]>
BookStack Code Mirror - bookstack/blobdiff - app/Entities/Controllers/BookApiController.php
projects
/
bookstack
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Permissions: Cleanup after review of enum implementation PR
[bookstack]
/
app
/
Entities
/
Controllers
/
BookApiController.php
diff --git
a/app/Entities/Controllers/BookApiController.php
b/app/Entities/Controllers/BookApiController.php
index c1e38e72fe7c2cb5c1402870bce4dda7d90c9b1d..5baea163fd683c8cd07ad42de244bd5fd885a381 100644
(file)
--- a/
app/Entities/Controllers/BookApiController.php
+++ b/
app/Entities/Controllers/BookApiController.php
@@
-11,6
+11,7
@@
use BookStack\Entities\Queries\PageQueries;
use BookStack\Entities\Repos\BookRepo;
use BookStack\Entities\Tools\BookContents;
use BookStack\Http\ApiController;
use BookStack\Entities\Repos\BookRepo;
use BookStack\Entities\Tools\BookContents;
use BookStack\Http\ApiController;
+use BookStack\Permissions\Permission;
use Illuminate\Http\Request;
use Illuminate\Validation\ValidationException;
use Illuminate\Http\Request;
use Illuminate\Validation\ValidationException;
@@
-30,6
+31,7
@@
class BookApiController extends ApiController
{
$books = $this->queries
->visibleForList()
{
$books = $this->queries
->visibleForList()
+ ->with(['cover:id,name,url'])
->addSelect(['created_by', 'updated_by']);
return $this->apiListingResponse($books, [
->addSelect(['created_by', 'updated_by']);
return $this->apiListingResponse($books, [
@@
-46,7
+48,7
@@
class BookApiController extends ApiController
*/
public function create(Request $request)
{
*/
public function create(Request $request)
{
- $this->checkPermission(
'book-create-all'
);
+ $this->checkPermission(
Permission::BookCreateAll
);
$requestData = $this->validate($request, $this->rules()['create']);
$book = $this->bookRepo->create($requestData);
$requestData = $this->validate($request, $this->rules()['create']);
$book = $this->bookRepo->create($requestData);
@@
-91,7
+93,7
@@
class BookApiController extends ApiController
public function update(Request $request, string $id)
{
$book = $this->queries->findVisibleByIdOrFail(intval($id));
public function update(Request $request, string $id)
{
$book = $this->queries->findVisibleByIdOrFail(intval($id));
- $this->checkOwnablePermission(
'book-update'
, $book);
+ $this->checkOwnablePermission(
Permission::BookUpdate
, $book);
$requestData = $this->validate($request, $this->rules()['update']);
$book = $this->bookRepo->update($book, $requestData);
$requestData = $this->validate($request, $this->rules()['update']);
$book = $this->bookRepo->update($book, $requestData);
@@
-108,7
+110,7
@@
class BookApiController extends ApiController
public function delete(string $id)
{
$book = $this->queries->findVisibleByIdOrFail(intval($id));
public function delete(string $id)
{
$book = $this->queries->findVisibleByIdOrFail(intval($id));
- $this->checkOwnablePermission(
'book-delete'
, $book);
+ $this->checkOwnablePermission(
Permission::BookDelete
, $book);
$this->bookRepo->destroy($book);
$this->bookRepo->destroy($book);
projects / bookstack / blobdiff