Laravel 5.3 upgrade (#189)
* Started move to laravel 5.3 * Started updating login & registration flows for laravel 5.3 update * Updated app emails to notification system * Fixed registations bugs and removed email confirmation model * Fixed large portion of laravel post-upgrade issues * Fixed and tested LDAP process
This commit is contained in:
parent
393f6047f2
commit
9dc9724e15
44 changed files with 1799 additions and 1110 deletions
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -10,4 +10,5 @@ Homestead.yaml
|
|||
/public/bower
|
||||
/storage/images
|
||||
_ide_helper.php
|
||||
/storage/debugbar
|
||||
/storage/debugbar
|
||||
.phpstorm.meta.php
|
|
@ -1,16 +0,0 @@
|
|||
<?php namespace BookStack;
|
||||
|
||||
class EmailConfirmation extends Model
|
||||
{
|
||||
protected $fillable = ['user_id', 'token'];
|
||||
|
||||
/**
|
||||
* Get the user that this confirmation is attached to.
|
||||
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
|
||||
*/
|
||||
public function user()
|
||||
{
|
||||
return $this->belongsTo(User::class);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,8 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace BookStack\Events;
|
||||
|
||||
abstract class Event
|
||||
{
|
||||
//
|
||||
}
|
|
@ -87,4 +87,20 @@ class Handler extends ExceptionHandler
|
|||
} while ($e = $e->getPrevious());
|
||||
return $message;
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert an authentication exception into an unauthenticated response.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Illuminate\Auth\AuthenticationException $exception
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
protected function unauthenticated($request, AuthenticationException $exception)
|
||||
{
|
||||
if ($request->expectsJson()) {
|
||||
return response()->json(['error' => 'Unauthenticated.'], 401);
|
||||
}
|
||||
|
||||
return redirect()->guest('login');
|
||||
}
|
||||
}
|
||||
|
|
33
app/Http/Controllers/Auth/ForgotPasswordController.php
Normal file
33
app/Http/Controllers/Auth/ForgotPasswordController.php
Normal file
|
@ -0,0 +1,33 @@
|
|||
<?php
|
||||
|
||||
namespace BookStack\Http\Controllers\Auth;
|
||||
|
||||
use BookStack\Http\Controllers\Controller;
|
||||
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
|
||||
|
||||
class ForgotPasswordController extends Controller
|
||||
{
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Password Reset Controller
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| This controller is responsible for handling password reset emails and
|
||||
| includes a trait which assists in sending these notifications from
|
||||
| your application to your users. Feel free to explore this trait.
|
||||
|
|
||||
*/
|
||||
|
||||
use SendsPasswordResetEmails;
|
||||
|
||||
/**
|
||||
* Create a new controller instance.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('guest');
|
||||
parent::__construct();
|
||||
}
|
||||
}
|
123
app/Http/Controllers/Auth/LoginController.php
Normal file
123
app/Http/Controllers/Auth/LoginController.php
Normal file
|
@ -0,0 +1,123 @@
|
|||
<?php
|
||||
|
||||
namespace BookStack\Http\Controllers\Auth;
|
||||
|
||||
use BookStack\Http\Controllers\Controller;
|
||||
use BookStack\Repos\UserRepo;
|
||||
use BookStack\Services\SocialAuthService;
|
||||
use Illuminate\Contracts\Auth\Authenticatable;
|
||||
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class LoginController extends Controller
|
||||
{
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Login Controller
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| This controller handles authenticating users for the application and
|
||||
| redirecting them to your home screen. The controller uses a trait
|
||||
| to conveniently provide its functionality to your applications.
|
||||
|
|
||||
*/
|
||||
|
||||
use AuthenticatesUsers;
|
||||
|
||||
/**
|
||||
* Where to redirect users after login.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $redirectTo = '/';
|
||||
|
||||
protected $redirectPath = '/';
|
||||
protected $redirectAfterLogout = '/login';
|
||||
|
||||
protected $socialAuthService;
|
||||
protected $userRepo;
|
||||
|
||||
/**
|
||||
* Create a new controller instance.
|
||||
*
|
||||
* @param SocialAuthService $socialAuthService
|
||||
* @param UserRepo $userRepo
|
||||
*/
|
||||
public function __construct(SocialAuthService $socialAuthService, UserRepo $userRepo)
|
||||
{
|
||||
$this->middleware('guest', ['only' => ['getLogin', 'postLogin']]);
|
||||
$this->socialAuthService = $socialAuthService;
|
||||
$this->userRepo = $userRepo;
|
||||
$this->redirectPath = baseUrl('/');
|
||||
$this->redirectAfterLogout = baseUrl('/login');
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
public function username()
|
||||
{
|
||||
return config('auth.method') === 'standard' ? 'email' : 'username';
|
||||
}
|
||||
|
||||
/**
|
||||
* Overrides the action when a user is authenticated.
|
||||
* If the user authenticated but does not exist in the user table we create them.
|
||||
* @param Request $request
|
||||
* @param Authenticatable $user
|
||||
* @return \Illuminate\Http\RedirectResponse
|
||||
* @throws AuthException
|
||||
*/
|
||||
protected function authenticated(Request $request, Authenticatable $user)
|
||||
{
|
||||
// Explicitly log them out for now if they do no exist.
|
||||
if (!$user->exists) auth()->logout($user);
|
||||
|
||||
if (!$user->exists && $user->email === null && !$request->has('email')) {
|
||||
$request->flash();
|
||||
session()->flash('request-email', true);
|
||||
return redirect('/login');
|
||||
}
|
||||
|
||||
if (!$user->exists && $user->email === null && $request->has('email')) {
|
||||
$user->email = $request->get('email');
|
||||
}
|
||||
|
||||
if (!$user->exists) {
|
||||
|
||||
// Check for users with same email already
|
||||
$alreadyUser = $user->newQuery()->where('email', '=', $user->email)->count() > 0;
|
||||
if ($alreadyUser) {
|
||||
throw new AuthException('A user with the email ' . $user->email . ' already exists but with different credentials.');
|
||||
}
|
||||
|
||||
$user->save();
|
||||
$this->userRepo->attachDefaultRole($user);
|
||||
auth()->login($user);
|
||||
}
|
||||
|
||||
$path = session()->pull('url.intended', '/');
|
||||
$path = baseUrl($path, true);
|
||||
return redirect($path);
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the application login form.
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function getLogin()
|
||||
{
|
||||
$socialDrivers = $this->socialAuthService->getActiveDrivers();
|
||||
$authMethod = config('auth.method');
|
||||
return view('auth/login', ['socialDrivers' => $socialDrivers, 'authMethod' => $authMethod]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Redirect to the relevant social site.
|
||||
* @param $socialDriver
|
||||
* @return \Symfony\Component\HttpFoundation\RedirectResponse
|
||||
*/
|
||||
public function getSocialLogin($socialDriver)
|
||||
{
|
||||
session()->put('social-callback', 'login');
|
||||
return $this->socialAuthService->startLogIn($socialDriver);
|
||||
}
|
||||
}
|
|
@ -1,62 +1,68 @@
|
|||
<?php namespace BookStack\Http\Controllers\Auth;
|
||||
<?php
|
||||
|
||||
use BookStack\Exceptions\AuthException;
|
||||
use Illuminate\Contracts\Auth\Authenticatable;
|
||||
use Illuminate\Http\Request;
|
||||
use BookStack\Exceptions\SocialSignInException;
|
||||
namespace BookStack\Http\Controllers\Auth;
|
||||
|
||||
use BookStack\Exceptions\ConfirmationEmailException;
|
||||
use BookStack\Exceptions\UserRegistrationException;
|
||||
use BookStack\Repos\UserRepo;
|
||||
use BookStack\Services\EmailConfirmationService;
|
||||
use BookStack\Services\SocialAuthService;
|
||||
use BookStack\SocialAccount;
|
||||
use BookStack\User;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\Response;
|
||||
use Validator;
|
||||
use BookStack\Http\Controllers\Controller;
|
||||
use Illuminate\Foundation\Auth\ThrottlesLogins;
|
||||
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
|
||||
use Illuminate\Foundation\Auth\RegistersUsers;
|
||||
|
||||
class AuthController extends Controller
|
||||
class RegisterController extends Controller
|
||||
{
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Registration & Login Controller
|
||||
| Register Controller
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| This controller handles the registration of new users, as well as the
|
||||
| authentication of existing users. By default, this controller uses
|
||||
| a simple trait to add these behaviors. Why don't you explore it?
