Зуев Егор / wiki.dev

Go to a project
Toggle navigation
Toggle navigation pinning
Dan Brown
6e03078d 1 parent 1a7de4c2

Started work towards adding role view permissions 

Work halted as re-write required.
In reference to #92
Inline Side-by-side
Showing 5 changed files with 73 additions and 5 deletions
1 -<?php 1 +<?php namespace BookStack\Http\Controllers;
2 -
3 -namespace BookStack\Http\Controllers;
4 2
5 use Activity; 3 use Activity;
6 use BookStack\Repos\UserRepo; 4 use BookStack\Repos\UserRepo;
7 use Illuminate\Http\Request; 5 use Illuminate\Http\Request;
8 -
9 use Illuminate\Support\Facades\Auth; 6 use Illuminate\Support\Facades\Auth;
10 -use Illuminate\Support\Str;
11 use BookStack\Http\Requests; 7 use BookStack\Http\Requests;
12 use BookStack\Repos\BookRepo; 8 use BookStack\Repos\BookRepo;
13 use BookStack\Repos\ChapterRepo; 9 use BookStack\Repos\ChapterRepo;
...@@ -95,6 +91,7 @@ class BookController extends Controller ...@@ -95,6 +91,7 @@ class BookController extends Controller
95 public function show($slug) 91 public function show($slug)
96 { 92 {
97 $book = $this->bookRepo->getBySlug($slug); 93 $book = $this->bookRepo->getBySlug($slug);
94 + $this->checkOwnablePermission('book-view', $book);
98 $bookChildren = $this->bookRepo->getChildren($book); 95 $bookChildren = $this->bookRepo->getChildren($book);
99 Views::add($book); 96 Views::add($book);
100 $this->setPageTitle($book->getShortName()); 97 $this->setPageTitle($book->getShortName());
......
...@@ -77,6 +77,7 @@ class ChapterController extends Controller ...@@ -77,6 +77,7 @@ class ChapterController extends Controller
77 { 77 {
78 $book = $this->bookRepo->getBySlug($bookSlug); 78 $book = $this->bookRepo->getBySlug($bookSlug);
79 $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id); 79 $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
80 + $this->checkOwnablePermission('chapter-view', $chapter);
80 $sidebarTree = $this->bookRepo->getChildren($book); 81 $sidebarTree = $this->bookRepo->getChildren($book);
81 Views::add($chapter); 82 Views::add($chapter);
82 $this->setPageTitle($chapter->getShortName()); 83 $this->setPageTitle($chapter->getShortName());
......
...@@ -127,6 +127,8 @@ class PageController extends Controller ...@@ -127,6 +127,8 @@ class PageController extends Controller
127 return redirect($page->getUrl()); 127 return redirect($page->getUrl());
128 } 128 }
129 129
130 + $this->checkOwnablePermission('page-view', $page);
131 +
130 $sidebarTree = $this->bookRepo->getChildren($book); 132 $sidebarTree = $this->bookRepo->getChildren($book);
131 Views::add($page); 133 Views::add($page);
132 $this->setPageTitle($page->getShortName()); 134 $this->setPageTitle($page->getShortName());
......
1 +<?php
2 +
3 +use Illuminate\Database\Schema\Blueprint;
4 +use Illuminate\Database\Migrations\Migration;
5 +
6 +class AddViewPermissionsToRoles extends Migration
7 +{
8 + /**
9 + * Run the migrations.
10 + *
11 + * @return void
12 + */
13 + public function up()
14 + {
15 + $currentRoles = \BookStack\Role::all();
16 +
17 + // Create new view permissions
18 + $entities = ['Book', 'Page', 'Chapter'];
19 + $ops = ['View All', 'View Own'];
20 + foreach ($entities as $entity) {
21 + foreach ($ops as $op) {
22 + $newPermission = new \BookStack\Permission();
23 + $newPermission->name = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op));
24 + $newPermission->display_name = $op . ' ' . $entity . 's';
25 + $newPermission->save();
26 + foreach ($currentRoles as $role) {
27 + $role->attachPermission($newPermission);
28 + }
29 + }
30 + }
31 + }
32 +
33 + /**
34 + * Reverse the migrations.
35 + *
36 + * @return void
37 + */
38 + public function down()
39 + {
40 + // Delete the new view permissions
41 + $entities = ['Book', 'Page', 'Chapter'];
42 + $ops = ['View All', 'View Own'];
43 + foreach ($entities as $entity) {
44 + foreach ($ops as $op) {
