starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-02-09 03:09:38 +03:00
Code Issues 784 Packages Projects Releases 10 Wiki Activity

Compare commits

base: starred:0.7.2
Branches Tags
starred:development starred:further_theme_development starred:l10n_development starred:release starred:llm_only starred:vectors starred:v25-11 starred:docker_env starred:drawio_rendering starred:user_permissions starred:ldap_host_failover starred:svg_image starred:prosemirror starred:captcha_example starred:fix/video-export
starred:v25.12.3 starred:v25.12.2 starred:v25.12.1 starred:v25.12 starred:v25.11.6 starred:v25.11.5 starred:v25.11.4 starred:v24.11.4 starred:v25.11.3 starred:v25.11.2 starred:v25.11.1 starred:v25.11 starred:v25.07.3 starred:v25.07.2 starred:v25.07.1 starred:v25.07 starred:v25.05.2 starred:v25.05.1 starred:v25.05 starred:v25.02.5 starred:v25.02.4 starred:v25.02.3 starred:v25.02.2 starred:v25.02.1 starred:v25.02 starred:v24.12.1 starred:v24.12 starred:v24.10.3 starred:v24.10.2 starred:v24.10.1 starred:v24.10 starred:v24.05.4 starred:v24.05.3 starred:v24.05.2 starred:v24.05.1 starred:v24.05 starred:v24.02.3 starred:v24.02.2 starred:v24.02.1 starred:v24.02 starred:v23.12.3 starred:v23.12.2 starred:v23.12.1 starred:v23.12 starred:v23.10.4 starred:v23.10.3 starred:v23.10.2 starred:v23.10.1 starred:v23.10 starred:v23.08.3 starred:v23.08.2 starred:v23.08.1 starred:v23.08 starred:v23.06.2 starred:v23.06.1 starred:v23.06 starred:v23.05.2 starred:v23.05.1 starred:v23.05 starred:v23.02.3 starred:v23.02.2 starred:v23.02.1 starred:v23.02 starred:v23.01.1 starred:v23.01 starred:v22.11.1 starred:v22.11 starred:v22.10.2 starred:v22.10.1 starred:v22.10 starred:v22.09.1 starred:v22.09 starred:v22.07.3 starred:v22.07.2 starred:v22.07.1 starred:v22.07 starred:v22.06.2 starred:v22.06.1 starred:v22.06 starred:v22.04.2 starred:v22.04.1 starred:v22.04 starred:v22.03.1 starred:v22.03 starred:v22.02.3 starred:v22.02.2 starred:v22.02.1 starred:v22.02 starred:v21.12.5 starred:v21.12.4 starred:v21.12.3 starred:v21.12.2 starred:v21.12.1 starred:v21.12 starred:v21.11.3 starred:v21.11.2 starred:v21.11.1 starred:v21.11 starred:v21.10.3 starred:v21.10.2 starred:v21.10.1 starred:v21.10 starred:v21.08.6 starred:v21.08.5 starred:v21.08.4 starred:v21.08.3 starred:v21.08.2 starred:v21.08.1 starred:v21.08 starred:v21.05.4 starred:v21.05.3 starred:v21.05.2 starred:v21.05.1 starred:v21.05 starred:v21.04.6 starred:v21.04.5 starred:v21.04.4 starred:v21.04.3 starred:v21.04.2 starred:v21.04.1 starred:v21.04 starred:v0.31.8 starred:v0.31.7 starred:v0.31.6 starred:v0.31.5 starred:v0.31.4 starred:v0.31.3 starred:v0.31.2 starred:v0.31.1 starred:v0.31.0 starred:v0.30.7 starred:v0.30.6 starred:v0.30.5 starred:v0.30.4 starred:v0.30.3 starred:v0.30.2 starred:v0.30.1 starred:v0.30.0 starred:v0.29.3 starred:v0.29.2 starred:v0.29.1 starred:v0.29.0 starred:v0.28.3 starred:v0.28.2 starred:v0.28.1 starred:v0.28.0 starred:v0.27.5 starred:v0.27.4 starred:v0.27.3 starred:v0.27.2 starred:v0.27.1 starred:v0.27 starred:v0.26.4 starred:v0.26.3 starred:v0.26.2 starred:v0.26.1 starred:v0.26.0 starred:v0.25.5 starred:v0.25.4 starred:v0.25.3 starred:v0.25.2 starred:v0.25.1 starred:v0.25.0 starred:v0.24.3 starred:v0.24.2 starred:v0.24.1 starred:v0.24.0 starred:v0.23.2 starred:v0.23.1 starred:v0.23.0 starred:v0.22.0 starred:v0.21.0 starred:v0.20.3 starred:v0.20.2 starred:v0.20.1 starred:v0.20.0 starred:v0.19.0 starred:v0.18.5 starred:v0.18.4 starred:v0.18.3 starred:v0.18.2 starred:v0.18.1 starred:v0.18.0 starred:v0.17.4 starred:v0.17.3 starred:v0.17.2 starred:v0.17.1 starred:v0.17.0 starred:v0.16.3 starred:v0.16.2 starred:v0.16.1 starred:v0.16.0 starred:v0.15.3 starred:v0.15.2 starred:v0.15.1 starred:v0.15.0 starred:v0.14.3 starred:v0.14.2 starred:v0.14.1 starred:v0.14.0 starred:v0.13.1 starred:v0.13.0 starred:v0.12.2 starred:v0.12.1 starred:v0.12.0 starred:v0.11.2 starred:v0.11.1 starred:v0.11.0 starred:v0.10.0 starred:v0.9.3 starred:v0.9.2 starred:v0.9.1 starred:v0.9.0 starred:v0.8.2 starred:v0.8.1 starred:v0.8.0 starred:v0.7.6 starred:v0.7.5 starred:v0.7.4 starred:v0.7.3 starred:0.7.2 starred:v.0.7.1 starred:v0.7.0 starred:v0.6.3 starred:v0.6.2 starred:v0.6.1 starred:v0.6.0 starred:v0.5.0
...
compare: starred:v0.7.6
Branches Tags
starred:further_theme_development starred:l10n_development starred:release starred:development starred:llm_only starred:vectors starred:v25-11 starred:docker_env starred:drawio_rendering starred:user_permissions starred:ldap_host_failover starred:svg_image starred:prosemirror starred:captcha_example starred:fix/video-export
starred:v25.12.3 starred:v25.12.2 starred:v25.12.1 starred:v25.12 starred:v25.11.6 starred:v25.11.5 starred:v25.11.4 starred:v24.11.4 starred:v25.11.3 starred:v25.11.2 starred:v25.11.1 starred:v25.11 starred:v25.07.3 starred:v25.07.2 starred:v25.07.1 starred:v25.07 starred:v25.05.2 starred:v25.05.1 starred:v25.05 starred:v25.02.5 starred:v25.02.4 starred:v25.02.3 starred:v25.02.2 starred:v25.02.1 starred:v25.02 starred:v24.12.1 starred:v24.12 starred:v24.10.3 starred:v24.10.2 starred:v24.10.1 starred:v24.10 starred:v24.05.4 starred:v24.05.3 starred:v24.05.2 starred:v24.05.1 starred:v24.05 starred:v24.02.3 starred:v24.02.2 starred:v24.02.1 starred:v24.02 starred:v23.12.3 starred:v23.12.2 starred:v23.12.1 starred:v23.12 starred:v23.10.4 starred:v23.10.3 starred:v23.10.2 starred:v23.10.1 starred:v23.10 starred:v23.08.3 starred:v23.08.2 starred:v23.08.1 starred:v23.08 starred:v23.06.2 starred:v23.06.1 starred:v23.06 starred:v23.05.2 starred:v23.05.1 starred:v23.05 starred:v23.02.3 starred:v23.02.2 starred:v23.02.1 starred:v23.02 starred:v23.01.1 starred:v23.01 starred:v22.11.1 starred:v22.11 starred:v22.10.2 starred:v22.10.1 starred:v22.10 starred:v22.09.1 starred:v22.09 starred:v22.07.3 starred:v22.07.2 starred:v22.07.1 starred:v22.07 starred:v22.06.2 starred:v22.06.1 starred:v22.06 starred:v22.04.2 starred:v22.04.1 starred:v22.04 starred:v22.03.1 starred:v22.03 starred:v22.02.3 starred:v22.02.2 starred:v22.02.1 starred:v22.02 starred:v21.12.5 starred:v21.12.4 starred:v21.12.3 starred:v21.12.2 starred:v21.12.1 starred:v21.12 starred:v21.11.3 starred:v21.11.2 starred:v21.11.1 starred:v21.11 starred:v21.10.3 starred:v21.10.2 starred:v21.10.1 starred:v21.10 starred:v21.08.6 starred:v21.08.5 starred:v21.08.4 starred:v21.08.3 starred:v21.08.2 starred:v21.08.1 starred:v21.08 starred:v21.05.4 starred:v21.05.3 starred:v21.05.2 starred:v21.05.1 starred:v21.05 starred:v21.04.6 starred:v21.04.5 starred:v21.04.4 starred:v21.04.3 starred:v21.04.2 starred:v21.04.1 starred:v21.04 starred:v0.31.8 starred:v0.31.7 starred:v0.31.6 starred:v0.31.5 starred:v0.31.4 starred:v0.31.3 starred:v0.31.2 starred:v0.31.1 starred:v0.31.0 starred:v0.30.7 starred:v0.30.6 starred:v0.30.5 starred:v0.30.4 starred:v0.30.3 starred:v0.30.2 starred:v0.30.1 starred:v0.30.0 starred:v0.29.3 starred:v0.29.2 starred:v0.29.1 starred:v0.29.0 starred:v0.28.3 starred:v0.28.2 starred:v0.28.1 starred:v0.28.0 starred:v0.27.5 starred:v0.27.4 starred:v0.27.3 starred:v0.27.2 starred:v0.27.1 starred:v0.27 starred:v0.26.4 starred:v0.26.3 starred:v0.26.2 starred:v0.26.1 starred:v0.26.0 starred:v0.25.5 starred:v0.25.4 starred:v0.25.3 starred:v0.25.2 starred:v0.25.1 starred:v0.25.0 starred:v0.24.3 starred:v0.24.2 starred:v0.24.1 starred:v0.24.0 starred:v0.23.2 starred:v0.23.1 starred:v0.23.0 starred:v0.22.0 starred:v0.21.0 starred:v0.20.3 starred:v0.20.2 starred:v0.20.1 starred:v0.20.0 starred:v0.19.0 starred:v0.18.5 starred:v0.18.4 starred:v0.18.3 starred:v0.18.2 starred:v0.18.1 starred:v0.18.0 starred:v0.17.4 starred:v0.17.3 starred:v0.17.2 starred:v0.17.1 starred:v0.17.0 starred:v0.16.3 starred:v0.16.2 starred:v0.16.1 starred:v0.16.0 starred:v0.15.3 starred:v0.15.2 starred:v0.15.1 starred:v0.15.0 starred:v0.14.3 starred:v0.14.2 starred:v0.14.1 starred:v0.14.0 starred:v0.13.1 starred:v0.13.0 starred:v0.12.2 starred:v0.12.1 starred:v0.12.0 starred:v0.11.2 starred:v0.11.1 starred:v0.11.0 starred:v0.10.0 starred:v0.9.3 starred:v0.9.2 starred:v0.9.1 starred:v0.9.0 starred:v0.8.2 starred:v0.8.1 starred:v0.8.0 starred:v0.7.6 starred:v0.7.5 starred:v0.7.4 starred:v0.7.3 starred:0.7.2 starred:v.0.7.1 starred:v0.7.0 starred:v0.6.3 starred:v0.6.2 starred:v0.6.1 starred:v0.6.0 starred:v0.5.0

59 Commits
0.7.2 ... v0.7.6

Author SHA1 Message Date
Dan Brown
744865fcb2 Updated assets for release 0.7.6 2016-03-06 13:28:44 +00:00
Dan Brown
7f8c8b448d Merged branch master into release 2016-03-06 13:26:29 +00:00
Dan Brown
1d6137f7e2 Added restrictions to user profile lists 2016-03-06 13:17:46 +00:00
Dan Brown
66c56e9d02 Added settings helper and formatted code in some files 2016-03-06 12:55:08 +00:00
Dan Brown
e744d4c82c Changed color picker library and moved color logic to front end 
Since the old library was GPLv3 i changed the color picker to tiny-color-picker which is MIT.
Also extracted the styles to a shared view and move color calculation logic to javascript side.
 2016-03-06 10:52:10 +00:00
Dan Brown
0774ecc89c Merge branch 'master' into nwalke-update_site_color 2016-03-06 09:08:20 +00:00
Dan Brown
5e7a4c7fb5 Fixed incorrect recents pages on homescreen 
Fixed the bug causing the recently updated pages to be exaclty the same as the recently create pages.
Also added in tests to prevent regression.
 2016-03-05 22:54:53 +00:00
Dan Brown
76eaf64f94 Fixed errors that occured when merging & refactored entity repositories 
Also deleted the git '.orig' files that got added in last merge.
 2016-03-05 19:00:26 +00:00
Dan Brown
80865b30a5 Merge branch 'custom_role_system' 
Conflicts:
	app/Repos/BookRepo.php
	app/Repos/ChapterRepo.php
	app/Repos/PageRepo.php
 2016-03-05 18:21:44 +00:00
Dan Brown
8e6248f57f Added restriction tests and fixed any bugs in the process 
Also updated many styles within areas affected by the new permission and roles system.
 2016-03-05 18:09:21 +00:00
Dan Brown
268db6b1d0 Added a whole load of permission & role tests 2016-03-05 12:09:09 +00:00
Dan Brown
479dd80a8c Made memcached config allow mulitple servers 2016-03-05 09:47:24 +00:00
Dan Brown
069431db72 Merge branch 'add_memcached' of git://github.com/nwalke/BookStack into nwalke-add_memcached 2016-03-05 09:05:27 +00:00
Dan Brown
bc2b310638 Updated fulltext search with custom escaped query 
Changed pdo quoted query to use custom escaping and added like searches when quoted terms are used.
 2016-03-04 20:49:35 +00:00
Nick Walke
33bf20cfc8 Found the source of the issue, not sure how to fix 2016-03-04 02:33:57 -06:00
Nick Walke
e3bdc391cd Closes #55. Allows you to set the primary color. 
This certainly should not be seen as the final implementation of this.
I imagine that requests like this will happen for many other colors in
the system, it might be good at some point to allow them to upload their
own stylesheet to be used.
 2016-03-03 12:01:14 -06:00
Nick Walke
5681f4dd69 Closes #70. 
Added the ability to search by multi-word terms using double quotes.
 2016-03-02 21:38:23 -06:00
Nick Walke
38d822e04c Closes #69. Implemented and tested memcached. 2016-03-02 20:44:00 -06:00
Dan Brown
8e274a5a84 Refactored some permission controls and increased testing for roles system 2016-03-02 22:35:01 +00:00
Dan Brown
985d2f1c2c Tied entity restriction system into userCan checks 2016-02-29 20:31:21 +00:00
Dan Brown
7f5872372d Added in restriction queries for most lists 2016-02-28 19:03:13 +00:00
Dan Brown
201f788806 Implemented database structure and inital interfaces for entity restrictions 2016-02-28 10:49:41 +00:00
Dan Brown
a14b5c33fd Added missing permission checkboxes and improved image AJAX permission responses 2016-02-27 20:52:46 +00:00
Dan Brown
473261be35 Finished initial implementation of custom role system 2016-02-27 19:24:42 +00:00
Dan Brown
a54be85185 Started work on exposing the role system as editable 2016-02-26 23:44:02 +00:00
Dan Brown
a67c53826d Updated assets for release 0.7.5 2016-02-25 21:24:09 +00:00
Dan Brown
14b131e850 Merge branch 'master' into release 2016-02-25 21:23:06 +00:00
Dan Brown
54e3122540 Added smarter page finding so changing the page name does not break old urls 
Added page & book slug history to revisions so they can be looked up if a page is not found.
 2016-02-25 20:01:59 +00:00
Dan Brown
d339ab1125 Updated phpunit testing mail settings due to laravel 5.2 changes 2016-02-22 21:28:53 +00:00
Dan Brown
3ab09ef708 Fixed issue with the book sort not showing all books in sidebar 2016-02-22 21:28:20 +00:00
Dan Brown
c86a122d80 Added table header row styling, made code blocks horizontally scrollbable fixed link popup on firefox 2016-02-22 20:18:08 +00:00
Dan Brown
3a58e37838 Updated phpunit environment variables with some required defaults 2016-02-22 19:39:51 +00:00
Dan Brown
6bd49bcd4b Fixed page listing excerpts not showing due to encoding issues 2016-02-21 13:15:46 +00:00
Dan Brown
61577cf6bf Added entity-specific search results pages. Cleaned & Fixed search results bugs 
Added search result pages for pages, chapters and books.
Limited the results on the global search as it just listed out an infinate amount.
Fixed styling on new detailed page listings and also removed the 'bars' from the side to create  a cleaner view.
Fixed bad sql fulltext query format that may have thrown off searches.
Reduced the number of database queries down a thousand or so.
 2016-02-21 12:53:58 +00:00
Dan Brown
b4dec2a99c Made page anchor hashes more relevant to the page content 
This will help when adding support for new kinds of page content such as markdown as we won't be able to reference the same ID's as before thus they would break on every save.
 2016-02-21 11:29:46 +00:00
Dan Brown
fe0b122aca Merge pull request #63 from AkibaWolf/patch-1 
Fixes encoding issues the page HTML is formatted on save
 2016-02-20 19:24:32 +00:00
Dan Brown
8eb2960950 Added recently created & updated page listings 
Closes #46.
 2016-02-20 18:51:01 +00:00
AkibaWolf
c2369a740d Update PageRepo.php 
Fix encoding problem.

By default DOMDocument::loadHTML treats a string as being encoded with ISO-8859-1. This causes a problem with saving cyrillic pages' text that becomes completely unreadable (like Проверка instead of normal symbols).
 2016-02-20 21:31:21 +05:00
Dan Brown
bab6fd1f2f Added recent pages to home view and made the home content more compact 2016-02-20 12:37:06 +00:00
Dan Brown
86fbc9a936 Added tests for profile pages 2016-02-18 19:32:07 +00:00
Dan Brown
4d9726dbdd Added content to user profile pages 2016-02-17 22:11:48 +00:00
Dan Brown
4442a2e6d1 Started work on user profile pages 2016-02-16 21:25:11 +00:00
Dan Brown
293be7093c Merged origin/master into master 2016-02-11 22:36:49 +00:00
Dan Brown
9b55a52b85 Updated assets for release 0.7.4 2016-02-11 22:35:01 +00:00
Dan Brown
db1d10e80f Merge branch 'master' into release 2016-02-11 22:29:29 +00:00
Dan Brown
354912a1df Made book-navigation sidebar on pages sticky 2016-02-11 22:23:19 +00:00
Nick Walke
eacff3a9f0 Fixes #45 2016-02-11 14:02:17 -06:00
Dan Brown
990acbb9ac Merge pull request #59 from nwalke/master 
Updated email on users list to be a link
 2016-02-11 18:53:12 +00:00
Nick Walke
17d4533e45 Fixes #58 2016-02-11 01:18:01 -06:00
Dan Brown
d6c00a85ad Fixed incorrect notification when deleting a page 2016-02-10 12:48:29 +00:00
Dan Brown
1be576966f Updated assets for release 0.7.3 2016-02-08 20:47:33 +00:00
Dan Brown
b97e792c5f Merge branch 'master' into release 2016-02-08 20:45:48 +00:00
Dan Brown
e0279f93f9 Added a back-to-top button on all pages 
The new back-to-top button will show after scrolling a short distance down a long page.
Closes #44.
 2016-02-08 20:42:41 +00:00
Dan Brown
9b83c57316 Fixed some design issues and improved page export styling 
Fixed alignment on export options dropdown.
Fixed bullet list items sitting too close next to floated content. Fixes #34.
Fixed text overlaying images in PDF exports (Floats removed for now). Fixes #53.
Fixed spaced table cells on html & PDF exports.
 2016-02-08 20:41:40 +00:00
Dan Brown
5d73d17c74 Fixed bug preventing LDAP users updating thier profile 
Made email not required when a profile is updated. LDAP users without admin privileges could did not have an email field to submit therefore could previously not update thier profile.
 2016-02-08 20:35:23 +00:00
Dan Brown
d32460070f Made ldap auth use the 'dn' if a 'uid' is not present. 
Fixes #56
 2016-02-08 19:45:01 +00:00
Dan Brown
105500e506 Tweaked page form header and added public uploads folder into repo 2016-02-07 10:21:09 +00:00
Dan Brown
8296782149 Updated image controller styling and added preview option 
The notification system was also updated so it can be used from JavaScript events such as image manager uploads.

