$connection = \DB::getDefaultConnection();
if ($this->option('database') !== null) {
\DB::setDefaultConnection($this->option('database'));
+ $this->permissionService->setConnection(\DB::connection($this->option('database')));
}
$this->permissionService->buildJointPermissions();
$connection = \DB::getDefaultConnection();
if ($this->option('database') !== null) {
\DB::setDefaultConnection($this->option('database'));
+ $this->searchService->setConnection(\DB::connection($this->option('database')));
}
$this->searchService->indexAllEntities();
use BookStack\User;
use Illuminate\Database\Connection;
use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Query\Builder as QueryBuilder;
use Illuminate\Support\Collection;
-use Illuminate\Support\Facades\Log;
class PermissionService
{
// TODO - Update so admin still goes through filters
}
+ /**
+ * Set the database connection
+ * @param Connection $connection
+ */
+ public function setConnection(Connection $connection)
+ {
+ $this->db = $connection;
+ }
+
/**
* Prepare the local entity cache and ensure it's empty
*/
$this->readyEntityCache();
// Get all roles (Should be the most limited dimension)
- $roles = $this->role->with('permissions')->get();
+ $roles = $this->role->with('permissions')->get()->all();
// Chunk through all books
- $this->book->newQuery()->with('chapters', 'pages')->chunk(5, function ($books) use ($roles) {
+ $this->book->newQuery()->select(['id', 'restricted', 'created_by'])->with(['chapters' => function($query) {
+ $query->select(['id', 'restricted', 'created_by', 'book_id']);
+ }, 'pages' => function($query) {
+ $query->select(['id', 'restricted', 'created_by', 'book_id', 'chapter_id']);
+ }])->chunk(5, function ($books) use ($roles) {
$this->buildJointPermissionsForBooks($books, $roles);
});
}
/**
* Build joint permissions for an array of books
* @param Collection $books
- * @param Collection $roles
+ * @param array $roles
* @param bool $deleteOld
*/
protected function buildJointPermissionsForBooks($books, $roles, $deleteOld = false) {
$entities = clone $books;
- foreach ($books as $book) {
- foreach ($book->chapters as $chapter) {
+ /** @var Book $book */
+ foreach ($books->all() as $book) {
+ foreach ($book->getRelation('chapters') as $chapter) {
$entities->push($chapter);
}
- foreach ($book->pages as $page) {
+ foreach ($book->getRelation('pages') as $page) {
$entities->push($page);
}
}
{
$roles = $this->role->newQuery()->get();
$book = ($entity->isA('book')) ? $entity : $entity->book;
- $this->buildJointPermissionsForBooks(collect([$book]), $roles, true);
+ $book = $this->book->newQuery()->select(['id', 'restricted', 'created_by'])->with(['chapters' => function($query) {
+ $query->select(['id', 'restricted', 'created_by', 'book_id']);
+ }, 'pages' => function($query) {
+ $query->select(['id', 'restricted', 'created_by', 'book_id', 'chapter_id']);
+ }])->where('id', '=', $book->id)->get();
+ $this->buildJointPermissionsForBooks($book, $roles, true);
}
/**
*/
public function buildJointPermissionForRole(Role $role)
{
- $roles = collect([$role]);
-
+ $roles = [$role];
$this->deleteManyJointPermissionsForRoles($roles);
// Chunk through all books
- $this->book->with('chapters', 'pages')->chunk(5, function ($books) use ($roles) {
+ $this->book->newQuery()->select(['id', 'restricted', 'created_by'])->with(['chapters' => function($query) {
+ $query->select(['id', 'restricted', 'created_by', 'book_id']);
+ }, 'pages' => function($query) {
+ $query->select(['id', 'restricted', 'created_by', 'book_id', 'chapter_id']);
+ }])->chunk(5, function ($books) use ($roles) {
$this->buildJointPermissionsForBooks($books, $roles);
});
}
*/
protected function deleteManyJointPermissionsForRoles($roles)
{
- foreach ($roles as $role) {
- $role->jointPermissions()->delete();
- }
+ $roleIds = array_map(function($role) {
+ return $role->id;
+ }, $roles);
+ $this->jointPermission->newQuery()->whereIn('id', $roleIds)->delete();
}
/**
protected function deleteManyJointPermissionsForEntities($entities)
{
if (count($entities) === 0) return;
- $query = $this->jointPermission->newQuery();
- foreach ($entities as $entity) {
- $query->orWhere(function($query) use ($entity) {
- $query->where('entity_id', '=', $entity->id)
- ->where('entity_type', '=', $entity->getMorphClass());
- });
- }
+ $this->db->transaction(function() use ($entities) {
+
+ foreach (array_chunk($entities, 1000) as $entityChunk) {
+ $query = $this->db->table('joint_permissions');
+ foreach ($entityChunk as $entity) {
+ $query->orWhere(function(QueryBuilder $query) use ($entity) {
+ $query->where('entity_id', '=', $entity->id)
+ ->where('entity_type', '=', $entity->getMorphClass());
+ });
+ }
+ $query->delete();
+ }
- $query->delete();
+ });
}
/**
* Create & Save entity jointPermissions for many entities and jointPermissions.
