So that DB/User access is not explicitly enforced.
Same for GlobalViewData middleware although that was also just doubling
up on ways to access user/auth info.
Also cleaned up Localization Middleware doc blocks.
/**
* Show the view for /robots.txt
- * @return $this
*/
public function getRobots()
{
$sitePublic = setting('app-public', false);
$allowRobots = config('app.allow_robots');
+
if ($allowRobots === null) {
$allowRobots = $sitePublic;
}
+
return response()
->view('common.robots', ['allowRobots' => $allowRobots])
->header('Content-Type', 'text/plain');
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\BookStack\Http\Middleware\VerifyCsrfToken::class,
\BookStack\Http\Middleware\Localization::class,
- \BookStack\Http\Middleware\GlobalViewData::class,
],
'api' => [
\BookStack\Http\Middleware\ThrottleApiRequests::class,
+++ /dev/null
-<?php namespace BookStack\Http\Middleware;
-
-use Closure;
-use Illuminate\Http\Request;
-
-/**
- * Class GlobalViewData
- * Sets up data that is accessible to any view rendered by the web routes.
- */
-class GlobalViewData
-{
-
- /**
- * Handle an incoming request.
- *
- * @param Request $request
- * @param Closure $next
- * @return mixed
- */
- public function handle(Request $request, Closure $next)
- {
- view()->share('signedIn', auth()->check());
- view()->share('currentUser', user());
-
- return $next($request);
- }
-}
$defaultLang = config('app.locale');
config()->set('app.default_locale', $defaultLang);
- if (user()->isDefault() && config('app.auto_detect_locale')) {
- $locale = $this->autoDetectLocale($request, $defaultLang);
- } else {
- $locale = setting()->getUser(user(), 'language', $defaultLang);
- }
-
+ $locale = $this->getUserLocale($request, $defaultLang);
config()->set('app.lang', str_replace('_', '-', $this->getLocaleIso($locale)));
// Set text direction
return $next($request);
}
+ /**
+ * Get the locale specifically for the currently logged in user if available.
+ */
+ protected function getUserLocale(Request $request, string $default): string
+ {
+ try {
+ $user = user();
+ } catch (\Exception $exception) {
+ return $default;
+ }
+
+ if ($user->isDefault() && config('app.auto_detect_locale')) {
+ return $this->autoDetectLocale($request, $default);
+ }
+
+ return setting()->getUser($user, 'language', $default);
+ }
+
/**
* Autodetect the visitors locale by matching locales in their headers
* against the locales supported by BookStack.
- * @param Request $request
- * @param string $default
- * @return string
*/
- protected function autoDetectLocale(Request $request, string $default)
+ protected function autoDetectLocale(Request $request, string $default): string
{
$availableLocales = config('app.locales');
foreach ($request->getLanguages() as $lang) {
/**
* Get the ISO version of a BookStack language name
- * @param string $locale
- * @return string
*/
- public function getLocaleIso(string $locale)
+ public function getLocaleIso(string $locale): string
{
return $this->localeMap[$locale] ?? $locale;
}
/**
* Set the system date locale for localized date formatting.
* Will try both the standard locale name and the UTF8 variant.
