Updated shelf menu item to show on custom permission

- Extended new 'userCanOnAny' helper to take a entity class for filtering. Closes #1201
BookStackApp · Mar 9, 2019 · 042a6f9 · 042a6f9
1 parent 0428774
commit 042a6f9
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 12 deletions.
diff --git a/app/Auth/Permissions/PermissionService.php b/app/Auth/Permissions/PermissionService.php
@@ -558,28 +558,35 @@ public function checkOwnableUserAccess(Ownable $ownable, $permission)
 
     /**
      * Checks if a user has the given permission for any items in the system.
+     * Can be passed an entity instance to filter on a specific type.
      * @param string $permission
+     * @param string $entityClass
      * @return bool
      */
-    public function checkUserHasPermissionOnAnything(string $permission)
+    public function checkUserHasPermissionOnAnything(string $permission, string $entityClass = null)
     {
         $userRoleIds = $this->currentUser()->roles()->select('id')->pluck('id')->toArray();
         $userId = $this->currentUser()->id;
 
-        $canCreatePage = $this->db->table('joint_permissions')
+        $permissionQuery = $this->db->table('joint_permissions')
             ->where('action', '=', $permission)
             ->whereIn('role_id', $userRoleIds)
             ->where(function ($query) use ($userId) {
                 $query->where('has_permission', '=', 1)
-                ->orWhere(function ($query2) use ($userId) {
-                    $query2->where('has_permission_own', '=', 1)
-                    ->where('created_by', '=', $userId);
-                });       
-            })
-            ->get()->count() > 0;
+                    ->orWhere(function ($query2) use ($userId) {
+                        $query2->where('has_permission_own', '=', 1)
+                            ->where('created_by', '=', $userId);
+                    });
+        }) ;
+
+        if (!is_null($entityClass)) {
+            $entityInstance = app()->make($entityClass);
+            $permissionQuery = $permissionQuery->where('entity_type', '=', $entityInstance->getMorphClass());
+        }
 
+        $hasPermission = $permissionQuery->count() > 0;
         $this->clean();
-        return $canCreatePage;
+        return $hasPermission;
     }
 
     /**

diff --git a/app/helpers.php b/app/helpers.php
@@ -1,6 +1,7 @@
 <?php
 
 use BookStack\Auth\Permissions\PermissionService;
+use BookStack\Entities\Entity;
 use BookStack\Ownable;
 
 /**
@@ -70,12 +71,13 @@ function userCan(string $permission, Ownable $ownable = null)
  * Check if the current user has the given permission
  * on any item in the system.
  * @param string $permission
+ * @param string|null $entityClass
  * @return bool
  */
-function userCanOnAny(string $permission)
+function userCanOnAny(string $permission, string $entityClass = null)
 {
     $permissionService = app(PermissionService::class);
-    return $permissionService->checkUserHasPermissionOnAnything($permission);
+    return $permissionService->checkUserHasPermissionOnAnything($permission, $entityClass);
 }
 
 /**

diff --git a/resources/views/base.blade.php b/resources/views/base.blade.php
@@ -48,7 +48,7 @@
                             </form>
                         </div>
                         <div class="links text-center">
-                            @if(userCan('bookshelf-view-all') || userCan('bookshelf-view-own'))
+                            @if(userCanOnAny('view', \BookStack\Entities\Bookshelf::class) || userCan('bookshelf-view-own'))
                                 <a href="{{ baseUrl('/shelves') }}">@icon('bookshelf'){{ trans('entities.shelves') }}</a>
                             @endif
                             <a href="{{ baseUrl('/books') }}">@icon('book'){{ trans('entities.books') }}</a>

diff --git a/tests/Entity/BookShelfTest.php b/tests/Entity/BookShelfTest.php
@@ -1,5 +1,7 @@
 <?php namespace Tests;
 
+use BookStack\Auth\Role;
+use BookStack\Auth\User;
 use BookStack\Entities\Book;
 use BookStack\Entities\Bookshelf;
 
@@ -27,6 +29,22 @@ public function test_shelves_shows_in_header_if_have_view_permissions()
         $resp->assertElementContains('header', 'Shelves');
     }
 
+    public function test_shelves_shows_in_header_if_have_any_shelve_view_permission()
+    {
+        $user = factory(User::class)->create();
+        $this->giveUserPermissions($user, ['image-create-all']);
+        $shelf = Bookshelf::first();
+        $userRole = $user->roles()->first();
+
+        $resp = $this->actingAs($user)->get('/');
+        $resp->assertElementNotContains('header', 'Shelves');
+
+        $this->setEntityRestrictions($shelf, ['view'], [$userRole]);
+
+        $resp = $this->get('/');
+        $resp->assertElementContains('header', 'Shelves');
+    }
+
     public function test_shelves_page_contains_create_link()
     {
         $resp = $this->asEditor()->get('/shelves');