Closes #25
 2016-02-07 10:17:38 +00:00
Dan Brown
8e8d582bc6 Updated app requirements & Added some friendlier errors 2016-02-03 20:55:37 +00:00
147 changed files with 4530 additions and 869 deletions
Expand all files Collapse all files

11
.env.example
View File

@@ -12,8 +12,17 @@ DB_PASSWORD=database_user_password
# Cache and session
CACHE_DRIVER=file
SESSION_DRIVER=file
# If using Memcached, comment the above and uncomment these
#CACHE_DRIVER=memcached
#SESSION_DRIVER=memcached
QUEUE_DRIVER=sync
# Memcached settings
# If using a UNIX socket path for the host, set the port to 0
# This follows the following format: HOST:PORT:WEIGHT
# For multiple servers separate with a comma
MEMCACHED_SERVERS=127.0.0.1:11211:100
# Storage
STORAGE_TYPE=local
# Amazon S3 Config
@@ -53,4 +62,4 @@ MAIL_HOST=localhost
MAIL_PORT=1025
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_ENCRYPTION=null

1
.gitignore vendored
View File

@@ -7,7 +7,6 @@ Homestead.yaml
/public/plugins
/public/css/*.map
/public/js/*.map
/public/uploads
/public/bower
/storage/images
_ide_helper.php

8
app/Activity.php
View File

@@ -15,15 +15,11 @@ class Activity extends Model
/**
* Get the entity for this activity.
* @return bool
*/
public function entity()
{
if ($this->entity_id) {
return $this->morphTo('entity')->first();
} else {
return false;
}
if ($this->entity_type === '') $this->entity_type = null;
return $this->morphTo('entity');
}
/**

87
app/Entity.php
View File

@@ -1,14 +1,9 @@
<?php
<?php namespace BookStack;
namespace BookStack;
use Illuminate\Database\Eloquent\Model;
abstract class Entity extends Model
abstract class Entity extends Ownable
{
use Ownable;
/**
* Compares this entity to another given entity.
* Matches by comparing class and id.
@@ -53,13 +48,31 @@ abstract class Entity extends Model
/**
* Get View objects for this entity.
* @return mixed
*/
public function views()
{
return $this->morphMany('BookStack\View', 'viewable');
}
/**
* Get this entities restrictions.
*/
public function restrictions()
{
return $this->morphMany('BookStack\Restriction', 'restrictable');
}
/**
* Check if this entity has a specific restriction set against it.
* @param $role_id
* @param $action
* @return bool
*/
public function hasRestriction($role_id, $action)
{
return $this->restrictions->where('role_id', $role_id)->where('action', $action)->count() > 0;
}
/**
* Allows checking of the exact class, Used to check entity type.
* Cleaner method for is_a.
@@ -72,23 +85,14 @@ abstract class Entity extends Model
}
/**
* Gets the class name.
* @return string
*/
public static function getClassName()
{
return strtolower(array_slice(explode('\\', static::class), -1, 1)[0]);
}
/**
*Gets a limited-length version of the entities name.
* Gets a limited-length version of the entities name.
* @param int $length
* @return string
*/
public function getShortName($length = 25)
{
if(strlen($this->name) <= $length) return $this->name;
return substr($this->name, 0, $length-3) . '...';
if (strlen($this->name) <= $length) return $this->name;
return substr($this->name, 0, $length - 3) . '...';
}
/**
@@ -98,27 +102,48 @@ abstract class Entity extends Model
* @param string[] array $wheres
* @return mixed
*/
public static function fullTextSearch($fieldsToSearch, $terms, $wheres = [])
public static function fullTextSearchQuery($fieldsToSearch, $terms, $wheres = [])
{
$termString = '';
foreach ($terms as $term) {
$termString .= htmlentities($term) . '* ';
$exactTerms = [];
foreach ($terms as $key => $term) {
$term = htmlentities($term, ENT_QUOTES);
$term = preg_replace('/[+\-><\(\)~*\"@]+/', ' ', $term);
if (preg_match('/\s/', $term)) {
$exactTerms[] = '%' . $term . '%';
$term = '"' . $term . '"';
} else {
$term = '' . $term . '*';
}
if ($term !== '*') $terms[$key] = $term;
}
$termString = implode(' ', $terms);
$fields = implode(',', $fieldsToSearch);
$termStringEscaped = \DB::connection()->getPdo()->quote($termString);
$search = static::addSelect(\DB::raw('*, MATCH(name) AGAINST('.$termStringEscaped.' IN BOOLEAN MODE) AS title_relevance'));
$search = $search->whereRaw('MATCH(' . $fields . ') AGAINST(? IN BOOLEAN MODE)', [$termStringEscaped]);
$search = static::selectRaw('*, MATCH(name) AGAINST(? IN BOOLEAN MODE) AS title_relevance', [$termString]);
$search = $search->whereRaw('MATCH(' . $fields . ') AGAINST(? IN BOOLEAN MODE)', [$termString]);
// Ensure at least one exact term matches if in search
if (count($exactTerms) > 0) {
$search = $search->where(function ($query) use ($exactTerms, $fieldsToSearch) {
foreach ($exactTerms as $exactTerm) {
foreach ($fieldsToSearch as $field) {
$query->orWhere($field, 'like', $exactTerm);
}
}
});
}
// Add additional where terms
foreach ($wheres as $whereTerm) {
$search->where($whereTerm[0], $whereTerm[1], $whereTerm[2]);
}
// Load in relations
if (!static::isA('book')) $search = $search->with('book');
if (static::isA('page')) $search = $search->with('chapter');
if (static::isA('page')) {
$search = $search->with('book', 'chapter', 'createdBy', 'updatedBy');
} else if (static::isA('chapter')) {
$search = $search->with('book');
}
return $search->orderBy('title_relevance', 'desc')->get();
return $search->orderBy('title_relevance', 'desc');
}
/**

5
app/Exceptions/ConfirmationEmailException.php
View File

@@ -1,7 +1,4 @@
<?php namespace BookStack\Exceptions;
class ConfirmationEmailException extends NotifyException
{
}
class ConfirmationEmailException extends NotifyException {}

17
app/Exceptions/Handler.php
View File

@@ -5,6 +5,7 @@ namespace BookStack\Exceptions;
use Exception;
use Illuminate\Contracts\Validation\ValidationException;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use PhpSpec\Exception\Example\ErrorException;
use Symfony\Component\HttpKernel\Exception\HttpException;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
use Illuminate\Auth\Access\AuthorizationException;
@@ -38,17 +39,27 @@ class Handler extends ExceptionHandler
/**
* Render an exception into an HTTP response.
*
* @param \Illuminate\Http\Request $request
* @param \Exception $e
* @param \Illuminate\Http\Request $request
* @param \Exception $e
* @return \Illuminate\Http\Response
*/
public function render($request, Exception $e)
{
if($e instanceof NotifyException) {
// Handle notify exceptions which will redirect to the
// specified location then show a notification message.
if ($e instanceof NotifyException) {
\Session::flash('error', $e->message);
return response()->redirectTo($e->redirectLocation);
}
// Handle pretty exceptions which will show a friendly application-fitting page
// Which will include the basic message to point the user roughly to the cause.
if (($e instanceof PrettyException || $e->getPrevious() instanceof PrettyException) && !config('app.debug')) {
$message = ($e instanceof PrettyException) ? $e->getMessage() : $e->getPrevious()->getMessage();
$code = ($e->getCode() === 0) ? 500 : $e->getCode();
return response()->view('errors/' . $code, ['message' => $message], $code);
}
return parent::render($request, $e);
}
}

5
app/Exceptions/ImageUploadException.php
View File

@@ -1,6 +1,3 @@
<?php namespace BookStack\Exceptions;
use Exception;
class ImageUploadException extends Exception {}
class ImageUploadException extends PrettyException {}

8
app/Exceptions/LdapException.php
View File

@@ -1,9 +1,3 @@
<?php namespace BookStack\Exceptions;
use Exception;
class LdapException extends Exception
{
}
class LdapException extends PrettyException {}

14
app/Exceptions/NotFoundException.php Normal file
View File

@@ -0,0 +1,14 @@
<?php namespace BookStack\Exceptions;
class NotFoundException extends PrettyException {
/**
* NotFoundException constructor.
* @param string $message
*/
public function __construct($message = 'Item not found')
{
parent::__construct($message, 404);
}
}

6
app/Exceptions/PermissionsException.php Normal file
View File

@@ -0,0 +1,6 @@
<?php namespace BookStack\Exceptions;
use Exception;
class PermissionsException extends Exception {}

5
app/Exceptions/PrettyException.php Normal file
View File

@@ -0,0 +1,5 @@
<?php namespace BookStack\Exceptions;
use Exception;
class PrettyException extends Exception {}

4
app/Exceptions/SocialDriverNotConfigured.php
View File

@@ -1,6 +1,4 @@
<?php namespace BookStack\Exceptions;
class SocialDriverNotConfigured extends \Exception
{
}
class SocialDriverNotConfigured extends PrettyException {}

5
app/Exceptions/SocialSignInException.php
View File

@@ -1,7 +1,4 @@
<?php namespace BookStack\Exceptions;
class SocialSignInException extends NotifyException
{
}
class SocialSignInException extends NotifyException {}

5
app/Exceptions/UserRegistrationException.php
View File

@@ -1,7 +1,4 @@
<?php namespace BookStack\Exceptions;
class UserRegistrationException extends NotifyException
{
}
class UserRegistrationException extends NotifyException {}

24
app/Http/Controllers/Auth/AuthController.php
View File

@@ -41,9 +41,9 @@ class AuthController extends Controller
/**
* Create a new authentication controller instance.
* @param SocialAuthService $socialAuthService
* @param SocialAuthService $socialAuthService
* @param EmailConfirmationService $emailConfirmationService
* @param UserRepo $userRepo
* @param UserRepo $userRepo
*/
public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo)
{
@@ -63,15 +63,15 @@ class AuthController extends Controller
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|min:6',
]);
}
protected function checkRegistrationAllowed()
{
if (!\Setting::get('registration-enabled')) {
if (!setting('registration-enabled')) {
throw new UserRegistrationException('Registrations are currently disabled.', '/login');
}
}
@@ -112,7 +112,7 @@ class AuthController extends Controller
/**
* Overrides the action when a user is authenticated.
* If the user authenticated but does not exist in the user table we create them.
* @param Request $request
* @param Request $request
* @param Authenticatable $user
* @return \Illuminate\Http\RedirectResponse
*/
@@ -153,8 +153,8 @@ class AuthController extends Controller
// Create an array of the user data to create a new user instance
$userData = [
'name' => $socialUser->getName(),
'email' => $socialUser->getEmail(),
'name' => $socialUser->getName(),
'email' => $socialUser->getEmail(),
'password' => str_random(30)
];
return $this->registerUser($userData, $socialAccount);
@@ -162,7 +162,7 @@ class AuthController extends Controller
/**
* The registrations flow for all users.
* @param array $userData
* @param array $userData
* @param bool|false|SocialAccount $socialAccount
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
* @throws UserRegistrationException
@@ -170,8 +170,8 @@ class AuthController extends Controller
*/
protected function registerUser(array $userData, $socialAccount = false)
{
if (\Setting::get('registration-restrict')) {
$restrictedEmailDomains = explode(',', str_replace(' ', '', \Setting::get('registration-restrict')));
if (setting('registration-restrict')) {
$restrictedEmailDomains = explode(',', str_replace(' ', '', setting('registration-restrict')));
$userEmailDomain = $domain = substr(strrchr($userData['email'], "@"), 1);
if (!in_array($userEmailDomain, $restrictedEmailDomains)) {
throw new UserRegistrationException('That email domain does not have access to this application', '/register');
@@ -183,7 +183,7 @@ class AuthController extends Controller
$newUser->socialAccounts()->save($socialAccount);
}
if (\Setting::get('registration-confirmation') || \Setting::get('registration-restrict')) {
if (setting('registration-confirmation') || setting('registration-restrict')) {
$newUser->email_confirmed = false;
$newUser->save();
$this->emailConfirmationService->sendConfirmation($newUser);

66
app/Http/Controllers/BookController.php
View File

@@ -3,6 +3,7 @@
namespace BookStack\Http\Controllers;
use Activity;
use BookStack\Repos\UserRepo;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
@@ -19,18 +20,21 @@ class BookController extends Controller
protected $bookRepo;
protected $pageRepo;
protected $chapterRepo;
protected $userRepo;
/**
* BookController constructor.
* @param BookRepo $bookRepo
* @param PageRepo $pageRepo
* @param BookRepo $bookRepo
* @param PageRepo $pageRepo
* @param ChapterRepo $chapterRepo
* @param UserRepo $userRepo
*/
public function __construct(BookRepo $bookRepo, PageRepo $pageRepo, ChapterRepo $chapterRepo)
public function __construct(BookRepo $bookRepo, PageRepo $pageRepo, ChapterRepo $chapterRepo, UserRepo $userRepo)
{
$this->bookRepo = $bookRepo;
$this->pageRepo = $pageRepo;
$this->chapterRepo = $chapterRepo;
$this->userRepo = $userRepo;
parent::__construct();
}
@@ -55,7 +59,7 @@ class BookController extends Controller
*/
public function create()
{
$this->checkPermission('book-create');
$this->checkPermission('book-create-all');
$this->setPageTitle('Create New Book');
return view('books/create');
}
@@ -68,9 +72,9 @@ class BookController extends Controller
*/
public function store(Request $request)
{
$this->checkPermission('book-create');
$this->checkPermission('book-create-all');
$this->validate($request, [
'name' => 'required|string|max:255',
'name' => 'required|string|max:255',
'description' => 'string|max:1000'
]);
$book = $this->bookRepo->newFromInput($request->all());
@@ -105,8 +109,8 @@ class BookController extends Controller
*/
public function edit($slug)
{
$this->checkPermission('book-update');
$book = $this->bookRepo->getBySlug($slug);
$this->checkOwnablePermission('book-update', $book);
$this->setPageTitle('Edit Book ' . $book->getShortName());
return view('books/edit', ['book' => $book, 'current' => $book]);
}
@@ -120,10 +124,10 @@ class BookController extends Controller
*/
public function update(Request $request, $slug)
{
$this->checkPermission('book-update');
$book = $this->bookRepo->getBySlug($slug);
$this->checkOwnablePermission('book-update', $book);
$this->validate($request, [
'name' => 'required|string|max:255',
'name' => 'required|string|max:255',
'description' => 'string|max:1000'
]);
$book->fill($request->all());
@@ -141,8 +145,8 @@ class BookController extends Controller
*/
public function showDelete($bookSlug)
{
$this->checkPermission('book-delete');
$book = $this->bookRepo->getBySlug($bookSlug);
$this->checkOwnablePermission('book-delete', $book);
$this->setPageTitle('Delete Book ' . $book->getShortName());
return view('books/delete', ['book' => $book, 'current' => $book]);
}
@@ -154,10 +158,10 @@ class BookController extends Controller
*/
public function sort($bookSlug)
{
$this->checkPermission('book-update');
$book = $this->bookRepo->getBySlug($bookSlug);
$this->checkOwnablePermission('book-update', $book);
$bookChildren = $this->bookRepo->getChildren($book);
$books = $this->bookRepo->getAll();
$books = $this->bookRepo->getAll(false);
$this->setPageTitle('Sort Book ' . $book->getShortName());
return view('books/sort', ['book' => $book, 'current' => $book, 'books' => $books, 'bookChildren' => $bookChildren]);
}
@@ -177,15 +181,14 @@ class BookController extends Controller
/**
* Saves an array of sort mapping to pages and chapters.
*
* @param string $bookSlug
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function saveSort($bookSlug, Request $request)
{
$this->checkPermission('book-update');
$book = $this->bookRepo->getBySlug($bookSlug);
$this->checkOwnablePermission('book-update', $book);
// Return if no map sent
if (!$request->has('sort-tree')) {
@@ -223,17 +226,48 @@ class BookController extends Controller
/**
* Remove the specified book from storage.
*
* @param $bookSlug
* @return Response
*/
public function destroy($bookSlug)
{
$this->checkPermission('book-delete');
$book = $this->bookRepo->getBySlug($bookSlug);
$this->checkOwnablePermission('book-delete', $book);
Activity::addMessage('book_delete', 0, $book->name);
Activity::removeEntity($book);
$this->bookRepo->destroyBySlug($bookSlug);
return redirect('/books');
}
/**
* Show the Restrictions view.
* @param $bookSlug
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function showRestrict($bookSlug)
{
$book = $this->bookRepo->getBySlug($bookSlug);
$this->checkOwnablePermission('restrictions-manage', $book);
$roles = $this->userRepo->getRestrictableRoles();
return view('books/restrictions', [
'book' => $book,
'roles' => $roles
]);
}
/**
* Set the restrictions for this book.
* @param $bookSlug
* @param $bookSlug
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function restrict($bookSlug, Request $request)
{
$book = $this->bookRepo->getBySlug($bookSlug);
$this->checkOwnablePermission('restrictions-manage', $book);
$this->bookRepo->updateRestrictionsFromRequest($request, $book);
session()->flash('success', 'Page Restrictions Updated');
return redirect($book->getUrl());
}
}

75
app/Http/Controllers/ChapterController.php
View File

@@ -1,13 +1,9 @@
<?php
namespace BookStack\Http\Controllers;
<?php namespace BookStack\Http\Controllers;
use Activity;
use BookStack\Repos\UserRepo;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use BookStack\Http\Requests;
use BookStack\Http\Controllers\Controller;
use BookStack\Repos\BookRepo;
use BookStack\Repos\ChapterRepo;
use Views;
@@ -17,20 +13,22 @@ class ChapterController extends Controller
protected $bookRepo;
protected $chapterRepo;
protected $userRepo;
/**
* ChapterController constructor.
* @param $bookRepo
* @param $chapterRepo
* @param BookRepo $bookRepo
* @param ChapterRepo $chapterRepo
* @param UserRepo $userRepo
*/
public function __construct(BookRepo $bookRepo, ChapterRepo $chapterRepo)
public function __construct(BookRepo $bookRepo, ChapterRepo $chapterRepo, UserRepo $userRepo)
{
$this->bookRepo = $bookRepo;
$this->chapterRepo = $chapterRepo;
$this->userRepo = $userRepo;
parent::__construct();
}
/**
* Show the form for creating a new chapter.
* @param $bookSlug
@@ -38,8 +36,8 @@ class ChapterController extends Controller
*/
public function create($bookSlug)
{
$this->checkPermission('chapter-create');
$book = $this->bookRepo->getBySlug($bookSlug);
$this->checkOwnablePermission('chapter-create', $book);
$this->setPageTitle('Create New Chapter');
return view('chapters/create', ['book' => $book, 'current' => $book]);
}
@@ -52,12 +50,13 @@ class ChapterController extends Controller
*/
public function store($bookSlug, Request $request)
{
$this->checkPermission('chapter-create');
$this->validate($request, [
'name' => 'required|string|max:255'
]);
$book = $this->bookRepo->getBySlug($bookSlug);
$this->checkOwnablePermission('chapter-create', $book);
$chapter = $this->chapterRepo->newFromInput($request->all());
$chapter->slug = $this->chapterRepo->findSuitableSlug($chapter->name, $book->id);
$chapter->priority = $this->bookRepo->getNewPriority($book);
@@ -81,7 +80,14 @@ class ChapterController extends Controller
$sidebarTree = $this->bookRepo->getChildren($book);
Views::add($chapter);
$this->setPageTitle($chapter->getShortName());
return view('chapters/show', ['book' => $book, 'chapter' => $chapter, 'current' => $chapter, 'sidebarTree' => $sidebarTree]);
$pages = $this->chapterRepo->getChildren($chapter);
return view('chapters/show', [
'book' => $book,
'chapter' => $chapter,
'current' => $chapter,
'sidebarTree' => $sidebarTree,
'pages' => $pages
]);
}
/**
@@ -92,9 +98,9 @@ class ChapterController extends Controller
*/
public function edit($bookSlug, $chapterSlug)
{
$this->checkPermission('chapter-update');
$book = $this->bookRepo->getBySlug($bookSlug);
$chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
$this->checkOwnablePermission('chapter-update', $chapter);
$this->setPageTitle('Edit Chapter' . $chapter->getShortName());
return view('chapters/edit', ['book' => $book, 'chapter' => $chapter, 'current' => $chapter]);
}
@@ -108,9 +114,9 @@ class ChapterController extends Controller
*/
public function update(Request $request, $bookSlug, $chapterSlug)
{
$this->checkPermission('chapter-update');
$book = $this->bookRepo->getBySlug($bookSlug);
$chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
$this->checkOwnablePermission('chapter-update', $chapter);
$chapter->fill($request->all());
$chapter->slug = $this->chapterRepo->findSuitableSlug($chapter->name, $book->id, $chapter->id);
$chapter->updated_by = auth()->user()->id;
@@ -127,9 +133,9 @@ class ChapterController extends Controller
*/
public function showDelete($bookSlug, $chapterSlug)
{
$this->checkPermission('chapter-delete');
$book = $this->bookRepo->getBySlug($bookSlug);
$chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
$this->checkOwnablePermission('chapter-delete', $chapter);
$this->setPageTitle('Delete Chapter' . $chapter->getShortName());
return view('chapters/delete', ['book' => $book, 'chapter' => $chapter, 'current' => $chapter]);
}
@@ -142,11 +148,46 @@ class ChapterController extends Controller
*/
public function destroy($bookSlug, $chapterSlug)
{
$this->checkPermission('chapter-delete');
$book = $this->bookRepo->getBySlug($bookSlug);
$chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
$this->checkOwnablePermission('chapter-delete', $chapter);
Activity::addMessage('chapter_delete', $book->id, $chapter->name);
$this->chapterRepo->destroy($chapter);
return redirect($book->getUrl());
}
/**
* Show the Restrictions view.
* @param $bookSlug
* @param $chapterSlug
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function showRestrict($bookSlug, $chapterSlug)
{
$book = $this->bookRepo->getBySlug($bookSlug);
$chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
$this->checkOwnablePermission('restrictions-manage', $chapter);
$roles = $this->userRepo->getRestrictableRoles();
return view('chapters/restrictions', [
'chapter' => $chapter,
'roles' => $roles
]);
}
/**
* Set the restrictions for this chapter.
* @param $bookSlug
* @param $chapterSlug
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function restrict($bookSlug, $chapterSlug, Request $request)
{
$book = $this->bookRepo->getBySlug($bookSlug);
$chapter = $this->chapterRepo->getBySlug($chapterSlug, $book->id);
$this->checkOwnablePermission('restrictions-manage', $chapter);
$this->chapterRepo->updateRestrictionsFromRequest($request, $chapter);
session()->flash('success', 'Page Restrictions Updated');
return redirect($chapter->getUrl());
}
}

24
app/Http/Controllers/Controller.php
View File

@@ -2,6 +2,7 @@
namespace BookStack\Http\Controllers;
use BookStack\Ownable;
use HttpRequestException;
use Illuminate\Foundation\Bus\DispatchesJobs;
use Illuminate\Http\Exception\HttpResponseException;
@@ -61,21 +62,19 @@ abstract class Controller extends BaseController
}
/**
* On a permission error redirect to home and display
* On a permission error redirect to home and display.
* the error as a notification.
*/
protected function showPermissionError()
{
Session::flash('error', trans('errors.permission'));
throw new HttpResponseException(
redirect('/')
);
$response = request()->wantsJson() ? response()->json(['error' => trans('errors.permissionJson')], 403) : redirect('/');
throw new HttpResponseException($response);
}
/**
* Checks for a permission.
*
* @param $permissionName
* @param string $permissionName
* @return bool|\Illuminate\Http\RedirectResponse
*/
protected function checkPermission($permissionName)
@@ -83,10 +82,21 @@ abstract class Controller extends BaseController
if (!$this->currentUser || !$this->currentUser->can($permissionName)) {
$this->showPermissionError();
}
return true;
}
/**
* Check the current user's permissions against an ownable item.
* @param $permission
* @param Ownable $ownable
* @return bool
*/
protected function checkOwnablePermission($permission, Ownable $ownable)
{
if (userCan($permission, $ownable)) return true;
return $this->showPermissionError();
}
/**
* Check if a user has a permission or bypass if the callback is true.
* @param $permissionName

28
app/Http/Controllers/HomeController.php
View File

@@ -3,39 +3,41 @@
namespace BookStack\Http\Controllers;
use Activity;
use Illuminate\Http\Request;
use BookStack\Repos\EntityRepo;
use BookStack\Http\Requests;
use BookStack\Repos\BookRepo;
use Views;
class HomeController extends Controller
{
protected $activityService;
protected $bookRepo;
protected $entityRepo;
/**
* HomeController constructor.
* @param BookRepo $bookRepo
* @param EntityRepo $entityRepo
*/
public function __construct(BookRepo $bookRepo)
public function __construct(EntityRepo $entityRepo)
{
$this->bookRepo = $bookRepo;
$this->entityRepo = $entityRepo;
parent::__construct();
}
/**
* Display the homepage.
*
* @return Response
*/
public function index()
{
$activity = Activity::latest();
$recents = $this->signedIn ? Views::getUserRecentlyViewed(10, 0) : $this->bookRepo->getLatest(10);
return view('home', ['activity' => $activity, 'recents' => $recents]);
$activity = Activity::latest(10);
$recents = $this->signedIn ? Views::getUserRecentlyViewed(12, 0) : $this->entityRepo->getRecentlyCreatedBooks(10);
$recentlyCreatedPages = $this->entityRepo->getRecentlyCreatedPages(5);
$recentlyUpdatedPages = $this->entityRepo->getRecentlyUpdatedPages(5);
return view('home', [
'activity' => $activity,
'recents' => $recents,
'recentlyCreatedPages' => $recentlyCreatedPages,
'recentlyUpdatedPages' => $recentlyUpdatedPages
]);
}
}

