webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-07-30 04:23:11 +03:00
Code Activity

Added restriction tests and fixed any bugs in the process

Browse Source 
Also updated many styles within areas affected by the new permission and roles system.
This commit is contained in:
Dan Brown
2016-03-05 18:09:21 +00:00
parent 268db6b1d0
commit 8e6248f57f
26 changed files with 680 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/helpers.php
View File

@ -1,10 +1,10 @@
<?php
if (! function_exists('versioned_asset')) {
if (!function_exists('versioned_asset')) {
/**
* Get the path to a versioned file.
*
* @param string $file
* @param string $file
* @return string
*
* @throws \InvalidArgumentException
@ -39,6 +39,7 @@ if (! function_exists('versioned_asset')) {
*/
function userCan($permission, \BookStack\Ownable $ownable = null)
{
if (!auth()->check()) return false;
if ($ownable === null) {
return auth()->user() && auth()->user()->can($permission);
}
@ -47,9 +48,9 @@ function userCan($permission, \BookStack\Ownable $ownable = null)
$permissionBaseName = strtolower($permission) . '-';
$hasPermission = false;
if (auth()->user()->can($permissionBaseName . 'all')) $hasPermission = true;
if (auth()->user()->can($permissionBaseName . 'own') && $ownable->createdBy->id === auth()->user()->id) $hasPermission = true;
if (auth()->user()->can($permissionBaseName . 'own') && $ownable->createdBy && $ownable->createdBy->id === auth()->user()->id) $hasPermission = true;
if(!$ownable instanceof \BookStack\Entity) return $hasPermission;
if (!$ownable instanceof \BookStack\Entity) return $hasPermission;
// Check restrictions on the entitiy
$restrictionService = app('BookStack\Services\RestrictionService');