X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/1859a4d356cc7452bc5461de904977f05f4c55d1..refs/pull/432/head:/app/Services/PermissionService.php diff --git a/app/Services/PermissionService.php b/app/Services/PermissionService.php index 35e5640d6..c6c981337 100644 --- a/app/Services/PermissionService.php +++ b/app/Services/PermissionService.php @@ -11,8 +11,8 @@ use BookStack\Role; use BookStack\User; use Illuminate\Database\Connection; use Illuminate\Database\Eloquent\Builder; +use Illuminate\Database\Query\Builder as QueryBuilder; use Illuminate\Support\Collection; -use Illuminate\Support\Facades\Log; class PermissionService { @@ -56,6 +56,15 @@ class PermissionService // TODO - Update so admin still goes through filters } + /** + * Set the database connection + * @param Connection $connection + */ + public function setConnection(Connection $connection) + { + $this->db = $connection; + } + /** * Prepare the local entity cache and ensure it's empty */ @@ -138,28 +147,42 @@ class PermissionService $this->readyEntityCache(); // Get all roles (Should be the most limited dimension) - $roles = $this->role->with('permissions')->get(); + $roles = $this->role->with('permissions')->get()->all(); // Chunk through all books - $this->book->newQuery()->with('chapters', 'pages')->chunk(5, function ($books) use ($roles) { + $this->bookFetchQuery()->chunk(5, function ($books) use ($roles) { $this->buildJointPermissionsForBooks($books, $roles); }); } + /** + * Get a query for fetching a book with it's children. + * @return QueryBuilder + */ + protected function bookFetchQuery() + { + return $this->book->newQuery()->select(['id', 'restricted', 'created_by'])->with(['chapters' => function($query) { + $query->select(['id', 'restricted', 'created_by', 'book_id']); + }, 'pages' => function($query) { + $query->select(['id', 'restricted', 'created_by', 'book_id', 'chapter_id']); + }]); + } + /** * Build joint permissions for an array of books * @param Collection $books - * @param Collection $roles + * @param array $roles * @param bool $deleteOld */ protected function buildJointPermissionsForBooks($books, $roles, $deleteOld = false) { $entities = clone $books; - foreach ($books as $book) { - foreach ($book->chapters as $chapter) { + /** @var Book $book */ + foreach ($books->all() as $book) { + foreach ($book->getRelation('chapters') as $chapter) { $entities->push($chapter); } - foreach ($book->pages as $page) { + foreach ($book->getRelation('pages') as $page) { $entities->push($page); } } @@ -174,9 +197,22 @@ class PermissionService */ public function buildJointPermissionsForEntity(Entity $entity) { - $roles = $this->role->newQuery()->get(); - $book = ($entity->isA('book')) ? $entity : $entity->book; - $this->buildJointPermissionsForBooks(collect([$book]), $roles, true); + $entities = [$entity]; + if ($entity->isA('book')) { + $books = $this->bookFetchQuery()->where('id', '=', $entity->id)->get(); + $this->buildJointPermissionsForBooks($books, $this->role->newQuery()->get(), true); + return; + } + + $entities[] = $entity->book; + if ($entity->isA('page') && $entity->chapter_id) $entities[] = $entity->chapter; + if ($entity->isA('chapter')) { + foreach ($entity->pages as $page) { + $entities[] = $page; + } + } + $this->deleteManyJointPermissionsForEntities($entities); + $this->buildJointPermissionsForEntities(collect($entities)); } /** @@ -185,7 +221,7 @@ class PermissionService */ public function buildJointPermissionsForEntities(Collection $entities) { - $roles = $this->role->get(); + $roles = $this->role->newQuery()->get(); $this->deleteManyJointPermissionsForEntities($entities->all()); $this->createManyJointPermissions($entities, $roles); } @@ -196,12 +232,11 @@ class PermissionService */ public function buildJointPermissionForRole(Role $role) { - $roles = collect([$role]); - + $roles = [$role]; $this->deleteManyJointPermissionsForRoles($roles); // Chunk through all books - $this->book->with('chapters', 'pages')->chunk(5, function ($books) use ($roles) { + $this->bookFetchQuery()->chunk(5, function ($books) use ($roles) { $this->buildJointPermissionsForBooks($books, $roles); }); } @@ -221,9 +256,10 @@ class PermissionService */ protected function deleteManyJointPermissionsForRoles($roles) { - foreach ($roles as $role) { - $role->jointPermissions()->delete(); - } + $roleIds = array_map(function($role) { + return $role->id; + }, $roles); + $this->jointPermission->newQuery()->whereIn('role_id', $roleIds)->delete(); } /** @@ -242,22 +278,27 @@ class PermissionService protected function deleteManyJointPermissionsForEntities($entities) { if (count($entities) === 0) return; - $query = $this->jointPermission->newQuery(); - foreach ($entities as $entity) { - $query->orWhere(function($query) use ($entity) { - $query->where('entity_id', '=', $entity->id) - ->where('entity_type', '=', $entity->getMorphClass()); - }); - } + $this->db->transaction(function() use ($entities) { + + foreach (array_chunk($entities, 1000) as $entityChunk) { + $query = $this->db->table('joint_permissions'); + foreach ($entityChunk as $entity) { + $query->orWhere(function(QueryBuilder $query) use ($entity) { + $query->where('entity_id', '=', $entity->id) + ->where('entity_type', '=', $entity->getMorphClass()); + }); + } + $query->delete(); + } - $query->delete(); + }); } /** * Create & Save entity jointPermissions for many entities and jointPermissions. * @param Collection $entities - * @param Collection $roles + * @param array $roles */ protected function createManyJointPermissions($entities, $roles) { @@ -299,9 +340,12 @@ class PermissionService } } } - foreach (array_chunk($jointPermissions, 5000) as $jointPermissionChunk) { - $this->jointPermission->insert($jointPermissionChunk); - } + + $this->db->transaction(function() use ($jointPermissions) { + foreach (array_chunk($jointPermissions, 1000) as $jointPermissionChunk) { + $this->db->table('joint_permissions')->insert($jointPermissionChunk); + } + }); } @@ -355,7 +399,7 @@ class PermissionService $hasPermissiveAccessToParents = !$book->restricted; // For pages with a chapter, Check if explicit permissions are set on the Chapter - if ($entity->isA('page') && $entity->chapter_id !== 0) { + if ($entity->isA('page') && $entity->chapter_id !== 0 && $entity->chapter_id !== '0') { $chapter = $this->getChapter($entity->chapter_id); $hasPermissiveAccessToParents = $hasPermissiveAccessToParents && !$chapter->restricted; if ($chapter->restricted) { @@ -494,7 +538,7 @@ class PermissionService * @param integer $book_id * @param bool $filterDrafts * @param bool $fetchPageContent - * @return \Illuminate\Database\Query\Builder + * @return QueryBuilder */ public function bookChildrenQuery($book_id, $filterDrafts = false, $fetchPageContent = false) { $pageSelect = $this->db->table('pages')->selectRaw($this->page->entityRawQuery($fetchPageContent))->where('book_id', '=', $book_id)->where(function($query) use ($filterDrafts) {