2021-06-26 11:23:15 -04:00
|
|
|
<?php
|
|
|
|
|
2023-05-17 12:56:55 -04:00
|
|
|
namespace BookStack\Users\Controllers;
|
2016-02-26 18:44:02 -05:00
|
|
|
|
2018-09-25 11:58:03 -04:00
|
|
|
use BookStack\Exceptions\PermissionsException;
|
2023-05-18 15:53:39 -04:00
|
|
|
use BookStack\Http\Controller;
|
2023-05-17 12:56:55 -04:00
|
|
|
use BookStack\Permissions\PermissionsRepo;
|
|
|
|
use BookStack\Users\Models\Role;
|
|
|
|
use BookStack\Users\Queries\RolesAllPaginatedAndSorted;
|
2022-10-30 11:16:06 -04:00
|
|
|
use BookStack\Util\SimpleListOptions;
|
2020-08-04 09:55:01 -04:00
|
|
|
use Exception;
|
2016-02-26 18:44:02 -05:00
|
|
|
use Illuminate\Http\Request;
|
|
|
|
|
2020-11-20 13:53:01 -05:00
|
|
|
class RoleController extends Controller
|
2016-02-26 18:44:02 -05:00
|
|
|
{
|
2022-10-29 15:52:17 -04:00
|
|
|
protected PermissionsRepo $permissionsRepo;
|
2016-02-26 18:44:02 -05:00
|
|
|
|
2016-03-02 17:35:01 -05:00
|
|
|
public function __construct(PermissionsRepo $permissionsRepo)
|
2016-02-26 18:44:02 -05:00
|
|
|
{
|
2016-03-02 17:35:01 -05:00
|
|
|
$this->permissionsRepo = $permissionsRepo;
|
2016-02-26 18:44:02 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Show a listing of the roles in the system.
|
|
|
|
*/
|
2022-10-29 15:52:17 -04:00
|
|
|
public function index(Request $request)
|
2016-02-26 18:44:02 -05:00
|
|
|
{
|
2016-02-27 14:24:42 -05:00
|
|
|
$this->checkPermission('user-roles-manage');
|
2022-10-29 15:52:17 -04:00
|
|
|
|
2022-10-30 11:16:06 -04:00
|
|
|
$listOptions = SimpleListOptions::fromRequest($request, 'roles')->withSortOptions([
|
|
|
|
'display_name' => trans('common.sort_name'),
|
|
|
|
'users_count' => trans('settings.roles_assigned_users'),
|
|
|
|
'permissions_count' => trans('settings.roles_permissions_provided'),
|
|
|
|
'created_at' => trans('common.sort_created_at'),
|
|
|
|
'updated_at' => trans('common.sort_updated_at'),
|
|
|
|
]);
|
2022-10-29 15:52:17 -04:00
|
|
|
|
2022-10-30 11:16:06 -04:00
|
|
|
$roles = (new RolesAllPaginatedAndSorted())->run(20, $listOptions);
|
|
|
|
$roles->appends($listOptions->getPaginationAppends());
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2022-01-04 08:33:24 -05:00
|
|
|
$this->setPageTitle(trans('settings.roles'));
|
2022-01-06 07:18:11 -05:00
|
|
|
|
2022-10-29 15:52:17 -04:00
|
|
|
return view('settings.roles.index', [
|
|
|
|
'roles' => $roles,
|
2022-10-30 11:16:06 -04:00
|
|
|
'listOptions' => $listOptions,
|
2022-10-29 15:52:17 -04:00
|
|
|
]);
|
2016-02-26 18:44:02 -05:00
|
|
|
}
|
|
|
|
|
2016-02-27 14:24:42 -05:00
|
|
|
/**
|
2021-06-26 11:23:15 -04:00
|
|
|
* Show the form to create a new role.
|
2016-02-27 14:24:42 -05:00
|
|
|
*/
|
2021-12-19 07:27:14 -05:00
|
|
|
public function create(Request $request)
|
2016-02-27 14:24:42 -05:00
|
|
|
{
|
|
|
|
$this->checkPermission('user-roles-manage');
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2021-12-19 07:27:14 -05:00
|
|
|
/** @var ?Role $role */
|
|
|
|
$role = null;
|
|
|
|
if ($request->has('copy_from')) {
|
|
|
|
$role = Role::query()->find($request->get('copy_from'));
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($role) {
|
|
|
|
$role->display_name .= ' (' . trans('common.copy') . ')';
|
|
|
|
}
|
|
|
|
|
2022-01-04 08:33:24 -05:00
|
|
|
$this->setPageTitle(trans('settings.role_create'));
|
2022-01-06 07:18:11 -05:00
|
|
|
|
2021-12-19 07:27:14 -05:00
|
|
|
return view('settings.roles.create', ['role' => $role]);
|
2016-02-27 14:24:42 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Store a new role in the system.
