/**
* Updates an existing role.
- * Ensure Admin role always has all permissions.
+ * Ensure Admin role always have core permissions.
* @param $roleId
* @param $roleData
* @throws PermissionsException
$role = $this->role->findOrFail($roleId);
$permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : [];
- $this->assignRolePermissions($role, $permissions);
-
if ($role->system_name === 'admin') {
- $permissions = $this->permission->all()->pluck('id')->toArray();
- $role->permissions()->sync($permissions);
+ $permissions = array_merge($permissions, [
+ 'users-manage',
+ 'user-roles-manage',
+ 'restrictions-manage-all',
+ 'restrictions-manage-own',
+ 'settings-manage',
+ ]);
}
+ $this->assignRolePermissions($role, $permissions);
+
$role->fill($roleData);
$role->save();
$this->permissionService->buildJointPermissionForRole($role);
$this->book = $book;
$this->chapter = $chapter;
$this->page = $page;
- // TODO - Update so admin still goes through filters
}
/**
*/
public function checkOwnableUserAccess(Ownable $ownable, $permission)
{
- if ($this->isAdmin()) {
- $this->clean();
- return true;
- }
-
$explodedPermission = explode('-', $permission);
$baseQuery = $ownable->where('id', '=', $ownable->id);
$query = $this->db->query()->select('*')->from($this->db->raw("({$pageSelect->toSql()} UNION {$chapterSelect->toSql()}) AS U"))
->mergeBindings($pageSelect)->mergeBindings($chapterSelect);
- if (!$this->isAdmin()) {
- $whereQuery = $this->db->table('joint_permissions as jp')->selectRaw('COUNT(*)')
- ->whereRaw('jp.entity_id=U.id')->whereRaw('jp.entity_type=U.entity_type')
- ->where('jp.action', '=', 'view')->whereIn('jp.role_id', $this->getRoles())
- ->where(function ($query) {
- $query->where('jp.has_permission', '=', 1)->orWhere(function ($query) {
- $query->where('jp.has_permission_own', '=', 1)->where('jp.created_by', '=', $this->currentUser()->id);
- });
+ // Add joint permission filter
+ $whereQuery = $this->db->table('joint_permissions as jp')->selectRaw('COUNT(*)')
+ ->whereRaw('jp.entity_id=U.id')->whereRaw('jp.entity_type=U.entity_type')
+ ->where('jp.action', '=', 'view')->whereIn('jp.role_id', $this->getRoles())
+ ->where(function ($query) {
+ $query->where('jp.has_permission', '=', 1)->orWhere(function ($query) {
+ $query->where('jp.has_permission_own', '=', 1)->where('jp.created_by', '=', $this->currentUser()->id);
});
- $query->whereRaw("({$whereQuery->toSql()}) > 0")->mergeBindings($whereQuery);
- }
+ });
+ $query->whereRaw("({$whereQuery->toSql()}) > 0")->mergeBindings($whereQuery);
$query->orderBy('draft', 'desc')->orderBy('priority', 'asc');
$this->clean();
});
}
- if ($this->isAdmin()) {
- $this->clean();
- return $query;
- }
-
$this->currentAction = $action;
return $this->entityRestrictionQuery($query);
}
*/
public function filterRestrictedEntityRelations($query, $tableName, $entityIdColumn, $entityTypeColumn, $action = 'view')
{
- if ($this->isAdmin()) {
- $this->clean();
- return $query;
- }
$this->currentAction = $action;
$tableDetails = ['tableName' => $tableName, 'entityIdColumn' => $entityIdColumn, 'entityTypeColumn' => $entityTypeColumn];
*/
public function filterRelatedPages($query, $tableName, $entityIdColumn)
{
- if ($this->isAdmin()) {
- $this->clean();
- return $query;
- }
-
$this->currentAction = 'view';
$tableDetails = ['tableName' => $tableName, 'entityIdColumn' => $entityIdColumn];
return $q;
}
- /**
- * Check if the current user is an admin.
- * @return bool
- */
- private function isAdmin()
- {
- if ($this->isAdminUser === null) {
- $this->isAdminUser = ($this->currentUser()->id !== null) ? $this->currentUser()->hasSystemRole('admin') : false;
- }
-
- return $this->isAdminUser;
- }
-
/**
* Get the current user
* @return User
projects / bookstack / commitdiff