X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/4a872012c5568c59aec7dc9825bee28902ce3431..refs/pull/3593/head:/app/helpers.php diff --git a/app/helpers.php b/app/helpers.php index b0886d02b..191eddf4d 100644 --- a/app/helpers.php +++ b/app/helpers.php @@ -1,15 +1,16 @@ user() ?: \BookStack\Auth\User::getDefault(); + return auth()->user() ?: User::getDefault(); } /** * Check if current user is a signed in user. - * @return bool */ -function signedInUser() +function signedInUser(): bool { return auth()->user() && !auth()->user()->isDefault(); } /** - * Check if the current user has a permission. - * If an ownable element is passed in the jointPermissions are checked against - * that particular item. - * @param $permission - * @param Ownable $ownable - * @return mixed + * Check if the current user has general access. */ -function userCan($permission, Ownable $ownable = null) +function hasAppAccess(): bool { - if ($ownable === null) { - return user() && user()->can($permission); - } - - // Check permission on ownable item - $permissionService = app(\BookStack\Auth\Permissions\PermissionService::class); - return $permissionService->checkOwnableUserAccess($ownable, $permission); + return !auth()->guest() || setting('app-public'); } /** - * Helper to access system settings. - * @param $key - * @param bool $default - * @return bool|string|\BookStack\Settings\SettingService + * Check if the current user has a permission. If an ownable element + * is passed in the jointPermissions are checked against that particular item. */ -function setting($key = null, $default = false) +function userCan(string $permission, Model $ownable = null): bool { - $settingService = resolve(\BookStack\Settings\SettingService::class); - if (is_null($key)) { - return $settingService; + if ($ownable === null) { + return user() && user()->can($permission); } - return $settingService->get($key, $default); + + // Check permission on ownable item + $permissions = app(PermissionApplicator::class); + + return $permissions->checkOwnableUserAccess($ownable, $permission); } /** - * Helper to create url's relative to the applications root path. - * @param string $path - * @param bool $forceAppDomain - * @return string + * Check if the current user can perform the given action on any items in the system. + * Can be provided the class name of an entity to filter ability to that specific entity type. */ -function baseUrl($path, $forceAppDomain = false) +function userCanOnAny(string $action, string $entityClass = ''): bool { - $isFullUrl = strpos($path, 'http') === 0; - if ($isFullUrl && !$forceAppDomain) { - return $path; - } - - $path = trim($path, '/'); - $base = rtrim(config('app.url'), '/'); - - // Remove non-specified domain if forced and we have a domain - if ($isFullUrl && $forceAppDomain) { - if (!empty($base) && strpos($path, $base) === 0) { - $path = trim(substr($path, strlen($base) - 1)); - } - $explodedPath = explode('/', $path); - $path = implode('/', array_splice($explodedPath, 3)); - } - - // Return normal url path if not specified in config - if (config('app.url') === '') { - return url($path); - } + $permissions = app(PermissionApplicator::class); - return $base . '/' . $path; + return $permissions->checkUserHasEntityPermissionOnAny($action, $entityClass); } /** - * Get an instance of the redirector. - * Overrides the default laravel redirect helper. - * Ensures it redirects even when the app is in a subdirectory. + * Helper to access system settings. * - * @param string|null $to - * @param int $status - * @param array $headers - * @param bool $secure - * @return \Illuminate\Routing\Redirector|\Illuminate\Http\RedirectResponse + * @return mixed|SettingService */ -function redirect($to = null, $status = 302, $headers = [], $secure = null) +function setting(string $key = null, $default = null) { - if (is_null($to)) { - return app('redirect'); - } + $settingService = resolve(SettingService::class); - $to = baseUrl($to); + if (is_null($key)) { + return $settingService; + } - return app('redirect')->to($to, $status, $headers, $secure); + return $settingService->get($key, $default); } /** * Get a path to a theme resource. - * @param string $path - * @return string|boolean + * Returns null if a theme is not configured and + * therefore a full path is not available for use. */ -function theme_path($path = '') +function theme_path(string $path = ''): ?string { $theme = config('view.theme'); + if (!$theme) { - return false; + return null; } - return base_path('themes/' . $theme .($path ? DIRECTORY_SEPARATOR.$path : $path)); + return base_path('themes/' . $theme . ($path ? DIRECTORY_SEPARATOR . $path : $path)); } /** @@ -156,30 +119,30 @@ function theme_path($path = '') * to the 'resources/assets/icons' folder. * * Returns an empty string if icon file not found. - * @param $name - * @param array $attrs - * @return mixed */ -function icon($name, $attrs = []) +function icon(string $name, array $attrs = []): string { $attrs = array_merge([ - 'class' => 'svg-icon', - 'data-icon' => $name + 'class' => 'svg-icon', + 'data-icon' => $name, + 'role' => 'presentation', ], $attrs); $attrString = ' '; foreach ($attrs as $attrName => $attr) { - $attrString .= $attrName . '="' . $attr . '" '; + $attrString .= $attrName . '="' . $attr . '" '; } - $iconPath = resource_path('assets/icons/' . $name . '.svg'); + $iconPath = resource_path('icons/' . $name . '.svg'); $themeIconPath = theme_path('icons/' . $name . '.svg'); + if ($themeIconPath && file_exists($themeIconPath)) { $iconPath = $themeIconPath; - } else if (!file_exists($iconPath)) { + } elseif (!file_exists($iconPath)) { return ''; } $fileContents = file_get_contents($iconPath); + return str_replace('