|
||||
| This controller handles the registration of new users as well as their
|
||||
| validation and creation. By default this controller uses a trait to
|
||||
| provide this functionality without requiring any additional code.
|
||||
|
|
||||
*/
|
||||
|
||||
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
|
||||
|
||||
protected $redirectPath = '/';
|
||||
protected $redirectAfterLogout = '/login';
|
||||
protected $username = 'email';
|
||||
use RegistersUsers;
|
||||
|
||||
protected $socialAuthService;
|
||||
protected $emailConfirmationService;
|
||||
protected $userRepo;
|
||||
|
||||
/**
|
||||
* Create a new authentication controller instance.
|
||||
* Where to redirect users after login / registration.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $redirectTo = '/';
|
||||
protected $redirectPath = '/';
|
||||
|
||||
/**
|
||||
* Create a new controller instance.
|
||||
*
|
||||
* @param SocialAuthService $socialAuthService
|
||||
* @param EmailConfirmationService $emailConfirmationService
|
||||
* @param UserRepo $userRepo
|
||||
*/
|
||||
public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo)
|
||||
{
|
||||
$this->middleware('guest', ['only' => ['getLogin', 'postLogin', 'getRegister', 'postRegister']]);
|
||||
$this->middleware('guest');
|
||||
$this->socialAuthService = $socialAuthService;
|
||||
$this->emailConfirmationService = $emailConfirmationService;
|
||||
$this->userRepo = $userRepo;
|
||||
$this->redirectTo = baseUrl('/');
|
||||
$this->redirectPath = baseUrl('/');
|
||||
$this->redirectAfterLogout = baseUrl('/login');
|
||||
$this->username = config('auth.method') === 'standard' ? 'email' : 'username';
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a validator for an incoming registration request.
|
||||
*
|
||||
* @param array $data
|
||||
* @return \Illuminate\Contracts\Validation\Validator
|
||||
*/
|
||||
|
@ -69,6 +75,10 @@ class AuthController extends Controller
|
|||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Check whether or not registrations are allowed in the app settings.
|
||||
* @throws UserRegistrationException
|
||||
*/
|
||||
protected function checkRegistrationAllowed()
|
||||
{
|
||||
if (!setting('registration-enabled')) {
|
||||
|
@ -78,7 +88,7 @@ class AuthController extends Controller
|
|||
|
||||
/**
|
||||
* Show the application registration form.
|
||||
* @return \Illuminate\Http\Response
|
||||
* @return Response
|
||||
*/
|
||||
public function getRegister()
|
||||
{
|
||||
|
@ -89,9 +99,10 @@ class AuthController extends Controller
|
|||
|
||||
/**
|
||||
* Handle a registration request for the application.
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\Http\Response
|
||||
* @param Request|\Illuminate\Http\Request $request
|
||||
* @return Response
|
||||
* @throws UserRegistrationException
|
||||
* @throws \Illuminate\Foundation\Validation\ValidationException
|
||||
*/
|
||||
public function postRegister(Request $request)
|
||||
{
|
||||
|
@ -108,66 +119,18 @@ class AuthController extends Controller
|
|||
return $this->registerUser($userData);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Overrides the action when a user is authenticated.
|
||||
* If the user authenticated but does not exist in the user table we create them.
|
||||
* @param Request $request
|
||||
* @param Authenticatable $user
|
||||
* @return \Illuminate\Http\RedirectResponse
|
||||
* @throws AuthException
|
||||
* Create a new user instance after a valid registration.
|
||||
* @param array $data
|
||||
* @return User
|
||||
*/
|
||||
protected function authenticated(Request $request, Authenticatable $user)
|
||||
protected function create(array $data)
|
||||
{
|
||||
// Explicitly log them out for now if they do no exist.
|
||||
if (!$user->exists) auth()->logout($user);
|
||||
|
||||
if (!$user->exists && $user->email === null && !$request->has('email')) {
|
||||
$request->flash();
|
||||
session()->flash('request-email', true);
|
||||
return redirect('/login');
|
||||
}
|
||||
|
||||
if (!$user->exists && $user->email === null && $request->has('email')) {
|
||||
$user->email = $request->get('email');
|
||||
}
|
||||
|
||||
if (!$user->exists) {
|
||||
|
||||
// Check for users with same email already
|
||||
$alreadyUser = $user->newQuery()->where('email', '=', $user->email)->count() > 0;
|
||||
if ($alreadyUser) {
|
||||
throw new AuthException('A user with the email ' . $user->email . ' already exists but with different credentials.');
|
||||
}
|
||||
|
||||
$user->save();
|
||||
$this->userRepo->attachDefaultRole($user);
|
||||
auth()->login($user);
|
||||
}
|
||||
|
||||
$path = session()->pull('url.intended', '/');
|
||||
$path = baseUrl($path, true);
|
||||
return redirect($path);
|
||||
}
|
||||
|
||||
/**
|
||||
* Register a new user after a registration callback.
|
||||
* @param $socialDriver
|
||||
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
||||
* @throws UserRegistrationException
|
||||
*/
|
||||
protected function socialRegisterCallback($socialDriver)
|
||||
{
|
||||
$socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver);
|
||||
$socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser);
|
||||
|
||||
// Create an array of the user data to create a new user instance
|
||||
$userData = [
|
||||
'name' => $socialUser->getName(),
|
||||
'email' => $socialUser->getEmail(),
|
||||
'password' => str_random(30)
|
||||
];
|
||||
return $this->registerUser($userData, $socialAccount);
|
||||
return User::create([
|
||||
'name' => $data['name'],
|
||||
'email' => $data['email'],
|
||||
'password' => bcrypt($data['password']),
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -176,7 +139,7 @@ class AuthController extends Controller
|
|||
* @param bool|false|SocialAccount $socialAccount
|
||||
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
||||
* @throws UserRegistrationException
|
||||
* @throws \BookStack\Exceptions\ConfirmationEmailException
|
||||
* @throws ConfirmationEmailException
|
||||
*/
|
||||
protected function registerUser(array $userData, $socialAccount = false)
|
||||
{
|
||||
|
@ -213,18 +176,6 @@ class AuthController extends Controller
|
|||
return view('auth/register-confirm');
|
||||
}
|
||||
|
||||
/**
|
||||
* View the confirmation email as a standard web page.
|
||||
* @param $token
|
||||
* @return \Illuminate\View\View
|
||||
* @throws UserRegistrationException
|
||||
*/
|
||||
public function viewConfirmEmail($token)
|
||||
{
|
||||
$confirmation = $this->emailConfirmationService->getEmailConfirmationFromToken($token);
|
||||
return view('emails/email-confirmation', ['token' => $confirmation->token]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Confirms an email via a token and logs the user into the system.
|
||||
* @param $token
|
||||
|
@ -237,7 +188,7 @@ class AuthController extends Controller
|
|||
$user = $confirmation->user;
|
||||
$user->email_confirmed = true;
|
||||
$user->save();
|
||||
auth()->login($confirmation->user);
|
||||
auth()->login($user);
|
||||
session()->flash('success', 'Your email has been confirmed!');
|
||||
$this->emailConfirmationService->deleteConfirmationsByUser($user);
|
||||
return redirect($this->redirectPath);
|
||||
|
@ -269,28 +220,6 @@ class AuthController extends Controller
|
|||
return redirect('/register/confirm');
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the application login form.
