X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/d3ca23b195cf2484ac5eaeea0b0e8cb4ca0aad48..refs/pull/4467/head:/app/Entities/Repos/ChapterRepo.php diff --git a/app/Entities/Repos/ChapterRepo.php b/app/Entities/Repos/ChapterRepo.php index 672c2140c..977193d85 100644 --- a/app/Entities/Repos/ChapterRepo.php +++ b/app/Entities/Repos/ChapterRepo.php @@ -2,7 +2,7 @@ namespace BookStack\Entities\Repos; -use BookStack\Actions\ActivityType; +use BookStack\Activity\ActivityType; use BookStack\Entities\Models\Book; use BookStack\Entities\Models\Chapter; use BookStack\Entities\Models\Entity; @@ -10,19 +10,15 @@ use BookStack\Entities\Tools\BookContents; use BookStack\Entities\Tools\TrashCan; use BookStack\Exceptions\MoveOperationException; use BookStack\Exceptions\NotFoundException; +use BookStack\Exceptions\PermissionsException; use BookStack\Facades\Activity; use Exception; class ChapterRepo { - protected $baseRepo; - - /** - * ChapterRepo constructor. - */ - public function __construct(BaseRepo $baseRepo) - { - $this->baseRepo = $baseRepo; + public function __construct( + protected BaseRepo $baseRepo + ) { } /** @@ -85,16 +81,18 @@ class ChapterRepo * 'book:' (book:5). * * @throws MoveOperationException + * @throws PermissionsException */ public function move(Chapter $chapter, string $parentIdentifier): Book { - /** @var Book $parent */ $parent = $this->findParentByIdentifier($parentIdentifier); if (is_null($parent)) { throw new MoveOperationException('Book to move chapter into not found'); } - // TODO - Check create permissions for new parent? + if (!userCan('chapter-create', $parent)) { + throw new PermissionsException('User does not have permission to create a chapter within the chosen book'); + } $chapter->changeBook($parent->id); $chapter->rebuildPermissions();