Renamed and cleaned up existing permission service classes use

author Dan Brown <redacted>

Tue, 12 Jul 2022 19:15:41 +0000 (20:15 +0100)

committer Dan Brown <redacted>

Tue, 12 Jul 2022 19:15:41 +0000 (20:15 +0100)
author Dan Brown <redacted>
Tue, 12 Jul 2022 19:15:41 +0000 (20:15 +0100)
committer Dan Brown <redacted>
Tue, 12 Jul 2022 19:15:41 +0000 (20:15 +0100)
diff --git a/app/Actions/ActivityLogger.php b/app/Actions/ActivityLogger.php

index 0d1391b43fe254b25a06dff72be446762950604d..eea5409fb95c07ddff1ccc16a678de233c58c656 100644 (file)
--- a/app/Actions/ActivityLogger.php
+++ b/app/Actions/ActivityLogger.php
@@ -2,7 +2,6 @@
  
  namespace BookStack\Actions;
  
-use BookStack\Auth\Permissions\PermissionService;
  use BookStack\Entities\Models\Entity;
  use BookStack\Interfaces\Loggable;
  use Illuminate\Database\Eloquent\Builder;
@@ -10,13 +9,6 @@ use Illuminate\Support\Facades\Log;
  
  class ActivityLogger
  {
-    protected $permissionService;
-
-    public function __construct(PermissionService $permissionService)
-    {
-        $this->permissionService = $permissionService;
-    }
-
      /**
       * Add a generic activity event to the database.
       *
diff --git a/app/Actions/ActivityQueries.php b/app/Actions/ActivityQueries.php

index f900fbb0544de725d8855528025384257610784e..0b8cd3b5ed7e62099e7a3e0e735b787599d9cd50 100644 (file)
--- a/app/Actions/ActivityQueries.php
+++ b/app/Actions/ActivityQueries.php
@@ -2,7 +2,7 @@
  
  namespace BookStack\Actions;
  
-use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Auth\User;
  use BookStack\Entities\Models\Book;
  use BookStack\Entities\Models\Chapter;
@@ -13,11 +13,11 @@ use Illuminate\Database\Eloquent\Relations\Relation;
  
  class ActivityQueries
  {
-    protected $permissionService;
+    protected PermissionApplicator $permissions;
  
-    public function __construct(PermissionService $permissionService)
+    public function __construct(PermissionApplicator $permissions)
      {
-        $this->permissionService = $permissionService;
+        $this->permissions = $permissions;
      }
  
      /**
@@ -25,7 +25,7 @@ class ActivityQueries
       */
      public function latest(int $count = 20, int $page = 0): array
      {
-        $activityList = $this->permissionService
+        $activityList = $this->permissions
              ->filterRestrictedEntityRelations(Activity::query(), 'activities', 'entity_id', 'entity_type')
              ->orderBy('created_at', 'desc')
              ->with(['user', 'entity'])
@@ -78,7 +78,7 @@ class ActivityQueries
       */
      public function userActivity(User $user, int $count = 20, int $page = 0): array
      {
-        $activityList = $this->permissionService
+        $activityList = $this->permissions
              ->filterRestrictedEntityRelations(Activity::query(), 'activities', 'entity_id', 'entity_type')
              ->orderBy('created_at', 'desc')
              ->where('user_id', '=', $user->id)
diff --git a/app/Actions/TagRepo.php b/app/Actions/TagRepo.php

index 8cf1076019e6318785a3d5ed13fc8d4490b16517..c5807108eb72a1aaf8e1c1d76b450aeb396a3848 100644 (file)
--- a/app/Actions/TagRepo.php
+++ b/app/Actions/TagRepo.php
@@ -2,7 +2,7 @@
  
  namespace BookStack\Actions;
  
-use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Entities\Models\Entity;
  use Illuminate\Database\Eloquent\Builder;
  use Illuminate\Support\Collection;
@@ -10,12 +10,11 @@ use Illuminate\Support\Facades\DB;
  
  class TagRepo
  {
-    protected $tag;
-    protected $permissionService;
+    protected PermissionApplicator $permissions;
  
-    public function __construct(PermissionService $ps)
+    public function __construct(PermissionApplicator $permissions)
      {
-        $this->permissionService = $ps;
+        $this->permissions = $permissions;
      }
  
      /**
@@ -51,7 +50,7 @@ class TagRepo
              });
          }
  
-        return $this->permissionService->filterRestrictedEntityRelations($query, 'tags', 'entity_id', 'entity_type');
+        return $this->permissions->filterRestrictedEntityRelations($query, 'tags', 'entity_id', 'entity_type');
      }
  