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function getLogin()
|
||||
{
|
||||
$socialDrivers = $this->socialAuthService->getActiveDrivers();
|
||||
$authMethod = config('auth.method');
|
||||
return view('auth/login', ['socialDrivers' => $socialDrivers, 'authMethod' => $authMethod]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Redirect to the relevant social site.
|
||||
* @param $socialDriver
|
||||
* @return \Symfony\Component\HttpFoundation\RedirectResponse
|
||||
*/
|
||||
public function getSocialLogin($socialDriver)
|
||||
{
|
||||
session()->put('social-callback', 'login');
|
||||
return $this->socialAuthService->startLogIn($socialDriver);
|
||||
}
|
||||
|
||||
/**
|
||||
* Redirect to the social site for authentication intended to register.
|
||||
* @param $socialDriver
|
||||
|
@ -334,4 +263,25 @@ class AuthController extends Controller
|
|||
return $this->socialAuthService->detachSocialAccount($socialDriver);
|
||||
}
|
||||
|
||||
}
|
||||
/**
|
||||
* Register a new user after a registration callback.
|
||||
* @param $socialDriver
|
||||
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
||||
* @throws UserRegistrationException
|
||||
*/
|
||||
protected function socialRegisterCallback($socialDriver)
|
||||
{
|
||||
$socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver);
|
||||
$socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser);
|
||||
|
||||
// Create an array of the user data to create a new user instance
|
||||
$userData = [
|
||||
'name' => $socialUser->getName(),
|
||||
'email' => $socialUser->getEmail(),
|
||||
'password' => str_random(30)
|
||||
];
|
||||
return $this->registerUser($userData, $socialAccount);
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -5,7 +5,7 @@ namespace BookStack\Http\Controllers\Auth;
|
|||
use BookStack\Http\Controllers\Controller;
|
||||
use Illuminate\Foundation\Auth\ResetsPasswords;
|
||||
|
||||
class PasswordController extends Controller
|
||||
class ResetPasswordController extends Controller
|
||||
{
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
|
@ -20,13 +20,14 @@ class PasswordController extends Controller
|
|||
|
||||
use ResetsPasswords;
|
||||
|
||||
protected $redirectTo = '/';
|
||||
|
||||
/**
|
||||
* Create a new password controller instance.
|
||||
* Create a new controller instance.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('guest');
|
||||
parent::__construct();
|
||||
}
|
||||
}
|
||||
}
|
|
@ -30,17 +30,22 @@ abstract class Controller extends BaseController
|
|||
*/
|
||||
public function __construct()
|
||||
{
|
||||
// Get a user instance for the current user
|
||||
$user = auth()->user();
|
||||
if (!$user) $user = User::getDefault();
|
||||
$this->middleware(function ($request, $next) {
|
||||
|
||||
// Share variables with views
|
||||
view()->share('signedIn', auth()->check());
|
||||
view()->share('currentUser', $user);
|
||||
// Get a user instance for the current user
|
||||
$user = auth()->user();
|
||||
if (!$user) $user = User::getDefault();
|
||||
|
||||
// Share variables with controllers
|
||||
$this->currentUser = $user;
|
||||
$this->signedIn = auth()->check();
|
||||
// Share variables with views
|
||||
view()->share('signedIn', auth()->check());
|
||||
view()->share('currentUser', $user);
|
||||
|
||||
// Share variables with controllers
|
||||
$this->currentUser = $user;
|
||||
$this->signedIn = auth()->check();
|
||||
|
||||
return $next($request);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -9,15 +9,32 @@ class Kernel extends HttpKernel
|
|||
/**
|
||||
* The application's global HTTP middleware stack.
|
||||
*
|
||||
* These middleware are run during every request to your application.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $middleware = [
|
||||
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
|
||||
\BookStack\Http\Middleware\EncryptCookies::class,
|
||||
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
||||
\Illuminate\Session\Middleware\StartSession::class,
|
||||
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
|
||||
\BookStack\Http\Middleware\VerifyCsrfToken::class,
|
||||
];
|
||||
|
||||
/**
|
||||
* The application's route middleware groups.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $middlewareGroups = [
|
||||
'web' => [
|
||||
\BookStack\Http\Middleware\EncryptCookies::class,
|
||||
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
||||
\Illuminate\Session\Middleware\StartSession::class,
|
||||
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
|
||||
\BookStack\Http\Middleware\VerifyCsrfToken::class,
|
||||
\Illuminate\Routing\Middleware\SubstituteBindings::class,
|
||||
],
|
||||
'api' => [
|
||||
'throttle:60,1',
|
||||
'bindings',
|
||||
],
|
||||
];
|
||||
|
||||
/**
|
||||
|
@ -26,6 +43,7 @@ class Kernel extends HttpKernel
|
|||
* @var array
|
||||
*/
|
||||
protected $routeMiddleware = [
|
||||
'can' => \Illuminate\Auth\Middleware\Authorize::class,
|
||||
'auth' => \BookStack\Http\Middleware\Authenticate::class,
|
||||
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
|
||||
'guest' => \BookStack\Http\Middleware\RedirectIfAuthenticated::class,
|
||||
|
|
|
@ -33,7 +33,7 @@ class Authenticate
|
|||
public function handle($request, Closure $next)
|
||||
{
|
||||
if ($this->auth->check() && setting('registration-confirmation') && !$this->auth->user()->email_confirmed) {
|
||||
return redirect()->guest(baseUrl('/register/confirm/awaiting'));
|
||||
return redirect(baseUrl('/register/confirm/awaiting'));
|
||||
}
|
||||
|
||||
if ($this->auth->guest() && !setting('app-public')) {
|
||||
|
|
|
@ -34,7 +34,8 @@ class RedirectIfAuthenticated
|
|||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
if ($this->auth->check()) {
|
||||
$requireConfirmation = setting('registration-confirmation');
|
||||
if ($this->auth->check() && (!$requireConfirmation || ($requireConfirmation && $this->auth->user()->email_confirmed))) {
|
||||
return redirect('/');
|
||||
}
|
||||
|
||||
|
|
|
@ -1,21 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace BookStack\Jobs;
|
||||
|
||||
use Illuminate\Bus\Queueable;
|
||||
|
||||
abstract class Job
|
||||
{
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Queueable Jobs
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| This job base class provides a central location to place any logic that
|
||||
| is shared across all of your jobs. The trait included with the class
|
||||
| provides access to the "queueOn" and "delay" queue helper methods.
|
||||
|
|
||||
*/
|
||||
|
||||
use Queueable;
|
||||
}
|
48
app/Notifications/ConfirmEmail.php
Normal file
48
app/Notifications/ConfirmEmail.php
Normal file
|
@ -0,0 +1,48 @@
|
|||
<?php
|
||||
|
||||
namespace BookStack\Notifications;
|
||||
|
||||
use Illuminate\Notifications\Notification;
|
||||
use Illuminate\Notifications\Messages\MailMessage;
|
||||
|
||||
class ConfirmEmail extends Notification
|
||||
{
|
||||
|
||||
public $token;
|
||||
|
||||
/**
|
||||
* Create a new notification instance.