- * @param string $locale
*/
protected function setSystemDateLocale(string $locale)
{
<div class="actions mb-xl">
<h5>{{ trans('common.actions') }}</h5>
<div class="icon-list text-primary">
- @if($currentUser->can('book-create-all'))
+ @if(user()->can('book-create-all'))
<a href="{{ url("/create-book") }}" class="icon-list-item">
<span>@icon('add')</span>
<span>{{ trans('entities.books_create') }}</span>
@endif
<div class="mb-xl">
- <h5>{{ trans('entities.' . ($signedIn ? 'my_recently_viewed' : 'books_recent')) }}</h5>
+ <h5>{{ trans('entities.' . (auth()->check() ? 'my_recently_viewed' : 'books_recent')) }}</h5>
@include('partials.entity-list', [
'entities' => $recents,
'style' => 'compact',
- 'emptyText' => $signedIn ? trans('entities.no_pages_viewed') : trans('entities.books_empty')
+ 'emptyText' => auth()->check() ? trans('entities.no_pages_viewed') : trans('entities.books_empty')
])
</div>
</div>
@endif
- <div id="{{ $signedIn ? 'recently-viewed' : 'recent-books' }}" class="card mb-xl">
- <h3 class="card-title">{{ trans('entities.' . ($signedIn ? 'my_recently_viewed' : 'books_recent')) }}</h3>
+ <div id="{{ auth()->check() ? 'recently-viewed' : 'recent-books' }}" class="card mb-xl">
+ <h3 class="card-title">{{ trans('entities.' . (auth()->check() ? 'my_recently_viewed' : 'books_recent')) }}</h3>
<div class="px-m">
@include('partials.entity-list', [
'entities' => $recents,
'style' => 'compact',
- 'emptyText' => $signedIn ? trans('entities.no_pages_viewed') : trans('entities.books_empty')
+ 'emptyText' => auth()->check() ? trans('entities.no_pages_viewed') : trans('entities.books_empty')
])
</div>
</div>
--}}
<?php $isOpen = setting()->getForCurrentUser('section_expansion#'. $key); ?>
<button type="button" expand-toggle="{{ $target }}"
- expand-toggle-update-endpoint="{{ url('/settings/users/'. $currentUser->id .'/update-expansion-preference/' . $key) }}"
+ expand-toggle-update-endpoint="{{ url('/settings/users/'. user()->id .'/update-expansion-preference/' . $key) }}"
expand-toggle-is-open="{{ $isOpen ? 'yes' : 'no' }}"
class="text-muted icon-list-item text-primary">
<span>@icon('expand-text')</span>
?>
<div class="list-sort-container" list-sort-control>
<div class="list-sort-label">{{ trans('common.sort') }}</div>
- <form action="{{ url("/settings/users/{$currentUser->id}/change-sort/{$type}") }}" method="post">
+ <form action="{{ url("/settings/users/". user()->id ."/change-sort/{$type}") }}" method="post">
{!! csrf_field() !!}
{!! method_field('PATCH') !!}
<div>
- <form action="{{ url("/settings/users/{$currentUser->id}/switch-${type}-view") }}" method="POST" class="inline">
+ <form action="{{ url("/settings/users/". user()->id ."/switch-${type}-view") }}" method="POST" class="inline">
{!! csrf_field() !!}
{!! method_field('PATCH') !!}
<input type="hidden" value="{{ $view === 'list'? 'grid' : 'list' }}" name="view_type">
<nav class="active-link-list">
- @if($currentUser->can('settings-manage'))
+ @if(userCan('settings-manage'))
<a href="{{ url('/settings') }}" @if($selected == 'settings') class="active" @endif>@icon('settings'){{ trans('settings.settings') }}</a>
<a href="{{ url('/settings/maintenance') }}" @if($selected == 'maintenance') class="active" @endif>@icon('spanner'){{ trans('settings.maint') }}</a>
@endif
- @if($currentUser->can('settings-manage') && $currentUser->can('users-manage'))
+ @if(userCan('settings-manage') && userCan('users-manage'))
<a href="{{ url('/settings/audit') }}" @if($selected == 'audit') class="active" @endif>@icon('open-book'){{ trans('settings.audit') }}</a>
@endif
- @if($currentUser->can('users-manage'))
+ @if(userCan('users-manage'))
<a href="{{ url('/settings/users') }}" @if($selected == 'users') class="active" @endif>@icon('users'){{ trans('settings.users') }}</a>
@endif
- @if($currentUser->can('user-roles-manage'))
+ @if(userCan('user-roles-manage'))
