mirror of
				https://github.com/BookStackApp/BookStack.git
				synced 2025-10-23 18:48:37 +03:00 
			
		
		
		
	Permissions: Cleanup after review of enum implementation PR
This commit is contained in:
		| @@ -4,6 +4,7 @@ namespace BookStack\Activity\Tools; | |||||||
|  |  | ||||||
| use BookStack\Activity\Models\Comment; | use BookStack\Activity\Models\Comment; | ||||||
| use BookStack\Entities\Models\Page; | use BookStack\Entities\Models\Page; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
|  |  | ||||||
| class CommentTree | class CommentTree | ||||||
| { | { | ||||||
| @@ -70,7 +71,7 @@ class CommentTree | |||||||
|     public function canUpdateAny(): bool |     public function canUpdateAny(): bool | ||||||
|     { |     { | ||||||
|         foreach ($this->comments as $comment) { |         foreach ($this->comments as $comment) { | ||||||
|             if (userCan(\BookStack\Permissions\Permission::CommentUpdate, $comment)) { |             if (userCan(Permission::CommentUpdate, $comment)) { | ||||||
|                 return true; |                 return true; | ||||||
|             } |             } | ||||||
|         } |         } | ||||||
|   | |||||||
| @@ -6,6 +6,7 @@ use BookStack\Activity\Models\Tag; | |||||||
| use BookStack\Entities\Models\BookChild; | use BookStack\Entities\Models\BookChild; | ||||||
| use BookStack\Entities\Models\Entity; | use BookStack\Entities\Models\Entity; | ||||||
| use BookStack\Entities\Models\Page; | use BookStack\Entities\Models\Page; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
|  |  | ||||||
| class TagClassGenerator | class TagClassGenerator | ||||||
| { | { | ||||||
| @@ -26,14 +27,14 @@ class TagClassGenerator | |||||||
|              array_push($classes, ...$this->generateClassesForTag($tag)); |              array_push($classes, ...$this->generateClassesForTag($tag)); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|         if ($this->entity instanceof BookChild && userCan(\BookStack\Permissions\Permission::View, $this->entity->book)) { |         if ($this->entity instanceof BookChild && userCan(Permission::BookView, $this->entity->book)) { | ||||||
|             $bookTags = $this->entity->book->tags; |             $bookTags = $this->entity->book->tags; | ||||||
|             foreach ($bookTags as $bookTag) { |             foreach ($bookTags as $bookTag) { | ||||||
|                  array_push($classes, ...$this->generateClassesForTag($bookTag, 'book-')); |                  array_push($classes, ...$this->generateClassesForTag($bookTag, 'book-')); | ||||||
|             } |             } | ||||||
|         } |         } | ||||||
|  |  | ||||||
|         if ($this->entity instanceof Page && $this->entity->chapter && userCan(\BookStack\Permissions\Permission::View, $this->entity->chapter)) { |         if ($this->entity instanceof Page && $this->entity->chapter && userCan(Permission::ChapterView, $this->entity->chapter)) { | ||||||
|             $chapterTags = $this->entity->chapter->tags; |             $chapterTags = $this->entity->chapter->tags; | ||||||
|             foreach ($chapterTags as $chapterTag) { |             foreach ($chapterTags as $chapterTag) { | ||||||
|                  array_push($classes, ...$this->generateClassesForTag($chapterTag, 'chapter-')); |                  array_push($classes, ...$this->generateClassesForTag($chapterTag, 'chapter-')); | ||||||
|   | |||||||
| @@ -342,7 +342,7 @@ class PageController extends Controller | |||||||
|  |  | ||||||
|         $this->showSuccessNotification(trans('entities.pages_delete_draft_success')); |         $this->showSuccessNotification(trans('entities.pages_delete_draft_success')); | ||||||
|  |  | ||||||
|         if ($chapter && userCan(\BookStack\Permissions\Permission::View, $chapter)) { |         if ($chapter && userCan(Permission::ChapterView, $chapter)) { | ||||||
|             return redirect($chapter->getUrl()); |             return redirect($chapter->getUrl()); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|   | |||||||
| @@ -11,6 +11,7 @@ use BookStack\Entities\Tools\TrashCan; | |||||||
| use BookStack\Exceptions\MoveOperationException; | use BookStack\Exceptions\MoveOperationException; | ||||||
| use BookStack\Exceptions\PermissionsException; | use BookStack\Exceptions\PermissionsException; | ||||||
