namespace BookStack\Http\Controllers;
use BookStack\Ownable;
-use HttpRequestException;
use Illuminate\Foundation\Bus\DispatchesJobs;
-use Illuminate\Http\Exception\HttpResponseException;
-use Illuminate\Routing\Controller as BaseController;
use Illuminate\Foundation\Validation\ValidatesRequests;
-use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Session;
-use BookStack\User;
+use Illuminate\Http\Exceptions\HttpResponseException;
+use Illuminate\Http\Request;
+use Illuminate\Routing\Controller as BaseController;
abstract class Controller extends BaseController
{
use DispatchesJobs, ValidatesRequests;
- /**
- * @var User static
- */
- protected $currentUser;
- /**
- * @var bool
- */
- protected $signedIn;
-
/**
* Controller constructor.
*/
public function __construct()
{
- $this->middleware(function ($request, $next) {
-
- // Get a user instance for the current user
- $user = auth()->user();
- if (!$user) $user = User::getDefault();
-
- // Share variables with views
- view()->share('signedIn', auth()->check());
- view()->share('currentUser', $user);
-
- // Share variables with controllers
- $this->currentUser = $user;
- $this->signedIn = auth()->check();
+ //
+ }
- return $next($request);
- });
+ /**
+ * Check if the current user is signed in.
+ */
+ protected function isSignedIn(): bool
+ {
+ return auth()->check();
}
/**
* Stops the application and shows a permission error if
* the application is in demo mode.
*/
- protected function preventAccessForDemoUsers()
+ protected function preventAccessInDemoMode()
{
- if (config('app.env') === 'demo') $this->showPermissionError();
+ if (config('app.env') === 'demo') {
+ $this->showPermissionError();
+ }
}
/**
*/
protected function showPermissionError()
{
- Session::flash('error', trans('errors.permission'));
- $response = request()->wantsJson() ? response()->json(['error' => trans('errors.permissionJson')], 403) : redirect('/');
+ if (request()->wantsJson()) {
+ $response = response()->json(['error' => trans('errors.permissionJson')], 403);
+ } else {
+ $response = redirect('/');
+ $this->showErrorNotification(trans('errors.permission'));
+ }
+
throw new HttpResponseException($response);
}
*/
protected function checkPermission($permissionName)
{
- if (!$this->currentUser || !$this->currentUser->can($permissionName)) {
+ if (!user() || !user()->can($permissionName)) {
$this->showPermissionError();
}
return true;
*/
protected function checkOwnablePermission($permission, Ownable $ownable)
{
- if (userCan($permission, $ownable)) return true;
+ if (userCan($permission, $ownable)) {
+ return true;
+ }
return $this->showPermissionError();
}
protected function checkPermissionOr($permissionName, $callback)
{
$callbackResult = $callback();
- if ($callbackResult === false) $this->checkPermission($permissionName);
+ if ($callbackResult === false) {
+ $this->checkPermission($permissionName);
+ }
return true;
}
+ /**
+ * Check if the current user has a permission or bypass if the provided user
+ * id matches the current user.
+ * @param string $permissionName
+ * @param int $userId
+ * @return bool
+ */
+ protected function checkPermissionOrCurrentUser(string $permissionName, int $userId)
+ {
+ return $this->checkPermissionOr($permissionName, function () use ($userId) {
+ return $userId === user()->id;
+ });
+ }
+
/**
* Send back a json error message.
* @param string $messageText
*/
protected function jsonError($messageText = "", $statusCode = 500)
{
- return response()->json(['message' => $messageText], $statusCode);
+ return response()->json(['message' => $messageText, 'status' => 'error'], $statusCode);
+ }
+
+ /**
+ * Create the response for when a request fails validation.
+ * @param \Illuminate\Http\Request $request
+ * @param array $errors
+ * @return \Symfony\Component\HttpFoundation\Response
+ */
+ protected function buildFailedValidationResponse(Request $request, array $errors)
+ {
+ if ($request->expectsJson()) {
+ return response()->json(['validation' => $errors], 422);
+ }
+
+ return redirect()->to($this->getRedirectUrl())
+ ->withInput($request->input())
+ ->withErrors($errors, $this->errorBag());
+ }
+
+ /**
+ * Create a response that forces a download in the browser.
+ * @param string $content
+ * @param string $fileName
+ * @return \Illuminate\Http\Response
+ */
+ protected function downloadResponse(string $content, string $fileName)
+ {
+ return response()->make($content, 200, [
+ 'Content-Type' => 'application/octet-stream',
+ 'Content-Disposition' => 'attachment; filename="' . $fileName . '"'
+ ]);
+ }
+
+ /**
+ * Show a positive, successful notification to the user on next view load.
+ * @param string $message
+ */
+ protected function showSuccessNotification(string $message)
+ {
+ session()->flash('success', $message);
+ }
+
+ /**
+ * Show a warning notification to the user on next view load.
+ * @param string $message
+ */
+ protected function showWarningNotification(string $message)
+ {
+ session()->flash('warning', $message);
}
+ /**
+ * Show an error notification to the user on next view load.
+ * @param string $message
+ */
+ protected function showErrorNotification(string $message)
+ {
+ session()->flash('error', $message);
+ }
+
+ /**
+ * Get the validation rules for image files.
+ */
+ protected function getImageValidationRules(): string
+ {
+ return 'image_extension|no_double_extension|mimes:jpeg,png,gif,bmp,webp,tiff';
+ }
}
projects / bookstack / blobdiff