Зуев Егор / wiki.dev

Go to a project
Toggle navigation
Toggle navigation pinning
Dan Brown
75a4fc90 1 parent 05666efd

Major permission naming refactor and database migration cleanup

Inline Side-by-side
Showing 42 changed files with 482 additions and 352 deletions
...@@ -26,7 +26,7 @@ class Activity extends Model ...@@ -26,7 +26,7 @@ class Activity extends Model
26 */ 26 */
27 public function user() 27 public function user()
28 { 28 {
29 - return $this->belongsTo('BookStack\User'); 29 + return $this->belongsTo(User::class);
30 } 30 }
31 31
32 /** 32 /**
......
1 -<?php 1 +<?php namespace BookStack;
2 -
3 -namespace BookStack;
4 2
5 class Book extends Entity 3 class Book extends Entity
6 { 4 {
7 5
8 protected $fillable = ['name', 'description']; 6 protected $fillable = ['name', 'description'];
9 7
8 + /**
9 + * Get the url for this book.
10 + * @return string
11 + */
10 public function getUrl() 12 public function getUrl()
11 { 13 {
12 return '/books/' . $this->slug; 14 return '/books/' . $this->slug;
13 } 15 }
14 16
17 + /*
18 + * Get the edit url for this book.
19 + * @return string
20 + */
15 public function getEditUrl() 21 public function getEditUrl()
16 { 22 {
17 return $this->getUrl() . '/edit'; 23 return $this->getUrl() . '/edit';
18 } 24 }
19 25
26 + /**
27 + * Get all pages within this book.
28 + * @return \Illuminate\Database\Eloquent\Relations\HasMany
29 + */
20 public function pages() 30 public function pages()
21 { 31 {
22 - return $this->hasMany('BookStack\Page'); 32 + return $this->hasMany(Page::class);
23 } 33 }
24 34
35 + /**
36 + * Get all chapters within this book.
37 + * @return \Illuminate\Database\Eloquent\Relations\HasMany
38 + */
25 public function chapters() 39 public function chapters()
26 { 40 {
27 - return $this->hasMany('BookStack\Chapter'); 41 + return $this->hasMany(Chapter::class);
28 } 42 }
29 43
44 + /**
45 + * Get an excerpt of this book's description to the specified length or less.
46 + * @param int $length
47 + * @return string
48 + */
30 public function getExcerpt($length = 100) 49 public function getExcerpt($length = 100)
31 { 50 {
32 - return strlen($this->description) > $length ? substr($this->description, 0, $length-3) . '...' : $this->description; 51 + $description = $this->description;
52 + return strlen($description) > $length ? substr($description, 0, $length-3) . '...' : $description;
33 } 53 }
34 54
35 } 55 }
......
...@@ -5,25 +5,43 @@ class Chapter extends Entity ...@@ -5,25 +5,43 @@ class Chapter extends Entity
5 { 5 {
6 protected $fillable = ['name', 'description', 'priority', 'book_id']; 6 protected $fillable = ['name', 'description', 'priority', 'book_id'];
7 7
8 + /**
9 + * Get the book this chapter is within.
10 + * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
11 + */
8 public function book() 12 public function book()
9 { 13 {
10 - return $this->belongsTo('BookStack\Book'); 14 + return $this->belongsTo(Book::class);
11 } 15 }
12 16
17 + /**
18 + * Get the pages that this chapter contains.
19 + * @return mixed
20 + */
13 public function pages() 21 public function pages()
14 { 22 {
15 - return $this->hasMany('BookStack\Page')->orderBy('priority', 'ASC'); 23 + return $this->hasMany(Page::class)->orderBy('priority', 'ASC');
16 } 24 }
17 25
26 + /**
27 + * Get the url of this chapter.
28 + * @return string
29 + */
18 public function getUrl() 30 public function getUrl()
19 { 31 {
20 $bookSlug = $this->getAttribute('bookSlug') ? $this->getAttribute('bookSlug') : $this->book->slug; 32 $bookSlug = $this->getAttribute('bookSlug') ? $this->getAttribute('bookSlug') : $this->book->slug;
21 return '/books/' . $bookSlug. '/chapter/' . $this->slug; 33 return '/books/' . $bookSlug. '/chapter/' . $this->slug;
22 } 34 }
23 35
36 + /**
37 + * Get an excerpt of this chapter's description to the specified length or less.
38 + * @param int $length
39 + * @return string
40 + */
24 public function getExcerpt($length = 100) 41 public function getExcerpt($length = 100)
25 { 42 {
26 - return strlen($this->description) > $length ? substr($this->description, 0, $length-3) . '...' : $this->description; 43 + $description = $this->description;
44 + return strlen($description) > $length ? substr($description, 0, $length-3) . '...' : $description;
27 } 45 }
28 46
29 } 47 }
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
2 2
3 namespace BookStack\Console\Commands; 3 namespace BookStack\Console\Commands;
4 4
5 -use BookStack\Services\RestrictionService; 5 +use BookStack\Services\PermissionService;
6 use Illuminate\Console\Command; 6 use Illuminate\Console\Command;
7 7
8 class RegeneratePermissions extends Command 8 class RegeneratePermissions extends Command
...@@ -24,18 +24,18 @@ class RegeneratePermissions extends Command ...@@ -24,18 +24,18 @@ class RegeneratePermissions extends Command
24 /** 24 /**
25 * The service to handle the permission system. 25 * The service to handle the permission system.
26 * 26 *
27 - * @var RestrictionService 27 + * @var PermissionService
28 */ 28 */
29 - protected $restrictionService; 29 + protected $permissionService;
30 30
31 /** 31 /**
32 * Create a new command instance. 32 * Create a new command instance.
33 * 33 *
34 - * @param RestrictionService $restrictionService 34 + * @param PermissionService $permissionService
35 */ 35 */
36 - public function __construct(RestrictionService $restrictionService) 36 + public function __construct(PermissionService $permissionService)
37 { 37 {
38 - $this->restrictionService = $restrictionService; 38 + $this->permissionService = $permissionService;
39 parent::__construct(); 39 parent::__construct();
40 } 40 }
41 41
...@@ -46,6 +46,6 @@ class RegeneratePermissions extends Command ...@@ -46,6 +46,6 @@ class RegeneratePermissions extends Command
46 */ 46 */
47 public function handle() 47 public function handle()
48 { 48 {
49 - $this->restrictionService->buildEntityPermissions(); 49 + $this->permissionService->buildJointPermissions();
50 } 50 }
51 } 51 }
......
1 -<?php 1 +<?php namespace BookStack;
2 -
3 -namespace BookStack;
4 2
5 class EmailConfirmation extends Model 3 class EmailConfirmation extends Model
6 { 4 {
7 protected $fillable = ['user_id', 'token']; 5 protected $fillable = ['user_id', 'token'];
8 6
7 + /**
8 + * Get the user that this confirmation is attached to.
9 + * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
10 + */
9 public function user() 11 public function user()
10 { 12 {
11 - return $this->belongsTo('BookStack\User'); 13 + return $this->belongsTo(User::class);
12 } 14 }
15 +
13 } 16 }
......
...@@ -43,7 +43,7 @@ abstract class Entity extends Ownable ...@@ -43,7 +43,7 @@ abstract class Entity extends Ownable
43 */ 43 */
44 public function activity() 44 public function activity()
45 { 45 {
46 - return $this->morphMany('BookStack\Activity', 'entity')->orderBy('created_at', 'desc'); 46 + return $this->morphMany(Activity::class, 'entity')->orderBy('created_at', 'desc');
47 } 47 }
48 48
49 /** 49 /**
...@@ -51,15 +51,15 @@ abstract class Entity extends Ownable ...@@ -51,15 +51,15 @@ abstract class Entity extends Ownable
51 */ 51 */
52 public function views() 52 public function views()
53 { 53 {
54 - return $this->morphMany('BookStack\View', 'viewable'); 54 + return $this->morphMany(View::class, 'viewable');
55 } 55 }
56 56
57 /** 57 /**
58 * Get this entities restrictions. 58 * Get this entities restrictions.
59 */ 59 */
60 - public function restrictions() 60 + public function permissions()
61 { 61 {
62 - return $this->morphMany('BookStack\Restriction', 'restrictable'); 62 + return $this->morphMany(EntityPermission::class, 'restrictable');
63 } 63 }
64 64
65 /** 65 /**
...@@ -70,7 +70,7 @@ abstract class Entity extends Ownable ...@@ -70,7 +70,7 @@ abstract class Entity extends Ownable
70 */ 70 */
71 public function hasRestriction($role_id, $action) 71 public function hasRestriction($role_id, $action)
72 { 72 {
73 - return $this->restrictions()->where('role_id', '=', $role_id) 73 + return $this->permissions()->where('role_id', '=', $role_id)
74 ->where('action', '=', $action)->count() > 0; 74 ->where('action', '=', $action)->count() > 0;
75 } 75 }
76 76
...@@ -86,12 +86,12 @@ abstract class Entity extends Ownable ...@@ -86,12 +86,12 @@ abstract class Entity extends Ownable
86 } 86 }
87 87
88 /** 88 /**
89 - * Get the entity permissions this is connected to. 89 + * Get the entity jointPermissions this is connected to.
90 * @return \Illuminate\Database\Eloquent\Relations\MorphMany 90 * @return \Illuminate\Database\Eloquent\Relations\MorphMany
91 */ 91 */
92 - public function permissions() 92 + public function jointPermissions()
93 { 93 {
94 - return $this->morphMany(EntityPermission::class, 'entity'); 94 + return $this->morphMany(JointPermission::class, 'entity');
95 } 95 }
96 96
97 /** 97 /**
......
1 <?php namespace BookStack; 1 <?php namespace BookStack;
2 2
3 +
3 class EntityPermission extends Model 4 class EntityPermission extends Model
4 { 5 {
5 - public $timestamps = false;
6 6
7 - /** 7 + protected $fillable = ['role_id', 'action'];
8 - * Get the role that this points to. 8 + public $timestamps = false;
9 - * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
10 - */
11 - public function role()
12 - {
13 - return $this->belongsTo(Role::class);
14 - }
15 9
16 /** 10 /**
17 - * Get the entity this points to. 11 + * Get all this restriction's attached entity.
18 - * @return \Illuminate\Database\Eloquent\Relations\MorphOne 12 + * @return \Illuminate\Database\Eloquent\Relations\MorphTo
19 */ 13 */
20 - public function entity() 14 + public function restrictable()
21 { 15 {
22 - return $this->morphOne(Entity::class, 'entity'); 16 + return $this->morphTo('restrictable');
23 } 17 }
24 } 18 }
......
...@@ -252,7 +252,7 @@ class BookController extends Controller ...@@ -252,7 +252,7 @@ class BookController extends Controller
252 { 252 {
253 $book = $this->bookRepo->getBySlug($bookSlug); 253 $book = $this->bookRepo->getBySlug($bookSlug);
254 $this->checkOwnablePermission('restrictions-manage', $book); 254 $this->checkOwnablePermission('restrictions-manage', $book);
255 - $this->bookRepo->updateRestrictionsFromRequest($request, $book); 255 + $this->bookRepo->updateEntityPermissionsFromRequest($request, $book);
256 session()->flash('success', 'Book Restrictions Updated'); 256 session()->flash('success', 'Book Restrictions Updated');
257 return redirect($book->getUrl()); 257 return redirect($book->getUrl());
258 } 258 }
......
...@@ -184,7 +184,7 @@ class ChapterController extends Controller ...@@ -184,7 +184,7 @@ class ChapterController extends Controller
184 $book = $this->bookRepo->getBySlug($bookSlug); 184 $book = $this->bookRepo->getBySlug($bookSlug);
185 $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id); 185 $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
186 $this->checkOwnablePermission('restrictions-manage', $chapter); 186 $this->checkOwnablePermission('restrictions-manage', $chapter);
187 - $this->chapterRepo->updateRestrictionsFromRequest($request, $chapter); 187 + $this->chapterRepo->updateEntityPermissionsFromRequest($request, $chapter);
188 session()->flash('success', 'Chapter Restrictions Updated'); 188 session()->flash('success', 'Chapter Restrictions Updated');
189 return redirect($chapter->getUrl()); 189 return redirect($chapter->getUrl());
190 } 190 }
......
...@@ -451,7 +451,7 @@ class PageController extends Controller ...@@ -451,7 +451,7 @@ class PageController extends Controller
451 } 451 }
452 452
453 /** 453 /**
454 - * Set the restrictions for this page. 454 + * Set the permissions for this page.
455 * @param $bookSlug 455 * @param $bookSlug
456 * @param $pageSlug 456 * @param $pageSlug
457 * @param Request $request 457 * @param Request $request
...@@ -462,8 +462,8 @@ class PageController extends Controller ...@@ -462,8 +462,8 @@ class PageController extends Controller
462 $book = $this->bookRepo->getBySlug($bookSlug); 462 $book = $this->bookRepo->getBySlug($bookSlug);
463 $page = $this->pageRepo->getBySlug($pageSlug, $book->id); 463 $page = $this->pageRepo->getBySlug($pageSlug, $book->id);
464 $this->checkOwnablePermission('restrictions-manage', $page); 464 $this->checkOwnablePermission('restrictions-manage', $page);
465 - $this->pageRepo->updateRestrictionsFromRequest($request, $page); 465 + $this->pageRepo->updateEntityPermissionsFromRequest($request, $page);
466 - session()->flash('success', 'Page Restrictions Updated'); 466 + session()->flash('success', 'Page Permissions Updated');
467 return redirect($page->getUrl()); 467 return redirect($page->getUrl());
468 } 468 }
469 469
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
2 2
3 use BookStack\Exceptions\PermissionsException; 3 use BookStack\Exceptions\PermissionsException;
4 use BookStack\Repos\PermissionsRepo; 4 use BookStack\Repos\PermissionsRepo;
5 -use BookStack\Services\RestrictionService; 5 +use BookStack\Services\PermissionService;
6 use Illuminate\Http\Request; 6 use Illuminate\Http\Request;
7 use BookStack\Http\Requests; 7 use BookStack\Http\Requests;
8 8
......
