X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/c32d70abc4f3cca4a8b3533d45b09d2a830d6a57..42d8e9e5bda57a26bbaa3f6e4a9e4e5f94a341e7:/app/Http/Controllers/Controller.php diff --git a/app/Http/Controllers/Controller.php b/app/Http/Controllers/Controller.php index 5dc79eb02..43292d941 100644 --- a/app/Http/Controllers/Controller.php +++ b/app/Http/Controllers/Controller.php @@ -2,6 +2,7 @@ namespace BookStack\Http\Controllers; +use BookStack\Ownable; use HttpRequestException; use Illuminate\Foundation\Bus\DispatchesJobs; use Illuminate\Http\Exception\HttpResponseException; @@ -29,17 +30,31 @@ abstract class Controller extends BaseController */ public function __construct() { - // Get a user instance for the current user - $user = auth()->user(); - if (!$user) $user = User::getDefault(); + $this->middleware(function ($request, $next) { - // Share variables with views - view()->share('signedIn', auth()->check()); - view()->share('currentUser', $user); + // Get a user instance for the current user + $user = auth()->user(); + if (!$user) $user = User::getDefault(); - // Share variables with controllers - $this->currentUser = $user; - $this->signedIn = auth()->check(); + // Share variables with views + view()->share('signedIn', auth()->check()); + view()->share('currentUser', $user); + + // Share variables with controllers + $this->currentUser = $user; + $this->signedIn = auth()->check(); + + return $next($request); + }); + } + + /** + * Stops the application and shows a permission error if + * the application is in demo mode. + */ + protected function preventAccessForDemoUsers() + { + if (config('app.env') === 'demo') $this->showPermissionError(); } /** @@ -51,24 +66,48 @@ abstract class Controller extends BaseController view()->share('pageTitle', $title); } + /** + * On a permission error redirect to home and display. + * the error as a notification. + */ + protected function showPermissionError() + { + Session::flash('error', trans('errors.permission')); + $response = request()->wantsJson() ? response()->json(['error' => trans('errors.permissionJson')], 403) : redirect('/'); + throw new HttpResponseException($response); + } + /** * Checks for a permission. - * - * @param $permissionName + * @param string $permissionName * @return bool|\Illuminate\Http\RedirectResponse */ protected function checkPermission($permissionName) { if (!$this->currentUser || !$this->currentUser->can($permissionName)) { - Session::flash('error', trans('errors.permission')); - throw new HttpResponseException( - redirect('/') - ); + $this->showPermissionError(); } - return true; } + /** + * Check the current user's permissions against an ownable item. + * @param $permission + * @param Ownable $ownable + * @return bool + */ + protected function checkOwnablePermission($permission, Ownable $ownable) + { + if (userCan($permission, $ownable)) return true; + return $this->showPermissionError(); + } + + /** + * Check if a user has a permission or bypass if the callback is true. + * @param $permissionName + * @param $callback + * @return bool + */ protected function checkPermissionOr($permissionName, $callback) { $callbackResult = $callback(); @@ -76,4 +115,15 @@ abstract class Controller extends BaseController return true; } + /** + * Send back a json error message. + * @param string $messageText + * @param int $statusCode + * @return mixed + */ + protected function jsonError($messageText = "", $statusCode = 500) + { + return response()->json(['message' => $messageText], $statusCode); + } + }