8
app/Http/Controllers/ImageController.php
View File

@@ -64,7 +64,7 @@ class ImageController extends Controller
*/
public function uploadByType($type, Request $request)
{
$this->checkPermission('image-create');
$this->checkPermission('image-create-all');
$this->validate($request, [
'file' => 'image|mimes:jpeg,gif,png'
]);
@@ -90,7 +90,7 @@ class ImageController extends Controller
*/
public function getThumbnail($id, $width, $height, $crop)
{
$this->checkPermission('image-create');
$this->checkPermission('image-create-all');
$image = $this->imageRepo->getById($id);
$thumbnailUrl = $this->imageRepo->getThumbnail($image, $width, $height, $crop == 'false');
return response()->json(['url' => $thumbnailUrl]);
@@ -104,11 +104,11 @@ class ImageController extends Controller
*/
public function update($imageId, Request $request)
{
$this->checkPermission('image-update');
$this->validate($request, [
'name' => 'required|min:2|string'
]);
$image = $this->imageRepo->getById($imageId);
$this->checkOwnablePermission('image-update', $image);
$image = $this->imageRepo->updateImageDetails($image, $request->all());
return response()->json($image);
}
@@ -123,8 +123,8 @@ class ImageController extends Controller
*/
public function destroy(PageRepo $pageRepo, Request $request, $id)
{
$this->checkPermission('image-delete');
$image = $this->imageRepo->getById($id);
$this->checkOwnablePermission('image-delete', $image);
// Check if this image is used on any pages
$isForced = ($request->has('force') && ($request->get('force') === 'true') || $request->get('force') === true);

114
app/Http/Controllers/PageController.php
View File

@@ -1,16 +1,15 @@
<?php
namespace BookStack\Http\Controllers;
<?php namespace BookStack\Http\Controllers;
use Activity;
use BookStack\Exceptions\NotFoundException;
use BookStack\Repos\UserRepo;
use BookStack\Services\ExportService;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use BookStack\Http\Requests;
use BookStack\Repos\BookRepo;
use BookStack\Repos\ChapterRepo;
use BookStack\Repos\PageRepo;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Views;
class PageController extends Controller
@@ -20,26 +19,28 @@ class PageController extends Controller
protected $bookRepo;
protected $chapterRepo;
protected $exportService;
protected $userRepo;
/**
* PageController constructor.
* @param PageRepo $pageRepo
* @param BookRepo $bookRepo
* @param ChapterRepo $chapterRepo
* @param PageRepo $pageRepo
* @param BookRepo $bookRepo
* @param ChapterRepo $chapterRepo
* @param ExportService $exportService
* @param UserRepo $userRepo
*/
public function __construct(PageRepo $pageRepo, BookRepo $bookRepo, ChapterRepo $chapterRepo, ExportService $exportService)
public function __construct(PageRepo $pageRepo, BookRepo $bookRepo, ChapterRepo $chapterRepo, ExportService $exportService, UserRepo $userRepo)
{
$this->pageRepo = $pageRepo;
$this->bookRepo = $bookRepo;
$this->chapterRepo = $chapterRepo;
$this->exportService = $exportService;
$this->userRepo = $userRepo;
parent::__construct();
}
/**
* Show the form for creating a new page.
*
* @param $bookSlug
* @param bool $chapterSlug
* @return Response
@@ -47,23 +48,22 @@ class PageController extends Controller
*/
public function create($bookSlug, $chapterSlug = false)
{
$this->checkPermission('page-create');
$book = $this->bookRepo->getBySlug($bookSlug);
$chapter = $chapterSlug ? $this->chapterRepo->getBySlug($chapterSlug, $book->id) : false;
$parent = $chapter ? $chapter : $book;
$this->checkOwnablePermission('page-create', $parent);
$this->setPageTitle('Create New Page');
return view('pages/create', ['book' => $book, 'chapter' => $chapter]);
}
/**
* Store a newly created page in storage.
*
* @param Request $request
* @param $bookSlug
* @return Response
*/
public function store(Request $request, $bookSlug)
{
$this->checkPermission('page-create');
$this->validate($request, [
'name' => 'required|string|max:255'
]);
@@ -71,6 +71,8 @@ class PageController extends Controller
$input = $request->all();
$book = $this->bookRepo->getBySlug($bookSlug);
$chapterId = ($request->has('chapter') && $this->chapterRepo->idExists($request->get('chapter'))) ? $request->get('chapter') : null;
$parent = $chapterId !== null ? $this->chapterRepo->getById($chapterId) : $book;
$this->checkOwnablePermission('page-create', $parent);
$input['priority'] = $this->bookRepo->getNewPriority($book);
$page = $this->pageRepo->saveNew($input, $book, $chapterId);
@@ -81,7 +83,8 @@ class PageController extends Controller
/**
* Display the specified page.
*
* If the page is not found via the slug the
* revisions are searched for a match.
* @param $bookSlug
* @param $pageSlug
* @return Response
@@ -89,7 +92,15 @@ class PageController extends Controller
public function show($bookSlug, $pageSlug)
{
$book = $this->bookRepo->getBySlug($bookSlug);
$page = $this->pageRepo->getBySlug($pageSlug, $book->id);
try {
$page = $this->pageRepo->getBySlug($pageSlug, $book->id);
} catch (NotFoundException $e) {
$page = $this->pageRepo->findPageUsingOldSlug($pageSlug, $bookSlug);
if ($page === null) abort(404);
return redirect($page->getUrl());
}
$sidebarTree = $this->bookRepo->getChildren($book);
Views::add($page);
$this->setPageTitle($page->getShortName());
@@ -98,23 +109,21 @@ class PageController extends Controller
/**
* Show the form for editing the specified page.
*
* @param $bookSlug
* @param $pageSlug
* @return Response
*/
public function edit($bookSlug, $pageSlug)
{
$this->checkPermission('page-update');
$book = $this->bookRepo->getBySlug($bookSlug);
$page = $this->pageRepo->getBySlug($pageSlug, $book->id);
$this->checkOwnablePermission('page-update', $page);
$this->setPageTitle('Editing Page ' . $page->getShortName());
return view('pages/edit', ['page' => $page, 'book' => $book, 'current' => $page]);
}
/**
* Update the specified page in storage.
*
* @param Request $request
* @param $bookSlug
* @param $pageSlug
@@ -122,12 +131,12 @@ class PageController extends Controller
*/
public function update(Request $request, $bookSlug, $pageSlug)
{
$this->checkPermission('page-update');
$this->validate($request, [
'name' => 'required|string|max:255'
]);
$book = $this->bookRepo->getBySlug($bookSlug);
$page = $this->pageRepo->getBySlug($pageSlug, $book->id);
$this->checkOwnablePermission('page-update', $page);
$this->pageRepo->updatePage($page, $book->id, $request->all());
Activity::add($page, 'page_update', $book->id);
return redirect($page->getUrl());
@@ -153,9 +162,9 @@ class PageController extends Controller
*/
public function showDelete($bookSlug, $pageSlug)
{
$this->checkPermission('page-delete');
$book = $this->bookRepo->getBySlug($bookSlug);
$page = $this->pageRepo->getBySlug($pageSlug, $book->id);
$this->checkOwnablePermission('page-delete', $page);
$this->setPageTitle('Delete Page ' . $page->getShortName());
return view('pages/delete', ['book' => $book, 'page' => $page, 'current' => $page]);
}
@@ -170,9 +179,9 @@ class PageController extends Controller
*/
public function destroy($bookSlug, $pageSlug)
{
$this->checkPermission('page-delete');
$book = $this->bookRepo->getBySlug($bookSlug);
$page = $this->pageRepo->getBySlug($pageSlug, $book->id);
$this->checkOwnablePermission('page-delete', $page);
Activity::addMessage('page_delete', $book->id, $page->name);
$this->pageRepo->destroy($page);
return redirect($book->getUrl());
@@ -218,9 +227,9 @@ class PageController extends Controller
*/
public function restoreRevision($bookSlug, $pageSlug, $revisionId)
{
$this->checkPermission('page-update');
$book = $this->bookRepo->getBySlug($bookSlug);
$page = $this->pageRepo->getBySlug($pageSlug, $book->id);
$this->checkOwnablePermission('page-update', $page);
$page = $this->pageRepo->restoreRevision($page, $book, $revisionId);
Activity::add($page, 'page_restore', $book->id);
return redirect($page->getUrl());
@@ -278,4 +287,65 @@ class PageController extends Controller
]);
}
/**
* Show a listing of recently created pages
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function showRecentlyCreated()
{
$pages = $this->pageRepo->getRecentlyCreatedPaginated(20);
return view('pages/detailed-listing', [
'title' => 'Recently Created Pages',
'pages' => $pages
]);
}
/**
* Show a listing of recently created pages
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function showRecentlyUpdated()
{
$pages = $this->pageRepo->getRecentlyUpdatedPaginated(20);
return view('pages/detailed-listing', [
'title' => 'Recently Updated Pages',
'pages' => $pages
]);
}
/**
* Show the Restrictions view.
* @param $bookSlug
* @param $pageSlug
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function showRestrict($bookSlug, $pageSlug)
{
$book = $this->bookRepo->getBySlug($bookSlug);
$page = $this->pageRepo->getBySlug($pageSlug, $book->id);
$this->checkOwnablePermission('restrictions-manage', $page);
$roles = $this->userRepo->getRestrictableRoles();
return view('pages/restrictions', [
'page' => $page,
'roles' => $roles
]);
}
/**
* Set the restrictions for this page.
* @param $bookSlug
* @param $pageSlug
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function restrict($bookSlug, $pageSlug, Request $request)
{
$book = $this->bookRepo->getBySlug($bookSlug);
$page = $this->pageRepo->getBySlug($pageSlug, $book->id);
$this->checkOwnablePermission('restrictions-manage', $page);
$this->pageRepo->updateRestrictionsFromRequest($request, $page);
session()->flash('success', 'Page Restrictions Updated');
return redirect($page->getUrl());
}
}

129
app/Http/Controllers/PermissionController.php Normal file
View File

@@ -0,0 +1,129 @@
<?php namespace BookStack\Http\Controllers;
use BookStack\Exceptions\PermissionsException;
use BookStack\Repos\PermissionsRepo;
use Illuminate\Http\Request;
use BookStack\Http\Requests;
class PermissionController extends Controller
{
protected $permissionsRepo;
/**
* PermissionController constructor.
* @param PermissionsRepo $permissionsRepo
*/
public function __construct(PermissionsRepo $permissionsRepo)
{
$this->permissionsRepo = $permissionsRepo;
parent::__construct();
}
/**
* Show a listing of the roles in the system.
*/
public function listRoles()
{
$this->checkPermission('user-roles-manage');
$roles = $this->permissionsRepo->getAllRoles();
return view('settings/roles/index', ['roles' => $roles]);
}
/**
* Show the form to create a new role
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function createRole()
{
$this->checkPermission('user-roles-manage');
return view('settings/roles/create');
}
/**
* Store a new role in the system.
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function storeRole(Request $request)
{
$this->checkPermission('user-roles-manage');
$this->validate($request, [
'display_name' => 'required|min:3|max:200',
'description' => 'max:250'
]);
$this->permissionsRepo->saveNewRole($request->all());
session()->flash('success', 'Role successfully created');
return redirect('/settings/roles');
}
/**
* Show the form for editing a user role.
* @param $id
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function editRole($id)
{
$this->checkPermission('user-roles-manage');
$role = $this->permissionsRepo->getRoleById($id);
return view('settings/roles/edit', ['role' => $role]);
}
/**
* Updates a user role.
* @param $id
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function updateRole($id, Request $request)
{
$this->checkPermission('user-roles-manage');
$this->validate($request, [
'display_name' => 'required|min:3|max:200',
'description' => 'max:250'
]);
$this->permissionsRepo->updateRole($id, $request->all());
session()->flash('success', 'Role successfully updated');
return redirect('/settings/roles');
}
/**
* Show the view to delete a role.
* Offers the chance to migrate users.
* @param $id
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function showDeleteRole($id)
{
$this->checkPermission('user-roles-manage');
$role = $this->permissionsRepo->getRoleById($id);
$roles = $this->permissionsRepo->getAllRolesExcept($role);
$blankRole = $role->newInstance(['display_name' => 'Don\'t migrate users']);
$roles->prepend($blankRole);
return view('settings/roles/delete', ['role' => $role, 'roles' => $roles]);
}
/**
* Delete a role from the system,
* Migrate from a previous role if set.
* @param $id
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function deleteRole($id, Request $request)
{
$this->checkPermission('user-roles-manage');
try {
$this->permissionsRepo->deleteRole($id, $request->get('migrate_role_id'));
} catch (PermissionsException $e) {
session()->flash('error', $e->getMessage());
return redirect()->back();
}
session()->flash('success', 'Role successfully deleted');
return redirect('/settings/roles');
}
}

74
app/Http/Controllers/SearchController.php
View File

@@ -42,11 +42,77 @@ class SearchController extends Controller
return redirect()->back();
}
$searchTerm = $request->get('term');
$pages = $this->pageRepo->getBySearch($searchTerm);
$books = $this->bookRepo->getBySearch($searchTerm);
$chapters = $this->chapterRepo->getBySearch($searchTerm);
$paginationAppends = $request->only('term');
$pages = $this->pageRepo->getBySearch($searchTerm, [], 20, $paginationAppends);
$books = $this->bookRepo->getBySearch($searchTerm, 10, $paginationAppends);
$chapters = $this->chapterRepo->getBySearch($searchTerm, [], 10, $paginationAppends);
$this->setPageTitle('Search For ' . $searchTerm);
return view('search/all', ['pages' => $pages, 'books' => $books, 'chapters' => $chapters, 'searchTerm' => $searchTerm]);
return view('search/all', [
'pages' => $pages,
'books' => $books,
'chapters' => $chapters,
'searchTerm' => $searchTerm
]);
}
/**
* Search only the pages in the system.
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\View\View
*/
public function searchPages(Request $request)
{
if (!$request->has('term')) return redirect()->back();
$searchTerm = $request->get('term');
$paginationAppends = $request->only('term');
$pages = $this->pageRepo->getBySearch($searchTerm, [], 20, $paginationAppends);
$this->setPageTitle('Page Search For ' . $searchTerm);
return view('search/entity-search-list', [
'entities' => $pages,
'title' => 'Page Search Results',
'searchTerm' => $searchTerm
]);
}
/**
* Search only the chapters in the system.
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\View\View
*/
public function searchChapters(Request $request)
{
if (!$request->has('term')) return redirect()->back();
$searchTerm = $request->get('term');
$paginationAppends = $request->only('term');
$chapters = $this->chapterRepo->getBySearch($searchTerm, [], 20, $paginationAppends);
$this->setPageTitle('Chapter Search For ' . $searchTerm);
return view('search/entity-search-list', [
'entities' => $chapters,
'title' => 'Chapter Search Results',
'searchTerm' => $searchTerm
]);
}
/**
* Search only the books in the system.
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\View\View
*/
public function searchBooks(Request $request)
{
if (!$request->has('term')) return redirect()->back();
$searchTerm = $request->get('term');
$paginationAppends = $request->only('term');
$books = $this->bookRepo->getBySearch($searchTerm, 20, $paginationAppends);
$this->setPageTitle('Book Search For ' . $searchTerm);
return view('search/entity-search-list', [
'entities' => $books,
'title' => 'Book Search Results',
'searchTerm' => $searchTerm
]);
}
/**

18
app/Http/Controllers/SettingController.php
View File

@@ -1,42 +1,36 @@
<?php
namespace BookStack\Http\Controllers;
<?php namespace BookStack\Http\Controllers;
use Illuminate\Http\Request;
use BookStack\Http\Requests;
use BookStack\Http\Controllers\Controller;
use Setting;
class SettingController extends Controller
{
/**
* Display a listing of the settings.
*
* @return Response
*/
public function index()
{
$this->checkPermission('settings-update');
$this->checkPermission('settings-manage');
$this->setPageTitle('Settings');
return view('settings/index');
}
/**
* Update the specified settings in storage.
*
* @param Request $request
* @param Request $request
* @return Response
*/
public function update(Request $request)
{
$this->preventAccessForDemoUsers();
$this->checkPermission('settings-update');
$this->checkPermission('settings-manage');
// Cycles through posted settings and update them
foreach($request->all() as $name => $value) {
if(strpos($name, 'setting-') !== 0) continue;
foreach ($request->all() as $name => $value) {
if (strpos($name, 'setting-') !== 0) continue;
$key = str_replace('setting-', '', trim($name));
Setting::put($key, $value);
}

66
app/Http/Controllers/UserController.php
View File

@@ -2,6 +2,7 @@
namespace BookStack\Http\Controllers;
use BookStack\Activity;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
@@ -34,7 +35,8 @@ class UserController extends Controller
*/
public function index()
{
$users = $this->user->all();
$this->checkPermission('users-manage');
$users = $this->userRepo->getAllUsers();
$this->setPageTitle('Users');
return view('users/index', ['users' => $users]);
}
@@ -45,7 +47,7 @@ class UserController extends Controller
*/
public function create()
{
$this->checkPermission('user-create');
$this->checkPermission('users-manage');
$authMethod = config('auth.method');
return view('users/create', ['authMethod' => $authMethod]);
}
@@ -57,11 +59,10 @@ class UserController extends Controller
*/
public function store(Request $request)
{
$this->checkPermission('user-create');
$this->checkPermission('users-manage');
$validationRules = [
'name' => 'required',
'email' => 'required|email|unique:users,email',
'role' => 'required|exists:roles,id'
'email' => 'required|email|unique:users,email'
];
$authMethod = config('auth.method');
@@ -83,7 +84,11 @@ class UserController extends Controller
}
$user->save();
$user->attachRoleId($request->get('role'));
if ($request->has('roles')) {
$roles = $request->get('roles');
$user->roles()->sync($roles);
}
// Get avatar from gravatar and save
if (!config('services.disable_services')) {
@@ -92,10 +97,9 @@ class UserController extends Controller
$user->save();
}
return redirect('/users');
return redirect('/settings/users');
}
/**
* Show the form for editing the specified user.
* @param int $id
@@ -104,7 +108,7 @@ class UserController extends Controller
*/
public function edit($id, SocialAuthService $socialAuthService)
{
$this->checkPermissionOr('user-update', function () use ($id) {
$this->checkPermissionOr('users-manage', function () use ($id) {
return $this->currentUser->id == $id;
});
@@ -125,16 +129,15 @@ class UserController extends Controller
public function update(Request $request, $id)
{
$this->preventAccessForDemoUsers();
$this->checkPermissionOr('user-update', function () use ($id) {
$this->checkPermissionOr('users-manage', function () use ($id) {
return $this->currentUser->id == $id;
});
$this->validate($request, [
'name' => 'required',
'email' => 'required|email|unique:users,email,' . $id,
'name' => 'min:2',
'email' => 'min:2|email|unique:users,email,' . $id,
'password' => 'min:5|required_with:password_confirm',
'password-confirm' => 'same:password|required_with:password',
'role' => 'exists:roles,id'
'password-confirm' => 'same:password|required_with:password'
], [
'password-confirm.required_with' => 'Password confirmation required'
]);
@@ -143,8 +146,9 @@ class UserController extends Controller
$user->fill($request->all());
// Role updates
if ($this->currentUser->can('user-update') && $request->has('role')) {
$user->attachRoleId($request->get('role'));
if (userCan('users-manage') && $request->has('roles')) {
$roles = $request->get('roles');
$user->roles()->sync($roles);
}
// Password updates
@@ -154,12 +158,13 @@ class UserController extends Controller
}
// External auth id updates
if ($this->currentUser->can('user-update') && $request->has('external_auth_id')) {
if ($this->currentUser->can('users-manage') && $request->has('external_auth_id')) {
$user->external_auth_id = $request->get('external_auth_id');
}
$user->save();
return redirect('/users');
session()->flash('success', 'User successfully updated');
return redirect('/settings/users');
}
/**
@@ -169,7 +174,7 @@ class UserController extends Controller
*/
public function delete($id)
{
$this->checkPermissionOr('user-delete', function () use ($id) {
$this->checkPermissionOr('users-manage', function () use ($id) {
return $this->currentUser->id == $id;
});
@@ -186,7 +191,7 @@ class UserController extends Controller
public function destroy($id)
{
$this->preventAccessForDemoUsers();
$this->checkPermissionOr('user-delete', function () use ($id) {
$this->checkPermissionOr('users-manage', function () use ($id) {
return $this->currentUser->id == $id;
});
@@ -197,6 +202,25 @@ class UserController extends Controller
}
$this->userRepo->destroy($user);
return redirect('/users');
return redirect('/settings/users');
}
/**
* Show the user profile page
* @param $id
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function showProfilePage($id)
{
$user = $this->userRepo->getById($id);
$userActivity = $this->userRepo->getActivity($user);
$recentlyCreated = $this->userRepo->getRecentlyCreated($user, 5, 0);
$assetCounts = $this->userRepo->getAssetCounts($user);
return view('users/profile', [
'user' => $user,
'activity' => $userActivity,
'recentlyCreated' => $recentlyCreated,
'assetCounts' => $assetCounts
]);
}
}

2
app/Http/Middleware/Authenticate.php
View File

@@ -39,7 +39,7 @@ class Authenticate
return redirect()->guest('/register/confirm/awaiting');
}
if ($this->auth->guest() && !Setting::get('app-public')) {
if ($this->auth->guest() && !setting('app-public')) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {

