mirror of
https://github.com/BookStackApp/BookStack.git
synced 2026-05-04 18:08:46 +03:00
Permissions: Started addition of revision-view permission
This commit is contained in:
Dan Brown
@@ -34,6 +34,7 @@ class PageRevisionController extends Controller
|
|||||||
*/
|
*/
|
||||||
public function index(Request $request, string $bookSlug, string $pageSlug)
|
public function index(Request $request, string $bookSlug, string $pageSlug)
|
||||||
{
|
{
|
||||||
|
$this->checkPermission(Permission::RevisionViewAll);
|
||||||
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
||||||
$listOptions = SimpleListOptions::fromRequest($request, 'page_revisions', true)->withSortOptions([
|
$listOptions = SimpleListOptions::fromRequest($request, 'page_revisions', true)->withSortOptions([
|
||||||
'id' => trans('entities.pages_revisions_sort_number')
|
'id' => trans('entities.pages_revisions_sort_number')
|
||||||
@@ -65,6 +66,8 @@ class PageRevisionController extends Controller
|
|||||||
*/
|
*/
|
||||||
public function show(string $bookSlug, string $pageSlug, int $revisionId)
|
public function show(string $bookSlug, string $pageSlug, int $revisionId)
|
||||||
{
|
{
|
||||||
|
$this->checkPermission(Permission::RevisionViewAll);
|
||||||
|
|
||||||
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
||||||
/** @var ?PageRevision $revision */
|
/** @var ?PageRevision $revision */
|
||||||
$revision = $page->revisions()->where('id', '=', $revisionId)->first();
|
$revision = $page->revisions()->where('id', '=', $revisionId)->first();
|
||||||
@@ -94,6 +97,8 @@ class PageRevisionController extends Controller
|
|||||||
*/
|
*/
|
||||||
public function changes(string $bookSlug, string $pageSlug, int $revisionId)
|
public function changes(string $bookSlug, string $pageSlug, int $revisionId)
|
||||||
{
|
{
|
||||||
|
$this->checkPermission(Permission::RevisionViewAll);
|
||||||
|
|
||||||
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
||||||
/** @var ?PageRevision $revision */
|
/** @var ?PageRevision $revision */
|
||||||
$revision = $page->revisions()->where('id', '=', $revisionId)->first();
|
$revision = $page->revisions()->where('id', '=', $revisionId)->first();
|
||||||
@@ -130,6 +135,7 @@ class PageRevisionController extends Controller
|
|||||||
public function restore(string $bookSlug, string $pageSlug, int $revisionId)
|
public function restore(string $bookSlug, string $pageSlug, int $revisionId)
|
||||||
{
|
{
|
||||||
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
||||||
|
$this->checkPermission(Permission::RevisionViewAll);
|
||||||
$this->checkOwnablePermission(Permission::PageUpdate, $page);
|
$this->checkOwnablePermission(Permission::PageUpdate, $page);
|
||||||
|
|
||||||
$page = $this->pageRepo->restoreRevision($page, $revisionId);
|
$page = $this->pageRepo->restoreRevision($page, $revisionId);
|
||||||
@@ -145,6 +151,7 @@ class PageRevisionController extends Controller
|
|||||||
public function destroy(string $bookSlug, string $pageSlug, int $revId)
|
public function destroy(string $bookSlug, string $pageSlug, int $revId)
|
||||||
{
|
{
|
||||||
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
$page = $this->pageQueries->findVisibleBySlugsOrFail($bookSlug, $pageSlug);
|
||||||
|
$this->checkPermission(Permission::RevisionViewAll);
|
||||||
$this->checkOwnablePermission(Permission::PageDelete, $page);
|
$this->checkOwnablePermission(Permission::PageDelete, $page);
|
||||||
|
|
||||||
$revision = $page->revisions()->where('id', '=', $revId)->first();
|
$revision = $page->revisions()->where('id', '=', $revId)->first();
|
||||||
|
|||||||
@@ -118,6 +118,8 @@ enum Permission: string
|
|||||||
case PageViewAll = 'page-view-all';
|
case PageViewAll = 'page-view-all';
|
||||||
case PageViewOwn = 'page-view-own';
|
case PageViewOwn = 'page-view-own';
|
||||||
|
|
||||||
|
case RevisionViewAll = 'revision-view-all';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the generic permissions which may be queried for entities.
|
* Get the generic permissions which may be queried for entities.
