]> BookStack Code Mirror - bookstack/commitdiff
projects / bookstack / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side (parent: 0d8ca22)
Added public build folder and support for a demo mode
authorDan Brown <redacted>
Thu, 31 Dec 2015 17:57:34 +0000 (17:57 +0000)
committerDan Brown <redacted>
Thu, 31 Dec 2015 17:57:34 +0000 (17:57 +0000)
.gitignore patch | blob | history
app/Http/Controllers/Controller.php patch | blob | history
app/Http/Controllers/SettingController.php patch | blob | history
app/Http/Controllers/UserController.php patch | blob | history
public/build/.gitignore [new file with mode: 0644] patch | blob

diff --git a/.gitignore b/.gitignore
index ca78584387c8706c0f1f642c16ec1d64316c58e8..66a7c0f9bb6c03a07a6702d38f4eb8efb67c8fc8 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -9,7 +9,6 @@ Homestead.yaml
 /public/js
 /public/uploads
 /public/bower
-/public/build
 /storage/images
 _ide_helper.php
 /storage/debugbar
\ No newline at end of file
diff --git a/app/Http/Controllers/Controller.php b/app/Http/Controllers/Controller.php
index 5dc79eb02994b76a575d8b413a169c60ffcc6945..ca022f7ca716c3896e04ed6fc4f4fa005927bea0 100644 (file)
--- a/app/Http/Controllers/Controller.php
+++ b/app/Http/Controllers/Controller.php
@@ -42,6 +42,15 @@ abstract class Controller extends BaseController
         $this->signedIn = auth()->check();
     }
 
+    /**
+     * Stops the application and shows a permission error if
+     * the application is in demo mode.
+     */
+    protected function preventAccessForDemoUsers()
+    {
+        if (env('APP_ENV', 'production') === 'demo') $this->showPermissionError();
+    }
+
     /**
      * Adds the page title into the view.
      * @param $title
@@ -51,6 +60,18 @@ abstract class Controller extends BaseController
         view()->share('pageTitle', $title);
     }
 
+    /**
+     * On a permission error redirect to home and display
+     * the error as a notification.
+     */
+    protected function showPermissionError()
+    {
+        Session::flash('error', trans('errors.permission'));
+        throw new HttpResponseException(
+            redirect('/')
+        );
+    }
+
     /**
      * Checks for a permission.
      *
@@ -60,15 +81,18 @@ abstract class Controller extends BaseController
     protected function checkPermission($permissionName)
     {
         if (!$this->currentUser || !$this->currentUser->can($permissionName)) {
-            Session::flash('error', trans('errors.permission'));
-            throw new HttpResponseException(
-                redirect('/')
-            );
+            $this->showPermissionError();
         }
 
         return true;
     }
 
+    /**
+     * Check if a user has a permission or bypass if the callback is true.
+     * @param $permissionName
+     * @param $callback
+     * @return bool
+     */
     protected function checkPermissionOr($permissionName, $callback)
     {
         $callbackResult = $callback();
diff --git a/app/Http/Controllers/SettingController.php b/app/Http/Controllers/SettingController.php
index bca48807fd9fc25874af05262b324b8ad87c39ab..1739e0b530cb9dac9793ff4a91fd2d3ae3c7cb05 100644 (file)
--- a/app/Http/Controllers/SettingController.php
+++ b/app/Http/Controllers/SettingController.php
@@ -31,13 +31,16 @@ class SettingController extends Controller
      */
     public function update(Request $request)
     {
+        $this->preventAccessForDemoUsers();
         $this->checkPermission('settings-update');
+
         // Cycles through posted settings and update them
         foreach($request->all() as $name => $value) {
             if(strpos($name, 'setting-') !== 0) continue;
             $key = str_replace('setting-', '', trim($name));
             Setting::put($key, $value);
         }
+
         session()->flash('success', 'Settings Saved');
         return redirect('/settings');
     }
diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
index 3f41b2d0e91e6a58a1c3edf36a8a3874f414e795..fe25c44aeca69326f9a194409e9229397aa4ce57 100644 (file)
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -108,9 +108,11 @@ class UserController extends Controller
      */
     public function update(Request $request, $id)
     {
+        $this->preventAccessForDemoUsers();
         $this->checkPermissionOr('user-update', function () use ($id) {
             return $this->currentUser->id == $id;
         });
+
         $this->validate($request, [
             'name'             => 'required',
             'email'            => 'required|email|unique:users,email,' . $id,
@@ -144,6 +146,7 @@ class UserController extends Controller
         $this->checkPermissionOr('user-delete', function () use ($id) {
             return $this->currentUser->id == $id;
         });
+
         $user = $this->user->findOrFail($id);
         $this->setPageTitle('Delete User ' . $user->name);
         return view('users/delete', ['user' => $user]);
@@ -156,6 +159,7 @@ class UserController extends Controller
      */
     public function destroy($id)
     {
+        $this->preventAccessForDemoUsers();
         $this->checkPermissionOr('user-delete', function () use ($id) {
             return $this->currentUser->id == $id;
         });
diff --git a/public/build/.gitignore b/public/build/.gitignore
new file mode 100644 (file)
index 0000000..d6b7ef3
--- /dev/null
+++ b/public/build/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
The core source code for the BookStack project.