X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/473261be35ab50e6c9bc5914c899a34cd6cccf57..refs/pull/711/head:/app/Http/Controllers/PermissionController.php diff --git a/app/Http/Controllers/PermissionController.php b/app/Http/Controllers/PermissionController.php index 8cc14fc7a..c4c7fe972 100644 --- a/app/Http/Controllers/PermissionController.php +++ b/app/Http/Controllers/PermissionController.php @@ -1,28 +1,21 @@ -role = $role; - $this->permission = $permission; + $this->permissionsRepo = $permissionsRepo; parent::__construct(); } @@ -32,7 +25,7 @@ class PermissionController extends Controller public function listRoles() { $this->checkPermission('user-roles-manage'); - $roles = $this->role->all(); + $roles = $this->permissionsRepo->getAllRoles(); return view('settings/roles/index', ['roles' => $roles]); } @@ -59,23 +52,8 @@ class PermissionController extends Controller 'description' => 'max:250' ]); - $role = $this->role->newInstance($request->all()); - $role->name = str_replace(' ', '-', strtolower($request->get('display_name'))); - // Prevent duplicate names - while ($this->role->where('name', '=', $role->name)->count() > 0) { - $role->name .= strtolower(str_random(2)); - } - $role->save(); - - if ($request->has('permissions')) { - $permissionsNames = array_keys($request->get('permissions')); - $permissions = $this->permission->whereIn('name', $permissionsNames)->pluck('id')->toArray(); - $role->permissions()->sync($permissions); - } else { - $role->permissions()->sync([]); - } - - session()->flash('success', 'Role successfully created'); + $this->permissionsRepo->saveNewRole($request->all()); + session()->flash('success', trans('settings.role_create_success')); return redirect('/settings/roles'); } @@ -83,11 +61,15 @@ class PermissionController extends Controller * Show the form for editing a user role. * @param $id * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View + * @throws PermissionsException */ public function editRole($id) { $this->checkPermission('user-roles-manage'); - $role = $this->role->findOrFail($id); + $role = $this->permissionsRepo->getRoleById($id); + if ($role->hidden) { + throw new PermissionsException(trans('errors.role_cannot_be_edited')); + } return view('settings/roles/edit', ['role' => $role]); } @@ -105,25 +87,8 @@ class PermissionController extends Controller 'description' => 'max:250' ]); - $role = $this->role->findOrFail($id); - if ($request->has('permissions')) { - $permissionsNames = array_keys($request->get('permissions')); - $permissions = $this->permission->whereIn('name', $permissionsNames)->pluck('id')->toArray(); - $role->permissions()->sync($permissions); - } else { - $role->permissions()->sync([]); - } - - // Ensure admin account always has all permissions - if ($role->name === 'admin') { - $permissions = $this->permission->all()->pluck('id')->toArray(); - $role->permissions()->sync($permissions); - } - - $role->fill($request->all()); - $role->save(); - - session()->flash('success', 'Role successfully updated'); + $this->permissionsRepo->updateRole($id, $request->all()); + session()->flash('success', trans('settings.role_update_success')); return redirect('/settings/roles'); } @@ -136,9 +101,9 @@ class PermissionController extends Controller public function showDeleteRole($id) { $this->checkPermission('user-roles-manage'); - $role = $this->role->findOrFail($id); - $roles = $this->role->where('id', '!=', $id)->get(); - $blankRole = $this->role->newInstance(['display_name' => 'Don\'t migrate users']); + $role = $this->permissionsRepo->getRoleById($id); + $roles = $this->permissionsRepo->getAllRolesExcept($role); + $blankRole = $role->newInstance(['display_name' => trans('settings.role_delete_no_migration')]); $roles->prepend($blankRole); return view('settings/roles/delete', ['role' => $role, 'roles' => $roles]); } @@ -153,30 +118,15 @@ class PermissionController extends Controller public function deleteRole($id, Request $request) { $this->checkPermission('user-roles-manage'); - $role = $this->role->findOrFail($id); - - // Prevent deleting admin role - if ($role->name === 'admin') { - session()->flash('error', 'The admin role cannot be deleted'); - return redirect()->back(); - } - if ($role->id == \Setting::get('registration-role')) { - session()->flash('error', 'This role cannot be deleted while set as the default registration role.'); + try { + $this->permissionsRepo->deleteRole($id, $request->get('migrate_role_id')); + } catch (PermissionsException $e) { + session()->flash('error', $e->getMessage()); return redirect()->back(); } - if ($request->has('migration_role_id')) { - $newRole = $this->role->find($request->get('migration_role_id')); - if ($newRole) { - $users = $role->users->pluck('id')->toArray(); - $newRole->users()->sync($users); - } - } - - $role->delete(); - - session()->flash('success', 'Role successfully deleted'); + session()->flash('success', trans('settings.role_delete_success')); return redirect('/settings/roles'); } }