From: Dan Brown Date: Fri, 29 Dec 2017 16:25:15 +0000 (+0000) Subject: Merge branch 'feature-613' of git://github.com/Abijeet/BookStack into Abijeet-feature-613 X-Git-Tag: v0.20.0~1^2~29 X-Git-Url: http://source.bookstackapp.com/bookstack/commitdiff_plain/1aa4d0dc59fb118c6cf28fd71af366c1882da74b?hp=d5a252977576c8f45e16bba51c6b5762c9152d93 Merge branch 'feature-613' of git://github.com/Abijeet/BookStack into Abijeet-feature-613 --- diff --git a/app/Console/Commands/DeleteUsers.php b/app/Console/Commands/DeleteUsers.php new file mode 100644 index 000000000..8829d3992 --- /dev/null +++ b/app/Console/Commands/DeleteUsers.php @@ -0,0 +1,62 @@ +user = $user; + $this->userRepo = $userRepo; + parent::__construct(); + } + + public function handle() + { + $confirm = $this->ask('This will delete all users from the system that are not "admin" or system users. Are you sure you want to continue? (Type "yes" to continue)'); + $numDeleted = 0; + if (strtolower(trim($confirm)) === 'yes') + { + $totalUsers = $this->user->count(); + $users = $this->user->where('system_name', '=', null)->with('roles')->get(); + foreach ($users as $user) + { + if ($user->hasSystemRole('admin')) + { + // don't delete users with "admin" role + continue; + } + $this->userRepo->destroy($user); + ++$numDeleted; + } + $this->info("Deleted $numDeleted of $totalUsers total users."); + } + else + { + $this->info('Exiting...'); + } + } + +} diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php index 12792e151..a979072e2 100644 --- a/app/Exceptions/Handler.php +++ b/app/Exceptions/Handler.php @@ -4,11 +4,14 @@ namespace BookStack\Exceptions; use Exception; use Illuminate\Auth\AuthenticationException; +use Illuminate\Http\Request; +use Illuminate\Pipeline\Pipeline; use Illuminate\Validation\ValidationException; use Illuminate\Database\Eloquent\ModelNotFoundException; use Symfony\Component\HttpKernel\Exception\HttpException; use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler; use Illuminate\Auth\Access\AuthorizationException; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; class Handler extends ExceptionHandler { @@ -60,9 +63,32 @@ class Handler extends ExceptionHandler return response()->view('errors/' . $code, ['message' => $message], $code); } + // Handle 404 errors with a loaded session to enable showing user-specific information + if ($this->isExceptionType($e, NotFoundHttpException::class)) { + return $this->loadErrorMiddleware($request, function ($request) use ($e) { + $message = $e->getMessage() ?: trans('errors.404_page_not_found'); + return response()->view('errors/404', ['message' => $message], 404); + }); + } + return parent::render($request, $e); } + /** + * Load the middleware required to show state/session-enabled error pages. + * @param Request $request + * @param $callback + * @return mixed + */ + protected function loadErrorMiddleware(Request $request, $callback) + { + $middleware = (\Route::getMiddlewareGroups()['web_errors']); + return (new Pipeline($this->container)) + ->send($request) + ->through($middleware) + ->then($callback); + } + /** * Check the exception chain to compare against the original exception type. * @param Exception $e diff --git a/app/Http/Controllers/PageController.php b/app/Http/Controllers/PageController.php index 13e928465..9dc7d6401 100644 --- a/app/Http/Controllers/PageController.php +++ b/app/Http/Controllers/PageController.php @@ -145,6 +145,7 @@ class PageController extends Controller * @param string $bookSlug * @param string $pageSlug * @return Response + * @throws NotFoundException */ public function show($bookSlug, $pageSlug) { @@ -152,7 +153,7 @@ class PageController extends Controller $page = $this->entityRepo->getBySlug('page', $pageSlug, $bookSlug); } catch (NotFoundException $e) { $page = $this->entityRepo->getPageByOldSlug($pageSlug, $bookSlug); - if ($page === null) abort(404); + if ($page === null) throw $e; return redirect($page->getUrl()); } diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index cd894de95..9d2871bbe 