Permissions: Updated use of helpers to use enums

author Dan Brown <redacted>

Tue, 9 Sep 2025 08:48:19 +0000 (09:48 +0100)

committer Dan Brown <redacted>

Tue, 9 Sep 2025 08:48:19 +0000 (09:48 +0100)
author Dan Brown <redacted>
Tue, 9 Sep 2025 08:48:19 +0000 (09:48 +0100)
committer Dan Brown <redacted>
Tue, 9 Sep 2025 08:48:19 +0000 (09:48 +0100)
diff --git a/app/Activity/Controllers/WebhookController.php b/app/Activity/Controllers/WebhookController.php

index dcca1dc413f308939d5b1d3f405885d4bdb58c68..6a65b8363612bc16be806215f33a466d8f3c7b18 100644 (file)
--- a/app/Activity/Controllers/WebhookController.php
+++ b/app/Activity/Controllers/WebhookController.php
@@ -6,6 +6,7 @@ use BookStack\Activity\ActivityType;
  use BookStack\Activity\Models\Webhook;
  use BookStack\Activity\Queries\WebhooksAllPaginatedAndSorted;
  use BookStack\Http\Controller;
+use BookStack\Permissions\Permission;
  use BookStack\Util\SimpleListOptions;
  use Illuminate\Http\Request;
  
@@ -14,7 +15,7 @@ class WebhookController extends Controller
      public function __construct()
      {
          $this->middleware([
-            'can:settings-manage',
+            Permission::SettingsManage->middleware()
          ]);
      }
  
diff --git a/app/Activity/Tools/CommentTree.php b/app/Activity/Tools/CommentTree.php

index a05a9d24726f84ead259de6eb98670bd5b3a9881..af9b7ecb2929b7682cd09bbd122cf505e5a831c8 100644 (file)
--- a/app/Activity/Tools/CommentTree.php
+++ b/app/Activity/Tools/CommentTree.php
@@ -70,7 +70,7 @@ class CommentTree
      public function canUpdateAny(): bool
      {
          foreach ($this->comments as $comment) {
-            if (userCan('comment-update', $comment)) {
+            if (userCan(\BookStack\Permissions\Permission::CommentUpdate, $comment)) {
                  return true;
              }
          }
diff --git a/app/Activity/Tools/TagClassGenerator.php b/app/Activity/Tools/TagClassGenerator.php

index 5bcb44113d6ecaaa596a8ce6aed8da689e180910..03586eb277fd669aee12f8d975a5aef05ff22fbf 100644 (file)
--- a/app/Activity/Tools/TagClassGenerator.php
+++ b/app/Activity/Tools/TagClassGenerator.php
@@ -26,14 +26,14 @@ class TagClassGenerator
               array_push($classes, ...$this->generateClassesForTag($tag));
          }
  
-        if ($this->entity instanceof BookChild && userCan('view', $this->entity->book)) {
+        if ($this->entity instanceof BookChild && userCan(\BookStack\Permissions\Permission::View, $this->entity->book)) {
              $bookTags = $this->entity->book->tags;
              foreach ($bookTags as $bookTag) {
                   array_push($classes, ...$this->generateClassesForTag($bookTag, 'book-'));
              }
          }
  
-        if ($this->entity instanceof Page && $this->entity->chapter && userCan('view', $this->entity->chapter)) {
+        if ($this->entity instanceof Page && $this->entity->chapter && userCan(\BookStack\Permissions\Permission::View, $this->entity->chapter)) {
              $chapterTags = $this->entity->chapter->tags;
              foreach ($chapterTags as $chapterTag) {
                   array_push($classes, ...$this->generateClassesForTag($chapterTag, 'chapter-'));
diff --git a/app/Entities/Controllers/PageController.php b/app/Entities/Controllers/PageController.php

index d4bde300b1d8acbb851a166f16bc42c08ae002e7..1fe296537d0d3ae596adc81ff33133f5b5a39b5f 100644 (file)
--- a/app/Entities/Controllers/PageController.php
+++ b/app/Entities/Controllers/PageController.php
@@ -342,7 +342,7 @@ class PageController extends Controller
  
          $this->showSuccessNotification(trans('entities.pages_delete_draft_success'));
  
-        if ($chapter && userCan('view', $chapter)) {
+        if ($chapter && userCan(\BookStack\Permissions\Permission::View, $chapter)) {
              return redirect($chapter->getUrl());
          }
  
diff --git a/app/Entities/Repos/ChapterRepo.php b/app/Entities/Repos/ChapterRepo.php

index 6503e63cfafc5912a886131ab089b169358ecbeb..10b9697ed1327cbaa6066415900afc7b536ab2de 100644 (file)
--- a/app/Entities/Repos/ChapterRepo.php
+++ b/app/Entities/Repos/ChapterRepo.php
@@ -87,7 +87,7 @@ class ChapterRepo
              throw new MoveOperationException('Book to move chapter into not found');
          }
  
-        if (!userCan('chapter-create', $parent)) {
+        if (!userCan(\BookStack\Permissions\Permission::ChapterCreate, $parent)) {
              throw new PermissionsException('User does not have permission to create a chapter within the chosen book');
          }
  
diff --git a/app/Entities/Repos/PageRepo.php b/app/Entities/Repos/PageRepo.php

index 63e8b8370ee046ad20b14de6b122ce18e050ecd6..4a9efd31daedaf0e0979aeb6e6d9ade833d0de5c 100644 (file)
--- a/app/Entities/Repos/PageRepo.php
+++ b/app/Entities/Repos/PageRepo.php
@@ -55,7 +55,7 @@ class PageRepo
          }
  
          $defaultTemplate = $page->chapter->defaultTemplate ?? $page->book->defaultTemplate;
-        if ($defaultTemplate && userCan('view', $defaultTemplate)) {
+        if ($defaultTemplate && userCan(\BookStack\Permissions\Permission::View, $defaultTemplate)) {
              $page->forceFill([
                  'html'  => $defaultTemplate->html,
                  'markdown' => $defaultTemplate->markdown,
@@ -142,7 +142,7 @@ class PageRepo
  
      protected function updateTemplateStatusAndContentFromInput(Page $page, array $input): void
      {
-        if (isset($input['template']) && userCan('templates-manage')) {
+        if (isset($input['template']) && userCan(\BookStack\Permissions\Permission::TemplatesManage)) {
              $page->template = ($input['template'] === 'true');
          }
  
@@ -165,7 +165,7 @@ class PageRepo
              $pageContent->setNewHTML($input['html'], user());
          }
  
-        if (($newEditor !== $currentEditor || empty($page->editor)) && userCan('editor-change')) {
+        if (($newEditor !== $currentEditor || empty($page->editor)) && userCan(\BookStack\Permissions\Permission::EditorChange)) {
              $page->editor = $newEditor->value;
          } elseif (empty($page->editor)) {
              $page->editor = $defaultEditor->value;
@@ -271,7 +271,7 @@ class PageRepo
              throw new MoveOperationException('Book or chapter to move page into not found');
          }
  
-        if (!userCan('page-create', $parent)) {
+        if (!userCan(\BookStack\Permissions\Permission::PageCreate, $parent)) {
              throw new PermissionsException('User does not have permission to create a page within the new parent');
          }
  
diff --git a/app/Entities/Tools/Cloner.php b/app/Entities/Tools/Cloner.php

index 87aa770c0474087945807f72611288038dd95d70..0af25a2c12910dba90a0dc5d803cc5d605297f9e 100644 (file)
--- a/app/Entities/Tools/Cloner.php
+++ b/app/Entities/Tools/Cloner.php
@@ -49,7 +49,7 @@ class Cloner
  
          $copyChapter = $this->chapterRepo->create($chapterDetails, $parent);
  
-        if (userCan('page-create', $copyChapter)) {
+        if (userCan(\BookStack\Permissions\Permission::PageCreate, $copyChapter)) {
              /** @var Page $page */
              foreach ($original->getVisiblePages() as $page) {
                  $this->clonePage($page, $copyChapter, $page->name);
@@ -74,11 +74,11 @@ class Cloner
          // Clone contents
          $directChildren = $original->getDirectVisibleChildren();
          foreach ($directChildren as $child) {
-            if ($child instanceof Chapter && userCan('chapter-create', $copyBook)) {
+            if ($child instanceof Chapter && userCan(\BookStack\Permissions\Permission::ChapterCreate, $copyBook)) {
                  $this->cloneChapter($child, $copyBook, $child->name);
              }
  
-            if ($child instanceof Page && !$child->draft && userCan('page-create', $copyBook)) {
+            if ($child instanceof Page && !$child->draft && userCan(\BookStack\Permissions\Permission::PageCreate, $copyBook)) {
                  $this->clonePage($child, $copyBook, $child->name);
              }
          }
@@ -86,7 +86,7 @@ class Cloner
          // Clone bookshelf relationships
          /** @var Bookshelf $shelf */
          foreach ($original->shelves as $shelf) {
-            if (userCan('bookshelf-update', $shelf)) {
+            if (userCan(\BookStack\Permissions\Permission::BookshelfUpdate, $shelf)) {
                  $shelf->appendBook($copyBook);
              }
          }
diff --git a/app/Entities/Tools/PageEditorData.php b/app/Entities/Tools/PageEditorData.php

index e4fe2fd25bbf4e270780f8d8137cbb6c133c2070..fc32e9a434ba9a19e7ccb4088a5572646083d51c 100644 (file)
--- a/app/Entities/Tools/PageEditorData.php
+++ b/app/Entities/Tools/PageEditorData.php
@@ -100,7 +100,7 @@ class PageEditorData
  
          // Use requested editor if valid and if we have permission
          $requestedType = PageEditorType::fromRequestValue($this->requestedEditor);
-        if ($requestedType && userCan('editor-change')) {
+        if ($requestedType && userCan(\BookStack\Permissions\Permission::EditorChange)) {
              $editorType = $requestedType;
          }
  
diff --git a/app/Entities/Tools/PermissionsUpdater.php b/app/Entities/Tools/PermissionsUpdater.php

index 4ca53982a451e790635716be4dc4088e6a7d0121..fbf92e2033e6d8e23495c088e588457beeabe2c4 100644 (file)
--- a/app/Entities/Tools/PermissionsUpdater.php
+++ b/app/Entities/Tools/PermissionsUpdater.php
@@ -150,7 +150,7 @@ class PermissionsUpdater
  
          /** @var Book $book */
          foreach ($shelfBooks as $book) {
-            if ($checkUserPermissions && !userCan('restrictions-manage', $book)) {
+            if ($checkUserPermissions && !userCan(\BookStack\Permissions\Permission::RestrictionsManage, $book)) {
                  continue;
              }
              $book->permissions()->delete();
diff --git a/app/Exports/Controllers/BookExportApiController.php b/app/Exports/Controllers/BookExportApiController.php

index 87f1d7eef0e266600d6f9d017829d001b58125b1..21f276f8a4f0d5d281d669a3188ed92d41a12e4c 100644 (file)
--- a/app/Exports/Controllers/BookExportApiController.php
+++ b/app/Exports/Controllers/BookExportApiController.php
@@ -6,6 +6,7 @@ use BookStack\Entities\Queries\BookQueries;
  use BookStack\Exports\ExportFormatter;
  use BookStack\Exports\ZipExports\ZipExportBuilder;
  use BookStack\Http\ApiController;
+use BookStack\Permissions\Permission;
  use Throwable;
  
  class BookExportApiController extends ApiController
@@ -14,7 +15,7 @@ class BookExportApiController extends ApiController
          protected ExportFormatter $exportFormatter,
          protected BookQueries $queries,
      ) {
-        $this->middleware('can:content-export');
+        $this->middleware(Permission::ContentExport->middleware());
      }
  
