starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-02-06 19:06:02 +03:00
Code Issues 784 Packages Projects Releases 10 Wiki Activity

[PR #3986] [MERGED] Permission Testing & Alignment #6285

New Issue
Closed
opened 2026-02-05 10:28:29 +03:00 by OVERLORD · 0 comments
OVERLORD commented 2026-02-05 10:28:29 +03:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/BookStackApp/BookStack/pull/3986
Author: @ssddanbrown
Created: 1/21/2023
Status: Merged
Merged: 1/25/2023
Merged by: @ssddanbrown

Base: developmentHead: permission_testing

📝 Commits (10+)

  • c724bfe Copied over work from user_permissions branch
  • e2a72d1 Made adjustments to fit copied work into dev branch
  • f3f2a0c Updated userCan logic to meet expectations in tests
  • 91e613f Shared entity permission logic across both query methods
  • 7d74575 Found a sql having-style approach to permissions
  • 2d1f1ab Implemented alternate approach to current joint_permissions
  • 1660e72 Migrated remaining relation permission usages
  • d1bd6d0 Fixed incorrect field in down migration
  • 8be3645 Addressed fallback override cases found during testing
  • 1fa5a31 Fixed role entity permissions ignoring inheritance

📊 Changes

86 files changed (+1831 additions, -796 deletions)

View changed files

📝 app/Actions/Activity.php (+8 -0)
📝 app/Actions/Favourite.php (+8 -0)
📝 app/Actions/Tag.php (+8 -0)
📝 app/Actions/View.php (+8 -0)
app/Auth/Permissions/EntityPermissionEvaluator.php (+141 -0)
📝 app/Auth/Permissions/JointPermissionBuilder.php (+26 -142)
app/Auth/Permissions/MassEntityPermissionEvaluator.php (+81 -0)
📝 app/Auth/Permissions/PermissionApplicator.php (+21 -105)
app/Auth/Permissions/PermissionStatus.php (+11 -0)
📝 app/Auth/Permissions/SimpleEntityData.php (+16 -0)
📝 app/Auth/User.php (+1 -0)
📝 app/References/Reference.php (+8 -0)
📝 app/References/ReferenceFetcher.php (+11 -6)
📝 app/Uploads/Attachment.php (+8 -0)
📝 app/Uploads/Image.php (+8 -0)
database/migrations/2023_01_24_104625_refactor_joint_permissions_storage.php (+52 -0)
dev/docs/permission-scenario-testing.md (+343 -0)
📝 tests/Actions/AuditLogTest.php (+15 -15)
📝 tests/Actions/WebhookCallTest.php (+2 -2)
📝 tests/Actions/WebhookFormatTesting.php (+1 -1)

...and 66 more files

📄 Description

This is a merge of the permission work done in #3908 , at commit 3083979855, but only of the testing work/changes since the fundamental user permissions work came to a barrier.

