namespace BookStack\Http\Controllers;
+use BookStack\Ownable;
use HttpRequestException;
use Illuminate\Foundation\Bus\DispatchesJobs;
use Illuminate\Http\Exception\HttpResponseException;
$this->signedIn = auth()->check();
}
+ /**
+ * Stops the application and shows a permission error if
+ * the application is in demo mode.
+ */
+ protected function preventAccessForDemoUsers()
+ {
+ if (config('app.env') === 'demo') $this->showPermissionError();
+ }
+
+ /**
+ * Adds the page title into the view.
+ * @param $title
+ */
+ public function setPageTitle($title)
+ {
+ view()->share('pageTitle', $title);
+ }
+
+ /**
+ * On a permission error redirect to home and display.
+ * the error as a notification.
+ */
+ protected function showPermissionError()
+ {
+ Session::flash('error', trans('errors.permission'));
+ $response = request()->wantsJson() ? response()->json(['error' => trans('errors.permissionJson')], 403) : redirect('/');
+ throw new HttpResponseException($response);
+ }
+
/**
* Checks for a permission.
- *
- * @param $permissionName
+ * @param string $permissionName
* @return bool|\Illuminate\Http\RedirectResponse
*/
protected function checkPermission($permissionName)
{
if (!$this->currentUser || !$this->currentUser->can($permissionName)) {
- Session::flash('error', trans('errors.permission'));
- throw new HttpResponseException(
- redirect('/')
- );
+ $this->showPermissionError();
}
-
return true;
}
+ /**
+ * Check the current user's permissions against an ownable item.
+ * @param $permission
+ * @param Ownable $ownable
+ * @return bool
+ */
+ protected function checkOwnablePermission($permission, Ownable $ownable)
+ {
+ if (userCan($permission, $ownable)) return true;
+ return $this->showPermissionError();
+ }
+
+ /**
+ * Check if a user has a permission or bypass if the callback is true.
+ * @param $permissionName
+ * @param $callback
+ * @return bool
+ */
protected function checkPermissionOr($permissionName, $callback)
{
$callbackResult = $callback();
projects / bookstack / blobdiff