      /**
diff --git a/app/Exports/Controllers/BookExportController.php b/app/Exports/Controllers/BookExportController.php

index 67247598c318b8e8de6e681994b5a4c9190c8c71..f6bb66666dd0f7689ba81b19cdff313a4324d559 100644 (file)
--- a/app/Exports/Controllers/BookExportController.php
+++ b/app/Exports/Controllers/BookExportController.php
@@ -7,6 +7,7 @@ use BookStack\Exceptions\NotFoundException;
  use BookStack\Exports\ExportFormatter;
  use BookStack\Exports\ZipExports\ZipExportBuilder;
  use BookStack\Http\Controller;
+use BookStack\Permissions\Permission;
  use Throwable;
  
  class BookExportController extends Controller
@@ -15,7 +16,7 @@ class BookExportController extends Controller
          protected BookQueries $queries,
          protected ExportFormatter $exportFormatter,
      ) {
-        $this->middleware('can:content-export');
+        $this->middleware(Permission::ContentExport->middleware());
          $this->middleware('throttle:exports');
      }
  
diff --git a/app/Exports/Controllers/ChapterExportApiController.php b/app/Exports/Controllers/ChapterExportApiController.php

index bccd414af659f7a4b45f259364c1cf328a9f3b6c..7e5a23c705937e93b2cb94e936bffb4522adcfc6 100644 (file)
--- a/app/Exports/Controllers/ChapterExportApiController.php
+++ b/app/Exports/Controllers/ChapterExportApiController.php
@@ -6,6 +6,7 @@ use BookStack\Entities\Queries\ChapterQueries;
  use BookStack\Exports\ExportFormatter;
  use BookStack\Exports\ZipExports\ZipExportBuilder;
  use BookStack\Http\ApiController;
+use BookStack\Permissions\Permission;
  use Throwable;
  
  class ChapterExportApiController extends ApiController
@@ -14,7 +15,7 @@ class ChapterExportApiController extends ApiController
          protected ExportFormatter $exportFormatter,
          protected ChapterQueries $queries,
      ) {
-        $this->middleware('can:content-export');
+        $this->middleware(Permission::ContentExport->middleware());
      }
  
      /**
diff --git a/app/Exports/Controllers/ChapterExportController.php b/app/Exports/Controllers/ChapterExportController.php

index 8490243439a05b9ad18aaec2325d67af368118f6..fdb2bba945755d6ddf4a253c80c7a62efed0aae8 100644 (file)
--- a/app/Exports/Controllers/ChapterExportController.php
+++ b/app/Exports/Controllers/ChapterExportController.php
@@ -7,6 +7,7 @@ use BookStack\Exceptions\NotFoundException;
  use BookStack\Exports\ExportFormatter;
  use BookStack\Exports\ZipExports\ZipExportBuilder;
  use BookStack\Http\Controller;
+use BookStack\Permissions\Permission;
  use Throwable;
  
  class ChapterExportController extends Controller
@@ -15,7 +16,7 @@ class ChapterExportController extends Controller
          protected ChapterQueries $queries,
          protected ExportFormatter $exportFormatter,
      ) {
-        $this->middleware('can:content-export');
+        $this->middleware(Permission::ContentExport->middleware());
          $this->middleware('throttle:exports');
      }
  
diff --git a/app/Exports/Controllers/ImportApiController.php b/app/Exports/Controllers/ImportApiController.php

index cac155c7c1b13576e90be3769ec2a8465b5cead6..f8eaea5a131c3bb5084a810cc5b95832a39ce851 100644 (file)
--- a/app/Exports/Controllers/ImportApiController.php
+++ b/app/Exports/Controllers/ImportApiController.php
@@ -8,6 +8,7 @@ use BookStack\Exceptions\ZipImportException;
  use BookStack\Exceptions\ZipValidationException;
  use BookStack\Exports\ImportRepo;
  use BookStack\Http\ApiController;
+use BookStack\Permissions\Permission;
  use BookStack\Uploads\AttachmentService;
  use Illuminate\Http\Request;
  use Illuminate\Http\JsonResponse;
@@ -18,7 +19,7 @@ class ImportApiController extends ApiController
      public function __construct(
          protected ImportRepo $imports,
      ) {
-        $this->middleware('can:content-import');
+        $this->middleware(Permission::ContentImport->middleware());
      }
  
      /**
diff --git a/app/Exports/Controllers/ImportController.php b/app/Exports/Controllers/ImportController.php

index 0d3e2414bdd587758eec314f72687839d2ba5a11..7ecc09a4132f5dcc54a2f47841f53b8c86009bb4 100644 (file)
--- a/app/Exports/Controllers/ImportController.php
+++ b/app/Exports/Controllers/ImportController.php
@@ -8,6 +8,7 @@ use BookStack\Exceptions\ZipImportException;
  use BookStack\Exceptions\ZipValidationException;
  use BookStack\Exports\ImportRepo;
  use BookStack\Http\Controller;
+use BookStack\Permissions\Permission;
  use BookStack\Uploads\AttachmentService;
  use Illuminate\Http\Request;
  
@@ -16,7 +17,7 @@ class ImportController extends Controller
      public function __construct(
          protected ImportRepo $imports,
      ) {
-        $this->middleware('can:content-import');
+        $this->middleware(Permission::ContentImport->middleware());
      }
  
      /**
diff --git a/app/Exports/Controllers/PageExportApiController.php b/app/Exports/Controllers/PageExportApiController.php

index 73af01afa5217eea5c437bd7bb91c39b55001866..c5b18628924712f48fb93e40ce37ffb4eee8b008 100644 (file)
--- a/app/Exports/Controllers/PageExportApiController.php
+++ b/app/Exports/Controllers/PageExportApiController.php
@@ -6,6 +6,7 @@ use BookStack\Entities\Queries\PageQueries;
  use BookStack\Exports\ExportFormatter;
  use BookStack\Exports\ZipExports\ZipExportBuilder;
  use BookStack\Http\ApiController;
+use BookStack\Permissions\Permission;
  use Throwable;
  
  class PageExportApiController extends ApiController
@@ -14,7 +15,7 @@ class PageExportApiController extends ApiController
          protected ExportFormatter $exportFormatter,
          protected PageQueries $queries,
      ) {
-        $this->middleware('can:content-export');
+        $this->middleware(Permission::ContentExport->middleware());
      }
  
      /**
diff --git a/app/Exports/Controllers/PageExportController.php b/app/Exports/Controllers/PageExportController.php

index 145dce9dd0fc230cc44eee0fc24e01a3c12895c1..9bc79f2475182bf6a48d798ddae9d49e0447e9f1 100644 (file)
--- a/app/Exports/Controllers/PageExportController.php
+++ b/app/Exports/Controllers/PageExportController.php
@@ -8,6 +8,7 @@ use BookStack\Exceptions\NotFoundException;
  use BookStack\Exports\ExportFormatter;
  use BookStack\Exports\ZipExports\ZipExportBuilder;
  use BookStack\Http\Controller;
+use BookStack\Permissions\Permission;
  use Throwable;
  
  class PageExportController extends Controller
@@ -16,7 +17,7 @@ class PageExportController extends Controller
          protected PageQueries $queries,
          protected ExportFormatter $exportFormatter,
      ) {
-        $this->middleware('can:content-export');
+        $this->middleware(Permission::ContentExport->middleware());
          $this->middleware('throttle:exports');
      }
  
diff --git a/app/Exports/ImportRepo.php b/app/Exports/ImportRepo.php

index 896af903a6b1e6c882f81e3965430664c086b000..071fa532cbd1966d34322e45af80a0a39240c811 100644 (file)
--- a/app/Exports/ImportRepo.php
+++ b/app/Exports/ImportRepo.php
@@ -46,7 +46,7 @@ class ImportRepo
      {
          $query = Import::query();
  
-        if (!userCan('settings-manage')) {
+        if (!userCan(\BookStack\Permissions\Permission::SettingsManage)) {
              $query->where('created_by', user()->id);
          }
  
@@ -57,7 +57,7 @@ class ImportRepo
      {
          $query = Import::query();
  
-        if (!userCan('settings-manage')) {
+        if (!userCan(\BookStack\Permissions\Permission::SettingsManage)) {
              $query->where('created_by', user()->id);
          }
  
diff --git a/app/Exports/ZipExports/ZipExportReferences.php b/app/Exports/ZipExports/ZipExportReferences.php

index b21248ffd8c4d5b4e65c37d43cc5ac5835da43d7..621076acc95f1d5985be080ac80792f88152dbb4 100644 (file)
--- a/app/Exports/ZipExports/ZipExportReferences.php
+++ b/app/Exports/ZipExports/ZipExportReferences.php
@@ -135,7 +135,7 @@ class ZipExportReferences
              // Find and include images if in visibility
              $page = $model->getPage();
              $pageExportModel = $this->pages[$page->id] ?? ($exportModel instanceof ZipExportPage ? $exportModel : null);
-            if (isset($this->images[$model->id]) || ($page && $pageExportModel && userCan('view', $page))) {
+            if (isset($this->images[$model->id]) || ($page && $pageExportModel && userCan(\BookStack\Permissions\Permission::View, $page))) {
                  if (!isset($this->images[$model->id])) {
                      $exportImage = ZipExportImage::fromModel($model, $files);
                      $this->images[$model->id] = $exportImage;
diff --git a/app/Exports/ZipExports/ZipImportRunner.php b/app/Exports/ZipExports/ZipImportRunner.php

index d25a1621f6ed17bdd935b26ff772b1193dfdf715..09a946609c812964612cbb128f2aa6ea359f12f0 100644 (file)
--- a/app/Exports/ZipExports/ZipImportRunner.php
+++ b/app/Exports/ZipExports/ZipImportRunner.php
@@ -288,7 +288,7 @@ class ZipImportRunner
          $attachments = [];
  
          if ($exportModel instanceof ZipExportBook) {
-            if (!userCan('book-create-all')) {
+            if (!userCan(\BookStack\Permissions\Permission::BookCreateAll)) {
                  $errors[] = trans('errors.import_perms_books');
              }
              array_push($pages, ...$exportModel->pages);
@@ -317,11 +317,11 @@ class ZipImportRunner
  
          if (count($pages) > 0) {
              if ($parent) {
-                if (!userCan('page-create', $parent)) {
+                if (!userCan(\BookStack\Permissions\Permission::PageCreate, $parent)) {
                      $errors[] = trans('errors.import_perms_pages');
                  }
              } else {
-                $hasPermission = userCan('page-create-all') || userCan('page-create-own');
+                $hasPermission = userCan(\BookStack\Permissions\Permission::PageCreateAll) || userCan(\BookStack\Permissions\Permission::PageCreateOwn);
                  if (!$hasPermission) {
                      $errors[] = trans('errors.import_perms_pages');
                  }
@@ -329,13 +329,13 @@ class ZipImportRunner
          }
  
          if (count($images) > 0) {
-            if (!userCan('image-create-all')) {
+            if (!userCan(\BookStack\Permissions\Permission::ImageCreateAll)) {
                  $errors[] = trans('errors.import_perms_images');
              }
          }
  
          if (count($attachments) > 0) {
-            if (!userCan('attachment-create-all')) {
+            if (!userCan(\BookStack\Permissions\Permission::AttachmentCreateAll)) {
                  $errors[] = trans('errors.import_perms_attachments');
              }
          }
diff --git a/app/Permissions/Permission.php b/app/Permissions/Permission.php

index 492ca262188c6bcc6fb1983e559bbd846a112f2a..a434e54fd615b59e2f65822e7ea273517b200033 100644 (file)
--- a/app/Permissions/Permission.php
+++ b/app/Permissions/Permission.php
@@ -132,4 +132,13 @@ enum Permission: string
              self::Delete,
          ];
      }
+
+    /**
+     * Return the application permission-check middleware-string for this permission.
+     * Uses registered CheckUserHasPermission middleware.
+     */
+    public function middleware(): string
+    {
+        return 'can:' . $this->value;
+    }
  }
diff --git a/app/Sorting/BookSorter.php b/app/Sorting/BookSorter.php

index e627d66fdfeae225333521b52c734522c10fadc1..e1fd17238c060b1802cd37e54ac3a5601abf6841 100644 (file)
--- a/app/Sorting/BookSorter.php
+++ b/app/Sorting/BookSorter.php
@@ -187,11 +187,11 @@ class BookSorter
  
