namespace BookStack\Auth\Permissions;
+use BookStack\Auth\Role;
use BookStack\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\MorphTo;
/**
{
return $this->morphTo('restrictable');
}
+
+ /**
+ * Get the role assigned to this entity permission.
+ */
+ public function role(): BelongsTo
+ {
+ return $this->belongsTo(Role::class);
+ }
}
--- /dev/null
+<?php
+
+namespace BookStack\Auth\Permissions;
+
+use BookStack\Auth\Role;
+use BookStack\Entities\Models\Entity;
+
+class PermissionFormData
+{
+ protected Entity $entity;
+
+ public function __construct(Entity $entity)
+ {
+ $this->entity = $entity;
+ }
+
+ /**
+ * Get the roles with permissions assigned.
+ */
+ public function rolesWithPermissions(): array
+ {
+ return $this->entity->permissions()
+ ->with('role')
+ ->where('role_id', '!=', 0)
+ ->get(['id', 'role_id'])
+ ->pluck('role')
+ ->sortBy('display_name')
+ ->all();
+ }
+
+ /**
+ * Get the roles that don't yet have specific permissions for the
+ * entity we're managing permissions for.
+ */
+ public function rolesNotAssigned(): array
+ {
+ $assigned = $this->entity->permissions()->pluck('role_id');
+ return Role::query()
+ ->where('system_name', '!=', 'admin')
+ ->whereNotIn('id', $assigned)
+ ->orderBy('display_name', 'asc')
+ ->get()
+ ->all();
+ }
+
+ /**
+ * Get the "Everyone Else" role entry.
+ */
+ public function everyoneElseRole(): Role
+ {
+ return (new Role())->forceFill([
+ 'id' => 0,
+ 'display_name' => 'Everyone Else',
+ 'description' => 'Set permissions for all roles not specifically overridden.'
+ ]);
+ }
+}
return static::query()->where('hidden', '=', false)->orderBy('name')->get();
}
- /**
- * Get the roles that can be restricted.
- */
- public static function restrictable(): Collection
- {
- return static::query()
- ->where('system_name', '!=', 'admin')
- ->orderBy('display_name', 'asc')
- ->get();
- }
-
- /**
- * Get a role to represent the case of 'Everyone else' in the system.
- * Used within the interface since the default-fallback for permissions uses role_id=0.
- */
- public static function getEveryoneElseRole(): self
- {
- return (new static())->forceFill([
- 'id' => 0,
- 'display_name' => 'Everyone Else',
- 'description' => 'Set permissions for all roles not specifically overridden.'
- ]);
- }
-
/**
* {@inheritdoc}
*/
namespace BookStack\Http\Controllers;
+use BookStack\Auth\Permissions\PermissionFormData;
use BookStack\Entities\Models\Book;
use BookStack\Entities\Models\Bookshelf;
use BookStack\Entities\Models\Chapter;
return view('pages.permissions', [
'page' => $page,
+ 'data' => new PermissionFormData($page),
]);
}
return view('chapters.permissions', [
'chapter' => $chapter,
+ 'data' => new PermissionFormData($chapter),
]);
}
return view('books.permissions', [
'book' => $book,
+ 'data' => new PermissionFormData($book),
]);
}
return view('shelves.permissions', [
'shelf' => $shelf,
+ 'data' => new PermissionFormData($shelf),
]);
}
border-radius: 0 0 4px 4px;
border-bottom-width: 1.5px;
}
+.content-permissions-row:first-child:last-child {
+ border-radius: 4px;
+}
.content-permissions-row-toggle-all {
visibility: hidden;
}
@endif
<div class="content-permissions mt-m mb-xl">
- @foreach(\BookStack\Auth\Role::restrictable() as $role)
+ @foreach($data->rolesWithPermissions() as $role)
@include('form.entity-permissions-row', ['role' => $role, 'model' => $model])
@endforeach
</div>
<div class="content-permissions mt-m mb-xl">
- @include('form.entity-permissions-row', ['role' => \BookStack\Auth\Role::getEveryoneElseRole(), 'model' => $model])
+ @include('form.entity-permissions-row', ['role' => $data->everyoneElseRole(), 'model' => $model])
</div>
<div class="text-right">
projects / bookstack / commitdiff