$this->checkOwnablePermission('chapter-update', $chapter);
$chapter->fill($request->all());
$chapter->slug = $this->chapterRepo->findSuitableSlug($chapter->name, $book->id, $chapter->id);
- $chapter->updated_by = auth()->user()->id;
+ $chapter->updated_by = user()->id;
$chapter->save();
Activity::add($chapter, 'chapter_update', $book->id);
return redirect($chapter->getUrl());
$this->middleware(function ($request, $next) {
// Get a user instance for the current user
- $user = auth()->user();
- if (!$user) $user = User::getDefault();
-
- // Share variables with views
- view()->share('signedIn', auth()->check());
- view()->share('currentUser', $user);
+ $user = user();
// Share variables with controllers
$this->currentUser = $user;
$this->signedIn = auth()->check();
+ // Share variables with views
+ view()->share('signedIn', $this->signedIn);
+ view()->share('currentUser', $user);
+
return $next($request);
});
}
{
$this->checkPermission('users-manage');
$authMethod = config('auth.method');
- $roles = $this->userRepo->getAssignableRoles();
+ $roles = $this->userRepo->getAllRoles();
return view('users/create', ['authMethod' => $authMethod, 'roles' => $roles]);
}
return $this->currentUser->id == $id;
});
- $authMethod = config('auth.method');
-
$user = $this->user->findOrFail($id);
+
+ $authMethod = ($user->system_name) ? 'system' : config('auth.method');
+
$activeSocialDrivers = $socialAuthService->getActiveDrivers();
$this->setPageTitle('User Profile');
- $roles = $this->userRepo->getAssignableRoles();
+ $roles = $this->userRepo->getAllRoles();
return view('users/edit', ['user' => $user, 'activeSocialDrivers' => $activeSocialDrivers, 'authMethod' => $authMethod, 'roles' => $roles]);
}
{
$book = $this->book->newInstance($input);
$book->slug = $this->findSuitableSlug($book->name);
- $book->created_by = auth()->user()->id;
- $book->updated_by = auth()->user()->id;
+ $book->created_by = user()->id;
+ $book->updated_by = user()->id;
$book->save();
$this->permissionService->buildJointPermissionsForEntity($book);
return $book;
{
$book->fill($input);
$book->slug = $this->findSuitableSlug($book->name, $book->id);
- $book->updated_by = auth()->user()->id;
+ $book->updated_by = user()->id;
$book->save();
$this->permissionService->buildJointPermissionsForEntity($book);
return $book;
{
$chapter = $this->chapter->newInstance($input);
$chapter->slug = $this->findSuitableSlug($chapter->name, $book->id);
- $chapter->created_by = auth()->user()->id;
- $chapter->updated_by = auth()->user()->id;
+ $chapter->created_by = user()->id;
+ $chapter->updated_by = user()->id;
$chapter = $book->chapters()->save($chapter);
$this->permissionService->buildJointPermissionsForEntity($chapter);
return $chapter;
*/
public function getUserDraftPages($count = 20, $page = 0)
{
- $user = auth()->user();
return $this->page->where('draft', '=', true)
- ->where('created_by', '=', $user->id)
+ ->where('created_by', '=', user()->id)
->orderBy('updated_at', 'desc')
->skip($count * $page)->take($count)->get();
}
{
$page = $this->page->newInstance();
$page->name = 'New Page';
- $page->created_by = auth()->user()->id;
- $page->updated_by = auth()->user()->id;
+ $page->created_by = user()->id;
+ $page->updated_by = user()->id;
$page->draft = true;
if ($chapter) $page->chapter_id = $chapter->id;
}
// Update with new details
- $userId = auth()->user()->id;
+ $userId = user()->id;
$page->fill($input);
$page->html = $this->formatHtml($input['html']);
$page->text = strip_tags($page->html);
$page->fill($revision->toArray());
$page->slug = $this->findSuitableSlug($page->name, $book->id, $page->id);
$page->text = strip_tags($page->html);
- $page->updated_by = auth()->user()->id;
+ $page->updated_by = user()->id;
$page->save();
return $page;
}
$revision->page_id = $page->id;
$revision->slug = $page->slug;
$revision->book_slug = $page->book->slug;
- $revision->created_by = auth()->user()->id;
+ $revision->created_by = user()->id;