1 +<?php namespace BookStack;
2 +
3 +class JointPermission extends Model
4 +{
5 + public $timestamps = false;
6 +
7 + /**
8 + * Get the role that this points to.
9 + * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
10 + */
11 + public function role()
12 + {
13 + return $this->belongsTo(Role::class);
14 + }
15 +
16 + /**
17 + * Get the entity this points to.
18 + * @return \Illuminate\Database\Eloquent\Relations\MorphOne
19 + */
20 + public function entity()
21 + {
22 + return $this->morphOne(Entity::class, 'entity');
23 + }
24 +}
...@@ -9,7 +9,7 @@ abstract class Ownable extends Model ...@@ -9,7 +9,7 @@ abstract class Ownable extends Model
9 */ 9 */
10 public function createdBy() 10 public function createdBy()
11 { 11 {
12 - return $this->belongsTo('BookStack\User', 'created_by'); 12 + return $this->belongsTo(User::class, 'created_by');
13 } 13 }
14 14
15 /** 15 /**
...@@ -18,7 +18,7 @@ abstract class Ownable extends Model ...@@ -18,7 +18,7 @@ abstract class Ownable extends Model
18 */ 18 */
19 public function updatedBy() 19 public function updatedBy()
20 { 20 {
21 - return $this->belongsTo('BookStack\User', 'updated_by'); 21 + return $this->belongsTo(User::class, 'updated_by');
22 } 22 }
23 23
24 /** 24 /**
......
...@@ -7,6 +7,10 @@ class Page extends Entity ...@@ -7,6 +7,10 @@ class Page extends Entity
7 7
8 protected $simpleAttributes = ['name', 'id', 'slug']; 8 protected $simpleAttributes = ['name', 'id', 'slug'];
9 9
10 + /**
11 + * Converts this page into a simplified array.
12 + * @return mixed
13 + */
10 public function toSimpleArray() 14 public function toSimpleArray()
11 { 15 {
12 $array = array_intersect_key($this->toArray(), array_flip($this->simpleAttributes)); 16 $array = array_intersect_key($this->toArray(), array_flip($this->simpleAttributes));
...@@ -14,26 +18,46 @@ class Page extends Entity ...@@ -14,26 +18,46 @@ class Page extends Entity
14 return $array; 18 return $array;
15 } 19 }
16 20
21 + /**
22 + * Get the book this page sits in.
23 + * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
24 + */
17 public function book() 25 public function book()
18 { 26 {
19 - return $this->belongsTo('BookStack\Book'); 27 + return $this->belongsTo(Book::class);
20 } 28 }
21 29
30 + /**
31 + * Get the chapter that this page is in, If applicable.
32 + * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
33 + */
22 public function chapter() 34 public function chapter()
23 { 35 {
24 - return $this->belongsTo('BookStack\Chapter'); 36 + return $this->belongsTo(Chapter::class);
25 } 37 }
26 38
39 + /**
40 + * Check if this page has a chapter.
41 + * @return bool
42 + */
27 public function hasChapter() 43 public function hasChapter()
28 { 44 {
29 return $this->chapter()->count() > 0; 45 return $this->chapter()->count() > 0;
30 } 46 }
31 47
48 + /**
49 + * Get the associated page revisions, ordered by created date.
50 + * @return mixed
51 + */
32 public function revisions() 52 public function revisions()
33 { 53 {
34 - return $this->hasMany('BookStack\PageRevision')->where('type', '=', 'version')->orderBy('created_at', 'desc'); 54 + return $this->hasMany(PageRevision::class)->where('type', '=', 'version')->orderBy('created_at', 'desc');
35 } 55 }
36 56
57 + /**
58 + * Get the url for this page.
59 + * @return string
60 + */
37 public function getUrl() 61 public function getUrl()
38 { 62 {
39 $bookSlug = $this->getAttribute('bookSlug') ? $this->getAttribute('bookSlug') : $this->book->slug; 63 $bookSlug = $this->getAttribute('bookSlug') ? $this->getAttribute('bookSlug') : $this->book->slug;
...@@ -42,6 +66,11 @@ class Page extends Entity ...@@ -42,6 +66,11 @@ class Page extends Entity
42 return '/books/' . $bookSlug . $midText . $idComponent; 66 return '/books/' . $bookSlug . $midText . $idComponent;
43 } 67 }
44 68
69 + /**
70 + * Get an excerpt of this page's content to the specified length.
71 + * @param int $length
72 + * @return mixed
73 + */
45 public function getExcerpt($length = 100) 74 public function getExcerpt($length = 100)
46 { 75 {
47 $text = strlen($this->text) > $length ? substr($this->text, 0, $length-3) . '...' : $this->text; 76 $text = strlen($this->text) > $length ? substr($this->text, 0, $length-3) . '...' : $this->text;
......
...@@ -11,7 +11,7 @@ class PageRevision extends Model ...@@ -11,7 +11,7 @@ class PageRevision extends Model
11 */ 11 */
12 public function createdBy() 12 public function createdBy()
13 { 13 {
14 - return $this->belongsTo('BookStack\User', 'created_by'); 14 + return $this->belongsTo(User::class, 'created_by');
15 } 15 }
16 16
17 /** 17 /**
...@@ -20,7 +20,7 @@ class PageRevision extends Model ...@@ -20,7 +20,7 @@ class PageRevision extends Model
20 */ 20 */
21 public function page() 21 public function page()
22 { 22 {
23 - return $this->belongsTo('BookStack\Page'); 23 + return $this->belongsTo(Page::class);
24 } 24 }
25 25
26 /** 26 /**
......
...@@ -3,6 +3,7 @@ ...@@ -3,6 +3,7 @@
3 namespace BookStack\Providers; 3 namespace BookStack\Providers;
4 4
5 use Auth; 5 use Auth;
6 +use BookStack\Services\LdapService;
6 use Illuminate\Support\ServiceProvider; 7 use Illuminate\Support\ServiceProvider;
7 8
8 class AuthServiceProvider extends ServiceProvider 9 class AuthServiceProvider extends ServiceProvider
...@@ -25,7 +26,7 @@ class AuthServiceProvider extends ServiceProvider ...@@ -25,7 +26,7 @@ class AuthServiceProvider extends ServiceProvider
25 public function register() 26 public function register()
26 { 27 {
27 Auth::provider('ldap', function($app, array $config) { 28 Auth::provider('ldap', function($app, array $config) {
28 - return new LdapUserProvider($config['model'], $app['BookStack\Services\LdapService']); 29 + return new LdapUserProvider($config['model'], $app[LdapService::class]);
29 }); 30 });
30 } 31 }
31 } 32 }
......
...@@ -2,11 +2,18 @@ ...@@ -2,11 +2,18 @@
2 2
3 namespace BookStack\Providers; 3 namespace BookStack\Providers;
4 4
5 +use BookStack\Activity;
5 use BookStack\Services\ImageService; 6 use BookStack\Services\ImageService;
7 +use BookStack\Services\PermissionService;
6 use BookStack\Services\ViewService; 8 use BookStack\Services\ViewService;
9 +use BookStack\Setting;
10 +use BookStack\View;
11 +use Illuminate\Contracts\Cache\Repository;
12 +use Illuminate\Contracts\Filesystem\Factory;
7 use Illuminate\Support\ServiceProvider; 13 use Illuminate\Support\ServiceProvider;
8 use BookStack\Services\ActivityService; 14 use BookStack\Services\ActivityService;
9 use BookStack\Services\SettingService; 15 use BookStack\Services\SettingService;
16 +use Intervention\Image\ImageManager;
10 17
11 class CustomFacadeProvider extends ServiceProvider 18 class CustomFacadeProvider extends ServiceProvider
12 { 19 {
...@@ -29,30 +36,30 @@ class CustomFacadeProvider extends ServiceProvider ...@@ -29,30 +36,30 @@ class CustomFacadeProvider extends ServiceProvider
29 { 36 {
30 $this->app->bind('activity', function() { 37 $this->app->bind('activity', function() {
31 return new ActivityService( 38 return new ActivityService(
32 - $this->app->make('BookStack\Activity'), 39 + $this->app->make(Activity::class),
33 - $this->app->make('BookStack\Services\RestrictionService') 40 + $this->app->make(PermissionService::class)
34 ); 41 );
35 }); 42 });
36 43
37 $this->app->bind('views', function() { 44 $this->app->bind('views', function() {
38 return new ViewService( 45 return new ViewService(
39 - $this->app->make('BookStack\View'), 46 + $this->app->make(View::class),
40 - $this->app->make('BookStack\Services\RestrictionService') 47 + $this->app->make(PermissionService::class)
41 ); 48 );
42 }); 49 });
43 50
44 $this->app->bind('setting', function() { 51 $this->app->bind('setting', function() {
45 return new SettingService( 52 return new SettingService(
46 - $this->app->make('BookStack\Setting'), 53 + $this->app->make(Setting::class),
47 - $this->app->make('Illuminate\Contracts\Cache\Repository') 54 + $this->app->make(Repository::class)
48 ); 55 );
49 }); 56 });
50 57
51 $this->app->bind('images', function() { 58 $this->app->bind('images', function() {
52 return new ImageService( 59 return new ImageService(
53 - $this->app->make('Intervention\Image\ImageManager'), 60 + $this->app->make(ImageManager::class),
54 - $this->app->make('Illuminate\Contracts\Filesystem\Factory'), 61 + $this->app->make(Factory::class),
55 - $this->app->make('Illuminate\Contracts\Cache\Repository') 62 + $this->app->make(Repository::class)
56 ); 63 );
57 }); 64 });
58 } 65 }
......
...@@ -30,7 +30,7 @@ class BookRepo extends EntityRepo ...@@ -30,7 +30,7 @@ class BookRepo extends EntityRepo
30 */ 30 */
31 private function bookQuery() 31 private function bookQuery()
32 { 32 {
33 - return $this->restrictionService->enforceBookRestrictions($this->book, 'view'); 33 + return $this->permissionService->enforceBookRestrictions($this->book, 'view');
34 } 34 }
35 35
36 /** 36 /**
...@@ -134,7 +134,7 @@ class BookRepo extends EntityRepo ...@@ -134,7 +134,7 @@ class BookRepo extends EntityRepo
134 $book->created_by = auth()->user()->id; 134 $book->created_by = auth()->user()->id;
135 $book->updated_by = auth()->user()->id; 135 $book->updated_by = auth()->user()->id;
136 $book->save(); 136 $book->save();
137 - $this->restrictionService->buildEntityPermissionsForEntity($book); 137 + $this->permissionService->buildJointPermissionsForEntity($book);
138 return $book; 138 return $book;
139 } 139 }
140 140
...@@ -150,7 +150,7 @@ class BookRepo extends EntityRepo ...@@ -150,7 +150,7 @@ class BookRepo extends EntityRepo
150 $book->slug = $this->findSuitableSlug($book->name, $book->id); 150 $book->slug = $this->findSuitableSlug($book->name, $book->id);
151 $book->updated_by = auth()->user()->id; 151 $book->updated_by = auth()->user()->id;
152 $book->save(); 152 $book->save();
153 - $this->restrictionService->buildEntityPermissionsForEntity($book); 153 + $this->permissionService->buildJointPermissionsForEntity($book);
154 return $book; 154 return $book;
155 } 155 }
156 156
...@@ -168,18 +168,18 @@ class BookRepo extends EntityRepo ...@@ -168,18 +168,18 @@ class BookRepo extends EntityRepo
168 $this->chapterRepo->destroy($chapter); 168 $this->chapterRepo->destroy($chapter);
169 } 169 }
170 $book->views()->delete(); 170 $book->views()->delete();
171 - $book->restrictions()->delete(); 171 + $book->permissions()->delete();
172 - $this->restrictionService->deleteEntityPermissionsForEntity($book); 172 + $this->permissionService->deleteJointPermissionsForEntity($book);
173 $book->delete(); 173 $book->delete();
174 } 174 }
175 175
176 /** 176 /**
177 - * Alias method to update the book permissions in the RestrictionService. 177 + * Alias method to update the book jointPermissions in the PermissionService.
178 * @param Book $book 178 * @param Book $book
179 */ 179 */
180 public function updateBookPermissions(Book $book) 180 public function updateBookPermissions(Book $book)
181 { 181 {
182 - $this->restrictionService->buildEntityPermissionsForEntity($book); 182 + $this->permissionService->buildJointPermissionsForEntity($book);
183 } 183 }
184 184
185 /** 185 /**
...@@ -237,7 +237,7 @@ class BookRepo extends EntityRepo ...@@ -237,7 +237,7 @@ class BookRepo extends EntityRepo
237 public function getChildren(Book $book, $filterDrafts = false) 237 public function getChildren(Book $book, $filterDrafts = false)
238 { 238 {
239 $pageQuery = $book->pages()->where('chapter_id', '=', 0); 239 $pageQuery = $book->pages()->where('chapter_id', '=', 0);
240 - $pageQuery = $this->restrictionService->enforcePageRestrictions($pageQuery, 'view'); 240 + $pageQuery = $this->permissionService->enforcePageRestrictions($pageQuery, 'view');
241 241
242 if ($filterDrafts) { 242 if ($filterDrafts) {
243 $pageQuery = $pageQuery->where('draft', '=', false); 243 $pageQuery = $pageQuery->where('draft', '=', false);
...@@ -246,10 +246,10 @@ class BookRepo extends EntityRepo ...@@ -246,10 +246,10 @@ class BookRepo extends EntityRepo
246 $pages = $pageQuery->get(); 246 $pages = $pageQuery->get();
247 247
248 $chapterQuery = $book->chapters()->with(['pages' => function($query) use ($filterDrafts) { 248 $chapterQuery = $book->chapters()->with(['pages' => function($query) use ($filterDrafts) {
249 - $this->restrictionService->enforcePageRestrictions($query, 'view'); 249 + $this->permissionService->enforcePageRestrictions($query, 'view');
250 if ($filterDrafts) $query->where('draft', '=', false); 250 if ($filterDrafts) $query->where('draft', '=', false);
251 }]); 251 }]);
252 - $chapterQuery = $this->restrictionService->enforceChapterRestrictions($chapterQuery, 'view'); 252 + $chapterQuery = $this->permissionService->enforceChapterRestrictions($chapterQuery, 'view');
253 $chapters = $chapterQuery->get(); 253 $chapters = $chapterQuery->get();
254 $children = $pages->merge($chapters); 254 $children = $pages->merge($chapters);
255 $bookSlug = $book->slug; 255 $bookSlug = $book->slug;
...@@ -286,7 +286,7 @@ class BookRepo extends EntityRepo ...@@ -286,7 +286,7 @@ class BookRepo extends EntityRepo
286 public function getBySearch($term, $count = 20, $paginationAppends = []) 286 public function getBySearch($term, $count = 20, $paginationAppends = [])
287 { 287 {
288 $terms = $this->prepareSearchTerms($term); 288 $terms = $this->prepareSearchTerms($term);
289 - $books = $this->restrictionService->enforceBookRestrictions($this->book->fullTextSearchQuery(['name', 'description'], $terms)) 289 + $books = $this->permissionService->enforceBookRestrictions($this->book->fullTextSearchQuery(['name', 'description'], $terms))
290 ->paginate($count)->appends($paginationAppends); 290 ->paginate($count)->appends($paginationAppends);
291 $words = join('|', explode(' ', preg_quote(trim($term), '/'))); 291 $words = join('|', explode(' ', preg_quote(trim($term), '/')));
292 foreach ($books as $book) { 292 foreach ($books as $book) {
......
