github-mirror/BookStack
github-mirror/BookStack
2
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-04-02 21:59:06 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Applied StyleCI changes

Browse Source
This commit is contained in:
Dan Brown 2021-11-30 14:25:09 +00:00
parent 3b3eb0f44f
commit 9490457d04
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/Auth/Permissions/PermissionService.php
View File

@ -625,7 +625,7 @@ class PermissionService
})->where(function ($query) use ($tableDetails, $pageMorphClass) { })->where(function ($query) use ($tableDetails, $pageMorphClass) {
/** @var Builder $query */ /** @var Builder $query */
$query->where($tableDetails['entityTypeColumn'], '!=', $pageMorphClass) $query->where($tableDetails['entityTypeColumn'], '!=', $pageMorphClass)
->orWhereExists(function(QueryBuilder $query) use ($tableDetails, $pageMorphClass) { ->orWhereExists(function (QueryBuilder $query) use ($tableDetails, $pageMorphClass) {
$query->select('id')->from('pages') $query->select('id')->from('pages')
->whereColumn('pages.id', '=', $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn']) ->whereColumn('pages.id', '=', $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn'])
->where($tableDetails['tableName'] . '.' . $tableDetails['entityTypeColumn'], '=', $pageMorphClass) ->where($tableDetails['tableName'] . '.' . $tableDetails['entityTypeColumn'], '=', $pageMorphClass)
@ -645,10 +645,10 @@ class PermissionService
public function filterRelatedEntity(string $entityClass, Builder $query, string $tableName, string $entityIdColumn): Builder public function filterRelatedEntity(string $entityClass, Builder $query, string $tableName, string $entityIdColumn): Builder
{ {
$fullEntityIdColumn = $tableName . '.' . $entityIdColumn; $fullEntityIdColumn = $tableName . '.' . $entityIdColumn;
$instance = new $entityClass; $instance = new $entityClass();
$morphClass = $instance->getMorphClass(); $morphClass = $instance->getMorphClass();
$existsQuery = function($permissionQuery) use ($fullEntityIdColumn, $morphClass) { $existsQuery = function ($permissionQuery) use ($fullEntityIdColumn, $morphClass) {
/** @var Builder $permissionQuery */ /** @var Builder $permissionQuery */
$permissionQuery->select('joint_permissions.role_id')->from('joint_permissions') $permissionQuery->select('joint_permissions.role_id')->from('joint_permissions')
->whereColumn('joint_permissions.entity_id', '=', $fullEntityIdColumn) ->whereColumn('joint_permissions.entity_id', '=', $fullEntityIdColumn)
@ -667,7 +667,7 @@ class PermissionService
if ($instance instanceof Page) { if ($instance instanceof Page) {
// Prevent visibility of non-owned draft pages // Prevent visibility of non-owned draft pages
$q->whereExists(function(QueryBuilder $query) use ($fullEntityIdColumn) { $q->whereExists(function (QueryBuilder $query) use ($fullEntityIdColumn) {
$query->select('id')->from('pages') $query->select('id')->from('pages')
->whereColumn('pages.id', '=', $fullEntityIdColumn) ->whereColumn('pages.id', '=', $fullEntityIdColumn)
->where(function (QueryBuilder $query) { ->where(function (QueryBuilder $query) {

3
app/Http/Middleware/ApiAuthenticate.php
View File

@ -50,11 +50,12 @@ class ApiAuthenticate
} }
/** /**
* Check if the active session user has API access * Check if the active session user has API access.
*/ */
protected function sessionUserHasApiAccess(): bool protected function sessionUserHasApiAccess(): bool
{ {
$hasApiPermission = user()->can('access-api'); $hasApiPermission = user()->can('access-api');
return $hasApiPermission && hasAppAccess(); return $hasApiPermission && hasAppAccess();
} }