mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 05:36:00 +00:00
Removed lesser-used middleware and updated localization middleware
So that DB/User access is not explicitly enforced. Same for GlobalViewData middleware although that was also just doubling up on ways to access user/auth info. Also cleaned up Localization Middleware doc blocks.
This commit is contained in:
Dan Brown
parent
6eda1c1fb2
commit
7ba6962707
@ -110,15 +110,16 @@ class HomeController extends Controller
|
||||
|
||||
/**
|
||||
* Show the view for /robots.txt
|
||||
* @return $this
|
||||
*/
|
||||
public function getRobots()
|
||||
{
|
||||
$sitePublic = setting('app-public', false);
|
||||
$allowRobots = config('app.allow_robots');
|
||||
|
||||
if ($allowRobots === null) {
|
||||
$allowRobots = $sitePublic;
|
||||
}
|
||||
|
||||
return response()
|
||||
->view('common.robots', ['allowRobots' => $allowRobots])
|
||||
->header('Content-Type', 'text/plain');
|
||||
|
||||
@ -29,7 +29,6 @@ class Kernel extends HttpKernel
|
||||
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
|
||||
\BookStack\Http\Middleware\VerifyCsrfToken::class,
|
||||
\BookStack\Http\Middleware\Localization::class,
|
||||
\BookStack\Http\Middleware\GlobalViewData::class,
|
||||
],
|
||||
'api' => [
|
||||
\BookStack\Http\Middleware\ThrottleApiRequests::class,
|
||||
|
||||
@ -1,27 +0,0 @@
|
||||
<?php namespace BookStack\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
/**
|
||||
* Class GlobalViewData
|
||||
* Sets up data that is accessible to any view rendered by the web routes.
|
||||
*/
|
||||
class GlobalViewData
|
||||
{
|
||||
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param Request $request
|
||||
* @param Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle(Request $request, Closure $next)
|
||||
{
|
||||
view()->share('signedIn', auth()->check());
|
||||
view()->share('currentUser', user());
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
@ -57,12 +57,7 @@ class Localization
|
||||
$defaultLang = config('app.locale');
|
||||
config()->set('app.default_locale', $defaultLang);
|
||||
|
||||
if (user()->isDefault() && config('app.auto_detect_locale')) {
|
||||
$locale = $this->autoDetectLocale($request, $defaultLang);
|
||||
} else {
|
||||
$locale = setting()->getUser(user(), 'language', $defaultLang);
|
||||
}
|
||||
|
||||
$locale = $this->getUserLocale($request, $defaultLang);
|
||||
config()->set('app.lang', str_replace('_', '-', $this->getLocaleIso($locale)));
|
||||
|
||||
// Set text direction
|
||||
@ -76,14 +71,29 @@ class Localization
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the locale specifically for the currently logged in user if available.
|
||||
*/
|
||||
protected function getUserLocale(Request $request, string $default): string
|
||||
{
|
||||
try {
|
||||
$user = user();
|
||||
} catch (\Exception $exception) {
|
||||
return $default;
|
||||
}
|
||||
|
||||
if ($user->isDefault() && config('app.auto_detect_locale')) {
|
||||
return $this->autoDetectLocale($request, $default);
|
||||
}
|
||||
|
||||
return setting()->getUser($user, 'language', $default);
|
||||
}
|
||||
|
||||
/**
|
||||
* Autodetect the visitors locale by matching locales in their headers
|
||||
* against the locales supported by BookStack.
