Started change for entities to have concept of owners · i4j5/BookStack@b493bec · GitHub
Skip to content

Commit b493bec

Browse files
committed
Started change for entities to have concept of owners
1 parent c71f00b commit b493bec

12 files changed

Lines changed: 151 additions & 57 deletions

File tree

app/Actions/Comment.php

Lines changed: 8 additions & 6 deletions

app/Auth/Permissions/PermissionService.php

Lines changed: 20 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,9 @@
55
use BookStack\Entities\Models\Book;
66
use BookStack\Entities\Models\Entity;
77
use BookStack\Entities\EntityProvider;
8-
use BookStack\Ownable;
8+
use BookStack\Model;
9+
use BookStack\Traits\HasCreatorAndUpdater;
10+
use BookStack\Traits\HasOwner;
911
use Illuminate\Database\Connection;
1012
use Illuminate\Database\Eloquent\Builder;
1113
use Illuminate\Database\Query\Builder as QueryBuilder;
@@ -168,7 +170,7 @@ public function buildJointPermissions()
168170
});
169171

170172
// Chunk through all bookshelves
171-
$this->entityProvider->bookshelf->newQuery()->withTrashed()->select(['id', 'restricted', 'created_by'])
173+
$this->entityProvider->bookshelf->newQuery()->withTrashed()->select(['id', 'restricted', 'owned_by'])
172174
->chunk(50, function ($shelves) use ($roles) {
173175
$this->buildJointPermissionsForShelves($shelves, $roles);
174176
});
@@ -181,10 +183,10 @@ public function buildJointPermissions()
181183
protected function bookFetchQuery()
182184
{
183185
return $this->entityProvider->book->withTrashed()->newQuery()
184-
->select(['id', 'restricted', 'created_by'])->with(['chapters' => function ($query) {
185-
$query->withTrashed()->select(['id', 'restricted', 'created_by', 'book_id']);
186+
->select(['id', 'restricted', 'owned_by'])->with(['chapters' => function ($query) {
187+
$query->withTrashed()->select(['id', 'restricted', 'owned_by', 'book_id']);
186188
}, 'pages' => function ($query) {
187-
$query->withTrashed()->select(['id', 'restricted', 'created_by', 'book_id', 'chapter_id']);
189+
$query->withTrashed()->select(['id', 'restricted', 'owned_by', 'book_id', 'chapter_id']);
188190
}]);
189191
}
190192

@@ -286,7 +288,7 @@ public function buildJointPermissionForRole(Role $role)
286288
});
287289

288290
// Chunk through all bookshelves
289-
$this->entityProvider->bookshelf->newQuery()->select(['id', 'restricted', 'created_by'])
291+
$this->entityProvider->bookshelf->newQuery()->select(['id', 'restricted', 'owned_by'])
290292
->chunk(50, function ($shelves) use ($roles) {
291293
$this->buildJointPermissionsForShelves($shelves, $roles);
292294
});
@@ -508,28 +510,24 @@ protected function createJointPermissionDataArray(Entity $entity, Role $role, $a
508510
'action' => $action,
509511
'has_permission' => $permissionAll,
510512
'has_permission_own' => $permissionOwn,
511-
'created_by' => $entity->getRawAttribute('created_by')
513+
'owned_by' => $entity->getRawAttribute('owned_by')
512514
];
513515
}
514516

515517
/**
516518
* Checks if an entity has a restriction set upon it.
517-
* @param Ownable $ownable
518-
* @param $permission
519-
* @return bool
519+
* @param HasCreatorAndUpdater|HasOwner $ownable
520520
*/
521-
public function checkOwnableUserAccess(Ownable $ownable, $permission)
521+
public function checkOwnableUserAccess(Model $ownable, string $permission): bool
522522
{
523523
$explodedPermission = explode('-', $permission);
524524

525-
$baseQuery = $ownable->where('id', '=', $ownable->id);
525+
$baseQuery = $ownable->newQuery()->where('id', '=', $ownable->id);
526526
$action = end($explodedPermission);
527527
$this->currentAction = $action;
528528

