Merge branch 'Copy-For-View-Only' of git://github.com/mark-james/BookStack into mark...

[bookstack] / app / Auth / Permissions / PermissionService.php

diff --git a/app/Auth/Permissions/PermissionService.php b/app/Auth/Permissions/PermissionService.php
index d0e6ccceab56640ddbee6b48a5b99b4cf14f815f..b28f59cc5018b127eaf15365b20148761de791de 100644 (file)
--- a/app/Auth/Permissions/PermissionService.php
+++ b/app/Auth/Permissions/PermissionService.php
@@ -190,10 +190,10 @@ class PermissionService
     {
         return $this->entityProvider->book->newQuery()
             ->select(['id', 'restricted', 'created_by'])->with(['chapters' => function ($query) {
-            $query->select(['id', 'restricted', 'created_by', 'book_id']);
-        }, 'pages'  => function ($query) {
-            $query->select(['id', 'restricted', 'created_by', 'book_id', 'chapter_id']);
-        }]);
+                $query->select(['id', 'restricted', 'created_by', 'book_id']);
+            }, 'pages'  => function ($query) {
+                $query->select(['id', 'restricted', 'created_by', 'book_id', 'chapter_id']);
+            }]);
     }
 
     /**
@@ -556,6 +556,33 @@ class PermissionService
         return $q;
     }
 
+    /**
+     * Checks if a user has a book or chapter available to create a page
+     * @param Ownable $ownable
+     * @param $permission
+     * @return bool
+     */
+    public function checkAvailableCreatePageAccess()
+    {
+        $userRoleIds = $this->currentUser()->roles()->pluck('id')->toArray();
+        $userId = $this->currentUser()->id;
+
+
+        $canCreatePage = $this->db->table('joint_permissions')
+            ->where('action', '=', 'page-create')
+            ->whereIn('role_id', $userRoleIds)
+            ->where(function ($query) use ($userId) {
+                $query->where('has_permission', '=', 1)
+                ->orWhere(function ($query2) use ($userId) {
+                    $query2->where('has_permission_own', '=', 1)
+                    ->where('created_by', '=', $userId);
+                });       
+            })
+            ->get()->count() > 0;
+
+        return $canCreatePage;
+    }
+
     /**
      * Check if an entity has restrictions set on itself or its
      * parent tree.
@@ -612,13 +639,13 @@ class PermissionService
         $entities = $this->entityProvider;
         $pageSelect = $this->db->table('pages')->selectRaw($entities->page->entityRawQuery($fetchPageContent))
             ->where('book_id', '=', $book_id)->where(function ($query) use ($filterDrafts) {
-            $query->where('draft', '=', 0);
-            if (!$filterDrafts) {
-                $query->orWhere(function ($query) {
-                    $query->where('draft', '=', 1)->where('created_by', '=', $this->currentUser()->id);
-                });
-            }
-        });
+                $query->where('draft', '=', 0);
+                if (!$filterDrafts) {
+                    $query->orWhere(function ($query) {
+                        $query->where('draft', '=', 1)->where('created_by', '=', $this->currentUser()->id);
+                    });
+                }
+            });
         $chapterSelect = $this->db->table('chapters')->selectRaw($entities->chapter->entityRawQuery())->where('book_id', '=', $book_id);
         $query = $this->db->query()->select('*')->from($this->db->raw("({$pageSelect->toSql()} UNION {$chapterSelect->toSql()}) AS U"))
             ->mergeBindings($pageSelect)->mergeBindings($chapterSelect);