          $hasNewParent = $newBook->id !== $model->book_id || ($model instanceof Page && $model->chapter_id !== ($sortMapItem->parentChapterId ?? 0));
          if ($model instanceof Chapter) {
-            $hasPermission = userCan('book-update', $currentParent)
-                && userCan('book-update', $newBook)
-                && userCan('chapter-update', $model)
-                && (!$hasNewParent || userCan('chapter-create', $newBook))
-                && (!$hasNewParent || userCan('chapter-delete', $model));
+            $hasPermission = userCan(\BookStack\Permissions\Permission::BookUpdate, $currentParent)
+                && userCan(\BookStack\Permissions\Permission::BookUpdate, $newBook)
+                && userCan(\BookStack\Permissions\Permission::ChapterUpdate, $model)
+                && (!$hasNewParent || userCan(\BookStack\Permissions\Permission::ChapterCreate, $newBook))
+                && (!$hasNewParent || userCan(\BookStack\Permissions\Permission::ChapterDelete, $model));
  
              if (!$hasPermission) {
                  return false;
@@ -210,13 +210,13 @@ class BookSorter
                  return false;
              }
  
-            $hasPageEditPermission = userCan('page-update', $model);
+            $hasPageEditPermission = userCan(\BookStack\Permissions\Permission::PageUpdate, $model);
              $newParentInRightLocation = ($newParent instanceof Book || ($newParent instanceof Chapter && $newParent->book_id === $newBook->id));
              $newParentPermission = ($newParent instanceof Chapter) ? 'chapter-update' : 'book-update';
              $hasNewParentPermission = userCan($newParentPermission, $newParent);
  
-            $hasDeletePermissionIfMoving = (!$hasNewParent || userCan('page-delete', $model));
-            $hasCreatePermissionIfMoving = (!$hasNewParent || userCan('page-create', $newParent));
+            $hasDeletePermissionIfMoving = (!$hasNewParent || userCan(\BookStack\Permissions\Permission::PageDelete, $model));
+            $hasCreatePermissionIfMoving = (!$hasNewParent || userCan(\BookStack\Permissions\Permission::PageCreate, $newParent));
  
              $hasPermission = $hasCurrentParentPermission
                  && $newParentInRightLocation
diff --git a/app/Sorting/SortRuleController.php b/app/Sorting/SortRuleController.php

index a124ffa9c460a75cc4c5fbc331e8d614f630866d..bb5540a2a5039f3a11c0713000093db67f7bd7d0 100644 (file)
--- a/app/Sorting/SortRuleController.php
+++ b/app/Sorting/SortRuleController.php
@@ -4,13 +4,14 @@ namespace BookStack\Sorting;
  
  use BookStack\Activity\ActivityType;
  use BookStack\Http\Controller;
+use BookStack\Permissions\Permission;
  use Illuminate\Http\Request;
  
  class SortRuleController extends Controller
  {
      public function __construct()
      {
-        $this->middleware('can:settings-manage');
+        $this->middleware(Permission::SettingsManage->middleware());
      }
  
      public function create()
diff --git a/app/Uploads/Controllers/DrawioImageController.php b/app/Uploads/Controllers/DrawioImageController.php

index aff27b3b14158817c1eb96cf0b70245262660d11..c9b49b8909fddccef1f4d7c82a107edac7afdc08 100644 (file)
--- a/app/Uploads/Controllers/DrawioImageController.php
+++ b/app/Uploads/Controllers/DrawioImageController.php
@@ -82,7 +82,7 @@ class DrawioImageController extends Controller
              return $this->jsonError(trans('errors.drawing_data_not_found'), 404);
          }
  
-        if ($image->type !== 'drawio' || !userCan('page-view', $image->getPage())) {
+        if ($image->type !== 'drawio' || !userCan(\BookStack\Permissions\Permission::PageView, $image->getPage())) {
              return $this->jsonError(trans('errors.drawing_data_not_found'), 404);
          }
  
diff --git a/app/Users/Controllers/UserAccountController.php b/app/Users/Controllers/UserAccountController.php

index 54ca69c5d389e039ecbc21d4d534a28a69d3f40d..07e384b3a88e4acf2cc9306f3c5e28b79105f8da 100644 (file)
--- a/app/Users/Controllers/UserAccountController.php
+++ b/app/Users/Controllers/UserAccountController.php
@@ -63,7 +63,7 @@ class UserAccountController extends Controller
              'profile_image'    => array_merge(['nullable'], $this->getImageValidationRules()),
          ]);
  
-        $this->userRepo->update($user, $validated, userCan('users-manage'));
+        $this->userRepo->update($user, $validated, userCan(\BookStack\Permissions\Permission::UsersManage));
  
          // Save profile image if in request
          if ($request->hasFile('profile_image')) {
@@ -219,7 +219,7 @@ class UserAccountController extends Controller
          $this->preventAccessInDemoMode();
  
          $requestNewOwnerId = intval($request->get('new_owner_id')) ?: null;
-        $newOwnerId = userCan('users-manage') ? $requestNewOwnerId : null;
+        $newOwnerId = userCan(\BookStack\Permissions\Permission::UsersManage) ? $requestNewOwnerId : null;
  
          $this->userRepo->destroy(user(), $newOwnerId);
  
diff --git a/app/Users/Controllers/UserApiController.php b/app/Users/Controllers/UserApiController.php

index 1efc825005a6e0593523b93722f7d6fee301bdd0..28c4a387619de7d5ef2e118f21f6828d8e303843 100644 (file)
--- a/app/Users/Controllers/UserApiController.php
+++ b/app/Users/Controllers/UserApiController.php
@@ -125,7 +125,7 @@ class UserApiController extends ApiController
      {
          $data = $this->validate($request, $this->rules($id)['update']);
          $user = $this->userRepo->getById($id);
-        $this->userRepo->update($user, $data, userCan('users-manage'));
+        $this->userRepo->update($user, $data, userCan(\BookStack\Permissions\Permission::UsersManage));
          $this->singleFormatter($user);
  
          return response()->json($user);
diff --git a/app/Users/Controllers/UserSearchController.php b/app/Users/Controllers/UserSearchController.php

index b6f37bce08b1f3daea32e13a3ba45b634a50f34f..a6596046a102fdee9596ccadbf042f81cf1b187a 100644 (file)
--- a/app/Users/Controllers/UserSearchController.php
+++ b/app/Users/Controllers/UserSearchController.php
@@ -15,9 +15,9 @@ class UserSearchController extends Controller
      public function forSelect(Request $request)
      {
          $hasPermission = !user()->isGuest() && (
-            userCan('users-manage')
-                || userCan('restrictions-manage-own')
-                || userCan('restrictions-manage-all')
+            userCan(\BookStack\Permissions\Permission::UsersManage)
+                || userCan(\BookStack\Permissions\Permission::RestrictionsManageOwn)
+                || userCan(\BookStack\Permissions\Permission::RestrictionsManageAll)
          );
  
          if (!$hasPermission) {
diff --git a/resources/views/attachments/manager-list.blade.php b/resources/views/attachments/manager-list.blade.php

index 6314aa7b5d714c3293a7b6430bfacc793fa5e8e1..10ede4aae25ac7ebd47c7189f809f3741c230213 100644 (file)
--- a/resources/views/attachments/manager-list.blade.php
+++ b/resources/views/attachments/manager-list.blade.php
@@ -16,7 +16,7 @@
                          type="button"
                          title="{{ trans('entities.attachments_insert_link') }}"
                          class="drag-card-action text-center text-link">@icon('link')</button>
-                @if(userCan('attachment-update', $attachment))
+                @if(userCan(\BookStack\Permissions\Permission::AttachmentUpdate, $attachment))
                      <button component="event-emit-select"
                              option:event-emit-select:name="edit"
                              option:event-emit-select:id="{{ $attachment->id }}"
@@ -24,7 +24,7 @@
                              title="{{ trans('common.edit') }}"
                              class="drag-card-action text-center text-link">@icon('edit')</button>
                  @endif
-                @if(userCan('attachment-delete', $attachment))
+                @if(userCan(\BookStack\Permissions\Permission::AttachmentDelete, $attachment))
                      <div component="dropdown" class="flex-fill relative">
                          <button refs="dropdown@toggle"
                                  type="button"
diff --git a/resources/views/books/edit.blade.php b/resources/views/books/edit.blade.php

index 6efd1caea9249447152c59d2062c54ea5adb1e36..7f2c8c1b7db1bf36cc70ddc9674f6f078e9f5e53 100644 (file)
--- a/resources/views/books/edit.blade.php
+++ b/resources/views/books/edit.blade.php
@@ -26,7 +26,7 @@
          </main>
  
  
-        @if(userCan('book-delete', $book) && userCan('book-create-all') && userCan('bookshelf-create-all'))
+        @if(userCan(\BookStack\Permissions\Permission::BookDelete, $book) && userCan(\BookStack\Permissions\Permission::BookCreateAll) && userCan(\BookStack\Permissions\Permission::BookshelfCreateAll))
              @include('books.parts.convert-to-shelf', ['book' => $book])
          @endif
      </div>
diff --git a/resources/views/books/index.blade.php b/resources/views/books/index.blade.php

index 197de011d0133c2de553cd993b9387b05da60611..52d23241a6f766901bbc2f74cb9518febda2873d 100644 (file)
--- a/resources/views/books/index.blade.php
+++ b/resources/views/books/index.blade.php
@@ -36,7 +36,7 @@
      <div class="actions mb-xl">
          <h5>{{ trans('common.actions') }}</h5>
          <div class="icon-list text-link">
-            @if(userCan('book-create-all'))
+            @if(userCan(\BookStack\Permissions\Permission::BookCreateAll))
                  <a href="{{ url("/create-book") }}" data-shortcut="new" class="icon-list-item">
                      <span>@icon('add')</span>
                      <span>{{ trans('entities.books_create') }}</span>
@@ -50,7 +50,7 @@
                  <span>{{ trans('entities.tags_view_tags') }}</span>
              </a>
  