      /**
@@ -70,7 +69,7 @@ class TagRepo
              $query = $query->orderBy('count', 'desc')->take(50);
          }
  
-        $query = $this->permissionService->filterRestrictedEntityRelations($query, 'tags', 'entity_id', 'entity_type');
+        $query = $this->permissions->filterRestrictedEntityRelations($query, 'tags', 'entity_id', 'entity_type');
  
          return $query->get(['name'])->pluck('name');
      }
@@ -96,7 +95,7 @@ class TagRepo
              $query = $query->where('name', '=', $tagName);
          }
  
-        $query = $this->permissionService->filterRestrictedEntityRelations($query, 'tags', 'entity_id', 'entity_type');
+        $query = $this->permissions->filterRestrictedEntityRelations($query, 'tags', 'entity_id', 'entity_type');
  
          return $query->get(['value'])->pluck('value');
      }
diff --git a/app/Auth/Permissions/JointPermissionBuilder.php b/app/Auth/Permissions/JointPermissionBuilder.php

index c87560fe043cf176008c10e4145ed1001fc291f8..fbf77741ac43827076c3f70598a8b1afb95d72a9 100644 (file)
--- a/app/Auth/Permissions/JointPermissionBuilder.php
+++ b/app/Auth/Permissions/JointPermissionBuilder.php
@@ -20,6 +20,82 @@ class JointPermissionBuilder
       */
      protected $entityCache;
  
+    /**
+     * Re-generate all entity permission from scratch.
+     */
+    public function rebuildForAll()
+    {
+        JointPermission::query()->truncate();
+        $this->readyEntityCache();
+
+        // Get all roles (Should be the most limited dimension)
+        $roles = Role::query()->with('permissions')->get()->all();
+
+        // Chunk through all books
+        $this->bookFetchQuery()->chunk(5, function (EloquentCollection $books) use ($roles) {
+            $this->buildJointPermissionsForBooks($books, $roles);
+        });
+
+        // Chunk through all bookshelves
+        Bookshelf::query()->withTrashed()->select(['id', 'restricted', 'owned_by'])
+            ->chunk(50, function (EloquentCollection $shelves) use ($roles) {
+                $this->createManyJointPermissions($shelves->all(), $roles);
+            });
+    }
+
+    /**
+     * Rebuild the entity jointPermissions for a particular entity.
+     *
+     * @throws Throwable
+     */
+    public function rebuildForEntity(Entity $entity)
+    {
+        $entities = [$entity];
+        if ($entity instanceof Book) {
+            $books = $this->bookFetchQuery()->where('id', '=', $entity->id)->get();
+            $this->buildJointPermissionsForBooks($books, Role::query()->with('permissions')->get()->all(), true);
+
+            return;
+        }
+
+        /** @var BookChild $entity */
+        if ($entity->book) {
+            $entities[] = $entity->book;
+        }
+
+        if ($entity instanceof Page && $entity->chapter_id) {
+            $entities[] = $entity->chapter;
+        }
+
+        if ($entity instanceof Chapter) {
+            foreach ($entity->pages as $page) {
+                $entities[] = $page;
+            }
+        }
+
+        $this->buildJointPermissionsForEntities($entities);
+    }
+
+    /**
+     * Build the entity jointPermissions for a particular role.
+     */
+    public function rebuildForRole(Role $role)
+    {
+        $roles = [$role];
+        $role->jointPermissions()->delete();
+
+        // Chunk through all books
+        $this->bookFetchQuery()->chunk(20, function ($books) use ($roles) {
+            $this->buildJointPermissionsForBooks($books, $roles);
+        });
+
+        // Chunk through all bookshelves
+        Bookshelf::query()->select(['id', 'restricted', 'owned_by'])
+            ->chunk(50, function ($shelves) use ($roles) {
+                $this->createManyJointPermissions($shelves->all(), $roles);
+            });
+    }
+
      /**
       * Prepare the local entity cache and ensure it's empty.
       *
@@ -66,29 +142,6 @@ class JointPermissionBuilder
              ->find($chapterId);
      }
  
