]> BookStack Code Mirror - bookstack/blob - app/Http/Controllers/PageRevisionController.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fixed failed permission checks due to non-loaded fields
[bookstack] / app / Http / Controllers / PageRevisionController.php
1 <?php
2
3 namespace BookStack\Http\Controllers;
4
5 use BookStack\Actions\ActivityType;
6 use BookStack\Entities\Repos\PageRepo;
7 use BookStack\Entities\Tools\PageContent;
8 use BookStack\Exceptions\NotFoundException;
9 use BookStack\Facades\Activity;
10 use Ssddanbrown\HtmlDiff\Diff;
11
12 class PageRevisionController extends Controller
13 {
14     protected $pageRepo;
15
16     /**
17      * PageRevisionController constructor.
18      */
19     public function __construct(PageRepo $pageRepo)
20     {
21         $this->pageRepo = $pageRepo;
22     }
23
24     /**
25      * Shows the last revisions for this page.
26      *
27      * @throws NotFoundException
28      */
29     public function index(string $bookSlug, string $pageSlug)
30     {
31         $page = $this->pageRepo->getBySlug($bookSlug, $pageSlug);
32         $this->setPageTitle(trans('entities.pages_revisions_named', ['pageName'=>$page->getShortName()]));
33
34         return view('pages.revisions', [
35             'page'    => $page,
36             'current' => $page,
37         ]);
38     }
39
40     /**
41      * Shows a preview of a single revision.
42      *
43      * @throws NotFoundException
44      */
45     public function show(string $bookSlug, string $pageSlug, int $revisionId)
46     {
47         $page = $this->pageRepo->getBySlug($bookSlug, $pageSlug);
48         $revision = $page->revisions()->where('id', '=', $revisionId)->first();
49         if ($revision === null) {
50             throw new NotFoundException();
51         }
52
53         $page->fill($revision->toArray());
54         // TODO - Refactor PageContent so we don't need to juggle this
55         $page->html = $revision->html;
56         $page->html = (new PageContent($page))->render();
57
58         $this->setPageTitle(trans('entities.pages_revision_named', ['pageName' => $page->getShortName()]));
59
60         return view('pages.revision', [
61             'page'     => $page,
62             'book'     => $page->book,
63             'diff'     => null,
64             'revision' => $revision,
65         ]);
66     }
67
68     /**
69      * Shows the changes of a single revision.
70      *
71      * @throws NotFoundException
72      */
73     public function changes(string $bookSlug, string $pageSlug, int $revisionId)
74     {
75         $page = $this->pageRepo->getBySlug($bookSlug, $pageSlug);
76         $revision = $page->revisions()->where('id', '=', $revisionId)->first();
77         if ($revision === null) {
78             throw new NotFoundException();
79         }
80
81         $prev = $revision->getPrevious();
82         $prevContent = $prev->html ?? '';
83         $diff = Diff::excecute($prevContent, $revision->html);
84
85         $page->fill($revision->toArray());
86         // TODO - Refactor PageContent so we don't need to juggle this
87         $page->html = $revision->html;
88         $page->html = (new PageContent($page))->render();
89         $this->setPageTitle(trans('entities.pages_revision_named', ['pageName'=>$page->getShortName()]));
90
91         return view('pages.revision', [
92             'page'     => $page,
93             'book'     => $page->book,
94             'diff'     => $diff,
95             'revision' => $revision,
96         ]);
97     }
98
99     /**
100      * Restores a page using the content of the specified revision.
101      *
102      * @throws NotFoundException
103      */
104     public function restore(string $bookSlug, string $pageSlug, int $revisionId)
105     {
106         $page = $this->pageRepo->getBySlug($bookSlug, $pageSlug);
107         $this->checkOwnablePermission('page-update', $page);
108
109         $page = $this->pageRepo->restoreRevision($page, $revisionId);
110
111         return redirect($page->getUrl());
112     }
113
114     /**
115      * Deletes a revision using the id of the specified revision.
116      *
117      * @throws NotFoundException
118      */
119     public function destroy(string $bookSlug, string $pageSlug, int $revId)
120     {
121         $page = $this->pageRepo->getBySlug($bookSlug, $pageSlug);
122         $this->checkOwnablePermission('page-delete', $page);
123
124         $revision = $page->revisions()->where('id', '=', $revId)->first();
125         if ($revision === null) {
126             throw new NotFoundException("Revision #{$revId} not found");
127         }
128
129         // Check if it's the latest revision, cannot delete the latest revision.
130         if (intval($page->currentRevision->id ?? null) === intval($revId)) {
131             $this->showErrorNotification(trans('entities.revision_cannot_delete_latest'));
132
133             return redirect($page->getUrl('/revisions'));
134         }
135
136         $revision->delete();
137         Activity::add(ActivityType::REVISION_DELETE, $revision);
138         $this->showSuccessNotification(trans('entities.revision_delete_success'));
139
140         return redirect($page->getUrl('/revisions'));
141     }
142 }
The core source code for the BookStack project.