...@@ -10,12 +10,12 @@ use BookStack\Chapter; ...@@ -10,12 +10,12 @@ use BookStack\Chapter;
10 class ChapterRepo extends EntityRepo 10 class ChapterRepo extends EntityRepo
11 { 11 {
12 /** 12 /**
13 - * Base query for getting chapters, Takes restrictions into account. 13 + * Base query for getting chapters, Takes permissions into account.
14 * @return mixed 14 * @return mixed
15 */ 15 */
16 private function chapterQuery() 16 private function chapterQuery()
17 { 17 {
18 - return $this->restrictionService->enforceChapterRestrictions($this->chapter, 'view'); 18 + return $this->permissionService->enforceChapterRestrictions($this->chapter, 'view');
19 } 19 }
20 20
21 /** 21 /**
...@@ -67,7 +67,7 @@ class ChapterRepo extends EntityRepo ...@@ -67,7 +67,7 @@ class ChapterRepo extends EntityRepo
67 */ 67 */
68 public function getChildren(Chapter $chapter) 68 public function getChildren(Chapter $chapter)
69 { 69 {
70 - $pages = $this->restrictionService->enforcePageRestrictions($chapter->pages())->get(); 70 + $pages = $this->permissionService->enforcePageRestrictions($chapter->pages())->get();
71 // Sort items with drafts first then by priority. 71 // Sort items with drafts first then by priority.
72 return $pages->sortBy(function($child, $key) { 72 return $pages->sortBy(function($child, $key) {
73 $score = $child->priority; 73 $score = $child->priority;
...@@ -89,7 +89,7 @@ class ChapterRepo extends EntityRepo ...@@ -89,7 +89,7 @@ class ChapterRepo extends EntityRepo
89 $chapter->created_by = auth()->user()->id; 89 $chapter->created_by = auth()->user()->id;
90 $chapter->updated_by = auth()->user()->id; 90 $chapter->updated_by = auth()->user()->id;
91 $chapter = $book->chapters()->save($chapter); 91 $chapter = $book->chapters()->save($chapter);
92 - $this->restrictionService->buildEntityPermissionsForEntity($chapter); 92 + $this->permissionService->buildJointPermissionsForEntity($chapter);
93 return $chapter; 93 return $chapter;
94 } 94 }
95 95
...@@ -107,8 +107,8 @@ class ChapterRepo extends EntityRepo ...@@ -107,8 +107,8 @@ class ChapterRepo extends EntityRepo
107 } 107 }
108 Activity::removeEntity($chapter); 108 Activity::removeEntity($chapter);
109 $chapter->views()->delete(); 109 $chapter->views()->delete();
110 - $chapter->restrictions()->delete(); 110 + $chapter->permissions()->delete();
111 - $this->restrictionService->deleteEntityPermissionsForEntity($chapter); 111 + $this->permissionService->deleteJointPermissionsForEntity($chapter);
112 $chapter->delete(); 112 $chapter->delete();
113 } 113 }
114 114
...@@ -168,7 +168,7 @@ class ChapterRepo extends EntityRepo ...@@ -168,7 +168,7 @@ class ChapterRepo extends EntityRepo
168 public function getBySearch($term, $whereTerms = [], $count = 20, $paginationAppends = []) 168 public function getBySearch($term, $whereTerms = [], $count = 20, $paginationAppends = [])
169 { 169 {
170 $terms = $this->prepareSearchTerms($term); 170 $terms = $this->prepareSearchTerms($term);
171 - $chapters = $this->restrictionService->enforceChapterRestrictions($this->chapter->fullTextSearchQuery(['name', 'description'], $terms, $whereTerms)) 171 + $chapters = $this->permissionService->enforceChapterRestrictions($this->chapter->fullTextSearchQuery(['name', 'description'], $terms, $whereTerms))
172 ->paginate($count)->appends($paginationAppends); 172 ->paginate($count)->appends($paginationAppends);
173 $words = join('|', explode(' ', preg_quote(trim($term), '/'))); 173 $words = join('|', explode(' ', preg_quote(trim($term), '/')));
174 foreach ($chapters as $chapter) { 174 foreach ($chapters as $chapter) {
......
...@@ -4,7 +4,7 @@ use BookStack\Book; ...@@ -4,7 +4,7 @@ use BookStack\Book;
4 use BookStack\Chapter; 4 use BookStack\Chapter;
5 use BookStack\Entity; 5 use BookStack\Entity;
6 use BookStack\Page; 6 use BookStack\Page;
7 -use BookStack\Services\RestrictionService; 7 +use BookStack\Services\PermissionService;
8 use BookStack\User; 8 use BookStack\User;
9 9
10 class EntityRepo 10 class EntityRepo
...@@ -26,9 +26,9 @@ class EntityRepo ...@@ -26,9 +26,9 @@ class EntityRepo
26 public $page; 26 public $page;
27 27
28 /** 28 /**
29 - * @var RestrictionService 29 + * @var PermissionService
30 */ 30 */
31 - protected $restrictionService; 31 + protected $permissionService;
32 32
33 /** 33 /**
34 * EntityService constructor. 34 * EntityService constructor.
...@@ -38,7 +38,7 @@ class EntityRepo ...@@ -38,7 +38,7 @@ class EntityRepo
38 $this->book = app(Book::class); 38 $this->book = app(Book::class);
39 $this->chapter = app(Chapter::class); 39 $this->chapter = app(Chapter::class);
40 $this->page = app(Page::class); 40 $this->page = app(Page::class);
41 - $this->restrictionService = app(RestrictionService::class); 41 + $this->permissionService = app(PermissionService::class);
42 } 42 }
43 43
44 /** 44 /**
...@@ -50,7 +50,7 @@ class EntityRepo ...@@ -50,7 +50,7 @@ class EntityRepo
50 */ 50 */
51 public function getRecentlyCreatedBooks($count = 20, $page = 0, $additionalQuery = false) 51 public function getRecentlyCreatedBooks($count = 20, $page = 0, $additionalQuery = false)
52 { 52 {
53 - $query = $this->restrictionService->enforceBookRestrictions($this->book) 53 + $query = $this->permissionService->enforceBookRestrictions($this->book)
54 ->orderBy('created_at', 'desc'); 54 ->orderBy('created_at', 'desc');
55 if ($additionalQuery !== false && is_callable($additionalQuery)) { 55 if ($additionalQuery !== false && is_callable($additionalQuery)) {
56 $additionalQuery($query); 56 $additionalQuery($query);
...@@ -66,7 +66,7 @@ class EntityRepo ...@@ -66,7 +66,7 @@ class EntityRepo
66 */ 66 */
67 public function getRecentlyUpdatedBooks($count = 20, $page = 0) 67 public function getRecentlyUpdatedBooks($count = 20, $page = 0)
68 { 68 {
69 - return $this->restrictionService->enforceBookRestrictions($this->book) 69 + return $this->permissionService->enforceBookRestrictions($this->book)
70 ->orderBy('updated_at', 'desc')->skip($page * $count)->take($count)->get(); 70 ->orderBy('updated_at', 'desc')->skip($page * $count)->take($count)->get();
71 } 71 }
72 72
...@@ -79,7 +79,7 @@ class EntityRepo ...@@ -79,7 +79,7 @@ class EntityRepo
79 */ 79 */
80 public function getRecentlyCreatedPages($count = 20, $page = 0, $additionalQuery = false) 80 public function getRecentlyCreatedPages($count = 20, $page = 0, $additionalQuery = false)
81 { 81 {
82 - $query = $this->restrictionService->enforcePageRestrictions($this->page) 82 + $query = $this->permissionService->enforcePageRestrictions($this->page)
83 ->orderBy('created_at', 'desc')->where('draft', '=', false); 83 ->orderBy('created_at', 'desc')->where('draft', '=', false);
84 if ($additionalQuery !== false && is_callable($additionalQuery)) { 84 if ($additionalQuery !== false && is_callable($additionalQuery)) {
85 $additionalQuery($query); 85 $additionalQuery($query);
...@@ -96,7 +96,7 @@ class EntityRepo ...@@ -96,7 +96,7 @@ class EntityRepo
96 */ 96 */
97 public function getRecentlyCreatedChapters($count = 20, $page = 0, $additionalQuery = false) 97 public function getRecentlyCreatedChapters($count = 20, $page = 0, $additionalQuery = false)
98 { 98 {
99 - $query = $this->restrictionService->enforceChapterRestrictions($this->chapter) 99 + $query = $this->permissionService->enforceChapterRestrictions($this->chapter)
100 ->orderBy('created_at', 'desc'); 100 ->orderBy('created_at', 'desc');
101 if ($additionalQuery !== false && is_callable($additionalQuery)) { 101 if ($additionalQuery !== false && is_callable($additionalQuery)) {
102 $additionalQuery($query); 102 $additionalQuery($query);
...@@ -112,7 +112,7 @@ class EntityRepo ...@@ -112,7 +112,7 @@ class EntityRepo
112 */ 112 */
113 public function getRecentlyUpdatedPages($count = 20, $page = 0) 113 public function getRecentlyUpdatedPages($count = 20, $page = 0)
114 { 114 {
115 - return $this->restrictionService->enforcePageRestrictions($this->page) 115 + return $this->permissionService->enforcePageRestrictions($this->page)
116 ->where('draft', '=', false) 116 ->where('draft', '=', false)
117 ->orderBy('updated_at', 'desc')->with('book')->skip($page * $count)->take($count)->get(); 117 ->orderBy('updated_at', 'desc')->with('book')->skip($page * $count)->take($count)->get();
118 } 118 }
...@@ -136,14 +136,14 @@ class EntityRepo ...@@ -136,14 +136,14 @@ class EntityRepo
136 * @param $request 136 * @param $request
137 * @param Entity $entity 137 * @param Entity $entity
138 */ 138 */
139 - public function updateRestrictionsFromRequest($request, Entity $entity) 139 + public function updateEntityPermissionsFromRequest($request, Entity $entity)
140 { 140 {
141 $entity->restricted = $request->has('restricted') && $request->get('restricted') === 'true'; 141 $entity->restricted = $request->has('restricted') && $request->get('restricted') === 'true';
142 - $entity->restrictions()->delete(); 142 + $entity->permissions()->delete();
143 if ($request->has('restrictions')) { 143 if ($request->has('restrictions')) {
144 foreach ($request->get('restrictions') as $roleId => $restrictions) { 144 foreach ($request->get('restrictions') as $roleId => $restrictions) {
145 foreach ($restrictions as $action => $value) { 145 foreach ($restrictions as $action => $value) {
146 - $entity->restrictions()->create([ 146 + $entity->permissions()->create([
147 'role_id' => $roleId, 147 'role_id' => $roleId,
148 'action' => strtolower($action) 148 'action' => strtolower($action)
149 ]); 149 ]);
...@@ -151,7 +151,7 @@ class EntityRepo ...@@ -151,7 +151,7 @@ class EntityRepo
151 } 151 }
152 } 152 }
153 $entity->save(); 153 $entity->save();
154 - $this->restrictionService->buildEntityPermissionsForEntity($entity); 154 + $this->permissionService->buildJointPermissionsForEntity($entity);
155 } 155 }
156 156
157 /** 157 /**
......
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
4 use BookStack\Image; 4 use BookStack\Image;
5 use BookStack\Page; 5 use BookStack\Page;
6 use BookStack\Services\ImageService; 6 use BookStack\Services\ImageService;
7 -use BookStack\Services\RestrictionService; 7 +use BookStack\Services\PermissionService;
8 use Setting; 8 use Setting;
9 use Symfony\Component\HttpFoundation\File\UploadedFile; 9 use Symfony\Component\HttpFoundation\File\UploadedFile;
10 10
...@@ -20,14 +20,14 @@ class ImageRepo ...@@ -20,14 +20,14 @@ class ImageRepo
20 * ImageRepo constructor. 20 * ImageRepo constructor.
21 * @param Image $image 21 * @param Image $image
22 * @param ImageService $imageService 22 * @param ImageService $imageService
23 - * @param RestrictionService $restrictionService 23 + * @param PermissionService $permissionService
24 * @param Page $page 24 * @param Page $page
25 */ 25 */
26 - public function __construct(Image $image, ImageService $imageService, RestrictionService $restrictionService, Page $page) 26 + public function __construct(Image $image, ImageService $imageService, PermissionService $permissionService, Page $page)
27 { 27 {
28 $this->image = $image; 28 $this->image = $image;
29 $this->imageService = $imageService; 29 $this->imageService = $imageService;
30 - $this->restictionService = $restrictionService; 30 + $this->restictionService = $permissionService;
31 $this->page = $page; 31 $this->page = $page;
32 } 32 }
33 33
......