|
|
|
|
*/
|
2020-11-20 13:53:01 -05:00
|
|
|
public function store(Request $request)
|
2016-02-27 14:24:42 -05:00
|
|
|
{
|
|
|
|
$this->checkPermission('user-roles-manage');
|
2023-02-18 13:36:34 -05:00
|
|
|
$data = $this->validate($request, [
|
2021-11-04 20:26:55 -04:00
|
|
|
'display_name' => ['required', 'min:3', 'max:180'],
|
2021-12-19 07:27:14 -05:00
|
|
|
'description' => ['max:180'],
|
2023-02-18 13:36:34 -05:00
|
|
|
'external_auth_id' => ['string'],
|
|
|
|
'permissions' => ['array'],
|
|
|
|
'mfa_enforced' => ['string'],
|
2016-02-27 14:24:42 -05:00
|
|
|
]);
|
|
|
|
|
2023-02-18 13:36:34 -05:00
|
|
|
$data['permissions'] = array_keys($data['permissions'] ?? []);
|
|
|
|
$data['mfa_enforced'] = ($data['mfa_enforced'] ?? 'false') === 'true';
|
|
|
|
$this->permissionsRepo->saveNewRole($data);
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2016-02-27 14:24:42 -05:00
|
|
|
return redirect('/settings/roles');
|
|
|
|
}
|
|
|
|
|
2016-02-26 18:44:02 -05:00
|
|
|
/**
|
|
|
|
* Show the form for editing a user role.
|
|
|
|
*/
|
2020-11-20 13:53:01 -05:00
|
|
|
public function edit(string $id)
|
2016-02-26 18:44:02 -05:00
|
|
|
{
|
2016-02-27 14:24:42 -05:00
|
|
|
$this->checkPermission('user-roles-manage');
|
2016-03-02 17:35:01 -05:00
|
|
|
$role = $this->permissionsRepo->getRoleById($id);
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2022-01-04 08:33:24 -05:00
|
|
|
$this->setPageTitle(trans('settings.role_edit'));
|
2022-01-06 07:18:11 -05:00
|
|
|
|
2019-02-03 12:34:15 -05:00
|
|
|
return view('settings.roles.edit', ['role' => $role]);
|
2016-02-26 18:44:02 -05:00
|
|
|
}
|
2016-02-27 14:24:42 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Updates a user role.
|
|
|
|
*/
|
2020-11-20 13:53:01 -05:00
|
|
|
public function update(Request $request, string $id)
|
2016-02-27 14:24:42 -05:00
|
|
|
{
|
|
|
|
$this->checkPermission('user-roles-manage');
|
2023-02-18 13:36:34 -05:00
|
|
|
$data = $this->validate($request, [
|
2021-11-04 20:26:55 -04:00
|
|
|
'display_name' => ['required', 'min:3', 'max:180'],
|
2021-12-19 07:27:14 -05:00
|
|
|
'description' => ['max:180'],
|
2023-02-18 13:36:34 -05:00
|
|
|
'external_auth_id' => ['string'],
|
|
|
|
'permissions' => ['array'],
|
|
|
|
'mfa_enforced' => ['string'],
|
2016-02-27 14:24:42 -05:00
|
|
|
]);
|
|
|
|
|
2023-02-19 11:03:50 -05:00
|
|
|
$data['permissions'] = array_keys($data['permissions'] ?? []);
|
|
|
|
$data['mfa_enforced'] = ($data['mfa_enforced'] ?? 'false') === 'true';
|
2023-02-18 13:36:34 -05:00
|
|
|
$this->permissionsRepo->updateRole($id, $data);
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2016-02-27 14:24:42 -05:00
|
|
|
return redirect('/settings/roles');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Show the view to delete a role.
|
|
|
|
* Offers the chance to migrate users.
|
|
|
|
*/
|
2020-11-20 13:53:01 -05:00
|
|
|
public function showDelete(string $id)
|
2016-02-27 14:24:42 -05:00
|
|
|
{
|
|
|
|
$this->checkPermission('user-roles-manage');
|
2016-03-02 17:35:01 -05:00
|
|
|
$role = $this->permissionsRepo->getRoleById($id);
|
|
|
|
$roles = $this->permissionsRepo->getAllRolesExcept($role);
|
2016-12-04 11:51:39 -05:00
|
|
|
$blankRole = $role->newInstance(['display_name' => trans('settings.role_delete_no_migration')]);
|
2016-02-27 14:24:42 -05:00
|
|
|
$roles->prepend($blankRole);
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2022-01-04 08:33:24 -05:00
|
|
|
$this->setPageTitle(trans('settings.role_delete'));
|
2022-01-06 07:18:11 -05:00
|
|
|
|
2019-02-03 12:34:15 -05:00
|
|
|
return view('settings.roles.delete', ['role' => $role, 'roles' => $roles]);
|
2016-02-27 14:24:42 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Delete a role from the system,
|
|
|
|
* Migrate from a previous role if set.
|
2021-06-26 11:23:15 -04:00
|
|
|
*
|
2020-08-04 09:55:01 -04:00
|
|
|
* @throws Exception
|
2016-02-27 14:24:42 -05:00
|
|
|
*/
|
2020-11-20 13:53:01 -05:00
|
|
|
public function delete(Request $request, string $id)
|
2016-02-27 14:24:42 -05:00
|
|
|
{
|
|
|
|
$this->checkPermission('user-roles-manage');
|
|
|
|
|
2016-03-02 17:35:01 -05:00
|
|
|
try {
|
2023-03-25 08:07:59 -04:00
|
|
|
$migrateRoleId = intval($request->get('migrate_role_id') ?: "0");
|
|
|
|
$this->permissionsRepo->deleteRole($id, $migrateRoleId);
|
2016-03-02 17:35:01 -05:00
|
|
|
} catch (PermissionsException $e) {
|
2019-10-05 07:55:01 -04:00
|
|
|
$this->showErrorNotification($e->getMessage());
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2016-02-27 14:24:42 -05:00
|
|
|
return redirect()->back();
|
|
|
|
}
|
|
|
|
|
|
|
|
return redirect('/settings/roles');
|
|
|
|
}
|
2016-02-26 18:44:02 -05:00
|
|
|
}
|