45 + $permissionName = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op));
46 + $newPermission = \BookStack\Permission::where('name', '=', $permissionName)->first();
47 + foreach ($newPermission->roles as $role) {
48 + $role->detachPermission($newPermission);
49 + }
50 + $newPermission->delete();
51 + }
52 + }
53 + }
54 +}
...@@ -49,6 +49,7 @@ ...@@ -49,6 +49,7 @@
49 <tr> 49 <tr>
50 <th></th> 50 <th></th>
51 <th>Create</th> 51 <th>Create</th>
52 + <th>View</th>
52 <th>Edit</th> 53 <th>Edit</th>
53 <th>Delete</th> 54 <th>Delete</th>
54 </tr> 55 </tr>
...@@ -58,6 +59,10 @@ ...@@ -58,6 +59,10 @@
58 <label>@include('settings/roles/checkbox', ['permission' => 'book-create-all']) All</label> 59 <label>@include('settings/roles/checkbox', ['permission' => 'book-create-all']) All</label>
59 </td> 60 </td>
60 <td> 61 <td>
62 + <label>@include('settings/roles/checkbox', ['permission' => 'book-view-own']) Own</label>
63 + <label>@include('settings/roles/checkbox', ['permission' => 'book-view-all']) All</label>
64 + </td>
65 + <td>
61 <label>@include('settings/roles/checkbox', ['permission' => 'book-update-own']) Own</label> 66 <label>@include('settings/roles/checkbox', ['permission' => 'book-update-own']) Own</label>
62 <label>@include('settings/roles/checkbox', ['permission' => 'book-update-all']) All</label> 67 <label>@include('settings/roles/checkbox', ['permission' => 'book-update-all']) All</label>
63 </td> 68 </td>
...@@ -73,6 +78,10 @@ ...@@ -73,6 +78,10 @@
73 <label>@include('settings/roles/checkbox', ['permission' => 'chapter-create-all']) All</label> 78 <label>@include('settings/roles/checkbox', ['permission' => 'chapter-create-all']) All</label>
74 </td> 79 </td>
75 <td> 80 <td>
81 + <label>@include('settings/roles/checkbox', ['permission' => 'chapter-view-own']) Own</label>
82 + <label>@include('settings/roles/checkbox', ['permission' => 'chapter-view-all']) All</label>
83 + </td>
84 + <td>
76 <label>@include('settings/roles/checkbox', ['permission' => 'chapter-update-own']) Own</label> 85 <label>@include('settings/roles/checkbox', ['permission' => 'chapter-update-own']) Own</label>
77 <label>@include('settings/roles/checkbox', ['permission' => 'chapter-update-all']) All</label> 86 <label>@include('settings/roles/checkbox', ['permission' => 'chapter-update-all']) All</label>
78 </td> 87 </td>
...@@ -88,6 +97,10 @@ ...@@ -88,6 +97,10 @@
88 <label>@include('settings/roles/checkbox', ['permission' => 'page-create-all']) All</label> 97 <label>@include('settings/roles/checkbox', ['permission' => 'page-create-all']) All</label>
89 </td> 98 </td>
90 <td> 99 <td>
100 + <label>@include('settings/roles/checkbox', ['permission' => 'page-view-own']) Own</label>
101 + <label>@include('settings/roles/checkbox', ['permission' => 'page-view-all']) All</label>
102 + </td>
103 + <td>
91 <label>@include('settings/roles/checkbox', ['permission' => 'page-update-own']) Own</label> 104 <label>@include('settings/roles/checkbox', ['permission' => 'page-update-own']) Own</label>
92 <label>@include('settings/roles/checkbox', ['permission' => 'page-update-all']) All</label> 105 <label>@include('settings/roles/checkbox', ['permission' => 'page-update-all']) All</label>
93 </td> 106 </td>
...@@ -99,6 +112,7 @@ ...@@ -99,6 +112,7 @@
99 <tr> 112 <tr>
100 <td>Images</td> 113 <td>Images</td>
101 <td>@include('settings/roles/checkbox', ['permission' => 'image-create-all'])</td> 114 <td>@include('settings/roles/checkbox', ['permission' => 'image-create-all'])</td>
115 + <td></td>
102 <td> 116 <td>
103 <label>@include('settings/roles/checkbox', ['permission' => 'image-update-own']) Own</label> 117 <label>@include('settings/roles/checkbox', ['permission' => 'image-update-own']) Own</label>
104 <label>@include('settings/roles/checkbox', ['permission' => 'image-update-all']) All</label> 118 <label>@include('settings/roles/checkbox', ['permission' => 'image-update-all']) All</label>
......