Fixed hidden book children for admins on upgrade

Dan Brown
Commit 989de47f22254b10a5c13ce10e01e03d7d32a381 989de47f 1 parent 8f19231e
Showing 1 changed file with 8 additions and 3 deletions
app/Services/PermissionService.php
--- a/app/Services/PermissionService.php
View file @989de47
+++ b/app/Services/PermissionService.php
View file @989de47
@@ -486,6 +486,10 @@ class PermissionService
             }
         });
         $chapterSelect = $this->db->table('chapters')->selectRaw("'BookStack\\\\Chapter' as entity_type, id, slug, name, '' as text, description, book_id, priority, 0 as chapter_id, 0 as draft")->where('book_id', '=', $book_id);
+        $query = $this->db->query()->select('*')->from($this->db->raw("({$pageSelect->toSql()} UNION {$chapterSelect->toSql()}) AS U"))
+            ->mergeBindings($pageSelect)->mergeBindings($chapterSelect);
+
+        if (!$this->isAdmin()) {
             $whereQuery = $this->db->table('joint_permissions as jp')->selectRaw('COUNT(*)')
                 ->whereRaw('jp.entity_id=U.id')->whereRaw('jp.entity_type=U.entity_type')
                 ->where('jp.action', '=', 'view')->whereIn('jp.role_id', $this->getRoles())
@@ -494,9 +498,10 @@ class PermissionService
                         $query->where('jp.has_permission_own', '=', 1)->where('jp.created_by', '=', $this->currentUser()->id);
                     });
                 });
-        $query = $this->db->query()->select('*')->from($this->db->raw("({$pageSelect->toSql()} UNION {$chapterSelect->toSql()}) AS U"))
+            $query->whereRaw("({$whereQuery->toSql()}) > 0")->mergeBindings($whereQuery);
-            ->mergeBindings($pageSelect)->mergeBindings($chapterSelect)
+        }
-            ->whereRaw("({$whereQuery->toSql()}) > 0")->mergeBindings($whereQuery)->orderBy('draft', 'desc')->orderBy('priority', 'asc');
+
+        $query->orderBy('draft', 'desc')->orderBy('priority', 'asc');
         $this->clean();
         return  $query;
     }