$revision->created_at = $page->updated_at;
$revision->type = 'version';
$revision->summary = $summary;
*/
public function saveUpdateDraft(Page $page, $data = [])
{
- $userId = auth()->user()->id;
+ $userId = user()->id;
$drafts = $this->userUpdateDraftsQuery($page, $userId)->get();
if ($drafts->count() > 0) {
$query = $this->pageRevision->where('type', '=', 'update_draft')
->where('page_id', '=', $page->id)
->where('updated_at', '>', $page->updated_at)
- ->where('created_by', '!=', auth()->user()->id)
+ ->where('created_by', '!=', user()->id)
->with('createdBy');
if ($minRange !== null) {
*/
public function getAllRoles()
{
- return $this->role->where('hidden', '=', false)->get();
+ return $this->role->all();
}
/**
*/
public function getAllRolesExcept(Role $role)
{
- return $this->role->where('id', '!=', $role->id)->where('hidden', '=', false)->get();
+ return $this->role->where('id', '!=', $role->id)->get();
}
/**
{
$role = $this->role->findOrFail($roleId);
- if ($role->hidden) throw new PermissionsException("Cannot update a hidden role");
-
$permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : [];
$this->assignRolePermissions($role, $permissions);
* Get the roles in the system that are assignable to a user.
* @return mixed
*/
- public function getAssignableRoles()
+ public function getAllRoles()
{
- return $this->role->visible();
+ return $this->role->all();
}
/**
*/
public function getRestrictableRoles()
{
- return $this->role->where('hidden', '=', false)->where('system_name', '=', '')->get();
+ return $this->role->where('system_name', '!=', 'admin')->get();
}
}
\ No newline at end of file
{
$this->activity = $activity;
$this->permissionService = $permissionService;
- $this->user = auth()->user();
+ $this->user = user();
}
/**
'uploaded_to' => $uploadedTo
];
- if (auth()->user() && auth()->user()->id !== 0) {
- $userId = auth()->user()->id;
+ if (user()->id !== 0) {
+ $userId = user()->id;
$imageDetails['created_by'] = $userId;
$imageDetails['updated_by'] = $userId;
}
private function currentUser()
{
if ($this->currentUserModel === false) {
- $this->currentUserModel = auth()->user() ? auth()->user() : new User();
+ $this->currentUserModel = user();
}
return $this->currentUserModel;
$socialAccount = $this->socialAccount->where('driver_id', '=', $socialId)->first();
$user = $this->userRepo->getByEmail($socialUser->getEmail());
$isLoggedIn = auth()->check();
- $currentUser = auth()->user();
+ $currentUser = user();
// When a user is not logged in and a matching SocialAccount exists,
// Simply log the user into the application.
public function detachSocialAccount($socialDriver)
{
session();
- auth()->user()->socialAccounts()->where('driver', '=', $socialDriver)->delete();
+ user()->socialAccounts()->where('driver', '=', $socialDriver)->delete();
session()->flash('success', title_case($socialDriver) . ' account successfully detached');
- return redirect(auth()->user()->getEditUrl());
+ return redirect(user()->getEditUrl());
}
}
\ No newline at end of file
public function __construct(View $view, PermissionService $permissionService)
{
$this->view = $view;
- $this->user = auth()->user();
+ $this->user = user();
$this->permissionService = $permissionService;
}
->filterRestrictedEntityRelations($this->view, 'views', 'viewable_id', 'viewable_type');
if ($filterModel) $query = $query->where('viewable_type', '=', get_class($filterModel));
- $query = $query->where('user_id', '=', auth()->user()->id);
+ $query = $query->where('user_id', '=', user()->id);
$viewables = $query->with('viewable')->orderBy('updated_at', 'desc')
->skip($count * $page)->take($count)->get()->pluck('viewable');
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Notifications\Notifiable;
class User extends Model implements AuthenticatableContract, CanResetPasswordContract
protected $permissions;
/**
- * Returns a default guest user.
+ * Returns the default public user.
