archive/BookStackApp_BookStack
0
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-05-01 15:09:51 +00:00
Code Issues Projects Releases Wiki Activity

Moved permission updating to its own tool

Browse source 
And added support for owner changing.
This commit is contained in:
Dan Brown 2021-01-01 17:49:48 +00:00
parent da9083bf1f
commit 99b14621f9
No known key found for this signature in database
GPG key ID: 46D9F943C24A2EF9
11 changed files with 82 additions and 78 deletions

27
app/Entities/Repos/BaseRepo.php
View file

@ -4,6 +4,7 @@ namespace BookStack\Entities\Repos;
use BookStack\Actions\ActivityType; use BookStack\Actions\ActivityType;
use BookStack\Actions\TagRepo; use BookStack\Actions\TagRepo;
use BookStack\Auth\User;
use BookStack\Entities\Models\Entity; use BookStack\Entities\Models\Entity;
use BookStack\Entities\Models\HasCoverImage; use BookStack\Entities\Models\HasCoverImage;
use BookStack\Exceptions\ImageUploadException; use BookStack\Exceptions\ImageUploadException;
@ -89,30 +90,4 @@ class BaseRepo
$entity->save(); $entity->save();
} }
} }
/**
* Update the permissions of an entity.
*/
public function updatePermissions(Entity $entity, bool $restricted, Collection $permissions = null)
{
$entity->restricted = $restricted;
$entity->permissions()->delete();
if (!is_null($permissions)) {
$entityPermissionData = $permissions->flatMap(function ($restrictions, $roleId) {
return collect($restrictions)->keys()->map(function ($action) use ($roleId) {
return [
'role_id' => $roleId,
'action' => strtolower($action),
] ;
});
});
$entity->permissions()->createMany($entityPermissionData);
}
$entity->save();
$entity->rebuildPermissions();
Activity::addForEntity($entity, ActivityType::PERMISSIONS_UPDATE);
}
} }

8
app/Entities/Repos/BookRepo.php
View file

@ -114,14 +114,6 @@ class BookRepo
$this->baseRepo->updateCoverImage($book, $coverImage, $removeImage); $this->baseRepo->updateCoverImage($book, $coverImage, $removeImage);
} }
/**
* Update the permissions of a book.
*/
public function updatePermissions(Book $book, bool $restricted, Collection $permissions = null)
{
$this->baseRepo->updatePermissions($book, $restricted, $permissions);
}
/** /**
* Remove a book from the system. * Remove a book from the system.
* @throws Exception * @throws Exception

8
app/Entities/Repos/BookshelfRepo.php
View file

@ -137,14 +137,6 @@ class BookshelfRepo
$this->baseRepo->updateCoverImage($shelf, $coverImage, $removeImage); $this->baseRepo->updateCoverImage($shelf, $coverImage, $removeImage);
} }
/**
* Update the permissions of a bookshelf.
*/
public function updatePermissions(Bookshelf $shelf, bool $restricted, Collection $permissions = null)
{
$this->baseRepo->updatePermissions($shelf, $restricted, $permissions);
}
/** /**
* Copy down the permissions of the given shelf to all child books. * Copy down the permissions of the given shelf to all child books.
*/ */

8
app/Entities/Repos/ChapterRepo.php
View file

@ -62,14 +62,6 @@ class ChapterRepo
return $chapter; return $chapter;
} }
/**
* Update the permissions of a chapter.
*/
public function updatePermissions(Chapter $chapter, bool $restricted, Collection $permissions = null)
{
$this->baseRepo->updatePermissions($chapter, $restricted, $permissions);
}
/** /**
* Remove a chapter from the system. * Remove a chapter from the system.
* @throws Exception * @throws Exception

8
app/Entities/Repos/PageRepo.php
View file

@ -383,14 +383,6 @@ class PageRepo
return $parentClass::visible()->where('id', '=', $entityId)->first(); return $parentClass::visible()->where('id', '=', $entityId)->first();
} }
/**
* Update the permissions of a page.
*/
public function updatePermissions(Page $page, bool $restricted, Collection $permissions = null)
{
$this->baseRepo->updatePermissions($page, $restricted, $permissions);
}
/** /**
* Change the page's parent to the given entity. * Change the page's parent to the given entity.
*/ */