-    /**
-     * Re-generate all entity permission from scratch.
-     */
-    public function buildJointPermissions()
-    {
-        JointPermission::query()->truncate();
-        $this->readyEntityCache();
-
-        // Get all roles (Should be the most limited dimension)
-        $roles = Role::query()->with('permissions')->get()->all();
-
-        // Chunk through all books
-        $this->bookFetchQuery()->chunk(5, function (EloquentCollection $books) use ($roles) {
-            $this->buildJointPermissionsForBooks($books, $roles);
-        });
-
-        // Chunk through all bookshelves
-        Bookshelf::query()->withTrashed()->select(['id', 'restricted', 'owned_by'])
-            ->chunk(50, function (EloquentCollection $shelves) use ($roles) {
-                $this->buildJointPermissionsForShelves($shelves, $roles);
-            });
-    }
-
      /**
       * Get a query for fetching a book with it's children.
       */
@@ -105,18 +158,6 @@ class JointPermissionBuilder
              ]);
      }
  
-    /**
-     * Build joint permissions for the given shelf and role combinations.
-     *
-     * @throws Throwable
-     */
-    protected function buildJointPermissionsForShelves(EloquentCollection $shelves, array $roles, bool $deleteOld = false)
-    {
-        if ($deleteOld) {
-            $this->deleteManyJointPermissionsForEntities($shelves->all());
-        }
-        $this->createManyJointPermissions($shelves->all(), $roles);
-    }
  
      /**
       * Build joint permissions for the given book and role combinations.
@@ -144,39 +185,6 @@ class JointPermissionBuilder
          $this->createManyJointPermissions($entities->all(), $roles);
      }
  
-    /**
-     * Rebuild the entity jointPermissions for a particular entity.
-     *
-     * @throws Throwable
-     */
-    public function buildJointPermissionsForEntity(Entity $entity)
-    {
-        $entities = [$entity];
-        if ($entity instanceof Book) {
-            $books = $this->bookFetchQuery()->where('id', '=', $entity->id)->get();
-            $this->buildJointPermissionsForBooks($books, Role::query()->with('permissions')->get()->all(), true);
-
-            return;
-        }
-
-        /** @var BookChild $entity */
-        if ($entity->book) {
-            $entities[] = $entity->book;
-        }
-
-        if ($entity instanceof Page && $entity->chapter_id) {
-            $entities[] = $entity->chapter;
-        }
-
-        if ($entity instanceof Chapter) {
-            foreach ($entity->pages as $page) {
-                $entities[] = $page;
-            }
-        }
-
-        $this->buildJointPermissionsForEntities($entities);
-    }
-
      /**
       * Rebuild the entity jointPermissions for a collection of entities.
       *
@@ -189,26 +197,6 @@ class JointPermissionBuilder
          $this->createManyJointPermissions($entities, $roles);
      }
  
-    /**
-     * Build the entity jointPermissions for a particular role.
-     */
-    public function buildJointPermissionForRole(Role $role)
-    {
-        $roles = [$role];
-        $role->jointPermissions()->delete();
-
-        // Chunk through all books
-        $this->bookFetchQuery()->chunk(20, function ($books) use ($roles) {
-            $this->buildJointPermissionsForBooks($books, $roles);
-        });
-
-        // Chunk through all bookshelves
-        Bookshelf::query()->select(['id', 'restricted', 'owned_by'])
-            ->chunk(50, function ($shelves) use ($roles) {
-                $this->buildJointPermissionsForShelves($shelves, $roles);
-            });
-    }
-
      /**
       * Delete all the entity jointPermissions for a list of entities.
       *
diff --git a/app/Auth/Permissions/PermissionService.php b/app/Auth/Permissions/PermissionApplicator.php

similarity index 99%

rename from app/Auth/Permissions/PermissionService.php

rename to app/Auth/Permissions/PermissionApplicator.php

index bcd4a367504da4567f189ab8cba0abebebc3cbf0..3dc529e3200fbb7fc48f37d9dcaf587e8bc156f4 100644 (file)
--- a/app/Auth/Permissions/PermissionService.php
+++ b/app/Auth/Permissions/PermissionApplicator.php
@@ -12,10 +12,10 @@ use BookStack\Traits\HasOwner;
  use Illuminate\Database\Eloquent\Builder;
  use Illuminate\Database\Query\Builder as QueryBuilder;
  
-class PermissionService
+class PermissionApplicator
  {
      /**
-     * @var ?array
+     * @var ?array<int>
       */
      protected $userRoles = null;
  
@@ -24,7 +24,6 @@ class PermissionService
       */
      protected $currentUserModel = null;
  
