X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/81fa0210834a8018c2afe0da8c23949ee7cc0aae..refs/pull/1462/head:/app/helpers.php

diff --git a/app/helpers.php b/app/helpers.php
index 50b41ec05..0fedf2e8d 100644
--- a/app/helpers.php
+++ b/app/helpers.php
@@ -1,5 +1,7 @@
 <?php
 
+use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Entities\Entity;
 use BookStack\Ownable;
 
 /**
@@ -30,50 +32,72 @@ function versioned_asset($file = '')
 /**
  * Helper method to get the current User.
  * Defaults to public 'Guest' user if not logged in.
- * @return \BookStack\User
+ * @return \BookStack\Auth\User
  */
 function user()
 {
-    return auth()->user() ?: \BookStack\User::getDefault();
+    return auth()->user() ?: \BookStack\Auth\User::getDefault();
 }
 
 /**
  * Check if current user is a signed in user.
  * @return bool
  */
-function signedInUser()
+function signedInUser() : bool
 {
     return auth()->user() && !auth()->user()->isDefault();
 }
 
+/**
+ * Check if the current user has general access.
+ * @return bool
+ */
+function hasAppAccess() : bool
+{
+    return !auth()->guest() || setting('app-public');
+}
+
 /**
  * Check if the current user has a permission.
  * If an ownable element is passed in the jointPermissions are checked against
  * that particular item.
- * @param $permission
+ * @param string $permission
  * @param Ownable $ownable
  * @return mixed
  */
-function userCan($permission, Ownable $ownable = null)
+function userCan(string $permission, Ownable $ownable = null)
 {
     if ($ownable === null) {
         return user() && user()->can($permission);
     }
 
     // Check permission on ownable item
-    $permissionService = app(\BookStack\Services\PermissionService::class);
+    $permissionService = app(PermissionService::class);
     return $permissionService->checkOwnableUserAccess($ownable, $permission);
 }
 
+/**
+ * Check if the current user has the given permission
+ * on any item in the system.
+ * @param string $permission
+ * @param string|null $entityClass
+ * @return bool
+ */
+function userCanOnAny(string $permission, string $entityClass = null)
+{
+    $permissionService = app(PermissionService::class);
+    return $permissionService->checkUserHasPermissionOnAnything($permission, $entityClass);
+}
+
 /**
  * Helper to access system settings.
  * @param $key
  * @param bool $default
- * @return bool|string|\BookStack\Services\SettingService
+ * @return bool|string|\BookStack\Settings\SettingService
  */
 function setting($key = null, $default = false)
 {
-    $settingService = resolve(\BookStack\Services\SettingService::class);
+    $settingService = resolve(\BookStack\Settings\SettingService::class);
     if (is_null($key)) {
         return $settingService;
     }
@@ -92,12 +116,18 @@ function baseUrl($path, $forceAppDomain = false)
     if ($isFullUrl && !$forceAppDomain) {
         return $path;
     }
+
     $path = trim($path, '/');
+    $base = rtrim(config('app.url'), '/');
 
     // Remove non-specified domain if forced and we have a domain
     if ($isFullUrl && $forceAppDomain) {
-        $explodedPath = explode('/', $path);
-        $path = implode('/', array_splice($explodedPath, 3));
+        if (!empty($base) && strpos($path, $base) === 0) {
+            $path = substr($path, strlen($base));
+        } else {
+            $explodedPath = explode('/', $path);
+            $path = implode('/', array_splice($explodedPath, 3));
+        }
     }
 
     // Return normal url path if not specified in config
@@ -105,7 +135,7 @@ function baseUrl($path, $forceAppDomain = false)
         return url($path);
     }
 
-    return rtrim(config('app.url'), '/') . '/' . $path;
+    return $base . '/' . ltrim($path, '/');
 }
 
 /**