = $book->getUrl();
$this->actingAs($this->viewer)->visit($bookUrl . '/delete')->dontSee('Delete Book');
$this->setEntityRestrictions($book, ['view', 'update']);
$this->forceVisit($bookUrl . '/delete')->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookPage->getUrl() . '/delete')->see('You do not have permission')->seePageIs('/');
$this->forceVisit($bookChapter->getUrl() . '/delete')->see('You do not have permission')->seePageIs('/');
$this->setEntityRestrictions($book, ['view', 'delete']);
$this->visit($bookUrl . '/delete')->seePageIs($bookUrl . '/delete')->see('Delete Book');
$this->visit($bookPage->getUrl() . '/delete')->seePageIs($bookPage->getUrl() . '/delete')->see('Delete Page');
$this->visit($bookChapter->getUrl() . '/delete')->see('Delete Chapter');
}