-
      /**
       * Get the roles for the current logged in user.
       */
diff --git a/app/Auth/Permissions/PermissionsRepo.php b/app/Auth/Permissions/PermissionsRepo.php

index 0527875aecc2644916cbb9c07970cba11e229749..2c2bedb725d0beea98fb03380fbc269af1123a62 100644 (file)
--- a/app/Auth/Permissions/PermissionsRepo.php
+++ b/app/Auth/Permissions/PermissionsRepo.php
@@ -27,7 +27,7 @@ class PermissionsRepo
       */
      public function getAllRoles(): Collection
      {
-        return Role::query()->all();
+        return Role::query()->get();
      }
  
      /**
@@ -57,7 +57,7 @@ class PermissionsRepo
  
          $permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : [];
          $this->assignRolePermissions($role, $permissions);
-        $this->permissionBuilder->buildJointPermissionForRole($role);
+        $this->permissionBuilder->rebuildForRole($role);
  
          Activity::add(ActivityType::ROLE_CREATE, $role);
  
@@ -88,7 +88,7 @@ class PermissionsRepo
          $role->fill($roleData);
          $role->mfa_enforced = ($roleData['mfa_enforced'] ?? 'false') === 'true';
          $role->save();
-        $this->permissionBuilder->buildJointPermissionForRole($role);
+        $this->permissionBuilder->rebuildForRole($role);
  
          Activity::add(ActivityType::ROLE_UPDATE, $role);
      }
@@ -102,7 +102,7 @@ class PermissionsRepo
          $permissionNameArray = array_values($permissionNameArray);
  
          if ($permissionNameArray) {
-            $permissions = EntityPermission::query()
+            $permissions = RolePermission::query()
                  ->whereIn('name', $permissionNameArray)
                  ->pluck('id')
                  ->toArray();
diff --git a/app/Config/app.php b/app/Config/app.php

index 2b1de6f45e69aedb189da6343fd156981f50973c..5f516f4adfd5b766b7580bd3e03abff2d5c3ab30 100644 (file)
--- a/app/Config/app.php
+++ b/app/Config/app.php
@@ -202,7 +202,6 @@ return [
  
          // Custom BookStack
          'Activity'    => BookStack\Facades\Activity::class,
-        'Permissions' => BookStack\Facades\Permissions::class,
          'Theme'       => BookStack\Facades\Theme::class,
      ],
  
diff --git a/app/Console/Commands/RegeneratePermissions.php b/app/Console/Commands/RegeneratePermissions.php

index 558ae9feaecbdea8f21aea820b85fdad9f3a544c..3396a445f0f531b4680302a6fae931dd5db1e0b0 100644 (file)
--- a/app/Console/Commands/RegeneratePermissions.php
+++ b/app/Console/Commands/RegeneratePermissions.php
@@ -42,11 +42,11 @@ class RegeneratePermissions extends Command
      {
          $connection = DB::getDefaultConnection();
  
-        if ($this->hasOption('database')) {
+        if ($this->option('database')) {
              DB::setDefaultConnection($this->option('database'));
          }
  
-        $this->permissionBuilder->buildJointPermissions();
+        $this->permissionBuilder->rebuildForAll();
  
          DB::setDefaultConnection($connection);
          $this->comment('Permissions regenerated');
diff --git a/app/Entities/Models/Entity.php b/app/Entities/Models/Entity.php

index 7ad78f1d1475d03c6131146335949bb29b29be82..84d31d82dcde318326d71dd1b920b1edfc41964c 100644 (file)
--- a/app/Entities/Models/Entity.php
+++ b/app/Entities/Models/Entity.php
@@ -9,9 +9,10 @@ use BookStack\Actions\Tag;
  use BookStack\Actions\View;
  use BookStack\Auth\Permissions\EntityPermission;
  use BookStack\Auth\Permissions\JointPermission;
+use BookStack\Auth\Permissions\JointPermissionBuilder;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Entities\Tools\SearchIndex;
  use BookStack\Entities\Tools\SlugGenerator;
-use BookStack\Facades\Permissions;
  use BookStack\Interfaces\Deletable;
  use BookStack\Interfaces\Favouritable;
  use BookStack\Interfaces\Loggable;
@@ -76,7 +77,7 @@ abstract class Entity extends Model implements Sluggable, Favouritable, Viewable
       */
      public function scopeHasPermission(Builder $query, string $permission)
      {
-        return Permissions::restrictEntityQuery($query, $permission);
+        return app()->make(PermissionApplicator::class)->restrictEntityQuery($query, $permission);
      }
  
