Added a whole load of permission & role tests

@@ -15,10 +15,10 @@ class Activity extends Model
 
     /**
      * Get the entity for this activity.
-     * @return bool
      */
     public function entity()
     {
+        if ($this->entity_type === '') $this->entity_type = null;
         return $this->morphTo('entity');
     }
 

@@ -35,6 +35,7 @@ class UserController extends Controller
      */
     public function index()
     {
+        $this->checkPermission('users-manage');
         $users = $this->userRepo->getAllUsers();
         $this->setPageTitle('Users');
         return view('users/index', ['users' => $users]);

@@ -136,7 +136,7 @@ class BookRepo
      */
     public function newFromInput($input)
     {
-        return $this->bookQuery()->fill($input);
+        return $this->book->newInstance($input);
     }
 
     /**

@@ -101,6 +101,7 @@ class PermissionsRepo
     public function assignRolePermissions(Role $role, $permissionNameArray = [])
     {
         $permissions = [];
+        $permissionNameArray = array_values($permissionNameArray);
         if ($permissionNameArray && count($permissionNameArray) > 0) {
             $permissions = $this->permission->whereIn('name', $permissionNameArray)->pluck('id')->toArray();
         }

@@ -67,11 +67,12 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
 
     /**
      * Get all permissions belonging to a the current user.
+     * @param bool $cache
      * @return \Illuminate\Database\Eloquent\Relations\HasManyThrough
      */
-    public function permissions()
+    public function permissions($cache = true)
     {
-        if(isset($this->permissions)) return $this->permissions;
+        if(isset($this->permissions) && $cache) return $this->permissions;
         $this->load('roles.permissions');
         $permissions = $this->roles->map(function($role) {
             return $role->permissions;
@@ -106,7 +107,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      */
     public function attachRoleId($id)
     {
-        $this->roles()->attach([$id]);
+        $this->roles()->attach($id);
     }
 
     /**

@@ -16,7 +16,7 @@
 
     {{ $activity->getText() }}
 
-    @if($activity->entity())
+    @if($activity->entity)
         <a href="{{ $activity->entity->getUrl() }}">{{ $activity->entity->name }}</a>
     @endif
 

@@ -17,7 +17,7 @@
                 <label> @include('settings/roles/checkbox', ['permission' => 'users-manage']) Manage users</label>
             </div>
             <div class="col-md-6">
-                <label>@include('settings/roles/checkbox', ['permission' => 'user-roles-manage']) Manage user roles & Permissions</label>
+                <label>@include('settings/roles/checkbox', ['permission' => 'user-roles-manage']) Manage user roles</label>
             </div>
         </div>
         <hr class="even">

@@ -85,6 +85,17 @@ class TestCase extends Illuminate\Foundation\Testing\TestCase
     }
 
     /**
+     * Quick way to create a new user without any permissions
+     * @param array $attributes
+     * @return mixed
+     */
+    protected function getNewBlankUser($attributes = [])
+    {
+        $user = factory(\BookStack\User::class)->create($attributes);
+        return $user;
+    }
+
+    /**
      * Assert that a given string is seen inside an element.
      *
      * @param  bool|string|null $element