-            @if(userCan('content-import'))
+            @if(userCan(\BookStack\Permissions\Permission::ContentImport))
                  <a href="{{ url('/import') }}" class="icon-list-item">
                      <span>@icon('upload')</span>
                      <span>{{ trans('entities.import') }}</span>
diff --git a/resources/views/books/parts/list.blade.php b/resources/views/books/parts/list.blade.php

index 8b658c711a13ca0c016c7ad50679bede0c875b78..13784d24e8d47ccaf162ce2f1a0377e0cf63331d 100644 (file)
--- a/resources/views/books/parts/list.blade.php
+++ b/resources/views/books/parts/list.blade.php
@@ -24,7 +24,7 @@
          </div>
      @else
          <p class="text-muted">{{ trans('entities.books_empty') }}</p>
-        @if(userCan('book-create-all'))
+        @if(userCan(\BookStack\Permissions\Permission::BookCreateAll))
              <div class="icon-list block inline">
                  <a href="{{ url("/create-book") }}"
                     class="icon-list-item text-book">
diff --git a/resources/views/books/show.blade.php b/resources/views/books/show.blade.php

index dbb09fc9e877eb1e51513dd0640087dcb4c40947..e28d9564829d1d3d98dd52bc0336b123b286b967 100644 (file)
--- a/resources/views/books/show.blade.php
+++ b/resources/views/books/show.blade.php
@@ -43,13 +43,13 @@
                      <p class="text-muted italic mb-m mt-xl">{{ trans('entities.books_empty_contents') }}</p>
  
                      <div class="icon-list block inline">
-                        @if(userCan('page-create', $book))
+                        @if(userCan(\BookStack\Permissions\Permission::PageCreate, $book))
                              <a href="{{ $book->getUrl('/create-page') }}" class="icon-list-item text-page">
                                  <span class="icon">@icon('page')</span>
                                  <span>{{ trans('entities.books_empty_create_page') }}</span>
                              </a>
                          @endif
-                        @if(userCan('chapter-create', $book))
+                        @if(userCan(\BookStack\Permissions\Permission::ChapterCreate, $book))
                              <a href="{{ $book->getUrl('/create-chapter') }}" class="icon-list-item text-chapter">
                                  <span class="icon">@icon('chapter')</span>
                                  <span>{{ trans('entities.books_empty_add_chapter') }}</span>
@@ -73,7 +73,7 @@
              @include('entities.meta', ['entity' => $book, 'watchOptions' => $watchOptions])
              @if($book->hasPermissions())
                  <div class="active-restriction">
-                    @if(userCan('restrictions-manage', $book))
+                    @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $book))
                          <a href="{{ $book->getUrl('/permissions') }}" class="entity-meta-item">
                              @icon('lock')
                              <div>{{ trans('entities.books_permissions_active') }}</div>
@@ -93,13 +93,13 @@
          <h5>{{ trans('common.actions') }}</h5>
          <div class="icon-list text-link">
  
-            @if(userCan('page-create', $book))
+            @if(userCan(\BookStack\Permissions\Permission::PageCreate, $book))
                  <a href="{{ $book->getUrl('/create-page') }}" data-shortcut="new" class="icon-list-item">
                      <span>@icon('add')</span>
                      <span>{{ trans('entities.pages_new') }}</span>
                  </a>
              @endif
-            @if(userCan('chapter-create', $book))
+            @if(userCan(\BookStack\Permissions\Permission::ChapterCreate, $book))
                  <a href="{{ $book->getUrl('/create-chapter') }}" data-shortcut="new" class="icon-list-item">
                      <span>@icon('add')</span>
                      <span>{{ trans('entities.chapters_new') }}</span>
@@ -108,7 +108,7 @@
  
              <hr class="primary-background">
  
-            @if(userCan('book-update', $book))
+            @if(userCan(\BookStack\Permissions\Permission::BookUpdate, $book))
                  <a href="{{ $book->getUrl('/edit') }}" data-shortcut="edit" class="icon-list-item">
                      <span>@icon('edit')</span>
                      <span>{{ trans('common.edit') }}</span>
@@ -118,19 +118,19 @@
                      <span>{{ trans('common.sort') }}</span>
                  </a>
              @endif
-            @if(userCan('book-create-all'))
+            @if(userCan(\BookStack\Permissions\Permission::BookCreateAll))
                  <a href="{{ $book->getUrl('/copy') }}" data-shortcut="copy" class="icon-list-item">
                      <span>@icon('copy')</span>
                      <span>{{ trans('common.copy') }}</span>
                  </a>
              @endif
-            @if(userCan('restrictions-manage', $book))
+            @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $book))
                  <a href="{{ $book->getUrl('/permissions') }}" data-shortcut="permissions" class="icon-list-item">
                      <span>@icon('lock')</span>
                      <span>{{ trans('entities.permissions') }}</span>
                  </a>
              @endif
-            @if(userCan('book-delete', $book))
+            @if(userCan(\BookStack\Permissions\Permission::BookDelete, $book))
                  <a href="{{ $book->getUrl('/delete') }}" data-shortcut="delete" class="icon-list-item">
                      <span>@icon('delete')</span>
                      <span>{{ trans('common.delete') }}</span>
@@ -145,7 +145,7 @@
              @if(!user()->isGuest())
                  @include('entities.favourite-action', ['entity' => $book])
              @endif
-            @if(userCan('content-export'))
+            @if(userCan(\BookStack\Permissions\Permission::ContentExport))
                  @include('entities.export-menu', ['entity' => $book])
              @endif
          </div>
diff --git a/resources/views/chapters/edit.blade.php b/resources/views/chapters/edit.blade.php

index 36058eff83bb090428133cb1a13744f5e6fa7646..5ace966f584f1a42dfff5261bf00627bf166ef43 100644 (file)
--- a/resources/views/chapters/edit.blade.php
+++ b/resources/views/chapters/edit.blade.php
@@ -23,7 +23,7 @@
              </form>
          </main>
  
-        @if(userCan('chapter-delete', $chapter) && userCan('book-create-all'))
+        @if(userCan(\BookStack\Permissions\Permission::ChapterDelete, $chapter) && userCan(\BookStack\Permissions\Permission::BookCreateAll))
              @include('chapters.parts.convert-to-book')
          @endif
  
diff --git a/resources/views/chapters/show.blade.php b/resources/views/chapters/show.blade.php

index 45e43ad96a91dda5862e8f26d422e0d129ed5c6d..da914b32d2139acb6aedd202aa597d68e7c9057d 100644 (file)
--- a/resources/views/chapters/show.blade.php
+++ b/resources/views/chapters/show.blade.php
@@ -37,13 +37,13 @@
                      <p class="text-muted italic mb-m mt-xl">{{ trans('entities.chapters_empty') }}</p>
  
                      <div class="icon-list block inline">
-                        @if(userCan('page-create', $chapter))
+                        @if(userCan(\BookStack\Permissions\Permission::PageCreate, $chapter))
                              <a href="{{ $chapter->getUrl('/create-page') }}" class="icon-list-item text-page">
                                  <span class="icon">@icon('page')</span>
                                  <span>{{ trans('entities.books_empty_create_page') }}</span>
                              </a>
                          @endif
-                        @if(userCan('book-update', $book))
+                        @if(userCan(\BookStack\Permissions\Permission::BookUpdate, $book))
                              <a href="{{ $book->getUrl('/sort') }}" class="icon-list-item text-book">
                                  <span class="icon">@icon('book')</span>
                                  <span>{{ trans('entities.books_empty_sort_current_book') }}</span>
@@ -71,7 +71,7 @@
  
              @if($book->hasPermissions())
                  <div class="active-restriction">
-                    @if(userCan('restrictions-manage', $book))
+                    @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $book))
                          <a href="{{ $book->getUrl('/permissions') }}" class="entity-meta-item">
                              @icon('lock')
                              <div>{{ trans('entities.books_permissions_active') }}</div>
@@ -87,7 +87,7 @@
  
              @if($chapter->hasPermissions())
                  <div class="active-restriction">
-                    @if(userCan('restrictions-manage', $chapter))
+                    @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $chapter))
                          <a href="{{ $chapter->getUrl('/permissions') }}" class="entity-meta-item">
                              @icon('lock')
                              <div>{{ trans('entities.chapters_permissions_active') }}</div>
@@ -107,7 +107,7 @@
          <h5>{{ trans('common.actions') }}</h5>
          <div class="icon-list text-link">
  
-            @if(userCan('page-create', $chapter))
+            @if(userCan(\BookStack\Permissions\Permission::PageCreate, $chapter))
                  <a href="{{ $chapter->getUrl('/create-page') }}" data-shortcut="new" class="icon-list-item">
                      <span>@icon('add')</span>
                      <span>{{ trans('entities.pages_new') }}</span>
@@ -116,38 +116,38 @@
  
              <hr class="primary-background"/>
  
-            @if(userCan('chapter-update', $chapter))
+            @if(userCan(\BookStack\Permissions\Permission::ChapterUpdate, $chapter))
                  <a href="{{ $chapter->getUrl('/edit') }}" data-shortcut="edit" class="icon-list-item">
                      <span>@icon('edit')</span>
                      <span>{{ trans('common.edit') }}</span>
                  </a>
              @endif
-            @if(userCanOnAny('create', \BookStack\Entities\Models\Book::class) || userCan('chapter-create-all') || userCan('chapter-create-own'))
+            @if(userCanOnAny(\BookStack\Permissions\Permission::Create, \BookStack\Entities\Models\Book::class) || userCan(\BookStack\Permissions\Permission::ChapterCreateAll) || userCan(\BookStack\Permissions\Permission::ChapterCreateOwn))
                  <a href="{{ $chapter->getUrl('/copy') }}" data-shortcut="copy" class="icon-list-item">
                      <span>@icon('copy')</span>
                      <span>{{ trans('common.copy') }}</span>
                  </a>
              @endif
-            @if(userCan('chapter-update', $chapter) && userCan('chapter-delete', $chapter))
+            @if(userCan(\BookStack\Permissions\Permission::ChapterUpdate, $chapter) && userCan(\BookStack\Permissions\Permission::ChapterDelete, $chapter))
                  <a href="{{ $chapter->getUrl('/move') }}" data-shortcut="move" class="icon-list-item">
                      <span>@icon('folder')</span>
                      <span>{{ trans('common.move') }}</span>
                  </a>
              @endif
-            @if(userCan('restrictions-manage', $chapter))
+            @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $chapter))
                  <a href="{{ $chapter->getUrl('/permissions') }}" data-shortcut="permissions" class="icon-list-item">
                      <span>@icon('lock')</span>
                      <span>{{ trans('entities.permissions') }}</span>
                  </a>
              @endif
-            @if(userCan('chapter-delete', $chapter))
+            @if(userCan(\BookStack\Permissions\Permission::ChapterDelete, $chapter))
                  <a href="{{ $chapter->getUrl('/delete') }}" data-shortcut="delete" class="icon-list-item">
                      <span>@icon('delete')</span>
                      <span>{{ trans('common.delete') }}</span>
                  </a>
              @endif
  