      /**
@@ -284,8 +285,7 @@ abstract class Entity extends Model implements Sluggable, Favouritable, Viewable
       */
      public function rebuildPermissions()
      {
-        /** @noinspection PhpUnhandledExceptionInspection */
-        Permissions::buildJointPermissionsForEntity(clone $this);
+        app()->make(JointPermissionBuilder::class)->rebuildForEntity(clone $this);
      }
  
      /**
@@ -293,7 +293,7 @@ abstract class Entity extends Model implements Sluggable, Favouritable, Viewable
       */
      public function indexForSearch()
      {
-        app(SearchIndex::class)->indexEntity(clone $this);
+        app()->make(SearchIndex::class)->indexEntity(clone $this);
      }
  
      /**
@@ -301,7 +301,7 @@ abstract class Entity extends Model implements Sluggable, Favouritable, Viewable
       */
      public function refreshSlug(): string
      {
-        $this->slug = app(SlugGenerator::class)->generate($this);
+        $this->slug = app()->make(SlugGenerator::class)->generate($this);
  
          return $this->slug;
      }
diff --git a/app/Entities/Models/Page.php b/app/Entities/Models/Page.php

index ed69bcf8b8569d2e92fe94444d541872003a849b..a2690b2a022f64779e5d4bff25a74319759975d7 100644 (file)
--- a/app/Entities/Models/Page.php
+++ b/app/Entities/Models/Page.php
@@ -2,8 +2,8 @@
  
  namespace BookStack\Entities\Models;
  
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Entities\Tools\PageContent;
-use BookStack\Facades\Permissions;
  use BookStack\Uploads\Attachment;
  use Illuminate\Database\Eloquent\Builder;
  use Illuminate\Database\Eloquent\Collection;
@@ -51,7 +51,7 @@ class Page extends BookChild
       */
      public function scopeVisible(Builder $query): Builder
      {
-        $query = Permissions::enforceDraftVisibilityOnQuery($query);
+        $query = app()->make(PermissionApplicator::class)->enforceDraftVisibilityOnQuery($query);
  
          return parent::scopeVisible($query);
      }
diff --git a/app/Entities/Queries/EntityQuery.php b/app/Entities/Queries/EntityQuery.php

index 76ab16ffc827f1373a186d41118fca54205e0239..5ab882ca89e957065a6e913ff8037db1139da277 100644 (file)
--- a/app/Entities/Queries/EntityQuery.php
+++ b/app/Entities/Queries/EntityQuery.php
@@ -2,14 +2,14 @@
  
  namespace BookStack\Entities\Queries;
  
-use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Entities\EntityProvider;
  
  abstract class EntityQuery
  {
-    protected function permissionService(): PermissionService
+    protected function permissionService(): PermissionApplicator
      {
-        return app()->make(PermissionService::class);
+        return app()->make(PermissionApplicator::class);
      }
  
      protected function entityProvider(): EntityProvider
diff --git a/app/Entities/Tools/SearchRunner.php b/app/Entities/Tools/SearchRunner.php

index a591914f3c1c85b20603ae9df2e5ba1634205a5d..5d94379c9871fab3f0491afc9bc78b9266c49596 100644 (file)
--- a/app/Entities/Tools/SearchRunner.php
+++ b/app/Entities/Tools/SearchRunner.php
@@ -2,7 +2,7 @@
  
  namespace BookStack\Entities\Tools;
  
-use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Auth\User;
  use BookStack\Entities\EntityProvider;
  use BookStack\Entities\Models\BookChild;
@@ -21,20 +21,14 @@ use SplObjectStorage;
  
  class SearchRunner
  {
-    /**
-     * @var EntityProvider
-     */
-    protected $entityProvider;
  
-    /**
-     * @var PermissionService
-     */
-    protected $permissionService;
+    protected EntityProvider $entityProvider;
+    protected PermissionApplicator $permissions;
  
      /**
       * Acceptable operators to be used in a query.
       *
-     * @var array
+     * @var string[]
       */
      protected $queryOperators = ['<=', '>=', '=', '<', '>', 'like', '!='];
  
@@ -46,10 +40,10 @@ class SearchRunner
       */
      protected $termAdjustmentCache;
  
-    public function __construct(EntityProvider $entityProvider, PermissionService $permissionService)
+    public function __construct(EntityProvider $entityProvider, PermissionApplicator $permissions)
      {
          $this->entityProvider = $entityProvider;
-        $this->permissionService = $permissionService;
+        $this->permissions = $permissions;
          $this->termAdjustmentCache = new SplObjectStorage();
      }
  