| use BookStack\Facades\Activity; | use BookStack\Facades\Activity; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
| use BookStack\Util\DatabaseTransaction; | use BookStack\Util\DatabaseTransaction; | ||||||
| use Exception; | use Exception; | ||||||
|  |  | ||||||
| @@ -87,7 +88,7 @@ class ChapterRepo | |||||||
|             throw new MoveOperationException('Book to move chapter into not found'); |             throw new MoveOperationException('Book to move chapter into not found'); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|         if (!userCan(\BookStack\Permissions\Permission::ChapterCreate, $parent)) { |         if (!userCan(Permission::ChapterCreate, $parent)) { | ||||||
|             throw new PermissionsException('User does not have permission to create a chapter within the chosen book'); |             throw new PermissionsException('User does not have permission to create a chapter within the chosen book'); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|   | |||||||
| @@ -16,6 +16,7 @@ use BookStack\Entities\Tools\TrashCan; | |||||||
| use BookStack\Exceptions\MoveOperationException; | use BookStack\Exceptions\MoveOperationException; | ||||||
| use BookStack\Exceptions\PermissionsException; | use BookStack\Exceptions\PermissionsException; | ||||||
| use BookStack\Facades\Activity; | use BookStack\Facades\Activity; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
| use BookStack\References\ReferenceStore; | use BookStack\References\ReferenceStore; | ||||||
| use BookStack\References\ReferenceUpdater; | use BookStack\References\ReferenceUpdater; | ||||||
| use BookStack\Util\DatabaseTransaction; | use BookStack\Util\DatabaseTransaction; | ||||||
| @@ -55,7 +56,7 @@ class PageRepo | |||||||
|         } |         } | ||||||
|  |  | ||||||
|         $defaultTemplate = $page->chapter->defaultTemplate ?? $page->book->defaultTemplate; |         $defaultTemplate = $page->chapter->defaultTemplate ?? $page->book->defaultTemplate; | ||||||
|         if ($defaultTemplate && userCan(\BookStack\Permissions\Permission::View, $defaultTemplate)) { |         if ($defaultTemplate && userCan(Permission::PageView, $defaultTemplate)) { | ||||||
|             $page->forceFill([ |             $page->forceFill([ | ||||||
|                 'html'  => $defaultTemplate->html, |                 'html'  => $defaultTemplate->html, | ||||||
|                 'markdown' => $defaultTemplate->markdown, |                 'markdown' => $defaultTemplate->markdown, | ||||||
| @@ -142,7 +143,7 @@ class PageRepo | |||||||
|  |  | ||||||
|     protected function updateTemplateStatusAndContentFromInput(Page $page, array $input): void |     protected function updateTemplateStatusAndContentFromInput(Page $page, array $input): void | ||||||
|     { |     { | ||||||
|         if (isset($input['template']) && userCan(\BookStack\Permissions\Permission::TemplatesManage)) { |         if (isset($input['template']) && userCan(Permission::TemplatesManage)) { | ||||||
|             $page->template = ($input['template'] === 'true'); |             $page->template = ($input['template'] === 'true'); | ||||||
|         } |         } | ||||||
|  |  | ||||||
| @@ -165,7 +166,7 @@ class PageRepo | |||||||
|             $pageContent->setNewHTML($input['html'], user()); |             $pageContent->setNewHTML($input['html'], user()); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|         if (($newEditor !== $currentEditor || empty($page->editor)) && userCan(\BookStack\Permissions\Permission::EditorChange)) { |         if (($newEditor !== $currentEditor || empty($page->editor)) && userCan(Permission::EditorChange)) { | ||||||
|             $page->editor = $newEditor->value; |             $page->editor = $newEditor->value; | ||||||
|         } elseif (empty($page->editor)) { |         } elseif (empty($page->editor)) { | ||||||
|             $page->editor = $defaultEditor->value; |             $page->editor = $defaultEditor->value; | ||||||
| @@ -271,7 +272,7 @@ class PageRepo | |||||||
|             throw new MoveOperationException('Book or chapter to move page into not found'); |             throw new MoveOperationException('Book or chapter to move page into not found'); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|         if (!userCan(\BookStack\Permissions\Permission::PageCreate, $parent)) { |         if (!userCan(Permission::PageCreate, $parent)) { | ||||||