-            @if($chapter->book && userCan('book-update', $chapter->book))
+            @if($chapter->book && userCan(\BookStack\Permissions\Permission::BookUpdate, $chapter->book))
                  <hr class="primary-background"/>
                  <a href="{{ $chapter->book->getUrl('/sort') }}" data-shortcut="sort" class="icon-list-item">
                      <span>@icon('sort')</span>
@@ -163,7 +163,7 @@
              @if(!user()->isGuest())
                  @include('entities.favourite-action', ['entity' => $chapter])
              @endif
-            @if(userCan('content-export'))
+            @if(userCan(\BookStack\Permissions\Permission::ContentExport))
                  @include('entities.export-menu', ['entity' => $chapter])
              @endif
          </div>
diff --git a/resources/views/comments/comment.blade.php b/resources/views/comments/comment.blade.php

index 67aac7203571366b5b51293486904b233b541e8b..10cd02035fdbb721a7cc34c8cf01989b777084e3 100644 (file)
--- a/resources/views/comments/comment.blade.php
+++ b/resources/views/comments/comment.blade.php
@@ -33,23 +33,23 @@
                  @endif
              </div>
              <div class="right-meta flex-container-row justify-flex-end items-center px-s">
-                @if(!$readOnly && (userCan('comment-create-all') || userCan('comment-update', $comment) || userCan('comment-delete', $comment)))
+                @if(!$readOnly && (userCan(\BookStack\Permissions\Permission::CommentCreateAll) || userCan(\BookStack\Permissions\Permission::CommentUpdate, $comment) || userCan(\BookStack\Permissions\Permission::CommentDelete, $comment)))
                      <div class="actions mr-s">
-                        @if(userCan('comment-create-all'))
+                        @if(userCan(\BookStack\Permissions\Permission::CommentCreateAll))
                              <button refs="page-comment@reply-button" type="button"
                                      class="text-button text-muted hover-underline text-small p-xs">@icon('reply') {{ trans('common.reply') }}</button>
                          @endif
-                        @if(!$comment->parent_id && (userCan('comment-update', $comment) || userCan('comment-delete', $comment)))
+                        @if(!$comment->parent_id && (userCan(\BookStack\Permissions\Permission::CommentUpdate, $comment) || userCan(\BookStack\Permissions\Permission::CommentDelete, $comment)))
                              <button refs="page-comment@archive-button"
                                      type="button"
                                      data-is-archived="{{ $comment->archived ? 'true' : 'false' }}"
                                      class="text-button text-muted hover-underline text-small p-xs">@icon('archive') {{ trans('common.' . ($comment->archived ? 'unarchive' : 'archive')) }}</button>
                          @endif
-                        @if(userCan('comment-update', $comment))
+                        @if(userCan(\BookStack\Permissions\Permission::CommentUpdate, $comment))
                              <button refs="page-comment@edit-button" type="button"
                                      class="text-button text-muted hover-underline text-small p-xs">@icon('edit') {{ trans('common.edit') }}</button>
                          @endif
-                        @if(userCan('comment-delete', $comment))
+                        @if(userCan(\BookStack\Permissions\Permission::CommentDelete, $comment))
                              <div component="dropdown" class="dropdown-container">
                                  <button type="button" refs="dropdown@toggle" aria-haspopup="true" aria-expanded="false"
                                          class="text-button text-muted hover-underline text-small p-xs">@icon('delete') {{ trans('common.delete') }}</button>
@@ -100,7 +100,7 @@
          {!! $commentHtml  !!}
      </div>
  
-    @if(!$readOnly && userCan('comment-update', $comment))
+    @if(!$readOnly && userCan(\BookStack\Permissions\Permission::CommentUpdate, $comment))
          <form novalidate refs="page-comment@form" hidden class="content pt-s px-s block">
              <div class="form-group description-input">
                  <textarea refs="page-comment@input" name="html" rows="3"
diff --git a/resources/views/comments/comments.blade.php b/resources/views/comments/comments.blade.php

index a5f0168a5c8a95a5f4db3b695992703712928e91..9dc0a9b8982d04f267563b1fc5bdf32e2fc01708 100644 (file)
--- a/resources/views/comments/comments.blade.php
+++ b/resources/views/comments/comments.blade.php
@@ -22,7 +22,7 @@
                      refs="page-comments@archived-tab"
                      aria-selected="false">{{ trans_choice('entities.comment_archived_count', count($commentTree->getArchived())) }}</button>
          </div>
-        @if ($commentTree->empty() && userCan('comment-create-all'))
+        @if ($commentTree->empty() && userCan(\BookStack\Permissions\Permission::CommentCreateAll))
              <div refs="page-comments@add-button-container" class="ml-m flex-container-row" >
                  <button type="button"
                          refs="page-comments@add-comment-button"
@@ -45,7 +45,7 @@
  
          <p class="text-center text-muted italic empty-state">{{ trans('entities.comment_none') }}</p>
  
-        @if(userCan('comment-create-all'))
+        @if(userCan(\BookStack\Permissions\Permission::CommentCreateAll))
              @include('comments.create')
              @if (!$commentTree->empty())
                  <div refs="page-comments@addButtonContainer" class="ml-m flex-container-row">
@@ -70,7 +70,7 @@
              <p class="text-center text-muted italic empty-state">{{ trans('entities.comment_none') }}</p>
      </div>
  
-    @if(userCan('comment-create-all') || $commentTree->canUpdateAny())
+    @if(userCan(\BookStack\Permissions\Permission::CommentCreateAll) || $commentTree->canUpdateAny())
          @push('body-end')
              @include('form.editor-translations')
              @include('entities.selector-popup')
diff --git a/resources/views/entities/book-tree.blade.php b/resources/views/entities/book-tree.blade.php

index ce016143a30bbc645f2784db5e62b89fcac2f6d0..bcc52130671d36bdd67ff7c55d8533ef193e7b4f 100644 (file)
--- a/resources/views/entities/book-tree.blade.php
+++ b/resources/views/entities/book-tree.blade.php
@@ -5,7 +5,7 @@
      <h5>{{ trans('entities.books_navigation') }}</h5>
  
      <ul class="sidebar-page-list mt-xs menu entity-list">
-        @if (userCan('view', $book))
+        @if (userCan(\BookStack\Permissions\Permission::View, $book))
              <li class="list-item-book book">
                  @include('entities.list-item-basic', ['entity' => $book, 'classes' => ($current->matches($book)? 'selected' : '')])
              </li>
diff --git a/resources/views/entities/breadcrumbs.blade.php b/resources/views/entities/breadcrumbs.blade.php

index d078d987322a255726ef3e4052e12bf6a0b32770..825909947a3a1032ba4fa587589ed5d12f7da396 100644 (file)
--- a/resources/views/entities/breadcrumbs.blade.php
+++ b/resources/views/entities/breadcrumbs.blade.php
@@ -38,7 +38,7 @@
                  <span>@icon($crumb['icon'])</span>
                  <span>{{ $crumb['text'] }}</span>
              </a>
-        @elseif($isEntity && userCan('view', $crumb))
+        @elseif($isEntity && userCan(\BookStack\Permissions\Permission::View, $crumb))
              @if($breadcrumbCount > 0)
                  @include('entities.breadcrumb-listing', ['entity' => $crumb])
              @endif
diff --git a/resources/views/home/books.blade.php b/resources/views/home/books.blade.php

index e0d2aeb1cc9f4616143e9b8c1db617637fddbc31..afd3f30fce26a03e1e6d615337b0cbacbedfb48f 100644 (file)
--- a/resources/views/home/books.blade.php
+++ b/resources/views/home/books.blade.php
@@ -12,7 +12,7 @@
      <div class="actions mb-xl">
          <h5>{{ trans('common.actions') }}</h5>
          <div class="icon-list text-link">
-            @if(userCan('book-create-all'))
+            @if(userCan(\BookStack\Permissions\Permission::BookCreateAll))
                  <a href="{{ url("/create-book") }}" class="icon-list-item">
                      <span>@icon('add')</span>
                      <span>{{ trans('entities.books_create') }}</span>
diff --git a/resources/views/home/shelves.blade.php b/resources/views/home/shelves.blade.php

index dd2c81b1616f877ec2e1207d70bc1dd12ca95f66..7a4d002a0acdbb7185e5da61ee5cdd8993358ebe 100644 (file)
--- a/resources/views/home/shelves.blade.php
+++ b/resources/views/home/shelves.blade.php
@@ -12,7 +12,7 @@
      <div class="actions mb-xl">
          <h5>{{ trans('common.actions') }}</h5>
          <div class="icon-list text-link">
-            @if(userCan('bookshelf-create-all'))
+            @if(userCan(\BookStack\Permissions\Permission::BookshelfCreateAll))
                  <a href="{{ url("/create-shelf") }}" class="icon-list-item">
                      <span>@icon('add')</span>
                      <span>{{ trans('entities.shelves_new_action') }}</span>
diff --git a/resources/views/layouts/parts/header-links.blade.php b/resources/views/layouts/parts/header-links.blade.php

index 697f406c30e51d2651416b746e7af2643557a3bf..c3d2f58da1770946be3fd83f7a6f55c248594501 100644 (file)
--- a/resources/views/layouts/parts/header-links.blade.php
+++ b/resources/views/layouts/parts/header-links.blade.php
@@ -2,16 +2,16 @@
  
  @if (user()->hasAppAccess())
      <a class="hide-over-l" href="{{ url('/search') }}">@icon('search'){{ trans('common.search') }}</a>
-    @if(userCanOnAny('view', \BookStack\Entities\Models\Bookshelf::class) || userCan('bookshelf-view-all') || userCan('bookshelf-view-own'))
+    @if(userCanOnAny(\BookStack\Permissions\Permission::View, \BookStack\Entities\Models\Bookshelf::class) || userCan(\BookStack\Permissions\Permission::BookshelfViewAll) || userCan(\BookStack\Permissions\Permission::BookshelfViewOwn))
          <a href="{{ url('/shelves') }}"
             data-shortcut="shelves_view">@icon('bookshelf'){{ trans('entities.shelves') }}</a>
      @endif
      <a href="{{ url('/books') }}" data-shortcut="books_view">@icon('books'){{ trans('entities.books') }}</a>
-    @if(!user()->isGuest() && userCan('settings-manage'))
+    @if(!user()->isGuest() && userCan(\BookStack\Permissions\Permission::SettingsManage))
          <a href="{{ url('/settings') }}"
             data-shortcut="settings_view">@icon('settings'){{ trans('settings.settings') }}</a>
      @endif
-    @if(!user()->isGuest() && userCan('users-manage') && !userCan('settings-manage'))
+    @if(!user()->isGuest() && userCan(\BookStack\Permissions\Permission::UsersManage) && !userCan(\BookStack\Permissions\Permission::SettingsManage))
          <a href="{{ url('/settings/users') }}"
             data-shortcut="settings_view">@icon('users'){{ trans('settings.users') }}</a>
      @endif
diff --git a/resources/views/pages/parts/editor-toolbar.blade.php b/resources/views/pages/parts/editor-toolbar.blade.php

index ceb5dd64a7edd5b9159bbd2b17c014f871ab82b0..a3ea58374d991799b87533802e5488357ea883ae 100644 (file)
--- a/resources/views/pages/parts/editor-toolbar.blade.php
+++ b/resources/views/pages/parts/editor-toolbar.blade.php
@@ -50,7 +50,7 @@
                          <div>{{ trans('entities.pages_edit_delete_draft') }}</div>
                      </button>
                  </li>
-                @if(userCan('editor-change'))
+                @if(userCan(\BookStack\Permissions\Permission::EditorChange))
                      <li role="presentation">
                          <hr>
                      </li>
diff --git a/resources/views/pages/parts/editor-toolbox.blade.php b/resources/views/pages/parts/editor-toolbox.blade.php

index 4ecac26a58903da5a16b33bef15dba5a4a507d90..8b7a68a9aa78a9e6767f4d2a417549e9ed6ed2da 100644 (file)
--- a/resources/views/pages/parts/editor-toolbox.blade.php
+++ b/resources/views/pages/parts/editor-toolbox.blade.php
@@ -4,7 +4,7 @@
          <div class="tabs-inner flex-container-column justify-center">
              <button type="button" refs="editor-toolbox@toggle" title="{{ trans('entities.toggle_sidebar') }}" aria-expanded="false" class="toolbox-toggle">@icon('caret-left-circle')</button>
              <button type="button" refs="editor-toolbox@tab-button" data-tab="tags" title="{{ trans('entities.page_tags') }}" class="active">@icon('tag')</button>
-            @if(userCan('attachment-create-all'))
+            @if(userCan(\BookStack\Permissions\Permission::AttachmentCreateAll))
                  <button type="button" refs="editor-toolbox@tab-button" data-tab="files" title="{{ trans('entities.attachments') }}">@icon('attach')</button>
              @endif
              <button type="button" refs="editor-toolbox@tab-button" data-tab="templates" title="{{ trans('entities.templates') }}">@icon('template')</button>
@@ -21,7 +21,7 @@
          </div>
      </div>
  