|
||||
* @param string $token
|
||||
*/
|
||||
public function __construct($token)
|
||||
{
|
||||
$this->token = $token;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the notification's delivery channels.
|
||||
*
|
||||
* @param mixed $notifiable
|
||||
* @return array
|
||||
*/
|
||||
public function via($notifiable)
|
||||
{
|
||||
return ['mail'];
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the mail representation of the notification.
|
||||
*
|
||||
* @param mixed $notifiable
|
||||
* @return \Illuminate\Notifications\Messages\MailMessage
|
||||
*/
|
||||
public function toMail($notifiable)
|
||||
{
|
||||
return (new MailMessage)
|
||||
->subject('Confirm your email on ' . session('app-name'))
|
||||
->greeting('Thanks for joining ' . setting('app-name') . '!')
|
||||
->line('Please confirm your email address by clicking the button below:')
|
||||
->action('Confirm Email', baseUrl('/register/confirm/' . $this->token));
|
||||
}
|
||||
|
||||
}
|
50
app/Notifications/ResetPassword.php
Normal file
50
app/Notifications/ResetPassword.php
Normal file
|
@ -0,0 +1,50 @@
|
|||
<?php
|
||||
|
||||
namespace BookStack\Notifications;
|
||||
|
||||
use Illuminate\Notifications\Notification;
|
||||
use Illuminate\Notifications\Messages\MailMessage;
|
||||
|
||||
class ResetPassword extends Notification
|
||||
{
|
||||
/**
|
||||
* The password reset token.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
public $token;
|
||||
|
||||
/**
|
||||
* Create a notification instance.
|
||||
*
|
||||
* @param string $token
|
||||
*/
|
||||
public function __construct($token)
|
||||
{
|
||||
$this->token = $token;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the notification's channels.
|
||||
*
|
||||
* @param mixed $notifiable
|
||||
* @return array|string
|
||||
*/
|
||||
public function via($notifiable)
|
||||
{
|
||||
return ['mail'];
|
||||
}
|
||||
|
||||
/**
|
||||
* Build the mail representation of the notification.
|
||||
*
|
||||
* @return \Illuminate\Notifications\Messages\MailMessage
|
||||
*/
|
||||
public function toMail()
|
||||
{
|
||||
return (new MailMessage)
|
||||
->line('You are receiving this email because we received a password reset request for your account.')
|
||||
->action('Reset Password', baseUrl('password/reset/' . $this->token))
|
||||
->line('If you did not request a password reset, no further action is required.');
|
||||
}
|
||||
}
|
26
app/Providers/BroadcastServiceProvider.php
Normal file
26
app/Providers/BroadcastServiceProvider.php
Normal file
|
@ -0,0 +1,26 @@
|
|||
<?php
|
||||
|
||||
namespace BookStack\Providers;
|
||||
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
use Illuminate\Support\Facades\Broadcast;
|
||||
|
||||
class BroadcastServiceProvider extends ServiceProvider
|
||||
{
|
||||
/**
|
||||
* Bootstrap any application services.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function boot()
|
||||
{
|
||||
// Broadcast::routes();
|
||||
//
|
||||
// /*
|
||||
// * Authenticate the user's personal channel...
|
||||
// */
|
||||
// Broadcast::channel('BookStack.User.*', function ($user, $userId) {
|
||||
// return (int) $user->id === (int) $userId;
|
||||
// });
|
||||
}
|
||||
}
|
|
@ -21,13 +21,10 @@ class EventServiceProvider extends ServiceProvider
|
|||
/**
|
||||
* Register any other events for your application.
|
||||
*
|
||||
* @param \Illuminate\Contracts\Events\Dispatcher $events
|
||||
* @return void
|
||||
*/
|
||||
public function boot(DispatcherContract $events)
|
||||
public function boot()
|
||||
{
|
||||
parent::boot($events);
|
||||
|
||||
//
|
||||
parent::boot();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,11 +1,12 @@
|
|||
<?php namespace BookStack\Providers;
|
||||
|
||||
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
use Illuminate\Pagination\PaginationServiceProvider as IlluminatePaginationServiceProvider;
|
||||
use Illuminate\Pagination\Paginator;
|
||||
|
||||
class PaginationServiceProvider extends ServiceProvider
|
||||
class PaginationServiceProvider extends IlluminatePaginationServiceProvider
|
||||
{
|
||||
|
||||
/**
|
||||
* Register the service provider.
|
||||
*
|
||||
|
@ -13,6 +14,10 @@ class PaginationServiceProvider extends ServiceProvider
|
|||
*/
|
||||
public function register()
|
||||
{
|
||||
Paginator::viewFactoryResolver(function () {
|
||||
return $this->app['view'];
|
||||
});
|
||||
|
||||
Paginator::currentPathResolver(function () {
|
||||
return baseUrl($this->app['request']->path());
|
||||
});
|
||||
|
|
|
@ -4,6 +4,7 @@ namespace BookStack\Providers;
|
|||
|
||||
use Illuminate\Routing\Router;
|
||||
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
|
||||
use Route;
|
||||
|
||||
class RouteServiceProvider extends ServiceProvider
|
||||
{
|
||||
|
@ -19,26 +20,54 @@ class RouteServiceProvider extends ServiceProvider
|
|||
/**
|
||||
* Define your route model bindings, pattern filters, etc.
|
||||
*
|
||||
* @param \Illuminate\Routing\Router $router
|
||||
* @return void
|
||||
*/
|
||||
public function boot(Router $router)
|
||||
public function boot()
|
||||
{
|
||||
//
|
||||
|
||||
parent::boot($router);
|
||||
parent::boot();
|
||||
}
|
||||
|
||||
/**
|
||||
* Define the routes for the application.
|
||||
*
|
||||
* @param \Illuminate\Routing\Router $router
|
||||
* @return void
|
||||
*/
|
||||
public function map(Router $router)
|
||||
public function map()
|
||||
{
|
||||
$router->group(['namespace' => $this->namespace], function ($router) {
|
||||
require app_path('Http/routes.php');
|
||||
$this->mapWebRoutes();
|
||||
// $this->mapApiRoutes();
|
||||
}
|
||||
/**
|
||||
* Define the "web" routes for the application.
|
||||
*
|
||||
* These routes all receive session state, CSRF protection, etc.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
protected function mapWebRoutes()
|
||||
{
|
||||
Route::group([
|
||||
'middleware' => 'web',
|
||||
'namespace' => $this->namespace,
|
||||
], function ($router) {
|
||||
require base_path('routes/web.php');
|
||||
});
|
||||
}
|
||||
/**
|
||||
* Define the "api" routes for the application.
|
||||
*
|
||||
* These routes are typically stateless.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
protected function mapApiRoutes()
|
||||
{
|
||||
Route::group([
|
||||
'middleware' => 'api',
|
||||
'namespace' => $this->namespace,
|
||||
'prefix' => 'api',
|
||||
], function ($router) {
|
||||
require base_path('routes/api.php');
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
|
@ -110,31 +110,6 @@ class PageRepo extends EntityRepo
|
|||
return $this->page->where('slug', '=', $slug)->where('book_id', '=', $bookId)->count();
|
||||
}
|
||||
|
||||
/**
|
||||
* Save a new page into the system.
|
||||
* Input validation must be done beforehand.