68
app/Entities/Tools/PermissionsUpdater.php Normal file
View file

@ -0,0 +1,68 @@
<?php namespace BookStack\Entities\Tools;
use BookStack\Actions\ActivityType;
use BookStack\Auth\User;
use BookStack\Entities\Models\Entity;
use BookStack\Facades\Activity;
use Illuminate\Http\Request;
use Illuminate\Support\Collection;
class PermissionsUpdater
{
/**
* Update an entities permissions from a permission form submit request.
*/
public function updateFromPermissionsForm(Entity $entity, Request $request)
{
$restricted = $request->get('restricted') === 'true';
$permissions = $request->get('restrictions', null);
$ownerId = $request->get('owned_by', null);
$entity->restricted = $restricted;
$entity->permissions()->delete();
if (!is_null($permissions)) {
$entityPermissionData = $this->formatPermissionsFromRequestToEntityPermissions($permissions);
$entity->permissions()->createMany($entityPermissionData);
}
if (!is_null($ownerId)) {
$this->updateOwnerFromId($entity, $ownerId);
}
$entity->save();
$entity->rebuildPermissions();
Activity::addForEntity($entity, ActivityType::PERMISSIONS_UPDATE);
}
/**
* Update the owner of the given entity.
* Checks the user exists in the system first.
* Does not save the model, just updates it.
*/
protected function updateOwnerFromId(Entity $entity, int $newOwnerId)
{
$newOwner = User::query()->find($newOwnerId);
if (!is_null($newOwner)) {
$entity->owned_by = $newOwner->id;
}
}
/**
* Format permissions provided from a permission form to be
* EntityPermission data.
*/
protected function formatPermissionsFromRequestToEntityPermissions(array $permissions): Collection
{
return collect($permissions)->flatMap(function ($restrictions, $roleId) {
return collect($restrictions)->keys()->map(function ($action) use ($roleId) {
return [
'role_id' => $roleId,
'action' => strtolower($action),
] ;
});
});
}
}

7
app/Http/Controllers/BookController.php
View file

@ -4,6 +4,7 @@ use Activity;
use BookStack\Actions\ActivityType; use BookStack\Actions\ActivityType;
use BookStack\Entities\Tools\BookContents; use BookStack\Entities\Tools\BookContents;
use BookStack\Entities\Models\Bookshelf; use BookStack\Entities\Models\Bookshelf;
use BookStack\Entities\Tools\PermissionsUpdater;
use BookStack\Entities\Tools\ShelfContext; use BookStack\Entities\Tools\ShelfContext;
use BookStack\Entities\Repos\BookRepo; use BookStack\Entities\Repos\BookRepo;
use BookStack\Exceptions\ImageUploadException; use BookStack\Exceptions\ImageUploadException;
@ -202,14 +203,12 @@ class BookController extends Controller
* Set the restrictions for this book. * Set the restrictions for this book.
* @throws Throwable * @throws Throwable
*/ */
public function permissions(Request $request, string $bookSlug) public function permissions(Request $request, PermissionsUpdater $permissionsUpdater, string $bookSlug)
{ {
$book = $this->bookRepo->getBySlug($bookSlug); $book = $this->bookRepo->getBySlug($bookSlug);
$this->checkOwnablePermission('restrictions-manage', $book); $this->checkOwnablePermission('restrictions-manage', $book);
$restricted = $request->get('restricted') === 'true'; $permissionsUpdater->updateFromPermissionsForm($book, $request);
$permissions = $request->filled('restrictions') ? collect($request->get('restrictions')) : null;
$this->bookRepo->updatePermissions($book, $restricted, $permissions);
$this->showSuccessNotification(trans('entities.books_permissions_updated')); $this->showSuccessNotification(trans('entities.books_permissions_updated'));
return redirect($book->getUrl()); return redirect($book->getUrl());

10
app/Http/Controllers/BookshelfController.php
View file

@ -2,6 +2,7 @@
use Activity; use Activity;
use BookStack\Entities\Models\Book; use BookStack\Entities\Models\Book;
use BookStack\Entities\Tools\PermissionsUpdater;
use BookStack\Entities\Tools\ShelfContext; use BookStack\Entities\Tools\ShelfContext;
use BookStack\Entities\Repos\BookshelfRepo; use BookStack\Entities\Repos\BookshelfRepo;
use BookStack\Exceptions\ImageUploadException; use BookStack\Exceptions\ImageUploadException;
@ -19,9 +20,6 @@ class BookshelfController extends Controller
protected $entityContextManager; protected $entityContextManager;
protected $imageRepo; protected $imageRepo;
/**
* BookController constructor.
*/
public function __construct(BookshelfRepo $bookshelfRepo, ShelfContext $entityContextManager, ImageRepo $imageRepo) public function __construct(BookshelfRepo $bookshelfRepo, ShelfContext $entityContextManager, ImageRepo $imageRepo)
{ {
$this->bookshelfRepo = $bookshelfRepo; $this->bookshelfRepo = $bookshelfRepo;
@ -200,14 +198,12 @@ class BookshelfController extends Controller
/** /**
* Set the permissions for this bookshelf. * Set the permissions for this bookshelf.
*/ */
public function permissions(Request $request, string $slug) public function permissions(Request $request, PermissionsUpdater $permissionsUpdater, string $slug)
{ {
$shelf = $this->bookshelfRepo->getBySlug($slug); $shelf = $this->bookshelfRepo->getBySlug($slug);
$this->checkOwnablePermission('restrictions-manage', $shelf); $this->checkOwnablePermission('restrictions-manage', $shelf);
$restricted = $request->get('restricted') === 'true'; $permissionsUpdater->updateFromPermissionsForm($shelf, $request);
$permissions = $request->filled('restrictions') ? collect($request->get('restrictions')) : null;
$this->bookshelfRepo->updatePermissions($shelf, $restricted, $permissions);
$this->showSuccessNotification(trans('entities.shelves_permissions_updated')); $this->showSuccessNotification(trans('entities.shelves_permissions_updated'));
return redirect($shelf->getUrl()); return redirect($shelf->getUrl());