|             throw new PermissionsException('User does not have permission to create a page within the new parent'); |             throw new PermissionsException('User does not have permission to create a page within the new parent'); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|   | |||||||
| @@ -12,6 +12,7 @@ use BookStack\Entities\Models\Page; | |||||||
| use BookStack\Entities\Repos\BookRepo; | use BookStack\Entities\Repos\BookRepo; | ||||||
| use BookStack\Entities\Repos\ChapterRepo; | use BookStack\Entities\Repos\ChapterRepo; | ||||||
| use BookStack\Entities\Repos\PageRepo; | use BookStack\Entities\Repos\PageRepo; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
| use BookStack\Uploads\Image; | use BookStack\Uploads\Image; | ||||||
| use BookStack\Uploads\ImageService; | use BookStack\Uploads\ImageService; | ||||||
| use Illuminate\Http\UploadedFile; | use Illuminate\Http\UploadedFile; | ||||||
| @@ -49,7 +50,7 @@ class Cloner | |||||||
|  |  | ||||||
|         $copyChapter = $this->chapterRepo->create($chapterDetails, $parent); |         $copyChapter = $this->chapterRepo->create($chapterDetails, $parent); | ||||||
|  |  | ||||||
|         if (userCan(\BookStack\Permissions\Permission::PageCreate, $copyChapter)) { |         if (userCan(Permission::PageCreate, $copyChapter)) { | ||||||
|             /** @var Page $page */ |             /** @var Page $page */ | ||||||
|             foreach ($original->getVisiblePages() as $page) { |             foreach ($original->getVisiblePages() as $page) { | ||||||
|                 $this->clonePage($page, $copyChapter, $page->name); |                 $this->clonePage($page, $copyChapter, $page->name); | ||||||
| @@ -61,7 +62,7 @@ class Cloner | |||||||
|  |  | ||||||
|     /** |     /** | ||||||
|      * Clone the given book. |      * Clone the given book. | ||||||
|      * Clones all child chapters & pages. |      * Clones all child chapters and pages. | ||||||
|      */ |      */ | ||||||
|     public function cloneBook(Book $original, string $newName): Book |     public function cloneBook(Book $original, string $newName): Book | ||||||
|     { |     { | ||||||
| @@ -74,11 +75,11 @@ class Cloner | |||||||
|         // Clone contents |         // Clone contents | ||||||
|         $directChildren = $original->getDirectVisibleChildren(); |         $directChildren = $original->getDirectVisibleChildren(); | ||||||
|         foreach ($directChildren as $child) { |         foreach ($directChildren as $child) { | ||||||
|             if ($child instanceof Chapter && userCan(\BookStack\Permissions\Permission::ChapterCreate, $copyBook)) { |             if ($child instanceof Chapter && userCan(Permission::ChapterCreate, $copyBook)) { | ||||||
|                 $this->cloneChapter($child, $copyBook, $child->name); |                 $this->cloneChapter($child, $copyBook, $child->name); | ||||||
|             } |             } | ||||||
|  |  | ||||||
|             if ($child instanceof Page && !$child->draft && userCan(\BookStack\Permissions\Permission::PageCreate, $copyBook)) { |             if ($child instanceof Page && !$child->draft && userCan(Permission::PageCreate, $copyBook)) { | ||||||
|                 $this->clonePage($child, $copyBook, $child->name); |                 $this->clonePage($child, $copyBook, $child->name); | ||||||
|             } |             } | ||||||
|         } |         } | ||||||
| @@ -86,7 +87,7 @@ class Cloner | |||||||
|         // Clone bookshelf relationships |         // Clone bookshelf relationships | ||||||
|         /** @var Bookshelf $shelf */ |         /** @var Bookshelf $shelf */ | ||||||
|         foreach ($original->shelves as $shelf) { |         foreach ($original->shelves as $shelf) { | ||||||
|             if (userCan(\BookStack\Permissions\Permission::BookshelfUpdate, $shelf)) { |             if (userCan(Permission::BookshelfUpdate, $shelf)) { | ||||||
|                 $shelf->appendBook($copyBook); |                 $shelf->appendBook($copyBook); | ||||||
|             } |             } | ||||||
|         } |         } | ||||||
|   | |||||||
| @@ -7,6 +7,7 @@ use BookStack\Entities\Models\Page; | |||||||
| use BookStack\Entities\Queries\EntityQueries; | use BookStack\Entities\Queries\EntityQueries; | ||||||