...@@ -32,7 +32,7 @@ class PageRepo extends EntityRepo ...@@ -32,7 +32,7 @@ class PageRepo extends EntityRepo
32 */ 32 */
33 private function pageQuery($allowDrafts = false) 33 private function pageQuery($allowDrafts = false)
34 { 34 {
35 - $query = $this->restrictionService->enforcePageRestrictions($this->page, 'view'); 35 + $query = $this->permissionService->enforcePageRestrictions($this->page, 'view');
36 if (!$allowDrafts) { 36 if (!$allowDrafts) {
37 $query = $query->where('draft', '=', false); 37 $query = $query->where('draft', '=', false);
38 } 38 }
...@@ -76,7 +76,7 @@ class PageRepo extends EntityRepo ...@@ -76,7 +76,7 @@ class PageRepo extends EntityRepo
76 { 76 {
77 $revision = $this->pageRevision->where('slug', '=', $pageSlug) 77 $revision = $this->pageRevision->where('slug', '=', $pageSlug)
78 ->whereHas('page', function ($query) { 78 ->whereHas('page', function ($query) {
79 - $this->restrictionService->enforcePageRestrictions($query); 79 + $this->permissionService->enforcePageRestrictions($query);
80 }) 80 })
81 ->where('type', '=', 'version') 81 ->where('type', '=', 'version')
82 ->where('book_slug', '=', $bookSlug)->orderBy('created_at', 'desc') 82 ->where('book_slug', '=', $bookSlug)->orderBy('created_at', 'desc')
...@@ -168,7 +168,7 @@ class PageRepo extends EntityRepo ...@@ -168,7 +168,7 @@ class PageRepo extends EntityRepo
168 if ($chapter) $page->chapter_id = $chapter->id; 168 if ($chapter) $page->chapter_id = $chapter->id;
169 169
170 $book->pages()->save($page); 170 $book->pages()->save($page);
171 - $this->restrictionService->buildEntityPermissionsForEntity($page); 171 + $this->permissionService->buildJointPermissionsForEntity($page);
172 return $page; 172 return $page;
173 } 173 }
174 174
...@@ -242,7 +242,7 @@ class PageRepo extends EntityRepo ...@@ -242,7 +242,7 @@ class PageRepo extends EntityRepo
242 public function getBySearch($term, $whereTerms = [], $count = 20, $paginationAppends = []) 242 public function getBySearch($term, $whereTerms = [], $count = 20, $paginationAppends = [])
243 { 243 {
244 $terms = $this->prepareSearchTerms($term); 244 $terms = $this->prepareSearchTerms($term);
245 - $pages = $this->restrictionService->enforcePageRestrictions($this->page->fullTextSearchQuery(['name', 'text'], $terms, $whereTerms)) 245 + $pages = $this->permissionService->enforcePageRestrictions($this->page->fullTextSearchQuery(['name', 'text'], $terms, $whereTerms))
246 ->paginate($count)->appends($paginationAppends); 246 ->paginate($count)->appends($paginationAppends);
247 247
248 // Add highlights to page text. 248 // Add highlights to page text.
...@@ -578,13 +578,13 @@ class PageRepo extends EntityRepo ...@@ -578,13 +578,13 @@ class PageRepo extends EntityRepo
578 * Destroy a given page along with its dependencies. 578 * Destroy a given page along with its dependencies.
579 * @param $page 579 * @param $page
580 */ 580 */
581 - public function destroy($page) 581 + public function destroy(Page $page)
582 { 582 {
583 Activity::removeEntity($page); 583 Activity::removeEntity($page);
584 $page->views()->delete(); 584 $page->views()->delete();
585 $page->revisions()->delete(); 585 $page->revisions()->delete();
586 - $page->restrictions()->delete(); 586 + $page->permissions()->delete();
587 - $this->restrictionService->deleteEntityPermissionsForEntity($page); 587 + $this->permissionService->deleteJointPermissionsForEntity($page);
588 $page->delete(); 588 $page->delete();
589 } 589 }
590 590
......
...@@ -2,9 +2,9 @@ ...@@ -2,9 +2,9 @@
2 2
3 3
4 use BookStack\Exceptions\PermissionsException; 4 use BookStack\Exceptions\PermissionsException;
5 -use BookStack\Permission; 5 +use BookStack\RolePermission;
6 use BookStack\Role; 6 use BookStack\Role;
7 -use BookStack\Services\RestrictionService; 7 +use BookStack\Services\PermissionService;
8 use Setting; 8 use Setting;
9 9
10 class PermissionsRepo 10 class PermissionsRepo
...@@ -12,21 +12,21 @@ class PermissionsRepo ...@@ -12,21 +12,21 @@ class PermissionsRepo
12 12
13 protected $permission; 13 protected $permission;
14 protected $role; 14 protected $role;
15 - protected $restrictionService; 15 + protected $permissionService;
16 16
17 protected $systemRoles = ['admin', 'public']; 17 protected $systemRoles = ['admin', 'public'];
18 18
19 /** 19 /**
20 * PermissionsRepo constructor. 20 * PermissionsRepo constructor.
21 - * @param Permission $permission 21 + * @param RolePermission $permission
22 * @param Role $role 22 * @param Role $role
23 - * @param RestrictionService $restrictionService 23 + * @param PermissionService $permissionService
24 */ 24 */
25 - public function __construct(Permission $permission, Role $role, RestrictionService $restrictionService) 25 + public function __construct(RolePermission $permission, Role $role, PermissionService $permissionService)
26 { 26 {
27 $this->permission = $permission; 27 $this->permission = $permission;
28 $this->role = $role; 28 $this->role = $role;
29 - $this->restrictionService = $restrictionService; 29 + $this->permissionService = $permissionService;
30 } 30 }
31 31
32 /** 32 /**
...@@ -75,7 +75,7 @@ class PermissionsRepo ...@@ -75,7 +75,7 @@ class PermissionsRepo
75 75
76 $permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : []; 76 $permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : [];
77 $this->assignRolePermissions($role, $permissions); 77 $this->assignRolePermissions($role, $permissions);
78 - $this->restrictionService->buildEntityPermissionForRole($role); 78 + $this->permissionService->buildJointPermissionForRole($role);
79 return $role; 79 return $role;
80 } 80 }
81 81
...@@ -102,7 +102,7 @@ class PermissionsRepo ...@@ -102,7 +102,7 @@ class PermissionsRepo
102 102
103 $role->fill($roleData); 103 $role->fill($roleData);
104 $role->save(); 104 $role->save();
105 - $this->restrictionService->buildEntityPermissionForRole($role); 105 + $this->permissionService->buildJointPermissionForRole($role);
106 } 106 }
107 107
108 /** 108 /**
...@@ -148,7 +148,7 @@ class PermissionsRepo ...@@ -148,7 +148,7 @@ class PermissionsRepo
148 } 148 }
149 } 149 }
150 150
151 - $this->restrictionService->deleteEntityPermissionsForRole($role); 151 + $this->permissionService->deleteJointPermissionsForRole($role);
152 $role->delete(); 152 $role->delete();
153 } 153 }
154 154
......
1 -<?php namespace BookStack;
2 -
3 -
4 -class Restriction extends Model
5 -{
6 -
7 - protected $fillable = ['role_id', 'action'];
8 - public $timestamps = false;
9 -
10 - /**
11 - * Get all this restriction's attached entity.
12 - * @return \Illuminate\Database\Eloquent\Relations\MorphTo
13 - */
14 - public function restrictable()
15 - {
16 - return $this->morphTo();
17 - }
18 -}
...@@ -11,24 +11,24 @@ class Role extends Model ...@@ -11,24 +11,24 @@ class Role extends Model
11 */ 11 */
12 public function users() 12 public function users()
13 { 13 {
14 - return $this->belongsToMany('BookStack\User'); 14 + return $this->belongsToMany(User::class);
15 } 15 }
16 16
17 /** 17 /**
18 - * Get all related entity permissions. 18 + * Get all related JointPermissions.
19 * @return \Illuminate\Database\Eloquent\Relations\HasMany 19 * @return \Illuminate\Database\Eloquent\Relations\HasMany
20 */ 20 */
21 - public function entityPermissions() 21 + public function jointPermissions()
22 { 22 {
23 - return $this->hasMany(EntityPermission::class); 23 + return $this->hasMany(JointPermission::class);
24 } 24 }
25 25
26 /** 26 /**
27 - * The permissions that belong to the role. 27 + * The RolePermissions that belong to the role.
28 */ 28 */
29 public function permissions() 29 public function permissions()
30 { 30 {
31 - return $this->belongsToMany('BookStack\Permission'); 31 + return $this->belongsToMany(RolePermission::class, 'permission_role', 'role_id', 'permission_id');
32 } 32 }
33 33
34 /** 34 /**
...@@ -47,18 +47,18 @@ class Role extends Model ...@@ -47,18 +47,18 @@ class Role extends Model
47 47
48 /** 48 /**
49 * Add a permission to this role. 49 * Add a permission to this role.
50 - * @param Permission $permission 50 + * @param RolePermission $permission
51 */ 51 */
52 - public function attachPermission(Permission $permission) 52 + public function attachPermission(RolePermission $permission)
53 { 53 {
54 $this->permissions()->attach($permission->id); 54 $this->permissions()->attach($permission->id);
55 } 55 }
56 56
57 /** 57 /**
58 * Detach a single permission from this role. 58 * Detach a single permission from this role.
59 - * @param Permission $permission 59 + * @param RolePermission $permission
60 */ 60 */
61 - public function detachPermission(Permission $permission) 61 + public function detachPermission(RolePermission $permission)
62 { 62 {
63 $this->permissions()->detach($permission->id); 63 $this->permissions()->detach($permission->id);
64 } 64 }
...@@ -84,7 +84,7 @@ class Role extends Model ...@@ -84,7 +84,7 @@ class Role extends Model
84 } 84 }
85 85
86 /** 86 /**
87 - * GEt all visible roles 87 + * Get all visible roles
88 * @return mixed 88 * @return mixed
89 */ 89 */
90 public static function visible() 90 public static function visible()
......
1 <?php namespace BookStack; 1 <?php namespace BookStack;
2 2
3 3
4 -class Permission extends Model 4 +class RolePermission extends Model
5 { 5 {
6 /** 6 /**
7 * The roles that belong to the permission. 7 * The roles that belong to the permission.
8 */ 8 */
9 public function roles() 9 public function roles()
10 { 10 {
11 - return $this->belongsToMany('BookStack\Role'); 11 + return $this->belongsToMany(Role::class, 'permission_role','permission_id', 'role_id');
12 } 12 }
13 13
14 /** 14 /**
......
...@@ -8,17 +8,17 @@ class ActivityService ...@@ -8,17 +8,17 @@ class ActivityService
8 { 8 {
9 protected $activity; 9 protected $activity;
10 protected $user; 10 protected $user;
11 - protected $restrictionService; 11 + protected $permissionService;
12 12
13 /** 13 /**
14 * ActivityService constructor. 14 * ActivityService constructor.
15 * @param Activity $activity 15 * @param Activity $activity
16 - * @param RestrictionService $restrictionService 16 + * @param PermissionService $permissionService
17 */ 17 */
18 - public function __construct(Activity $activity, RestrictionService $restrictionService) 18 + public function __construct(Activity $activity, PermissionService $permissionService)
19 { 19 {
20 $this->activity = $activity; 20 $this->activity = $activity;
21 - $this->restrictionService = $restrictionService; 21 + $this->permissionService = $permissionService;
22 $this->user = auth()->user(); 22 $this->user = auth()->user();
23 } 23 }
24 24
...@@ -88,7 +88,7 @@ class ActivityService ...@@ -88,7 +88,7 @@ class ActivityService
88 */ 88 */
89 public function latest($count = 20, $page = 0) 89 public function latest($count = 20, $page = 0)
90 { 90 {
91 - $activityList = $this->restrictionService 91 + $activityList = $this->permissionService
92 ->filterRestrictedEntityRelations($this->activity, 'activities', 'entity_id', 'entity_type') 92 ->filterRestrictedEntityRelations($this->activity, 'activities', 'entity_id', 'entity_type')
93 ->orderBy('created_at', 'desc')->skip($count * $page)->take($count)->get(); 93 ->orderBy('created_at', 'desc')->skip($count * $page)->take($count)->get();
94 94
...@@ -112,7 +112,7 @@ class ActivityService ...@@ -112,7 +112,7 @@ class ActivityService
112 ->where('entity_id', '=', $entity->id); 112 ->where('entity_id', '=', $entity->id);
113 } 113 }
114 114
115 - $activity = $this->restrictionService 115 + $activity = $this->permissionService
116 ->filterRestrictedEntityRelations($query, 'activities', 'entity_id', 'entity_type') 116 ->filterRestrictedEntityRelations($query, 'activities', 'entity_id', 'entity_type')
117 ->orderBy('created_at', 'desc')->skip($count * $page)->take($count)->get(); 117 ->orderBy('created_at', 'desc')->skip($count * $page)->take($count)->get();
118 118
...@@ -129,7 +129,7 @@ class ActivityService ...@@ -129,7 +129,7 @@ class ActivityService
129 */ 129 */
130 public function userActivity($user, $count = 20, $page = 0) 130 public function userActivity($user, $count = 20, $page = 0)
131 { 131 {
132 - $activityList = $this->restrictionService 132 + $activityList = $this->permissionService
133 ->filterRestrictedEntityRelations($this->activity, 'activities', 'entity_id', 'entity_type') 133 ->filterRestrictedEntityRelations($this->activity, 'activities', 'entity_id', 'entity_type')
134 ->orderBy('created_at', 'desc')->where('user_id', '=', $user->id)->skip($count * $page)->take($count)->get(); 134 ->orderBy('created_at', 'desc')->where('user_id', '=', $user->id)->skip($count * $page)->take($count)->get();
135 return $this->filterSimilar($activityList); 135 return $this->filterSimilar($activityList);
......