|
||||
* @param Request $request
|
||||
* @param string $default
|
||||
* @return string
|
||||
*/
|
||||
protected function autoDetectLocale(Request $request, string $default)
|
||||
protected function autoDetectLocale(Request $request, string $default): string
|
||||
{
|
||||
$availableLocales = config('app.locales');
|
||||
foreach ($request->getLanguages() as $lang) {
|
||||
@ -96,10 +106,8 @@ class Localization
|
||||
|
||||
/**
|
||||
* Get the ISO version of a BookStack language name
|
||||
* @param string $locale
|
||||
* @return string
|
||||
*/
|
||||
public function getLocaleIso(string $locale)
|
||||
public function getLocaleIso(string $locale): string
|
||||
{
|
||||
return $this->localeMap[$locale] ?? $locale;
|
||||
}
|
||||
@ -107,7 +115,6 @@ class Localization
|
||||
/**
|
||||
* Set the system date locale for localized date formatting.
|
||||
* Will try both the standard locale name and the UTF8 variant.
|
||||
* @param string $locale
|
||||
*/
|
||||
protected function setSystemDateLocale(string $locale)
|
||||
{
|
||||
|
||||
@ -36,7 +36,7 @@
|
||||
<div class="actions mb-xl">
|
||||
<h5>{{ trans('common.actions') }}</h5>
|
||||
<div class="icon-list text-primary">
|
||||
@if($currentUser->can('book-create-all'))
|
||||
@if(user()->can('book-create-all'))
|
||||
<a href="{{ url("/create-book") }}" class="icon-list-item">
|
||||
<span>@icon('add')</span>
|
||||
<span>{{ trans('entities.books_create') }}</span>
|
||||
|
||||
@ -6,11 +6,11 @@
|
||||
@endif
|
||||
|
||||
<div class="mb-xl">
|
||||
<h5>{{ trans('entities.' . ($signedIn ? 'my_recently_viewed' : 'books_recent')) }}</h5>
|
||||
<h5>{{ trans('entities.' . (auth()->check() ? 'my_recently_viewed' : 'books_recent')) }}</h5>
|
||||
@include('partials.entity-list', [
|
||||
'entities' => $recents,
|
||||
'style' => 'compact',
|
||||
'emptyText' => $signedIn ? trans('entities.no_pages_viewed') : trans('entities.books_empty')
|
||||
'emptyText' => auth()->check() ? trans('entities.no_pages_viewed') : trans('entities.books_empty')
|
||||
])
|
||||
</div>
|
||||
|
||||
|
||||
@ -29,13 +29,13 @@
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<div id="{{ $signedIn ? 'recently-viewed' : 'recent-books' }}" class="card mb-xl">
|
||||
<h3 class="card-title">{{ trans('entities.' . ($signedIn ? 'my_recently_viewed' : 'books_recent')) }}</h3>
|
||||
<div id="{{ auth()->check() ? 'recently-viewed' : 'recent-books' }}" class="card mb-xl">
|
||||
<h3 class="card-title">{{ trans('entities.' . (auth()->check() ? 'my_recently_viewed' : 'books_recent')) }}</h3>
|
||||
<div class="px-m">
|
||||
@include('partials.entity-list', [
|
||||
'entities' => $recents,
|
||||
'style' => 'compact',
|
||||
'emptyText' => $signedIn ? trans('entities.no_pages_viewed') : trans('entities.books_empty')
|
||||
'emptyText' => auth()->check() ? trans('entities.no_pages_viewed') : trans('entities.books_empty')
|
||||
])
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@ -4,7 +4,7 @@ $key - Unique key for checking existing stored state.
