Merge branch 'master' into add_role_view_permissions

diff --git a/app/Http/Controllers/BookController.php b/app/Http/Controllers/BookController.php
index 91c9651450478d9a0be15e538bc1ed96b22da3ee..498d6bb7f148af4f65b94caf5c20ab54a3681526 100644 (file)
--- a/app/Http/Controllers/BookController.php
+++ b/app/Http/Controllers/BookController.php
@@ -88,6 +88,7 @@ class BookController extends Controller
     public function show($slug)
     {
         $book = $this->bookRepo->getBySlug($slug);
+        $this->checkOwnablePermission('book-view', $book);
         $bookChildren = $this->bookRepo->getChildren($book);
         Views::add($book);
         $this->setPageTitle($book->getShortName());

diff --git a/app/Http/Controllers/ChapterController.php b/app/Http/Controllers/ChapterController.php
index 4641ddbdbc910c1a59e8e674e10f57c316a5d689..d1c6c173388d28bda8b608e18288646c600b3d6d 100644 (file)
--- a/app/Http/Controllers/ChapterController.php
+++ b/app/Http/Controllers/ChapterController.php
@@ -77,6 +77,7 @@ class ChapterController extends Controller
     {
         $book = $this->bookRepo->getBySlug($bookSlug);
         $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
+        $this->checkOwnablePermission('chapter-view', $chapter);
         $sidebarTree = $this->bookRepo->getChildren($book);
         Views::add($chapter);
         $this->setPageTitle($chapter->getShortName());

diff --git a/app/Http/Controllers/PageController.php b/app/Http/Controllers/PageController.php
index a645ede025077543f5676c4c225f8ac47c93c432..d2cb647b789e579311d9dd48639bf2643d012d33 100644 (file)
--- a/app/Http/Controllers/PageController.php
+++ b/app/Http/Controllers/PageController.php
@@ -128,6 +128,8 @@ class PageController extends Controller
             return redirect($page->getUrl());
         }
 
+        $this->checkOwnablePermission('page-view', $page);
+
         $sidebarTree = $this->bookRepo->getChildren($book);
         Views::add($page);
         $this->setPageTitle($page->getShortName());

diff --git a/database/migrations/2016_04_09_100730_add_view_permissions_to_roles.php b/database/migrations/2016_04_09_100730_add_view_permissions_to_roles.php
new file mode 100644 (file)
index 0000000..dabd6a2
--- /dev/null
+++ b/database/migrations/2016_04_09_100730_add_view_permissions_to_roles.php
@@ -0,0 +1,54 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddViewPermissionsToRoles extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        $currentRoles = \BookStack\Role::all();
+
+        // Create new view permissions
+        $entities = ['Book', 'Page', 'Chapter'];
+        $ops = ['View All', 'View Own'];
+        foreach ($entities as $entity) {
+            foreach ($ops as $op) {
+                $newPermission = new \BookStack\Permission();
+                $newPermission->name = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op));
+                $newPermission->display_name = $op . ' ' . $entity . 's';
+                $newPermission->save();
+                foreach ($currentRoles as $role) {
+                    $role->attachPermission($newPermission);
+                }
+            }
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        // Delete the new view permissions
+        $entities = ['Book', 'Page', 'Chapter'];
+        $ops = ['View All', 'View Own'];
+        foreach ($entities as $entity) {
+            foreach ($ops as $op) {
+                $permissionName = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op));
+                $newPermission = \BookStack\Permission::where('name', '=', $permissionName)->first();
+                foreach ($newPermission->roles as $role) {
+                    $role->detachPermission($newPermission);
+                }
+                $newPermission->delete();
+            }
+        }
+    }
+}

diff --git a/resources/views/settings/roles/form.blade.php b/resources/views/settings/roles/form.blade.php
index 9b0b35d3e67bb9453821d2dfb18926620aa5e5b7..0980d1b650ff54fb273444100d16f24f708d48d0 100644 (file)
--- a/resources/views/settings/roles/form.blade.php
+++ b/resources/views/settings/roles/form.blade.php
@@ -41,6 +41,10 @@
                         <td>
                             <label>@include('settings/roles/checkbox', ['permission' => 'book-create-all']) All</label>
                         </td>
+                        <td>
+                            <label>@include('settings/roles/checkbox', ['permission' => 'book-view-own']) Own</label>
+                            <label>@include('settings/roles/checkbox', ['permission' => 'book-view-all']) All</label>
+                        </td>
                         <td>
                             <label>@include('settings/roles/checkbox', ['permission' => 'book-update-own']) Own</label>
                             <label>@include('settings/roles/checkbox', ['permission' => 'book-update-all']) All</label>
@@ -56,6 +60,10 @@
                             <label>@include('settings/roles/checkbox', ['permission' => 'chapter-create-own']) Own</label>
                             <label>@include('settings/roles/checkbox', ['permission' => 'chapter-create-all']) All</label>
                         </td>
+                        <td>
+                            <label>@include('settings/roles/checkbox', ['permission' => 'chapter-view-own']) Own</label>
+                            <label>@include('settings/roles/checkbox', ['permission' => 'chapter-view-all']) All</label>
+                        </td>
                         <td>
                             <label>@include('settings/roles/checkbox', ['permission' => 'chapter-update-own']) Own</label>
                             <label>@include('settings/roles/checkbox', ['permission' => 'chapter-update-all']) All</label>
@@ -71,6 +79,10 @@
                             <label>@include('settings/roles/checkbox', ['permission' => 'page-create-own']) Own</label>
                             <label>@include('settings/roles/checkbox', ['permission' => 'page-create-all']) All</label>
                         </td>
+                        <td>
+                            <label>@include('settings/roles/checkbox', ['permission' => 'page-view-own']) Own</label>
+                            <label>@include('settings/roles/checkbox', ['permission' => 'page-view-all']) All</label>
+                        </td>
                         <td>
                             <label>@include('settings/roles/checkbox', ['permission' => 'page-update-own']) Own</label>
                             <label>@include('settings/roles/checkbox', ['permission' => 'page-update-all']) All</label>