mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-29 23:22:34 +01:00
Added public build folder and support for a demo mode
This commit is contained in:
parent
0d8ca22487
commit
9a470b07fd
1
.gitignore
vendored
1
.gitignore
vendored
@ -9,7 +9,6 @@ Homestead.yaml
|
||||
/public/js
|
||||
/public/uploads
|
||||
/public/bower
|
||||
/public/build
|
||||
/storage/images
|
||||
_ide_helper.php
|
||||
/storage/debugbar
|
@ -42,6 +42,15 @@ abstract class Controller extends BaseController
|
||||
$this->signedIn = auth()->check();
|
||||
}
|
||||
|
||||
/**
|
||||
* Stops the application and shows a permission error if
|
||||
* the application is in demo mode.
|
||||
*/
|
||||
protected function preventAccessForDemoUsers()
|
||||
{
|
||||
if (env('APP_ENV', 'production') === 'demo') $this->showPermissionError();
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds the page title into the view.
|
||||
* @param $title
|
||||
@ -51,6 +60,18 @@ abstract class Controller extends BaseController
|
||||
view()->share('pageTitle', $title);
|
||||
}
|
||||
|
||||
/**
|
||||
* On a permission error redirect to home and display
|
||||
* the error as a notification.
|
||||
*/
|
||||
protected function showPermissionError()
|
||||
{
|
||||
Session::flash('error', trans('errors.permission'));
|
||||
throw new HttpResponseException(
|
||||
redirect('/')
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks for a permission.
|
||||
*
|
||||
@ -60,15 +81,18 @@ abstract class Controller extends BaseController
|
||||
protected function checkPermission($permissionName)
|
||||
{
|
||||
if (!$this->currentUser || !$this->currentUser->can($permissionName)) {
|
||||
Session::flash('error', trans('errors.permission'));
|
||||
throw new HttpResponseException(
|
||||
redirect('/')
|
||||
);
|
||||
$this->showPermissionError();
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a user has a permission or bypass if the callback is true.
|
||||
* @param $permissionName
|
||||
* @param $callback
|
||||
* @return bool
|
||||
*/
|
||||
protected function checkPermissionOr($permissionName, $callback)
|
||||
{
|
||||
$callbackResult = $callback();
|
||||
|
@ -31,13 +31,16 @@ class SettingController extends Controller
|
||||
*/
|
||||
public function update(Request $request)
|
||||
{
|
||||
$this->preventAccessForDemoUsers();
|
||||
$this->checkPermission('settings-update');
|
||||
|
||||
// Cycles through posted settings and update them
|
||||
foreach($request->all() as $name => $value) {
|
||||
if(strpos($name, 'setting-') !== 0) continue;
|
||||
$key = str_replace('setting-', '', trim($name));
|
||||
Setting::put($key, $value);
|
||||
}
|
||||
|
||||
session()->flash('success', 'Settings Saved');
|
||||
return redirect('/settings');
|
||||
}
|
||||
|
@ -108,9 +108,11 @@ class UserController extends Controller
|
||||
*/
|
||||
public function update(Request $request, $id)
|
||||
{
|
||||
$this->preventAccessForDemoUsers();
|
||||
$this->checkPermissionOr('user-update', function () use ($id) {
|
||||
return $this->currentUser->id == $id;
|
||||
});
|
||||
|
||||
$this->validate($request, [
|
||||
'name' => 'required',
|
||||
'email' => 'required|email|unique:users,email,' . $id,
|
||||
@ -144,6 +146,7 @@ class UserController extends Controller
|
||||
$this->checkPermissionOr('user-delete', function () use ($id) {
|
||||
return $this->currentUser->id == $id;
|
||||
});
|
||||
|
||||
$user = $this->user->findOrFail($id);
|
||||
$this->setPageTitle('Delete User ' . $user->name);
|
||||
return view('users/delete', ['user' => $user]);
|
||||
@ -156,6 +159,7 @@ class UserController extends Controller
|
||||
*/
|
||||
public function destroy($id)
|
||||
{
|
||||
$this->preventAccessForDemoUsers();
|
||||
$this->checkPermissionOr('user-delete', function () use ($id) {
|
||||
return $this->currentUser->id == $id;
|
||||
});
|
||||
|
2
public/build/.gitignore
vendored
Normal file
2
public/build/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
*
|
||||
!.gitignore
|
Loading…
Reference in New Issue
Block a user