From ae834050f58ab8dd963ac390c11e48a674b2bd8b Mon Sep 17 00:00:00 2001
From: Dan Brown <ssddanbrown@googlemail.com>
Date: Wed, 12 Jul 2023 22:04:05 +0100
Subject: [PATCH] Shelf permissions: reverted create removal
Reverted work in 847a57a49aef525d2f7f429a30e58a34cf69d43f.
Left test in but updated to new expectation.
Left migration in but removed content to prevent new pre-v23.06
upgraders loosing shelf create permission status.
Added note to permission to describe use-case.
For #4375
---
...remove_bookshelf_create_entity_permissions.php | 7 ++++---
lang/en/entities.php | 1 +
.../views/form/entity-permissions-row.blade.php | 4 ++--
resources/views/form/entity-permissions.blade.php | 15 ++++++++++++---
tests/Permissions/EntityPermissionsTest.php | 5 +++--
5 files changed, 22 insertions(+), 10 deletions(-)
diff --git a/database/migrations/2023_06_25_181952_remove_bookshelf_create_entity_permissions.php b/database/migrations/2023_06_25_181952_remove_bookshelf_create_entity_permissions.php
index efb65972b..b5dcaee75 100644
--- a/database/migrations/2023_06_25_181952_remove_bookshelf_create_entity_permissions.php
+++ b/database/migrations/2023_06_25_181952_remove_bookshelf_create_entity_permissions.php
@@ -12,9 +12,10 @@ return new class extends Migration
*/
public function up()
{
- DB::table('entity_permissions')
- ->where('entity_type', '=', 'bookshelf')
- ->update(['create' => 0]);
+ // Note: v23.06.2
+ // Migration removed since change to remove bookshelf create permissions was reverted.
+ // Create permissions were removed as incorrectly thought to be unused, but they did
+ // have a use via shelf permission copy-down to books.
}
/**
diff --git a/lang/en/entities.php b/lang/en/entities.php
index 8cd7e925f..4fb043aa9 100644
--- a/lang/en/entities.php
+++ b/lang/en/entities.php
@@ -106,6 +106,7 @@ return [
'shelves_permissions_updated' => 'Shelf Permissions Updated',
'shelves_permissions_active' => 'Shelf Permissions Active',
'shelves_permissions_cascade_warning' => 'Permissions on shelves do not automatically cascade to contained books. This is because a book can exist on multiple shelves. Permissions can however be copied down to child books using the option found below.',
+ 'shelves_permissions_create' => 'Shelf create permissions are only used for copying permissions to child books using the action below. They do not control the ability to create books.',
'shelves_copy_permissions_to_books' => 'Copy Permissions to Books',
'shelves_copy_permissions' => 'Copy Permissions',
'shelves_copy_permissions_explain' => 'This will apply the current permission settings of this shelf to all books contained within. Before activating, ensure any changes to the permissions of this shelf have been saved.',
diff --git a/resources/views/form/entity-permissions-row.blade.php b/resources/views/form/entity-permissions-row.blade.php
index 5c2e86741..a47027d79 100644
--- a/resources/views/form/entity-permissions-row.blade.php
+++ b/resources/views/form/entity-permissions-row.blade.php
@@ -44,11 +44,11 @@ $inheriting - Boolean if the current row should be marked as inheriting default
'disabled' => $inheriting
])
</div>
- @if($entityType !== 'page' && $entityType !== 'bookshelf')
+ @if($entityType !== 'page')
<div class="px-l">
@include('form.custom-checkbox', [
'name' => 'permissions[' . $role->id . '][create]',
- 'label' => trans('common.create'),
+ 'label' => trans('common.create') . ($entityType === 'bookshelf' ? ' *' : ''),
'value' => 'true',
'checked' => $permission->create,
'disabled' => $inheriting
diff --git a/resources/views/form/entity-permissions.blade.php b/resources/views/form/entity-permissions.blade.php
index 8eddac8de..cf5314ad4 100644
--- a/resources/views/form/entity-permissions.blade.php
+++ b/resources/views/form/entity-permissions.blade.php
@@ -70,8 +70,17 @@
<hr class="mb-m">
- <div class="text-right">
- <a href="{{ $model->getUrl() }}" class="button outline">{{ trans('common.cancel') }}</a>
- <button type="submit" class="button">{{ trans('entities.permissions_save') }}</button>
+ <div class="flex-container-row justify-space-between gap-m wrap">
+ <div class="flex min-width-m">
+ @if($model instanceof \BookStack\Entities\Models\Bookshelf)
+ <p class="small text-muted mb-none">
+ * {{ trans('entities.shelves_permissions_create') }}
+ </p>
+ @endif
+ </div>
+ <div class="text-right">
+ <a href="{{ $model->getUrl() }}" class="button outline">{{ trans('common.cancel') }}</a>
+ <button type="submit" class="button">{{ trans('entities.permissions_save') }}</button>
+ </div>
</div>
</form>
\ No newline at end of file
diff --git a/tests/Permissions/EntityPermissionsTest.php b/tests/Permissions/EntityPermissionsTest.php
index 035546593..6ea0257b8 100644
--- a/tests/Permissions/EntityPermissionsTest.php
+++ b/tests/Permissions/EntityPermissionsTest.php
@@ -413,13 +413,14 @@ class EntityPermissionsTest extends TestCase
$this->entityRestrictionFormTest(Page::class, 'Page Permissions', 'delete', '2');
}
- public function test_shelf_create_permission_not_visible()
+ public function test_shelf_create_permission_visible_with_notice()
{
$shelf = $this->entities->shelf();
$resp = $this->asAdmin()->get($shelf->getUrl('/permissions'));
$html = $this->withHtml($resp);
- $html->assertElementNotExists('input[name$="[create]"]');
+ $html->assertElementExists('input[name$="[create]"]');
+ $resp->assertSee('Shelf create permissions are only used for copying permissions to child books using the action below.');
}
public function test_restricted_pages_not_visible_in_book_navigation_on_pages()