Commit Graph

77 Commits

Author SHA1 Message Date
451e4ac452 Fixed collapsed perm. gen for book sub-items.
Also converted the existing "JointPermission" usage to the new
collapsed permission system.
2022-12-23 14:05:43 +00:00
7330139555 Created big scary query to apply permissions via new format 2022-12-22 20:32:06 +00:00
60bf838a4a Added joint_user_permissions handling to query system
Some issues exist to resolve though, not in final state.
2022-12-11 22:53:46 +00:00
2a65331573 Worked towards phpstan level 2, 13 errors remain 2022-10-24 12:12:48 +01:00
0f68be608d Removed most usages of restricted entitiy property 2022-10-10 16:58:26 +01:00
63056dbef4 Updated restricted usage on search and entity meta details
Also removed now unused view.
2022-10-10 16:22:51 +01:00
bf591765c1 Reorgranised permission routes into their own controller
Also introduced helpers for getting entities by slugs since we do it in
so many places.
2022-10-09 16:36:03 +01:00
aee0e16194 Started code update for new entity permission format 2022-10-08 13:52:59 +01:00
a03245e427 Added user-interface for "Everyone Else" entity permission item
Nothing on back-end logic done to hook this new option up.
Addition of permissions for role_id=0 works out of the box, but active
"everyone else" permissions, with no priviliges, is currently not
working. Needs change of permission gen logic also.
2022-10-02 18:09:48 +01:00
60171b3522 Updated book copy to copy shelf relations
Where permission to edit the shelf is allowed.
For #3699
2022-09-28 14:14:51 +01:00
f28ed0ef0b Fixed shelf covers being stored as 'cover_book'
Are now stored as 'cover_bookshelf' as expected.
Added a migrate to alter existing shelf cover image types.
2022-09-02 12:54:54 +01:00
f092c97748 Fixed lack of url reference updating on book child move 2022-08-30 22:12:52 +01:00
b86ee6d252 Rolled out reference link updating logic usage
Added test to cover updating of content on reference url change
2022-08-21 18:05:19 +01:00
5d29d0cc7b Added reference storage system, and command to re-index
Also re-named/orgranized some files for this, to make them "References"
specific instead of a subset of "Util".
2022-08-17 14:40:14 +01:00
837fd74bf6 Refactored search-based code to its own folder
Also applied StyleCI changes
2022-08-16 11:28:05 +01:00
6e0a7344fa Added revision activity types to system and audit log
Closes #3628
2022-08-09 13:25:18 +01:00
2332401854 Fixed a couple of non-intended logical permission issues
Both caught in tests:
Fixed loss of permissions for admin users when entity restrictions were
active, since there are no entity-restrictions for the admin role but
we'd force generate them in joint permissions, which would be queried.
Fixed new role permission checks when permissions given with only the
action (eg. 'view'), since the type prefix would be required for role
permission checks. Was previously not needed as only the simpler form
was used in the jointpermissions after merge & calculation.
2022-07-16 20:55:32 +01:00
afe1a04239 Aligned permission applicator method names
Also removed lesser used function, that was mostly a duplicate of an
existing function, and only used for search.
2022-07-16 19:54:25 +01:00
1d875ccfb7 Continued removal of joint permission non-view queries
Cleaned up PermissionApplicator to remove old cache system which was
hardly ever actuall caching anything since it was reset after each
public method run.

Changed the scope of 'userCanOnAny' to just check entity permissions,
and added protections of action scope creep, in case a role permission
action was passed by mistake.
2022-07-16 13:17:08 +01:00
b0a4d3d059 Renamed and cleaned up existing permission service classes use 2022-07-12 20:15:41 +01:00
f1a8ad4980 Applied latest StyleCI changes 2022-04-25 18:42:31 +01:00
d5b7fff102 Merge branch 'recycle_bin_api_endpoints' into development 2022-04-25 18:32:55 +01:00
ff8dadefee Reviewed recycle bin API PR and made changes
Made the following changes, many of these are just to align with
existing conventions.

- Updated urls to be hypenated, instead of underscored, to match other system endpoints.
- Updated URL parameter to be `deletionId` instead of `id`, and removed the ID-based comment on controller methods, so the required ID model is clear from the URL alone, since its not clear from the URL endpoint alone like existing endpoints. This follows the pattern used in the "web" routes.
- Added extra detail on some controller method comments, and copied permission comment to each method.
- Removed existing field visibility mechanisms to use simpler model-based visibility since we didn't need anything too special here (After some of my other changes).
- Allowed the "deletable" model to be shown in response to provide a little more detail on the main deleted item.
- Updated parent/child-count loading to be on the "deletable" model instead of additional properties which results in simpler controller logic and enforces the idea these are relations on the deletable, not the deletion itself. It also removes additional exposure of model namespacing.
- Updated (int) casts to intval, just since that's our most common conversion method in the codebase.
- Testing: Removed `actingAsAuthorizedUser` and used the admin user instead to prevent extra auth steps on each test.
- Testing: Cut logic/data-checks from tests if already covered by other tests.
- Testing: Added simple assertions for delete/restore response data.
- Examples: Updated list example to reflect changes.

