diff --git a/libraries/src/MVC/Model/FormModel.php b/libraries/src/MVC/Model/FormModel.php index e9a14c3ce47ee..ffb80a6c3e13a 100644 --- a/libraries/src/MVC/Model/FormModel.php +++ b/libraries/src/MVC/Model/FormModel.php @@ -150,7 +150,13 @@ public function checkout($pk = null) return true; } - $user = $this->getCurrentUser(); + $user = $this->getCurrentUser(); + + // When the user is a guest, don't do a checkout + if (!$user->id) { + return false; + } + $checkedOutField = $table->getColumnAlias('checked_out'); // Check if this is the user having previously checked out the row. diff --git a/tests/Unit/Libraries/Cms/MVC/Model/FormModelTest.php b/tests/Unit/Libraries/Cms/MVC/Model/FormModelTest.php index 6874c3ad4636d..ccc582c4a26b4 100644 --- a/tests/Unit/Libraries/Cms/MVC/Model/FormModelTest.php +++ b/tests/Unit/Libraries/Cms/MVC/Model/FormModelTest.php @@ -244,7 +244,7 @@ public function getForm($data = array(), $loadData = true) * * @since 4.2.0 */ - public function testSucessfullCheckout() + public function testSuccessfulCheckout() { $table = $this->createStub(Table::class); $table->checked_out = 0; @@ -263,7 +263,11 @@ public function getForm($data = array(), $loadData = true) return null; } }; - $model->setCurrentUser(new User()); + + // Must be a valid user + $user = new User(); + $user->id = 1; + $model->setCurrentUser($user); $this->assertTrue($model->checkout(1)); } @@ -275,7 +279,7 @@ public function getForm($data = array(), $loadData = true) * * @since 4.2.0 */ - public function testSucessfullCheckoutWithEmptyRecord() + public function testSuccessfulCheckoutWithEmptyRecord() { $model = new class (['dbo' => $this->createStub(DatabaseInterface::class)], $this->createStub(MVCFactoryInterface::class)) extends FormModel { @@ -307,6 +311,41 @@ public function testFailedCheckout() $mvcFactory = $this->createStub(MVCFactoryInterface::class); $mvcFactory->method('createTable')->willReturn($table); + $model = new class (['dbo' => $this->createStub(DatabaseInterface::class)], $mvcFactory) extends FormModel + { + public function getForm($data = array(), $loadData = true) + { + return null; + } + }; + + // Must be a valid user + $user = new User(); + $user->id = 1; + $model->setCurrentUser($user); + + $this->assertFalse($model->checkout(1)); + } + + /** + * @testdox can't checkout a record when the current user is a guest + * + * @return void + * + * @since 4.2.0 + */ + public function testFailedCheckoutAsGuest() + { + $table = $this->createStub(Table::class); + $table->checked_out = 0; + $table->method('load')->willReturn(true); + $table->method('hasField')->willReturn(true); + $table->method('checkIn')->willReturn(false); + $table->method('getColumnAlias')->willReturn('checked_out'); + + $mvcFactory = $this->createStub(MVCFactoryInterface::class); + $mvcFactory->method('createTable')->willReturn($table); + $model = new class (['dbo' => $this->createStub(DatabaseInterface::class)], $mvcFactory) extends FormModel { public function getForm($data = array(), $loadData = true) @@ -353,7 +392,7 @@ public function getForm($data = array(), $loadData = true) * * @since 4.2.0 */ - public function testSuccessfullCheckoutFieldNotAvailableCheck() + public function testSuccessfulCheckoutFieldNotAvailableCheck() { $table = $this->createStub(Table::class); $table->checked_out = 0; @@ -381,7 +420,7 @@ public function getForm($data = array(), $loadData = true) * * @since 4.2.0 */ - public function testSuccessfullCheckoutWhenCurrentUserIsDifferent() + public function testSuccessfulCheckoutWhenCurrentUserIsDifferent() { $table = $this->createStub(Table::class); $table->checked_out = 1;