X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/ddb7f33868ea499ab8f48a7062f145e8c0fbe02f..refs/pull/2515/head:/app/Auth/Permissions/PermissionService.php diff --git a/app/Auth/Permissions/PermissionService.php b/app/Auth/Permissions/PermissionService.php index 97cc1ca24..89c8a5fbb 100644 --- a/app/Auth/Permissions/PermissionService.php +++ b/app/Auth/Permissions/PermissionService.php @@ -2,13 +2,12 @@ use BookStack\Auth\Permissions; use BookStack\Auth\Role; -use BookStack\Entities\Book; -use BookStack\Entities\Bookshelf; -use BookStack\Entities\Chapter; -use BookStack\Entities\Entity; +use BookStack\Entities\Models\Book; +use BookStack\Entities\Models\Entity; use BookStack\Entities\EntityProvider; -use BookStack\Entities\Page; -use BookStack\Ownable; +use BookStack\Model; +use BookStack\Traits\HasCreatorAndUpdater; +use BookStack\Traits\HasOwner; use Illuminate\Database\Connection; use Illuminate\Database\Eloquent\Builder; use Illuminate\Database\Query\Builder as QueryBuilder; @@ -51,11 +50,6 @@ class PermissionService /** * PermissionService constructor. - * @param JointPermission $jointPermission - * @param EntityPermission $entityPermission - * @param Role $role - * @param Connection $db - * @param EntityProvider $entityProvider */ public function __construct( JointPermission $jointPermission, @@ -82,7 +76,7 @@ class PermissionService /** * Prepare the local entity cache and ensure it's empty - * @param \BookStack\Entities\Entity[] $entities + * @param \BookStack\Entities\Models\Entity[] $entities */ protected function readyEntityCache($entities = []) { @@ -119,7 +113,7 @@ class PermissionService /** * Get a chapter via ID, Checks local cache * @param $chapterId - * @return \BookStack\Entities\Book + * @return \BookStack\Entities\Models\Book */ protected function getChapter($chapterId) { @@ -176,7 +170,7 @@ class PermissionService }); // Chunk through all bookshelves - $this->entityProvider->bookshelf->newQuery()->select(['id', 'restricted', 'created_by']) + $this->entityProvider->bookshelf->newQuery()->withTrashed()->select(['id', 'restricted', 'owned_by']) ->chunk(50, function ($shelves) use ($roles) { $this->buildJointPermissionsForShelves($shelves, $roles); }); @@ -188,11 +182,11 @@ class PermissionService */ protected function bookFetchQuery() { - return $this->entityProvider->book->newQuery() - ->select(['id', 'restricted', 'created_by'])->with(['chapters' => function ($query) { - $query->select(['id', 'restricted', 'created_by', 'book_id']); + return $this->entityProvider->book->withTrashed()->newQuery() + ->select(['id', 'restricted', 'owned_by'])->with(['chapters' => function ($query) { + $query->withTrashed()->select(['id', 'restricted', 'owned_by', 'book_id']); }, 'pages' => function ($query) { - $query->select(['id', 'restricted', 'created_by', 'book_id', 'chapter_id']); + $query->withTrashed()->select(['id', 'restricted', 'owned_by', 'book_id', 'chapter_id']); }]); } @@ -238,7 +232,7 @@ class PermissionService /** * Rebuild the entity jointPermissions for a particular entity. - * @param \BookStack\Entities\Entity $entity + * @param \BookStack\Entities\Models\Entity $entity * @throws \Throwable */ public function buildJointPermissionsForEntity(Entity $entity) @@ -294,7 +288,7 @@ class PermissionService }); // Chunk through all bookshelves - $this->entityProvider->bookshelf->newQuery()->select(['id', 'restricted', 'created_by']) + $this->entityProvider->bookshelf->newQuery()->select(['id', 'restricted', 'owned_by']) ->chunk(50, function ($shelves) use ($roles) { $this->buildJointPermissionsForShelves($shelves, $roles); }); @@ -333,7 +327,7 @@ class PermissionService /** * Delete all of the entity jointPermissions for a list of entities. - * @param \BookStack\Entities\Entity[] $entities + * @param \BookStack\Entities\Models\Entity[] $entities * @throws \Throwable */ protected function deleteManyJointPermissionsForEntities($entities) @@ -414,7 +408,7 @@ class PermissionService /** * Get the actions related to an entity. - * @param \BookStack\Entities\Entity $entity + * @param \BookStack\Entities\Models\Entity $entity * @return array */ protected function getActions(Entity $entity) @@ -500,7 +494,7 @@ class PermissionService /** * Create an array of data with the information of an entity jointPermissions. * Used to build data for bulk insertion. - * @param \BookStack\Entities\Entity $entity + * @param \BookStack\Entities\Models\Entity $entity * @param Role $role * @param $action * @param $permissionAll @@ -516,21 +510,19 @@ class PermissionService 'action' => $action, 'has_permission' => $permissionAll, 'has_permission_own' => $permissionOwn, - 'created_by' => $entity->getRawAttribute('created_by') + 'owned_by' => $entity->getRawAttribute('owned_by') ]; } /** * Checks if an entity has a restriction set upon it. - * @param Ownable $ownable - * @param $permission - * @return bool + * @param HasCreatorAndUpdater|HasOwner $ownable */ - public function checkOwnableUserAccess(Ownable $ownable, $permission) + public function checkOwnableUserAccess(Model $ownable, string $permission): bool { $explodedPermission = explode('-', $permission); - $baseQuery = $ownable->where('id', '=', $ownable->id); + $baseQuery = $ownable->newQuery()->where('id', '=', $ownable->id); $action = end($explodedPermission); $this->currentAction = $action; @@ -541,7 +533,8 @@ class PermissionService $allPermission = $this->currentUser() && $this->currentUser()->can($permission . '-all'); $ownPermission = $this->currentUser() && $this->currentUser()->can($permission . '-own'); $this->currentAction = 'view'; - $isOwner = $this->currentUser() && $this->currentUser()->id === $ownable->created_by; + $ownerField = ($ownable instanceof Entity) ? 'owned_by' : 'created_by'; + $isOwner = $this->currentUser() && $this->currentUser()->id === $ownable->$ownerField; return ($allPermission || ($isOwner && $ownPermission)); } @@ -574,7 +567,7 @@ class PermissionService $query->where('has_permission', '=', 1) ->orWhere(function ($query2) use ($userId) { $query2->where('has_permission_own', '=', 1) - ->where('created_by', '=', $userId); + ->where('owned_by', '=', $userId); }); }); @@ -591,7 +584,7 @@ class PermissionService /** * Check if an entity has restrictions set on itself or its * parent tree. - * @param \BookStack\Entities\Entity $entity + * @param \BookStack\Entities\Models\Entity $entity * @param $action * @return bool|mixed */ @@ -623,7 +616,7 @@ class PermissionService $query->where('has_permission', '=', true) ->orWhere(function ($query) { $query->where('has_permission_own', '=', true) - ->where('created_by', '=', $this->currentUser()->id); + ->where('owned_by', '=', $this->currentUser()->id); }); }); }); @@ -647,7 +640,7 @@ class PermissionService $query->where('has_permission', '=', true) ->orWhere(function (Builder $query) { $query->where('has_permission_own', '=', true) - ->where('created_by', '=', $this->currentUser()->id); + ->where('owned_by', '=', $this->currentUser()->id); }); }); }); @@ -664,7 +657,7 @@ class PermissionService $query->where('draft', '=', false) ->orWhere(function (Builder $query) { $query->where('draft', '=', true) - ->where('created_by', '=', $this->currentUser()->id); + ->where('owned_by', '=', $this->currentUser()->id); }); }); } @@ -672,7 +665,7 @@ class PermissionService /** * Add restrictions for a generic entity * @param string $entityType - * @param Builder|\BookStack\Entities\Entity $query + * @param Builder|\BookStack\Entities\Models\Entity $query * @param string $action * @return Builder */ @@ -684,7 +677,7 @@ class PermissionService $query->where('draft', '=', false) ->orWhere(function ($query) { $query->where('draft', '=', true) - ->where('created_by', '=', $this->currentUser()->id); + ->where('owned_by', '=', $this->currentUser()->id); }); }); } @@ -718,7 +711,7 @@ class PermissionService ->where(function ($query) { $query->where('has_permission', '=', true)->orWhere(function ($query) { $query->where('has_permission_own', '=', true) - ->where('created_by', '=', $this->currentUser()->id); + ->where('owned_by', '=', $this->currentUser()->id); }); }); }); @@ -754,7 +747,7 @@ class PermissionService ->where(function ($query) { $query->where('has_permission', '=', true)->orWhere(function ($query) { $query->where('has_permission_own', '=', true) - ->where('created_by', '=', $this->currentUser()->id); + ->where('owned_by', '=', $this->currentUser()->id); }); }); });