BookStack Code Mirror - bookstack/blob - app/Http/Controllers/PermissionsController.php

   1 <?php
   2
   3 namespace BookStack\Http\Controllers;
   4
   5 use BookStack\Auth\Permissions\EntityPermission;
   6 use BookStack\Auth\Permissions\PermissionFormData;
   7 use BookStack\Auth\Role;
   8 use BookStack\Auth\User;
   9 use BookStack\Entities\Models\Book;
  10 use BookStack\Entities\Models\Bookshelf;
  11 use BookStack\Entities\Models\Chapter;
  12 use BookStack\Entities\Models\Page;
  13 use BookStack\Entities\Tools\PermissionsUpdater;
  14 use Illuminate\Http\Request;
  15
  16 class PermissionsController extends Controller
  17 {
  18     protected PermissionsUpdater $permissionsUpdater;
  19
  20     public function __construct(PermissionsUpdater $permissionsUpdater)
  21     {
  22         $this->permissionsUpdater = $permissionsUpdater;
  23     }
  24
  25     /**
  26      * Show the Permissions view for a page.
  27      */
  28     public function showForPage(string $bookSlug, string $pageSlug)
  29     {
  30         $page = Page::getBySlugs($bookSlug, $pageSlug);
  31         $this->checkOwnablePermission('restrictions-manage', $page);
  32
  33         $this->setPageTitle(trans('entities.pages_permissions'));
  34         return view('pages.permissions', [
  35             'page' => $page,
  36             'data' => new PermissionFormData($page),
  37         ]);
  38     }
  39
  40     /**
  41      * Set the permissions for a page.
  42      */
  43     public function updateForPage(Request $request, string $bookSlug, string $pageSlug)
  44     {
  45         $page = Page::getBySlugs($bookSlug, $pageSlug);
  46         $this->checkOwnablePermission('restrictions-manage', $page);
  47
  48         $this->permissionsUpdater->updateFromPermissionsForm($page, $request);
  49
  50         $this->showSuccessNotification(trans('entities.pages_permissions_success'));
  51
  52         return redirect($page->getUrl());
  53     }
  54
  55     /**
  56      * Show the Restrictions view for a chapter.
  57      */
  58     public function showForChapter(string $bookSlug, string $chapterSlug)
  59     {
  60         $chapter = Chapter::getBySlugs($bookSlug, $chapterSlug);
  61         $this->checkOwnablePermission('restrictions-manage', $chapter);
  62
  63         $this->setPageTitle(trans('entities.chapters_permissions'));
  64         return view('chapters.permissions', [
  65             'chapter' => $chapter,
  66             'data' => new PermissionFormData($chapter),
  67         ]);
  68     }
  69
  70     /**
  71      * Set the restrictions for a chapter.
  72      */
  73     public function updateForChapter(Request $request, string $bookSlug, string $chapterSlug)
  74     {
  75         $chapter = Chapter::getBySlugs($bookSlug, $chapterSlug);
  76         $this->checkOwnablePermission('restrictions-manage', $chapter);
  77
  78         $this->permissionsUpdater->updateFromPermissionsForm($chapter, $request);
  79
  80         $this->showSuccessNotification(trans('entities.chapters_permissions_success'));
  81
  82         return redirect($chapter->getUrl());
  83     }
  84
  85     /**
  86      * Show the permissions view for a book.
  87      */
  88     public function showForBook(string $slug)
  89     {
  90         $book = Book::getBySlug($slug);
  91         $this->checkOwnablePermission('restrictions-manage', $book);
  92
  93         $this->setPageTitle(trans('entities.books_permissions'));
  94         return view('books.permissions', [
  95             'book' => $book,
  96             'data' => new PermissionFormData($book),
  97         ]);
  98     }
  99
 100     /**
 101      * Set the restrictions for a book.
 102      */
 103     public function updateForBook(Request $request, string $slug)
 104     {
 105         $book = Book::getBySlug($slug);
 106         $this->checkOwnablePermission('restrictions-manage', $book);
 107
 108         $this->permissionsUpdater->updateFromPermissionsForm($book, $request);
 109
 110         $this->showSuccessNotification(trans('entities.books_permissions_updated'));
 111
 112         return redirect($book->getUrl());
 113     }
 114
 115     /**
 116      * Show the permissions view for a shelf.
 117      */
 118     public function showForShelf(string $slug)
 119     {
 120         $shelf = Bookshelf::getBySlug($slug);
 121         $this->checkOwnablePermission('restrictions-manage', $shelf);
 122
 123         $this->setPageTitle(trans('entities.shelves_permissions'));
 124         return view('shelves.permissions', [
 125             'shelf' => $shelf,
 126             'data' => new PermissionFormData($shelf),
 127         ]);
 128     }
 129
 130     /**
 131      * Set the permissions for a shelf.
 132      */
 133     public function updateForShelf(Request $request, string $slug)
 134     {
 135         $shelf = Bookshelf::getBySlug($slug);
 136         $this->checkOwnablePermission('restrictions-manage', $shelf);
 137
 138         $this->permissionsUpdater->updateFromPermissionsForm($shelf, $request);
 139
 140         $this->showSuccessNotification(trans('entities.shelves_permissions_updated'));
 141
 142         return redirect($shelf->getUrl());
 143     }
 144
 145     /**
 146      * Copy the permissions of a bookshelf to the child books.
 147      */
 148     public function copyShelfPermissionsToBooks(string $slug)
 149     {
 150         $shelf = Bookshelf::getBySlug($slug);
 151         $this->checkOwnablePermission('restrictions-manage', $shelf);
 152
 153         $updateCount = $this->permissionsUpdater->updateBookPermissionsFromShelf($shelf);
 154         $this->showSuccessNotification(trans('entities.shelves_copy_permission_success', ['count' => $updateCount]));
 155
 156         return redirect($shelf->getUrl());
 157     }
 158
 159     /**
 160      * Get an empty entity permissions form row for the given role.
 161      */
 162     public function formRowForRole(string $entityType, string $roleId)
 163     {
 164         $this->checkPermissionOr('restrictions-manage-all', fn() => userCan('restrictions-manage-own'));
 165
 166         /** @var Role $role */
 167         $role = Role::query()->findOrFail($roleId);
 168
 169         return view('form.entity-permissions-row', [
 170             'modelType' => 'role',
 171             'modelId' => $role->id,
 172             'modelName' => $role->display_name,
 173             'modelDescription' => $role->description,
 174             'permission' => new EntityPermission(),
 175             'entityType' => $entityType,
 176             'inheriting' => false,
 177         ]);
 178     }
 179
 180     /**
 181      * Get an empty entity permissions form row for the given user.
 182      */
 183     public function formRowForUser(string $entityType, string $userId)
 184     {
 185         $this->checkPermissionOr('restrictions-manage-all', fn() => userCan('restrictions-manage-own'));
 186
 187         /** @var User $user */
 188         $user  = User::query()->findOrFail($userId);
 189
 190         return view('form.entity-permissions-row', [
 191             'modelType' => 'user',
 192             'modelId' => $user->id,
 193             'modelName' => $user->name,
 194             'modelDescription' => '',
 195             'permission' => new EntityPermission(),
 196             'entityType' => $entityType,
 197             'inheriting' => false,
 198         ]);
 199     }
 200 }