Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-01 01:36:00 -04:00
Code Issues Packages Projects Releases Wiki Activity

Use joint_permissions to determine is a user has an available page or chapter to copy.

Browse Source
This commit is contained in:
Mark James 2019-01-02 16:55:28 +11:00
parent 99c6d70c51
commit 19770d2792
3 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
app/Auth/Permissions/PermissionService.php
View File

@ -556,6 +556,33 @@ class PermissionService
return $q; return $q;
} }
/**
* Checks if a user has a book or chapter available to create a page
* @param Ownable $ownable
* @param $permission
* @return bool
*/
public function checkAvailableCreatePageAccess()
{
$userRoleIds = $this->currentUser()->roles()->pluck('id')->toArray();
$userId = $this->currentUser()->id;
$canCreatePage = $this->db->table('joint_permissions')
->where('action', '=', 'page-create')
->whereIn('role_id', $userRoleIds)
->where(function ($query) use ($userId) {
$query->where('has_permission', '=', 1)
->orWhere(function ($query2) use ($userId) {
$query2->where('has_permission_own', '=', 1)
->where('created_by', '=', $userId);
});
})
->get()->count() > 0;
return $canCreatePage;
}
/** /**
* Check if an entity has restrictions set on itself or its * Check if an entity has restrictions set on itself or its
* parent tree. * parent tree.

11
app/helpers.php
View File

@ -65,6 +65,17 @@ function userCan($permission, Ownable $ownable = null)
return $permissionService->checkOwnableUserAccess($ownable, $permission); return $permissionService->checkOwnableUserAccess($ownable, $permission);
} }
/**
* Check if the current user has the ability to create a page for an existing object
* @return bool
*/
function userCanCreatePage()
{
// Check for create page permissions
$permissionService = app(\BookStack\Auth\Permissions\PermissionService::class);
return $permissionService->checkAvailableCreatePageAccess();
}
/** /**
* Helper to access system settings. * Helper to access system settings.
* @param $key * @param $key

4
resources/views/pages/show.blade.php
View File

@ -17,11 +17,11 @@
@if(userCan('page-update', $page)) @if(userCan('page-update', $page))
<a href="{{ $page->getUrl('/edit') }}" class="text-primary text-button" >@icon('edit'){{ trans('common.edit') }}</a> <a href="{{ $page->getUrl('/edit') }}" class="text-primary text-button" >@icon('edit'){{ trans('common.edit') }}</a>
@endif @endif
@if(userCan('page-create-own') || userCan('page-create-all') || userCan('page-update', $page) || userCan('restrictions-manage', $page) || userCan('page-delete', $page)) @if((userCan('page-view', $page) && userCanCreatePage()) || userCan('page-update', $page) || userCan('restrictions-manage', $page) || userCan('page-delete', $page))
<div dropdown class="dropdown-container"> <div dropdown class="dropdown-container">
<a dropdown-toggle class="text-primary text-button">@icon('more') {{ trans('common.more') }}</a> <a dropdown-toggle class="text-primary text-button">@icon('more') {{ trans('common.more') }}</a>
<ul> <ul>
@if(userCan('page-create-own') || userCan('page-create-all')) @if(userCanCreatePage())
<li><a href="{{ $page->getUrl('/copy') }}" class="text-primary" >@icon('copy'){{ trans('common.copy') }}</a></li> <li><a href="{{ $page->getUrl('/copy') }}" class="text-primary" >@icon('copy'){{ trans('common.copy') }}</a></li>
@endif @endif
@if(userCan('page-update', $page)) @if(userCan('page-update', $page))