48
app/Http/routes.php
View File

@@ -3,6 +3,11 @@
// Authenticated routes...
Route::group(['middleware' => 'auth'], function () {
Route::group(['prefix' => 'pages'], function() {
Route::get('/recently-created', 'PageController@showRecentlyCreated');
Route::get('/recently-updated', 'PageController@showRecentlyUpdated');
});
Route::group(['prefix' => 'books'], function () {
// Books
@@ -14,6 +19,8 @@ Route::group(['middleware' => 'auth'], function () {
Route::delete('/{id}', 'BookController@destroy');
Route::get('/{slug}/sort-item', 'BookController@getSortItem');
Route::get('/{slug}', 'BookController@show');
Route::get('/{bookSlug}/restrict', 'BookController@showRestrict');
Route::put('/{bookSlug}/restrict', 'BookController@restrict');
Route::get('/{slug}/delete', 'BookController@showDelete');
Route::get('/{bookSlug}/sort', 'BookController@sort');
Route::put('/{bookSlug}/sort', 'BookController@saveSort');
@@ -27,6 +34,8 @@ Route::group(['middleware' => 'auth'], function () {
Route::get('/{bookSlug}/page/{pageSlug}/export/plaintext', 'PageController@exportPlainText');
Route::get('/{bookSlug}/page/{pageSlug}/edit', 'PageController@edit');
Route::get('/{bookSlug}/page/{pageSlug}/delete', 'PageController@showDelete');
Route::get('/{bookSlug}/page/{pageSlug}/restrict', 'PageController@showRestrict');
Route::put('/{bookSlug}/page/{pageSlug}/restrict', 'PageController@restrict');
Route::put('/{bookSlug}/page/{pageSlug}', 'PageController@update');
Route::delete('/{bookSlug}/page/{pageSlug}', 'PageController@destroy');
@@ -42,19 +51,15 @@ Route::group(['middleware' => 'auth'], function () {
Route::get('/{bookSlug}/chapter/{chapterSlug}', 'ChapterController@show');
Route::put('/{bookSlug}/chapter/{chapterSlug}', 'ChapterController@update');
Route::get('/{bookSlug}/chapter/{chapterSlug}/edit', 'ChapterController@edit');
Route::get('/{bookSlug}/chapter/{chapterSlug}/restrict', 'ChapterController@showRestrict');
Route::put('/{bookSlug}/chapter/{chapterSlug}/restrict', 'ChapterController@restrict');
Route::get('/{bookSlug}/chapter/{chapterSlug}/delete', 'ChapterController@showDelete');
Route::delete('/{bookSlug}/chapter/{chapterSlug}', 'ChapterController@destroy');
});
// Users
Route::get('/users', 'UserController@index');
Route::get('/users/create', 'UserController@create');
Route::get('/users/{id}/delete', 'UserController@delete');
Route::post('/users/create', 'UserController@store');
Route::get('/users/{id}', 'UserController@edit');
Route::put('/users/{id}', 'UserController@update');
Route::delete('/users/{id}', 'UserController@destroy');
// User Profile routes
Route::get('/user/{userId}', 'UserController@showProfilePage');
// Image routes
Route::group(['prefix' => 'images'], function() {
@@ -75,6 +80,9 @@ Route::group(['middleware' => 'auth'], function () {
// Search
Route::get('/search/all', 'SearchController@searchAll');
Route::get('/search/pages', 'SearchController@searchPages');
Route::get('/search/books', 'SearchController@searchBooks');
Route::get('/search/chapters', 'SearchController@searchChapters');
Route::get('/search/book/{bookId}', 'SearchController@searchBook');
// Other Pages
@@ -82,8 +90,28 @@ Route::group(['middleware' => 'auth'], function () {
Route::get('/home', 'HomeController@index');
// Settings
Route::get('/settings', 'SettingController@index');
Route::post('/settings', 'SettingController@update');
Route::group(['prefix' => 'settings'], function() {
Route::get('/', 'SettingController@index');
Route::post('/', 'SettingController@update');
// Users
Route::get('/users', 'UserController@index');
Route::get('/users/create', 'UserController@create');
Route::get('/users/{id}/delete', 'UserController@delete');
Route::post('/users/create', 'UserController@store');
Route::get('/users/{id}', 'UserController@edit');
Route::put('/users/{id}', 'UserController@update');
Route::delete('/users/{id}', 'UserController@destroy');
// Roles
Route::get('/roles', 'PermissionController@listRoles');
Route::get('/roles/new', 'PermissionController@createRole');
Route::post('/roles/new', 'PermissionController@storeRole');
Route::get('/roles/delete/{id}', 'PermissionController@showDeleteRole');
Route::delete('/roles/delete/{id}', 'PermissionController@deleteRole');
Route::get('/roles/{id}', 'PermissionController@editRole');
Route::put('/roles/{id}', 'PermissionController@updateRole');
});
});

9
app/Image.php
View File

@@ -1,14 +1,9 @@
<?php
<?php namespace BookStack;
namespace BookStack;
use Illuminate\Database\Eloquent\Model;
use Images;
class Image extends Model
class Image extends Ownable
{
use Ownable;
protected $fillable = ['name'];

13
app/Ownable.php
View File

@@ -1,7 +1,8 @@
<?php namespace BookStack;
use Illuminate\Database\Eloquent\Model;
trait Ownable
abstract class Ownable extends Model
{
/**
* Relation for the user that created this entity.
@@ -20,4 +21,14 @@ trait Ownable
{
return $this->belongsTo('BookStack\User', 'updated_by');
}
/**
* Gets the class name.
* @return string
*/
public static function getClassName()
{
return strtolower(array_slice(explode('\\', static::class), -1, 1)[0]);
}
}

3
app/Page.php
View File

@@ -45,7 +45,8 @@ class Page extends Entity
public function getExcerpt($length = 100)
{
return strlen($this->text) > $length ? substr($this->text, 0, $length-3) . '...' : $this->text;
$text = strlen($this->text) > $length ? substr($this->text, 0, $length-3) . '...' : $this->text;
return mb_convert_encoding($text, 'UTF-8');
}
}

10
app/Permission.php
View File

@@ -13,4 +13,14 @@ class Permission extends Model
{
return $this->belongsToMany('BookStack\Permissions');
}
/**
* Get the permission object by name.
* @param $roleName
* @return mixed
*/
public static function getByName($name)
{
return static::where('name', '=', $name)->first();
}
}

11
app/Providers/CustomFacadeProvider.php
View File

@@ -28,11 +28,17 @@ class CustomFacadeProvider extends ServiceProvider
public function register()
{
$this->app->bind('activity', function() {
return new ActivityService($this->app->make('BookStack\Activity'));
return new ActivityService(
$this->app->make('BookStack\Activity'),
$this->app->make('BookStack\Services\RestrictionService')
);
});
$this->app->bind('views', function() {
return new ViewService($this->app->make('BookStack\View'));
return new ViewService(
$this->app->make('BookStack\View'),
$this->app->make('BookStack\Services\RestrictionService')
);
});
$this->app->bind('setting', function() {
@@ -41,6 +47,7 @@ class CustomFacadeProvider extends ServiceProvider
$this->app->make('Illuminate\Contracts\Cache\Repository')
);
});
$this->app->bind('images', function() {
return new ImageService(
$this->app->make('Intervention\Image\ImageManager'),

78
app/Repos/BookRepo.php
View File

@@ -1,28 +1,35 @@
<?php namespace BookStack\Repos;
use Activity;
use BookStack\Exceptions\NotFoundException;
use Illuminate\Support\Str;
use BookStack\Book;
use Views;
class BookRepo
class BookRepo extends EntityRepo
{
protected $book;
protected $pageRepo;
protected $chapterRepo;
/**
* BookRepo constructor.
* @param Book $book
* @param PageRepo $pageRepo
* @param PageRepo $pageRepo
* @param ChapterRepo $chapterRepo
*/
public function __construct(Book $book, PageRepo $pageRepo, ChapterRepo $chapterRepo)
public function __construct(PageRepo $pageRepo, ChapterRepo $chapterRepo)
{
$this->book = $book;
$this->pageRepo = $pageRepo;
$this->chapterRepo = $chapterRepo;
parent::__construct();
}
/**
* Base query for getting books.
* Takes into account any restrictions.
* @return mixed
*/
private function bookQuery()
{
return $this->restrictionService->enforceBookRestrictions($this->book, 'view');
}
/**
@@ -32,7 +39,7 @@ class BookRepo
*/
public function getById($id)
{
return $this->book->findOrFail($id);
return $this->bookQuery()->findOrFail($id);
}
/**
@@ -42,7 +49,9 @@ class BookRepo
*/
public function getAll($count = 10)
{
return $this->book->orderBy('name', 'asc')->take($count)->get();
$bookQuery = $this->bookQuery()->orderBy('name', 'asc');
if (!$count) return $bookQuery->get();
return $bookQuery->take($count)->get();
}
/**
@@ -52,7 +61,8 @@ class BookRepo
*/
public function getAllPaginated($count = 10)
{
return $this->book->orderBy('name', 'asc')->paginate($count);
return $this->bookQuery()
->orderBy('name', 'asc')->paginate($count);
}
@@ -63,7 +73,7 @@ class BookRepo
*/
public function getLatest($count = 10)
{
return $this->book->orderBy('created_at', 'desc')->take($count)->get();
return $this->bookQuery()->orderBy('created_at', 'desc')->take($count)->get();
}
/**
@@ -92,11 +102,12 @@ class BookRepo
* Get a book by slug
* @param $slug
* @return mixed
* @throws NotFoundException
*/
public function getBySlug($slug)
{
$book = $this->book->where('slug', '=', $slug)->first();
if ($book === null) abort(404);
$book = $this->bookQuery()->where('slug', '=', $slug)->first();
if ($book === null) throw new NotFoundException('Book not found');
return $book;
}
@@ -107,7 +118,7 @@ class BookRepo
*/
public function exists($id)
{
return $this->book->where('id', '=', $id)->exists();
return $this->bookQuery()->where('id', '=', $id)->exists();
}
/**
@@ -117,17 +128,7 @@ class BookRepo
*/
public function newFromInput($input)
{
return $this->book->fill($input);
}
/**
* Count the amount of books that have a specific slug.
* @param $slug
* @return mixed
*/
public function countBySlug($slug)
{
return $this->book->where('slug', '=', $slug)->count();
return $this->book->newInstance($input);
}
/**
@@ -144,6 +145,7 @@ class BookRepo
$this->chapterRepo->destroy($chapter);
}
$book->views()->delete();
$book->restrictions()->delete();
$book->delete();
}
@@ -159,7 +161,7 @@ class BookRepo
}
/**
* @param string $slug
* @param string $slug
* @param bool|false $currentId
* @return bool
*/
@@ -175,7 +177,7 @@ class BookRepo
/**
* Provides a suitable slug for the given book name.
* Ensures the returned slug is unique in the system.
* @param string $name
* @param string $name
* @param bool|false $currentId
* @return string
*/
@@ -200,8 +202,15 @@ class BookRepo
*/
public function getChildren(Book $book)
{
$pages = $book->pages()->where('chapter_id', '=', 0)->get();
$chapters = $book->chapters()->with('pages')->get();
$pageQuery = $book->pages()->where('chapter_id', '=', 0);
$pageQuery = $this->restrictionService->enforcePageRestrictions($pageQuery, 'view');
$pages = $pageQuery->get();
$chapterQuery = $book->chapters()->with(['pages' => function($query) {
$this->restrictionService->enforcePageRestrictions($query, 'view');
}]);
$chapterQuery = $this->restrictionService->enforceChapterRestrictions($chapterQuery, 'view');
$chapters = $chapterQuery->get();
$children = $pages->merge($chapters);
$bookSlug = $book->slug;
$children->each(function ($child) use ($bookSlug) {
@@ -218,12 +227,15 @@ class BookRepo
/**
* Get books by search term.
* @param $term
* @param int $count
* @param array $paginationAppends
* @return mixed
*/
public function getBySearch($term)
public function getBySearch($term, $count = 20, $paginationAppends = [])
{
$terms = explode(' ', $term);
$books = $this->book->fullTextSearch(['name', 'description'], $terms);
$terms = $this->prepareSearchTerms($term);
$books = $this->restrictionService->enforceBookRestrictions($this->book->fullTextSearchQuery(['name', 'description'], $terms))
->paginate($count)->appends($paginationAppends);
$words = join('|', explode(' ', preg_quote(trim($term), '/')));
foreach ($books as $book) {
//highlight

46
app/Repos/ChapterRepo.php
View File

@@ -2,21 +2,19 @@
use Activity;
use BookStack\Exceptions\NotFoundException;
use Illuminate\Support\Str;
use BookStack\Chapter;
class ChapterRepo
class ChapterRepo extends EntityRepo
{
protected $chapter;
/**
* ChapterRepo constructor.
* @param $chapter
* Base query for getting chapters, Takes restrictions into account.
* @return mixed
*/
public function __construct(Chapter $chapter)
private function chapterQuery()
{
$this->chapter = $chapter;
return $this->restrictionService->enforceChapterRestrictions($this->chapter, 'view');
}
/**
@@ -26,7 +24,7 @@ class ChapterRepo
*/
public function idExists($id)
{
return $this->chapter->where('id', '=', $id)->count() > 0;
return $this->chapterQuery()->where('id', '=', $id)->count() > 0;
}
/**
@@ -36,7 +34,7 @@ class ChapterRepo
*/
public function getById($id)
{
return $this->chapter->findOrFail($id);
return $this->chapterQuery()->findOrFail($id);
}
/**
@@ -45,7 +43,7 @@ class ChapterRepo
*/
public function getAll()
{
return $this->chapter->all();
return $this->chapterQuery()->all();
}
/**
@@ -53,14 +51,24 @@ class ChapterRepo
* @param $slug
* @param $bookId
* @return mixed
* @throws NotFoundException
*/
public function getBySlug($slug, $bookId)
{
$chapter = $this->chapter->where('slug', '=', $slug)->where('book_id', '=', $bookId)->first();
if ($chapter === null) abort(404);
$chapter = $this->chapterQuery()->where('slug', '=', $slug)->where('book_id', '=', $bookId)->first();
if ($chapter === null) throw new NotFoundException('Chapter not found');
return $chapter;
}
/**
* Get the child items for a chapter
* @param Chapter $chapter
*/
public function getChildren(Chapter $chapter)
{
return $this->restrictionService->enforcePageRestrictions($chapter->pages())->get();
}
/**
* Create a new chapter from request input.
* @param $input
@@ -85,6 +93,7 @@ class ChapterRepo
}
Activity::removeEntity($chapter);
$chapter->views()->delete();
$chapter->restrictions()->delete();
$chapter->delete();
}
@@ -123,14 +132,17 @@ class ChapterRepo
/**
* Get chapters by the given search term.
* @param $term
* @param string $term
* @param array $whereTerms
* @param int $count
* @param array $paginationAppends
* @return mixed
*/
public function getBySearch($term, $whereTerms = [])
public function getBySearch($term, $whereTerms = [], $count = 20, $paginationAppends = [])
{
$terms = explode(' ', $term);
$chapters = $this->chapter->fullTextSearch(['name', 'description'], $terms, $whereTerms);
$terms = $this->prepareSearchTerms($term);
$chapters = $this->restrictionService->enforceChapterRestrictions($this->chapter->fullTextSearchQuery(['name', 'description'], $terms, $whereTerms))
->paginate($count)->appends($paginationAppends);
$words = join('|', explode(' ', preg_quote(trim($term), '/')));
foreach ($chapters as $chapter) {
//highlight

161
app/Repos/EntityRepo.php Normal file
View File

@@ -0,0 +1,161 @@
<?php namespace BookStack\Repos;
use BookStack\Book;
use BookStack\Chapter;
use BookStack\Entity;
use BookStack\Page;
use BookStack\Services\RestrictionService;
class EntityRepo
{
/**
* @var Book $book
*/
public $book;
/**
* @var Chapter
*/
public $chapter;
/**
* @var Page
*/
public $page;
/**
* @var RestrictionService
*/
protected $restrictionService;
/**
* EntityService constructor.
*/
public function __construct()
{
$this->book = app(Book::class);
$this->chapter = app(Chapter::class);
$this->page = app(Page::class);
$this->restrictionService = app(RestrictionService::class);
}
/**
* Get the latest books added to the system.
* @param int $count
* @param int $page
* @param bool $additionalQuery
* @return
*/
public function getRecentlyCreatedBooks($count = 20, $page = 0, $additionalQuery = false)
{
$query = $this->restrictionService->enforceBookRestrictions($this->book)
->orderBy('created_at', 'desc');
if ($additionalQuery !== false && is_callable($additionalQuery)) {
$additionalQuery($query);
}
return $query->skip($page * $count)->take($count)->get();
}
/**
* Get the most recently updated books.
* @param $count
* @param int $page
* @return mixed
*/
public function getRecentlyUpdatedBooks($count = 20, $page = 0)
{
return $this->restrictionService->enforceBookRestrictions($this->book)
->orderBy('updated_at', 'desc')->skip($page * $count)->take($count)->get();
}
/**
* Get the latest pages added to the system.
* @param int $count
* @param int $page
* @param bool $additionalQuery
* @return
*/
public function getRecentlyCreatedPages($count = 20, $page = 0, $additionalQuery = false)
{
$query = $this->restrictionService->enforcePageRestrictions($this->page)
->orderBy('created_at', 'desc');
if ($additionalQuery !== false && is_callable($additionalQuery)) {
$additionalQuery($query);
}
return $query->skip($page * $count)->take($count)->get();
}
/**
* Get the latest chapters added to the system.
* @param int $count
* @param int $page
* @param bool $additionalQuery
* @return
*/
public function getRecentlyCreatedChapters($count = 20, $page = 0, $additionalQuery = false)
{
$query = $this->restrictionService->enforceChapterRestrictions($this->chapter)
->orderBy('created_at', 'desc');
if ($additionalQuery !== false && is_callable($additionalQuery)) {
$additionalQuery($query);
}
return $query->skip($page * $count)->take($count)->get();
}
/**
* Get the most recently updated pages.
* @param $count
* @param int $page
* @return mixed
*/
public function getRecentlyUpdatedPages($count = 20, $page = 0)
{
return $this->restrictionService->enforcePageRestrictions($this->page)
->orderBy('updated_at', 'desc')->skip($page * $count)->take($count)->get();
}
/**
* Updates entity restrictions from a request
* @param $request
* @param Entity $entity
*/
public function updateRestrictionsFromRequest($request, Entity $entity)
{
$entity->restricted = $request->has('restricted') && $request->get('restricted') === 'true';
$entity->restrictions()->delete();
if ($request->has('restrictions')) {
foreach ($request->get('restrictions') as $roleId => $restrictions) {
foreach ($restrictions as $action => $value) {
$entity->restrictions()->create([
'role_id' => $roleId,
'action' => strtolower($action)
]);
}
}
}
$entity->save();
}
/**
* Prepare a string of search terms by turning
* it into an array of terms.
* Keeps quoted terms together.
* @param $termString
* @return array
*/
protected function prepareSearchTerms($termString)
{
preg_match_all('/"(.*?)"/', $termString, $matches);
if (count($matches[1]) > 0) {
$terms = $matches[1];
$termString = trim(preg_replace('/"(.*?)"/', '', $termString));
} else {
$terms = [];
}
if (!empty($termString)) $terms = array_merge($terms, explode(' ', $termString));
return $terms;
}
}

121
app/Repos/PageRepo.php
View File

@@ -3,38 +3,32 @@
use Activity;
use BookStack\Book;
use BookStack\Chapter;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
use BookStack\Exceptions\NotFoundException;
use Illuminate\Support\Str;
use BookStack\Page;
use BookStack\PageRevision;
class PageRepo
class PageRepo extends EntityRepo
{
protected $page;
protected $pageRevision;
/**
* PageRepo constructor.
* @param Page $page
* @param PageRevision $pageRevision
*/
public function __construct(Page $page, PageRevision $pageRevision)
public function __construct(PageRevision $pageRevision)
{
$this->page = $page;
$this->pageRevision = $pageRevision;
parent::__construct();
}
/**
* Check if a page id exists.
* @param $id
* @return bool
* Base query for getting pages, Takes restrictions into account.
* @return mixed
*/
public function idExists($id)
private function pageQuery()
{
return $this->page->where('page_id', '=', $id)->count() > 0;
return $this->restrictionService->enforcePageRestrictions($this->page, 'view');
}
/**
@@ -44,16 +38,7 @@ class PageRepo
*/
public function getById($id)
{
return $this->page->findOrFail($id);
}
/**
* Get all pages.
* @return \Illuminate\Database\Eloquent\Collection|static[]
*/
public function getAll()
{
return $this->page->all();
return $this->pageQuery()->findOrFail($id);
}
/**
@@ -61,15 +46,36 @@ class PageRepo
* @param $slug
* @param $bookId
* @return mixed
* @throws NotFoundException
*/
public function getBySlug($slug, $bookId)
{
$page = $this->page->where('slug', '=', $slug)->where('book_id', '=', $bookId)->first();
if ($page === null) abort(404);
$page = $this->pageQuery()->where('slug', '=', $slug)->where('book_id', '=', $bookId)->first();
if ($page === null) throw new NotFoundException('Page not found');
return $page;
}
/**
* Search through page revisions and retrieve
* the last page in the current book that
* has a slug equal to the one given.
* @param $pageSlug
* @param $bookSlug
* @return null | Page
*/
public function findPageUsingOldSlug($pageSlug, $bookSlug)
{
$revision = $this->pageRevision->where('slug', '=', $pageSlug)
->whereHas('page', function($query) {
$this->restrictionService->enforcePageRestrictions($query);
})
->where('book_slug', '=', $bookSlug)->orderBy('created_at', 'desc')
->with('page')->first();
return $revision !== null ? $revision->page : null;
}
/**
* Get a new Page instance from the given input.
* @param $input
* @return Page
*/
@@ -125,21 +131,20 @@ class PageRepo
if($htmlText == '') return $htmlText;
libxml_use_internal_errors(true);
$doc = new \DOMDocument();
$doc->loadHTML($htmlText);
$doc->loadHTML(mb_convert_encoding($htmlText, 'HTML-ENTITIES', 'UTF-8'));
$container = $doc->documentElement;
$body = $container->childNodes->item(0);
$childNodes = $body->childNodes;
// Ensure no duplicate ids are used
$lastId = false;
$idArray = [];
foreach ($childNodes as $index => $childNode) {
/** @var \DOMElement $childNode */
if (get_class($childNode) !== 'DOMElement') continue;
// Overwrite id if not a bookstack custom id
// Overwrite id if not a BookStack custom id
if ($childNode->hasAttribute('id')) {
$id = $childNode->getAttribute('id');
if (strpos($id, 'bkmrk') === 0 && array_search($id, $idArray) === false) {
@@ -149,13 +154,18 @@ class PageRepo
}
// Create an unique id for the element
do {
$id = 'bkmrk-' . substr(uniqid(), -5);
} while ($id == $lastId);
$lastId = $id;
// Uses the content as a basis to ensure output is the same every time
// the same content is passed through.
$contentId = 'bkmrk-' . substr(strtolower(preg_replace('/\s+/', '-', trim($childNode->nodeValue))), 0, 20);
$newId = urlencode($contentId);
$loopIndex = 0;
while (in_array($newId, $idArray)) {
$newId = urlencode($contentId . '-' . $loopIndex);
$loopIndex++;
}
$childNode->setAttribute('id', $id);
$idArray[] = $id;
$childNode->setAttribute('id', $newId);
$idArray[] = $newId;
}
// Generate inner html as a string
@@ -171,14 +181,17 @@ class PageRepo
/**
* Gets pages by a search term.
* Highlights page content for showing in results.
* @param string $term
* @param string $term
* @param array $whereTerms
* @param int $count
* @param array $paginationAppends
* @return mixed
*/
public function getBySearch($term, $whereTerms = [])
public function getBySearch($term, $whereTerms = [], $count = 20, $paginationAppends = [])
{
$terms = explode(' ', $term);
$pages = $this->page->fullTextSearch(['name', 'text'], $terms, $whereTerms);
$terms = $this->prepareSearchTerms($term);
$pages = $this->restrictionService->enforcePageRestrictions($this->page->fullTextSearchQuery(['name', 'text'], $terms, $whereTerms))
->paginate($count)->appends($paginationAppends);
// Add highlights to page text.
$words = join('|', explode(' ', preg_quote(trim($term), '/')));
@@ -215,7 +228,7 @@ class PageRepo
*/
public function searchForImage($imageString)
{
$pages = $this->page->where('html', 'like', '%' . $imageString . '%')->get();
$pages = $this->pageQuery()->where('html', 'like', '%' . $imageString . '%')->get();
foreach ($pages as $page) {
$page->url = $page->getUrl();
$page->html = '';
@@ -238,9 +251,13 @@ class PageRepo
$this->saveRevision($page);
}
// Prevent slug being updated if no name change
if ($page->name !== $input['name']) {
$page->slug = $this->findSuitableSlug($input['name'], $book_id, $page->id);
}
// Update with new details
$page->fill($input);
$page->slug = $this->findSuitableSlug($page->name, $book_id, $page->id);
$page->html = $this->formatHtml($input['html']);
$page->text = strip_tags($page->html);
$page->updated_by = auth()->user()->id;
@@ -276,6 +293,8 @@ class PageRepo
{
$revision = $this->pageRevision->fill($page->toArray());
$revision->page_id = $page->id;
$revision->slug = $page->slug;
$revision->book_slug = $page->book->slug;
$revision->created_by = auth()->user()->id;
$revision->created_at = $page->updated_at;
$revision->save();
@@ -355,8 +374,26 @@ class PageRepo
Activity::removeEntity($page);
$page->views()->delete();
$page->revisions()->delete();
$page->restrictions()->delete();
$page->delete();
}
/**
* Get the latest pages added to the system.
* @param $count
*/
public function getRecentlyCreatedPaginated($count = 20)
{
return $this->pageQuery()->orderBy('created_at', 'desc')->paginate($count);
}
}
/**
* Get the latest pages added to the system.
* @param $count
*/
public function getRecentlyUpdatedPaginated($count = 20)
{
return $this->pageQuery()->orderBy('updated_at', 'desc')->paginate($count);
}
}