Docs update

  • Update permissions user doc page.
    • Provide an "advanced" overview of deeper combination logic
  • Upgrade notice, linking to above added section for more details, advising slight change in logic handling.
  • Upgrade notice, potential longer db migration time on upgrade due to permission regeneration.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/BookStackApp/BookStack/pull/3986 **Author:** [@ssddanbrown](https://github.com/ssddanbrown) **Created:** 1/21/2023 **Status:** ✅ Merged **Merged:** 1/25/2023 **Merged by:** [@ssddanbrown](https://github.com/ssddanbrown) **Base:** `development` ← **Head:** `permission_testing` --- ### 📝 Commits (10+) - [`c724bfe`](https://github.com/BookStackApp/BookStack/commit/c724bfe4d37037e90a305b5ff9410070ccf90bb9) Copied over work from user_permissions branch - [`e2a72d1`](https://github.com/BookStackApp/BookStack/commit/e2a72d16aa496cef250986d9f7cc02dd9564e647) Made adjustments to fit copied work into dev branch - [`f3f2a0c`](https://github.com/BookStackApp/BookStack/commit/f3f2a0c1d55681bbbf141f051b073a5b39100a51) Updated userCan logic to meet expectations in tests - [`91e613f`](https://github.com/BookStackApp/BookStack/commit/91e613fe606777c0b036a2cfada94092b771dc22) Shared entity permission logic across both query methods - [`7d74575`](https://github.com/BookStackApp/BookStack/commit/7d74575eb86d9049cd420af6f0f1218b955dcfd4) Found a sql having-style approach to permissions - [`2d1f1ab`](https://github.com/BookStackApp/BookStack/commit/2d1f1abce4a6372b6be1833d88354149cbc7e40c) Implemented alternate approach to current joint_permissions - [`1660e72`](https://github.com/BookStackApp/BookStack/commit/1660e72cc5f3420bb704a8f159a94f0632d0b25c) Migrated remaining relation permission usages - [`d1bd6d0`](https://github.com/BookStackApp/BookStack/commit/d1bd6d0e3919ccdf22c74ebf29282475288132bd) Fixed incorrect field in down migration - [`8be3645`](https://github.com/BookStackApp/BookStack/commit/8be36455ab7007334ca26fff28ebb1a99886de65) Addressed fallback override cases found during testing - [`1fa5a31`](https://github.com/BookStackApp/BookStack/commit/1fa5a3196060092b4771c3d6b775f503800434d8) Fixed role entity permissions ignoring inheritance ### 📊 Changes **86 files changed** (+1831 additions, -796 deletions) <details> <summary>View changed files</summary> 📝 `app/Actions/Activity.php` (+8 -0) 📝 `app/Actions/Favourite.php` (+8 -0) 📝 `app/Actions/Tag.php` (+8 -0) 📝 `app/Actions/View.php` (+8 -0) ➕ `app/Auth/Permissions/EntityPermissionEvaluator.php` (+141 -0) 📝 `app/Auth/Permissions/JointPermissionBuilder.php` (+26 -142) ➕ `app/Auth/Permissions/MassEntityPermissionEvaluator.php` (+81 -0) 📝 `app/Auth/Permissions/PermissionApplicator.php` (+21 -105) ➕ `app/Auth/Permissions/PermissionStatus.php` (+11 -0) 📝 `app/Auth/Permissions/SimpleEntityData.php` (+16 -0) 📝 `app/Auth/User.php` (+1 -0) 📝 `app/References/Reference.php` (+8 -0) 📝 `app/References/ReferenceFetcher.php` (+11 -6) 📝 `app/Uploads/Attachment.php` (+8 -0) 📝 `app/Uploads/Image.php` (+8 -0) ➕ `database/migrations/2023_01_24_104625_refactor_joint_permissions_storage.php` (+52 -0) ➕ `dev/docs/permission-scenario-testing.md` (+343 -0) 📝 `tests/Actions/AuditLogTest.php` (+15 -15) 📝 `tests/Actions/WebhookCallTest.php` (+2 -2) 📝 `tests/Actions/WebhookFormatTesting.php` (+1 -1) _...and 66 more files_ </details> ### 📄 Description This is a merge of the permission work done in #3908 , at commit 3083979855c6395fd7a35fb92790e0efb37b44f6, but only of the testing work/changes since the fundamental user permissions work came to a barrier. ### Docs update - Update permissions user doc page. - Provide an "advanced" overview of deeper combination logic - **Upgrade notice**, linking to above added section for more details, advising slight change in logic handling. - **Upgrade notice**, potential longer db migration time on upgrade due to permission regeneration. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
OVERLORD added the pull-request label 2026-02-05 10:28:29 +03:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🎨 Design
📖 Docs Update
🐛 Bug
🐛 Bug
:cat2:🐈 Possible duplicate
💿 Database
Open to discussion
💻 Front-End
🐕 Support
🚪 Authentication
🌍 Translations
🔌 API Task
🏭 Back-End
Upstream
🔨 Feature Request
🛠️ Enhancement
🛠️ Enhancement
🛠️ Enhancement
❤️ Happy feedback
🔒 Security
🔍 Pending Validation
💆 UX
📝 WYSIWYG Editor
🌔 Out of scope
🔩 API Request
:octocat: Admin/Meta
🖌️ View Customization
Question
🚀 Priority
🛡️ Blocked
🚚 Export System
A11y
🔧 Maintenance
> Markdown Editor
pull-request
Mirrored from GitHub Pull Request
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/BookStack#6285
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?