-    @if(userCan('attachment-create-all'))
+    @if(userCan(\BookStack\Permissions\Permission::AttachmentCreateAll))
          @include('attachments.manager', ['page' => $page])
      @endif
  
diff --git a/resources/views/pages/parts/image-manager-form.blade.php b/resources/views/pages/parts/image-manager-form.blade.php

index 452a0aaa1663cda0e6165ee90642fc75419bf4ef..2850caba9f314a92ebd8fcbb6883bd9ca9c86fec 100644 (file)
--- a/resources/views/pages/parts/image-manager-form.blade.php
+++ b/resources/views/pages/parts/image-manager-form.blade.php
@@ -38,17 +38,17 @@
              <input id="name" class="input-base" type="text" name="name" value="{{ $image->name }}">
          </div>
          <div class="flex-container-row justify-space-between gap-m">
-            @if(userCan('image-delete', $image) || userCan('image-update', $image))
+            @if(userCan(\BookStack\Permissions\Permission::ImageDelete, $image) || userCan(\BookStack\Permissions\Permission::ImageUpdate, $image))
                  <div component="dropdown"
                       class="dropdown-container">
                      <button refs="dropdown@toggle" type="button" class="button icon outline">@icon('more')</button>
                      <div refs="dropdown@menu" class="dropdown-menu anchor-left">
-                        @if(userCan('image-delete', $image))
+                        @if(userCan(\BookStack\Permissions\Permission::ImageDelete, $image))
                              <button type="button"
                                      id="image-manager-delete"
                                      class="text-item">{{ trans('common.delete') }}</button>
                          @endif
-                        @if(userCan('image-update', $image))
+                        @if(userCan(\BookStack\Permissions\Permission::ImageUpdate, $image))
                              <button type="button"
                                      id="image-manager-replace"
                                      refs="dropzone@select-button"
@@ -105,7 +105,7 @@
          @if($image->createdBy)
              <div>@icon('user') {{ trans('components.image_uploaded_by', ['userName' => $image->createdBy->name]) }}</div>
          @endif
-        @if(($page = $image->getPage()) && userCan('view', $page))
+        @if(($page = $image->getPage()) && userCan(\BookStack\Permissions\Permission::View, $page))
              <div>
                  @icon('page')
                  {!! trans('components.image_uploaded_to', [
diff --git a/resources/views/pages/parts/pointer.blade.php b/resources/views/pages/parts/pointer.blade.php

index f6487b66600d4c6051b68ec99d38912fa99fedad..6a40c86f02b17735462b3771de6d432f15866b90 100644 (file)
--- a/resources/views/pages/parts/pointer.blade.php
+++ b/resources/views/pages/parts/pointer.blade.php
@@ -26,11 +26,11 @@
                  </div>
              </div>
              <div>
-                @if(userCan('page-update', $page))
+                @if(userCan(\BookStack\Permissions\Permission::PageUpdate, $page))
                      <a href="{{ $page->getUrl('/edit') }}" id="pointer-edit" data-edit-href="{{ $page->getUrl('/edit') }}"
                         class="button primary outline icon heading-edit-icon px-xs" title="{{ trans('entities.pages_edit_content_link')}}">@icon('edit')</a>
                  @endif
-                @if($commentTree->enabled() && userCan('comment-create-all'))
+                @if($commentTree->enabled() && userCan(\BookStack\Permissions\Permission::CommentCreateAll))
                      <button type="button"
                              refs="pointer@comment-button"
                              class="button primary outline icon px-xs m-none" title="{{ trans('entities.comment_add')}}">@icon('comment')</button>
diff --git a/resources/views/pages/parts/revisions-index-row.blade.php b/resources/views/pages/parts/revisions-index-row.blade.php

index 19b924763c366dcaace83792c825e17c0dda4e90..749cfb763e7aa793b77340f661246c619074d285 100644 (file)
--- a/resources/views/pages/parts/revisions-index-row.blade.php
+++ b/resources/views/pages/parts/revisions-index-row.blade.php
@@ -38,7 +38,7 @@
          @else
              <a href="{{ $revision->getUrl() }}" target="_blank" rel="noopener">{{ trans('entities.pages_revisions_preview') }}</a>
  
-            @if(userCan('page-update', $revision->page))
+            @if(userCan(\BookStack\Permissions\Permission::PageUpdate, $revision->page))
                  <span class="text-muted opacity-70">&nbsp;|&nbsp;</span>
                  <div component="dropdown" class="dropdown-container">
                      <a refs="dropdown@toggle" href="#" aria-haspopup="true" aria-expanded="false">{{ trans('entities.pages_revisions_restore') }}</a>
@@ -58,7 +58,7 @@
                  </div>
              @endif
  
-            @if(userCan('page-delete', $revision->page))
+            @if(userCan(\BookStack\Permissions\Permission::PageDelete, $revision->page))
                  <span class="text-muted opacity-70">&nbsp;|&nbsp;</span>
                  <div component="dropdown" class="dropdown-container">
                      <a refs="dropdown@toggle" href="#" aria-haspopup="true" aria-expanded="false">{{ trans('common.delete') }}</a>
diff --git a/resources/views/pages/parts/template-manager.blade.php b/resources/views/pages/parts/template-manager.blade.php

index ee4467552e4bf54c70c606b198372932e9edb36a..fffc81b56e1cef1aca5417364e36f5dae6d158f8 100644 (file)
--- a/resources/views/pages/parts/template-manager.blade.php
+++ b/resources/views/pages/parts/template-manager.blade.php
@@ -1,5 +1,5 @@
  <div component="template-manager">
-    @if(userCan('templates-manage'))
+    @if(userCan(\BookStack\Permissions\Permission::TemplatesManage))
          <p class="text-muted small mb-none">
              {{ trans('entities.templates_explain_set_as_template') }}
          </p>
diff --git a/resources/views/pages/show.blade.php b/resources/views/pages/show.blade.php

index 137d43bdb1af376794963266d216864e8e92633b..2216cfd1f9c699354cfa062ed70025dbf3f02afc 100644 (file)
--- a/resources/views/pages/show.blade.php
+++ b/resources/views/pages/show.blade.php
@@ -79,7 +79,7 @@
  
              @if($book->hasPermissions())
                  <div class="active-restriction">
-                    @if(userCan('restrictions-manage', $book))
+                    @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $book))
                          <a href="{{ $book->getUrl('/permissions') }}" class="entity-meta-item">
                              @icon('lock')
                              <div>{{ trans('entities.books_permissions_active') }}</div>
@@ -95,7 +95,7 @@
  
              @if($page->chapter && $page->chapter->hasPermissions())
                  <div class="active-restriction">
-                    @if(userCan('restrictions-manage', $page->chapter))
+                    @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $page->chapter))
                          <a href="{{ $page->chapter->getUrl('/permissions') }}" class="entity-meta-item">
                              @icon('lock')
                              <div>{{ trans('entities.chapters_permissions_active') }}</div>
@@ -111,7 +111,7 @@
  
              @if($page->hasPermissions())
                  <div class="active-restriction">
-                    @if(userCan('restrictions-manage', $page))
+                    @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $page))
                          <a href="{{ $page->getUrl('/permissions') }}" class="entity-meta-item">
                              @icon('lock')
                              <div>{{ trans('entities.pages_permissions_active') }}</div>
@@ -140,20 +140,20 @@
          <div class="icon-list text-link">
  
              {{--User Actions--}}
-            @if(userCan('page-update', $page))
+            @if(userCan(\BookStack\Permissions\Permission::PageUpdate, $page))
                  <a href="{{ $page->getUrl('/edit') }}" data-shortcut="edit" class="icon-list-item">
                      <span>@icon('edit')</span>
                      <span>{{ trans('common.edit') }}</span>
                  </a>
              @endif
-            @if(userCanOnAny('create', \BookStack\Entities\Models\Book::class) || userCanOnAny('create', \BookStack\Entities\Models\Chapter::class) || userCan('page-create-all') || userCan('page-create-own'))
+            @if(userCanOnAny(\BookStack\Permissions\Permission::Create, \BookStack\Entities\Models\Book::class) || userCanOnAny('create', \BookStack\Entities\Models\Chapter::class) || userCan(\BookStack\Permissions\Permission::PageCreateAll) || userCan(\BookStack\Permissions\Permission::PageCreateOwn))
                  <a href="{{ $page->getUrl('/copy') }}" data-shortcut="copy" class="icon-list-item">
                      <span>@icon('copy')</span>
                      <span>{{ trans('common.copy') }}</span>
                  </a>
              @endif
-            @if(userCan('page-update', $page))
-                @if(userCan('page-delete', $page))
+            @if(userCan(\BookStack\Permissions\Permission::PageUpdate, $page))
+                @if(userCan(\BookStack\Permissions\Permission::PageDelete, $page))
                         <a href="{{ $page->getUrl('/move') }}" data-shortcut="move" class="icon-list-item">
                             <span>@icon('folder')</span>
                             <span>{{ trans('common.move') }}</span>
@@ -164,13 +164,13 @@
                  <span>@icon('history')</span>
                  <span>{{ trans('entities.revisions') }}</span>
              </a>
-            @if(userCan('restrictions-manage', $page))
+            @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $page))
                  <a href="{{ $page->getUrl('/permissions') }}" data-shortcut="permissions" class="icon-list-item">
                      <span>@icon('lock')</span>
                      <span>{{ trans('entities.permissions') }}</span>
                  </a>
              @endif
-            @if(userCan('page-delete', $page))
+            @if(userCan(\BookStack\Permissions\Permission::PageDelete, $page))
                  <a href="{{ $page->getUrl('/delete') }}" data-shortcut="delete" class="icon-list-item">
                      <span>@icon('delete')</span>
                      <span>{{ trans('common.delete') }}</span>
@@ -185,7 +185,7 @@
              @if(!user()->isGuest())
                  @include('entities.favourite-action', ['entity' => $page])
              @endif
-            @if(userCan('content-export'))
+            @if(userCan(\BookStack\Permissions\Permission::ContentExport))
                  @include('entities.export-menu', ['entity' => $page])
              @endif
          </div>
diff --git a/resources/views/settings/categories/features.blade.php b/resources/views/settings/categories/features.blade.php

index 5935e21f5494da3dcb23a85c360ce55651184009..d451a0ba35ef61bb9c4ed1590b2df605c3663c99 100644 (file)
--- a/resources/views/settings/categories/features.blade.php
+++ b/resources/views/settings/categories/features.blade.php
@@ -13,7 +13,7 @@
                  <div>
                      <label for="setting-app-public" class="setting-list-label">{{ trans('settings.app_public_access') }}</label>
                      <p class="small">{!! trans('settings.app_public_access_desc') !!}</p>
-                    @if(userCan('users-manage'))
+                    @if(userCan(\BookStack\Permissions\Permission::UsersManage))
                          <p class="small mb-none">
                              <a href="{{ url($guestUser->getEditUrl()) }}">{!! trans('settings.app_public_access_desc_guest') !!}</a>
                          </p>
diff --git a/resources/views/settings/parts/navbar.blade.php b/resources/views/settings/parts/navbar.blade.php

index e229f5e654fac31bab192421a5867a16bf436293..cda8bdae0c1cec50b95dddd214af2b2f661f876a 100644 (file)
--- a/resources/views/settings/parts/navbar.blade.php
+++ b/resources/views/settings/parts/navbar.blade.php
@@ -1,19 +1,19 @@
  