142
app/Repos/PermissionsRepo.php Normal file
View File

@@ -0,0 +1,142 @@
<?php namespace BookStack\Repos;
use BookStack\Exceptions\PermissionsException;
use BookStack\Permission;
use BookStack\Role;
use Setting;
class PermissionsRepo
{
protected $permission;
protected $role;
/**
* PermissionsRepo constructor.
* @param $permission
* @param $role
*/
public function __construct(Permission $permission, Role $role)
{
$this->permission = $permission;
$this->role = $role;
}
/**
* Get all the user roles from the system.
* @return \Illuminate\Database\Eloquent\Collection|static[]
*/
public function getAllRoles()
{
return $this->role->all();
}
/**
* Get all the roles except for the provided one.
* @param Role $role
* @return mixed
*/
public function getAllRolesExcept(Role $role)
{
return $this->role->where('id', '!=', $role->id)->get();
}
/**
* Get a role via its ID.
* @param $id
* @return mixed
*/
public function getRoleById($id)
{
return $this->role->findOrFail($id);
}
/**
* Save a new role into the system.
* @param array $roleData
* @return Role
*/
public function saveNewRole($roleData)
{
$role = $this->role->newInstance($roleData);
$role->name = str_replace(' ', '-', strtolower($roleData['display_name']));
// Prevent duplicate names
while ($this->role->where('name', '=', $role->name)->count() > 0) {
$role->name .= strtolower(str_random(2));
}
$role->save();
$permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : [];
$this->assignRolePermissions($role, $permissions);
return $role;
}
/**
* Updates an existing role.
* Ensure Admin role always has all permissions.
* @param $roleId
* @param $roleData
*/
public function updateRole($roleId, $roleData)
{
$role = $this->role->findOrFail($roleId);
$permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : [];
$this->assignRolePermissions($role, $permissions);
if ($role->name === 'admin') {
$permissions = $this->permission->all()->pluck('id')->toArray();
$role->permissions()->sync($permissions);
}
$role->fill($roleData);
$role->save();
}
/**
* Assign an list of permission names to an role.
* @param Role $role
* @param array $permissionNameArray
*/
public function assignRolePermissions(Role $role, $permissionNameArray = [])
{
$permissions = [];
$permissionNameArray = array_values($permissionNameArray);
if ($permissionNameArray && count($permissionNameArray) > 0) {
$permissions = $this->permission->whereIn('name', $permissionNameArray)->pluck('id')->toArray();
}
$role->permissions()->sync($permissions);
}
/**
* Delete a role from the system.
* Check it's not an admin role or set as default before deleting.
* If an migration Role ID is specified the users assign to the current role
* will be added to the role of the specified id.
* @param $roleId
* @param $migrateRoleId
* @throws PermissionsException
*/
public function deleteRole($roleId, $migrateRoleId)
{
$role = $this->role->findOrFail($roleId);
// Prevent deleting admin role or default registration role.
if ($role->name === 'admin') {
throw new PermissionsException('The admin role cannot be deleted');
} else if ($role->id == setting('registration-role')) {
throw new PermissionsException('This role cannot be deleted while set as the default registration role.');
}
if ($migrateRoleId) {
$newRole = $this->role->find($migrateRoleId);
if ($newRole) {
$users = $role->users->pluck('id')->toArray();
$newRole->users()->sync($users);
}
}
$role->delete();
}
}

91
app/Repos/UserRepo.php
View File

@@ -1,6 +1,5 @@
<?php namespace BookStack\Repos;
use BookStack\Role;
use BookStack\User;
use Setting;
@@ -10,15 +9,19 @@ class UserRepo
protected $user;
protected $role;
protected $entityRepo;
/**
* UserRepo constructor.
* @param $user
* @param User $user
* @param Role $role
* @param EntityRepo $entityRepo
*/
public function __construct(User $user, Role $role)
public function __construct(User $user, Role $role, EntityRepo $entityRepo)
{
$this->user = $user;
$this->role = $role;
$this->entityRepo = $entityRepo;
}
/**
@@ -39,6 +42,15 @@ class UserRepo
return $this->user->findOrFail($id);
}
/**
* Get all the users with their permissions.
* @return \Illuminate\Database\Eloquent\Builder|static
*/
public function getAllUsers()
{
return $this->user->with('roles', 'avatar')->orderBy('name', 'asc')->get();
}
/**
* Creates a new user and attaches a role to them.
* @param array $data
@@ -65,8 +77,8 @@ class UserRepo
*/
public function attachDefaultRole($user)
{
$roleId = Setting::get('registration-role');
if ($roleId === false) $roleId = $this->role->getDefault()->id;
$roleId = setting('registration-role');
if ($roleId === false) $roleId = $this->role->first()->id;
$user->attachRoleId($roleId);
}
@@ -77,15 +89,10 @@ class UserRepo
*/
public function isOnlyAdmin(User $user)
{
if ($user->role->name != 'admin') {
return false;
}
$adminRole = $this->role->where('name', '=', 'admin')->first();
if (count($adminRole->users) > 1) {
return false;
}
if (!$user->roles->pluck('name')->contains('admin')) return false;
$adminRole = $this->role->getRole('admin');
if ($adminRole->users->count() > 1) return false;
return true;
}
@@ -112,4 +119,62 @@ class UserRepo
$user->socialAccounts()->delete();
$user->delete();
}
/**
* Get the latest activity for a user.
* @param User $user
* @param int $count
* @param int $page
* @return array
*/
public function getActivity(User $user, $count = 20, $page = 0)
{
return \Activity::userActivity($user, $count, $page);
}
/**
* Get the recently created content for this given user.
* @param User $user
* @param int $count
* @return mixed
*/
public function getRecentlyCreated(User $user, $count = 20)
{
return [
'pages' => $this->entityRepo->getRecentlyCreatedPages($count, 0, function ($query) use ($user) {
$query->where('created_by', '=', $user->id);
}),
'chapters' => $this->entityRepo->getRecentlyCreatedChapters($count, 0, function ($query) use ($user) {
$query->where('created_by', '=', $user->id);
}),
'books' => $this->entityRepo->getRecentlyCreatedBooks($count, 0, function ($query) use ($user) {
$query->where('created_by', '=', $user->id);
})
];
}
/**
* Get asset created counts for the give user.
* @param User $user
* @return array
*/
public function getAssetCounts(User $user)
{
return [
'pages' => $this->entityRepo->page->where('created_by', '=', $user->id)->count(),
'chapters' => $this->entityRepo->chapter->where('created_by', '=', $user->id)->count(),
'books' => $this->entityRepo->book->where('created_by', '=', $user->id)->count(),
];
}
/**
* Get all the roles which can be given restricted access to
* other entities in the system.
* @return mixed
*/
public function getRestrictableRoles()
{
return $this->role->where('name', '!=', 'admin')->get();
}
}

21
app/Restriction.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace BookStack;
use Illuminate\Database\Eloquent\Model;
class Restriction extends Model
{
protected $fillable = ['role_id', 'action'];
public $timestamps = false;
/**
* Get all this restriction's attached entity.
* @return \Illuminate\Database\Eloquent\Relations\MorphTo
*/
public function restrictable()
{
return $this->morphTo();
}
}

25
app/Role.php
View File

@@ -6,11 +6,8 @@ use Illuminate\Database\Eloquent\Model;
class Role extends Model
{
/**
* Sets the default role name for newly registered users.
* @var string
*/
protected static $default = 'viewer';
protected $fillable = ['display_name', 'description'];
/**
* The roles that belong to the role.
@@ -28,6 +25,15 @@ class Role extends Model
return $this->belongsToMany('BookStack\Permission');
}
/**
* Check if this role has a permission.
* @param $permission
*/
public function hasPermission($permission)
{
return $this->permissions->pluck('name')->contains($permission);
}
/**
* Add a permission to this role.
* @param Permission $permission
@@ -37,15 +43,6 @@ class Role extends Model
$this->permissions()->attach($permission->id);
}
/**
* Get an instance of the default role.
* @return Role
*/
public static function getDefault()
{
return static::getRole(static::$default);
}
/**
* Get the role object for the specified role.
* @param $roleName

65
app/Services/ActivityService.php
View File

@@ -1,6 +1,5 @@
<?php namespace BookStack\Services;
use Illuminate\Support\Facades\Auth;
use BookStack\Activity;
use BookStack\Entity;
use Session;
@@ -9,14 +8,17 @@ class ActivityService
{
protected $activity;
protected $user;
protected $restrictionService;
/**
* ActivityService constructor.
* @param $activity
* @param Activity $activity
* @param RestrictionService $restrictionService
*/
public function __construct(Activity $activity)
public function __construct(Activity $activity, RestrictionService $restrictionService)
{
$this->activity = $activity;
$this->restrictionService = $restrictionService;
$this->user = auth()->user();
}
@@ -24,25 +26,26 @@ class ActivityService
* Add activity data to database.
* @param Entity $entity
* @param $activityKey
* @param int $bookId
* @param bool $extra
* @param int $bookId
* @param bool $extra
*/
public function add(Entity $entity, $activityKey, $bookId = 0, $extra = false)
{
$this->activity->user_id = $this->user->id;
$this->activity->book_id = $bookId;
$this->activity->key = strtolower($activityKey);
$activity = $this->activity->newInstance();
$activity->user_id = $this->user->id;
$activity->book_id = $bookId;
$activity->key = strtolower($activityKey);
if ($extra !== false) {
$this->activity->extra = $extra;
$activity->extra = $extra;
}
$entity->activity()->save($this->activity);
$entity->activity()->save($activity);
$this->setNotification($activityKey);
}
/**
* Adds a activity history with a message & without binding to a entitiy.
* Adds a activity history with a message & without binding to a entity.
* @param $activityKey
* @param int $bookId
* @param int $bookId
* @param bool|false $extra
*/
public function addMessage($activityKey, $bookId = 0, $extra = false)
@@ -85,20 +88,22 @@ class ActivityService
*/
public function latest($count = 20, $page = 0)
{
$activityList = $this->activity->orderBy('created_at', 'desc')
->skip($count * $page)->take($count)->get();
$activityList = $this->restrictionService
->filterRestrictedEntityRelations($this->activity, 'activities', 'entity_id', 'entity_type')
->orderBy('created_at', 'desc')->skip($count * $page)->take($count)->get();
return $this->filterSimilar($activityList);
}
/**
* Gets the latest activity for an entitiy, Filtering out similar
* Gets the latest activity for an entity, Filtering out similar
* items to prevent a message activity list.
* @param Entity $entity
* @param int $count
* @param int $page
* @param int $count
* @param int $page
* @return array
*/
function entityActivity($entity, $count = 20, $page = 0)
public function entityActivity($entity, $count = 20, $page = 0)
{
$activity = $entity->hasMany('BookStack\Activity')->orderBy('created_at', 'desc')
->skip($count * $page)->take($count)->get();
@@ -107,15 +112,31 @@ class ActivityService
}
/**
* Filters out similar activity.
* @param Activity[] $activity
* Get latest activity for a user, Filtering out similar
* items.
* @param $user
* @param int $count
* @param int $page
* @return array
*/
protected function filterSimilar($activity)
public function userActivity($user, $count = 20, $page = 0)
{
$activityList = $this->restrictionService
->filterRestrictedEntityRelations($this->activity, 'activities', 'entity_id', 'entity_type')
->orderBy('created_at', 'desc')->where('user_id', '=', $user->id)->skip($count * $page)->take($count)->get();
return $this->filterSimilar($activityList);
}
/**
* Filters out similar activity.
* @param Activity[] $activities
* @return array
*/
protected function filterSimilar($activities)
{
$newActivity = [];
$previousItem = false;
foreach ($activity as $activityItem) {
foreach ($activities as $activityItem) {
if ($previousItem === false) {
$previousItem = $activityItem;
$newActivity[] = $activityItem;

2
app/Services/EmailConfirmationService.php
View File

@@ -45,7 +45,7 @@ class EmailConfirmationService
'token' => $token,
]);
$this->mailer->send('emails/email-confirmation', ['token' => $token], function (Message $message) use ($user) {
$appName = \Setting::get('app-name', 'BookStack');
$appName = setting('app-name', 'BookStack');
$message->to($user->email, $user->name)->subject('Confirm your email on ' . $appName . '.');
});
}

23
app/Services/ImageService.php
View File

@@ -4,6 +4,7 @@ use BookStack\Exceptions\ImageUploadException;
use BookStack\Image;
use BookStack\User;
use Exception;
use Intervention\Image\Exception\NotSupportedException;
use Intervention\Image\ImageManager;
use Illuminate\Contracts\Filesystem\Factory as FileSystem;
use Illuminate\Contracts\Filesystem\Filesystem as FileSystemInstance;
@@ -78,7 +79,7 @@ class ImageService
private function saveNew($imageName, $imageData, $type)
{
$storage = $this->getStorage();
$secureUploads = Setting::get('app-secure-images');
$secureUploads = setting('app-secure-images');
$imageName = str_replace(' ', '-', $imageName);
if ($secureUploads) $imageName = str_random(16) . '-' . $imageName;
@@ -119,10 +120,12 @@ class ImageService
* Checks the cache then storage to avoid creating / accessing the filesystem on every check.
*
* @param Image $image
* @param int $width
* @param int $height
* @param bool $keepRatio
* @param int $width
* @param int $height
* @param bool $keepRatio
* @return string
* @throws Exception
* @throws ImageUploadException
*/
public function getThumbnail(Image $image, $width = 220, $height = 220, $keepRatio = false)
{
@@ -139,8 +142,16 @@ class ImageService
return $this->getPublicUrl($thumbFilePath);
}
// Otherwise create the thumbnail
$thumb = $this->imageTool->make($storage->get($image->path));
try {
$thumb = $this->imageTool->make($storage->get($image->path));
} catch (Exception $e) {
if ($e instanceof \ErrorException || $e instanceof NotSupportedException) {
throw new ImageUploadException('The server cannot create thumbnails. Please check you have the GD PHP extension installed.');
} else {
throw $e;
}
}
if ($keepRatio) {
$thumb->resize($width, null, function ($constraint) {
$constraint->aspectRatio();

2
app/Services/LdapService.php
View File

@@ -46,7 +46,7 @@ class LdapService
$user = $users[0];
return [
'uid' => $user['uid'][0],
'uid' => (isset($user['uid'])) ? $user['uid'][0] : $user['dn'],
'name' => $user['cn'][0],
'dn' => $user['dn'],
'email' => (isset($user['mail'])) ? $user['mail'][0] : null

272
app/Services/RestrictionService.php Normal file
View File

@@ -0,0 +1,272 @@
<?php namespace BookStack\Services;
use BookStack\Entity;
class RestrictionService
{
protected $userRoles;
protected $isAdmin;
protected $currentAction;
/**
* RestrictionService constructor.
*/
public function __construct()
{
$user = auth()->user();
$this->userRoles = $user ? auth()->user()->roles->pluck('id') : [];
$this->isAdmin = $user ? auth()->user()->hasRole('admin') : false;
}
/**
* Checks if an entity has a restriction set upon it.
* @param Entity $entity
* @param $action
* @return bool
*/
public function checkIfEntityRestricted(Entity $entity, $action)
{
if ($this->isAdmin) return true;
$this->currentAction = $action;
$baseQuery = $entity->where('id', '=', $entity->id);
if ($entity->isA('page')) {
return $this->pageRestrictionQuery($baseQuery)->count() > 0;
} elseif ($entity->isA('chapter')) {
return $this->chapterRestrictionQuery($baseQuery)->count() > 0;
} elseif ($entity->isA('book')) {
return $this->bookRestrictionQuery($baseQuery)->count() > 0;
}
return false;
}
/**
* Add restrictions for a page query
* @param $query
* @param string $action
* @return mixed
*/
public function enforcePageRestrictions($query, $action = 'view')
{
if ($this->isAdmin) return $query;
$this->currentAction = $action;
return $this->pageRestrictionQuery($query);
}
/**
* The base query for restricting pages.
* @param $query
* @return mixed
*/
private function pageRestrictionQuery($query)
{
return $query->where(function ($parentWhereQuery) {
$parentWhereQuery
// (Book & chapter & page) or (Book & page & NO CHAPTER) unrestricted
->where(function ($query) {
$query->where(function ($query) {
$query->whereExists(function ($query) {
$query->select('*')->from('chapters')
->whereRaw('chapters.id=pages.chapter_id')
->where('restricted', '=', false);
})->whereExists(function ($query) {
$query->select('*')->from('books')
->whereRaw('books.id=pages.book_id')
->where('restricted', '=', false);
})->where('restricted', '=', false);
})->orWhere(function ($query) {
$query->where('restricted', '=', false)->where('chapter_id', '=', 0)
->whereExists(function ($query) {
$query->select('*')->from('books')
->whereRaw('books.id=pages.book_id')
->where('restricted', '=', false);
});
});
})
// Page unrestricted, Has no chapter & book has accepted restrictions
->orWhere(function ($query) {
$query->where('restricted', '=', false)
->whereExists(function ($query) {
$query->select('*')->from('chapters')
->whereRaw('chapters.id=pages.chapter_id');
}, 'and', true)
->whereExists(function ($query) {
$query->select('*')->from('books')
->whereRaw('books.id=pages.book_id')
->whereExists(function ($query) {
$this->checkRestrictionsQuery($query, 'books', 'Book');
});
});
})
// Page unrestricted, Has an unrestricted chapter & book has accepted restrictions
->orWhere(function ($query) {
$query->where('restricted', '=', false)
->whereExists(function ($query) {
$query->select('*')->from('chapters')
->whereRaw('chapters.id=pages.chapter_id')->where('restricted', '=', false);
})
->whereExists(function ($query) {
$query->select('*')->from('books')
->whereRaw('books.id=pages.book_id')
->whereExists(function ($query) {
$this->checkRestrictionsQuery($query, 'books', 'Book');
});
});
})
// Page unrestricted, Has a chapter with accepted permissions
->orWhere(function ($query) {
$query->where('restricted', '=', false)
->whereExists(function ($query) {
$query->select('*')->from('chapters')
->whereRaw('chapters.id=pages.chapter_id')
->where('restricted', '=', true)
->whereExists(function ($query) {
$this->checkRestrictionsQuery($query, 'chapters', 'Chapter');
});
});
})
// Page has accepted permissions
->orWhereExists(function ($query) {
$this->checkRestrictionsQuery($query, 'pages', 'Page');
});
});
}
/**
* Add on permission restrictions to a chapter query.
* @param $query
* @param string $action
* @return mixed
*/
public function enforceChapterRestrictions($query, $action = 'view')
{
if ($this->isAdmin) return $query;
$this->currentAction = $action;
return $this->chapterRestrictionQuery($query);
}
/**
* The base query for restricting chapters.
* @param $query
* @return mixed
*/
private function chapterRestrictionQuery($query)
{
return $query->where(function ($parentWhereQuery) {
$parentWhereQuery
// Book & chapter unrestricted
->where(function ($query) {
$query->where('restricted', '=', false)->whereExists(function ($query) {
$query->select('*')->from('books')
->whereRaw('books.id=chapters.book_id')
->where('restricted', '=', false);
});
})
// Chapter unrestricted & book has accepted restrictions
->orWhere(function ($query) {
$query->where('restricted', '=', false)
->whereExists(function ($query) {
$query->select('*')->from('books')
->whereRaw('books.id=chapters.book_id')
->whereExists(function ($query) {
$this->checkRestrictionsQuery($query, 'books', 'Book');
});
});
})
// Chapter has accepted permissions
->orWhereExists(function ($query) {
$this->checkRestrictionsQuery($query, 'chapters', 'Chapter');
});
});
}
/**
* Add restrictions to a book query.
* @param $query
* @param string $action
* @return mixed
*/
public function enforceBookRestrictions($query, $action = 'view')
{
if ($this->isAdmin) return $query;
$this->currentAction = $action;
return $this->bookRestrictionQuery($query);
}
/**
* The base query for restricting books.
* @param $query
* @return mixed
*/
private function bookRestrictionQuery($query)
{
return $query->where(function ($parentWhereQuery) {
$parentWhereQuery
->where('restricted', '=', false)
->orWhere(function ($query) {
$query->where('restricted', '=', true)->whereExists(function ($query) {
$this->checkRestrictionsQuery($query, 'books', 'Book');
});
});
});
}
/**
* Filter items that have entities set a a polymorphic relation.
* @param $query
* @param string $tableName
* @param string $entityIdColumn
* @param string $entityTypeColumn
* @return mixed
*/
public function filterRestrictedEntityRelations($query, $tableName, $entityIdColumn, $entityTypeColumn)
{
if ($this->isAdmin) return $query;
$this->currentAction = 'view';
$tableDetails = ['tableName' => $tableName, 'entityIdColumn' => $entityIdColumn, 'entityTypeColumn' => $entityTypeColumn];
return $query->where(function ($query) use ($tableDetails) {
$query->where(function ($query) use (&$tableDetails) {
$query->where($tableDetails['entityTypeColumn'], '=', 'BookStack\Page')
->whereExists(function ($query) use (&$tableDetails) {
$query->select('*')->from('pages')->whereRaw('pages.id=' . $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn'])
->where(function ($query) {
$this->pageRestrictionQuery($query);
});
});
})->orWhere(function ($query) use (&$tableDetails) {
$query->where($tableDetails['entityTypeColumn'], '=', 'BookStack\Book')->whereExists(function ($query) use (&$tableDetails) {
$query->select('*')->from('books')->whereRaw('books.id=' . $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn'])
->where(function ($query) {
$this->bookRestrictionQuery($query);
});
});
})->orWhere(function ($query) use (&$tableDetails) {
$query->where($tableDetails['entityTypeColumn'], '=', 'BookStack\Chapter')->whereExists(function ($query) use (&$tableDetails) {
$query->select('*')->from('chapters')->whereRaw('chapters.id=' . $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn'])
->where(function ($query) {
$this->chapterRestrictionQuery($query);
});
});
});
});
}
/**
* The query to check the restrictions on an entity.
* @param $query
* @param $tableName
* @param $modelName
*/
private function checkRestrictionsQuery($query, $tableName, $modelName)
{
$query->select('*')->from('restrictions')
->whereRaw('restrictions.restrictable_id=' . $tableName . '.id')
->where('restrictions.restrictable_type', '=', 'BookStack\\' . $modelName)
->where('restrictions.action', '=', $this->currentAction)
->whereIn('restrictions.role_id', $this->userRoles);
}
}