|
||||
* @param array $input
|
||||
* @param Book $book
|
||||
* @param int $chapterId
|
||||
* @return Page
|
||||
*/
|
||||
public function saveNew(array $input, Book $book, $chapterId = null)
|
||||
{
|
||||
$page = $this->newFromInput($input);
|
||||
$page->slug = $this->findSuitableSlug($page->name, $book->id);
|
||||
|
||||
if ($chapterId) $page->chapter_id = $chapterId;
|
||||
|
||||
$page->html = $this->formatHtml($input['html']);
|
||||
$page->text = strip_tags($page->html);
|
||||
$page->created_by = auth()->user()->id;
|
||||
$page->updated_by = auth()->user()->id;
|
||||
|
||||
$book->pages()->save($page);
|
||||
return $page;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Publish a draft page to make it a normal page.
|
||||
* Sets the slug and updates the content.
|
||||
|
@ -371,7 +346,7 @@ class PageRepo extends EntityRepo
|
|||
*/
|
||||
public function saveRevision(Page $page, $summary = null)
|
||||
{
|
||||
$revision = $this->pageRevision->fill($page->toArray());
|
||||
$revision = $this->pageRevision->newInstance($page->toArray());
|
||||
if (setting('app-editor') !== 'markdown') $revision->markdown = '';
|
||||
$revision->page_id = $page->id;
|
||||
$revision->slug = $page->slug;
|
||||
|
@ -381,11 +356,13 @@ class PageRepo extends EntityRepo
|
|||
$revision->type = 'version';
|
||||
$revision->summary = $summary;
|
||||
$revision->save();
|
||||
|
||||
// Clear old revisions
|
||||
if ($this->pageRevision->where('page_id', '=', $page->id)->count() > 50) {
|
||||
$this->pageRevision->where('page_id', '=', $page->id)
|
||||
->orderBy('created_at', 'desc')->skip(50)->take(5)->delete();
|
||||
}
|
||||
|
||||
return $revision;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,30 +1,27 @@
|
|||
<?php namespace BookStack\Services;
|
||||
|
||||
|
||||
use BookStack\Notifications\ConfirmEmail;
|
||||
use BookStack\Repos\UserRepo;
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Contracts\Mail\Mailer;
|
||||
use Illuminate\Mail\Message;
|
||||
use BookStack\EmailConfirmation;
|
||||
use BookStack\Exceptions\ConfirmationEmailException;
|
||||
use BookStack\Exceptions\UserRegistrationException;
|
||||
use BookStack\Repos\UserRepo;
|
||||
use BookStack\Setting;
|
||||
use BookStack\User;
|
||||
use Illuminate\Database\Connection as Database;
|
||||
|
||||
class EmailConfirmationService
|
||||
{
|
||||
protected $mailer;
|
||||
protected $emailConfirmation;
|
||||
protected $db;
|
||||
protected $users;
|
||||
|
||||
/**
|
||||
* EmailConfirmationService constructor.
|
||||
* @param Mailer $mailer
|
||||
* @param EmailConfirmation $emailConfirmation
|
||||
* @param Database $db
|
||||
* @param UserRepo $users
|
||||
*/
|
||||
public function __construct(Mailer $mailer, EmailConfirmation $emailConfirmation)
|
||||
public function __construct(Database $db, UserRepo $users)
|
||||
{
|
||||
$this->mailer = $mailer;
|
||||
$this->emailConfirmation = $emailConfirmation;
|
||||
$this->db = $db;
|
||||
$this->users = $users;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -38,16 +35,28 @@ class EmailConfirmationService
|
|||
if ($user->email_confirmed) {
|
||||
throw new ConfirmationEmailException('Email has already been confirmed, Try logging in.', '/login');
|
||||
}
|
||||
|
||||
$this->deleteConfirmationsByUser($user);
|
||||
$token = $this->createEmailConfirmation($user);
|
||||
|
||||
$user->notify(new ConfirmEmail($token));
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new email confirmation in the database and returns the token.
|
||||
* @param User $user
|
||||
* @return string
|
||||
*/
|
||||
public function createEmailConfirmation(User $user)
|
||||
{
|
||||
$token = $this->getToken();
|
||||
$this->emailConfirmation->create([
|
||||
$this->db->table('email_confirmations')->insert([
|
||||
'user_id' => $user->id,
|
||||
'token' => $token,
|
||||
'token' => $token,
|
||||
'created_at' => Carbon::now(),
|
||||
'updated_at' => Carbon::now()
|
||||
]);
|
||||
$this->mailer->send('emails/email-confirmation', ['token' => $token], function (Message $message) use ($user) {
|
||||
$appName = setting('app-name', 'BookStack');
|
||||
$message->to($user->email, $user->name)->subject('Confirm your email on ' . $appName . '.');
|
||||
});
|
||||
return $token;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -59,22 +68,24 @@ class EmailConfirmationService
|
|||
*/
|
||||
public function getEmailConfirmationFromToken($token)
|
||||
{
|
||||
$emailConfirmation = $this->emailConfirmation->where('token', '=', $token)->first();
|
||||
// If not found
|
||||
$emailConfirmation = $this->db->table('email_confirmations')->where('token', '=', $token)->first();
|
||||
|
||||
// If not found show error
|
||||
if ($emailConfirmation === null) {
|
||||
throw new UserRegistrationException('This confirmation token is not valid or has already been used, Please try registering again.', '/register');
|
||||
}
|
||||
|
||||
// If more than a day old
|
||||
if (Carbon::now()->subDay()->gt($emailConfirmation->created_at)) {
|
||||
$this->sendConfirmation($emailConfirmation->user);
|
||||
if (Carbon::now()->subDay()->gt(new Carbon($emailConfirmation->created_at))) {
|
||||
$user = $this->users->getById($emailConfirmation->user_id);
|
||||
$this->sendConfirmation($user);
|
||||
throw new UserRegistrationException('The confirmation token has expired, A new confirmation email has been sent.', '/register/confirm');
|
||||
}
|
||||
|
||||
$emailConfirmation->user = $this->users->getById($emailConfirmation->user_id);
|
||||
return $emailConfirmation;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Delete all email confirmations that belong to a user.