  <nav class="active-link-list py-m flex-container-row justify-center wrap">
-    @if(userCan('settings-manage'))
+    @if(userCan(\BookStack\Permissions\Permission::SettingsManage))
          <a href="{{ url('/settings') }}" @if($selected == 'settings') class="active" @endif>@icon('settings'){{ trans('settings.settings') }}</a>
          <a href="{{ url('/settings/maintenance') }}" @if($selected == 'maintenance') class="active" @endif>@icon('spanner'){{ trans('settings.maint') }}</a>
      @endif
-    @if(userCan('settings-manage') && userCan('users-manage'))
+    @if(userCan(\BookStack\Permissions\Permission::SettingsManage) && userCan(\BookStack\Permissions\Permission::UsersManage))
          <a href="{{ url('/settings/audit') }}" @if($selected == 'audit') class="active" @endif>@icon('open-book'){{ trans('settings.audit') }}</a>
      @endif
-    @if(userCan('users-manage'))
+    @if(userCan(\BookStack\Permissions\Permission::UsersManage))
          <a href="{{ url('/settings/users') }}" @if($selected == 'users') class="active" @endif>@icon('users'){{ trans('settings.users') }}</a>
      @endif
-    @if(userCan('user-roles-manage'))
+    @if(userCan(\BookStack\Permissions\Permission::UserRolesManage))
          <a href="{{ url('/settings/roles') }}" @if($selected == 'roles') class="active" @endif>@icon('lock-open'){{ trans('settings.roles') }}</a>
      @endif
-    @if(userCan('settings-manage'))
+    @if(userCan(\BookStack\Permissions\Permission::SettingsManage))
          <a href="{{ url('/settings/webhooks') }}" @if($selected == 'webhooks') class="active" @endif>@icon('webhooks'){{ trans('settings.webhooks') }}</a>
      @endif
  </nav>
 \ No newline at end of file
diff --git a/resources/views/settings/roles/edit.blade.php b/resources/views/settings/roles/edit.blade.php

index bd1dbb7632258d48e1626f13c77d27694dc70d66..da7835e1a0204291dabffe84e379c1b2135abf57 100644 (file)
--- a/resources/views/settings/roles/edit.blade.php
+++ b/resources/views/settings/roles/edit.blade.php
@@ -35,11 +35,11 @@
                                  <img class="avatar small" src="{{ $user->getAvatar(40) }}" alt="{{ $user->name }}">
                              </div>
                              <div>
-                                @if(userCan('users-manage') || user()->id == $user->id)
+                                @if(userCan(\BookStack\Permissions\Permission::UsersManage) || user()->id == $user->id)
                                      <a href="{{ url("/settings/users/{$user->id}") }}">
                                          @endif
                                          {{ $user->name }}
-                                        @if(userCan('users-manage') || user()->id == $user->id)
+                                        @if(userCan(\BookStack\Permissions\Permission::UsersManage) || user()->id == $user->id)
                                      </a>
                                  @endif
                              </div>
diff --git a/resources/views/shelves/index.blade.php b/resources/views/shelves/index.blade.php

index 85663b413077e6483a94aaf8b1b81aa4a043df71..bb7c57e0fdea9b1363cf96fa522b99f1b0d55d2c 100644 (file)
--- a/resources/views/shelves/index.blade.php
+++ b/resources/views/shelves/index.blade.php
@@ -9,7 +9,7 @@
      <div class="actions mb-xl">
          <h5>{{ trans('common.actions') }}</h5>
          <div class="icon-list text-link">
-            @if(userCan('bookshelf-create-all'))
+            @if(userCan(\BookStack\Permissions\Permission::BookshelfCreateAll))
                  <a href="{{ url("/create-shelf") }}" data-shortcut="new" class="icon-list-item">
                      <span>@icon('add')</span>
                      <span>{{ trans('entities.shelves_new_action') }}</span>
diff --git a/resources/views/shelves/parts/list.blade.php b/resources/views/shelves/parts/list.blade.php

index 7f6e02a8b7ce87ff8c6cd33b98dabd7ae1f75af1..5be5a7bb6c4df7a43892c9a6f8e37694ef79d0b2 100644 (file)
--- a/resources/views/shelves/parts/list.blade.php
+++ b/resources/views/shelves/parts/list.blade.php
@@ -29,7 +29,7 @@
          </div>
      @else
          <p class="text-muted">{{ trans('entities.shelves_empty') }}</p>
-        @if(userCan('bookshelf-create-all'))
+        @if(userCan(\BookStack\Permissions\Permission::BookshelfCreateAll))
              <div class="icon-list block inline">
                  <a href="{{ url("/create-shelf") }}"
                     class="icon-list-item text-bookshelf">
diff --git a/resources/views/shelves/show.blade.php b/resources/views/shelves/show.blade.php

index 11baccaf46354db6bb6a2395d7fd2f7b268fc41f..633f959f3c9108b202f45aa632932eae5eab35ee 100644 (file)
--- a/resources/views/shelves/show.blade.php
+++ b/resources/views/shelves/show.blade.php
@@ -48,13 +48,13 @@
                      <hr>
                      <p class="text-muted italic mt-xl mb-m">{{ trans('entities.shelves_empty_contents') }}</p>
                      <div class="icon-list inline block">
-                        @if(userCan('book-create-all') && userCan('bookshelf-update', $shelf))
+                        @if(userCan(\BookStack\Permissions\Permission::BookCreateAll) && userCan(\BookStack\Permissions\Permission::BookshelfUpdate, $shelf))
                              <a href="{{ $shelf->getUrl('/create-book') }}" class="icon-list-item text-book">
                                  <span class="icon">@icon('add')</span>
                                  <span>{{ trans('entities.books_create') }}</span>
                              </a>
                          @endif
-                        @if(userCan('bookshelf-update', $shelf))
+                        @if(userCan(\BookStack\Permissions\Permission::BookshelfUpdate, $shelf))
                              <a href="{{ $shelf->getUrl('/edit') }}" class="icon-list-item text-bookshelf">
                                  <span class="icon">@icon('edit')</span>
                                  <span>{{ trans('entities.shelves_edit_and_assign') }}</span>
@@ -82,7 +82,7 @@
              @include('entities.meta', ['entity' => $shelf, 'watchOptions' => null])
              @if($shelf->hasPermissions())
                  <div class="active-restriction">
-                    @if(userCan('restrictions-manage', $shelf))
+                    @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $shelf))
                          <a href="{{ $shelf->getUrl('/permissions') }}" class="entity-meta-item">
                              @icon('lock')
                              <div>{{ trans('entities.shelves_permissions_active') }}</div>
@@ -111,7 +111,7 @@
          <h5>{{ trans('common.actions') }}</h5>
          <div class="icon-list text-link">
  
-            @if(userCan('book-create-all') && userCan('bookshelf-update', $shelf))
+            @if(userCan(\BookStack\Permissions\Permission::BookCreateAll) && userCan(\BookStack\Permissions\Permission::BookshelfUpdate, $shelf))
                  <a href="{{ $shelf->getUrl('/create-book') }}" data-shortcut="new" class="icon-list-item">
                      <span class="icon">@icon('add')</span>
                      <span>{{ trans('entities.books_new_action') }}</span>
@@ -122,21 +122,21 @@
  
              <hr class="primary-background">
  
-            @if(userCan('bookshelf-update', $shelf))
+            @if(userCan(\BookStack\Permissions\Permission::BookshelfUpdate, $shelf))
                  <a href="{{ $shelf->getUrl('/edit') }}" data-shortcut="edit" class="icon-list-item">
                      <span>@icon('edit')</span>
                      <span>{{ trans('common.edit') }}</span>
                  </a>
              @endif
  
-            @if(userCan('restrictions-manage', $shelf))
+            @if(userCan(\BookStack\Permissions\Permission::RestrictionsManage, $shelf))
                  <a href="{{ $shelf->getUrl('/permissions') }}" data-shortcut="permissions" class="icon-list-item">
                      <span>@icon('lock')</span>
                      <span>{{ trans('entities.permissions') }}</span>
                  </a>
              @endif
  
-            @if(userCan('bookshelf-delete', $shelf))
+            @if(userCan(\BookStack\Permissions\Permission::BookshelfDelete, $shelf))
                  <a href="{{ $shelf->getUrl('/delete') }}" data-shortcut="delete" class="icon-list-item">
                      <span>@icon('delete')</span>
                      <span>{{ trans('common.delete') }}</span>
diff --git a/resources/views/users/account/auth.blade.php b/resources/views/users/account/auth.blade.php

index d6f85093bf37bddb7f7cb8b86f8061f50adb7c59..57e6c1f9cb3b62932d689af194781861682d2956 100644 (file)
--- a/resources/views/users/account/auth.blade.php
+++ b/resources/views/users/account/auth.blade.php
@@ -81,7 +81,7 @@
          </section>
      @endif
  
-    @if(userCan('access-api'))
+    @if(userCan(\BookStack\Permissions\Permission::AccessApi))
          @include('users.api-tokens.parts.list', ['user' => user(), 'context' => 'my-account'])
      @endif
  @stop
diff --git a/resources/views/users/account/delete.blade.php b/resources/views/users/account/delete.blade.php

index 75698d9199428fdfec719733e5c8be6d84a0262b..aa051e9adc56d08176359816df891367e5300e77 100644 (file)
--- a/resources/views/users/account/delete.blade.php
+++ b/resources/views/users/account/delete.blade.php
@@ -12,7 +12,7 @@
  
              <p>{{ trans('preferences.delete_my_account_desc') }}</p>
  
-            @if(userCan('users-manage'))
+            @if(userCan(\BookStack\Permissions\Permission::UsersManage))
                  <hr class="my-l">
  