* @param Collection $entities
- * @param Collection $roles
+ * @param array $roles
*/
protected function createManyJointPermissions($entities, $roles)
{
}
}
}
- foreach (array_chunk($jointPermissions, 5000) as $jointPermissionChunk) {
- $this->jointPermission->insert($jointPermissionChunk);
- }
+
+ $this->db->transaction(function() use ($jointPermissions) {
+ foreach (array_chunk($jointPermissions, 1000) as $jointPermissionChunk) {
+ $this->db->table('joint_permissions')->insert($jointPermissionChunk);
+ }
+ });
}
* @param integer $book_id
* @param bool $filterDrafts
* @param bool $fetchPageContent
- * @return \Illuminate\Database\Query\Builder
+ * @return QueryBuilder
*/
public function bookChildrenQuery($book_id, $filterDrafts = false, $fetchPageContent = false) {
$pageSelect = $this->db->table('pages')->selectRaw($this->page->entityRawQuery($fetchPageContent))->where('book_id', '=', $book_id)->where(function($query) use ($filterDrafts) {
$this->permissionService = $permissionService;
}
+ /**
+ * Set the database connection
+ * @param Connection $connection
+ */
+ public function setConnection(Connection $connection)
+ {
+ $this->db = $connection;
+ }
+
/**
* Search all entities in the system.
* @param string $searchString
<?php namespace Tests;
use BookStack\Role;
+use BookStack\Services\PermissionService;
use Illuminate\Contracts\Console\Kernel;
use Illuminate\Foundation\Testing\DatabaseTransactions;
use Laravel\BrowserKitTesting\TestCase;
{
if ($updaterUser === false) $updaterUser = $creatorUser;
$book = factory(\BookStack\Book::class)->create(['created_by' => $creatorUser->id, 'updated_by' => $updaterUser->id]);
- $chapter = factory(\BookStack\Chapter::class)->create(['created_by' => $creatorUser->id, 'updated_by' => $updaterUser->id]);
- $page = factory(\BookStack\Page::class)->create(['created_by' => $creatorUser->id, 'updated_by' => $updaterUser->id, 'book_id' => $book->id]);
- $book->chapters()->saveMany([$chapter]);
- $chapter->pages()->saveMany([$page]);
- $restrictionService = $this->app[\BookStack\Services\PermissionService::class];
+ $chapter = factory(\BookStack\Chapter::class)->create(['created_by' => $creatorUser->id, 'updated_by' => $updaterUser->id, 'book_id' => $book->id]);
+ $page = factory(\BookStack\Page::class)->create(['created_by' => $creatorUser->id, 'updated_by' => $updaterUser->id, 'book_id' => $book->id, 'chapter_id' => $chapter->id]);
+ $restrictionService = $this->app[PermissionService::class];
$restrictionService->buildJointPermissionsForEntity($book);
return [
'book' => $book,
<?php namespace Tests;
+use BookStack\Repos\PermissionsRepo;
+use BookStack\Role;
+
class RolesTest extends BrowserKitTest
{
protected $user;
/**
* Create a new basic role for testing purposes.