|
||||
* @param User $user
|
||||
|
@ -82,7 +93,7 @@ class EmailConfirmationService
|
|||
*/
|
||||
public function deleteConfirmationsByUser(User $user)
|
||||
{
|
||||
return $this->emailConfirmation->where('user_id', '=', $user->id)->delete();
|
||||
return $this->db->table('email_confirmations')->where('user_id', '=', $user->id)->delete();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -92,7 +103,7 @@ class EmailConfirmationService
|
|||
protected function getToken()
|
||||
{
|
||||
$token = str_random(24);
|
||||
while ($this->emailConfirmation->where('token', '=', $token)->exists()) {
|
||||
while ($this->db->table('email_confirmations')->where('token', '=', $token)->exists()) {
|
||||
$token = str_random(25);
|
||||
}
|
||||
return $token;
|
||||
|
|
|
@ -9,14 +9,15 @@ use BookStack\Page;
|
|||
use BookStack\Role;
|
||||
use BookStack\User;
|
||||
use Illuminate\Support\Collection;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class PermissionService
|
||||
{
|
||||
|
||||
protected $userRoles;
|
||||
protected $isAdmin;
|
||||
protected $currentAction;
|
||||
protected $currentUser;
|
||||
protected $isAdminUser;
|
||||
protected $userRoles = false;
|
||||
protected $currentUserModel = false;
|
||||
|
||||
public $book;
|
||||
public $chapter;
|
||||
|
@ -37,12 +38,6 @@ class PermissionService
|
|||
*/
|
||||
public function __construct(JointPermission $jointPermission, Book $book, Chapter $chapter, Page $page, Role $role)
|
||||
{
|
||||
$this->currentUser = auth()->user();
|
||||
$userSet = $this->currentUser !== null;
|
||||
$this->userRoles = false;
|
||||
$this->isAdmin = $userSet ? $this->currentUser->hasRole('admin') : false;
|
||||
if (!$userSet) $this->currentUser = new User();
|
||||
|
||||
$this->jointPermission = $jointPermission;
|
||||
$this->role = $role;
|
||||
$this->book = $book;
|
||||
|
@ -117,7 +112,7 @@ class PermissionService
|
|||
}
|
||||
|
||||
|
||||
foreach ($this->currentUser->roles as $role) {
|
||||
foreach ($this->currentUser()->roles as $role) {
|
||||
$roles[] = $role->id;
|
||||
}
|
||||
return $roles;
|
||||
|
@ -389,7 +384,11 @@ class PermissionService
|
|||
*/
|
||||
public function checkOwnableUserAccess(Ownable $ownable, $permission)
|
||||
{
|
||||
if ($this->isAdmin) return true;
|
||||
if ($this->isAdmin()) {
|
||||
$this->clean();
|
||||
return true;
|
||||
}
|
||||
|
||||
$explodedPermission = explode('-', $permission);
|
||||
|
||||
$baseQuery = $ownable->where('id', '=', $ownable->id);
|
||||
|
@ -400,10 +399,10 @@ class PermissionService
|
|||
|
||||
// Handle non entity specific jointPermissions
|
||||
if (in_array($explodedPermission[0], $nonJointPermissions)) {
|
||||
$allPermission = $this->currentUser && $this->currentUser->can($permission . '-all');
|
||||
$ownPermission = $this->currentUser && $this->currentUser->can($permission . '-own');
|
||||
$allPermission = $this->currentUser() && $this->currentUser()->can($permission . '-all');
|
||||
$ownPermission = $this->currentUser() && $this->currentUser()->can($permission . '-own');
|
||||
$this->currentAction = 'view';
|
||||
$isOwner = $this->currentUser && $this->currentUser->id === $ownable->created_by;
|
||||
$isOwner = $this->currentUser() && $this->currentUser()->id === $ownable->created_by;
|
||||
return ($allPermission || ($isOwner && $ownPermission));
|
||||
}
|
||||
|
||||
|
@ -413,7 +412,9 @@ class PermissionService
|
|||
}
|
||||
|
||||
|
||||
return $this->entityRestrictionQuery($baseQuery)->count() > 0;
|
||||
$q = $this->entityRestrictionQuery($baseQuery)->count() > 0;
|
||||
$this->clean();
|
||||
return $q;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -443,7 +444,7 @@ class PermissionService
|
|||
*/
|
||||
protected function entityRestrictionQuery($query)
|
||||
{
|
||||
return $query->where(function ($parentQuery) {
|
||||
$q = $query->where(function ($parentQuery) {
|
||||
$parentQuery->whereHas('jointPermissions', function ($permissionQuery) {
|
||||
$permissionQuery->whereIn('role_id', $this->getRoles())
|
||||
->where('action', '=', $this->currentAction)
|
||||
|
@ -451,11 +452,13 @@ class PermissionService
|
|||
$query->where('has_permission', '=', true)
|
||||
->orWhere(function ($query) {
|
||||
$query->where('has_permission_own', '=', true)
|
||||
->where('created_by', '=', $this->currentUser->id);
|
||||
->where('created_by', '=', $this->currentUser()->id);
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
$this->clean();
|
||||
return $q;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -469,9 +472,9 @@ class PermissionService
|
|||
// Prevent drafts being visible to others.
|
||||
$query = $query->where(function ($query) {
|
||||
$query->where('draft', '=', false);
|
||||
if ($this->currentUser) {
|
||||
if ($this->currentUser()) {
|
||||
$query->orWhere(function ($query) {
|
||||
$query->where('draft', '=', true)->where('created_by', '=', $this->currentUser->id);
|
||||
$query->where('draft', '=', true)->where('created_by', '=', $this->currentUser()->id);
|
||||
});
|
||||
}
|
||||
});
|
||||
|
@ -509,7 +512,10 @@ class PermissionService
|
|||
*/
|
||||
public function enforceEntityRestrictions($query, $action = 'view')
|
||||
{
|
||||
if ($this->isAdmin) return $query;
|
||||
if ($this->isAdmin()) {
|
||||
$this->clean();
|
||||
return $query;
|
||||
}
|
||||
$this->currentAction = $action;
|
||||
return $this->entityRestrictionQuery($query);
|
||||
}
|
||||
|
@ -524,11 +530,15 @@ class PermissionService
|
|||
*/
|
||||
public function filterRestrictedEntityRelations($query, $tableName, $entityIdColumn, $entityTypeColumn)
|
||||
{
|
||||
if ($this->isAdmin) return $query;
|
||||
if ($this->isAdmin()) {
|
||||
$this->clean();
|
||||
return $query;
|
||||
}
|
||||
|
||||
$this->currentAction = 'view';
|
||||
$tableDetails = ['tableName' => $tableName, 'entityIdColumn' => $entityIdColumn, 'entityTypeColumn' => $entityTypeColumn];
|
||||
|
||||
return $query->where(function ($query) use ($tableDetails) {
|
||||
$q = $query->where(function ($query) use ($tableDetails) {
|
||||
$query->whereExists(function ($permissionQuery) use (&$tableDetails) {
|
||||
$permissionQuery->select('id')->from('joint_permissions')
|
||||
->whereRaw('joint_permissions.entity_id=' . $tableDetails['tableName'] . '.' . $tableDetails['entityIdColumn'])
|
||||
|
@ -538,12 +548,12 @@ class PermissionService
|
|||
->where(function ($query) {
|
||||
$query->where('has_permission', '=', true)->orWhere(function ($query) {
|
||||
$query->where('has_permission_own', '=', true)
|
||||
->where('created_by', '=', $this->currentUser->id);
|
||||
->where('created_by', '=', $this->currentUser()->id);
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
return $q;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -555,11 +565,15 @@ class PermissionService
|
|||
*/
|
||||
public function filterRelatedPages($query, $tableName, $entityIdColumn)
|
||||
{
|
||||
if ($this->isAdmin) return $query;
|
||||
if ($this->isAdmin()) {
|
||||
$this->clean();
|
||||
return $query;
|
||||
}
|
||||
|
||||
$this->currentAction = 'view';
|
||||
$tableDetails = ['tableName' => $tableName, 'entityIdColumn' => $entityIdColumn];
|
||||
|
||||
return $query->where(function ($query) use ($tableDetails) {
|
||||
$q = $query->where(function ($query) use ($tableDetails) {
|
||||
$query->where(function ($query) use (&$tableDetails) {
|
||||
$query->whereExists(function ($permissionQuery) use (&$tableDetails) {
|
||||
$permissionQuery->select('id')->from('joint_permissions')
|
||||
|
@ -570,12 +584,50 @@ class PermissionService
|
|||
->where(function ($query) {
|
||||
$query->where('has_permission', '=', true)->orWhere(function ($query) {
|
||||
$query->where('has_permission_own', '=', true)
|
||||
->where('created_by', '=', $this->currentUser->id);
|
||||
->where('created_by', '=', $this->currentUser()->id);
|
||||
});
|
||||
});
|
||||
});
|
||||
})->orWhere($tableDetails['entityIdColumn'], '=', 0);
|
||||
});
|
||||
$this->clean();
|
||||
return $q;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the current user is an admin.