|
||||||
*/
|
*/
|
||||||
|
|||||||
@@ -207,6 +207,7 @@ return [
|
|||||||
'role_all' => 'All',
|
'role_all' => 'All',
|
||||||
'role_own' => 'Own',
|
'role_own' => 'Own',
|
||||||
'role_controlled_by_asset' => 'Controlled by the asset they are uploaded to',
|
'role_controlled_by_asset' => 'Controlled by the asset they are uploaded to',
|
||||||
|
'role_controlled_by_page_delete' => 'Controlled by page delete permissions',
|
||||||
'role_save' => 'Save Role',
|
'role_save' => 'Save Role',
|
||||||
'role_users' => 'Users in this role',
|
'role_users' => 'Users in this role',
|
||||||
'role_users_none' => 'No users are currently assigned to this role',
|
'role_users_none' => 'No users are currently assigned to this role',
|
||||||
|
|||||||
@@ -9,7 +9,7 @@
|
|||||||
</div>
|
</div>
|
||||||
@endif
|
@endif
|
||||||
|
|
||||||
@if ($entity->isA('page'))
|
@if ($entity->isA('page') && userCan(\BookStack\Permissions\Permission::RevisionViewAll))
|
||||||
<a href="{{ $entity->getUrl('/revisions') }}" class="entity-meta-item">
|
<a href="{{ $entity->getUrl('/revisions') }}" class="entity-meta-item">
|
||||||
@icon('history'){{ trans('entities.meta_revision', ['revisionCount' => $entity->revision_count]) }}
|
@icon('history'){{ trans('entities.meta_revision', ['revisionCount' => $entity->revision_count]) }}
|
||||||
</a>
|
</a>
|
||||||
|
|||||||
@@ -24,10 +24,12 @@
|
|||||||
</a>
|
</a>
|
||||||
@endif
|
@endif
|
||||||
@endif
|
@endif
|
||||||
<a href="{{ $page->getUrl('/revisions') }}" data-shortcut="revisions" class="icon-list-item">
|
@if(userCan(\BookStack\Permissions\Permission::RevisionViewAll))
|
||||||
<span>@icon('history')</span>
|
<a href="{{ $page->getUrl('/revisions') }}" data-shortcut="revisions" class="icon-list-item">
|
||||||
<span>{{ trans('entities.revisions') }}</span>
|
<span>@icon('history')</span>
|
||||||
</a>
|
<span>{{ trans('entities.revisions') }}</span>
|
||||||
|
</a>
|
||||||
|
@endif
|
||||||
@if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $page))
|
@if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $page))
|
||||||
<a href="{{ $page->getUrl('/permissions') }}" data-shortcut="permissions" class="icon-list-item">
|
<a href="{{ $page->getUrl('/permissions') }}" data-shortcut="permissions" class="icon-list-item">
|
||||||
<span>@icon('lock')</span>
|
<span>@icon('lock')</span>
|
||||||
|
|||||||
@@ -79,6 +79,7 @@
|
|||||||
@include('settings.roles.parts.asset-permissions-row', ['title' => trans('entities.books'), 'permissionPrefix' => 'book'])
|
@include('settings.roles.parts.asset-permissions-row', ['title' => trans('entities.books'), 'permissionPrefix' => 'book'])
|
||||||
@include('settings.roles.parts.asset-permissions-row', ['title' => trans('entities.chapters'), 'permissionPrefix' => 'chapter'])
|
@include('settings.roles.parts.asset-permissions-row', ['title' => trans('entities.chapters'), 'permissionPrefix' => 'chapter'])
|
||||||
@include('settings.roles.parts.asset-permissions-row', ['title' => trans('entities.pages'), 'permissionPrefix' => 'page'])
|
@include('settings.roles.parts.asset-permissions-row', ['title' => trans('entities.pages'), 'permissionPrefix' => 'page'])
|
||||||
|
@include('settings.roles.parts.revisions-permissions-row', ['title' => trans('entities.revisions'), 'permissionPrefix' => 'revision'])
|
||||||
@include('settings.roles.parts.related-asset-permissions-row', ['title' => trans('entities.images'), 'permissionPrefix' => 'image'])
|
@include('settings.roles.parts.related-asset-permissions-row', ['title' => trans('entities.images'), 'permissionPrefix' => 'image'])
|
||||||
@include('settings.roles.parts.related-asset-permissions-row', ['title' => trans('entities.attachments'), 'permissionPrefix' => 'attachment'])
|
@include('settings.roles.parts.related-asset-permissions-row', ['title' => trans('entities.attachments'), 'permissionPrefix' => 'attachment'])
|
||||||
@include('settings.roles.parts.related-asset-permissions-row', ['title' => trans('entities.comments'), 'permissionPrefix' => 'comment'])
|
@include('settings.roles.parts.related-asset-permissions-row', ['title' => trans('entities.comments'), 'permissionPrefix' => 'comment'])
|
||||||
|
|||||||
@@ -0,0 +1,22 @@
|
|||||||
|
<div class="item-list-row flex-container-row items-center wrap">
|
||||||
|
<div class="flex py-s px-m min-width-s">
|
||||||
|
<strong>{{ $title }}</strong> <br>
|
||||||
|
<a href="#" refs="permissions-table@toggle-row" class="text-small text-link">{{ trans('common.toggle_all') }}</a>
|
||||||
|
</div>
|
||||||
|
<div class="flex py-s px-m min-width-xxs">
|
||||||
|
<small class="hide-over-m bold">{{ trans('common.create') }}<br></small>
|
||||||
|
<strong class="text-muted opacity-70 text-large">-</strong>
|
||||||
|
</div>
|
||||||
|
<div class="flex py-s px-m min-width-xxs">
|
||||||
|
<small class="hide-over-m bold">{{ trans('common.view') }}<br></small>
|
||||||
|
@include('settings.roles.parts.checkbox', ['permission' => $permissionPrefix . '-view-all', 'label' => trans('settings.role_all')])
|
||||||
|
</div>
|
||||||
|
<div class="flex py-s px-m min-width-xxs">
|
||||||
|
<small class="hide-over-m bold">{{ trans('common.edit') }}<br></small>
|
||||||
|
<strong class="text-muted opacity-70 text-large">-</strong>
|
||||||
|
</div>
|
||||||
|
<div class="flex py-s px-m min-width-xxs">
|
||||||
|
<small class="hide-over-m bold">{{ trans('common.delete') }}<br></small>
|
||||||
|
<small>{{ trans('settings.role_controlled_by_page_delete') }}</small>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
Reference in New Issue
Block a user