Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-01 01:36:00 -04:00
Code Issues Packages Projects Releases Wiki Activity

Added public build folder and support for a demo mode

Browse Source
This commit is contained in:
Dan Brown 2015-12-31 17:57:34 +00:00
parent 0d8ca22487
commit 9a470b07fd
5 changed files with 37 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -9,7 +9,6 @@ Homestead.yaml
/public/js /public/js
/public/uploads /public/uploads
/public/bower /public/bower
/public/build
/storage/images /storage/images
_ide_helper.php _ide_helper.php
/storage/debugbar /storage/debugbar

32
app/Http/Controllers/Controller.php
View File

@ -42,6 +42,15 @@ abstract class Controller extends BaseController
$this->signedIn = auth()->check(); $this->signedIn = auth()->check();
} }
/**
* Stops the application and shows a permission error if
* the application is in demo mode.
*/
protected function preventAccessForDemoUsers()
{
if (env('APP_ENV', 'production') === 'demo') $this->showPermissionError();
}
/** /**
* Adds the page title into the view. * Adds the page title into the view.
* @param $title * @param $title
@ -51,6 +60,18 @@ abstract class Controller extends BaseController
view()->share('pageTitle', $title); view()->share('pageTitle', $title);
} }
/**
* On a permission error redirect to home and display
* the error as a notification.
*/
protected function showPermissionError()
{
Session::flash('error', trans('errors.permission'));
throw new HttpResponseException(
redirect('/')
);
}
/** /**
* Checks for a permission. * Checks for a permission.
* *
@ -60,15 +81,18 @@ abstract class Controller extends BaseController
protected function checkPermission($permissionName) protected function checkPermission($permissionName)
{ {
if (!$this->currentUser || !$this->currentUser->can($permissionName)) { if (!$this->currentUser || !$this->currentUser->can($permissionName)) {
Session::flash('error', trans('errors.permission')); $this->showPermissionError();
throw new HttpResponseException(
redirect('/')
);
} }
return true; return true;
} }
/**
* Check if a user has a permission or bypass if the callback is true.
* @param $permissionName
* @param $callback
* @return bool
*/
protected function checkPermissionOr($permissionName, $callback) protected function checkPermissionOr($permissionName, $callback)
{ {
$callbackResult = $callback(); $callbackResult = $callback();

3
app/Http/Controllers/SettingController.php
View File

@ -31,13 +31,16 @@ class SettingController extends Controller
*/ */
public function update(Request $request) public function update(Request $request)
{ {
$this->preventAccessForDemoUsers();
$this->checkPermission('settings-update'); $this->checkPermission('settings-update');
// Cycles through posted settings and update them // Cycles through posted settings and update them
foreach($request->all() as $name => $value) { foreach($request->all() as $name => $value) {
if(strpos($name, 'setting-') !== 0) continue; if(strpos($name, 'setting-') !== 0) continue;
$key = str_replace('setting-', '', trim($name)); $key = str_replace('setting-', '', trim($name));
Setting::put($key, $value); Setting::put($key, $value);
} }
session()->flash('success', 'Settings Saved'); session()->flash('success', 'Settings Saved');
return redirect('/settings'); return redirect('/settings');
} }

4
app/Http/Controllers/UserController.php
View File

@ -108,9 +108,11 @@ class UserController extends Controller
*/ */
public function update(Request $request, $id) public function update(Request $request, $id)
{ {
$this->preventAccessForDemoUsers();
$this->checkPermissionOr('user-update', function () use ($id) { $this->checkPermissionOr('user-update', function () use ($id) {
return $this->currentUser->id == $id; return $this->currentUser->id == $id;
}); });
$this->validate($request, [ $this->validate($request, [
'name' => 'required', 'name' => 'required',
'email' => 'required|email|unique:users,email,' . $id, 'email' => 'required|email|unique:users,email,' . $id,
@ -144,6 +146,7 @@ class UserController extends Controller
$this->checkPermissionOr('user-delete', function () use ($id) { $this->checkPermissionOr('user-delete', function () use ($id) {
return $this->currentUser->id == $id; return $this->currentUser->id == $id;
}); });
$user = $this->user->findOrFail($id); $user = $this->user->findOrFail($id);
$this->setPageTitle('Delete User ' . $user->name); $this->setPageTitle('Delete User ' . $user->name);
return view('users/delete', ['user' => $user]); return view('users/delete', ['user' => $user]);
@ -156,6 +159,7 @@ class UserController extends Controller
*/ */
public function destroy($id) public function destroy($id)
{ {
$this->preventAccessForDemoUsers();
$this->checkPermissionOr('user-delete', function () use ($id) { $this->checkPermissionOr('user-delete', function () use ($id) {
return $this->currentUser->id == $id; return $this->currentUser->id == $id;
}); });

2
public/build/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore