X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/05666efda9a51f245d23fc33e65cd598180e97da..refs/pull/448/head:/app/Repos/PermissionsRepo.php diff --git a/app/Repos/PermissionsRepo.php b/app/Repos/PermissionsRepo.php index 8bdcc8382..aa58d1718 100644 --- a/app/Repos/PermissionsRepo.php +++ b/app/Repos/PermissionsRepo.php @@ -2,9 +2,9 @@ use BookStack\Exceptions\PermissionsException; -use BookStack\Permission; +use BookStack\RolePermission; use BookStack\Role; -use BookStack\Services\RestrictionService; +use BookStack\Services\PermissionService; use Setting; class PermissionsRepo @@ -12,21 +12,21 @@ class PermissionsRepo protected $permission; protected $role; - protected $restrictionService; + protected $permissionService; protected $systemRoles = ['admin', 'public']; /** * PermissionsRepo constructor. - * @param Permission $permission + * @param RolePermission $permission * @param Role $role - * @param RestrictionService $restrictionService + * @param PermissionService $permissionService */ - public function __construct(Permission $permission, Role $role, RestrictionService $restrictionService) + public function __construct(RolePermission $permission, Role $role, PermissionService $permissionService) { $this->permission = $permission; $this->role = $role; - $this->restrictionService = $restrictionService; + $this->permissionService = $permissionService; } /** @@ -35,7 +35,7 @@ class PermissionsRepo */ public function getAllRoles() { - return $this->role->where('hidden', '=', false)->get(); + return $this->role->all(); } /** @@ -45,7 +45,7 @@ class PermissionsRepo */ public function getAllRolesExcept(Role $role) { - return $this->role->where('id', '!=', $role->id)->where('hidden', '=', false)->get(); + return $this->role->where('id', '!=', $role->id)->get(); } /** @@ -75,7 +75,7 @@ class PermissionsRepo $permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : []; $this->assignRolePermissions($role, $permissions); - $this->restrictionService->buildEntityPermissionForRole($role); + $this->permissionService->buildJointPermissionForRole($role); return $role; } @@ -90,19 +90,17 @@ class PermissionsRepo { $role = $this->role->findOrFail($roleId); - if ($role->hidden) throw new PermissionsException("Cannot update a hidden role"); - $permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : []; $this->assignRolePermissions($role, $permissions); - if ($role->name === 'admin') { + if ($role->system_name === 'admin') { $permissions = $this->permission->all()->pluck('id')->toArray(); $role->permissions()->sync($permissions); } $role->fill($roleData); $role->save(); - $this->restrictionService->buildEntityPermissionForRole($role); + $this->permissionService->buildJointPermissionForRole($role); } /** @@ -135,9 +133,9 @@ class PermissionsRepo // Prevent deleting admin role or default registration role. if ($role->system_name && in_array($role->system_name, $this->systemRoles)) { - throw new PermissionsException('This role is a system role and cannot be deleted'); + throw new PermissionsException(trans('errors.role_system_cannot_be_deleted')); } else if ($role->id == setting('registration-role')) { - throw new PermissionsException('This role cannot be deleted while set as the default registration role.'); + throw new PermissionsException(trans('errors.role_registration_default_cannot_delete')); } if ($migrateRoleId) { @@ -148,7 +146,7 @@ class PermissionsRepo } } - $this->restrictionService->deleteEntityPermissionsForRole($role); + $this->permissionService->deleteJointPermissionsForRole($role); $role->delete(); }