use BookStack\App\Model;
use BookStack\Exceptions\NotifyException;
use BookStack\Facades\Activity;
+use BookStack\Permissions\Permission;
use Illuminate\Foundation\Bus\DispatchesJobs;
use Illuminate\Foundation\Validation\ValidatesRequests;
use Illuminate\Http\JsonResponse;
}
/**
- * Stops the application and shows a permission error if
- * the application is in demo mode.
+ * Stops the application and shows a permission error if the application is in demo mode.
*/
- protected function preventAccessInDemoMode()
+ protected function preventAccessInDemoMode(): void
{
if (config('app.env') === 'demo') {
$this->showPermissionError();
/**
* Adds the page title into the view.
*/
- public function setPageTitle(string $title)
+ public function setPageTitle(string $title): void
{
view()->share('pageTitle', $title);
}
/**
- * On a permission error redirect to home and display.
- * the error as a notification.
+ * On a permission error redirect to home and display the error as a notification.
*
- * @return never
+ * @throws NotifyException
*/
- protected function showPermissionError()
+ protected function showPermissionError(string $redirectLocation = '/'): never
{
$message = request()->wantsJson() ? trans('errors.permissionJson') : trans('errors.permission');
- throw new NotifyException($message, '/', 403);
+ throw new NotifyException($message, $redirectLocation, 403);
}
/**
* Checks that the current user has the given permission otherwise throw an exception.
*/
- protected function checkPermission(string $permission): void
+ protected function checkPermission(string|Permission $permission): void
{
if (!user() || !user()->can($permission)) {
$this->showPermissionError();
/**
* Check the current user's permissions against an ownable item otherwise throw an exception.
*/
- protected function checkOwnablePermission(string $permission, Model $ownable): void
+ protected function checkOwnablePermission(string|Permission $permission, Model $ownable, string $redirectLocation = '/'): void
{
if (!userCan($permission, $ownable)) {
- $this->showPermissionError();
+ $this->showPermissionError($redirectLocation);
}
}
* Check if a user has a permission or bypass the permission
* check if the given callback resolves true.
*/
- protected function checkPermissionOr(string $permission, callable $callback): void
+ protected function checkPermissionOr(string|Permission $permission, callable $callback): void
{
if ($callback() !== true) {
$this->checkPermission($permission);
* Check if the current user has a permission or bypass if the provided user
* id matches the current user.
*/
- protected function checkPermissionOrCurrentUser(string $permission, int $userId): void
+ protected function checkPermissionOrCurrentUser(string|Permission $permission, int $userId): void
{
$this->checkPermissionOr($permission, function () use ($userId) {
return $userId === user()->id;
}
/**
- * Send back a json error message.
+ * Send back a JSON error message.
*/
protected function jsonError(string $messageText = '', int $statusCode = 500): JsonResponse
{
}
/**
- * Show a positive, successful notification to the user on next view load.
+ * Show a positive, successful notification to the user on the next view load.
*/
protected function showSuccessNotification(string $message): void
{
}
/**
- * Show a warning notification to the user on next view load.
+ * Show a warning notification to the user on the next view load.
*/
protected function showWarningNotification(string $message): void
{
}
/**
- * Show an error notification to the user on next view load.
+ * Show an error notification to the user on the next view load.
*/
protected function showErrorNotification(string $message): void
{
*/
protected function getImageValidationRules(): array
{
- return ['image_extension', 'mimes:jpeg,png,gif,webp', 'max:' . (config('app.upload_limit') * 1000)];
+ return ['image_extension', 'mimes:jpeg,png,gif,webp,avif', 'max:' . (config('app.upload_limit') * 1000)];
}
/**
projects / bookstack / blobdiff