...@@ -3,13 +3,13 @@ ...@@ -3,13 +3,13 @@
3 use BookStack\Book; 3 use BookStack\Book;
4 use BookStack\Chapter; 4 use BookStack\Chapter;
5 use BookStack\Entity; 5 use BookStack\Entity;
6 -use BookStack\EntityPermission; 6 +use BookStack\JointPermission;
7 use BookStack\Page; 7 use BookStack\Page;
8 use BookStack\Role; 8 use BookStack\Role;
9 use BookStack\User; 9 use BookStack\User;
10 use Illuminate\Database\Eloquent\Collection; 10 use Illuminate\Database\Eloquent\Collection;
11 11
12 -class RestrictionService 12 +class PermissionService
13 { 13 {
14 14
15 protected $userRoles; 15 protected $userRoles;
...@@ -21,18 +21,18 @@ class RestrictionService ...@@ -21,18 +21,18 @@ class RestrictionService
21 public $chapter; 21 public $chapter;
22 public $page; 22 public $page;
23 23
24 - protected $entityPermission; 24 + protected $jointPermission;
25 protected $role; 25 protected $role;
26 26
27 /** 27 /**
28 - * RestrictionService constructor. 28 + * PermissionService constructor.
29 - * @param EntityPermission $entityPermission 29 + * @param JointPermission $jointPermission
30 * @param Book $book 30 * @param Book $book
31 * @param Chapter $chapter 31 * @param Chapter $chapter
32 * @param Page $page 32 * @param Page $page
33 * @param Role $role 33 * @param Role $role
34 */ 34 */
35 - public function __construct(EntityPermission $entityPermission, Book $book, Chapter $chapter, Page $page, Role $role) 35 + public function __construct(JointPermission $jointPermission, Book $book, Chapter $chapter, Page $page, Role $role)
36 { 36 {
37 $this->currentUser = auth()->user(); 37 $this->currentUser = auth()->user();
38 $userSet = $this->currentUser !== null; 38 $userSet = $this->currentUser !== null;
...@@ -40,7 +40,7 @@ class RestrictionService ...@@ -40,7 +40,7 @@ class RestrictionService
40 $this->isAdmin = $userSet ? $this->currentUser->hasRole('admin') : false; 40 $this->isAdmin = $userSet ? $this->currentUser->hasRole('admin') : false;
41 if (!$userSet) $this->currentUser = new User(); 41 if (!$userSet) $this->currentUser = new User();
42 42
43 - $this->entityPermission = $entityPermission; 43 + $this->jointPermission = $jointPermission;
44 $this->role = $role; 44 $this->role = $role;
45 $this->book = $book; 45 $this->book = $book;
46 $this->chapter = $chapter; 46 $this->chapter = $chapter;
...@@ -72,36 +72,36 @@ class RestrictionService ...@@ -72,36 +72,36 @@ class RestrictionService
72 /** 72 /**
73 * Re-generate all entity permission from scratch. 73 * Re-generate all entity permission from scratch.
74 */ 74 */
75 - public function buildEntityPermissions() 75 + public function buildJointPermissions()
76 { 76 {
77 - $this->entityPermission->truncate(); 77 + $this->jointPermission->truncate();
78 78
79 // Get all roles (Should be the most limited dimension) 79 // Get all roles (Should be the most limited dimension)
80 $roles = $this->role->with('permissions')->get(); 80 $roles = $this->role->with('permissions')->get();
81 81
82 // Chunk through all books 82 // Chunk through all books
83 - $this->book->with('restrictions')->chunk(500, function ($books) use ($roles) { 83 + $this->book->with('permissions')->chunk(500, function ($books) use ($roles) {
84 - $this->createManyEntityPermissions($books, $roles); 84 + $this->createManyJointPermissions($books, $roles);
85 }); 85 });
86 86
87 // Chunk through all chapters 87 // Chunk through all chapters
88 - $this->chapter->with('book', 'restrictions')->chunk(500, function ($chapters) use ($roles) { 88 + $this->chapter->with('book', 'permissions')->chunk(500, function ($chapters) use ($roles) {
89 - $this->createManyEntityPermissions($chapters, $roles); 89 + $this->createManyJointPermissions($chapters, $roles);
90 }); 90 });
91 91
92 // Chunk through all pages 92 // Chunk through all pages
93 - $this->page->with('book', 'chapter', 'restrictions')->chunk(500, function ($pages) use ($roles) { 93 + $this->page->with('book', 'chapter', 'permissions')->chunk(500, function ($pages) use ($roles) {
94 - $this->createManyEntityPermissions($pages, $roles); 94 + $this->createManyJointPermissions($pages, $roles);
95 }); 95 });
96 } 96 }
97 97
98 /** 98 /**
99 - * Create the entity permissions for a particular entity. 99 + * Create the entity jointPermissions for a particular entity.
100 * @param Entity $entity 100 * @param Entity $entity
101 */ 101 */
102 - public function buildEntityPermissionsForEntity(Entity $entity) 102 + public function buildJointPermissionsForEntity(Entity $entity)
103 { 103 {
104 - $roles = $this->role->with('permissions')->get(); 104 + $roles = $this->role->with('jointPermissions')->get();
105 $entities = collect([$entity]); 105 $entities = collect([$entity]);
106 106
107 if ($entity->isA('book')) { 107 if ($entity->isA('book')) {
...@@ -111,92 +111,92 @@ class RestrictionService ...@@ -111,92 +111,92 @@ class RestrictionService
111 $entities = $entities->merge($entity->pages); 111 $entities = $entities->merge($entity->pages);
112 } 112 }
113 113
114 - $this->deleteManyEntityPermissionsForEntities($entities); 114 + $this->deleteManyJointPermissionsForEntities($entities);
115 - $this->createManyEntityPermissions($entities, $roles); 115 + $this->createManyJointPermissions($entities, $roles);
116 } 116 }
117 117
118 /** 118 /**
119 - * Build the entity permissions for a particular role. 119 + * Build the entity jointPermissions for a particular role.
120 * @param Role $role 120 * @param Role $role
121 */ 121 */
122 - public function buildEntityPermissionForRole(Role $role) 122 + public function buildJointPermissionForRole(Role $role)
123 { 123 {
124 $roles = collect([$role]); 124 $roles = collect([$role]);
125 125
126 - $this->deleteManyEntityPermissionsForRoles($roles); 126 + $this->deleteManyJointPermissionsForRoles($roles);
127 127
128 // Chunk through all books 128 // Chunk through all books
129 - $this->book->with('restrictions')->chunk(500, function ($books) use ($roles) { 129 + $this->book->with('permissions')->chunk(500, function ($books) use ($roles) {
130 - $this->createManyEntityPermissions($books, $roles); 130 + $this->createManyJointPermissions($books, $roles);
131 }); 131 });
132 132
133 // Chunk through all chapters 133 // Chunk through all chapters
134 - $this->chapter->with('book', 'restrictions')->chunk(500, function ($books) use ($roles) { 134 + $this->chapter->with('book', 'permissions')->chunk(500, function ($books) use ($roles) {
135 - $this->createManyEntityPermissions($books, $roles); 135 + $this->createManyJointPermissions($books, $roles);
136 }); 136 });
137 137
138 // Chunk through all pages 138 // Chunk through all pages
139 - $this->page->with('book', 'chapter', 'restrictions')->chunk(500, function ($books) use ($roles) { 139 + $this->page->with('book', 'chapter', 'permissions')->chunk(500, function ($books) use ($roles) {
140 - $this->createManyEntityPermissions($books, $roles); 140 + $this->createManyJointPermissions($books, $roles);
141 }); 141 });
142 } 142 }
143 143
144 /** 144 /**
145 - * Delete the entity permissions attached to a particular role. 145 + * Delete the entity jointPermissions attached to a particular role.
146 * @param Role $role 146 * @param Role $role
147 */ 147 */
148 - public function deleteEntityPermissionsForRole(Role $role) 148 + public function deleteJointPermissionsForRole(Role $role)
149 { 149 {
150 - $this->deleteManyEntityPermissionsForRoles([$role]); 150 + $this->deleteManyJointPermissionsForRoles([$role]);
151 } 151 }
152 152
153 /** 153 /**
154 - * Delete all of the entity permissions for a list of entities. 154 + * Delete all of the entity jointPermissions for a list of entities.
155 * @param Role[] $roles 155 * @param Role[] $roles
156 */ 156 */
157 - protected function deleteManyEntityPermissionsForRoles($roles) 157 + protected function deleteManyJointPermissionsForRoles($roles)
158 { 158 {
159 foreach ($roles as $role) { 159 foreach ($roles as $role) {
160 - $role->entityPermissions()->delete(); 160 + $role->jointPermissions()->delete();
161 } 161 }
162 } 162 }
163 163
164 /** 164 /**
165 - * Delete the entity permissions for a particular entity. 165 + * Delete the entity jointPermissions for a particular entity.
166 * @param Entity $entity 166 * @param Entity $entity
167 */ 167 */
168 - public function deleteEntityPermissionsForEntity(Entity $entity) 168 + public function deleteJointPermissionsForEntity(Entity $entity)
169 { 169 {
170 - $this->deleteManyEntityPermissionsForEntities([$entity]); 170 + $this->deleteManyJointPermissionsForEntities([$entity]);
171 } 171 }
172 172
173 /** 173 /**
174 - * Delete all of the entity permissions for a list of entities. 174 + * Delete all of the entity jointPermissions for a list of entities.
175 * @param Entity[] $entities 175 * @param Entity[] $entities
176 */ 176 */
177 - protected function deleteManyEntityPermissionsForEntities($entities) 177 + protected function deleteManyJointPermissionsForEntities($entities)
178 { 178 {
179 foreach ($entities as $entity) { 179 foreach ($entities as $entity) {
180 - $entity->permissions()->delete(); 180 + $entity->jointPermissions()->delete();
181 } 181 }
182 } 182 }
183 183
184 /** 184 /**
185 - * Create & Save entity permissions for many entities and permissions. 185 + * Create & Save entity jointPermissions for many entities and jointPermissions.
186 * @param Collection $entities 186 * @param Collection $entities
187 * @param Collection $roles 187 * @param Collection $roles
188 */ 188 */
189 - protected function createManyEntityPermissions($entities, $roles) 189 + protected function createManyJointPermissions($entities, $roles)
190 { 190 {
191 - $entityPermissions = []; 191 + $jointPermissions = [];
192 foreach ($entities as $entity) { 192 foreach ($entities as $entity) {
193 foreach ($roles as $role) { 193 foreach ($roles as $role) {
194 foreach ($this->getActions($entity) as $action) { 194 foreach ($this->getActions($entity) as $action) {
195 - $entityPermissions[] = $this->createEntityPermissionData($entity, $role, $action); 195 + $jointPermissions[] = $this->createJointPermissionData($entity, $role, $action);
196 } 196 }
197 } 197 }
198 } 198 }
199 - $this->entityPermission->insert($entityPermissions); 199 + $this->jointPermission->insert($jointPermissions);
200 } 200 }
201 201
202 202
...@@ -227,7 +227,7 @@ class RestrictionService ...@@ -227,7 +227,7 @@ class RestrictionService
227 * @param $action 227 * @param $action
228 * @return array 228 * @return array
229 */ 229 */
230 - protected function createEntityPermissionData(Entity $entity, Role $role, $action) 230 + protected function createJointPermissionData(Entity $entity, Role $role, $action)
231 { 231 {
232 $permissionPrefix = (strpos($action, '-') === false ? ($entity->getType() . '-') : '') . $action; 232 $permissionPrefix = (strpos($action, '-') === false ? ($entity->getType() . '-') : '') . $action;
233 $roleHasPermission = $role->hasPermission($permissionPrefix . '-all'); 233 $roleHasPermission = $role->hasPermission($permissionPrefix . '-all');
...@@ -238,10 +238,10 @@ class RestrictionService ...@@ -238,10 +238,10 @@ class RestrictionService
238 if ($entity->isA('book')) { 238 if ($entity->isA('book')) {
239 239
240 if (!$entity->restricted) { 240 if (!$entity->restricted) {
241 - return $this->createEntityPermissionDataArray($entity, $role, $action, $roleHasPermission, $roleHasPermissionOwn); 241 + return $this->createJointPermissionDataArray($entity, $role, $action, $roleHasPermission, $roleHasPermissionOwn);
242 } else { 242 } else {
243 $hasAccess = $entity->hasActiveRestriction($role->id, $restrictionAction); 243 $hasAccess = $entity->hasActiveRestriction($role->id, $restrictionAction);
244 - return $this->createEntityPermissionDataArray($entity, $role, $action, $hasAccess, $hasAccess); 244 + return $this->createJointPermissionDataArray($entity, $role, $action, $hasAccess, $hasAccess);
245 } 245 }
246 246
247 } elseif ($entity->isA('chapter')) { 247 } elseif ($entity->isA('chapter')) {
...@@ -249,12 +249,12 @@ class RestrictionService ...@@ -249,12 +249,12 @@ class RestrictionService
249 if (!$entity->restricted) { 249 if (!$entity->restricted) {
250 $hasExplicitAccessToBook = $entity->book->hasActiveRestriction($role->id, $restrictionAction); 250 $hasExplicitAccessToBook = $entity->book->hasActiveRestriction($role->id, $restrictionAction);
251 $hasPermissiveAccessToBook = !$entity->book->restricted; 251 $hasPermissiveAccessToBook = !$entity->book->restricted;
252 - return $this->createEntityPermissionDataArray($entity, $role, $action, 252 + return $this->createJointPermissionDataArray($entity, $role, $action,
253 ($hasExplicitAccessToBook || ($roleHasPermission && $hasPermissiveAccessToBook)), 253 ($hasExplicitAccessToBook || ($roleHasPermission && $hasPermissiveAccessToBook)),
254 ($hasExplicitAccessToBook || ($roleHasPermissionOwn && $hasPermissiveAccessToBook))); 254 ($hasExplicitAccessToBook || ($roleHasPermissionOwn && $hasPermissiveAccessToBook)));
255 } else { 255 } else {
256 $hasAccess = $entity->hasActiveRestriction($role->id, $restrictionAction); 256 $hasAccess = $entity->hasActiveRestriction($role->id, $restrictionAction);
257 - return $this->createEntityPermissionDataArray($entity, $role, $action, $hasAccess, $hasAccess); 257 + return $this->createJointPermissionDataArray($entity, $role, $action, $hasAccess, $hasAccess);
258 } 258 }
259 259
260 } elseif ($entity->isA('page')) { 260 } elseif ($entity->isA('page')) {
...@@ -269,20 +269,20 @@ class RestrictionService ...@@ -269,20 +269,20 @@ class RestrictionService
269 $hasExplicitAccessToParents = $acknowledgeChapter ? $hasExplicitAccessToChapter : $hasExplicitAccessToBook; 269 $hasExplicitAccessToParents = $acknowledgeChapter ? $hasExplicitAccessToChapter : $hasExplicitAccessToBook;
270 $hasPermissiveAccessToParents = $acknowledgeChapter ? $hasPermissiveAccessToChapter : $hasPermissiveAccessToBook; 270 $hasPermissiveAccessToParents = $acknowledgeChapter ? $hasPermissiveAccessToChapter : $hasPermissiveAccessToBook;
271 271
272 - return $this->createEntityPermissionDataArray($entity, $role, $action, 272 + return $this->createJointPermissionDataArray($entity, $role, $action,
273 ($hasExplicitAccessToParents || ($roleHasPermission && $hasPermissiveAccessToParents)), 273 ($hasExplicitAccessToParents || ($roleHasPermission && $hasPermissiveAccessToParents)),
274 ($hasExplicitAccessToParents || ($roleHasPermissionOwn && $hasPermissiveAccessToParents)) 274 ($hasExplicitAccessToParents || ($roleHasPermissionOwn && $hasPermissiveAccessToParents))
275 ); 275 );
276 } else { 276 } else {
277 $hasAccess = $entity->hasRestriction($role->id, $action); 277 $hasAccess = $entity->hasRestriction($role->id, $action);
278 - return $this->createEntityPermissionDataArray($entity, $role, $action, $hasAccess, $hasAccess); 278 + return $this->createJointPermissionDataArray($entity, $role, $action, $hasAccess, $hasAccess);
279 } 279 }
280 280
281 } 281 }
282 } 282 }
283 283
284 /** 284 /**
285 - * Create an array of data with the information of an entity permissions. 285 + * Create an array of data with the information of an entity jointPermissions.