7
app/Http/Controllers/ChapterController.php
View file

@ -3,6 +3,7 @@
use BookStack\Entities\Models\Book; use BookStack\Entities\Models\Book;
use BookStack\Entities\Tools\BookContents; use BookStack\Entities\Tools\BookContents;
use BookStack\Entities\Repos\ChapterRepo; use BookStack\Entities\Repos\ChapterRepo;
use BookStack\Entities\Tools\PermissionsUpdater;
use BookStack\Exceptions\MoveOperationException; use BookStack\Exceptions\MoveOperationException;
use BookStack\Exceptions\NotFoundException; use BookStack\Exceptions\NotFoundException;
use Illuminate\Http\Request; use Illuminate\Http\Request;
@ -190,14 +191,12 @@ class ChapterController extends Controller
* Set the restrictions for this chapter. * Set the restrictions for this chapter.
* @throws NotFoundException * @throws NotFoundException
*/ */
public function permissions(Request $request, string $bookSlug, string $chapterSlug) public function permissions(Request $request, PermissionsUpdater $permissionsUpdater, string $bookSlug, string $chapterSlug)
{ {
$chapter = $this->chapterRepo->getBySlug($bookSlug, $chapterSlug); $chapter = $this->chapterRepo->getBySlug($bookSlug, $chapterSlug);
$this->checkOwnablePermission('restrictions-manage', $chapter); $this->checkOwnablePermission('restrictions-manage', $chapter);
$restricted = $request->get('restricted') === 'true'; $permissionsUpdater->updateFromPermissionsForm($chapter, $request);
$permissions = $request->filled('restrictions') ? collect($request->get('restrictions')) : null;
$this->chapterRepo->updatePermissions($chapter, $restricted, $permissions);
$this->showSuccessNotification(trans('entities.chapters_permissions_success')); $this->showSuccessNotification(trans('entities.chapters_permissions_success'));
return redirect($chapter->getUrl()); return redirect($chapter->getUrl());

7
app/Http/Controllers/PageController.php
View file

@ -5,6 +5,7 @@ use BookStack\Entities\Tools\PageContent;
use BookStack\Entities\Tools\PageEditActivity; use BookStack\Entities\Tools\PageEditActivity;
use BookStack\Entities\Models\Page; use BookStack\Entities\Models\Page;
use BookStack\Entities\Repos\PageRepo; use BookStack\Entities\Repos\PageRepo;
use BookStack\Entities\Tools\PermissionsUpdater;
use BookStack\Exceptions\NotFoundException; use BookStack\Exceptions\NotFoundException;
use BookStack\Exceptions\NotifyException; use BookStack\Exceptions\NotifyException;
use BookStack\Exceptions\PermissionsException; use BookStack\Exceptions\PermissionsException;
@ -453,14 +454,12 @@ class PageController extends Controller
* @throws NotFoundException * @throws NotFoundException
* @throws Throwable * @throws Throwable
*/ */
public function permissions(Request $request, string $bookSlug, string $pageSlug) public function permissions(Request $request, PermissionsUpdater $permissionsUpdater, string $bookSlug, string $pageSlug)
{ {
$page = $this->pageRepo->getBySlug($bookSlug, $pageSlug); $page = $this->pageRepo->getBySlug($bookSlug, $pageSlug);
$this->checkOwnablePermission('restrictions-manage', $page); $this->checkOwnablePermission('restrictions-manage', $page);
$restricted = $request->get('restricted') === 'true'; $permissionsUpdater->updateFromPermissionsForm($page, $request);
$permissions = $request->filled('restrictions') ? collect($request->get('restrictions')) : null;
$this->pageRepo->updatePermissions($page, $restricted, $permissions);
$this->showSuccessNotification(trans('entities.pages_permissions_success')); $this->showSuccessNotification(trans('entities.pages_permissions_success'));
return redirect($page->getUrl()); return redirect($page->getUrl());

2
app/Http/Controllers/UserSearchController.php
View file

@ -19,7 +19,7 @@ class UserSearchController extends Controller
->take(20); ->take(20);
if (!empty($search)) { if (!empty($search)) {
$query->where(function(Builder $query) use ($search) { $query->where(function (Builder $query) use ($search) {
$query->where('email', 'like', '%' . $search . '%') $query->where('email', 'like', '%' . $search . '%')
->orWhere('name', 'like', '%' . $search . '%'); ->orWhere('name', 'like', '%' . $search . '%');
}); });