2
app/Services/SocialAuthService.php
View File

@@ -135,7 +135,7 @@ class SocialAuthService
// Otherwise let the user know this social account is not used by anyone.
$message = 'This ' . $socialDriver . ' account is not linked to any users. Please attach it in your profile settings';
if (\Setting::get('registration-enabled')) {
if (setting('registration-enabled')) {
$message .= ' or, If you do not yet have an account, You can register an account using the ' . $socialDriver . ' option';
}
throw new SocialSignInException($message . '.', '/login');

32
app/Services/ViewService.php
View File

@@ -9,15 +9,18 @@ class ViewService
protected $view;
protected $user;
protected $restrictionService;
/**
* ViewService constructor.
* @param $view
* @param View $view
* @param RestrictionService $restrictionService
*/
public function __construct(View $view)
public function __construct(View $view, RestrictionService $restrictionService)
{
$this->view = $view;
$this->user = auth()->user();
$this->restrictionService = $restrictionService;
}
/**
@@ -27,7 +30,7 @@ class ViewService
*/
public function add(Entity $entity)
{
if($this->user === null) return 0;
if ($this->user === null) return 0;
$view = $entity->views()->where('user_id', '=', $this->user->id)->first();
// Add view if model exists
if ($view) {
@@ -47,18 +50,19 @@ class ViewService
/**
* Get the entities with the most views.
* @param int $count
* @param int $page
* @param int $count
* @param int $page
* @param bool|false $filterModel
*/
public function getPopular($count = 10, $page = 0, $filterModel = false)
{
$skipCount = $count * $page;
$query = $this->view->select('id', 'viewable_id', 'viewable_type', \DB::raw('SUM(views) as view_count'))
$query = $this->restrictionService->filterRestrictedEntityRelations($this->view, 'views', 'viewable_id', 'viewable_type')
->select('id', 'viewable_id', 'viewable_type', \DB::raw('SUM(views) as view_count'))
->groupBy('viewable_id', 'viewable_type')
->orderBy('view_count', 'desc');
if($filterModel) $query->where('viewable_type', '=', get_class($filterModel));
if ($filterModel) $query->where('viewable_type', '=', get_class($filterModel));
$views = $query->with('viewable')->skip($skipCount)->take($count)->get();
$viewedEntities = $views->map(function ($item) {
@@ -69,22 +73,24 @@ class ViewService
/**
* Get all recently viewed entities for the current user.
* @param int $count
* @param int $page
* @param int $count
* @param int $page
* @param Entity|bool $filterModel
* @return mixed
*/
public function getUserRecentlyViewed($count = 10, $page = 0, $filterModel = false)
{
if($this->user === null) return collect();
if ($this->user === null) return collect();
$skipCount = $count * $page;
$query = $this->view->where('user_id', '=', auth()->user()->id);
$query = $this->restrictionService
->filterRestrictedEntityRelations($this->view, 'views', 'viewable_id', 'viewable_type');
if ($filterModel) $query->where('viewable_type', '=', get_class($filterModel));
if ($filterModel) $query = $query->where('viewable_type', '=', get_class($filterModel));
$query = $query->where('user_id', '=', auth()->user()->id);
$views = $query->with('viewable')->orderBy('updated_at', 'desc')->skip($skipCount)->take($count)->get();
$viewedEntities = $views->map(function ($item) {
return $item->viewable()->getResults();
return $item->viewable;
});
return $viewedEntities;
}

46
app/User.php
View File

@@ -14,21 +14,18 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
/**
* The database table used by the model.
*
* @var string
*/
protected $table = 'users';
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = ['name', 'email', 'image_id'];
/**
* The attributes excluded from the model's JSON form.
*
* @var array
*/
protected $hidden = ['password', 'remember_token'];
@@ -50,10 +47,6 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
]);
}
/**
* Permissions and roles
*/
/**
* The roles that belong to the user.
*/
@@ -62,21 +55,30 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
return $this->belongsToMany('BookStack\Role');
}
public function getRoleAttribute()
/**
* Check if the user has a role.
* @param $role
* @return mixed
*/
public function hasRole($role)
{
return $this->roles()->with('permissions')->first();
return $this->roles->pluck('name')->contains($role);
}
/**
* Loads the user's permissions from their role.
* Get all permissions belonging to a the current user.
* @param bool $cache
* @return \Illuminate\Database\Eloquent\Relations\HasManyThrough
*/
private function loadPermissions()
public function permissions($cache = true)
{
if (isset($this->permissions)) return;
if(isset($this->permissions) && $cache) return $this->permissions;
$this->load('roles.permissions');
$permissions = $this->roles[0]->permissions;
$permissionsArray = $permissions->pluck('name')->all();
$this->permissions = $permissionsArray;
$permissions = $this->roles->map(function($role) {
return $role->permissions;
})->flatten()->unique();
$this->permissions = $permissions;
return $permissions;
}
/**
@@ -86,11 +88,8 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
*/
public function can($permissionName)
{
if ($this->email == 'guest') {
return false;
}
$this->loadPermissions();
return array_search($permissionName, $this->permissions) !== false;
if ($this->email === 'guest') return false;
return $this->permissions()->pluck('name')->contains($permissionName);
}
/**
@@ -108,12 +107,11 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
*/
public function attachRoleId($id)
{
$this->roles()->sync([$id]);
$this->roles()->attach($id);
}
/**
* Get the social account associated with this user.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function socialAccounts()
@@ -138,8 +136,6 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
/**
* Returns the user's avatar,
* Uses Gravatar as the avatar service.
*
* @param int $size
* @return string
*/
@@ -164,6 +160,6 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
*/
public function getEditUrl()
{
return '/users/' . $this->id;
return '/settings/users/' . $this->id;
}
}

49
app/helpers.php
View File

@@ -1,10 +1,10 @@
<?php
if (! function_exists('versioned_asset')) {
if (!function_exists('versioned_asset')) {
/**
* Get the path to a versioned file.
*
* @param string $file
* @param string $file
* @return string
*
* @throws \InvalidArgumentException
@@ -27,4 +27,47 @@ if (! function_exists('versioned_asset')) {
throw new InvalidArgumentException("File {$file} not defined in asset manifest.");
}
}
}
/**
* Check if the current user has a permission.
* If an ownable element is passed in the permissions are checked against
* that particular item.
* @param $permission
* @param \BookStack\Ownable $ownable
* @return mixed
*/
function userCan($permission, \BookStack\Ownable $ownable = null)
{
if (!auth()->check()) return false;
if ($ownable === null) {
return auth()->user() && auth()->user()->can($permission);
}
// Check permission on ownable item
$permissionBaseName = strtolower($permission) . '-';
$hasPermission = false;
if (auth()->user()->can($permissionBaseName . 'all')) $hasPermission = true;
if (auth()->user()->can($permissionBaseName . 'own') && $ownable->createdBy && $ownable->createdBy->id === auth()->user()->id) $hasPermission = true;
if (!$ownable instanceof \BookStack\Entity) return $hasPermission;
// Check restrictions on the entitiy
$restrictionService = app('BookStack\Services\RestrictionService');
$explodedPermission = explode('-', $permission);
$action = end($explodedPermission);
$hasAccess = $restrictionService->checkIfEntityRestricted($ownable, $action);
return $hasAccess && $hasPermission;
}
/**
* Helper to access system settings.
* @param $key
* @param bool $default
* @return mixed
*/
function setting($key, $default = false)
{
$settingService = app('BookStack\Services\SettingService');
return $settingService->get($key, $default);
}

189
composer.lock generated
View File

@@ -9,16 +9,16 @@
"packages": [
{
"name": "aws/aws-sdk-php",
"version": "3.14.2",
"version": "3.15.1",
"source": {
"type": "git",
"url": "https://github.com/aws/aws-sdk-php.git",
"reference": "2970cb63e7b7b37dd8c07a4fa4e4e18a110ed4e2"
"reference": "5e6078913293576de969703481994b77c380ca30"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/2970cb63e7b7b37dd8c07a4fa4e4e18a110ed4e2",
"reference": "2970cb63e7b7b37dd8c07a4fa4e4e18a110ed4e2",
"url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/5e6078913293576de969703481994b77c380ca30",
"reference": "5e6078913293576de969703481994b77c380ca30",
"shasum": ""
},
"require": {
@@ -40,7 +40,8 @@
"ext-simplexml": "*",
"ext-spl": "*",
"nette/neon": "^2.3",
"phpunit/phpunit": "~4.0|~5.0"
"phpunit/phpunit": "~4.0|~5.0",
"psr/cache": "^1.0"
},
"suggest": {
"aws/aws-php-sns-message-validator": "To validate incoming SNS notifications",
@@ -84,7 +85,7 @@
"s3",
"sdk"
],
"time": "2016-01-28 21:33:18"
"time": "2016-02-11 23:23:31"
},
{
"name": "barryvdh/laravel-debugbar",
@@ -918,16 +919,16 @@
},
{
"name": "laravel/framework",
"version": "v5.2.12",
"version": "v5.2.16",
"source": {
"type": "git",
"url": "https://github.com/laravel/framework.git",
"reference": "6b6255ad7bfbdb721b8d00b09d52b146c5d363d7"
"reference": "39e89553c124dce266da03ee3c0260bdd62f1848"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/laravel/framework/zipball/6b6255ad7bfbdb721b8d00b09d52b146c5d363d7",
"reference": "6b6255ad7bfbdb721b8d00b09d52b146c5d363d7",
"url": "https://api.github.com/repos/laravel/framework/zipball/39e89553c124dce266da03ee3c0260bdd62f1848",
"reference": "39e89553c124dce266da03ee3c0260bdd62f1848",
"shasum": ""
},
"require": {
@@ -1042,7 +1043,7 @@
"framework",
"laravel"
],
"time": "2016-01-26 04:15:37"
"time": "2016-02-15 17:46:58"
},
{
"name": "laravel/socialite",
@@ -1629,16 +1630,16 @@
},
{
"name": "paragonie/random_compat",
"version": "1.1.6",
"version": "v1.2.0",
"source": {
"type": "git",
"url": "https://github.com/paragonie/random_compat.git",
"reference": "e6f80ab77885151908d0ec743689ca700886e8b0"
"reference": "b0e69d10852716b2ccbdff69c75c477637220790"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/paragonie/random_compat/zipball/e6f80ab77885151908d0ec743689ca700886e8b0",
"reference": "e6f80ab77885151908d0ec743689ca700886e8b0",
"url": "https://api.github.com/repos/paragonie/random_compat/zipball/b0e69d10852716b2ccbdff69c75c477637220790",
"reference": "b0e69d10852716b2ccbdff69c75c477637220790",
"shasum": ""
},
"require": {
@@ -1673,7 +1674,7 @@
"pseudorandom",
"random"
],
"time": "2016-01-29 16:19:52"
"time": "2016-02-06 03:52:05"
},
{
"name": "phenx/php-font-lib",
@@ -2024,16 +2025,16 @@
},
{
"name": "symfony/console",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/console.git",
"reference": "ebcdc507829df915f4ca23067bd59ee4ef61f6c3"
"reference": "5a02eaadaa285e2bb727eb6bbdfb8201fcd971b0"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/console/zipball/ebcdc507829df915f4ca23067bd59ee4ef61f6c3",
"reference": "ebcdc507829df915f4ca23067bd59ee4ef61f6c3",
"url": "https://api.github.com/repos/symfony/console/zipball/5a02eaadaa285e2bb727eb6bbdfb8201fcd971b0",
"reference": "5a02eaadaa285e2bb727eb6bbdfb8201fcd971b0",
"shasum": ""
},
"require": {
@@ -2080,20 +2081,20 @@
],
"description": "Symfony Console Component",
"homepage": "https://symfony.com",
"time": "2015-12-22 10:39:06"
"time": "2016-02-02 13:44:19"
},
{
"name": "symfony/debug",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/debug.git",
"reference": "73612266ac709769effdbfc0762e5b07cfd2ac2a"
"reference": "29606049ced1ec715475f88d1bbe587252a3476e"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/debug/zipball/73612266ac709769effdbfc0762e5b07cfd2ac2a",
"reference": "73612266ac709769effdbfc0762e5b07cfd2ac2a",
"url": "https://api.github.com/repos/symfony/debug/zipball/29606049ced1ec715475f88d1bbe587252a3476e",
"reference": "29606049ced1ec715475f88d1bbe587252a3476e",
"shasum": ""
},
"require": {
@@ -2137,20 +2138,20 @@
],
"description": "Symfony Debug Component",
"homepage": "https://symfony.com",
"time": "2015-12-26 13:39:53"
"time": "2016-01-27 05:14:46"
},
{
"name": "symfony/event-dispatcher",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/event-dispatcher.git",
"reference": "d36355e026905fa5229e1ed7b4e9eda2e67adfcf"
"reference": "4dd5df31a28c0f82b41cb1e1599b74b5dcdbdafa"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/d36355e026905fa5229e1ed7b4e9eda2e67adfcf",
"reference": "d36355e026905fa5229e1ed7b4e9eda2e67adfcf",
"url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/4dd5df31a28c0f82b41cb1e1599b74b5dcdbdafa",
"reference": "4dd5df31a28c0f82b41cb1e1599b74b5dcdbdafa",
"shasum": ""
},
"require": {
@@ -2197,20 +2198,20 @@
],
"description": "Symfony EventDispatcher Component",
"homepage": "https://symfony.com",
"time": "2015-10-30 23:35:59"
"time": "2016-01-27 05:14:46"
},
{
"name": "symfony/finder",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/finder.git",
"reference": "8617895eb798b6bdb338321ce19453dc113e5675"
"reference": "623bda0abd9aa29e529c8e9c08b3b84171914723"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/finder/zipball/8617895eb798b6bdb338321ce19453dc113e5675",
"reference": "8617895eb798b6bdb338321ce19453dc113e5675",
"url": "https://api.github.com/repos/symfony/finder/zipball/623bda0abd9aa29e529c8e9c08b3b84171914723",
"reference": "623bda0abd9aa29e529c8e9c08b3b84171914723",
"shasum": ""
},
"require": {
@@ -2246,20 +2247,20 @@
],
"description": "Symfony Finder Component",
"homepage": "https://symfony.com",
"time": "2015-12-05 11:13:14"
"time": "2016-01-27 05:14:46"
},
{
"name": "symfony/http-foundation",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/http-foundation.git",
"reference": "939c8c28a5b1e4ab7317bc30c1f9aa881c4b06b5"
"reference": "9344a87ceedfc50354a39653e54257ee9aa6a77d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/http-foundation/zipball/939c8c28a5b1e4ab7317bc30c1f9aa881c4b06b5",
"reference": "939c8c28a5b1e4ab7317bc30c1f9aa881c4b06b5",
"url": "https://api.github.com/repos/symfony/http-foundation/zipball/9344a87ceedfc50354a39653e54257ee9aa6a77d",
"reference": "9344a87ceedfc50354a39653e54257ee9aa6a77d",
"shasum": ""
},
"require": {
@@ -2298,20 +2299,20 @@
],
"description": "Symfony HttpFoundation Component",
"homepage": "https://symfony.com",
"time": "2015-12-18 15:43:53"
"time": "2016-02-02 13:44:19"
},
{
"name": "symfony/http-kernel",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/http-kernel.git",
"reference": "f7933e9f19e26e7baba7ec04735b466fedd3a6db"
"reference": "cec02604450481ac26710ca4249cc61b57b23942"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/http-kernel/zipball/f7933e9f19e26e7baba7ec04735b466fedd3a6db",
"reference": "f7933e9f19e26e7baba7ec04735b466fedd3a6db",
"url": "https://api.github.com/repos/symfony/http-kernel/zipball/cec02604450481ac26710ca4249cc61b57b23942",
"reference": "cec02604450481ac26710ca4249cc61b57b23942",
"shasum": ""
},
"require": {
@@ -2380,7 +2381,7 @@
],
"description": "Symfony HttpKernel Component",
"homepage": "https://symfony.com",
"time": "2015-12-26 16:46:13"
"time": "2016-02-03 12:38:44"
},
{
"name": "symfony/polyfill-mbstring",
@@ -2551,16 +2552,16 @@
},
{
"name": "symfony/process",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/process.git",
"reference": "f4794f1d00f0746621be3020ffbd8c5e0b217ee3"
"reference": "dfecef47506179db2501430e732adbf3793099c8"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/process/zipball/f4794f1d00f0746621be3020ffbd8c5e0b217ee3",
"reference": "f4794f1d00f0746621be3020ffbd8c5e0b217ee3",
"url": "https://api.github.com/repos/symfony/process/zipball/dfecef47506179db2501430e732adbf3793099c8",
"reference": "dfecef47506179db2501430e732adbf3793099c8",
"shasum": ""
},
"require": {
@@ -2596,20 +2597,20 @@
],
"description": "Symfony Process Component",
"homepage": "https://symfony.com",
"time": "2015-12-23 11:04:02"
"time": "2016-02-02 13:44:19"
},
{
"name": "symfony/routing",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/routing.git",
"reference": "3b1bac52f42cb0f54df1a2dbabd55a1d214e2a59"
"reference": "4686baa55a835e1c1ede9b86ba02415c8c8d6166"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/routing/zipball/3b1bac52f42cb0f54df1a2dbabd55a1d214e2a59",
"reference": "3b1bac52f42cb0f54df1a2dbabd55a1d214e2a59",
"url": "https://api.github.com/repos/symfony/routing/zipball/4686baa55a835e1c1ede9b86ba02415c8c8d6166",
"reference": "4686baa55a835e1c1ede9b86ba02415c8c8d6166",
"shasum": ""
},
"require": {
@@ -2670,20 +2671,20 @@
"uri",
"url"
],
"time": "2015-12-23 08:00:11"
"time": "2016-01-27 05:14:46"
},
{
"name": "symfony/translation",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/translation.git",
"reference": "dff0867826a7068d673801b7522f8e2634016ef9"
"reference": "2de0b6f7ebe43cffd8a06996ebec6aab79ea9e91"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/translation/zipball/dff0867826a7068d673801b7522f8e2634016ef9",
"reference": "dff0867826a7068d673801b7522f8e2634016ef9",
"url": "https://api.github.com/repos/symfony/translation/zipball/2de0b6f7ebe43cffd8a06996ebec6aab79ea9e91",
"reference": "2de0b6f7ebe43cffd8a06996ebec6aab79ea9e91",
"shasum": ""
},
"require": {
@@ -2734,20 +2735,20 @@
],
"description": "Symfony Translation Component",
"homepage": "https://symfony.com",
"time": "2015-12-05 17:45:07"
"time": "2016-02-02 13:44:19"
},
{
"name": "symfony/var-dumper",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/var-dumper.git",
"reference": "87db8700deb12ba2b65e858f656a1f885530bcb0"
"reference": "24bb94807eff00db49374c37ebf56a0304e8aef3"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/var-dumper/zipball/87db8700deb12ba2b65e858f656a1f885530bcb0",
"reference": "87db8700deb12ba2b65e858f656a1f885530bcb0",
"url": "https://api.github.com/repos/symfony/var-dumper/zipball/24bb94807eff00db49374c37ebf56a0304e8aef3",
"reference": "24bb94807eff00db49374c37ebf56a0304e8aef3",
"shasum": ""
},
"require": {
@@ -2797,7 +2798,7 @@
"debug",
"dump"
],
"time": "2015-12-05 11:13:14"
"time": "2016-01-07 13:38:51"
},
{
"name": "vlucas/phpdotenv",
@@ -3182,22 +3183,24 @@
},
{
"name": "phpspec/prophecy",
"version": "v1.5.0",
"version": "v1.6.0",
"source": {
"type": "git",
"url": "https://github.com/phpspec/prophecy.git",
"reference": "4745ded9307786b730d7a60df5cb5a6c43cf95f7"
"reference": "3c91bdf81797d725b14cb62906f9a4ce44235972"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpspec/prophecy/zipball/4745ded9307786b730d7a60df5cb5a6c43cf95f7",
"reference": "4745ded9307786b730d7a60df5cb5a6c43cf95f7",
"url": "https://api.github.com/repos/phpspec/prophecy/zipball/3c91bdf81797d725b14cb62906f9a4ce44235972",
"reference": "3c91bdf81797d725b14cb62906f9a4ce44235972",
"shasum": ""
},
"require": {
"doctrine/instantiator": "^1.0.2",
"php": "^5.3|^7.0",
"phpdocumentor/reflection-docblock": "~2.0",
"sebastian/comparator": "~1.1"
"sebastian/comparator": "~1.1",
"sebastian/recursion-context": "~1.0"
},
"require-dev": {
"phpspec/phpspec": "~2.0"
@@ -3205,7 +3208,7 @@
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.4.x-dev"
"dev-master": "1.5.x-dev"
}
},
"autoload": {
@@ -3238,7 +3241,7 @@
"spy",
"stub"
],
"time": "2015-08-13 10:07:40"
"time": "2016-02-15 07:46:21"
},
{
"name": "phpunit/php-code-coverage",
@@ -3482,16 +3485,16 @@
},
{
"name": "phpunit/phpunit",
"version": "4.8.21",
"version": "4.8.23",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/phpunit.git",
"reference": "ea76b17bced0500a28098626b84eda12dbcf119c"
"reference": "6e351261f9cd33daf205a131a1ba61c6d33bd483"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/ea76b17bced0500a28098626b84eda12dbcf119c",
"reference": "ea76b17bced0500a28098626b84eda12dbcf119c",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/6e351261f9cd33daf205a131a1ba61c6d33bd483",
"reference": "6e351261f9cd33daf205a131a1ba61c6d33bd483",
"shasum": ""
},
"require": {
@@ -3550,7 +3553,7 @@
"testing",
"xunit"
],
"time": "2015-12-12 07:45:58"
"time": "2016-02-11 14:56:33"
},
{
"name": "phpunit/phpunit-mock-objects",
@@ -3981,16 +3984,16 @@
},
{
"name": "symfony/css-selector",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/css-selector.git",
"reference": "4613311fd46e146f506403ce2f8a0c71d402d2a3"
"reference": "6605602690578496091ac20ec7a5cbd160d4dff4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/css-selector/zipball/4613311fd46e146f506403ce2f8a0c71d402d2a3",
"reference": "4613311fd46e146f506403ce2f8a0c71d402d2a3",
"url": "https://api.github.com/repos/symfony/css-selector/zipball/6605602690578496091ac20ec7a5cbd160d4dff4",
"reference": "6605602690578496091ac20ec7a5cbd160d4dff4",
"shasum": ""
},
"require": {
@@ -4030,20 +4033,20 @@
],
"description": "Symfony CssSelector Component",
"homepage": "https://symfony.com",
"time": "2015-12-05 17:45:07"
"time": "2016-01-27 05:14:46"
},
{
"name": "symfony/dom-crawler",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/dom-crawler.git",
"reference": "7c622b0c9fb8bdb146d6dfa86c5f91dcbfdbc11d"
"reference": "b693a9650aa004576b593ff2e91ae749dc90123d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/dom-crawler/zipball/7c622b0c9fb8bdb146d6dfa86c5f91dcbfdbc11d",
"reference": "7c622b0c9fb8bdb146d6dfa86c5f91dcbfdbc11d",
"url": "https://api.github.com/repos/symfony/dom-crawler/zipball/b693a9650aa004576b593ff2e91ae749dc90123d",
"reference": "b693a9650aa004576b593ff2e91ae749dc90123d",
"shasum": ""
},
"require": {
@@ -4086,20 +4089,20 @@
],
"description": "Symfony DomCrawler Component",
"homepage": "https://symfony.com",
"time": "2015-12-26 13:42:31"
"time": "2016-01-25 09:56:57"
},
{
"name": "symfony/yaml",
"version": "v3.0.1",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/symfony/yaml.git",
"reference": "3df409958a646dad2bc5046c3fb671ee24a1a691"
"reference": "3cf0709d7fe936e97bee9e954382e449003f1d9a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/yaml/zipball/3df409958a646dad2bc5046c3fb671ee24a1a691",
"reference": "3df409958a646dad2bc5046c3fb671ee24a1a691",
"url": "https://api.github.com/repos/symfony/yaml/zipball/3cf0709d7fe936e97bee9e954382e449003f1d9a",
"reference": "3cf0709d7fe936e97bee9e954382e449003f1d9a",
"shasum": ""
},
"require": {
@@ -4135,7 +4138,7 @@
],
"description": "Symfony Yaml Component",
"homepage": "https://symfony.com",
"time": "2015-12-26 13:39:53"
"time": "2016-02-02 13:44:19"
}
],
"aliases": [],