|
||||
--}}
|
||||
<?php $isOpen = setting()->getForCurrentUser('section_expansion#'. $key); ?>
|
||||
<button type="button" expand-toggle="{{ $target }}"
|
||||
expand-toggle-update-endpoint="{{ url('/settings/users/'. $currentUser->id .'/update-expansion-preference/' . $key) }}"
|
||||
expand-toggle-update-endpoint="{{ url('/settings/users/'. user()->id .'/update-expansion-preference/' . $key) }}"
|
||||
expand-toggle-is-open="{{ $isOpen ? 'yes' : 'no' }}"
|
||||
class="text-muted icon-list-item text-primary">
|
||||
<span>@icon('expand-text')</span>
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
?>
|
||||
<div class="list-sort-container" list-sort-control>
|
||||
<div class="list-sort-label">{{ trans('common.sort') }}</div>
|
||||
<form action="{{ url("/settings/users/{$currentUser->id}/change-sort/{$type}") }}" method="post">
|
||||
<form action="{{ url("/settings/users/". user()->id ."/change-sort/{$type}") }}" method="post">
|
||||
|
||||
{!! csrf_field() !!}
|
||||
{!! method_field('PATCH') !!}
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
<div>
|
||||
<form action="{{ url("/settings/users/{$currentUser->id}/switch-${type}-view") }}" method="POST" class="inline">
|
||||
<form action="{{ url("/settings/users/". user()->id ."/switch-${type}-view") }}" method="POST" class="inline">
|
||||
{!! csrf_field() !!}
|
||||
{!! method_field('PATCH') !!}
|
||||
<input type="hidden" value="{{ $view === 'list'? 'grid' : 'list' }}" name="view_type">
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
|
||||
<nav class="active-link-list">
|
||||
@if($currentUser->can('settings-manage'))
|
||||
@if(userCan('settings-manage'))
|
||||
<a href="{{ url('/settings') }}" @if($selected == 'settings') class="active" @endif>@icon('settings'){{ trans('settings.settings') }}</a>
|
||||
<a href="{{ url('/settings/maintenance') }}" @if($selected == 'maintenance') class="active" @endif>@icon('spanner'){{ trans('settings.maint') }}</a>
|
||||
@endif
|
||||
@if($currentUser->can('settings-manage') && $currentUser->can('users-manage'))
|
||||
@if(userCan('settings-manage') && userCan('users-manage'))
|
||||
<a href="{{ url('/settings/audit') }}" @if($selected == 'audit') class="active" @endif>@icon('open-book'){{ trans('settings.audit') }}</a>
|
||||
@endif
|
||||
@if($currentUser->can('users-manage'))
|
||||
@if(userCan('users-manage'))
|
||||
<a href="{{ url('/settings/users') }}" @if($selected == 'users') class="active" @endif>@icon('users'){{ trans('settings.users') }}</a>
|
||||
@endif
|
||||
@if($currentUser->can('user-roles-manage'))
|
||||
@if(userCan('user-roles-manage'))
|
||||
<a href="{{ url('/settings/roles') }}" @if($selected == 'roles') class="active" @endif>@icon('lock-open'){{ trans('settings.roles') }}</a>
|
||||
@endif
|
||||
</nav>
|
||||
@ -244,11 +244,11 @@
|
||||
<img class="avatar small" src="{{ $user->getAvatar(40) }}" alt="{{ $user->name }}">
|
||||
</div>
|
||||
<div>
|
||||
@if(userCan('users-manage') || $currentUser->id == $user->id)
|
||||
@if(userCan('users-manage') || user()->id == $user->id)
|
||||
<a href="{{ url("/settings/users/{$user->id}") }}">
|
||||
@endif
|
||||
{{ $user->name }}
|
||||
@if(userCan('users-manage') || $currentUser->id == $user->id)
|
||||
@if(userCan('users-manage') || user()->id == $user->id)
|
||||
</a>
|
||||
@endif
|
||||
</div>
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
<div class="actions mb-xl">
|
||||
<h5>{{ trans('common.actions') }}</h5>
|
||||
<div class="icon-list text-primary">
|
||||
@if($currentUser->can('bookshelf-create-all'))
|
||||
@if(userCan('bookshelf-create-all'))
|
||||
<a href="{{ url("/create-shelf") }}" class="icon-list-item">
|
||||