@@ -199,7 +193,7 @@ class SearchRunner
              }
          }
  
-        return $this->permissionService->enforceEntityRestrictions($entityModelInstance, $entityQuery, $action);
+        return $this->permissions->enforceEntityRestrictions($entityModelInstance, $entityQuery, $action);
      }
  
      /**
diff --git a/app/Facades/Permissions.php b/app/Facades/Permissions.php

deleted file mode 100644 (file)

index 74cbe46..0000000
--- a/app/Facades/Permissions.php
+++ /dev/null
@@ -1,18 +0,0 @@
-<?php
-
-namespace BookStack\Facades;
-
-use Illuminate\Support\Facades\Facade;
-
-class Permissions extends Facade
-{
-    /**
-     * Get the registered name of the component.
-     *
-     * @return string
-     */
-    protected static function getFacadeAccessor()
-    {
-        return 'permissions';
-    }
-}
diff --git a/app/Providers/CustomFacadeProvider.php b/app/Providers/CustomFacadeProvider.php

index 0518af44f9bf6e4f55d4ae311a30313aa7b8f1db..04de822505136fc861e88bac941f2d035c2c46ba 100644 (file)
--- a/app/Providers/CustomFacadeProvider.php
+++ b/app/Providers/CustomFacadeProvider.php
@@ -3,7 +3,7 @@
  namespace BookStack\Providers;
  
  use BookStack\Actions\ActivityLogger;
-use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Theming\ThemeService;
  use BookStack\Uploads\ImageService;
  use Illuminate\Support\ServiceProvider;
@@ -31,14 +31,6 @@ class CustomFacadeProvider extends ServiceProvider
              return $this->app->make(ActivityLogger::class);
          });
  
-        $this->app->singleton('images', function () {
-            return $this->app->make(ImageService::class);
-        });
-
-        $this->app->singleton('permissions', function () {
-            return $this->app->make(PermissionService::class);
-        });
-
          $this->app->singleton('theme', function () {
              return $this->app->make(ThemeService::class);
          });
diff --git a/app/Uploads/Attachment.php b/app/Uploads/Attachment.php

index 5e637246a66b25b04f6256b92f7b8e1fca37778f..d9e0ce7e1bb240c683999bd59c40987d74e9ed3a 100644 (file)
--- a/app/Uploads/Attachment.php
+++ b/app/Uploads/Attachment.php
@@ -2,7 +2,7 @@
  
  namespace BookStack\Uploads;
  
-use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Auth\User;
  use BookStack\Entities\Models\Entity;
  use BookStack\Entities\Models\Page;
@@ -89,9 +89,9 @@ class Attachment extends Model
       */
      public function scopeVisible(): Builder
      {
-        $permissionService = app()->make(PermissionService::class);
+        $permissions = app()->make(PermissionApplicator::class);
  
-        return $permissionService->filterRelatedEntity(
+        return $permissions->filterRelatedEntity(
              Page::class,
              self::query(),
              'attachments',
diff --git a/app/Uploads/ImageRepo.php b/app/Uploads/ImageRepo.php

index bfe4b597739a8e26f423c4f5f04d9d78f0db805f..13d3344dd580bc7c5450057837ceadbd57b5ef09 100644 (file)
--- a/app/Uploads/ImageRepo.php
+++ b/app/Uploads/ImageRepo.php
@@ -2,7 +2,7 @@
  
  namespace BookStack\Uploads;
  
-use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Entities\Models\Page;
  use BookStack\Exceptions\ImageUploadException;
  use Exception;
@@ -11,16 +11,16 @@ use Symfony\Component\HttpFoundation\File\UploadedFile;
  
  class ImageRepo
  {
-    protected $imageService;
-    protected $restrictionService;
+    protected ImageService $imageService;
+    protected PermissionApplicator $permissions;
  
      /**
       * ImageRepo constructor.
       */
-    public function __construct(ImageService $imageService, PermissionService $permissionService)
+    public function __construct(ImageService $imageService, PermissionApplicator $permissions)
      {
          $this->imageService = $imageService;
-        $this->restrictionService = $permissionService;
+        $this->permissions = $permissions;
      }
  
