X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/473261be35ab50e6c9bc5914c899a34cd6cccf57..refs/pull/118/head:/app/Http/Controllers/BookController.php

diff --git a/app/Http/Controllers/BookController.php b/app/Http/Controllers/BookController.php
index c1320088d..5b97fbdaf 100644
--- a/app/Http/Controllers/BookController.php
+++ b/app/Http/Controllers/BookController.php
@@ -1,12 +1,9 @@
-<?php
-
-namespace BookStack\Http\Controllers;
+<?php namespace BookStack\Http\Controllers;
 
 use Activity;
+use BookStack\Repos\UserRepo;
 use Illuminate\Http\Request;
-
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Str;
 use BookStack\Http\Requests;
 use BookStack\Repos\BookRepo;
 use BookStack\Repos\ChapterRepo;
@@ -19,24 +16,26 @@ class BookController extends Controller
     protected $bookRepo;
     protected $pageRepo;
     protected $chapterRepo;
+    protected $userRepo;
 
     /**
      * BookController constructor.
      * @param BookRepo $bookRepo
      * @param PageRepo $pageRepo
      * @param ChapterRepo $chapterRepo
+     * @param UserRepo $userRepo
      */
-    public function __construct(BookRepo $bookRepo, PageRepo $pageRepo, ChapterRepo $chapterRepo)
+    public function __construct(BookRepo $bookRepo, PageRepo $pageRepo, ChapterRepo $chapterRepo, UserRepo $userRepo)
     {
         $this->bookRepo = $bookRepo;
         $this->pageRepo = $pageRepo;
         $this->chapterRepo = $chapterRepo;
+        $this->userRepo = $userRepo;
         parent::__construct();
     }
 
     /**
      * Display a listing of the book.
-     *
      * @return Response
      */
     public function index()
@@ -50,7 +49,6 @@ class BookController extends Controller
 
     /**
      * Show the form for creating a new book.
-     *
      * @return Response
      */
     public function create()
@@ -73,24 +71,20 @@ class BookController extends Controller
             'name' => 'required|string|max:255',
             'description' => 'string|max:1000'
         ]);
-        $book = $this->bookRepo->newFromInput($request->all());
-        $book->slug = $this->bookRepo->findSuitableSlug($book->name);
-        $book->created_by = Auth::user()->id;
-        $book->updated_by = Auth::user()->id;
-        $book->save();
+        $book = $this->bookRepo->createFromInput($request->all());
         Activity::add($book, 'book_create', $book->id);
         return redirect($book->getUrl());
     }
 
     /**
      * Display the specified book.
-     *
      * @param $slug
      * @return Response
      */
     public function show($slug)
     {
         $book = $this->bookRepo->getBySlug($slug);
+        $this->checkOwnablePermission('book-view', $book);
         $bookChildren = $this->bookRepo->getChildren($book);
         Views::add($book);
         $this->setPageTitle($book->getShortName());
@@ -99,7 +93,6 @@ class BookController extends Controller
 
     /**
      * Show the form for editing the specified book.
-     *
      * @param $slug
      * @return Response
      */
@@ -113,7 +106,6 @@ class BookController extends Controller
 
     /**
      * Update the specified book in storage.
-     *
      * @param  Request $request
      * @param          $slug
      * @return Response
@@ -126,10 +118,7 @@ class BookController extends Controller
             'name' => 'required|string|max:255',
             'description' => 'string|max:1000'
         ]);
-        $book->fill($request->all());
-        $book->slug = $this->bookRepo->findSuitableSlug($book->name, $book->id);
-        $book->updated_by = Auth::user()->id;
-        $book->save();
+        $book = $this->bookRepo->updateFromInput($book, $request->all());
         Activity::add($book, 'book_update', $book->id);
         return redirect($book->getUrl());
     }
@@ -156,7 +145,7 @@ class BookController extends Controller
     {
         $book = $this->bookRepo->getBySlug($bookSlug);
         $this->checkOwnablePermission('book-update', $book);
-        $bookChildren = $this->bookRepo->getChildren($book);
+        $bookChildren = $this->bookRepo->getChildren($book, true);
         $books = $this->bookRepo->getAll(false);
         $this->setPageTitle('Sort Book ' . $book->getShortName());
         return view('books/sort', ['book' => $book, 'current' => $book, 'books' => $books, 'bookChildren' => $bookChildren]);
@@ -177,7 +166,6 @@ class BookController extends Controller
 
     /**
      * Saves an array of sort mapping to pages and chapters.
-     *
      * @param  string $bookSlug
      * @param Request $request
      * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
@@ -215,6 +203,7 @@ class BookController extends Controller
         // Add activity for books
         foreach ($sortedBooks as $bookId) {
             $updatedBook = $this->bookRepo->getById($bookId);
+            $this->bookRepo->updateBookPermissions($updatedBook);
             Activity::add($updatedBook, 'book_sort', $updatedBook->id);
         }
 
@@ -223,7 +212,6 @@ class BookController extends Controller
 
     /**
      * Remove the specified book from storage.
-     *
      * @param $bookSlug
      * @return Response
      */
@@ -233,7 +221,39 @@ class BookController extends Controller
         $this->checkOwnablePermission('book-delete', $book);
         Activity::addMessage('book_delete', 0, $book->name);
         Activity::removeEntity($book);
-        $this->bookRepo->destroyBySlug($bookSlug);
+        $this->bookRepo->destroy($book);
         return redirect('/books');
     }
+
+    /**
+     * Show the Restrictions view.
+     * @param $bookSlug
+     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
+     */
+    public function showRestrict($bookSlug)
+    {
+        $book = $this->bookRepo->getBySlug($bookSlug);
+        $this->checkOwnablePermission('restrictions-manage', $book);
+        $roles = $this->userRepo->getRestrictableRoles();
+        return view('books/restrictions', [
+            'book' => $book,
+            'roles' => $roles
+        ]);
+    }
+
+    /**
+     * Set the restrictions for this book.
+     * @param $bookSlug
+     * @param $bookSlug
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+     */
+    public function restrict($bookSlug, Request $request)
+    {
+        $book = $this->bookRepo->getBySlug($bookSlug);
+        $this->checkOwnablePermission('restrictions-manage', $book);
+        $this->bookRepo->updateEntityPermissionsFromRequest($request, $book);
+        session()->flash('success', 'Book Restrictions Updated');
+        return redirect($book->getUrl());
+    }
 }