From: Dan Brown Date: Sat, 9 Apr 2016 11:40:07 +0000 (+0100) Subject: Started work towards adding role view permissions X-Git-Tag: v0.10.0~1^2~12^2~8 X-Git-Url: http://source.bookstackapp.com/bookstack/commitdiff_plain/6e03078de3860cc82e30b14ebbcd192a797fd75f Started work towards adding role view permissions Work halted as re-write required. In reference to #92 --- diff --git a/app/Http/Controllers/BookController.php b/app/Http/Controllers/BookController.php index 3390b41c0..46636016f 100644 --- a/app/Http/Controllers/BookController.php +++ b/app/Http/Controllers/BookController.php @@ -1,13 +1,9 @@ -bookRepo->getBySlug($slug); + $this->checkOwnablePermission('book-view', $book); $bookChildren = $this->bookRepo->getChildren($book); Views::add($book); $this->setPageTitle($book->getShortName()); diff --git a/app/Http/Controllers/ChapterController.php b/app/Http/Controllers/ChapterController.php index 4641ddbdb..d1c6c1733 100644 --- a/app/Http/Controllers/ChapterController.php +++ b/app/Http/Controllers/ChapterController.php @@ -77,6 +77,7 @@ class ChapterController extends Controller { $book = $this->bookRepo->getBySlug($bookSlug); $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id); + $this->checkOwnablePermission('chapter-view', $chapter); $sidebarTree = $this->bookRepo->getChildren($book); Views::add($chapter); $this->setPageTitle($chapter->getShortName()); diff --git a/app/Http/Controllers/PageController.php b/app/Http/Controllers/PageController.php index e250d8c85..30d6c2d76 100644 --- a/app/Http/Controllers/PageController.php +++ b/app/Http/Controllers/PageController.php @@ -127,6 +127,8 @@ class PageController extends Controller return redirect($page->getUrl()); } + $this->checkOwnablePermission('page-view', $page); + $sidebarTree = $this->bookRepo->getChildren($book); Views::add($page); $this->setPageTitle($page->getShortName()); diff --git a/database/migrations/2016_04_09_100730_add_view_permissions_to_roles.php b/database/migrations/2016_04_09_100730_add_view_permissions_to_roles.php new file mode 100644 index 000000000..dabd6a25e --- /dev/null +++ b/database/migrations/2016_04_09_100730_add_view_permissions_to_roles.php @@ -0,0 +1,54 @@ +name = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)); + $newPermission->display_name = $op . ' ' . $entity . 's'; + $newPermission->save(); + foreach ($currentRoles as $role) { + $role->attachPermission($newPermission); + } + } + } + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + // Delete the new view permissions + $entities = ['Book', 'Page', 'Chapter']; + $ops = ['View All', 'View Own']; + foreach ($entities as $entity) { + foreach ($ops as $op) { + $permissionName = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op)); + $newPermission = \BookStack\Permission::where('name', '=', $permissionName)->first(); + foreach ($newPermission->roles as $role) { + $role->detachPermission($newPermission); + } + $newPermission->delete(); + } + } + } +} diff --git a/resources/views/settings/roles/form.blade.php b/resources/views/settings/roles/form.blade.php index ba57b4daa..cd81febb1 100644 --- a/resources/views/settings/roles/form.blade.php +++ b/resources/views/settings/roles/form.blade.php @@ -49,6 +49,7 @@ Create + View Edit Delete @@ -57,6 +58,10 @@ + + + + @@ -72,6 +77,10 @@ + + + + @@ -87,6 +96,10 @@ + + + + @@ -99,6 +112,7 @@ Images @include('settings/roles/checkbox', ['permission' => 'image-create-all']) +