2022-10-09 12:14:11 -04:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace BookStack\Auth\Permissions;
|
|
|
|
|
|
|
|
use BookStack\Auth\Role;
|
|
|
|
use BookStack\Entities\Models\Entity;
|
|
|
|
|
|
|
|
class PermissionFormData
|
|
|
|
{
|
|
|
|
protected Entity $entity;
|
|
|
|
|
|
|
|
public function __construct(Entity $entity)
|
|
|
|
{
|
|
|
|
$this->entity = $entity;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2022-10-10 07:24:23 -04:00
|
|
|
* Get the permissions with assigned roles.
|
2022-10-09 12:14:11 -04:00
|
|
|
*/
|
2022-10-10 07:24:23 -04:00
|
|
|
public function permissionsWithRoles(): array
|
2022-10-09 12:14:11 -04:00
|
|
|
{
|
|
|
|
return $this->entity->permissions()
|
|
|
|
->with('role')
|
|
|
|
->where('role_id', '!=', 0)
|
2022-10-10 07:24:23 -04:00
|
|
|
->get()
|
|
|
|
->sortBy('role.display_name')
|
2022-10-09 12:14:11 -04:00
|
|
|
->all();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the roles that don't yet have specific permissions for the
|
|
|
|
* entity we're managing permissions for.
|
|
|
|
*/
|
|
|
|
public function rolesNotAssigned(): array
|
|
|
|
{
|
|
|
|
$assigned = $this->entity->permissions()->pluck('role_id');
|
|
|
|
return Role::query()
|
|
|
|
->where('system_name', '!=', 'admin')
|
|
|
|
->whereNotIn('id', $assigned)
|
|
|
|
->orderBy('display_name', 'asc')
|
|
|
|
->get()
|
|
|
|
->all();
|
|
|
|
}
|
|
|
|
|
2022-10-10 12:22:38 -04:00
|
|
|
/**
|
|
|
|
* Get the entity permission for the "Everyone Else" option.
|
|
|
|
*/
|
|
|
|
public function everyoneElseEntityPermission(): EntityPermission
|
|
|
|
{
|
|
|
|
/** @var EntityPermission $permission */
|
|
|
|
$permission = $this->entity->permissions()
|
|
|
|
->where('role_id', '=', 0)
|
|
|
|
->first();
|
|
|
|
return $permission ?? (new EntityPermission());
|
|
|
|
}
|
|
|
|
|
2022-10-09 12:14:11 -04:00
|
|
|
/**
|
|
|
|
* Get the "Everyone Else" role entry.
|
|
|
|
*/
|
|
|
|
public function everyoneElseRole(): Role
|
|
|
|
{
|
|
|
|
return (new Role())->forceFill([
|
|
|
|
'id' => 0,
|
|
|
|
'display_name' => 'Everyone Else',
|
|
|
|
'description' => 'Set permissions for all roles not specifically overridden.'
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
}
|