X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/62338e4a8fc3401dad8b01adf165f34a63ebe907..refs/pull/110/head:/app/Http/Controllers/ChapterController.php

diff --git a/app/Http/Controllers/ChapterController.php b/app/Http/Controllers/ChapterController.php
index 1fe1e8b3e..69e9488b9 100644
--- a/app/Http/Controllers/ChapterController.php
+++ b/app/Http/Controllers/ChapterController.php
@@ -1,13 +1,9 @@
-<?php
-
-namespace BookStack\Http\Controllers;
+<?php namespace BookStack\Http\Controllers;
 
 use Activity;
+use BookStack\Repos\UserRepo;
 use Illuminate\Http\Request;
-
-use Illuminate\Support\Facades\Auth;
 use BookStack\Http\Requests;
-use BookStack\Http\Controllers\Controller;
 use BookStack\Repos\BookRepo;
 use BookStack\Repos\ChapterRepo;
 use Views;
@@ -17,20 +13,22 @@ class ChapterController extends Controller
 
     protected $bookRepo;
     protected $chapterRepo;
+    protected $userRepo;
 
     /**
      * ChapterController constructor.
-     * @param $bookRepo
-     * @param $chapterRepo
+     * @param BookRepo $bookRepo
+     * @param ChapterRepo $chapterRepo
+     * @param UserRepo $userRepo
      */
-    public function __construct(BookRepo $bookRepo, ChapterRepo $chapterRepo)
+    public function __construct(BookRepo $bookRepo, ChapterRepo $chapterRepo, UserRepo $userRepo)
     {
         $this->bookRepo = $bookRepo;
         $this->chapterRepo = $chapterRepo;
+        $this->userRepo = $userRepo;
         parent::__construct();
     }
 
-
     /**
      * Show the form for creating a new chapter.
      * @param $bookSlug
@@ -38,8 +36,9 @@ class ChapterController extends Controller
      */
     public function create($bookSlug)
     {
-        $this->checkPermission('chapter-create');
         $book = $this->bookRepo->getBySlug($bookSlug);
+        $this->checkOwnablePermission('chapter-create', $book);
+        $this->setPageTitle('Create New Chapter');
         return view('chapters/create', ['book' => $book, 'current' => $book]);
     }
 
@@ -51,18 +50,16 @@ class ChapterController extends Controller
      */
     public function store($bookSlug, Request $request)
     {
-        $this->checkPermission('chapter-create');
         $this->validate($request, [
             'name' => 'required|string|max:255'
         ]);
 
         $book = $this->bookRepo->getBySlug($bookSlug);
-        $chapter = $this->chapterRepo->newFromInput($request->all());
-        $chapter->slug = $this->chapterRepo->findSuitableSlug($chapter->name, $book->id);
-        $chapter->priority = $this->bookRepo->getNewPriority($book);
-        $chapter->created_by = auth()->user()->id;
-        $chapter->updated_by = auth()->user()->id;
-        $book->chapters()->save($chapter);
+        $this->checkOwnablePermission('chapter-create', $book);
+
+        $input = $request->all();
+        $input['priority'] = $this->bookRepo->getNewPriority($book);
+        $chapter = $this->chapterRepo->createFromInput($request->all(), $book);
         Activity::add($chapter, 'chapter_create', $book->id);
         return redirect($chapter->getUrl());
     }
@@ -77,9 +74,18 @@ class ChapterController extends Controller
     {
         $book = $this->bookRepo->getBySlug($bookSlug);
         $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
+        $this->checkOwnablePermission('chapter-view', $chapter);
         $sidebarTree = $this->bookRepo->getChildren($book);
         Views::add($chapter);
-        return view('chapters/show', ['book' => $book, 'chapter' => $chapter, 'current' => $chapter, 'sidebarTree' => $sidebarTree]);
+        $this->setPageTitle($chapter->getShortName());
+        $pages = $this->chapterRepo->getChildren($chapter);
+        return view('chapters/show', [
+            'book' => $book,
+            'chapter' => $chapter,
+            'current' => $chapter,
+            'sidebarTree' => $sidebarTree,
+            'pages' => $pages
+        ]);
     }
 
     /**
@@ -90,9 +96,10 @@ class ChapterController extends Controller
      */
     public function edit($bookSlug, $chapterSlug)
     {
-        $this->checkPermission('chapter-update');
         $book = $this->bookRepo->getBySlug($bookSlug);
         $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
+        $this->checkOwnablePermission('chapter-update', $chapter);
+        $this->setPageTitle('Edit Chapter' . $chapter->getShortName());
         return view('chapters/edit', ['book' => $book, 'chapter' => $chapter, 'current' => $chapter]);
     }
 
@@ -105,9 +112,9 @@ class ChapterController extends Controller
      */
     public function update(Request $request, $bookSlug, $chapterSlug)
     {
-        $this->checkPermission('chapter-update');
         $book = $this->bookRepo->getBySlug($bookSlug);
         $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
+        $this->checkOwnablePermission('chapter-update', $chapter);
         $chapter->fill($request->all());
         $chapter->slug = $this->chapterRepo->findSuitableSlug($chapter->name, $book->id, $chapter->id);
         $chapter->updated_by = auth()->user()->id;
@@ -124,9 +131,10 @@ class ChapterController extends Controller
      */
     public function showDelete($bookSlug, $chapterSlug)
     {
-        $this->checkPermission('chapter-delete');
         $book = $this->bookRepo->getBySlug($bookSlug);
         $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
+        $this->checkOwnablePermission('chapter-delete', $chapter);
+        $this->setPageTitle('Delete Chapter' . $chapter->getShortName());
         return view('chapters/delete', ['book' => $book, 'chapter' => $chapter, 'current' => $chapter]);
     }
 
@@ -138,11 +146,46 @@ class ChapterController extends Controller
      */
     public function destroy($bookSlug, $chapterSlug)
     {
-        $this->checkPermission('chapter-delete');
         $book = $this->bookRepo->getBySlug($bookSlug);
         $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
+        $this->checkOwnablePermission('chapter-delete', $chapter);
         Activity::addMessage('chapter_delete', $book->id, $chapter->name);
         $this->chapterRepo->destroy($chapter);
         return redirect($book->getUrl());
     }
+
+    /**
+     * Show the Restrictions view.
+     * @param $bookSlug
+     * @param $chapterSlug
+     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
+     */
+    public function showRestrict($bookSlug, $chapterSlug)
+    {
+        $book = $this->bookRepo->getBySlug($bookSlug);
+        $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
+        $this->checkOwnablePermission('restrictions-manage', $chapter);
+        $roles = $this->userRepo->getRestrictableRoles();
+        return view('chapters/restrictions', [
+            'chapter' => $chapter,
+            'roles' => $roles
+        ]);
+    }
+
+    /**
+     * Set the restrictions for this chapter.
+     * @param $bookSlug
+     * @param $chapterSlug
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+     */
+    public function restrict($bookSlug, $chapterSlug, Request $request)
+    {
+        $book = $this->bookRepo->getBySlug($bookSlug);
+        $chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
+        $this->checkOwnablePermission('restrictions-manage', $chapter);
+        $this->chapterRepo->updateEntityPermissionsFromRequest($request, $chapter);
+        session()->flash('success', 'Chapter Restrictions Updated');
+        return redirect($chapter->getUrl());
+    }
 }