<span>@icon('add')</span>
|
||||
<span>{{ trans('entities.shelves_new_action') }}</span>
|
||||
|
||||
@ -19,7 +19,7 @@
|
||||
</div>
|
||||
|
||||
<div class="form-group text-right">
|
||||
<a href="{{ url($currentUser->can('users-manage') ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
|
||||
<a href="{{ url(userCan('users-manage') ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
|
||||
<button class="button" type="submit">{{ trans('common.save') }}</button>
|
||||
</div>
|
||||
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
</div>
|
||||
|
||||
<section class="card content-wrap">
|
||||
<h1 class="list-heading">{{ $user->id === $currentUser->id ? trans('settings.users_edit_profile') : trans('settings.users_edit') }}</h1>
|
||||
<h1 class="list-heading">{{ $user->id === user()->id ? trans('settings.users_edit_profile') : trans('settings.users_edit') }}</h1>
|
||||
<form action="{{ url("/settings/users/{$user->id}") }}" method="post" enctype="multipart/form-data">
|
||||
{!! csrf_field() !!}
|
||||
<input type="hidden" name="_method" value="PUT">
|
||||
@ -54,7 +54,7 @@
|
||||
</div>
|
||||
|
||||
<div class="text-right">
|
||||
<a href="{{ url($currentUser->can('users-manage') ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
|
||||
<a href="{{ url(userCan('users-manage') ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
|
||||
@if($authMethod !== 'system')
|
||||
<a href="{{ url("/settings/users/{$user->id}/delete") }}" class="button outline">{{ trans('settings.users_delete') }}</a>
|
||||
@endif
|
||||
@ -63,7 +63,7 @@
|
||||
</form>
|
||||
</section>
|
||||
|
||||
@if($currentUser->id === $user->id && count($activeSocialDrivers) > 0)
|
||||
@if(user()->id === $user->id && count($activeSocialDrivers) > 0)
|
||||
<section class="card content-wrap auto-height">
|
||||
<h2 class="list-heading">{{ trans('settings.users_social_accounts') }}</h2>
|
||||
<p class="text-muted">{{ trans('settings.users_social_accounts_info') }}</p>
|
||||
@ -88,7 +88,7 @@
|
||||
</section>
|
||||
@endif
|
||||
|
||||
@if(($currentUser->id === $user->id && userCan('access-api')) || userCan('users-manage'))
|
||||
@if((user()->id === $user->id && userCan('access-api')) || userCan('users-manage'))
|
||||
@include('users.api-tokens.list', ['user' => $user])
|
||||
@endif
|
||||
</div>
|
||||
|
||||
@ -21,9 +21,7 @@
|
||||
<input type="text" name="search" placeholder="{{ trans('settings.users_search') }}" @if($listDetails['search']) value="{{$listDetails['search']}}" @endif>
|
||||
</form>
|
||||
</div>
|
||||
@if(userCan('users-manage'))
|
||||
<a href="{{ url("/settings/users/create") }}" style="margin-top: 0;" class="outline button">{{ trans('settings.users_add_new') }}</a>
|
||||
@endif
|
||||
<a href="{{ url("/settings/users/create") }}" class="outline button mt-none">{{ trans('settings.users_add_new') }}</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@ -44,13 +42,9 @@
|
||||
<tr>
|
||||
<td class="text-center" style="line-height: 0;"><img class="avatar med" src="{{ $user->getAvatar(40)}}" alt="{{ $user->name }}"></td>
|
||||
<td>
|
||||
@if(userCan('users-manage') || $currentUser->id == $user->id)
|
||||
<a href="{{ url("/settings/users/{$user->id}") }}">
|
||||
@endif
|
||||
{{ $user->name }} <br> <span class="text-muted">{{ $user->email }}</span>
|
||||
@if(userCan('users-manage') || $currentUser->id == $user->id)
|
||||
</a>
|
||||
@endif
|
||||
<a href="{{ url("/settings/users/{$user->id}") }}">
|
||||
{{ $user->name }} <br> <span class="text-muted">{{ $user->email }}</span>
|
||||
</a>
|
||||
</td>
|
||||
<td>
|
||||
@foreach($user->roles as $index => $role)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user