| use BookStack\Entities\Tools\Markdown\HtmlToMarkdown; | use BookStack\Entities\Tools\Markdown\HtmlToMarkdown; | ||||||
| use BookStack\Entities\Tools\Markdown\MarkdownToHtml; | use BookStack\Entities\Tools\Markdown\MarkdownToHtml; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
|  |  | ||||||
| class PageEditorData | class PageEditorData | ||||||
| { | { | ||||||
| @@ -98,9 +99,9 @@ class PageEditorData | |||||||
|     { |     { | ||||||
|         $editorType = PageEditorType::forPage($page) ?: PageEditorType::getSystemDefault(); |         $editorType = PageEditorType::forPage($page) ?: PageEditorType::getSystemDefault(); | ||||||
|  |  | ||||||
|         // Use requested editor if valid and if we have permission |         // Use the requested editor if valid and if we have permission | ||||||
|         $requestedType = PageEditorType::fromRequestValue($this->requestedEditor); |         $requestedType = PageEditorType::fromRequestValue($this->requestedEditor); | ||||||
|         if ($requestedType && userCan(\BookStack\Permissions\Permission::EditorChange)) { |         if ($requestedType && userCan(Permission::EditorChange)) { | ||||||
|             $editorType = $requestedType; |             $editorType = $requestedType; | ||||||
|         } |         } | ||||||
|  |  | ||||||
|   | |||||||
| @@ -150,7 +150,7 @@ class PermissionsUpdater | |||||||
|  |  | ||||||
|         /** @var Book $book */ |         /** @var Book $book */ | ||||||
|         foreach ($shelfBooks as $book) { |         foreach ($shelfBooks as $book) { | ||||||
|             if ($checkUserPermissions && !userCan(\BookStack\Permissions\Permission::RestrictionsManage, $book)) { |             if ($checkUserPermissions && !userCan(Permission::RestrictionsManage, $book)) { | ||||||
|                 continue; |                 continue; | ||||||
|             } |             } | ||||||
|             $book->permissions()->delete(); |             $book->permissions()->delete(); | ||||||
|   | |||||||
| @@ -16,6 +16,7 @@ use BookStack\Exports\ZipExports\ZipExportReader; | |||||||
| use BookStack\Exports\ZipExports\ZipExportValidator; | use BookStack\Exports\ZipExports\ZipExportValidator; | ||||||
| use BookStack\Exports\ZipExports\ZipImportRunner; | use BookStack\Exports\ZipExports\ZipImportRunner; | ||||||
| use BookStack\Facades\Activity; | use BookStack\Facades\Activity; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
| use BookStack\Uploads\FileStorage; | use BookStack\Uploads\FileStorage; | ||||||
| use Illuminate\Database\Eloquent\Builder; | use Illuminate\Database\Eloquent\Builder; | ||||||
| use Illuminate\Database\Eloquent\Collection; | use Illuminate\Database\Eloquent\Collection; | ||||||
| @@ -46,7 +47,7 @@ class ImportRepo | |||||||
|     { |     { | ||||||
|         $query = Import::query(); |         $query = Import::query(); | ||||||
|  |  | ||||||
|         if (!userCan(\BookStack\Permissions\Permission::SettingsManage)) { |         if (!userCan(Permission::SettingsManage)) { | ||||||
|             $query->where('created_by', user()->id); |             $query->where('created_by', user()->id); | ||||||
|         } |         } | ||||||
|  |  | ||||||
| @@ -57,7 +58,7 @@ class ImportRepo | |||||||
|     { |     { | ||||||
|         $query = Import::query(); |         $query = Import::query(); | ||||||
|  |  | ||||||
|         if (!userCan(\BookStack\Permissions\Permission::SettingsManage)) { |         if (!userCan(Permission::SettingsManage)) { | ||||||
|             $query->where('created_by', user()->id); |             $query->where('created_by', user()->id); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|   | |||||||
| @@ -12,6 +12,7 @@ use BookStack\Exports\ZipExports\Models\ZipExportChapter; | |||||||
| use BookStack\Exports\ZipExports\Models\ZipExportImage; | use BookStack\Exports\ZipExports\Models\ZipExportImage; | ||||||
| use BookStack\Exports\ZipExports\Models\ZipExportModel; | use BookStack\Exports\ZipExports\Models\ZipExportModel; | ||||||
| use BookStack\Exports\ZipExports\Models\ZipExportPage; | use BookStack\Exports\ZipExports\Models\ZipExportPage; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
| use BookStack\Uploads\Attachment; | use BookStack\Uploads\Attachment; | ||||||
| use BookStack\Uploads\Image; | use BookStack\Uploads\Image; | ||||||
