]> BookStack Code Mirror - bookstack/blobdiff - app/Services/PermissionService.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
replace GPL diff lib with MIT lib
[bookstack] / app / Services / PermissionService.php
diff --git a/app/Services/PermissionService.php b/app/Services/PermissionService.php
index 2d5ee97a55891a677c7cb5889e23a0f29fa03935..0fffe60f29d523153516fc33b12431af8f9a5660 100644 (file)
--- a/app/Services/PermissionService.php
+++ b/app/Services/PermissionService.php
@@ -4,6 +4,7 @@ use BookStack\Book;
 use BookStack\Chapter;
 use BookStack\Entity;
 use BookStack\JointPermission;
+use BookStack\Ownable;
 use BookStack\Page;
 use BookStack\Role;
 use BookStack\User;
@@ -307,16 +308,16 @@ class PermissionService
 
     /**
      * Checks if an entity has a restriction set upon it.
-     * @param Entity $entity
+     * @param Ownable $ownable
      * @param $permission
      * @return bool
      */
-    public function checkEntityUserAccess(Entity $entity, $permission)
+    public function checkOwnableUserAccess(Ownable $ownable, $permission)
     {
         if ($this->isAdmin) return true;
         $explodedPermission = explode('-', $permission);
 
-        $baseQuery = $entity->where('id', '=', $entity->id);
+        $baseQuery = $ownable->where('id', '=', $ownable->id);
         $action = end($explodedPermission);
         $this->currentAction = $action;
 
@@ -327,7 +328,7 @@ class PermissionService
             $allPermission = $this->currentUser && $this->currentUser->can($permission . '-all');
             $ownPermission = $this->currentUser && $this->currentUser->can($permission . '-own');
             $this->currentAction = 'view';
-            $isOwner = $this->currentUser && $this->currentUser->id === $entity->created_by;
+            $isOwner = $this->currentUser && $this->currentUser->id === $ownable->created_by;
             return ($allPermission || ($isOwner && $ownPermission));
         }
 
@@ -400,9 +401,7 @@ class PermissionService
             }
         });
 
-        if ($this->isAdmin) return $query;
-        $this->currentAction = $action;
-        return $this->entityRestrictionQuery($query);
+        return $this->enforceEntityRestrictions($query, $action);
     }
 
     /**
@@ -413,9 +412,7 @@ class PermissionService
      */
     public function enforceChapterRestrictions($query, $action = 'view')
     {
-        if ($this->isAdmin) return $query;
-        $this->currentAction = $action;
-        return $this->entityRestrictionQuery($query);
+        return $this->enforceEntityRestrictions($query, $action);
     }
 
     /**
@@ -425,6 +422,17 @@ class PermissionService
      * @return mixed
      */
     public function enforceBookRestrictions($query, $action = 'view')
+    {
+        return $this->enforceEntityRestrictions($query, $action);
+    }
+
+    /**
+     * Add restrictions for a generic entity
+     * @param $query
+     * @param string $action
+     * @return mixed
+     */
+    public function enforceEntityRestrictions($query, $action = 'view')
     {
         if ($this->isAdmin) return $query;
         $this->currentAction = $action;
The core source code for the BookStack project.