+ * @return User
*/
public static function getDefault()
{
- return new static([
- 'email' => 'guest',
- 'name' => 'Guest'
- ]);
+ return static::where('system_name', '=', 'public')->first();
+ }
+
+ /**
+ * Check if the user is the default public user.
+ * @return bool
+ */
+ public function isDefault()
+ {
+ return $this->system_name === 'public';
}
/**
* The roles that belong to the user.
+ * @return BelongsToMany
*/
public function roles()
{
+ if ($this->id === 0) return ;
return $this->belongsToMany(Role::class);
}
throw new InvalidArgumentException("File {$file} not defined in asset manifest.");
}
+/**
+ * Helper method to get the current User.
+ * Defaults to public 'Guest' user if not logged in.
+ * @return \BookStack\User
+ */
+function user()
+{
+ return auth()->user() ?: \BookStack\User::getDefault();
+}
+
/**
* Check if the current user has a permission.
* If an ownable element is passed in the jointPermissions are checked against
function userCan($permission, Ownable $ownable = null)
{
if ($ownable === null) {
- return auth()->user() && auth()->user()->can($permission);
+ return user() && user()->can($permission);
}
// Check permission on ownable item
--- /dev/null
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class RemoveHiddenRoles extends Migration
+{
+ /**
+ * Run the migrations.
+ *
+ * @return void
+ */
+ public function up()
+ {
+ // Remove the hidden property from roles
+ Schema::table('roles', function(Blueprint $table) {
+ $table->dropColumn('hidden');
+ });
+
+ // Add column to mark system users
+ Schema::table('users', function(Blueprint $table) {
+ $table->string('system_name')->nullable()->index();
+ });
+
+ // Insert our new public system user.
+ $publicUserId = DB::table('users')->insertGetId([
+ 'name' => 'Guest',
+ 'system_name' => 'public',
+ 'email_confirmed' => true,
+ 'created_at' => \Carbon\Carbon::now(),
+ 'updated_at' => \Carbon\Carbon::now(),
+ ]);
+
+ // Get the public role
+ $publicRole = DB::table('roles')->where('system_name', '=', 'public')->first();
+
+ // Connect the new public user to the public role
+ DB::table('role_user')->insert([
+ 'user_id' => $publicUserId,
+ 'role_id' => $publicRole->id
+ ]);
+ }
+
+ /**
+ * Reverse the migrations.
+ *
+ * @return void
+ */
+ public function down()
+ {
+ Schema::table('roles', function(Blueprint $table) {
+ $table->boolean('hidden')->default(false);
+ $table->index('hidden');
+ });
+
+ DB::table('users')->where('system_name', '=', 'public')->delete();
+
+ Schema::table('users', function(Blueprint $table) {
+ $table->dropColumn('system_name');
+ });
+
+ DB::table('roles')->where('system_name', '=', 'public')->update(['hidden' => true]);
+ }
+}
<div class="form-group">
<label for="setting-registration-role">{{ trans('settings.reg_default_role') }}</label>
<select id="setting-registration-role" name="setting-registration-role" @if($errors->has('setting-registration-role')) class="neg" @endif>
- @foreach(\BookStack\Role::visible() as $role)
+ @foreach(\BookStack\Role::all() as $role)
<option value="{{$role->id}}" data-role-name="{{ $role->name }}"
@if(setting('registration-role', \BookStack\Role::first()->id) == $role->id) selected @endif
>
--- /dev/null
+@if($user->system_name == 'public')
+ <p>This user represents any guest users that visit your instance. It cannot be used for logins but is assigned automatically.</p>
+@endif
+
+<div class="form-group">
+ <label for="name">Name</label>
+ @include('form.text', ['name' => 'name'])
+</div>
+
+<div class="form-group">
+ <label for="email">Email</label>
+ @include('form.text', ['name' => 'email'])
+</div>
+
+@if(userCan('users-manage'))
+ <div class="form-group">
+ <label for="role">User Role</label>
+ @include('form/role-checkboxes', ['name' => 'roles', 'roles' => $roles])
+ </div>
+@endif
+
+<div class="form-group">
+ <a href="{{ baseUrl("/settings/users") }}" class="button muted">Cancel</a>
+ <button class="button pos" type="submit">Save</button>
+</div>
projects / bookstack / commitdiff