|
||||
* @return bool
|
||||
*/
|
||||
private function isAdmin()
|
||||
{
|
||||
if ($this->isAdminUser === null) {
|
||||
$this->isAdminUser = ($this->currentUser()->id !== null) ? $this->currentUser()->hasRole('admin') : false;
|
||||
}
|
||||
|
||||
return $this->isAdminUser;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the current user
|
||||
* @return User
|
||||
*/
|
||||
private function currentUser()
|
||||
{
|
||||
if ($this->currentUserModel === false) {
|
||||
$this->currentUserModel = auth()->user() ? auth()->user() : new User();
|
||||
}
|
||||
|
||||
return $this->currentUserModel;
|
||||
}
|
||||
|
||||
/**
|
||||
* Clean the cached user elements.
|
||||
*/
|
||||
private function clean()
|
||||
{
|
||||
$this->currentUserModel = false;
|
||||
$this->userRoles = false;
|
||||
$this->isAdminUser = null;
|
||||
}
|
||||
|
||||
}
|
14
app/User.php
14
app/User.php
|
@ -1,13 +1,15 @@
|
|||
<?php namespace BookStack;
|
||||
|
||||
use BookStack\Notifications\ResetPassword;
|
||||
use Illuminate\Auth\Authenticatable;
|
||||
use Illuminate\Auth\Passwords\CanResetPassword;
|
||||
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
|
||||
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
|
||||
use Illuminate\Notifications\Notifiable;
|
||||
|
||||
class User extends Model implements AuthenticatableContract, CanResetPasswordContract
|
||||
{
|
||||
use Authenticatable, CanResetPassword;
|
||||
use Authenticatable, CanResetPassword, Notifiable;
|
||||
|
||||
/**
|
||||
* The database table used by the model.
|
||||
|
@ -183,4 +185,14 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
|
|||
|
||||
return '';
|
||||
}
|
||||
|
||||
/**
|
||||
* Send the password reset notification.
|
||||
* @param string $token
|
||||
* @return void
|
||||
*/
|
||||
public function sendPasswordResetNotification($token)
|
||||
{
|
||||
$this->notify(new ResetPassword($token));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -63,7 +63,7 @@ function userCan($permission, Ownable $ownable = null)
|
|||
*/
|
||||
function setting($key, $default = false)
|
||||
{
|
||||
$settingService = app('BookStack\Services\SettingService');
|
||||
$settingService = app(\BookStack\Services\SettingService::class);
|
||||
return $settingService->get($key, $default);
|
||||
}
|
||||
|
||||
|
@ -79,11 +79,17 @@ function baseUrl($path, $forceAppDomain = false)
|
|||
if ($isFullUrl && !$forceAppDomain) return $path;
|
||||
$path = trim($path, '/');
|
||||
|
||||
// Remove non-specified domain if forced and we have a domain
|
||||
if ($isFullUrl && $forceAppDomain) {
|
||||
$explodedPath = explode('/', $path);
|
||||
$path = implode('/', array_splice($explodedPath, 3));
|
||||
}
|
||||
|
||||
// Return normal url path if not specified in config
|
||||
if (config('app.url') === '') {
|
||||
return url($path);
|
||||
}
|
||||
|
||||
return rtrim(config('app.url'), '/') . '/' . $path;
|
||||
}
|
||||
|
||||
|
|
|
@ -5,23 +5,22 @@
|
|||
"license": "MIT",
|
||||
"type": "project",
|
||||
"require": {
|
||||
"php": ">=5.5.9",
|
||||
"laravel/framework": "5.2.*",
|
||||
"php": ">=5.6.4",
|
||||
"laravel/framework": "^5.3.4",
|
||||
"intervention/image": "^2.3",
|
||||
"laravel/socialite": "^2.0",
|
||||
"barryvdh/laravel-ide-helper": "^2.1",
|
||||
"barryvdh/laravel-debugbar": "^2.0",
|
||||
"barryvdh/laravel-debugbar": "^2.2.3",
|
||||
"league/flysystem-aws-s3-v3": "^1.0",
|
||||
"barryvdh/laravel-dompdf": "0.6.*",
|
||||
"predis/predis": "^1.0"
|
||||
"barryvdh/laravel-dompdf": "^0.7",
|
||||
"predis/predis": "^1.1"
|
||||
},
|
||||
"require-dev": {
|
||||
"fzaninotto/faker": "~1.4",
|
||||
"mockery/mockery": "0.9.*",
|
||||
"phpunit/phpunit": "~4.0",
|
||||
"phpspec/phpspec": "~2.1",
|
||||
"symfony/dom-crawler": "~3.0",
|
||||
"symfony/css-selector": "~3.0"
|
||||
"phpunit/phpunit": "~5.0",
|
||||
"symfony/css-selector": "3.1.*",
|
||||
"symfony/dom-crawler": "3.1.*"
|
||||
},
|
||||
"autoload": {
|
||||
"classmap": [
|
||||
|
@ -37,21 +36,19 @@
|
|||
]
|
||||
},
|
||||
"scripts": {
|
||||
"post-install-cmd": [
|
||||
"php artisan clear-compiled",
|
||||
"php artisan optimize"
|
||||
],
|
||||
"pre-update-cmd": [
|
||||
"php artisan clear-compiled"
|
||||
],
|
||||
"post-update-cmd": [
|
||||
"php artisan optimize"
|
||||
],
|
||||
"post-root-package-install": [
|
||||
"php -r \"copy('.env.example', '.env');\""
|
||||
"php -r \"file_exists('.env') || copy('.env.example', '.env');\""
|
||||
],
|
||||
"post-create-project-cmd": [
|
||||
"php artisan key:generate"
|
||||
],
|
||||
"post-install-cmd": [
|
||||
"Illuminate\\Foundation\\ComposerScripts::postInstall",
|
||||
"php artisan optimize"
|
||||
],
|
||||
"post-update-cmd": [
|
||||
"Illuminate\\Foundation\\ComposerScripts::postUpdate",
|
||||
"php artisan optimize"
|
||||
]
|
||||
},
|
||||
"config": {
|
||||
|
|
1457
composer.lock
generated
1457
composer.lock
generated
File diff suppressed because it is too large
Load diff
|
@ -138,6 +138,7 @@ return [
|
|||
Illuminate\Translation\TranslationServiceProvider::class,
|
||||
Illuminate\Validation\ValidationServiceProvider::class,
|
||||
Illuminate\View\ViewServiceProvider::class,
|
||||
Illuminate\Notifications\NotificationServiceProvider::class,
|
||||
Laravel\Socialite\SocialiteServiceProvider::class,
|
||||
|
||||
/**
|
||||
|
@ -156,6 +157,7 @@ return [
|
|||
|
||||
BookStack\Providers\AuthServiceProvider::class,
|
||||
BookStack\Providers\AppServiceProvider::class,
|
||||
BookStack\Providers\BroadcastServiceProvider::class,
|
||||
BookStack\Providers\EventServiceProvider::class,
|
||||
BookStack\Providers\RouteServiceProvider::class,
|
||||
BookStack\Providers\CustomFacadeProvider::class,
|
||||
|
@ -194,6 +196,7 @@ return [
|
|||
'Lang' => Illuminate\Support\Facades\Lang::class,
|
||||
'Log' => Illuminate\Support\Facades\Log::class,
|
||||
'Mail' => Illuminate\Support\Facades\Mail::class,
|
||||
'Notification' => Illuminate\Support\Facades\Notification::class,
|
||||
'Password' => Illuminate\Support\Facades\Password::class,
|
||||
'Queue' => Illuminate\Support\Facades\Queue::class,
|
||||
'Redirect' => Illuminate\Support\Facades\Redirect::class,
|
||||
|
|
|
@ -129,7 +129,7 @@ class AddRolesAndPermissions extends Migration
|
|||
|
||||
// Set all current users as admins
|
||||
// (At this point only the initially create user should be an admin)
|
||||
$users = DB::table('users')->get();
|
||||
$users = DB::table('users')->get()->all();
|
||||
foreach ($users as $user) {
|
||||
DB::table('role_user')->insert([
|
||||
'role_id' => $adminId,
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
suites:
|
||||
main:
|
||||
namespace: BookStack
|
||||
psr4_prefix: BookStack
|
||||
src_path: app
|
15
resources/lang/en/auth.php
Normal file
15
resources/lang/en/auth.php
Normal file
|
@ -0,0 +1,15 @@
|
|||
<?php
|
||||
return [
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Authentication Language Lines
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| The following language lines are used during authentication for various
|
||||
| messages that we need to display to the user. You are free to modify
|
||||
| these language lines according to your application's requirements.
