]> BookStack Code Mirror - bookstack/blobdiff - app/Entities/Controllers/ChapterApiController.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fixed OIDC Logout
[bookstack] / app / Entities / Controllers / ChapterApiController.php
diff --git a/app/Entities/Controllers/ChapterApiController.php b/app/Entities/Controllers/ChapterApiController.php
index ce20e6b96c38fe1c89e16d81ca934fb0b8cb8d31..7f01e445a576d3d86cbbf097da50a09014472c44 100644 (file)
--- a/app/Entities/Controllers/ChapterApiController.php
+++ b/app/Entities/Controllers/ChapterApiController.php
@@ -5,35 +5,34 @@ namespace BookStack\Entities\Controllers;
 use BookStack\Entities\Models\Book;
 use BookStack\Entities\Models\Chapter;
 use BookStack\Entities\Repos\ChapterRepo;
 use BookStack\Entities\Models\Book;
 use BookStack\Entities\Models\Chapter;
 use BookStack\Entities\Repos\ChapterRepo;
+use BookStack\Exceptions\PermissionsException;
 use BookStack\Http\ApiController;
 use BookStack\Http\ApiController;
+use Exception;
 use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Http\Request;
 
 class ChapterApiController extends ApiController
 {
 use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Http\Request;
 
 class ChapterApiController extends ApiController
 {
-    protected $chapterRepo;
-
     protected $rules = [
         'create' => [
             'book_id'     => ['required', 'integer'],
             'name'        => ['required', 'string', 'max:255'],
             'description' => ['string', 'max:1000'],
             'tags'        => ['array'],
     protected $rules = [
         'create' => [
             'book_id'     => ['required', 'integer'],
             'name'        => ['required', 'string', 'max:255'],
             'description' => ['string', 'max:1000'],
             'tags'        => ['array'],
+            'priority'    => ['integer'],
         ],
         'update' => [
             'book_id'     => ['integer'],
             'name'        => ['string', 'min:1', 'max:255'],
             'description' => ['string', 'max:1000'],
             'tags'        => ['array'],
         ],
         'update' => [
             'book_id'     => ['integer'],
             'name'        => ['string', 'min:1', 'max:255'],
             'description' => ['string', 'max:1000'],
             'tags'        => ['array'],
+            'priority'    => ['integer'],
         ],
     ];
 
         ],
     ];
 
-    /**
-     * ChapterController constructor.
-     */
-    public function __construct(ChapterRepo $chapterRepo)
-    {
-        $this->chapterRepo = $chapterRepo;
+    public function __construct(
+        protected ChapterRepo $chapterRepo
+    ) {
     }
 
     /**
     }
 
     /**
@@ -54,13 +53,13 @@ class ChapterApiController extends ApiController
      */
     public function create(Request $request)
     {
      */
     public function create(Request $request)
     {
-        $this->validate($request, $this->rules['create']);
+        $requestData = $this->validate($request, $this->rules['create']);
 
         $bookId = $request->get('book_id');
         $book = Book::visible()->findOrFail($bookId);
         $this->checkOwnablePermission('chapter-create', $book);
 
 
         $bookId = $request->get('book_id');
         $book = Book::visible()->findOrFail($bookId);
         $this->checkOwnablePermission('chapter-create', $book);
 
-        $chapter = $this->chapterRepo->create($request->all(), $book);
+        $chapter = $this->chapterRepo->create($requestData, $book);
 
         return response()->json($chapter->load(['tags']));
     }
 
         return response()->json($chapter->load(['tags']));
     }
@@ -79,13 +78,30 @@ class ChapterApiController extends ApiController
 
     /**
      * Update the details of a single chapter.
 
     /**
      * Update the details of a single chapter.
+     * Providing a 'book_id' property will essentially move the chapter
+     * into that parent element if you have permissions to do so.
      */
     public function update(Request $request, string $id)
     {
      */
     public function update(Request $request, string $id)
     {
+        $requestData = $this->validate($request, $this->rules()['update']);
         $chapter = Chapter::visible()->findOrFail($id);
         $this->checkOwnablePermission('chapter-update', $chapter);
 
         $chapter = Chapter::visible()->findOrFail($id);
         $this->checkOwnablePermission('chapter-update', $chapter);
 
-        $updatedChapter = $this->chapterRepo->update($chapter, $request->all());
+        if ($request->has('book_id') && $chapter->book_id !== intval($requestData['book_id'])) {
+            $this->checkOwnablePermission('chapter-delete', $chapter);
+
+            try {
+                $this->chapterRepo->move($chapter, "book:{$requestData['book_id']}");
+            } catch (Exception $exception) {
+                if ($exception instanceof  PermissionsException) {
+                    $this->showPermissionError();
+                }
+
+                return $this->jsonError(trans('errors.selected_book_not_found'));
+            }
+        }
+
+        $updatedChapter = $this->chapterRepo->update($chapter, $requestData);
 
         return response()->json($updatedChapter->load(['tags']));
     }
 
         return response()->json($updatedChapter->load(['tags']));
     }
The core source code for the BookStack project.