286 * Used to build data for bulk insertion. 286 * Used to build data for bulk insertion.
287 * @param Entity $entity 287 * @param Entity $entity
288 * @param Role $role 288 * @param Role $role
...@@ -291,7 +291,7 @@ class RestrictionService ...@@ -291,7 +291,7 @@ class RestrictionService
291 * @param $permissionOwn 291 * @param $permissionOwn
292 * @return array 292 * @return array
293 */ 293 */
294 - protected function createEntityPermissionDataArray(Entity $entity, Role $role, $action, $permissionAll, $permissionOwn) 294 + protected function createJointPermissionDataArray(Entity $entity, Role $role, $action, $permissionAll, $permissionOwn)
295 { 295 {
296 $entityClass = get_class($entity); 296 $entityClass = get_class($entity);
297 return [ 297 return [
...@@ -320,10 +320,10 @@ class RestrictionService ...@@ -320,10 +320,10 @@ class RestrictionService
320 $action = end($explodedPermission); 320 $action = end($explodedPermission);
321 $this->currentAction = $action; 321 $this->currentAction = $action;
322 322
323 - $nonEntityPermissions = ['restrictions']; 323 + $nonJointPermissions = ['restrictions'];
324 324
325 - // Handle non entity specific permissions 325 + // Handle non entity specific jointPermissions
326 - if (in_array($explodedPermission[0], $nonEntityPermissions)) { 326 + if (in_array($explodedPermission[0], $nonJointPermissions)) {
327 $allPermission = $this->currentUser && $this->currentUser->can($permission . '-all'); 327 $allPermission = $this->currentUser && $this->currentUser->can($permission . '-all');
328 $ownPermission = $this->currentUser && $this->currentUser->can($permission . '-own'); 328 $ownPermission = $this->currentUser && $this->currentUser->can($permission . '-own');
329 $this->currentAction = 'view'; 329 $this->currentAction = 'view';
...@@ -331,7 +331,7 @@ class RestrictionService ...@@ -331,7 +331,7 @@ class RestrictionService
331 return ($allPermission || ($isOwner && $ownPermission)); 331 return ($allPermission || ($isOwner && $ownPermission));
332 } 332 }
333 333
334 - // Handle abnormal create permissions 334 + // Handle abnormal create jointPermissions
335 if ($action === 'create') { 335 if ($action === 'create') {
336 $this->currentAction = $permission; 336 $this->currentAction = $permission;
337 } 337 }
...@@ -368,7 +368,7 @@ class RestrictionService ...@@ -368,7 +368,7 @@ class RestrictionService
368 protected function entityRestrictionQuery($query) 368 protected function entityRestrictionQuery($query)
369 { 369 {
370 return $query->where(function ($parentQuery) { 370 return $query->where(function ($parentQuery) {
371 - $parentQuery->whereHas('permissions', function ($permissionQuery) { 371 + $parentQuery->whereHas('jointPermissions', function ($permissionQuery) {
372 $permissionQuery->whereIn('role_id', $this->getRoles()) 372 $permissionQuery->whereIn('role_id', $this->getRoles())
373 ->where('action', '=', $this->currentAction) 373 ->where('action', '=', $this->currentAction)
374 ->where(function ($query) { 374 ->where(function ($query) {
...@@ -447,9 +447,9 @@ class RestrictionService ...@@ -447,9 +447,9 @@ class RestrictionService
447 447
448 return $query->where(function ($query) use ($tableDetails) { 448 return $query->where(function ($query) use ($tableDetails) {
449 $query->whereExists(function ($permissionQuery) use (&$tableDetails) { 449 $query->whereExists(function ($permissionQuery) use (&$tableDetails) {
450 - $permissionQuery->select('id')->from('entity_permissions') 450 + $permissionQuery->select('id')->from('joint_permissions')
451 - ->whereRaw('entity_permissions.entity_id=' . $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn']) 451 + ->whereRaw('joint_permissions.entity_id=' . $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn'])
452 - ->whereRaw('entity_permissions.entity_type=' . $tableDetails['tableName'] . '.' . $tableDetails['entityTypeColumn']) 452 + ->whereRaw('joint_permissions.entity_type=' . $tableDetails['tableName'] . '.' . $tableDetails['entityTypeColumn'])
453 ->where('action', '=', $this->currentAction) 453 ->where('action', '=', $this->currentAction)
454 ->whereIn('role_id', $this->getRoles()) 454 ->whereIn('role_id', $this->getRoles())
455 ->where(function ($query) { 455 ->where(function ($query) {
...@@ -479,8 +479,8 @@ class RestrictionService ...@@ -479,8 +479,8 @@ class RestrictionService
479 return $query->where(function ($query) use ($tableDetails) { 479 return $query->where(function ($query) use ($tableDetails) {
480 $query->where(function ($query) use (&$tableDetails) { 480 $query->where(function ($query) use (&$tableDetails) {
481 $query->whereExists(function ($permissionQuery) use (&$tableDetails) { 481 $query->whereExists(function ($permissionQuery) use (&$tableDetails) {
482 - $permissionQuery->select('id')->from('entity_permissions') 482 + $permissionQuery->select('id')->from('joint_permissions')
483 - ->whereRaw('entity_permissions.entity_id=' . $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn']) 483 + ->whereRaw('joint_permissions.entity_id=' . $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn'])
484 ->where('entity_type', '=', 'Bookstack\\Page') 484 ->where('entity_type', '=', 'Bookstack\\Page')
485 ->where('action', '=', $this->currentAction) 485 ->where('action', '=', $this->currentAction)
486 ->whereIn('role_id', $this->getRoles()) 486 ->whereIn('role_id', $this->getRoles())
......
...@@ -8,18 +8,18 @@ class ViewService ...@@ -8,18 +8,18 @@ class ViewService
8 8
9 protected $view; 9 protected $view;
10 protected $user; 10 protected $user;
11 - protected $restrictionService; 11 + protected $permissionService;
12 12
13 /** 13 /**
14 * ViewService constructor. 14 * ViewService constructor.
15 * @param View $view 15 * @param View $view
16 - * @param RestrictionService $restrictionService 16 + * @param PermissionService $permissionService
17 */ 17 */
18 - public function __construct(View $view, RestrictionService $restrictionService) 18 + public function __construct(View $view, PermissionService $permissionService)
19 { 19 {
20 $this->view = $view; 20 $this->view = $view;
21 $this->user = auth()->user(); 21 $this->user = auth()->user();
22 - $this->restrictionService = $restrictionService; 22 + $this->permissionService = $permissionService;
23 } 23 }
24 24
25 /** 25 /**
...@@ -55,7 +55,7 @@ class ViewService ...@@ -55,7 +55,7 @@ class ViewService
55 public function getPopular($count = 10, $page = 0, $filterModel = false) 55 public function getPopular($count = 10, $page = 0, $filterModel = false)
56 { 56 {
57 $skipCount = $count * $page; 57 $skipCount = $count * $page;
58 - $query = $this->restrictionService->filterRestrictedEntityRelations($this->view, 'views', 'viewable_id', 'viewable_type') 58 + $query = $this->permissionService->filterRestrictedEntityRelations($this->view, 'views', 'viewable_id', 'viewable_type')
59 ->select('*', 'viewable_id', 'viewable_type', \DB::raw('SUM(views) as view_count')) 59 ->select('*', 'viewable_id', 'viewable_type', \DB::raw('SUM(views) as view_count'))
60 ->groupBy('viewable_id', 'viewable_type') 60 ->groupBy('viewable_id', 'viewable_type')
61 ->orderBy('view_count', 'desc'); 61 ->orderBy('view_count', 'desc');
...@@ -76,7 +76,7 @@ class ViewService ...@@ -76,7 +76,7 @@ class ViewService
76 { 76 {
77 if ($this->user === null) return collect(); 77 if ($this->user === null) return collect();
78 78
79 - $query = $this->restrictionService 79 + $query = $this->permissionService
80 ->filterRestrictedEntityRelations($this->view, 'views', 'viewable_id', 'viewable_type'); 80 ->filterRestrictedEntityRelations($this->view, 'views', 'viewable_id', 'viewable_type');
81 81
82 if ($filterModel) $query = $query->where('viewable_type', '=', get_class($filterModel)); 82 if ($filterModel) $query = $query->where('viewable_type', '=', get_class($filterModel));
......
...@@ -8,6 +8,6 @@ class SocialAccount extends Model ...@@ -8,6 +8,6 @@ class SocialAccount extends Model
8 8
9 public function user() 9 public function user()
10 { 10 {
11 - return $this->belongsTo('BookStack\User'); 11 + return $this->belongsTo(User::class);
12 } 12 }
13 } 13 }
......
...@@ -49,7 +49,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon ...@@ -49,7 +49,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
49 */ 49 */
50 public function roles() 50 public function roles()
51 { 51 {
52 - return $this->belongsToMany('BookStack\Role'); 52 + return $this->belongsToMany(Role::class);
53 } 53 }
54 54
55 /** 55 /**
...@@ -113,7 +113,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon ...@@ -113,7 +113,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
113 */ 113 */
114 public function socialAccounts() 114 public function socialAccounts()
115 { 115 {
116 - return $this->hasMany('BookStack\SocialAccount'); 116 + return $this->hasMany(SocialAccount::class);
117 } 117 }
118 118
119 /** 119 /**
...@@ -148,7 +148,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon ...@@ -148,7 +148,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
148 */ 148 */
149 public function avatar() 149 public function avatar()
150 { 150 {
151 - return $this->belongsTo('BookStack\Image', 'image_id'); 151 + return $this->belongsTo(Image::class, 'image_id');
152 } 152 }
153 153
154 /** 154 /**
......
...@@ -31,7 +31,7 @@ if (!function_exists('versioned_asset')) { ...@@ -31,7 +31,7 @@ if (!function_exists('versioned_asset')) {
31 31
32 /** 32 /**
33 * Check if the current user has a permission. 33 * Check if the current user has a permission.
34 - * If an ownable element is passed in the permissions are checked against 34 + * If an ownable element is passed in the jointPermissions are checked against
35 * that particular item. 35 * that particular item.
36 * @param $permission 36 * @param $permission
37 * @param \BookStack\Ownable $ownable 37 * @param \BookStack\Ownable $ownable
...@@ -44,8 +44,8 @@ function userCan($permission, \BookStack\Ownable $ownable = null) ...@@ -44,8 +44,8 @@ function userCan($permission, \BookStack\Ownable $ownable = null)
44 } 44 }
45 45
46 // Check permission on ownable item 46 // Check permission on ownable item
47 - $restrictionService = app('BookStack\Services\RestrictionService'); 47 + $permissionService = app('BookStack\Services\PermissionService');
48 - return $restrictionService->checkEntityUserAccess($ownable, $permission); 48 + return $permissionService->checkEntityUserAccess($ownable, $permission);
49 } 49 }
50 50
51 /** 51 /**
......
...@@ -21,10 +21,13 @@ class CreateUsersTable extends Migration ...@@ -21,10 +21,13 @@ class CreateUsersTable extends Migration
21 $table->nullableTimestamps(); 21 $table->nullableTimestamps();
22 }); 22 });
23 23
24 - \BookStack\User::forceCreate([ 24 + // Create the initial admin user
25 + DB::table('users')->insert([
25 'name' => 'Admin', 26 'name' => 'Admin',
26 'email' => 'admin@admin.com', 27 'email' => 'admin@admin.com',
27 - 'password' => bcrypt('password') 28 + 'password' => bcrypt('password'),
29 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
30 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
28 ]); 31 ]);
29 } 32 }
30 33
......
...@@ -68,35 +68,44 @@ class AddRolesAndPermissions extends Migration ...@@ -68,35 +68,44 @@ class AddRolesAndPermissions extends Migration
68 68
69 69
70 // Create default roles 70 // Create default roles
71 - $admin = new \BookStack\Role(); 71 + $adminId = DB::table('roles')->insertGetId([
72 - $admin->name = 'admin'; 72 + 'name' => 'admin',
73 - $admin->display_name = 'Admin'; 73 + 'display_name' => 'Admin',
74 - $admin->description = 'Administrator of the whole application'; 74 + 'description' => 'Administrator of the whole application',
75 - $admin->save(); 75 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
76 - 76 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
77 - $editor = new \BookStack\Role(); 77 + ]);
78 - $editor->name = 'editor'; 78 + $editorId = DB::table('roles')->insertGetId([
79 - $editor->display_name = 'Editor'; 79 + 'name' => 'editor',
80 - $editor->description = 'User can edit Books, Chapters & Pages'; 80 + 'display_name' => 'Editor',
81 - $editor->save(); 81 + 'description' => 'User can edit Books, Chapters & Pages',
82 - 82 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
83 - $viewer = new \BookStack\Role(); 83 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
84 - $viewer->name = 'viewer'; 84 + ]);
85 - $viewer->display_name = 'Viewer'; 85 + $viewerId = DB::table('roles')->insertGetId([
86 - $viewer->description = 'User can view books & their content behind authentication'; 86 + 'name' => 'viewer',
87 - $viewer->save(); 87 + 'display_name' => 'Viewer',
88 + 'description' => 'User can view books & their content behind authentication',
89 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
90 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
91 + ]);
92 +
88 93
89 // Create default CRUD permissions and allocate to admins and editors 94 // Create default CRUD permissions and allocate to admins and editors
90 $entities = ['Book', 'Page', 'Chapter', 'Image']; 95 $entities = ['Book', 'Page', 'Chapter', 'Image'];
91 $ops = ['Create', 'Update', 'Delete']; 96 $ops = ['Create', 'Update', 'Delete'];
92 foreach ($entities as $entity) { 97 foreach ($entities as $entity) {
93 foreach ($ops as $op) { 98 foreach ($ops as $op) {
94 - $newPermission = new \BookStack\Permission(); 99 + $newPermId = DB::table('permissions')->insertGetId([
95 - $newPermission->name = strtolower($entity) . '-' . strtolower($op); 100 + 'name' => strtolower($entity) . '-' . strtolower($op),
96 - $newPermission->display_name = $op . ' ' . $entity . 's'; 101 + 'display_name' => $op . ' ' . $entity . 's',
97 - $newPermission->save(); 102 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
98 - $admin->attachPermission($newPermission); 103 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
99 - $editor->attachPermission($newPermission); 104 + ]);
105 + DB::table('permission_role')->insert([
106 + ['permission_id' => $newPermId, 'role_id' => $adminId],
107 + ['permission_id' => $newPermId, 'role_id' => $editorId]
108 + ]);
100 } 109 }
101 } 110 }
102 111
...@@ -105,19 +114,27 @@ class AddRolesAndPermissions extends Migration ...@@ -105,19 +114,27 @@ class AddRolesAndPermissions extends Migration
105 $ops = ['Create', 'Update', 'Delete']; 114 $ops = ['Create', 'Update', 'Delete'];
106 foreach ($entities as $entity) { 115 foreach ($entities as $entity) {
107 foreach ($ops as $op) { 116 foreach ($ops as $op) {
108 - $newPermission = new \BookStack\Permission(); 117 + $newPermId = DB::table('permissions')->insertGetId([
109 - $newPermission->name = strtolower($entity) . '-' . strtolower($op); 118 + 'name' => strtolower($entity) . '-' . strtolower($op),
110 - $newPermission->display_name = $op . ' ' . $entity; 119 + 'display_name' => $op . ' ' . $entity,
111 - $newPermission->save(); 120 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
112 - $admin->attachPermission($newPermission); 121 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
122 + ]);
123 + DB::table('permission_role')->insert([
124 + 'permission_id' => $newPermId,
125 + 'role_id' => $adminId
126 + ]);
113 } 127 }
114 } 128 }
115 129
116 // Set all current users as admins 130 // Set all current users as admins
117 // (At this point only the initially create user should be an admin) 131 // (At this point only the initially create user should be an admin)
118 - $users = \BookStack\User::all(); 132 + $users = DB::table('users')->get();
119 foreach ($users as $user) { 133 foreach ($users as $user) {
120 - $user->attachRole($admin); 134 + DB::table('role_user')->insert([
135 + 'role_id' => $adminId,
136 + 'user_id' => $user->id
137 + ]);
121 } 138 }
122 139
123 } 140 }
......
...@@ -13,29 +13,31 @@ class UpdatePermissionsAndRoles extends Migration ...@@ -13,29 +13,31 @@ class UpdatePermissionsAndRoles extends Migration
13 public function up() 13 public function up()
14 { 14 {
15 // Get roles with permissions we need to change 15 // Get roles with permissions we need to change
16 - $adminRole = \BookStack\Role::getRole('admin'); 16 + $adminRoleId = DB::table('roles')->where('name', '=', 'admin')->first()->id;
17 - $editorRole = \BookStack\Role::getRole('editor'); 17 + $editorRole = DB::table('roles')->where('name', '=', 'editor')->first();
18 18
19 // Delete old permissions 19 // Delete old permissions
20 - $permissions = \BookStack\Permission::all(); 20 + $permissions = DB::table('permissions')->delete();
21 - $permissions->each(function ($permission) {
22 - $permission->delete();
23 - });
24 21
25 // Create & attach new admin permissions 22 // Create & attach new admin permissions
26 $permissionsToCreate = [ 23 $permissionsToCreate = [
27 'settings-manage' => 'Manage Settings', 24 'settings-manage' => 'Manage Settings',
28 'users-manage' => 'Manage Users', 25 'users-manage' => 'Manage Users',
29 'user-roles-manage' => 'Manage Roles & Permissions', 26 'user-roles-manage' => 'Manage Roles & Permissions',
30 - 'restrictions-manage-all' => 'Manage All Entity Restrictions', 27 + 'restrictions-manage-all' => 'Manage All Entity Permissions',
31 - 'restrictions-manage-own' => 'Manage Entity Restrictions On Own Content' 28 + 'restrictions-manage-own' => 'Manage Entity Permissions On Own Content'
32 ]; 29 ];
33 foreach ($permissionsToCreate as $name => $displayName) { 30 foreach ($permissionsToCreate as $name => $displayName) {
34 - $newPermission = new \BookStack\Permission(); 31 + $permissionId = DB::table('permissions')->insertGetId([
35 - $newPermission->name = $name; 32 + 'name' => $name,
36 - $newPermission->display_name = $displayName; 33 + 'display_name' => $displayName,
37 - $newPermission->save(); 34 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
38 - $adminRole->attachPermission($newPermission); 35 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
36 + ]);
37 + DB::table('permission_role')->insert([
38 + 'role_id' => $adminRoleId,
39 + 'permission_id' => $permissionId
40 + ]);
39 } 41 }
40 42
41 // Create & attach new entity permissions 43 // Create & attach new entity permissions
...@@ -43,12 +45,22 @@ class UpdatePermissionsAndRoles extends Migration ...@@ -43,12 +45,22 @@ class UpdatePermissionsAndRoles extends Migration
43 $ops = ['Create All', 'Create Own', 'Update All', 'Update Own', 'Delete All', 'Delete Own']; 45 $ops = ['Create All', 'Create Own', 'Update All', 'Update Own', 'Delete All', 'Delete Own'];
44 foreach ($entities as $entity) { 46 foreach ($entities as $entity) {
45 foreach ($ops as $op) { 47 foreach ($ops as $op) {
46 - $newPermission = new \BookStack\Permission(); 48 + $permissionId = DB::table('permissions')->insertGetId([
47 - $newPermission->name = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)); 49 + 'name' => strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)),
48 - $newPermission->display_name = $op . ' ' . $entity . 's'; 50 + 'display_name' => $op . ' ' . $entity . 's',
49 - $newPermission->save(); 51 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
50 - $adminRole->attachPermission($newPermission); 52 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
51 - if ($editorRole !== null) $editorRole->attachPermission($newPermission); 53 + ]);
54 + DB::table('permission_role')->insert([
55 + 'role_id' => $adminRoleId,
56 + 'permission_id' => $permissionId
57 + ]);
58 + if ($editorRole !== null) {
59 + DB::table('permission_role')->insert([
60 + 'role_id' => $editorRole->id,
61 + 'permission_id' => $permissionId
62 + ]);
63 + }
52 } 64 }
53 } 65 }
54 66
...@@ -62,24 +74,26 @@ class UpdatePermissionsAndRoles extends Migration ...@@ -62,24 +74,26 @@ class UpdatePermissionsAndRoles extends Migration
62 public function down() 74 public function down()
63 { 75 {
64 // Get roles with permissions we need to change 76 // Get roles with permissions we need to change
65 - $adminRole = \BookStack\Role::getRole('admin'); 77 + $adminRoleId = DB::table('roles')->where('name', '=', 'admin')->first()->id;
66 78
67 // Delete old permissions 79 // Delete old permissions
68 - $permissions = \BookStack\Permission::all(); 80 + $permissions = DB::table('permissions')->delete();
69 - $permissions->each(function ($permission) {
70 - $permission->delete();
71 - });
72 81
73 // Create default CRUD permissions and allocate to admins and editors 82 // Create default CRUD permissions and allocate to admins and editors
74 $entities = ['Book', 'Page', 'Chapter', 'Image']; 83 $entities = ['Book', 'Page', 'Chapter', 'Image'];
75 $ops = ['Create', 'Update', 'Delete']; 84 $ops = ['Create', 'Update', 'Delete'];
76 foreach ($entities as $entity) { 85 foreach ($entities as $entity) {
77 foreach ($ops as $op) { 86 foreach ($ops as $op) {
78 - $newPermission = new \BookStack\Permission(); 87 + $permissionId = DB::table('permissions')->insertGetId([
79 - $newPermission->name = strtolower($entity) . '-' . strtolower($op); 88 + 'name' => strtolower($entity) . '-' . strtolower($op),
80 - $newPermission->display_name = $op . ' ' . $entity . 's'; 89 + 'display_name' => $op . ' ' . $entity . 's',
81 - $newPermission->save(); 90 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
82 - $adminRole->attachPermission($newPermission); 91 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
92 + ]);
93 + DB::table('permission_role')->insert([
94 + 'role_id' => $adminRoleId,
95 + 'permission_id' => $permissionId
96 + ]);
83 } 97 }
84 } 98 }
85 99
...@@ -88,11 +102,16 @@ class UpdatePermissionsAndRoles extends Migration ...@@ -88,11 +102,16 @@ class UpdatePermissionsAndRoles extends Migration
88 $ops = ['Create', 'Update', 'Delete']; 102 $ops = ['Create', 'Update', 'Delete'];
89 foreach ($entities as $entity) { 103 foreach ($entities as $entity) {
90 foreach ($ops as $op) { 104 foreach ($ops as $op) {
91 - $newPermission = new \BookStack\Permission(); 105 + $permissionId = DB::table('permissions')->insertGetId([
92 - $newPermission->name = strtolower($entity) . '-' . strtolower($op); 106 + 'name' => strtolower($entity) . '-' . strtolower($op),
93 - $newPermission->display_name = $op . ' ' . $entity; 107 + 'display_name' => $op . ' ' . $entity,
94 - $newPermission->save(); 108 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
95 - $adminRole->attachPermission($newPermission); 109 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
110 + ]);
111 + DB::table('permission_role')->insert([
112 + 'role_id' => $adminRoleId,
113 + 'permission_id' => $permissionId
114 + ]);
96 } 115 }
97 } 116 }
98 } 117 }
......
...@@ -12,20 +12,25 @@ class AddViewPermissionsToRoles extends Migration ...@@ -12,20 +12,25 @@ class AddViewPermissionsToRoles extends Migration
12 */ 12 */
13 public function up() 13 public function up()
14 { 14 {
15 - $currentRoles = \BookStack\Role::all(); 15 + $currentRoles = DB::table('roles')->get();
16 16
17 - // Create new view permissions 17 + // Create new view permission
18 $entities = ['Book', 'Page', 'Chapter']; 18 $entities = ['Book', 'Page', 'Chapter'];
19 $ops = ['View All', 'View Own']; 19 $ops = ['View All', 'View Own'];
20 foreach ($entities as $entity) { 20 foreach ($entities as $entity) {
21 foreach ($ops as $op) { 21 foreach ($ops as $op) {
22 - $newPermission = new \BookStack\Permission(); 22 + $permId = DB::table('permissions')->insertGetId([
23 - $newPermission->name = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)); 23 + 'name' => strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)),
24 - $newPermission->display_name = $op . ' ' . $entity . 's'; 24 + 'display_name' => $op . ' ' . $entity . 's',
25 - $newPermission->save(); 25 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
26 - // Assign view permissions to all current roles 26 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
27 + ]);
28 + // Assign view permission to all current roles
27 foreach ($currentRoles as $role) { 29 foreach ($currentRoles as $role) {
28 - $role->attachPermission($newPermission); 30 + DB::table('permission_role')->insert([
31 + 'role_id' => $role->id,
32 + 'permission_id' => $permId
33 + ]);
29 } 34 }
30 } 35 }
31 } 36 }
...@@ -38,17 +43,15 @@ class AddViewPermissionsToRoles extends Migration ...@@ -38,17 +43,15 @@ class AddViewPermissionsToRoles extends Migration
38 */ 43 */
39 public function down() 44 public function down()
40 { 45 {
41 - // Delete the new view permissions 46 + // Delete the new view permission
42 $entities = ['Book', 'Page', 'Chapter']; 47 $entities = ['Book', 'Page', 'Chapter'];
43 $ops = ['View All', 'View Own']; 48 $ops = ['View All', 'View Own'];
44 foreach ($entities as $entity) { 49 foreach ($entities as $entity) {
45 foreach ($ops as $op) { 50 foreach ($ops as $op) {
46 $permissionName = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)); 51 $permissionName = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op));
47 - $newPermission = \BookStack\Permission::where('name', '=', $permissionName)->first(); 52 + $permission = DB::table('permissions')->where('name', '=', $permissionName)->first();
48 - foreach ($newPermission->roles as $role) { 53 + DB::table('permission_role')->where('permission_id', '=', $permission->id)->delete();
49 - $role->detachPermission($newPermission); 54 + DB::table('permissions')->where('name', '=', $permissionName)->delete();
50 - }
51 - $newPermission->delete();
52 } 55 }
53 } 56 }
54 } 57 }
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
3 use Illuminate\Database\Schema\Blueprint; 3 use Illuminate\Database\Schema\Blueprint;
4 use Illuminate\Database\Migrations\Migration; 4 use Illuminate\Database\Migrations\Migration;
5 5
6 -class CreateEntityPermissionsTable extends Migration 6 +class CreateJointPermissionsTable extends Migration
7 { 7 {
8 /** 8 /**
9 * Run the migrations. 9 * Run the migrations.