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -33,6 +33,14 @@ class Kernel extends HttpKernel \Illuminate\Routing\Middleware\SubstituteBindings::class, \BookStack\Http\Middleware\Localization::class ], + 'web_errors' => [ + \BookStack\Http\Middleware\EncryptCookies::class, + \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, + \Illuminate\Session\Middleware\StartSession::class, + \Illuminate\View\Middleware\ShareErrorsFromSession::class, + \BookStack\Http\Middleware\VerifyCsrfToken::class, + \BookStack\Http\Middleware\Localization::class + ], 'api' => [ 'throttle:60,1', 'bindings', diff --git a/app/Repos/UserRepo.php b/app/Repos/UserRepo.php index c3546a442..52ad2e47e 100644 --- a/app/Repos/UserRepo.php +++ b/app/Repos/UserRepo.php @@ -115,9 +115,9 @@ class UserRepo */ public function isOnlyAdmin(User $user) { - if (!$user->roles->pluck('name')->contains('admin')) return false; + if (!$user->hasSystemRole('admin')) return false; - $adminRole = $this->role->getRole('admin'); + $adminRole = $this->role->getSystemRole('admin'); if ($adminRole->users->count() > 1) return false; return true; } diff --git a/app/User.php b/app/User.php index 8033557e4..fd6879ba0 100644 --- a/app/User.php +++ b/app/User.php @@ -81,7 +81,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon */ public function hasSystemRole($role) { - return $this->roles->pluck('system_name')->contains('admin'); + return $this->roles->pluck('system_name')->contains($role); } /** diff --git a/readme.md b/readme.md index 1b3db4a56..77f1e8805 100644 --- a/readme.md +++ b/readme.md @@ -72,7 +72,13 @@ Some strings have colon-prefixed variables in such as `:userName`. Leave these v Feel free to create issues to request new features or to report bugs and problems. Just please follow the template given when creating the issue. -Pull requests are very welcome. If the scope of your pull request is very large it may be best to open the pull request early or create an issue for it to discuss how it will fit in to the project and plan out the merge. +### Pull Request + +Pull requests are very welcome. If the scope of your pull request is large it may be best to open the pull request early or create an issue for it to discuss how it will fit in to the project and plan out the merge. + +Pull requests should be created from the `master` branch and should be merged back into `master` once done. Please do not build from or request a merge into the `release` branch as this is only for publishing releases. + +If you are looking to alter CSS or JavaScript content please edit the source files found in `resources/assets`. Any CSS or JS files within `public` are built from these source files and therefore should not be edited directly. ## Website, Docs & Blog diff --git a/resources/views/errors/404.blade.php b/resources/views/errors/404.blade.php index f6ef850af..7cc67a677 100644 --- a/resources/views/errors/404.blade.php +++ b/resources/views/errors/404.blade.php @@ -1,8 +1,6 @@ @extends('simple-layout') @section('content') - -

 

@@ -16,7 +14,6 @@
@if (setting('app-public') || !user()->isDefault()) -
diff --git a/resources/views/errors/500.blade.php b/resources/views/errors/500.blade.php index 71fb78a35..a01234d81 100644 --- a/resources/views/errors/500.blade.php +++ b/resources/views/errors/500.blade.php @@ -6,7 +6,7 @@

{{ trans('errors.error_occurred') }}

-
{{ $message }}
+
{{ $message or 'An unknown error occurred' }}

{{ trans('errors.return_home') }}

diff --git a/tests/ErrorTest.php b/tests/ErrorTest.php new file mode 100644 index 000000000..c9b5a0109 --- /dev/null +++ b/tests/ErrorTest.php @@ -0,0 +1,18 @@ +getEditor(); + $this->actingAs($editor); + $notFound = $this->get('/fgfdngldfnotfound'); + $notFound->assertStatus(404); + $notFound->assertDontSeeText('Log in'); + $notFound->assertSeeText($editor->getShortName(9)); + } +} \ No newline at end of file diff --git a/version b/version index de0ad7791..0507cd08e 100644 --- a/version +++ b/version @@ -1 +1 @@ -v0.18-dev +v0.20-dev