<a href="{{ url('/settings/roles') }}" @if($selected == 'roles') class="active" @endif>@icon('lock-open'){{ trans('settings.roles') }}</a>
@endif
</nav>
\ No newline at end of file
<img class="avatar small" src="{{ $user->getAvatar(40) }}" alt="{{ $user->name }}">
</div>
<div>
- @if(userCan('users-manage') || $currentUser->id == $user->id)
+ @if(userCan('users-manage') || user()->id == $user->id)
<a href="{{ url("/settings/users/{$user->id}") }}">
@endif
{{ $user->name }}
- @if(userCan('users-manage') || $currentUser->id == $user->id)
+ @if(userCan('users-manage') || user()->id == $user->id)
</a>
@endif
</div>
<div class="actions mb-xl">
<h5>{{ trans('common.actions') }}</h5>
<div class="icon-list text-primary">
- @if($currentUser->can('bookshelf-create-all'))
+ @if(userCan('bookshelf-create-all'))
<a href="{{ url("/create-shelf") }}" class="icon-list-item">
<span>@icon('add')</span>
<span>{{ trans('entities.shelves_new_action') }}</span>
</div>
<div class="form-group text-right">
- <a href="{{ url($currentUser->can('users-manage') ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
+ <a href="{{ url(userCan('users-manage') ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
<button class="button" type="submit">{{ trans('common.save') }}</button>
</div>
</div>
<section class="card content-wrap">
- <h1 class="list-heading">{{ $user->id === $currentUser->id ? trans('settings.users_edit_profile') : trans('settings.users_edit') }}</h1>
+ <h1 class="list-heading">{{ $user->id === user()->id ? trans('settings.users_edit_profile') : trans('settings.users_edit') }}</h1>
<form action="{{ url("/settings/users/{$user->id}") }}" method="post" enctype="multipart/form-data">
{!! csrf_field() !!}
<input type="hidden" name="_method" value="PUT">
</div>
<div class="text-right">
- <a href="{{ url($currentUser->can('users-manage') ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
+ <a href="{{ url(userCan('users-manage') ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
@if($authMethod !== 'system')
<a href="{{ url("/settings/users/{$user->id}/delete") }}" class="button outline">{{ trans('settings.users_delete') }}</a>
@endif
</form>
</section>
- @if($currentUser->id === $user->id && count($activeSocialDrivers) > 0)
+ @if(user()->id === $user->id && count($activeSocialDrivers) > 0)
<section class="card content-wrap auto-height">
<h2 class="list-heading">{{ trans('settings.users_social_accounts') }}</h2>
<p class="text-muted">{{ trans('settings.users_social_accounts_info') }}</p>
</section>
@endif
- @if(($currentUser->id === $user->id && userCan('access-api')) || userCan('users-manage'))
+ @if((user()->id === $user->id && userCan('access-api')) || userCan('users-manage'))
@include('users.api-tokens.list', ['user' => $user])
@endif
</div>
<input type="text" name="search" placeholder="{{ trans('settings.users_search') }}" @if($listDetails['search']) value="{{$listDetails['search']}}" @endif>
</form>
</div>
- @if(userCan('users-manage'))
- <a href="{{ url("/settings/users/create") }}" style="margin-top: 0;" class="outline button">{{ trans('settings.users_add_new') }}</a>
- @endif
+ <a href="{{ url("/settings/users/create") }}" class="outline button mt-none">{{ trans('settings.users_add_new') }}</a>
</div>
</div>
<tr>
<td class="text-center" style="line-height: 0;"><img class="avatar med" src="{{ $user->getAvatar(40)}}" alt="{{ $user->name }}"></td>
<td>
- @if(userCan('users-manage') || $currentUser->id == $user->id)
- <a href="{{ url("/settings/users/{$user->id}") }}">
- @endif
- {{ $user->name }} <br> <span class="text-muted">{{ $user->email }}</span>
- @if(userCan('users-manage') || $currentUser->id == $user->id)
- </a>
- @endif
+ <a href="{{ url("/settings/users/{$user->id}") }}">
+ {{ $user->name }} <br> <span class="text-muted">{{ $user->email }}</span>
+ </a>
</td>
<td>
@foreach($user->roles as $index => $role)
projects / bookstack / commitdiff