19
config/cache.php
View File

@@ -1,5 +1,18 @@
<?php
// MEMCACHED - Split out configuration into an array
if (env('CACHE_DRIVER') === 'memcached') {
$memcachedServerKeys = ['host', 'port', 'weight'];
$memcachedServers = explode(',', trim(env('MEMCACHED_SERVERS', '127.0.0.1:11211:100'), ','));
foreach ($memcachedServers as $index => $memcachedServer) {
$memcachedServerDetails = explode(':', $memcachedServer);
$components = count($memcachedServerDetails);
if ($components < 2) $memcachedServerDetails[] = '11211';
if ($components < 3) $memcachedServerDetails[] = '100';
$memcachedServers[$index] = array_combine($memcachedServerKeys, $memcachedServerDetails);
}
}
return [
/*
@@ -49,11 +62,7 @@ return [
'memcached' => [
'driver' => 'memcached',
'servers' => [
[
'host' => '127.0.0.1', 'port' => 11211, 'weight' => 100,
],
],
'servers' => env('CACHE_DRIVER') === 'memcached' ? $memcachedServers : [],
],
'redis' => [

8
database/factories/ModelFactory.php
View File

@@ -17,6 +17,7 @@ $factory->define(BookStack\User::class, function ($faker) {
'email' => $faker->email,
'password' => str_random(10),
'remember_token' => str_random(10),
'email_confirmed' => 1
];
});
@@ -45,3 +46,10 @@ $factory->define(BookStack\Page::class, function ($faker) {
'text' => strip_tags($html)
];
});
$factory->define(BookStack\Role::class, function ($faker) {
return [
'display_name' => $faker->sentence(3),
'description' => $faker->sentence(10)
];
});

2
database/migrations/2014_10_12_000000_create_users_table.php
View File

@@ -18,7 +18,7 @@ class CreateUsersTable extends Migration
$table->string('email')->unique();
$table->string('password', 60);
$table->rememberToken();
$table->timestamps();
$table->nullableTimestamps();
});
\BookStack\User::forceCreate([

2
database/migrations/2015_07_12_114933_create_books_table.php
View File

@@ -17,7 +17,7 @@ class CreateBooksTable extends Migration
$table->string('name');
$table->string('slug')->indexed();
$table->text('description');
$table->timestamps();
$table->nullableTimestamps();
});
}

2
database/migrations/2015_07_12_190027_create_pages_table.php
View File

@@ -21,7 +21,7 @@ class CreatePagesTable extends Migration
$table->longText('html');
$table->longText('text');
$table->integer('priority');
$table->timestamps();
$table->nullableTimestamps();
});
}

2
database/migrations/2015_07_13_172121_create_images_table.php
View File

@@ -16,7 +16,7 @@ class CreateImagesTable extends Migration
$table->increments('id');
$table->string('name');
$table->string('url');
$table->timestamps();
$table->nullableTimestamps();
});
}

2
database/migrations/2015_07_27_172342_create_chapters_table.php
View File

@@ -19,7 +19,7 @@ class CreateChaptersTable extends Migration
$table->text('name');
$table->text('description');
$table->integer('priority');
$table->timestamps();
$table->nullableTimestamps();
});
}

2
database/migrations/2015_08_09_093534_create_page_revisions_table.php
View File

@@ -19,7 +19,7 @@ class CreatePageRevisionsTable extends Migration
$table->longText('html');
$table->longText('text');
$table->integer('created_by');
$table->timestamps();
$table->nullableTimestamps();
});
}

2
database/migrations/2015_08_16_142133_create_activities_table.php
View File

@@ -20,7 +20,7 @@ class CreateActivitiesTable extends Migration
$table->integer('user_id');
$table->integer('entity_id');
$table->string('entity_type');
$table->timestamps();
$table->nullableTimestamps();
});
}

4
database/migrations/2015_08_29_105422_add_roles_and_permissions.php
View File

@@ -28,7 +28,7 @@ class AddRolesAndPermissions extends Migration
$table->string('name')->unique();
$table->string('display_name')->nullable();
$table->string('description')->nullable();
$table->timestamps();
$table->nullableTimestamps();
});
// Create table for associating roles to users (Many-to-Many)
@@ -50,7 +50,7 @@ class AddRolesAndPermissions extends Migration
$table->string('name')->unique();
$table->string('display_name')->nullable();
$table->string('description')->nullable();
$table->timestamps();
$table->nullableTimestamps();
});
// Create table for associating permissions to roles (Many-to-Many)

2
database/migrations/2015_08_30_125859_create_settings_table.php
View File

@@ -15,7 +15,7 @@ class CreateSettingsTable extends Migration
Schema::create('settings', function (Blueprint $table) {
$table->string('setting_key')->primary()->indexed();
$table->text('value');
$table->timestamps();
$table->nullableTimestamps();
});
}

2
database/migrations/2015_09_04_165821_create_social_accounts_table.php
View File

@@ -18,7 +18,7 @@ class CreateSocialAccountsTable extends Migration
$table->string('driver')->index();
$table->string('driver_id');
$table->string('avatar');
$table->timestamps();
$table->nullableTimestamps();
});
}

2
database/migrations/2015_09_05_164707_add_email_confirmation_table.php
View File

@@ -20,7 +20,7 @@ class AddEmailConfirmationTable extends Migration
$table->increments('id');
$table->integer('user_id')->index();
$table->string('token')->index();
$table->timestamps();
$table->nullableTimestamps();
});
}

2
database/migrations/2015_11_21_145609_create_views_table.php
View File

@@ -18,7 +18,7 @@ class CreateViewsTable extends Migration
$table->integer('viewable_id');
$table->string('viewable_type');
$table->integer('views');
$table->timestamps();
$table->nullableTimestamps();
});
}

2
database/migrations/2016_01_11_210908_add_external_auth_to_users.php
View File

@@ -28,4 +28,4 @@ class AddExternalAuthToUsers extends Migration
$table->dropColumn('external_auth_id');
});
}
}
}

35
database/migrations/2016_02_25_184030_add_slug_to_revisions.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class AddSlugToRevisions extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('page_revisions', function (Blueprint $table) {
$table->string('slug');
$table->index('slug');
$table->string('book_slug');
$table->index('book_slug');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('page_revisions', function (Blueprint $table) {
$table->dropColumn('slug');
$table->dropColumn('book_slug');
});
}
}

99
database/migrations/2016_02_27_120329_update_permissions_and_roles.php Normal file
View File

@@ -0,0 +1,99 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class UpdatePermissionsAndRoles extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
// Get roles with permissions we need to change
$adminRole = \BookStack\Role::getRole('admin');
$editorRole = \BookStack\Role::getRole('editor');
// Delete old permissions
$permissions = \BookStack\Permission::all();
$permissions->each(function ($permission) {
$permission->delete();
});
// Create & attach new admin permissions
$permissionsToCreate = [
'settings-manage' => 'Manage Settings',
'users-manage' => 'Manage Users',
'user-roles-manage' => 'Manage Roles & Permissions',
'restrictions-manage-all' => 'Manage All Entity Restrictions',
'restrictions-manage-own' => 'Manage Entity Restrictions On Own Content'
];
foreach ($permissionsToCreate as $name => $displayName) {
$newPermission = new \BookStack\Permission();
$newPermission->name = $name;
$newPermission->display_name = $displayName;
$newPermission->save();
$adminRole->attachPermission($newPermission);
}
// Create & attach new entity permissions
$entities = ['Book', 'Page', 'Chapter', 'Image'];
$ops = ['Create All', 'Create Own', 'Update All', 'Update Own', 'Delete All', 'Delete Own'];
foreach ($entities as $entity) {
foreach ($ops as $op) {
$newPermission = new \BookStack\Permission();
$newPermission->name = strtolower($entity) . '-' . strtolower(str_replace(' ', '-', $op));
$newPermission->display_name = $op . ' ' . $entity . 's';
$newPermission->save();
$adminRole->attachPermission($newPermission);
if ($editorRole !== null) $editorRole->attachPermission($newPermission);
}
}
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
// Get roles with permissions we need to change
$adminRole = \BookStack\Role::getRole('admin');
// Delete old permissions
$permissions = \BookStack\Permission::all();
$permissions->each(function ($permission) {
$permission->delete();
});
// Create default CRUD permissions and allocate to admins and editors
$entities = ['Book', 'Page', 'Chapter', 'Image'];
$ops = ['Create', 'Update', 'Delete'];
foreach ($entities as $entity) {
foreach ($ops as $op) {
$newPermission = new \BookStack\Permission();
$newPermission->name = strtolower($entity) . '-' . strtolower($op);
$newPermission->display_name = $op . ' ' . $entity . 's';
$newPermission->save();
$adminRole->attachPermission($newPermission);
}
}
// Create admin permissions
$entities = ['Settings', 'User'];
$ops = ['Create', 'Update', 'Delete'];
foreach ($entities as $entity) {
foreach ($ops as $op) {
$newPermission = new \BookStack\Permission();
$newPermission->name = strtolower($entity) . '-' . strtolower($op);
$newPermission->display_name = $op . ' ' . $entity;
$newPermission->save();
$adminRole->attachPermission($newPermission);
}
}
}
}

73
database/migrations/2016_02_28_084200_add_entity_access_controls.php Normal file
View File

@@ -0,0 +1,73 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class AddEntityAccessControls extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('images', function (Blueprint $table) {
$table->integer('uploaded_to')->default(0);
$table->index('uploaded_to');
});
Schema::table('books', function (Blueprint $table) {
$table->boolean('restricted')->default(false);
$table->index('restricted');
});
Schema::table('chapters', function (Blueprint $table) {
$table->boolean('restricted')->default(false);
$table->index('restricted');
});
Schema::table('pages', function (Blueprint $table) {
$table->boolean('restricted')->default(false);
$table->index('restricted');
});
Schema::create('restrictions', function(Blueprint $table) {
$table->increments('id');
$table->integer('restrictable_id');
$table->string('restrictable_type');
$table->integer('role_id');
$table->string('action');
$table->index('role_id');
$table->index('action');
$table->index(['restrictable_id', 'restrictable_type']);
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('images', function (Blueprint $table) {
$table->dropColumn('uploaded_to');
});
Schema::table('books', function (Blueprint $table) {
$table->dropColumn('restricted');
});
Schema::table('chapters', function (Blueprint $table) {
$table->dropColumn('restricted');
});
Schema::table('pages', function (Blueprint $table) {
$table->dropColumn('restricted');
});
Schema::drop('restrictions');
}
}

2
database/seeds/DummyContentSeeder.php
View File

@@ -12,7 +12,7 @@ class DummyContentSeeder extends Seeder
public function run()
{
$user = factory(BookStack\User::class, 1)->create();
$role = \BookStack\Role::getDefault();
$role = \BookStack\Role::getRole('editor');
$user->attachRole($role);

8
phpunit.xml
View File

@@ -21,12 +21,18 @@
</filter>
<php>
<env name="APP_ENV" value="testing"/>
<env name="APP_DEBUG" value="false"/>
<env name="CACHE_DRIVER" value="array"/>
<env name="SESSION_DRIVER" value="array"/>
<env name="QUEUE_DRIVER" value="sync"/>
<env name="DB_CONNECTION" value="mysql_testing"/>
<env name="MAIL_PRETEND" value="true"/>
<env name="MAIL_DRIVER" value="log"/>
<env name="AUTH_METHOD" value="standard"/>
<env name="DISABLE_EXTERNAL_SERVICES" value="false"/>
<env name="LDAP_VERSION" value="3"/>
<env name="GITHUB_APP_ID" value="aaaaaaaaaaaaaa"/>
<env name="GITHUB_APP_SECRET" value="aaaaaaaaaaaaaa"/>
<env name="GOOGLE_APP_ID" value="aaaaaaaaaaaaaa"/>
<env name="GOOGLE_APP_SECRET" value="aaaaaaaaaaaaaa"/>
</php>
</phpunit>

6
public/build/manifest.json
View File

@@ -1,5 +1,5 @@
{
"css/styles.css": "css/styles.css?version=8d91c6c",
"css/print-styles.css": "css/print-styles.css?version=8d91c6c",
"js/common.js": "js/common.js?version=8d91c6c"
"css/styles.css": "css/styles.css?version=c1c35d2",
"css/print-styles.css": "css/print-styles.css?version=c1c35d2",
"js/common.js": "js/common.js?version=c1c35d2"
}

2
public/css/export-styles.css vendored
View File

File diff suppressed because one or more lines are too long

2
public/css/styles.css vendored
View File

File diff suppressed because one or more lines are too long

18
public/js/common.js
View File

File diff suppressed because one or more lines are too long

4
public/libs/jq-color-picker/tiny-color-picker.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

2
public/uploads/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

20
readme.md
View File

@@ -17,19 +17,13 @@ A platform to create documentation/wiki content. General information about BookS
## Requirements
BookStack has similar requirements to Laravel. On top of those are some front-end build tools which are only required when developing.
BookStack has similar requirements to Laravel:
* PHP >= 5.5.9, Will need to be usable from the command line.
* OpenSSL PHP Extension
* PDO PHP Extension
* MBstring PHP Extension
* Tokenizer PHP Extension
* PHP Extensions: `OpenSSL`, `PDO`, `MBstring`, `Tokenizer`, `GD`
* MySQL >= 5.6
* Git (Not strictly required but helps manage updates)
* [Composer](https://getcomposer.org/)
* [Node.js](https://nodejs.org/en/) **Development Only**
* [Gulp](http://gulpjs.com/) **Development Only**
## Installation
@@ -144,7 +138,14 @@ A user in BookStack will be linked to a LDAP user via a 'uid'. If a LDAP user ui
You may find that you cannot log in with your initial Admin account after changing the `AUTH_METHOD` to `ldap`. To get around this set the `AUTH_METHOD` to `standard`, login with your admin account then change it back to `ldap`. You get then edit your profile and add your LDAP uid under the 'External Authentication ID' field. You will then be able to login in with that ID.
## Testing
## Development & Testing
All development on BookStack is currently done on the master branch. When it's time for a release the master branch is merged into release with built & minified CSS & JS then tagged at it's version. Here are the current development requirements:
* [Node.js](https://nodejs.org/en/) **Development Only**
* [Gulp](http://gulpjs.com/) **Development Only**
SASS is used to help the CSS development and the JavaScript is run through browserify/babel to allow for writing ES6 code. Both of these are done using gulp.
BookStack has many integration tests that use Laravel's built-in testing capabilities which makes use of PHPUnit. To use you will need PHPUnit installed and accessible via command line. There is a `mysql_testing` database defined within the app config which is what is used by PHPUnit. This database is set with the following database name, user name and password defined as `bookstack-test`. You will have to create that database and credentials before testing.
@@ -174,3 +175,4 @@ These are the great projects used to help build BookStack:
* [Material Design Iconic Font](http://zavoloklom.github.io/material-design-iconic-font/icons.html)
* [Dropzone.js](http://www.dropzonejs.com/)
* [ZeroClipboard](http://zeroclipboard.org/)
* [TinyColorPicker](http://www.dematte.at/tinyColorPicker/index.html)

90
resources/assets/js/controllers.js
View File

@@ -1,6 +1,6 @@
"use strict";
module.exports = function (ngApp) {
module.exports = function (ngApp, events) {
ngApp.controller('ImageManagerController', ['$scope', '$attrs', '$http', '$timeout', 'imageManagerService',
function ($scope, $attrs, $http, $timeout, imageManagerService) {
@@ -17,21 +17,40 @@ module.exports = function (ngApp) {
var dataLoaded = false;
var callback = false;
/**
* Simple returns the appropriate upload url depending on the image type set.
* @returns {string}
*/
$scope.getUploadUrl = function () {
return '/images/' + $scope.imageType + '/upload';
};
/**
* Runs on image upload, Adds an image to local list of images
* and shows a success message to the user.
* @param file
* @param data
*/
$scope.uploadSuccess = function (file, data) {
$scope.$apply(() => {
$scope.images.unshift(data);
});
events.emit('success', 'Image uploaded');
};
/**
* Runs the callback and hides the image manager.
* @param returnData
*/
function callbackAndHide(returnData) {
if (callback) callback(returnData);
$scope.showing = false;
}
/**
* Image select action. Checks if a double-click was fired.
* @param image
*/
$scope.imageSelect = function (image) {
var dblClickTime = 300;
var currentTime = Date.now();
@@ -48,10 +67,19 @@ module.exports = function (ngApp) {
previousClickTime = currentTime;
};
/**
* Action that runs when the 'Select image' button is clicked.
* Runs the callback and hides the image manager.
*/
$scope.selectButtonClick = function () {
callbackAndHide($scope.selectedImage);
};
/**
* Show the image manager.
* Takes a callback to execute later on.
* @param doneCallback
*/
function show(doneCallback) {
callback = doneCallback;
$scope.showing = true;
@@ -62,6 +90,8 @@ module.exports = function (ngApp) {
}
}
// Connects up the image manger so it can be used externally
// such as from TinyMCE.
imageManagerService.show = show;
imageManagerService.showExternal = function (doneCallback) {
$scope.$apply(() => {
@@ -70,10 +100,16 @@ module.exports = function (ngApp) {
};
window.ImageManager = imageManagerService;
/**
* Hide the image manager
*/
$scope.hide = function () {
$scope.showing = false;
};
/**
* Fetch the list image data from the server.
*/
function fetchData() {
var url = '/images/' + $scope.imageType + '/all/' + page;
$http.get(url).then((response) => {
@@ -83,27 +119,37 @@ module.exports = function (ngApp) {
});
}
$scope.fetchData = fetchData;
/**
* Save the details of an image.
* @param event
*/
$scope.saveImageDetails = function (event) {
event.preventDefault();
var url = '/images/update/' + $scope.selectedImage.id;
$http.put(url, this.selectedImage).then((response) => {
$scope.imageUpdateSuccess = true;
$timeout(() => {
$scope.imageUpdateSuccess = false;
}, 3000);
events.emit('success', 'Image details updated');
}, (response) => {
var errors = response.data;
var message = '';
Object.keys(errors).forEach((key) => {
message += errors[key].join('\n');
});
$scope.imageUpdateFailure = message;
$timeout(() => {
$scope.imageUpdateFailure = false;
}, 5000);
if (response.status === 422) {
var errors = response.data;
var message = '';
Object.keys(errors).forEach((key) => {
message += errors[key].join('\n');
});
events.emit('error', message);
} else if (response.status === 403) {
events.emit('error', response.data.error);
}
});
};
/**
* Delete an image from system and notify of success.
* Checks if it should force delete when an image
* has dependant pages.
* @param event
*/
$scope.deleteImage = function (event) {
event.preventDefault();
var force = $scope.dependantPages !== false;
@@ -112,18 +158,26 @@ module.exports = function (ngApp) {
$http.delete(url).then((response) => {
$scope.images.splice($scope.images.indexOf($scope.selectedImage), 1);
$scope.selectedImage = false;
$scope.imageDeleteSuccess = true;
$timeout(() => {
$scope.imageDeleteSuccess = false;
}, 3000);
events.emit('success', 'Image successfully deleted');
}, (response) => {
// Pages failure
if (response.status === 400) {
$scope.dependantPages = response.data;
} else if (response.status === 403) {
events.emit('error', response.data.error);
}
});
};
/**
* Simple date creator used to properly format dates.
* @param stringDate
* @returns {Date}
*/
$scope.getDate = function (stringDate) {
return new Date(stringDate);
};
}]);

2
resources/assets/js/directives.js
View File

@@ -5,7 +5,7 @@ var toggleSwitchTemplate = require('./components/toggle-switch.html');
var imagePickerTemplate = require('./components/image-picker.html');
var dropZoneTemplate = require('./components/drop-zone.html');
module.exports = function (ngApp) {
module.exports = function (ngApp, events) {
/**
* Toggle Switches

78
resources/assets/js/global.js
View File

@@ -1,4 +1,4 @@
"use strict";
// AngularJS - Create application and load components
var angular = require('angular');
@@ -7,9 +7,31 @@ var ngAnimate = require('angular-animate');
var ngSanitize = require('angular-sanitize');
var ngApp = angular.module('bookStack', ['ngResource', 'ngAnimate', 'ngSanitize']);
var services = require('./services')(ngApp);
var directives = require('./directives')(ngApp);
var controllers = require('./controllers')(ngApp);
// Global Event System
var Events = {
listeners: {},
emit: function (eventName, eventData) {
if (typeof this.listeners[eventName] === 'undefined') return this;
var eventsToStart = this.listeners[eventName];
for (let i = 0; i < eventsToStart.length; i++) {
var event = eventsToStart[i];
event(eventData);
}
return this;
},
listen: function (eventName, callback) {
if (typeof this.listeners[eventName] === 'undefined') this.listeners[eventName] = [];
this.listeners[eventName].push(callback);
return this;
}
};
window.Events = Events;
var services = require('./services')(ngApp, Events);
var directives = require('./directives')(ngApp, Events);
var controllers = require('./controllers')(ngApp, Events);
//Global jQuery Config & Extensions
@@ -32,8 +54,25 @@ $.expr[":"].contains = $.expr.createPseudo(function (arg) {
// Global jQuery Elements
$(function () {
var notifications = $('.notification');
var successNotification = notifications.filter('.pos');
var errorNotification = notifications.filter('.neg');
// Notification Events
window.Events.listen('success', function (text) {
successNotification.hide();
successNotification.find('span').text(text);
setTimeout(() => {
successNotification.show();
}, 1);
});
window.Events.listen('error', function (text) {
errorNotification.find('span').text(text);
errorNotification.show();
});
// Notification hiding
$('.notification').click(function () {
notifications.click(function () {
$(this).fadeOut(100);
});
@@ -44,6 +83,35 @@ $(function () {
$(this).closest('.chapter').find('.inset-list').slideToggle(180);
});
// Back to top button
$('#back-to-top').click(function() {
$('#header').smoothScrollTo();
});
var scrollTopShowing = false;
var scrollTop = document.getElementById('back-to-top');
var scrollTopBreakpoint = 1200;
window.addEventListener('scroll', function() {
if (!scrollTopShowing && document.body.scrollTop > scrollTopBreakpoint) {
scrollTop.style.display = 'block';
scrollTopShowing = true;
setTimeout(() => {
scrollTop.style.opacity = 0.4;
}, 1);
} else if (scrollTopShowing && document.body.scrollTop < scrollTopBreakpoint) {
scrollTop.style.opacity = 0;
scrollTopShowing = false;
setTimeout(() => {
scrollTop.style.display = 'none';
}, 500);
}
});
// Common jQuery actions
$('[data-action="expand-entity-list-details"]').click(function() {
$('.entity-list.compact').find('p').slideToggle(240);
});
});