529-
$nonJointPermissions = ['restrictions', 'image', 'attachment', 'comment'];
530-
531529
// Handle non entity specific jointPermissions
532-
if (in_array($explodedPermission[0], $nonJointPermissions)) {
530+
if (!($ownable instanceof Entity)) {
533531
$allPermission = $this->currentUser() && $this->currentUser()->can($permission . '-all');
534532
$ownPermission = $this->currentUser() && $this->currentUser()->can($permission . '-own');
535533
$this->currentAction = 'view';
@@ -566,7 +564,7 @@ public function checkUserHasPermissionOnAnything(string $permission, string $ent
566564
$query->where('has_permission', '=', 1)
567565
->orWhere(function ($query2) use ($userId) {
568566
$query2->where('has_permission_own', '=', 1)
569-
->where('created_by', '=', $userId);
567+
->where('owned_by', '=', $userId);
570568
});
571569
});
572570

@@ -615,7 +613,7 @@ protected function entityRestrictionQuery($query)
615613
$query->where('has_permission', '=', true)
616614
->orWhere(function ($query) {
617615
$query->where('has_permission_own', '=', true)
618-
->where('created_by', '=', $this->currentUser()->id);
616+
->where('owned_by', '=', $this->currentUser()->id);
619617
});
620618
});
621619
});
@@ -639,7 +637,7 @@ public function restrictEntityQuery(Builder $query, string $ability = 'view'): B
639637
$query->where('has_permission', '=', true)
640638
->orWhere(function (Builder $query) {
641639
$query->where('has_permission_own', '=', true)
642-
->where('created_by', '=', $this->currentUser()->id);
640+
->where('owned_by', '=', $this->currentUser()->id);
643641
});
644642
});
645643
});
@@ -656,7 +654,7 @@ public function enforceDraftVisiblityOnQuery(Builder $query): Builder
656654
$query->where('draft', '=', false)
657655
->orWhere(function (Builder $query) {
658656
$query->where('draft', '=', true)
659-
->where('created_by', '=', $this->currentUser()->id);
657+
->where('owned_by', '=', $this->currentUser()->id);
660658
});
661659
});
662660
}
@@ -676,7 +674,7 @@ public function enforceEntityRestrictions($entityType, $query, $action = 'view')
676674
$query->where('draft', '=', false)
677675
->orWhere(function ($query) {
678676
$query->where('draft', '=', true)
679-
->where('created_by', '=', $this->currentUser()->id);
677+
->where('owned_by', '=', $this->currentUser()->id);
680678
});
681679
});
682680
}
@@ -710,7 +708,7 @@ public function filterRestrictedEntityRelations($query, $tableName, $entityIdCol
710708
->where(function ($query) {
711709
$query->where('has_permission', '=', true)->orWhere(function ($query) {
712710
$query->where('has_permission_own', '=', true)
713-
->where('created_by', '=', $this->currentUser()->id);
711+
->where('owned_by', '=', $this->currentUser()->id);
714712
});
715713
});
716714
});
@@ -746,7 +744,7 @@ public function filterRelatedEntity($entityType, $query, $tableName, $entityIdCo
746744
->where(function ($query) {
747745
$query->where('has_permission', '=', true)->orWhere(function ($query) {
748746
$query->where('has_permission_own', '=', true)
749-
->where('created_by', '=', $this->currentUser()->id);
747+
->where('owned_by', '=', $this->currentUser()->id);
750748
});
751749
});
752750
});

app/Entities/Models/Entity.php

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,9 @@
99
use BookStack\Entities\Tools\SearchIndex;
1010
use BookStack\Entities\Tools\SlugGenerator;
1111
use BookStack\Facades\Permissions;
12-
use BookStack\Ownable;
12+
use BookStack\Model;
13+
use BookStack\Traits\HasCreatorAndUpdater;
14+
use BookStack\Traits\HasOwner;
1315
use Carbon\Carbon;
1416
use Illuminate\Database\Eloquent\Builder;
1517
use Illuminate\Database\Eloquent\Collection;
@@ -35,9 +37,11 @@
3537
* @method static Builder withLastView()
3638
* @method static Builder withViewCount()
3739
*/
38-
abstract class Entity extends Ownable
40+
abstract class Entity extends Model
3941
{
4042
use SoftDeletes;
43+
use HasCreatorAndUpdater;
44+
use HasOwner;
4145

