BookStack Code Mirror - bookstack/blob - app/Http/Controllers/RoleController.php

1 <?php

3 namespace BookStack\Http\Controllers;

5 use BookStack\Auth\Permissions\PermissionsRepo;

6 use BookStack\Auth\Role;

7 use BookStack\Exceptions\PermissionsException;

8 use Exception;

9 use Illuminate\Http\Request;

10 use Illuminate\Validation\ValidationException;

12 class RoleController extends Controller

13 {

14 protected $permissionsRepo;

16 /**

17 * PermissionController constructor.

18 */

19 public function __construct(PermissionsRepo $permissionsRepo)

20 {

21 $this->permissionsRepo = $permissionsRepo;

22 }

24 /**

25 * Show a listing of the roles in the system.

26 */

27 public function index()

28 {

29 $this->checkPermission('user-roles-manage');

30 $roles = $this->permissionsRepo->getAllRoles();

32 return view('settings.roles.index', ['roles' => $roles]);

33 }

35 /**

36 * Show the form to create a new role.

37 */

38 public function create(Request $request)

39 {

40 $this->checkPermission('user-roles-manage');

42 /** @var ?Role $role */

43 $role = null;

44 if ($request->has('copy_from')) {

45 $role = Role::query()->find($request->get('copy_from'));

46 }

48 if ($role) {

49 $role->display_name .= ' (' . trans('common.copy') . ')';

50 }

52 return view('settings.roles.create', ['role' => $role]);

53 }

55 /**

56 * Store a new role in the system.

57 */

58 public function store(Request $request)

59 {

60 $this->checkPermission('user-roles-manage');

61 $this->validate($request, [

62 'display_name' => ['required', 'min:3', 'max:180'],

63 'description' => ['max:180'],

64 ]);

66 $this->permissionsRepo->saveNewRole($request->all());

67 $this->showSuccessNotification(trans('settings.role_create_success'));

69 return redirect('/settings/roles');

70 }

72 /**

73 * Show the form for editing a user role.

74 *

75 * @throws PermissionsException

76 */

77 public function edit(string $id)

78 {

79 $this->checkPermission('user-roles-manage');

80 $role = $this->permissionsRepo->getRoleById($id);

81 if ($role->hidden) {

82 throw new PermissionsException(trans('errors.role_cannot_be_edited'));

83 }

85 return view('settings.roles.edit', ['role' => $role]);

86 }

88 /**

89 * Updates a user role.

90 *

91 * @throws ValidationException

92 */

93 public function update(Request $request, string $id)

94 {

95 $this->checkPermission('user-roles-manage');

96 $this->validate($request, [

97 'display_name' => ['required', 'min:3', 'max:180'],

98 'description' => ['max:180'],

99 ]);

100

101 $this->permissionsRepo->updateRole($id, $request->all());

102 $this->showSuccessNotification(trans('settings.role_update_success'));

103

104 return redirect('/settings/roles');

105 }

106

107 /**

108 * Show the view to delete a role.

109 * Offers the chance to migrate users.

110 */

111 public function showDelete(string $id)

112 {

113 $this->checkPermission('user-roles-manage');

114 $role = $this->permissionsRepo->getRoleById($id);

115 $roles = $this->permissionsRepo->getAllRolesExcept($role);

116 $blankRole = $role->newInstance(['display_name' => trans('settings.role_delete_no_migration')]);

117 $roles->prepend($blankRole);

118

119 return view('settings.roles.delete', ['role' => $role, 'roles' => $roles]);

120 }

121

122 /**

123 * Delete a role from the system,

124 * Migrate from a previous role if set.

125 *

126 * @throws Exception

127 */

128 public function delete(Request $request, string $id)

129 {

130 $this->checkPermission('user-roles-manage');

131

132 try {

133 $this->permissionsRepo->deleteRole($id, $request->get('migrate_role_id'));

134 } catch (PermissionsException $e) {

135 $this->showErrorNotification($e->getMessage());

136

137 return redirect()->back();

138 }

139

140 $this->showSuccessNotification(trans('settings.role_delete_success'));

141

142 return redirect('/settings/roles');

143 }

144 }