Merge bugfixes from branch 'v0.8'

2025-07-30 04:23:11 +03:00 · 2016-03-30 21:49:25 +01:00
parent e7d8a041a8 8b109bac13
commit e9b596d3bc
17 changed files with 211 additions and 63 deletions
--- a/app/Http/routes.php
+++ b/app/Http/routes.php
@ -19,8 +19,8 @@ Route::group(['middleware' => 'auth'], function () {
        Route::delete('/{id}', 'BookController@destroy');
        Route::get('/{slug}/sort-item', 'BookController@getSortItem');
        Route::get('/{slug}', 'BookController@show');
-        Route::get('/{bookSlug}/restrict', 'BookController@showRestrict');
-        Route::put('/{bookSlug}/restrict', 'BookController@restrict');
+        Route::get('/{bookSlug}/permissions', 'BookController@showRestrict');
+        Route::put('/{bookSlug}/permissions', 'BookController@restrict');
        Route::get('/{slug}/delete', 'BookController@showDelete');
        Route::get('/{bookSlug}/sort', 'BookController@sort');
        Route::put('/{bookSlug}/sort', 'BookController@saveSort');
@ -36,8 +36,8 @@ Route::group(['middleware' => 'auth'], function () {
        Route::get('/{bookSlug}/page/{pageSlug}/edit', 'PageController@edit');
        Route::get('/{bookSlug}/page/{pageSlug}/delete', 'PageController@showDelete');
        Route::get('/{bookSlug}/draft/{pageId}/delete', 'PageController@showDeleteDraft');
-        Route::get('/{bookSlug}/page/{pageSlug}/restrict', 'PageController@showRestrict');
-        Route::put('/{bookSlug}/page/{pageSlug}/restrict', 'PageController@restrict');
+        Route::get('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@showRestrict');
+        Route::put('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@restrict');
        Route::put('/{bookSlug}/page/{pageSlug}', 'PageController@update');
        Route::delete('/{bookSlug}/page/{pageSlug}', 'PageController@destroy');
        Route::delete('/{bookSlug}/draft/{pageId}', 'PageController@destroyDraft');
@ -54,8 +54,8 @@ Route::group(['middleware' => 'auth'], function () {
        Route::get('/{bookSlug}/chapter/{chapterSlug}', 'ChapterController@show');
        Route::put('/{bookSlug}/chapter/{chapterSlug}', 'ChapterController@update');
        Route::get('/{bookSlug}/chapter/{chapterSlug}/edit', 'ChapterController@edit');
-        Route::get('/{bookSlug}/chapter/{chapterSlug}/restrict', 'ChapterController@showRestrict');
-        Route::put('/{bookSlug}/chapter/{chapterSlug}/restrict', 'ChapterController@restrict');
+        Route::get('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@showRestrict');
+        Route::put('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@restrict');
        Route::get('/{bookSlug}/chapter/{chapterSlug}/delete', 'ChapterController@showDelete');
        Route::delete('/{bookSlug}/chapter/{chapterSlug}', 'ChapterController@destroy');

--- a/app/Services/RestrictionService.php
+++ b/app/Services/RestrictionService.php
@ -41,6 +41,25 @@ class RestrictionService
        return false;
    }

+    /**
+     * Check if an entity has restrictions set on itself or its
+     * parent tree.
+     * @param Entity $entity
+     * @param $action
+     * @return bool|mixed
+     */
+    public function checkIfRestrictionsSet(Entity $entity, $action)
+    {
+        $this->currentAction = $action;
+        if ($entity->isA('page')) {
+            return $entity->restricted || ($entity->chapter && $entity->chapter->restricted) || $entity->book->restricted;
+        } elseif ($entity->isA('chapter')) {
+            return $entity->restricted || $entity->book->restricted;
+        } elseif ($entity->isA('book')) {
+            return $entity->restricted;
+        }
+    }
+
    /**
     * Add restrictions for a page query
     * @param $query
--- a/app/User.php
+++ b/app/User.php
@ -162,4 +162,19 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
    {
        return '/settings/users/' . $this->id;
    }
+
+    /**
+     * Get a shortened version of the user's name.
+     * @param int $chars
+     * @return string
+     */
+    public function getShortName($chars = 8)
+    {
+        if (strlen($this->name) <= $chars) return $this->name;
+
+        $splitName = explode(' ', $this->name);
+        if (strlen($splitName[0]) <= $chars) return $splitName[0];
+
+        return '';
+    }
 }
--- a/app/helpers.php
+++ b/app/helpers.php
@ -52,12 +52,13 @@ function userCan($permission, \BookStack\Ownable $ownable = null)

    if (!$ownable instanceof \BookStack\Entity) return $hasPermission;

-    // Check restrictions on the entitiy
+    // Check restrictions on the entity
    $restrictionService = app('BookStack\Services\RestrictionService');
    $explodedPermission = explode('-', $permission);
    $action = end($explodedPermission);
    $hasAccess = $restrictionService->checkIfEntityRestricted($ownable, $action);
-    return $hasAccess && $hasPermission;
+    $restrictionsSet = $restrictionService->checkIfRestrictionsSet($ownable, $action);
+    return ($hasAccess && $restrictionsSet) || (!$restrictionsSet && $hasPermission);
 }

 /**