4246
/**
4347
* @var string - Name of property where the main text content is found

app/Http/Controllers/Controller.php

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,8 @@
44

55
use BookStack\Facades\Activity;
66
use BookStack\Interfaces\Loggable;
7-
use BookStack\Ownable;
7+
use BookStack\HasCreatorAndUpdater;
8+
use BookStack\Model;
89
use Illuminate\Foundation\Bus\DispatchesJobs;
910
use Illuminate\Foundation\Validation\ValidatesRequests;
1011
use Illuminate\Http\Exceptions\HttpResponseException;
@@ -72,7 +73,7 @@ protected function checkPermission(string $permission): void
7273
/**
7374
* Check the current user's permissions against an ownable item otherwise throw an exception.
7475
*/
75-
protected function checkOwnablePermission(string $permission, Ownable $ownable): void
76+
protected function checkOwnablePermission(string $permission, Model $ownable): void
7677
{
7778
if (!userCan($permission, $ownable)) {
7879
$this->showPermissionError();
Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,26 @@
1-
<?php namespace BookStack;
1+
<?php namespace BookStack\Traits;
22

33
use BookStack\Auth\User;
4+
use Illuminate\Database\Eloquent\Relations\BelongsTo;
45

56
/**
67
* @property int created_by
78
* @property int updated_by
89
*/
9-
abstract class Ownable extends Model
10+
trait HasCreatorAndUpdater
1011
{
1112
/**
1213
* Relation for the user that created this entity.
13-
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
1414
*/
15-
public function createdBy()
15+
public function createdBy(): BelongsTo
1616
{
1717
return $this->belongsTo(User::class, 'created_by');
1818
}
1919

2020
/**
2121
* Relation for the user that updated this entity.
22-
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
2322
*/
24-
public function updatedBy()
23+
public function updatedBy(): BelongsTo
2524
{
2625
return $this->belongsTo(User::class, 'updated_by');
2726
}

app/Traits/HasOwner.php

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
<?php namespace BookStack\Traits;
2+
3+
use BookStack\Auth\User;
4+
use Illuminate\Database\Eloquent\Relations\BelongsTo;
5+
6+
/**
7+
* @property int owned_by
8+
*/
9+
trait HasOwner
10+
{
11+
/**
12+
* Relation for the user that owns this entity.
13+
*/
14+
public function ownedBy(): BelongsTo
15+
{
16+
return $this->belongsTo(User::class, 'owned_by');
17+
}
18+
19+
}

app/Uploads/Attachment.php

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
11
<?php namespace BookStack\Uploads;
22

33
use BookStack\Entities\Models\Page;
4-
use BookStack\Ownable;
4+
use BookStack\Model;
5+
use BookStack\Traits\HasCreatorAndUpdater;
56

67
/**
78
* @property int id
@@ -10,8 +11,10 @@
1011
* @property string extension
1112
* @property bool external
1213
*/
13-
class Attachment extends Ownable
14+
class Attachment extends Model
1415
{
16+
use HasCreatorAndUpdater;
17+
1518
protected $fillable = ['name', 'order'];
1619

1720
/**

app/Uploads/Image.php

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,13 @@
11
<?php namespace BookStack\Uploads;
22

33
use BookStack\Entities\Models\Page;
4-
use BookStack\Ownable;
4+
use BookStack\Model;
5+
use BookStack\Traits\HasCreatorAndUpdater;
56
use Images;
67

7-
class Image extends Ownable
8+
class Image extends Model
89
{
10+
use HasCreatorAndUpdater;
911

1012
protected $fillable = ['name'];
1113
protected $hidden = [];

app/helpers.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
use BookStack\Auth\Permissions\PermissionService;
44
use BookStack\Auth\User;
5-
use BookStack\Ownable;
5+
use BookStack\Model;
66
use BookStack\Settings\SettingService;
77

88
/**
@@ -56,7 +56,7 @@ function hasAppAccess(): bool
5656
* Check if the current user has a permission. If an ownable element
5757
* is passed in the jointPermissions are checked against that particular item.
5858
*/
59-
function userCan(string $permission, Ownable $ownable = null): bool
59+
function userCan(string $permission, Model $ownable = null): bool
6060
{
6161
if ($ownable === null) {
6262
return user() && user()->can($permission);
Lines changed: 49 additions & 0 deletions

0 commit comments

Comments
 (0)