*/
protected function deleteManyJointPermissionsForEntities($entities)
{
+ if (count($entities) === 0) return;
$query = $this->jointPermission->newQuery();
- foreach ($entities as $entity) {
- $query->orWhere(function($query) use ($entity) {
- $query->where('entity_id', '=', $entity->id)
- ->where('entity_type', '=', $entity->getMorphClass());
- });
- }
+ foreach ($entities as $entity) {
+ $query->orWhere(function($query) use ($entity) {
+ $query->where('entity_id', '=', $entity->id)
+ ->where('entity_type', '=', $entity->getMorphClass());
+ });
+ }
$query->delete();
}
/**
* Get the children of a book in an efficient single query, Filtered by the permission system.
* @param integer $book_id
- * @param bool $filterDrafts
+ * @param bool $filterDrafts
+ * @param bool $fetchPageContent
* @return \Illuminate\Database\Query\Builder
*/
- public function bookChildrenQuery($book_id, $filterDrafts = false) {
- $pageSelect = $this->db->table('pages')->selectRaw("'BookStack\\\\Page' as entity_type, id, slug, name, text, '' as description, book_id, priority, chapter_id, draft")->where('book_id', '=', $book_id)->where(function($query) use ($filterDrafts) {
+ public function bookChildrenQuery($book_id, $filterDrafts = false, $fetchPageContent = false) {
+ $pageSelect = $this->db->table('pages')->selectRaw($this->page->entityRawQuery($fetchPageContent))->where('book_id', '=', $book_id)->where(function($query) use ($filterDrafts) {
$query->where('draft', '=', 0);
if (!$filterDrafts) {
$query->orWhere(function($query) {
});
}
});
- $chapterSelect = $this->db->table('chapters')->selectRaw("'BookStack\\\\Chapter' as entity_type, id, slug, name, '' as text, description, book_id, priority, 0 as chapter_id, 0 as draft")->where('book_id', '=', $book_id);
- $whereQuery = $this->db->table('joint_permissions as jp')->selectRaw('COUNT(*)')
- ->whereRaw('jp.entity_id=U.id')->whereRaw('jp.entity_type=U.entity_type')
- ->where('jp.action', '=', 'view')->whereIn('jp.role_id', $this->getRoles())
- ->where(function($query) {
- $query->where('jp.has_permission', '=', 1)->orWhere(function($query) {
- $query->where('jp.has_permission_own', '=', 1)->where('jp.created_by', '=', $this->currentUser()->id);
- });
- });
+ $chapterSelect = $this->db->table('chapters')->selectRaw($this->chapter->entityRawQuery())->where('book_id', '=', $book_id);
$query = $this->db->query()->select('*')->from($this->db->raw("({$pageSelect->toSql()} UNION {$chapterSelect->toSql()}) AS U"))
- ->mergeBindings($pageSelect)->mergeBindings($chapterSelect)
- ->whereRaw("({$whereQuery->toSql()}) > 0")->mergeBindings($whereQuery)->orderBy('draft', 'desc')->orderBy('priority', 'asc');
+ ->mergeBindings($pageSelect)->mergeBindings($chapterSelect);
+
+ if (!$this->isAdmin()) {
+ $whereQuery = $this->db->table('joint_permissions as jp')->selectRaw('COUNT(*)')
+ ->whereRaw('jp.entity_id=U.id')->whereRaw('jp.entity_type=U.entity_type')
+ ->where('jp.action', '=', 'view')->whereIn('jp.role_id', $this->getRoles())
+ ->where(function($query) {
+ $query->where('jp.has_permission', '=', 1)->orWhere(function($query) {
+ $query->where('jp.has_permission_own', '=', 1)->where('jp.created_by', '=', $this->currentUser()->id);
+ });
+ });
+ $query->whereRaw("({$whereQuery->toSql()}) > 0")->mergeBindings($whereQuery);
+ }
+
+ $query->orderBy('draft', 'desc')->orderBy('priority', 'asc');
$this->clean();
return $query;
}
* @param string $entityType
* @param Builder|Entity $query
* @param string $action
- * @return mixed
+ * @return Builder
*/
public function enforceEntityRestrictions($entityType, $query, $action = 'view')
{
}
/**
- * Filter items that have entities set a a polymorphic relation.
+ * Filter items that have entities set as a polymorphic relation.
* @param $query
* @param string $tableName
* @param string $entityIdColumn
projects / bookstack / blobdiff