|  |  | ||||||
| @@ -135,7 +136,7 @@ class ZipExportReferences | |||||||
|             // Find and include images if in visibility |             // Find and include images if in visibility | ||||||
|             $page = $model->getPage(); |             $page = $model->getPage(); | ||||||
|             $pageExportModel = $this->pages[$page->id] ?? ($exportModel instanceof ZipExportPage ? $exportModel : null); |             $pageExportModel = $this->pages[$page->id] ?? ($exportModel instanceof ZipExportPage ? $exportModel : null); | ||||||
|             if (isset($this->images[$model->id]) || ($page && $pageExportModel && userCan(\BookStack\Permissions\Permission::View, $page))) { |             if (isset($this->images[$model->id]) || ($page && $pageExportModel && userCan(Permission::PageView, $page))) { | ||||||
|                 if (!isset($this->images[$model->id])) { |                 if (!isset($this->images[$model->id])) { | ||||||
|                     $exportImage = ZipExportImage::fromModel($model, $files); |                     $exportImage = ZipExportImage::fromModel($model, $files); | ||||||
|                     $this->images[$model->id] = $exportImage; |                     $this->images[$model->id] = $exportImage; | ||||||
|   | |||||||
| @@ -18,6 +18,7 @@ use BookStack\Exports\ZipExports\Models\ZipExportChapter; | |||||||
| use BookStack\Exports\ZipExports\Models\ZipExportImage; | use BookStack\Exports\ZipExports\Models\ZipExportImage; | ||||||
| use BookStack\Exports\ZipExports\Models\ZipExportPage; | use BookStack\Exports\ZipExports\Models\ZipExportPage; | ||||||
| use BookStack\Exports\ZipExports\Models\ZipExportTag; | use BookStack\Exports\ZipExports\Models\ZipExportTag; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
| use BookStack\Uploads\Attachment; | use BookStack\Uploads\Attachment; | ||||||
| use BookStack\Uploads\AttachmentService; | use BookStack\Uploads\AttachmentService; | ||||||
| use BookStack\Uploads\FileStorage; | use BookStack\Uploads\FileStorage; | ||||||
| @@ -288,7 +289,7 @@ class ZipImportRunner | |||||||
|         $attachments = []; |         $attachments = []; | ||||||
|  |  | ||||||
|         if ($exportModel instanceof ZipExportBook) { |         if ($exportModel instanceof ZipExportBook) { | ||||||
|             if (!userCan(\BookStack\Permissions\Permission::BookCreateAll)) { |             if (!userCan(Permission::BookCreateAll)) { | ||||||
|                 $errors[] = trans('errors.import_perms_books'); |                 $errors[] = trans('errors.import_perms_books'); | ||||||
|             } |             } | ||||||
|             array_push($pages, ...$exportModel->pages); |             array_push($pages, ...$exportModel->pages); | ||||||
| @@ -317,11 +318,11 @@ class ZipImportRunner | |||||||
|  |  | ||||||
|         if (count($pages) > 0) { |         if (count($pages) > 0) { | ||||||
|             if ($parent) { |             if ($parent) { | ||||||
|                 if (!userCan(\BookStack\Permissions\Permission::PageCreate, $parent)) { |                 if (!userCan(Permission::PageCreate, $parent)) { | ||||||
|                     $errors[] = trans('errors.import_perms_pages'); |                     $errors[] = trans('errors.import_perms_pages'); | ||||||
|                 } |                 } | ||||||
|             } else { |             } else { | ||||||
|                 $hasPermission = userCan(\BookStack\Permissions\Permission::PageCreateAll) || userCan(\BookStack\Permissions\Permission::PageCreateOwn); |                 $hasPermission = userCan(Permission::PageCreateAll) || userCan(Permission::PageCreateOwn); | ||||||
|                 if (!$hasPermission) { |                 if (!$hasPermission) { | ||||||
|                     $errors[] = trans('errors.import_perms_pages'); |                     $errors[] = trans('errors.import_perms_pages'); | ||||||
|                 } |                 } | ||||||
| @@ -329,13 +330,13 @@ class ZipImportRunner | |||||||
|         } |         } | ||||||
|  |  | ||||||
|         if (count($images) > 0) { |         if (count($images) > 0) { | ||||||
|             if (!userCan(\BookStack\Permissions\Permission::ImageCreateAll)) { |             if (!userCan(Permission::ImageCreateAll)) { | ||||||