Review of PR #3377
To be followed up with changes to polymorphic relations to hide
namespacing.
2022-04-25 17:54:59 +01:00
0c5723d76e Switched to database-based tracking for page editor
- Works better to avoid bad assumptions when showing the editor based
  upon content type.
- Also updated some previous tests to cleaner format.
2022-04-23 23:20:46 +01:00
492ffff0a4 Added core editor switching functionality 2022-04-18 17:39:28 +01:00
b5281bc9ca Fixed tests, applied StyleCI changes 2022-03-26 20:38:03 +00:00
3625f12abe Added extendable/scalable formatter for webhook data
Creates a new organsied formatting system for webhook data, with
interfaces for extending with custom model formatting rules.
Allows easy usage & extension of the default bookstack formatting
behaviour when customizing webhook events via theme system, and keeps
default data customizations organised.

This also makes the following webhook data changes:
- owned_by/created_by/updated_by user details are loaded for events with
  Entity details. (POTENTIALLY BREAKING CHANGE).
- current_revision details are loaded for page update/create events.

Added testing to cover added model formatting rules.

For #3279 and #3218
2022-03-26 16:53:02 +00:00
4239d4c54d Fixed error on webhooks for recycle bin operations
Updated the getUrl method on deletions to not require any passed
params to align with usage in webhooks.
Probably better to have a proper interface but would require a wider
change.

Fixes #3154
2022-01-10 17:47:49 +00:00
8d91f4369b Improved custom homepage check on item deletion
Custom homepage usage will now be checked before any actioning
of deletion rather than potentially causing an exception acting
during the deletion.

Previously a deletion could still be created, within the recycle bin,
for the parent which may lead to the page being deleted anyway.

For #3150
2022-01-10 17:04:01 +00:00
20e093a7a1 Added ability to copy/clone chapters
Builds upon page clone work. Takes permissions into account to decide
if child pages should be copied.
2021-12-19 15:40:52 +00:00
9079700170 Refactored the activity service
- Renamed to "ActivityLogger" to be more focused in usage.
- Extracted out query elements to seperate "ActivityQueries" class.
- Removed old 'addForEntity' activity method to limit activity record
  points.
2021-12-11 17:29:33 +00:00
cd7788f2e9 Updated translators and merged styleci fixes 2021-11-23 20:41:12 +00:00
024924eef3 Applied another round of static analysis updates 2021-11-22 23:33:55 +00:00
1bf59f434b Tweaked custom command registration, Added StyleCI fixes
Old command registration method was interfering with default commands,
causing only a limited subset of commands to show overall.
This change follows the method the frameworks uses when loading in from a
directory to prevent issues with run/load order.
2021-11-22 22:22:31 +00:00
876bc10d4d Applied another set of static analysis improvements 2021-11-20 14:03:56 +00:00
99587a0be6 Added tag values as part of the indexed search terms
This allows finding content via tag name/values when just searching
using normal seach terms.
Added testing to cover.

Related to #1577
2021-11-12 17:06:01 +00:00
f28daa01d9 Added page content parsing to up-rank header text in search
This adds parsing of page content so that headers apply a boost to
scores in the search term index.
Additionally, this merges title and content terms to reduce the amount
of stored terms a little.
Includes testing to cover.
2021-11-12 13:47:23 +00:00
f2b1d2e1e7 Applied latest StyleCI changes 2021-11-06 22:00:33 +00:00
8d7c8ac8bf Done a round of phpstan fixes 2021-11-06 00:32:01 +00:00
f139cded78 Laravel 8 shift squash & merge (#3029)
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift

Co-authored-by: Shift <shift@laravelshift.com>
2021-10-30 21:29:59 +01:00
f77236aa38 Laravel 7.x Shift (#3011)
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7

Co-authored-by: Shift <shift@laravelshift.com>
2021-10-26 22:04:18 +01:00
cb45c53029 Added base64 image extraction to markdown page content
- Included tests to cover.
- Manually tested via API update and interface page update.

Closes #2898
2021-10-18 11:42:50 +01:00
f99af807d0 Reviewed and refactored additional editor draft save warnings
- Added testing to cover warning cases.
- Refactored logic to be simpler and move much of the business out of
  the controller.
- Added new message that's more suitable to the case this was handling.
- For detecting an outdated draft, checked the draft created_at time
  instead of updated_at to better fit the scenario being checked.
- Updated some method types to align with those potentially being used
  in the logic of the code.
- Added a cache of shown messages on the front-end to prevent them
  re-showing on every save during the session, even if dismissed.
2021-10-04 20:26:55 +01:00
c08c8d7aa3 Applied styleci style changes 2021-09-18 21:21:44 +01:00
badaf08e55 Removed browserkit from a couple of classess
Done a little reorganisation while there of misplaced tests.
Moved MarkdownTest to a new PageEditorTest to avoid confusion with
other markdown elements and to align with other page tests.
2021-09-13 22:54:21 +01:00
ff494be952 Fixed lack of proper ordering of pages
Added test to cover
Fixes #2905
2021-09-01 20:30:02 +01:00
4400ad7e8d Applied stylci advisories 2021-08-24 21:23:55 +01:00
a61c9c5e98 Reorgranised blade view files to form a convention
- Primarily moved and re-organised view files.
- Included readme within views to document the convention.
- Fixed some issues with page field select list in previous commit.
- Tweaked some route names while going through.
- Split some views out further.

Closes #2805
2021-08-22 13:17:32 +01:00
1a6293ce24 Optimized loading of page/chapter URLs to be a little more efficient
- Loaded book_slug as part of chapter/page queries instead of books
 being loaded in afterwards.
- Removed unused page method.
- Updated some page queries to load specific attributes.
2021-08-21 19:59:55 +01:00
934a833818 Apply fixes from StyleCI 2021-06-26 15:23:15 +00:00