                  <div class="grid half gap-xl v-center">
diff --git a/resources/views/users/account/layout.blade.php b/resources/views/users/account/layout.blade.php

index f54a51c5ac8d3c9cbd8774efb5cc5e8f216e8cee..df8ebc2d90436e76cccf3acf8898ac90c413ce77 100644 (file)
--- a/resources/views/users/account/layout.blade.php
+++ b/resources/views/users/account/layout.blade.php
@@ -12,7 +12,7 @@
                          <a href="{{ url('/my-account/profile') }}" class="{{ $category === 'profile' ? 'active' : '' }}">@icon('user') {{ trans('preferences.profile') }}</a>
                          <a href="{{ url('/my-account/auth') }}" class="{{ $category === 'auth' ? 'active' : '' }}">@icon('security') {{ trans('preferences.auth') }}</a>
                          <a href="{{ url('/my-account/shortcuts') }}" class="{{ $category === 'shortcuts' ? 'active' : '' }}">@icon('shortcuts') {{ trans('preferences.shortcuts_interface') }}</a>
-                        @if(userCan('receive-notifications'))
+                        @if(userCan(\BookStack\Permissions\Permission::ReceiveNotifications))
                              <a href="{{ url('/my-account/notifications') }}" class="{{ $category === 'notifications' ? 'active' : '' }}">@icon('notifications') {{ trans('preferences.notifications') }}</a>
                          @endif
                      </nav>
diff --git a/resources/views/users/account/profile.blade.php b/resources/views/users/account/profile.blade.php

index 617c0972302ebaeb24ffe94dfeda2d366bac4c06..778e35885f6335182e043f743500161704cb86a2 100644 (file)
--- a/resources/views/users/account/profile.blade.php
+++ b/resources/views/users/account/profile.blade.php
@@ -35,10 +35,10 @@
                              <p class="text-small mb-none">{{ trans('preferences.profile_email_desc') }}</p>
                          </div>
                          <div class="flex stretch-inputs">
-                            @include('form.text', ['name' => 'email', 'disabled' => !userCan('users-manage')])
+                            @include('form.text', ['name' => 'email', 'disabled' => !userCan(\BookStack\Permissions\Permission::UsersManage)])
                          </div>
                      </div>
-                    @if(!userCan('users-manage'))
+                    @if(!userCan(\BookStack\Permissions\Permission::UsersManage))
                          <p class="text-small text-muted">{{ trans('preferences.profile_email_no_permission') }}</p>
                      @endif
                  </div>
@@ -75,7 +75,7 @@
          </form>
      </section>
  
-    @if(userCan('users-manage'))
+    @if(userCan(\BookStack\Permissions\Permission::UsersManage))
          <section class="card content-wrap auto-height">
              <div class="flex-container-row gap-l items-center wrap">
                  <div class="flex">
diff --git a/resources/views/users/api-tokens/parts/list.blade.php b/resources/views/users/api-tokens/parts/list.blade.php

index 70aaa58f3f61a3b0d59776be5ee6d6e22830e2ce..bd8dd53cc35dce443c94f01777adea7a62fcbd5a 100644 (file)
--- a/resources/views/users/api-tokens/parts/list.blade.php
+++ b/resources/views/users/api-tokens/parts/list.blade.php
@@ -2,7 +2,7 @@
      <div class="flex-container-row wrap justify-space-between items-center mb-s">
          <h2 class="list-heading">{{ trans('settings.users_api_tokens') }}</h2>
          <div class="text-right pt-xs">
-            @if(userCan('access-api'))
+            @if(userCan(\BookStack\Permissions\Permission::AccessApi))
                  <a href="{{ url('/api/docs') }}" class="button outline">{{ trans('settings.users_api_tokens_docs') }}</a>
                  <a href="{{ url('/api-tokens/' . $user->id . '/create?context=' . $context) }}" class="button outline">{{ trans('settings.users_api_tokens_create') }}</a>
              @endif
diff --git a/resources/views/users/create.blade.php b/resources/views/users/create.blade.php

index dafc623e12066748f59fde0d239a91fc2b53c3f9..daffc91a39da753bae8ec9f2a2a72e59a8f7a3e4 100644 (file)
--- a/resources/views/users/create.blade.php
+++ b/resources/views/users/create.blade.php
@@ -18,7 +18,7 @@
                  </div>
  
                  <div class="form-group text-right">
-                    <a href="{{  url(userCan('users-manage') ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
+                    <a href="{{  url(userCan(\BookStack\Permissions\Permission::UsersManage) ? "/settings/users" : "/") }}" class="button outline">{{ trans('common.cancel') }}</a>
                      <button class="button" type="submit">{{ trans('common.save') }}</button>
                  </div>
  
diff --git a/resources/views/users/parts/form.blade.php b/resources/views/users/parts/form.blade.php

index bf1eb08a7602b081660ec174edddea0bf3cce7b4..86287646f0541ffdb7f8247c0ff2b401b967e55e 100644 (file)
--- a/resources/views/users/parts/form.blade.php
+++ b/resources/views/users/parts/form.blade.php
@@ -17,9 +17,9 @@
              @include('form.text', ['name' => 'name'])
          </div>
          <div>
-            @if($authMethod !== 'ldap' || userCan('users-manage'))
+            @if($authMethod !== 'ldap' || userCan(\BookStack\Permissions\Permission::UsersManage))
                  <label for="email">{{ trans('auth.email') }}</label>
-                @include('form.text', ['name' => 'email', 'disabled' => !userCan('users-manage')])
+                @include('form.text', ['name' => 'email', 'disabled' => !userCan(\BookStack\Permissions\Permission::UsersManage)])
              @endif
          </div>
      </div>
diff --git a/tests/Permissions/EntityPermissionsTest.php b/tests/Permissions/EntityPermissionsTest.php

index 43d0cfc50638fd1eef013a964e2e845871938755..ec2756b12137d8279494d347ed3c99dcad5586ba 100644 (file)
--- a/tests/Permissions/EntityPermissionsTest.php
+++ b/tests/Permissions/EntityPermissionsTest.php
@@ -7,6 +7,7 @@ use BookStack\Entities\Models\Bookshelf;
  use BookStack\Entities\Models\Chapter;
  use BookStack\Entities\Models\Entity;
  use BookStack\Entities\Models\Page;
+use BookStack\Permissions\Permission;
  use BookStack\Users\Models\Role;
  use BookStack\Users\Models\User;
  use Exception;
@@ -25,7 +26,7 @@ class EntityPermissionsTest extends TestCase
          $this->viewer = $this->users->viewer();
      }
  
-    protected function setRestrictionsForTestRoles(Entity $entity, array $actions = [])
+    protected function setRestrictionsForTestRoles(Entity $entity, array $actions = []): void
      {
          $roles = [
              $this->user->roles->first(),
@@ -676,7 +677,7 @@ class EntityPermissionsTest extends TestCase
          $this->permissions->setEntityPermissions($book, ['update'], [$viewerRole], false);
          $this->permissions->setEntityPermissions($chapter, [], [$viewerRole], true);
  
-        $this->assertFalse(userCan('chapter-update', $chapter));
+        $this->assertFalse(userCan(Permission::ChapterUpdate, $chapter));
      }
  
      public function test_access_to_item_allowed_if_inheritance_active_and_permission_prevented_via_role_but_allowed_via_parent()
@@ -692,7 +693,7 @@ class EntityPermissionsTest extends TestCase
          $this->permissions->setEntityPermissions($chapter, [], [$viewerRole], true);
  
          $this->actingAs($user);
-        $this->assertTrue(userCan('chapter-update', $chapter));
+        $this->assertTrue(userCan(Permission::ChapterUpdate, $chapter));
      }
  
      public function test_book_permissions_can_be_generated_without_error_if_child_chapter_is_in_recycle_bin()
author	Dan Brown <redacted>
	Tue, 9 Sep 2025 08:48:19 +0000 (09:48 +0100)
committer	Dan Brown <redacted>
	Tue, 9 Sep 2025 08:48:19 +0000 (09:48 +0100)
app/Activity/Controllers/WebhookController.php		patch \| blob \| history
app/Activity/Tools/CommentTree.php		patch \| blob \| history
app/Activity/Tools/TagClassGenerator.php		patch \| blob \| history
app/Entities/Controllers/PageController.php		patch \| blob \| history
app/Entities/Repos/ChapterRepo.php		patch \| blob \| history
app/Entities/Repos/PageRepo.php		patch \| blob \| history
app/Entities/Tools/Cloner.php		patch \| blob \| history
app/Entities/Tools/PageEditorData.php		patch \| blob \| history
app/Entities/Tools/PermissionsUpdater.php		patch \| blob \| history
app/Exports/Controllers/BookExportApiController.php		patch \| blob \| history
app/Exports/Controllers/BookExportController.php		patch \| blob \| history
app/Exports/Controllers/ChapterExportApiController.php		patch \| blob \| history
app/Exports/Controllers/ChapterExportController.php		patch \| blob \| history
app/Exports/Controllers/ImportApiController.php		patch \| blob \| history
app/Exports/Controllers/ImportController.php		patch \| blob \| history
app/Exports/Controllers/PageExportApiController.php		patch \| blob \| history
app/Exports/Controllers/PageExportController.php		patch \| blob \| history
app/Exports/ImportRepo.php		patch \| blob \| history
app/Exports/ZipExports/ZipExportReferences.php		patch \| blob \| history
app/Exports/ZipExports/ZipImportRunner.php		patch \| blob \| history
app/Permissions/Permission.php		patch \| blob \| history
app/Sorting/BookSorter.php		patch \| blob \| history
app/Sorting/SortRuleController.php		patch \| blob \| history
app/Uploads/Controllers/DrawioImageController.php		patch \| blob \| history
app/Users/Controllers/UserAccountController.php		patch \| blob \| history
app/Users/Controllers/UserApiController.php		patch \| blob \| history
app/Users/Controllers/UserSearchController.php		patch \| blob \| history
resources/views/attachments/manager-list.blade.php		patch \| blob \| history
resources/views/books/edit.blade.php		patch \| blob \| history
resources/views/books/index.blade.php		patch \| blob \| history
resources/views/books/parts/list.blade.php		patch \| blob \| history
resources/views/books/show.blade.php		patch \| blob \| history
resources/views/chapters/edit.blade.php		patch \| blob \| history
resources/views/chapters/show.blade.php		patch \| blob \| history
resources/views/comments/comment.blade.php		patch \| blob \| history
resources/views/comments/comments.blade.php		patch \| blob \| history
resources/views/entities/book-tree.blade.php		patch \| blob \| history
resources/views/entities/breadcrumbs.blade.php		patch \| blob \| history
resources/views/home/books.blade.php		patch \| blob \| history
resources/views/home/shelves.blade.php		patch \| blob \| history
resources/views/layouts/parts/header-links.blade.php		patch \| blob \| history
resources/views/pages/parts/editor-toolbar.blade.php		patch \| blob \| history
resources/views/pages/parts/editor-toolbox.blade.php		patch \| blob \| history
resources/views/pages/parts/image-manager-form.blade.php		patch \| blob \| history
resources/views/pages/parts/pointer.blade.php		patch \| blob \| history
resources/views/pages/parts/revisions-index-row.blade.php		patch \| blob \| history
resources/views/pages/parts/template-manager.blade.php		patch \| blob \| history
resources/views/pages/show.blade.php		patch \| blob \| history
resources/views/settings/categories/features.blade.php		patch \| blob \| history
resources/views/settings/parts/navbar.blade.php		patch \| blob \| history
resources/views/settings/roles/edit.blade.php		patch \| blob \| history
resources/views/shelves/index.blade.php		patch \| blob \| history
resources/views/shelves/parts/list.blade.php		patch \| blob \| history
resources/views/shelves/show.blade.php		patch \| blob \| history
resources/views/users/account/auth.blade.php		patch \| blob \| history
resources/views/users/account/delete.blade.php		patch \| blob \| history
resources/views/users/account/layout.blade.php		patch \| blob \| history
resources/views/users/account/profile.blade.php		patch \| blob \| history
resources/views/users/api-tokens/parts/list.blade.php		patch \| blob \| history
resources/views/users/create.blade.php		patch \| blob \| history
resources/views/users/parts/form.blade.php		patch \| blob \| history
tests/Permissions/EntityPermissionsTest.php		patch \| blob \| history