|                 $errors[] = trans('errors.import_perms_images'); |                 $errors[] = trans('errors.import_perms_images'); | ||||||
|             } |             } | ||||||
|         } |         } | ||||||
|  |  | ||||||
|         if (count($attachments) > 0) { |         if (count($attachments) > 0) { | ||||||
|             if (!userCan(\BookStack\Permissions\Permission::AttachmentCreateAll)) { |             if (!userCan(Permission::AttachmentCreateAll)) { | ||||||
|                 $errors[] = trans('errors.import_perms_attachments'); |                 $errors[] = trans('errors.import_perms_attachments'); | ||||||
|             } |             } | ||||||
|         } |         } | ||||||
|   | |||||||
| @@ -8,6 +8,7 @@ use BookStack\Entities\Models\Chapter; | |||||||
| use BookStack\Entities\Models\Entity; | use BookStack\Entities\Models\Entity; | ||||||
| use BookStack\Entities\Models\Page; | use BookStack\Entities\Models\Page; | ||||||
| use BookStack\Entities\Queries\EntityQueries; | use BookStack\Entities\Queries\EntityQueries; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
|  |  | ||||||
| class BookSorter | class BookSorter | ||||||
| { | { | ||||||
| @@ -187,11 +188,11 @@ class BookSorter | |||||||
|  |  | ||||||
|         $hasNewParent = $newBook->id !== $model->book_id || ($model instanceof Page && $model->chapter_id !== ($sortMapItem->parentChapterId ?? 0)); |         $hasNewParent = $newBook->id !== $model->book_id || ($model instanceof Page && $model->chapter_id !== ($sortMapItem->parentChapterId ?? 0)); | ||||||
|         if ($model instanceof Chapter) { |         if ($model instanceof Chapter) { | ||||||
|             $hasPermission = userCan(\BookStack\Permissions\Permission::BookUpdate, $currentParent) |             $hasPermission = userCan(Permission::BookUpdate, $currentParent) | ||||||
|                 && userCan(\BookStack\Permissions\Permission::BookUpdate, $newBook) |                 && userCan(Permission::BookUpdate, $newBook) | ||||||
|                 && userCan(\BookStack\Permissions\Permission::ChapterUpdate, $model) |                 && userCan(Permission::ChapterUpdate, $model) | ||||||
|                 && (!$hasNewParent || userCan(\BookStack\Permissions\Permission::ChapterCreate, $newBook)) |                 && (!$hasNewParent || userCan(Permission::ChapterCreate, $newBook)) | ||||||
|                 && (!$hasNewParent || userCan(\BookStack\Permissions\Permission::ChapterDelete, $model)); |                 && (!$hasNewParent || userCan(Permission::ChapterDelete, $model)); | ||||||
|  |  | ||||||
|             if (!$hasPermission) { |             if (!$hasPermission) { | ||||||
|                 return false; |                 return false; | ||||||
| @@ -210,13 +211,13 @@ class BookSorter | |||||||
|                 return false; |                 return false; | ||||||
|             } |             } | ||||||
|  |  | ||||||
|             $hasPageEditPermission = userCan(\BookStack\Permissions\Permission::PageUpdate, $model); |             $hasPageEditPermission = userCan(Permission::PageUpdate, $model); | ||||||
|             $newParentInRightLocation = ($newParent instanceof Book || ($newParent instanceof Chapter && $newParent->book_id === $newBook->id)); |             $newParentInRightLocation = ($newParent instanceof Book || ($newParent instanceof Chapter && $newParent->book_id === $newBook->id)); | ||||||
|             $newParentPermission = ($newParent instanceof Chapter) ? 'chapter-update' : 'book-update'; |             $newParentPermission = ($newParent instanceof Chapter) ? 'chapter-update' : 'book-update'; | ||||||
|             $hasNewParentPermission = userCan($newParentPermission, $newParent); |             $hasNewParentPermission = userCan($newParentPermission, $newParent); | ||||||
|  |  | ||||||
|             $hasDeletePermissionIfMoving = (!$hasNewParent || userCan(\BookStack\Permissions\Permission::PageDelete, $model)); |             $hasDeletePermissionIfMoving = (!$hasNewParent || userCan(Permission::PageDelete, $model)); | ||||||
|             $hasCreatePermissionIfMoving = (!$hasNewParent || userCan(\BookStack\Permissions\Permission::PageCreate, $newParent)); |             $hasCreatePermissionIfMoving = (!$hasNewParent || userCan(Permission::PageCreate, $newParent)); | ||||||
|  |  | ||||||