* @param array $permissions
- * @return static
+ * @return Role
*/
protected function createNewRole($permissions = [])
{
- $permissionRepo = app('BookStack\Repos\PermissionsRepo');
+ $permissionRepo = app(PermissionsRepo::class);
$roleData = factory(\BookStack\Role::class)->make()->toArray();
$roleData['permissions'] = array_flip($permissions);
return $permissionRepo->saveNewRole($roleData);
public function test_manage_user_permission()
{
- $this->actingAs($this->user)->visit('/')->visit('/settings/users')
+ $this->actingAs($this->user)->visit('/settings/users')
->seePageIs('/');
$this->giveUserPermissions($this->user, ['users-manage']);
- $this->actingAs($this->user)->visit('/')->visit('/settings/users')
+ $this->actingAs($this->user)->visit('/settings/users')
->seePageIs('/settings/users');
}
public function test_user_roles_manage_permission()
{
- $this->actingAs($this->user)->visit('/')->visit('/settings/roles')
+ $this->actingAs($this->user)->visit('/settings/roles')
->seePageIs('/')->visit('/settings/roles/1')->seePageIs('/');
$this->giveUserPermissions($this->user, ['user-roles-manage']);
$this->actingAs($this->user)->visit('/settings/roles')
public function test_settings_manage_permission()
{
- $this->actingAs($this->user)->visit('/')->visit('/settings')
+ $this->actingAs($this->user)->visit('/settings')
->seePageIs('/');
$this->giveUserPermissions($this->user, ['settings-manage']);
- $this->actingAs($this->user)->visit('/')->visit('/settings')
+ $this->actingAs($this->user)->visit('/settings')
->seePageIs('/settings')->press('Save Settings')->see('Settings Saved');
}
* @param string $permission
* @param array $accessUrls Urls that are only accessible after having the permission
* @param array $visibles Check this text, In the buttons toolbar, is only visible with the permission
- * @param null $callback
*/
private function checkAccessPermission($permission, $accessUrls = [], $visibles = [])
{
foreach ($accessUrls as $url) {
- $this->actingAs($this->user)->visit('/')->visit($url)
+ $this->actingAs($this->user)->visit($url)
->seePageIs('/');
}
foreach ($visibles as $url => $text) {
- $this->actingAs($this->user)->visit('/')->visit($url)
+ $this->actingAs($this->user)->visit($url)
->dontSeeInElement('.action-buttons',$text);
}
$this->giveUserPermissions($this->user, [$permission]);
foreach ($accessUrls as $url) {
- $this->actingAs($this->user)->visit('/')->visit($url)
+ $this->actingAs($this->user)->visit($url)
->seePageIs($url);
}
foreach ($visibles as $url => $text) {
- $this->actingAs($this->user)->visit('/')->visit($url)
+ $this->actingAs($this->user)->visit($url)
->see($text);
}
}
public function test_page_create_own_permissions()
{
- $book = \BookStack\Book::take(1)->get()->first();
- $chapter = \BookStack\Chapter::take(1)->get()->first();
+ $book = \BookStack\Book::first();
+ $chapter = \BookStack\Chapter::first();
$entities = $this->createEntityChainBelongingToUser($this->user);
$ownBook = $entities['book'];
$accessUrls = [$createUrl, $createUrlChapter];
foreach ($accessUrls as $url) {
- $this->actingAs($this->user)->visit('/')->visit($url)
+ $this->actingAs($this->user)->visit($url)
->seePageIs('/');
}
$this->giveUserPermissions($this->user, ['page-create-own']);
foreach ($accessUrls as $index => $url) {
- $this->actingAs($this->user)->visit('/')->visit($url);
+ $this->actingAs($this->user)->visit($url);
$expectedUrl = \BookStack\Page::where('draft', '=', true)->orderBy('id', 'desc')->first()->getUrl();
$this->seePageIs($expectedUrl);
}
$accessUrls = [$createUrl, $createUrlChapter];
foreach ($accessUrls as $url) {
- $this->actingAs($this->user)->visit('/')->visit($url)
+ $this->actingAs($this->user)->visit($url)
->seePageIs('/');
}
$this->giveUserPermissions($this->user, ['page-create-all']);
foreach ($accessUrls as $index => $url) {
- $this->actingAs($this->user)->visit('/')->visit($url);
+ $this->actingAs($this->user)->visit($url);
$expectedUrl = \BookStack\Page::where('draft', '=', true)->orderBy('id', 'desc')->first()->getUrl();
$this->seePageIs($expectedUrl);
}
projects / bookstack / commitdiff