      /**
@@ -74,7 +74,7 @@ class ImageRepo
          }
  
          // Filter by page access
-        $imageQuery = $this->restrictionService->filterRelatedEntity(Page::class, $imageQuery, 'images', 'uploaded_to');
+        $imageQuery = $this->permissions->filterRelatedEntity(Page::class, $imageQuery, 'images', 'uploaded_to');
  
          if ($whereClause !== null) {
              $imageQuery = $imageQuery->where($whereClause);
diff --git a/app/helpers.php b/app/helpers.php

index 9edc22c403d9b1a7859baaec7983a8ad14e898a4..cfdf554457b73923330043061f1ff307f17c0c06 100644 (file)
--- a/app/helpers.php
+++ b/app/helpers.php
@@ -1,6 +1,6 @@
  <?php
  
-use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Auth\User;
  use BookStack\Model;
  use BookStack\Settings\SettingService;
@@ -65,9 +65,9 @@ function userCan(string $permission, Model $ownable = null): bool
      }
  
      // Check permission on ownable item
-    $permissionService = app(PermissionService::class);
+    $permissions = app(PermissionApplicator::class);
  
-    return $permissionService->checkOwnableUserAccess($ownable, $permission);
+    return $permissions->checkOwnableUserAccess($ownable, $permission);
  }
  
  /**
@@ -76,9 +76,9 @@ function userCan(string $permission, Model $ownable = null): bool
   */
  function userCanOnAny(string $permission, string $entityClass = null): bool
  {
-    $permissionService = app(PermissionService::class);
+    $permissions = app(PermissionApplicator::class);
  
-    return $permissionService->checkUserHasPermissionOnAnything($permission, $entityClass);
+    return $permissions->checkUserHasPermissionOnAnything($permission, $entityClass);
  }
  
  /**
diff --git a/database/seeders/DummyContentSeeder.php b/database/seeders/DummyContentSeeder.php

index cb9987df7004974bd13cf77cfae2896b703958fd..e97069e7f5999afaee29e75817e9ebd7f476787a 100644 (file)
--- a/database/seeders/DummyContentSeeder.php
+++ b/database/seeders/DummyContentSeeder.php
@@ -69,7 +69,7 @@ class DummyContentSeeder extends Seeder
          ]);
          $token->save();
  
-        app(JointPermissionBuilder::class)->buildJointPermissions();
+        app(JointPermissionBuilder::class)->rebuildForAll();
          app(SearchIndex::class)->indexAllEntities();
      }
  }
diff --git a/database/seeders/LargeContentSeeder.php b/database/seeders/LargeContentSeeder.php

index 041b3161acedb64d524fa248a6cea14dd22d91b9..b2d8a4d1b369eae0b19509cdb9cd1f2da624530e 100644 (file)
--- a/database/seeders/LargeContentSeeder.php
+++ b/database/seeders/LargeContentSeeder.php
@@ -35,7 +35,7 @@ class LargeContentSeeder extends Seeder
          $largeBook->chapters()->saveMany($chapters);
          $all = array_merge([$largeBook], array_values($pages->all()), array_values($chapters->all()));
  
-        app()->make(JointPermissionBuilder::class)->buildJointPermissionsForEntity($largeBook);
+        app()->make(JointPermissionBuilder::class)->rebuildForEntity($largeBook);
          app()->make(SearchIndex::class)->indexEntities($all);
      }
  }
diff --git a/tests/Commands/RegeneratePermissionsCommandTest.php b/tests/Commands/RegeneratePermissionsCommandTest.php

index 2090c991bebbf4bcd4b363f4a31ff0363f5f38cc..d514e5f9d90262c9ece2d2ad73ab425ab8f192bd 100644 (file)
--- a/tests/Commands/RegeneratePermissionsCommandTest.php
+++ b/tests/Commands/RegeneratePermissionsCommandTest.php
@@ -4,6 +4,7 @@ namespace Tests\Commands;
  
  use BookStack\Auth\Permissions\JointPermission;
  use BookStack\Entities\Models\Page;
+use Illuminate\Support\Facades\Artisan;
  use Illuminate\Support\Facades\DB;
  use Tests\TestCase;
  
@@ -11,13 +12,13 @@ class RegeneratePermissionsCommandTest extends TestCase
  {
      public function test_regen_permissions_command()
      {
-        \DB::rollBack();
+        DB::rollBack();
          JointPermission::query()->truncate();
          $page = Page::first();
  
          $this->assertDatabaseMissing('joint_permissions', ['entity_id' => $page->id]);
  