|             $hasPermission = $hasCurrentParentPermission |             $hasPermission = $hasCurrentParentPermission | ||||||
|                 && $newParentInRightLocation |                 && $newParentInRightLocation | ||||||
|   | |||||||
| @@ -82,7 +82,7 @@ class DrawioImageController extends Controller | |||||||
|             return $this->jsonError(trans('errors.drawing_data_not_found'), 404); |             return $this->jsonError(trans('errors.drawing_data_not_found'), 404); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|         if ($image->type !== 'drawio' || !userCan(\BookStack\Permissions\Permission::PageView, $image->getPage())) { |         if ($image->type !== 'drawio' || !userCan(Permission::PageView, $image->getPage())) { | ||||||
|             return $this->jsonError(trans('errors.drawing_data_not_found'), 404); |             return $this->jsonError(trans('errors.drawing_data_not_found'), 404); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|   | |||||||
| @@ -63,9 +63,9 @@ class UserAccountController extends Controller | |||||||
|             'profile_image'    => array_merge(['nullable'], $this->getImageValidationRules()), |             'profile_image'    => array_merge(['nullable'], $this->getImageValidationRules()), | ||||||
|         ]); |         ]); | ||||||
|  |  | ||||||
|         $this->userRepo->update($user, $validated, userCan(\BookStack\Permissions\Permission::UsersManage)); |         $this->userRepo->update($user, $validated, userCan(Permission::UsersManage)); | ||||||
|  |  | ||||||
|         // Save profile image if in request |         // Save the profile image if in request | ||||||
|         if ($request->hasFile('profile_image')) { |         if ($request->hasFile('profile_image')) { | ||||||
|             $imageUpload = $request->file('profile_image'); |             $imageUpload = $request->file('profile_image'); | ||||||
|             $imageRepo->destroyImage($user->avatar); |             $imageRepo->destroyImage($user->avatar); | ||||||
| @@ -74,7 +74,7 @@ class UserAccountController extends Controller | |||||||
|             $user->save(); |             $user->save(); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|         // Delete the profile image if reset option is in request |         // Delete the profile image if the reset option is in request | ||||||
|         if ($request->has('profile_image_reset')) { |         if ($request->has('profile_image_reset')) { | ||||||
|             $imageRepo->destroyImage($user->avatar); |             $imageRepo->destroyImage($user->avatar); | ||||||
|             $user->image_id = 0; |             $user->image_id = 0; | ||||||
| @@ -219,7 +219,7 @@ class UserAccountController extends Controller | |||||||
|         $this->preventAccessInDemoMode(); |         $this->preventAccessInDemoMode(); | ||||||
|  |  | ||||||
|         $requestNewOwnerId = intval($request->get('new_owner_id')) ?: null; |         $requestNewOwnerId = intval($request->get('new_owner_id')) ?: null; | ||||||
|         $newOwnerId = userCan(\BookStack\Permissions\Permission::UsersManage) ? $requestNewOwnerId : null; |         $newOwnerId = userCan(Permission::UsersManage) ? $requestNewOwnerId : null; | ||||||
|  |  | ||||||
|         $this->userRepo->destroy(user(), $newOwnerId); |         $this->userRepo->destroy(user(), $newOwnerId); | ||||||
|  |  | ||||||
|   | |||||||
| @@ -125,7 +125,7 @@ class UserApiController extends ApiController | |||||||
|     { |     { | ||||||
|         $data = $this->validate($request, $this->rules($id)['update']); |         $data = $this->validate($request, $this->rules($id)['update']); | ||||||
|         $user = $this->userRepo->getById($id); |         $user = $this->userRepo->getById($id); | ||||||
|         $this->userRepo->update($user, $data, userCan(\BookStack\Permissions\Permission::UsersManage)); |         $this->userRepo->update($user, $data, userCan(Permission::UsersManage)); | ||||||
|         $this->singleFormatter($user); |         $this->singleFormatter($user); | ||||||
|  |  | ||||||
|         return response()->json($user); |         return response()->json($user); | ||||||
|   | |||||||
| @@ -3,6 +3,7 @@ | |||||||
| namespace BookStack\Users\Controllers; | namespace BookStack\Users\Controllers; | ||||||
|  |  | ||||||
| use BookStack\Http\Controller; | use BookStack\Http\Controller; | ||||||