...@@ -12,7 +12,7 @@ class CreateEntityPermissionsTable extends Migration ...@@ -12,7 +12,7 @@ class CreateEntityPermissionsTable extends Migration
12 */ 12 */
13 public function up() 13 public function up()
14 { 14 {
15 - Schema::create('entity_permissions', function (Blueprint $table) { 15 + Schema::create('joint_permissions', function (Blueprint $table) {
16 $table->increments('id'); 16 $table->increments('id');
17 $table->integer('role_id'); 17 $table->integer('role_id');
18 $table->string('entity_type'); 18 $table->string('entity_type');
...@@ -37,18 +37,25 @@ class CreateEntityPermissionsTable extends Migration ...@@ -37,18 +37,25 @@ class CreateEntityPermissionsTable extends Migration
37 $table->index('system_name'); 37 $table->index('system_name');
38 }); 38 });
39 39
40 + Schema::rename('permissions', 'role_permissions');
41 + Schema::rename('restrictions', 'entity_permissions');
42 +
40 // Create the new public role 43 // Create the new public role
41 - $publicRole = new \BookStack\Role(); 44 + $publicRoleData = [
42 - $publicRole->name = 'public'; 45 + 'name' => 'public',
43 - $publicRole->display_name = 'Public'; 46 + 'display_name' => 'Public',
44 - $publicRole->description = 'The role given to public visitors if allowed'; 47 + 'description' => 'The role given to public visitors if allowed',
45 - $publicRole->system_name = 'public'; 48 + 'system_name' => 'public',
46 - $publicRole->hidden = true; 49 + 'hidden' => true,
50 + 'created_at' => \Carbon\Carbon::now()->toDateTimeString(),
51 + 'updated_at' => \Carbon\Carbon::now()->toDateTimeString()
52 + ];
53 +
47 // Ensure unique name 54 // Ensure unique name
48 - while (\BookStack\Role::getRole($publicRole->name) !== null) { 55 + while (DB::table('roles')->where('name', '=', $publicRoleData['display_name'])->count() > 0) {
49 - $publicRole->name = $publicRole->name . str_random(2); 56 + $publicRoleData['display_name'] = $publicRoleData['display_name'] . str_random(2);
50 } 57 }
51 - $publicRole->save(); 58 + $publicRoleId = DB::table('roles')->insertGetId($publicRoleData);
52 59
53 // Add new view permissions to public role 60 // Add new view permissions to public role
54 $entities = ['Book', 'Page', 'Chapter']; 61 $entities = ['Book', 'Page', 'Chapter'];
...@@ -56,20 +63,21 @@ class CreateEntityPermissionsTable extends Migration ...@@ -56,20 +63,21 @@ class CreateEntityPermissionsTable extends Migration
56 foreach ($entities as $entity) { 63 foreach ($entities as $entity) {
57 foreach ($ops as $op) { 64 foreach ($ops as $op) {
58 $name = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)); 65 $name = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op));
59 - $permission = \BookStack\Permission::getByName($name); 66 + $permission = DB::table('role_permissions')->where('name', '=', $name)->first();
60 - // Assign view permissions to public 67 + // Assign view permission to public
61 - $publicRole->attachPermission($permission); 68 + DB::table('permission_role')->insert([
69 + 'permission_id' => $permission->id,
70 + 'role_id' => $publicRoleId
71 + ]);
62 } 72 }
63 } 73 }
64 74
65 // Update admin role with system name 75 // Update admin role with system name
66 - $admin = \BookStack\Role::getRole('admin'); 76 + DB::table('roles')->where('name', '=', 'admin')->update(['system_name' => 'admin']);
67 - $admin->system_name = 'admin';
68 - $admin->save();
69 77
70 - // Generate the new entity permissions 78 + // Generate the new entity jointPermissions
71 - $restrictionService = app(\BookStack\Services\RestrictionService::class); 79 + $restrictionService = app(\BookStack\Services\PermissionService::class);
72 - $restrictionService->buildEntityPermissions(); 80 + $restrictionService->buildJointPermissions();
73 } 81 }
74 82
75 /** 83 /**
...@@ -79,11 +87,13 @@ class CreateEntityPermissionsTable extends Migration ...@@ -79,11 +87,13 @@ class CreateEntityPermissionsTable extends Migration
79 */ 87 */
80 public function down() 88 public function down()
81 { 89 {
82 - Schema::drop('entity_permissions'); 90 + Schema::drop('joint_permissions');
91 +
92 + Schema::rename('role_permissions', 'permissions');
93 + Schema::rename('entity_permissions', 'restrictions');
83 94
84 // Delete the public role 95 // Delete the public role
85 - $public = \BookStack\Role::getSystemRole('public'); 96 + DB::table('roles')->where('system_name', '=', 'public')->delete();
86 - $public->delete();
87 97
88 Schema::table('roles', function (Blueprint $table) { 98 Schema::table('roles', function (Blueprint $table) {
89 $table->dropColumn('system_name'); 99 $table->dropColumn('system_name');
......
...@@ -28,7 +28,7 @@ class DummyContentSeeder extends Seeder ...@@ -28,7 +28,7 @@ class DummyContentSeeder extends Seeder
28 $book->pages()->saveMany($pages); 28 $book->pages()->saveMany($pages);
29 }); 29 });
30 30
31 - $restrictionService = app(\BookStack\Services\RestrictionService::class); 31 + $restrictionService = app(\BookStack\Services\PermissionService::class);
32 - $restrictionService->buildEntityPermissions(); 32 + $restrictionService->buildJointPermissions();
33 } 33 }
34 } 34 }
......
1 <input type="checkbox" name="permissions[{{ $permission }}]" 1 <input type="checkbox" name="permissions[{{ $permission }}]"
2 - @if(old('permissions.'.$permission, false)|| (!old('display_name', false) && (isset($role) && $role->hasPermission($permission)))) checked="checked" @endif 2 + @if(old('permissions'.$permission, false)|| (!old('display_name', false) && (isset($role) && $role->hasPermission($permission)))) checked="checked" @endif
3 value="true"> 3 value="true">
...\ No newline at end of file ...\ No newline at end of file
......
...@@ -18,7 +18,7 @@ ...@@ -18,7 +18,7 @@
18 <label>@include('settings/roles/checkbox', ['permission' => 'users-manage']) Manage users</label> 18 <label>@include('settings/roles/checkbox', ['permission' => 'users-manage']) Manage users</label>
19 <label>@include('settings/roles/checkbox', ['permission' => 'user-roles-manage']) Manage roles & role permissions</label> 19 <label>@include('settings/roles/checkbox', ['permission' => 'user-roles-manage']) Manage roles & role permissions</label>
20 <label>@include('settings/roles/checkbox', ['permission' => 'restrictions-manage-all']) Manage all Book, Chapter & Page permissions</label> 20 <label>@include('settings/roles/checkbox', ['permission' => 'restrictions-manage-all']) Manage all Book, Chapter & Page permissions</label>
21 - <label>@include('settings/roles/checkbox', ['permission' => 'restrictions-manage-own']) Manage permissions on own Book, Chapter & Pages</label> 21 + <label>@include('settings/roles/checkbox', ['permission' => 'permissions']) Manage permissions on own Book, Chapter & Pages</label>
22 <label>@include('settings/roles/checkbox', ['permission' => 'settings-manage']) Manage app settings</label> 22 <label>@include('settings/roles/checkbox', ['permission' => 'settings-manage']) Manage app settings</label>
23 </div> 23 </div>
24 24
......
...@@ -11,7 +11,7 @@ class RestrictionsTest extends TestCase ...@@ -11,7 +11,7 @@ class RestrictionsTest extends TestCase
11 parent::setUp(); 11 parent::setUp();
12 $this->user = $this->getNewUser(); 12 $this->user = $this->getNewUser();
13 $this->viewer = $this->getViewer(); 13 $this->viewer = $this->getViewer();
14 - $this->restrictionService = $this->app[\BookStack\Services\RestrictionService::class]; 14 + $this->restrictionService = $this->app[\BookStack\Services\PermissionService::class];
15 } 15 }
16 16
17 protected function getViewer() 17 protected function getViewer()
...@@ -23,30 +23,30 @@ class RestrictionsTest extends TestCase ...@@ -23,30 +23,30 @@ class RestrictionsTest extends TestCase
23 } 23 }
24 24
25 /** 25 /**
26 - * Manually set some restrictions on an entity. 26 + * Manually set some permissions on an entity.
27 * @param \BookStack\Entity $entity 27 * @param \BookStack\Entity $entity
28 * @param $actions 28 * @param $actions
29 */ 29 */
30 protected function setEntityRestrictions(\BookStack\Entity $entity, $actions) 30 protected function setEntityRestrictions(\BookStack\Entity $entity, $actions)
31 { 31 {
32 $entity->restricted = true; 32 $entity->restricted = true;
33 - $entity->restrictions()->delete(); 33 + $entity->permissions()->delete();
34 $role = $this->user->roles->first(); 34 $role = $this->user->roles->first();
35 $viewerRole = $this->viewer->roles->first(); 35 $viewerRole = $this->viewer->roles->first();
36 foreach ($actions as $action) { 36 foreach ($actions as $action) {
37 - $entity->restrictions()->create([ 37 + $entity->permissions()->create([
38 'role_id' => $role->id, 38 'role_id' => $role->id,
39 'action' => strtolower($action) 39 'action' => strtolower($action)
40 ]); 40 ]);
41 - $entity->restrictions()->create([ 41 + $entity->permissions()->create([
42 'role_id' => $viewerRole->id, 42 'role_id' => $viewerRole->id,
43 'action' => strtolower($action) 43 'action' => strtolower($action)
44 ]); 44 ]);
45 } 45 }
46 $entity->save(); 46 $entity->save();
47 - $entity->load('restrictions');
48 - $this->restrictionService->buildEntityPermissionsForEntity($entity);
49 $entity->load('permissions'); 47 $entity->load('permissions');
48 + $this->restrictionService->buildJointPermissionsForEntity($entity);
49 + $entity->load('jointPermissions');
50 } 50 }
51 51
52 public function test_book_view_restriction() 52 public function test_book_view_restriction()
...@@ -348,7 +348,7 @@ class RestrictionsTest extends TestCase ...@@ -348,7 +348,7 @@ class RestrictionsTest extends TestCase
348 ->check('restrictions[2][view]') 348 ->check('restrictions[2][view]')
349 ->press('Save Permissions') 349 ->press('Save Permissions')
350 ->seeInDatabase('books', ['id' => $book->id, 'restricted' => true]) 350 ->seeInDatabase('books', ['id' => $book->id, 'restricted' => true])
351 - ->seeInDatabase('restrictions', [ 351 + ->seeInDatabase('entity_permissions', [
352 'restrictable_id' => $book->id, 352 'restrictable_id' => $book->id,
353 'restrictable_type' => 'BookStack\Book', 353 'restrictable_type' => 'BookStack\Book',
354 'role_id' => '2', 354 'role_id' => '2',
...@@ -365,7 +365,7 @@ class RestrictionsTest extends TestCase ...@@ -365,7 +365,7 @@ class RestrictionsTest extends TestCase
365 ->check('restrictions[2][update]') 365 ->check('restrictions[2][update]')
366 ->press('Save Permissions') 366 ->press('Save Permissions')
367 ->seeInDatabase('chapters', ['id' => $chapter->id, 'restricted' => true]) 367 ->seeInDatabase('chapters', ['id' => $chapter->id, 'restricted' => true])
368 - ->seeInDatabase('restrictions', [ 368 + ->seeInDatabase('entity_permissions', [
369 'restrictable_id' => $chapter->id, 369 'restrictable_id' => $chapter->id,
370 'restrictable_type' => 'BookStack\Chapter', 370 'restrictable_type' => 'BookStack\Chapter',
371 'role_id' => '2', 371 'role_id' => '2',
...@@ -382,7 +382,7 @@ class RestrictionsTest extends TestCase ...@@ -382,7 +382,7 @@ class RestrictionsTest extends TestCase
382 ->check('restrictions[2][delete]') 382 ->check('restrictions[2][delete]')
383 ->press('Save Permissions') 383 ->press('Save Permissions')
384 ->seeInDatabase('pages', ['id' => $page->id, 'restricted' => true]) 384 ->seeInDatabase('pages', ['id' => $page->id, 'restricted' => true])
385 - ->seeInDatabase('restrictions', [ 385 + ->seeInDatabase('entity_permissions', [
386 'restrictable_id' => $page->id, 386 'restrictable_id' => $page->id,
387 'restrictable_type' => 'BookStack\Page', 387 'restrictable_type' => 'BookStack\Page',
388 'role_id' => '2', 388 'role_id' => '2',
......
...@@ -65,8 +65,8 @@ class TestCase extends Illuminate\Foundation\Testing\TestCase ...@@ -65,8 +65,8 @@ class TestCase extends Illuminate\Foundation\Testing\TestCase
65 $page = factory(BookStack\Page::class)->create(['created_by' => $creatorUser->id, 'updated_by' => $updaterUser->id, 'book_id' => $book->id]); 65 $page = factory(BookStack\Page::class)->create(['created_by' => $creatorUser->id, 'updated_by' => $updaterUser->id, 'book_id' => $book->id]);
66 $book->chapters()->saveMany([$chapter]); 66 $book->chapters()->saveMany([$chapter]);
67 $chapter->pages()->saveMany([$page]); 67 $chapter->pages()->saveMany([$page]);
68 - $restrictionService = $this->app[\BookStack\Services\RestrictionService::class]; 68 + $restrictionService = $this->app[\BookStack\Services\PermissionService::class];
69 - $restrictionService->buildEntityPermissionsForEntity($book); 69 + $restrictionService->buildJointPermissionsForEntity($book);
70 return [ 70 return [
71 'book' => $book, 71 'book' => $book,
72 'chapter' => $chapter, 72 'chapter' => $chapter,
......