-        $exitCode = \Artisan::call('bookstack:regenerate-permissions');
+        $exitCode = Artisan::call('bookstack:regenerate-permissions');
          $this->assertTrue($exitCode === 0, 'Command executed successfully');
          DB::beginTransaction();
  
diff --git a/tests/PublicActionTest.php b/tests/PublicActionTest.php

index 745fa76608a8610151e686711b2838ac2ba3daed..2841f4ef44d581592c259e6d71957ac494603d80 100644 (file)
--- a/tests/PublicActionTest.php
+++ b/tests/PublicActionTest.php
@@ -89,7 +89,7 @@ class PublicActionTest extends TestCase
          foreach (RolePermission::all() as $perm) {
              $publicRole->attachPermission($perm);
          }
-        $this->app->make(JointPermissionBuilder::class)->buildJointPermissionForRole($publicRole);
+        $this->app->make(JointPermissionBuilder::class)->rebuildForRole($publicRole);
  
          /** @var Chapter $chapter */
          $chapter = Chapter::query()->first();
diff --git a/tests/SharedTestHelpers.php b/tests/SharedTestHelpers.php

index 2d05b0520cb6ea606fcbdb89801863f11455c9f7..99bc92494dba2c12fd8203fbe8806ae7bbfdbcb8 100644 (file)
--- a/tests/SharedTestHelpers.php
+++ b/tests/SharedTestHelpers.php
@@ -3,7 +3,7 @@
  namespace Tests;
  
  use BookStack\Auth\Permissions\JointPermissionBuilder;
-use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Auth\Permissions\PermissionApplicator;
  use BookStack\Auth\Permissions\PermissionsRepo;
  use BookStack\Auth\Permissions\RolePermission;
  use BookStack\Auth\Role;
@@ -177,7 +177,7 @@ trait SharedTestHelpers
  
          $entity->save();
          $entity->load('permissions');
-        $this->app->make(JointPermissionBuilder::class)->buildJointPermissionsForEntity($entity);
+        $this->app->make(JointPermissionBuilder::class)->rebuildForEntity($entity);
          $entity->load('jointPermissions');
      }
  
@@ -209,7 +209,7 @@ trait SharedTestHelpers
          /** @var Role $role */
          foreach ($roles as $role) {
              $role->detachPermission($permission);
-            $permissionBuilder->buildJointPermissionForRole($role);
+            $permissionBuilder->rebuildForRole($role);
          }
  
          $user->clearPermissionCache();
@@ -243,7 +243,7 @@ trait SharedTestHelpers
          $chapter = Chapter::factory()->create(array_merge(['book_id' => $book->id], $userAttrs));
          $page = Page::factory()->create(array_merge(['book_id' => $book->id, 'chapter_id' => $chapter->id], $userAttrs));
  
-        $this->app->make(JointPermissionBuilder::class)->buildJointPermissionsForEntity($book);
+        $this->app->make(JointPermissionBuilder::class)->rebuildForEntity($book);
  
          return compact('book', 'chapter', 'page');
      }
author	Dan Brown <redacted>
	Tue, 12 Jul 2022 19:15:41 +0000 (20:15 +0100)
committer	Dan Brown <redacted>
	Tue, 12 Jul 2022 19:15:41 +0000 (20:15 +0100)
app/Actions/ActivityLogger.php		patch \| blob \| history
app/Actions/ActivityQueries.php		patch \| blob \| history
app/Actions/TagRepo.php		patch \| blob \| history
app/Auth/Permissions/JointPermissionBuilder.php		patch \| blob \| history
app/Auth/Permissions/PermissionApplicator.php	[moved from app/Auth/Permissions/PermissionService.php with 99% similarity]	patch \| blob \| history
app/Auth/Permissions/PermissionsRepo.php		patch \| blob \| history
app/Config/app.php		patch \| blob \| history
app/Console/Commands/RegeneratePermissions.php		patch \| blob \| history
app/Entities/Models/Entity.php		patch \| blob \| history
app/Entities/Models/Page.php		patch \| blob \| history
app/Entities/Queries/EntityQuery.php		patch \| blob \| history
app/Entities/Tools/SearchRunner.php		patch \| blob \| history
app/Facades/Permissions.php	[deleted file]	patch \| blob \| history
app/Providers/CustomFacadeProvider.php		patch \| blob \| history
app/Uploads/Attachment.php		patch \| blob \| history
app/Uploads/ImageRepo.php		patch \| blob \| history
app/helpers.php		patch \| blob \| history
database/seeders/DummyContentSeeder.php		patch \| blob \| history
database/seeders/LargeContentSeeder.php		patch \| blob \| history
tests/Commands/RegeneratePermissionsCommandTest.php		patch \| blob \| history
tests/PublicActionTest.php		patch \| blob \| history
tests/SharedTestHelpers.php		patch \| blob \| history