|  | use BookStack\Permissions\Permission; | ||||||
| use BookStack\Users\Models\User; | use BookStack\Users\Models\User; | ||||||
| use Illuminate\Http\Request; | use Illuminate\Http\Request; | ||||||
|  |  | ||||||
| @@ -15,9 +16,9 @@ class UserSearchController extends Controller | |||||||
|     public function forSelect(Request $request) |     public function forSelect(Request $request) | ||||||
|     { |     { | ||||||
|         $hasPermission = !user()->isGuest() && ( |         $hasPermission = !user()->isGuest() && ( | ||||||
|             userCan(\BookStack\Permissions\Permission::UsersManage) |             userCan(Permission::UsersManage) | ||||||
|                 || userCan(\BookStack\Permissions\Permission::RestrictionsManageOwn) |                 || userCan(Permission::RestrictionsManageOwn) | ||||||
|                 || userCan(\BookStack\Permissions\Permission::RestrictionsManageAll) |                 || userCan(Permission::RestrictionsManageAll) | ||||||
|         ); |         ); | ||||||
|  |  | ||||||
|         if (!$hasPermission) { |         if (!$hasPermission) { | ||||||
|   | |||||||
| @@ -5,7 +5,7 @@ | |||||||
|     <h5>{{ trans('entities.books_navigation') }}</h5> |     <h5>{{ trans('entities.books_navigation') }}</h5> | ||||||
|  |  | ||||||
|     <ul class="sidebar-page-list mt-xs menu entity-list"> |     <ul class="sidebar-page-list mt-xs menu entity-list"> | ||||||
|         @if (userCan(\BookStack\Permissions\Permission::View, $book)) |         @if (userCan(\BookStack\Permissions\Permission::BookView, $book)) | ||||||
|             <li class="list-item-book book"> |             <li class="list-item-book book"> | ||||||
|                 @include('entities.list-item-basic', ['entity' => $book, 'classes' => ($current->matches($book)? 'selected' : '')]) |                 @include('entities.list-item-basic', ['entity' => $book, 'classes' => ($current->matches($book)? 'selected' : '')]) | ||||||
|             </li> |             </li> | ||||||
|   | |||||||
| @@ -105,7 +105,7 @@ | |||||||
|         @if($image->createdBy) |         @if($image->createdBy) | ||||||
|             <div>@icon('user') {{ trans('components.image_uploaded_by', ['userName' => $image->createdBy->name]) }}</div> |             <div>@icon('user') {{ trans('components.image_uploaded_by', ['userName' => $image->createdBy->name]) }}</div> | ||||||
|         @endif |         @endif | ||||||
|         @if(($page = $image->getPage()) && userCan(\BookStack\Permissions\Permission::View, $page)) |         @if(($page = $image->getPage()) && userCan(\BookStack\Permissions\Permission::PageView, $page)) | ||||||
|             <div> |             <div> | ||||||
|                 @icon('page') |                 @icon('page') | ||||||
|                 {!! trans('components.image_uploaded_to', [ |                 {!! trans('components.image_uploaded_to', [ | ||||||
|   | |||||||
| @@ -146,7 +146,7 @@ | |||||||
|                     <span>{{ trans('common.edit') }}</span> |                     <span>{{ trans('common.edit') }}</span> | ||||||
|                 </a> |                 </a> | ||||||
|             @endif |             @endif | ||||||
|             @if(userCanOnAny(\BookStack\Permissions\Permission::Create, \BookStack\Entities\Models\Book::class) || userCanOnAny('create', \BookStack\Entities\Models\Chapter::class) || userCan(\BookStack\Permissions\Permission::PageCreateAll) || userCan(\BookStack\Permissions\Permission::PageCreateOwn)) |             @if(userCan(\BookStack\Permissions\Permission::PageCreateAll) || userCan(\BookStack\Permissions\Permission::PageCreateOwn) || userCanOnAny(\BookStack\Permissions\Permission::Create, \BookStack\Entities\Models\Book::class) || userCanOnAny(\BookStack\Permissions\Permission::Create, \BookStack\Entities\Models\Chapter::class)) | ||||||
|                 <a href="{{ $page->getUrl('/copy') }}" data-shortcut="copy" class="icon-list-item"> |                 <a href="{{ $page->getUrl('/copy') }}" data-shortcut="copy" class="icon-list-item"> | ||||||
|                     <span>@icon('copy')</span> |                     <span>@icon('copy')</span> | ||||||
|                     <span>{{ trans('common.copy') }}</span> |                     <span>{{ trans('common.copy') }}</span> | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user