BookStack Code Mirror - bookstack/blobdiff - app/Http/Controllers/Controller.php

index c5255c0ba53715436d09cf82c16b963ca201e8ad..6a1dfcb0140062d0fcabcffe9174f226f1cacc48 100644 (file)

--- a/app/Http/Controllers/Controller.php

+++ b/app/Http/Controllers/Controller.php

@@ -4,54 +4,41 @@ namespace BookStack\Http\Controllers;

use BookStack\Ownable;

use Illuminate\Foundation\Bus\DispatchesJobs;

-use Illuminate\Http\Exception\HttpResponseException;

+use Illuminate\Foundation\Validation\ValidatesRequests;

+use Illuminate\Http\Exceptions\HttpResponseException;

use Illuminate\Http\Request;

use Illuminate\Routing\Controller as BaseController;

-use Illuminate\Foundation\Validation\ValidatesRequests;

-use BookStack\User;

+use Illuminate\Validation\ValidationException;

abstract class Controller extends BaseController

{

use DispatchesJobs, ValidatesRequests;

- /**

- * @var User static

- */

- protected $currentUser;

- /**

- * @var bool

- */

- protected $signedIn;

/**

* Controller constructor.

public function __construct()

{

- $this->middleware(function ($request, $next) {

- // Get a user instance for the current user

- $user = user();

- // Share variables with controllers

- $this->currentUser = $user;

- $this->signedIn = auth()->check();

- // Share variables with views

- view()->share('signedIn', $this->signedIn);

- view()->share('currentUser', $user);

+ //

+ }

- return $next($request);

- });

+ /**

+ * Check if the current user is signed in.

+ */

+ protected function isSignedIn(): bool

+ {

+ return auth()->check();

}

/**

* Stops the application and shows a permission error if

* the application is in demo mode.

- protected function preventAccessForDemoUsers()

+ protected function preventAccessInDemoMode()

{

- if (config('app.env') === 'demo') $this->showPermissionError();

+ if (config('app.env') === 'demo') {

+ $this->showPermissionError();

+ }

}

/**

@@ -73,7 +60,7 @@ abstract class Controller extends BaseController

$response = response()->json(['error' => trans('errors.permissionJson')], 403);

} else {

$response = redirect('/');

- session()->flash('error', trans('errors.permission'));

+ $this->showErrorNotification(trans('errors.permission'));

}

throw new HttpResponseException($response);

@@ -100,7 +87,9 @@ abstract class Controller extends BaseController

protected function checkOwnablePermission($permission, Ownable $ownable)

{

- if (userCan($permission, $ownable)) return true;

+ if (userCan($permission, $ownable)) {

+ return true;

+ }

return $this->showPermissionError();

}

@@ -113,19 +102,24 @@ abstract class Controller extends BaseController

protected function checkPermissionOr($permissionName, $callback)

{

$callbackResult = $callback();

- if ($callbackResult === false) $this->checkPermission($permissionName);

+ if ($callbackResult === false) {

+ $this->checkPermission($permissionName);

+ }

return true;

}

/**

- * Send a json respons with a message attached as a header.

- * @param $data

- * @param string $successMessage

- * @return $this

+ * Check if the current user has a permission or bypass if the provided user

+ * id matches the current user.

+ * @param string $permissionName

+ * @param int $userId

+ * @return bool

- protected function jsonSuccess($data, $successMessage = "")

+ protected function checkPermissionOrCurrentUser(string $permissionName, int $userId)

{

- return response()->json($data)->header('message-success', $successMessage);

+ return $this->checkPermissionOr($permissionName, function () use ($userId) {

+ return $userId === user()->id;

+ });

}

/**

@@ -136,25 +130,55 @@ abstract class Controller extends BaseController

protected function jsonError($messageText = "", $statusCode = 500)

{

- return response()->json(['message' => $messageText], $statusCode);

+ return response()->json(['message' => $messageText, 'status' => 'error'], $statusCode);

}

/**

- * Create the response for when a request fails validation.

- *

- * @param \Illuminate\Http\Request $request

- * @param array $errors

- * @return \Symfony\Component\HttpFoundation\Response

+ * Create a response that forces a download in the browser.

+ * @param string $content

+ * @param string $fileName

+ * @return \Illuminate\Http\Response

- protected function buildFailedValidationResponse(Request $request, array $errors)

+ protected function downloadResponse(string $content, string $fileName)

{

- if ($request->expectsJson()) {

- return response()->json(['validation' => $errors], 422);

- }

+ return response()->make($content, 200, [

+ 'Content-Type' => 'application/octet-stream',

+ 'Content-Disposition' => 'attachment; filename="' . $fileName . '"'

+ ]);

+ }

+ /**

+ * Show a positive, successful notification to the user on next view load.

+ * @param string $message

+ */

+ protected function showSuccessNotification(string $message)

+ {

+ session()->flash('success', $message);

+ }

+ /**

+ * Show a warning notification to the user on next view load.

+ * @param string $message

+ */

+ protected function showWarningNotification(string $message)

+ {

+ session()->flash('warning', $message);

+ }

- return redirect()->to($this->getRedirectUrl())

- ->withInput($request->input())

- ->withErrors($errors, $this->errorBag());

+ /**

+ * Show an error notification to the user on next view load.

+ * @param string $message

+ */

+ protected function showErrorNotification(string $message)

+ {

+ session()->flash('error', $message);

}

+ /**

+ * Get the validation rules for image files.

+ */

+ protected function getImageValidationRules(): string

+ {

+ return 'image_extension|no_double_extension|mimes:jpeg,png,gif,webp';

+ }

}