7
resources/assets/js/pages/page-form.js
View File

@@ -8,7 +8,6 @@ module.exports = {
statusbar: false,
menubar: false,
paste_data_images: false,
//height: 700,
extended_valid_elements: 'pre[*]',
automatic_uploads: false,
valid_children: "-div[p|pre|h1|h2|h3|h4|h5|h6|blockquote]",
@@ -31,7 +30,7 @@ module.exports = {
alignright: {selector: 'p,h1,h2,h3,h4,h5,h6,td,th,div,ul,ol,li,table,img', classes: 'align-right'},
},
file_browser_callback: function (field_name, url, type, win) {
ImageManager.show(function (image) {
window.ImageManager.showExternal(function (image) {
win.document.getElementById(field_name).value = image.url;
if ("createEvent" in document) {
var evt = document.createEvent("HTMLEvents");
@@ -40,6 +39,10 @@ module.exports = {
} else {
win.document.getElementById(field_name).fireEvent("onchange");
}
var html = '<a href="' + image.url + '" target="_blank">';
html += '<img src="' + image.thumbs.display + '" alt="' + image.name + '">';
html += '</a>';
win.tinyMCE.activeEditor.execCommand('mceInsertContent', false, html);
});
},
paste_preprocess: function (plugin, args) {

46
resources/assets/js/pages/page-show.js
View File

@@ -13,7 +13,7 @@ window.setupPageShow = module.exports = function (pageId) {
var isSelection = false;
// Select all contents on input click
$pointer.on('click', 'input', function(e) {
$pointer.on('click', 'input', function (e) {
$(this).select();
e.stopPropagation();
});
@@ -30,6 +30,7 @@ window.setupPageShow = module.exports = function (pageId) {
// Show pointer when selecting a single block of tagged content
$('.page-content [id^="bkmrk"]').on('mouseup keyup', function (e) {
e.stopPropagation();
var selection = window.getSelection();
if (selection.toString().length === 0) return;
@@ -47,8 +48,6 @@ window.setupPageShow = module.exports = function (pageId) {
var pointerLeftOffsetPercent = (pointerLeftOffset / $elem.width()) * 100;
$pointerInner.css('left', pointerLeftOffsetPercent + '%');
e.stopPropagation();
isSelection = true;
setTimeout(() => {
isSelection = false;
@@ -72,4 +71,43 @@ window.setupPageShow = module.exports = function (pageId) {
goToText(text);
}
};
// Make the book-tree sidebar stick in view on scroll
var $window = $(window);
var $bookTree = $(".book-tree");
// Check the page is scrollable and the content is taller than the tree
var pageScrollable = ($(document).height() > $window.height()) && ($bookTree.height() < $('.page-content').height());
// Get current tree's width and header height
var headerHeight = $("#header").height() + $(".toolbar").height();
var isFixed = $window.scrollTop() > headerHeight;
var bookTreeWidth = $bookTree.width();
// Function to fix the tree as a sidebar
function stickTree() {
$bookTree.width(bookTreeWidth + 48 + 15);
$bookTree.addClass("fixed");
isFixed = true;
}
// Function to un-fix the tree back into position
function unstickTree() {
$bookTree.css('width', 'auto');
$bookTree.removeClass("fixed");
isFixed = false;
}
// Checks if the tree stickiness state should change
function checkTreeStickiness(skipCheck) {
var shouldBeFixed = $window.scrollTop() > headerHeight;
if (shouldBeFixed && (!isFixed || skipCheck)) {
stickTree();
} else if (!shouldBeFixed && (isFixed || skipCheck)) {
unstickTree();
}
}
// If the page is scrollable and the window is wide enough listen to scroll events
// and evaluate tree stickiness.
if (pageScrollable && $window.width() > 1000) {
$window.scroll(function() {
checkTreeStickiness(false);
});
checkTreeStickiness(true);
}
};

2
resources/assets/js/services.js
View File

@@ -1,6 +1,6 @@
"use strict";
module.exports = function(ngApp) {
module.exports = function(ngApp, events) {
ngApp.factory('imageManagerService', function() {
return {

53
resources/assets/sass/_header.scss
View File

@@ -87,6 +87,9 @@ header {
padding-top: $-s;
}
}
.dropdown-container {
font-size: 0.9em;
}
}
form.search-box {
@@ -139,54 +142,6 @@ form.search-box {
height: 43px;
}
.dropdown-container {
display: inline-block;
vertical-align: top;
position: relative;
}
.dropdown-container ul {
display: none;
position: absolute;
z-index: 999;
top: 0;
list-style: none;
right: 0;
margin: $-m 0;
background-color: #FFFFFF;
box-shadow: 0 0 2px 0 rgba(0, 0, 0, 0.1);
border-radius: 1px;
border: 1px solid #EEE;
min-width: 180px;
padding: $-xs 0;
color: #555;
text-align: left !important;
&.wide {
min-width: 220px;
}
.text-muted {
color: #999;
}
a {
display: block;
padding: $-xs $-m;
color: #555;
&:hover {
text-decoration: none;
background-color: #EEE;
}
i {
margin-right: $-m;
padding-right: 0;
display: inline;
width: 22px;
}
}
li.border-bottom {
border-bottom: 1px solid #DDD;
}
}
.breadcrumbs span.sep {
color: #aaa;
padding: 0 $-xs;
@@ -209,7 +164,7 @@ form.search-box {
.faded-small {
color: #000;
font-size: 0.9em;
background-color: rgba(21, 101, 192, 0.15);
background-color: $primary-faded;
}
.breadcrumbs .text-button, .action-buttons .text-button {

36
resources/assets/sass/_image-manager.scss
View File

@@ -21,7 +21,6 @@
border-radius: 4px;
box-shadow: 0 0 15px 0 rgba(0, 0, 0, 0.3);
overflow: hidden;
max-width: 1340px;
position: fixed;
top: 0;
bottom: 0;
@@ -44,18 +43,49 @@
right: 0;
}
.image-manager-list img {
.image-manager-list .image {
display: block;
position: relative;
border-radius: 0;
float: left;
margin: 0;
cursor: pointer;
width: (100%/6);
height: auto;
border: 1px solid #FFF;
border: 1px solid #DDD;
box-shadow: 0 0 0 0 rgba(0, 0, 0, 0);
transition: all cubic-bezier(.4, 0, 1, 1) 160ms;
overflow: hidden;
&.selected {
transform: scale3d(0.92, 0.92, 0.92);
border: 1px solid #444;
box-shadow: 0 1px 2px 0 rgba(0, 0, 0, 0.2);
}
img {
width: 100%;
max-width: 100%;
display: block;
}
.image-meta {
position: absolute;
width: 100%;
bottom: 0;
left: 0;
color: #EEE;
background-color: rgba(0, 0, 0, 0.4);
font-size: 10px;
padding: 3px 4px;
span {
display: block;
}
}
@include smaller-than($xl) {
width: (100%/4);
}
@include smaller-than($m) {
.image-meta {
display: none;
}
}
}

115
resources/assets/sass/_lists.scss
View File

@@ -95,7 +95,28 @@
// Sidebar list
.book-tree {
margin-top: $-xl;
padding: $-l 0 0 0;
position: relative;
right: 0;
top: 0;
transition: ease-in-out 240ms;
transition-property: right, border;
border-left: 0px solid #FFF;
background-color: #FFF;
&.fixed {
position: fixed;
top: 0;
padding-left: $-l;
padding-right: $-l + 15;
width: 30%;
right: -15px;
height: 100%;
overflow-y: scroll;
-ms-overflow-style: none;
//background-color: $primary-faded;
border-left: 1px solid #DDD;
&::-webkit-scrollbar { width: 0 !important }
}
}
.book-tree h4 {
padding: $-m $-s 0 $-s;
@@ -105,16 +126,14 @@
}
.book-tree .sidebar-page-list {
list-style: none;
margin: 0;
margin-top: $-xs;
margin: $-xs 0 0;
padding-left: 0;
border-left: 5px solid $color-book;
li a {
display: block;
border-bottom: none;
padding-left: $-s;
padding: $-xs 0 $-xs $-s;
&:hover {
background-color: rgba(255, 255, 255, 0.2);
text-decoration: none;
}
}
@@ -165,6 +184,7 @@
}
.sub-menu {
display: none;
padding-left: 0;
}
.sub-menu.open {
display: block;
@@ -264,4 +284,87 @@ ul.pagination {
a {
color: $primary;
}
}
}
.entity-list {
>div {
padding: $-m 0;
}
h3 {
margin: 0;
}
p {
margin: $-xs 0 0 0;
}
hr {
margin: 0;
}
.text-small.text-muted {
color: #AAA;
font-size: 0.75em;
margin-top: $-xs;
}
}
.entity-list.compact {
font-size: 0.6em;
h3, a {
line-height: 1.2;
}
p {
display: none;
font-size: $fs-m * 0.8;
padding-top: $-xs;
margin: 0;
}
hr {
margin: 0;
}
}
.dropdown-container {
display: inline-block;
vertical-align: top;
position: relative;
}
.dropdown-container ul {
display: none;
position: absolute;
z-index: 999;
top: 0;
list-style: none;
right: 0;
margin: $-m 0;
background-color: #FFFFFF;
box-shadow: 0 0 2px 0 rgba(0, 0, 0, 0.1);
border-radius: 1px;
border: 1px solid #EEE;
min-width: 180px;
padding: $-xs 0;
color: #555;
text-align: left !important;
&.wide {
min-width: 220px;
}
.text-muted {
color: #999;
}
a {
display: block;
padding: $-xs $-m;
color: #555;
&:hover {
text-decoration: none;
background-color: #EEE;
}
i {
margin-right: $-m;
padding-right: 0;
display: inline;
width: 22px;
}
}
li.border-bottom {
border-bottom: 1px solid #DDD;
}
}

2
resources/assets/sass/_pages.scss
View File

@@ -100,7 +100,7 @@
background-color: #FFF;
border: 1px solid #DDD;
color: #666;
width: 180px;
width: 172px;
z-index: 40;
}
input, button {

4
resources/assets/sass/_tables.scss
View File

@@ -20,4 +20,8 @@ table.table {
table {
max-width: 100%;
thead {
background-color: #F8F8F8;
font-weight: 500;
}
}

23
resources/assets/sass/_text.scss
View File

@@ -115,7 +115,8 @@ pre {
box-shadow: 0 1px 2px 0px rgba(10, 10, 10, 0.06);
border: 1px solid rgba(221, 221, 221, 0.66);
background-color: #fdf6e3;
padding: 0.5em;
padding: $-s;
overflow-x: scroll;
}
blockquote {
@@ -223,13 +224,13 @@ span.highlight {
* Lists
*/
ul {
list-style: disc;
margin-left: $-m*1.5;
padding-left: $-m * 1.5;
list-style: disc inside;
}
ol {
list-style: decimal;
margin-left: $-m*1.5;
list-style: decimal inside;
padding-left: $-m * 1.5;
}
/*
@@ -251,6 +252,18 @@ ol {
text-align: right;
}
.text-bigger {
font-size: 1.1em;
}
.text-large {
font-size: 1.6666em;
}
.no-color {
color: inherit;
}
/**
* Grouping
*/

1
resources/assets/sass/_variables.scss
View File

@@ -38,6 +38,7 @@ $primary-dark: #0288D1;
$secondary: #e27b41;
$positive: #52A256;
$negative: #E84F4F;
$primary-faded: rgba(21, 101, 192, 0.15);
// Item Colors
$color-book: #009688;

7
resources/assets/sass/export-styles.scss
View File

@@ -9,4 +9,9 @@
@import "tables";
@import "header";
@import "lists";
@import "pages";
@import "pages";
table {
border-spacing: 0;
border-collapse: collapse;
}

46
resources/assets/sass/styles.scss
View File

@@ -47,6 +47,13 @@ body.dragging, body.dragging * {
width: 80px;
height: 80px;
}
&.huge {
width: 120px;
height: 120px;
}
&.square {
border-radius: 3px;
}
}
// System wide notifications
@@ -126,4 +133,43 @@ $loadingSize: 10px;
i {
padding-right: $-s;
}
}
// Back to top link
$btt-size: 40px;
#back-to-top {
background-color: $primary;
position: fixed;
bottom: $-m;
right: $-l;
padding: $-xs $-s;
cursor: pointer;
color: #FFF;
width: $btt-size;
height: $btt-size;
border-radius: $btt-size;
transition: all ease-in-out 180ms;
opacity: 0;
z-index: 999;
overflow: hidden;
&:hover {
width: $btt-size*3.4;
opacity: 1 !important;
span {
display: inline-block;
}
}
.inner {
width: $btt-size*3.4;
}
i {
margin: 0;
font-size: 28px;
padding: 0 $-s 0 0;
}
span {
line-height: 12px;
position: relative;
top: -5px;
}
}

4
resources/lang/en/activities.php
View File

@@ -13,7 +13,7 @@ return [
'page_update' => 'updated page',
'page_update_notification' => 'Page Successfully Updated',
'page_delete' => 'deleted page',
'page_delete_notification' => 'Page Successfully Created',
'page_delete_notification' => 'Page Successfully Deleted',
'page_restore' => 'restored page',
'page_restore_notification' => 'Page Successfully Restored',
@@ -35,4 +35,4 @@ return [
'book_sort' => 'sorted book',
'book_sort_notification' => 'Book Successfully Re-sorted',
];
];

1
resources/lang/en/errors.php
View File

@@ -8,4 +8,5 @@ return [
// Pages
'permission' => 'You do not have permission to access the requested page.',
'permissionJson' => 'You do not have permission to perform the requested action.'
];

24
resources/views/base.blade.php
View File

@@ -1,7 +1,7 @@
<!DOCTYPE html>
<html>
<head>
<title>{{ isset($pageTitle) ? $pageTitle . ' | ' : '' }}{{ Setting::get('app-name', 'BookStack') }}</title>
<title>{{ isset($pageTitle) ? $pageTitle . ' | ' : '' }}{{ setting('app-name', 'BookStack') }}</title>
<!-- Meta -->
<meta name="viewport" content="width=device-width">
@@ -17,6 +17,8 @@
<script src="/libs/jquery/jquery.min.js?version=2.1.4"></script>
@yield('head')
@include('partials/custom-styles')
</head>
<body class="@yield('body-class')" ng-app="bookStack">
@@ -27,10 +29,10 @@
<div class="row">
<div class="col-lg-4 col-sm-4" ng-non-bindable>
<a href="/" class="logo">
@if(Setting::get('app-logo', '') !== 'none')
<img class="logo-image" src="{{ Setting::get('app-logo', '') === '' ? '/logo.png' : Setting::get('app-logo', '') }}" alt="Logo">
@if(setting('app-logo', '') !== 'none')
<img class="logo-image" src="{{ setting('app-logo', '') === '' ? '/logo.png' : setting('app-logo', '') }}" alt="Logo">
@endif
<span class="logo-text">{{ Setting::get('app-name', 'BookStack') }}</span>
<span class="logo-text">{{ setting('app-name', 'BookStack') }}</span>
</a>
</div>
<div class="col-lg-4 col-sm-3 text-center">
@@ -43,7 +45,7 @@
<div class="float right">
<div class="links text-center">
<a href="/books"><i class="zmdi zmdi-book"></i>Books</a>
@if(isset($currentUser) && $currentUser->can('settings-update'))
@if(isset($currentUser) && userCan('settings-manage'))
<a href="/settings"><i class="zmdi zmdi-settings"></i>Settings</a>
@endif
@if(!isset($signedIn) || !$signedIn)
@@ -58,10 +60,13 @@
</span>
<ul>
<li>
<a href="/users/{{$currentUser->id}}" class="text-primary"><i class="zmdi zmdi-edit zmdi-hc-lg"></i>Edit Profile</a>
<a href="/user/{{$currentUser->id}}" class="text-primary"><i class="zmdi zmdi-account zmdi-hc-fw zmdi-hc-lg"></i>View Profile</a>
</li>
<li>
<a href="/logout" class="text-neg"><i class="zmdi zmdi-run zmdi-hc-lg"></i>Logout</a>
<a href="/settings/users/{{$currentUser->id}}" class="text-primary"><i class="zmdi zmdi-edit zmdi-hc-fw zmdi-hc-lg"></i>Edit Profile</a>
</li>
<li>
<a href="/logout" class="text-neg"><i class="zmdi zmdi-run zmdi-hc-fw zmdi-hc-lg"></i>Logout</a>
</li>
</ul>
</div>
@@ -77,6 +82,11 @@
@yield('content')
</section>
<div id="back-to-top">
<div class="inner">
<i class="zmdi zmdi-chevron-up"></i> <span>Back to top</span>
</div>
</div>
@yield('bottom')
<script src="{{ versioned_asset('js/common.js') }}"></script>
@yield('scripts')

8
resources/views/books/index.blade.php
View File

@@ -2,13 +2,13 @@
@section('content')
<div class="faded-small">
<div class="faded-small toolbar">
<div class="container">
<div class="row">
<div class="col-xs-1"></div>
<div class="col-xs-11 faded">
<div class="action-buttons">
@if($currentUser->can('book-create'))
@if($currentUser->can('book-create-all'))
<a href="/books/create" class="text-pos text-button"><i class="zmdi zmdi-plus"></i>Add new book</a>
@endif
</div>
@@ -30,7 +30,9 @@
{!! $books->render() !!}
@else
<p class="text-muted">No books have been created.</p>
<a href="/books/create" class="text-pos"><i class="zmdi zmdi-edit"></i>Create one now</a>
@if(userCan('books-create-all'))
<a href="/books/create" class="text-pos"><i class="zmdi zmdi-edit"></i>Create one now</a>
@endif
@endif
</div>
<div class="col-sm-4 col-sm-offset-1">

23
resources/views/books/restrictions.blade.php Normal file
View File

@@ -0,0 +1,23 @@
@extends('base')
@section('content')
<div class="faded-small toolbar">
<div class="container">
<div class="row">
<div class="col-sm-12 faded">
<div class="breadcrumbs">
<a href="{{$book->getUrl()}}" class="text-book text-button"><i class="zmdi zmdi-book"></i>{{ $book->getShortName() }}</a>
</div>
</div>
</div>
</div>
</div>
<div class="container" ng-non-bindable>
<h1>Book Restrictions</h1>
@include('form/restriction-form', ['model' => $book])
</div>
@stop

35
resources/views/books/show.blade.php
View File

@@ -2,23 +2,35 @@
@section('content')
<div class="faded-small" ng-non-bindable>
<div class="faded-small toolbar">
<div class="container">
<div class="row">
<div class="col-md-12">
<div class="action-buttons faded">
@if($currentUser->can('page-create'))
@if(userCan('page-create', $book))
<a href="{{$book->getUrl() . '/page/create'}}" class="text-pos text-button"><i class="zmdi zmdi-plus"></i> New Page</a>
@endif
@if($currentUser->can('chapter-create'))
@if(userCan('chapter-create', $book))
<a href="{{$book->getUrl() . '/chapter/create'}}" class="text-pos text-button"><i class="zmdi zmdi-plus"></i> New Chapter</a>
@endif
@if($currentUser->can('book-update'))
@if(userCan('book-update', $book))
<a href="{{$book->getEditUrl()}}" class="text-primary text-button"><i class="zmdi zmdi-edit"></i>Edit</a>
<a href="{{ $book->getUrl() }}/sort" class="text-primary text-button"><i class="zmdi zmdi-sort"></i>Sort</a>
@endif
@if($currentUser->can('book-delete'))
<a href="{{ $book->getUrl() }}/delete" class="text-neg text-button"><i class="zmdi zmdi-delete"></i>Delete</a>
@if(userCan('book-update', $book) || userCan('restrictions-manage', $book) || userCan('book-delete', $book))
<div dropdown class="dropdown-container">
<a dropdown-toggle class="text-primary text-button"><i class="zmdi zmdi-more-vert"></i></a>
<ul>
@if(userCan('book-update', $book))
<li><a href="{{ $book->getUrl() }}/sort" class="text-primary"><i class="zmdi zmdi-sort"></i>Sort</a></li>
@endif
@if(userCan('restrictions-manage', $book))
<li><a href="{{$book->getUrl()}}/restrict" class="text-primary"><i class="zmdi zmdi-lock-outline"></i>Restrict</a></li>
@endif
@if(userCan('book-delete', $book))
<li><a href="{{ $book->getUrl() }}/delete" class="text-neg"><i class="zmdi zmdi-delete"></i>Delete</a></li>
@endif
</ul>
</div>
@endif
</div>
</div>
@@ -75,6 +87,15 @@
<div class="col-md-4 col-md-offset-1">
<div class="margin-top large"></div>
@if($book->restricted)
<p class="text-muted">
@if(userCan('restrictions-manage', $book))
<a href="{{ $book->getUrl() }}/restrict"><i class="zmdi zmdi-lock-outline"></i>Book Restricted</a>
@else
<i class="zmdi zmdi-lock-outline"></i>Book Restricted
@endif
</p>
@endif
<div class="search-box">
<form ng-submit="searchBook($event)">
<input ng-model="searchTerm" ng-change="checkSearchForm()" type="text" name="term" placeholder="Search This Book">

2
resources/views/chapters/list-item.blade.php
View File

@@ -10,7 +10,7 @@
<p class="text-muted">{{ $chapter->getExcerpt() }}</p>
@endif
@if(count($chapter->pages) > 0 && !isset($hidePages))
@if(!isset($hidePages) && count($chapter->pages) > 0)
<p class="text-muted chapter-toggle"><i class="zmdi zmdi-caret-right"></i> <i class="zmdi zmdi-file-text"></i> <span>{{ count($chapter->pages) }} Pages</span></p>
<div class="inset-list">
@foreach($chapter->pages as $page)

24
resources/views/chapters/restrictions.blade.php Normal file
View File

@@ -0,0 +1,24 @@
@extends('base')
@section('content')
<div class="faded-small toolbar">
<div class="container">
<div class="row">
<div class="col-sm-12 faded">
<div class="breadcrumbs">
<a href="{{$chapter->book->getUrl()}}" class="text-book text-button"><i class="zmdi zmdi-book"></i>{{ $chapter->book->getShortName() }}</a>
<span class="sep">&raquo;</span>
<a href="{{ $chapter->getUrl() }}" class="text-chapter text-button"><i class="zmdi zmdi-collection-bookmark"></i>{{$chapter->getShortName()}}</a>
</div>
</div>
</div>
</div>
</div>
<div class="container" ng-non-bindable>
<h1>Chapter Restrictions</h1>
@include('form/restriction-form', ['model' => $chapter])
</div>
@stop

Some files were not shown because too many files have changed in this diff Show More