BookStack Code Mirror - bookstack/blobdiff - app/Auth/Permissions/PermissionService.php

index 33d2149637b98b40bc568ee67b105af6fe896b20..a5ab4ea9a8e51109c7225bc82ccca1799470205d 100644 (file)

--- a/app/Auth/Permissions/PermissionService.php

+++ b/app/Auth/Permissions/PermissionService.php

@@ -558,28 +558,35 @@ class PermissionService

/**

* Checks if a user has the given permission for any items in the system.

+ * Can be passed an entity instance to filter on a specific type.

* @param string $permission

+ * @param string $entityClass

* @return bool

- public function checkUserHasPermissionOnAnything(string $permission)

+ public function checkUserHasPermissionOnAnything(string $permission, string $entityClass = null)

{

$userRoleIds = $this->currentUser()->roles()->select('id')->pluck('id')->toArray();

$userId = $this->currentUser()->id;

- $canCreatePage = $this->db->table('joint_permissions')

+ $permissionQuery = $this->db->table('joint_permissions')

->where('action', '=', $permission)

->whereIn('role_id', $userRoleIds)

->where(function ($query) use ($userId) {

$query->where('has_permission', '=', 1)

- ->orWhere(function ($query2) use ($userId) {

- $query2->where('has_permission_own', '=', 1)

- ->where('created_by', '=', $userId);

- });

- })

- ->get()->count() > 0;

+ ->orWhere(function ($query2) use ($userId) {

+ $query2->where('has_permission_own', '=', 1)

+ ->where('created_by', '=', $userId);

+ });

+ if (!is_null($entityClass)) {

+ $entityInstance = app()->make($entityClass);

+ $permissionQuery = $permissionQuery->where('entity_type', '=', $entityInstance->getMorphClass());

+ }

+ $hasPermission = $permissionQuery->count() > 0;

$this->clean();

- return $canCreatePage;

+ return $hasPermission;

}

/**

@@ -697,7 +704,7 @@ class PermissionService

* @param string $entityIdColumn

* @param string $entityTypeColumn

* @param string $action

- * @return mixed

+ * @return QueryBuilder

public function filterRestrictedEntityRelations($query, $tableName, $entityIdColumn, $entityTypeColumn, $action = 'view')

{

@@ -725,18 +732,21 @@ class PermissionService

}

/**

- * Filters pages that are a direct relation to another item.

+ * Add conditions to a query to filter the selection to related entities

+ * where permissions are granted.

+ * @param $entityType

* @param $query

* @param $tableName

* @param $entityIdColumn

* @return mixed

- public function filterRelatedPages($query, $tableName, $entityIdColumn)

+ public function filterRelatedEntity($entityType, $query, $tableName, $entityIdColumn)

{

$this->currentAction = 'view';

$tableDetails = ['tableName' => $tableName, 'entityIdColumn' => $entityIdColumn];

- $pageMorphClass = $this->entityProvider->page->getMorphClass();

+ $pageMorphClass = $this->entityProvider->get($entityType)->getMorphClass();

$q = $query->where(function ($query) use ($tableDetails, $pageMorphClass) {

$query->where(function ($query) use (&$tableDetails, $pageMorphClass) {

$query->whereExists(function ($permissionQuery) use (&$tableDetails, $pageMorphClass) {

@@ -754,7 +764,9 @@ class PermissionService

});

})->orWhere($tableDetails['entityIdColumn'], '=', 0);

});

$this->clean();

return $q;

}