Merge branch 'Copy-For-View-Only' of git://github.com/mark-james/BookStack into mark-james-Copy-For-View-Only

2025-06-06 02:24:33 +08:00 · 2019-03-09 16:12:12 +00:00
parent 33e999909f 19770d2792
commit 6be2d3f28c
4 changed files with 47 additions and 7 deletions
--- a/app/Auth/Permissions/PermissionService.php
+++ b/app/Auth/Permissions/PermissionService.php
@ -556,6 +556,33 @@ class PermissionService
        return $q;
    }

+    /**
+     * Checks if a user has a book or chapter available to create a page
+     * @param Ownable $ownable
+     * @param $permission
+     * @return bool
+     */
+    public function checkAvailableCreatePageAccess()
+    {
+        $userRoleIds = $this->currentUser()->roles()->pluck('id')->toArray();
+        $userId = $this->currentUser()->id;
+
+
+        $canCreatePage = $this->db->table('joint_permissions')
+            ->where('action', '=', 'page-create')
+            ->whereIn('role_id', $userRoleIds)
+            ->where(function ($query) use ($userId) {
+                $query->where('has_permission', '=', 1)
+                ->orWhere(function ($query2) use ($userId) {
+                    $query2->where('has_permission_own', '=', 1)
+                    ->where('created_by', '=', $userId);
+                });       
+            })
+            ->get()->count() > 0;
+
+        return $canCreatePage;
+    }
+
    /**
     * Check if an entity has restrictions set on itself or its
     * parent tree.
--- a/app/Http/Controllers/PageController.php
+++ b/app/Http/Controllers/PageController.php
@ -643,7 +643,7 @@ class PageController extends Controller
    public function showCopy($bookSlug, $pageSlug)
    {
        $page = $this->pageRepo->getPageBySlug($pageSlug, $bookSlug);
-        $this->checkOwnablePermission('page-update', $page);
+        $this->checkOwnablePermission('page-view', $page);
        session()->flashInput(['name' => $page->name]);
        return view('pages/copy', [
            'book' => $page->book,
@ -662,7 +662,7 @@ class PageController extends Controller
    public function copy($bookSlug, $pageSlug, Request $request)
    {
        $page = $this->pageRepo->getPageBySlug($pageSlug, $bookSlug);
-        $this->checkOwnablePermission('page-update', $page);
+        $this->checkOwnablePermission('page-view', $page);

        $entitySelection = $request->get('entity_selection', null);
        if ($entitySelection === null || $entitySelection === '') {
--- a/app/helpers.php
+++ b/app/helpers.php
@ -65,6 +65,17 @@ function userCan($permission, Ownable $ownable = null)
    return $permissionService->checkOwnableUserAccess($ownable, $permission);
 }

+/**
+ * Check if the current user has the ability to create a page for an existing object
+ * @return bool
+ */
+function userCanCreatePage()
+{
+    // Check for create page permissions
+    $permissionService = app(\BookStack\Auth\Permissions\PermissionService::class);
+    return $permissionService->checkAvailableCreatePageAccess();
+}
+
 /**
 * Helper to access system settings.
 * @param $key