|
||||
|
|
||||
*/
|
||||
'failed' => 'These credentials do not match our records.',
|
||||
'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
|
||||
];
|
|
@ -1,190 +0,0 @@
|
|||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml"
|
||||
style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;">
|
||||
|
||||
<head style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;">
|
||||
<meta name="viewport" content="width=device-width"
|
||||
style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;"/>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"
|
||||
style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;"/>
|
||||
<title>Confirm Your Email At {{ setting('app-name')}}</title>
|
||||
<style style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;">
|
||||
* {
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
font-family: "Helvetica Neue", "Helvetica", Helvetica, Arial, sans-serif;
|
||||
font-size: 100%;
|
||||
line-height: 1.6;
|
||||
}
|
||||
|
||||
img {
|
||||
max-width: 100%;
|
||||
}
|
||||
|
||||
body {
|
||||
-webkit-font-smoothing: antialiased;
|
||||
-webkit-text-size-adjust: none;
|
||||
width: 100% !important;
|
||||
height: 100%;
|
||||
}
|
||||
|
||||
a {
|
||||
color: #348eda;
|
||||
}
|
||||
|
||||
.btn-primary {
|
||||
text-decoration: none;
|
||||
color: #FFF;
|
||||
background-color: #348eda;
|
||||
border: solid #348eda;
|
||||
border-width: 10px 20px;
|
||||
line-height: 2;
|
||||
font-weight: bold;
|
||||
margin-right: 10px;
|
||||
text-align: center;
|
||||
cursor: pointer;
|
||||
display: inline-block;
|
||||
border-radius: 4px;
|
||||
}
|
||||
|
||||
.btn-secondary {
|
||||
text-decoration: none;
|
||||
color: #FFF;
|
||||
background-color: #aaa;
|
||||
border: solid #aaa;
|
||||
border-width: 10px 20px;
|
||||
line-height: 2;
|
||||
font-weight: bold;
|
||||
margin-right: 10px;
|
||||
text-align: center;
|
||||
cursor: pointer;
|
||||
display: inline-block;
|
||||
border-radius: 25px;
|
||||
}
|
||||
|
||||
.last {
|
||||
margin-bottom: 0;
|
||||
}
|
||||
|
||||
.first {
|
||||
margin-top: 0;
|
||||
}
|
||||
|
||||
.padding {
|
||||
padding: 10px 0;
|
||||
}
|
||||
|
||||
table.body-wrap {
|
||||
width: 100%;
|
||||
padding: 20px;
|
||||
}
|
||||
|
||||
table.body-wrap .container {
|
||||
border: 1px solid #f0f0f0;
|
||||
}
|
||||
|
||||
h1,
|
||||
h2,
|
||||
h3 {
|
||||
font-family: "Helvetica Neue", Helvetica, Arial, "Lucida Grande", sans-serif;
|
||||
color: #444;
|
||||
margin: 10px 0 10px;
|
||||
line-height: 1.2;
|
||||
font-weight: 200;
|
||||
}
|
||||
|
||||
h1 {
|
||||
font-size: 36px;
|
||||
}
|
||||
|
||||
h2 {
|
||||
font-size: 28px;
|
||||
}
|
||||
|
||||
h3 {
|
||||
font-size: 22px;
|
||||
}
|
||||
|
||||
p,
|
||||
ul,
|
||||
ol {
|
||||
margin-bottom: 10px;
|
||||
font-weight: normal;
|
||||
font-size: 14px;
|
||||
color: #888888;
|
||||
}
|
||||
|
||||
ul li,
|
||||
ol li {
|
||||
margin-left: 5px;
|
||||
list-style-position: inside;
|
||||
}
|
||||
|
||||
.container {
|
||||
display: block !important;
|
||||
max-width: 600px !important;
|
||||
margin: 0 auto !important;
|
||||
clear: both !important;
|
||||
}
|
||||
|
||||
.body-wrap .container {
|
||||
padding: 20px;
|
||||
}
|
||||
|
||||
.content {
|
||||
max-width: 600px;
|
||||
margin: 0 auto;
|
||||
display: block;
|
||||
}
|
||||
|
||||
.content table {
|
||||
width: 100%;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
|
||||
<body bgcolor="#f6f6f6"
|
||||
style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;-webkit-font-smoothing:antialiased;-webkit-text-size-adjust:none;width:100%!important;height:100%;">
|
||||
<!-- body -->
|
||||
<table class="body-wrap" bgcolor="#f6f6f6"
|
||||
style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;width:100%;padding-top:20px;padding-bottom:20px;padding-right:20px;padding-left:20px;">
|
||||
<tr style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;">
|
||||
<td style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;"></td>
|
||||
<td class="container" bgcolor="#FFFFFF"
|
||||
style="font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;display:block!important;max-width:600px!important;margin-top:0 !important;margin-bottom:0 !important;margin-right:auto !important;margin-left:auto !important;clear:both!important;padding-top:20px;padding-bottom:20px;padding-right:20px;padding-left:20px;border-width:1px;border-style:solid;border-color:#f0f0f0;">
|
||||
<!-- content -->
|
||||
<div class="content"
|
||||
style="padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;max-width:600px;margin-top:0;margin-bottom:0;margin-right:auto;margin-left:auto;display:block;">
|
||||
<table style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;width:100%;">
|
||||
<tr style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;">
|
||||
<td style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;">
|
||||
<h1 style="padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif;color:#444;margin-top:10px;margin-bottom:10px;margin-right:0;margin-left:0;line-height:1.2;font-weight:200;font-size:36px;">
|
||||
Email Confirmation</h1>
|
||||
<p style="margin-top:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;line-height:1.6;margin-bottom:10px;font-weight:normal;font-size:14px;color:#888888;">
|
||||
Thanks for joining <a href="{{ baseUrl('/') }}">{{ setting('app-name')}}</a>. <br/>
|
||||
Please confirm your email address by clicking the button below.</p>
|
||||
<table style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;width:100%;">
|
||||
<tr style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;">
|
||||
<td class="padding"
|
||||
style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;padding-top:10px;padding-bottom:10px;padding-right:0;padding-left:0;">
|
||||
<p style="margin-top:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;line-height:1.6;margin-bottom:10px;font-weight:normal;font-size:14px;color:#888888;">
|
||||
<a class="btn-primary" href="{{ baseUrl('/register/confirm/' . $token) }}"
|
||||
style="margin-top:0;margin-bottom:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;text-decoration:none;color:#FFF;background-color:#348eda;border-style:solid;border-color:#348eda;border-width:10px 20px;line-height:2;font-weight:bold;margin-right:10px;text-align:center;cursor:pointer;display:inline-block;border-radius:4px;">Confirm
|
||||
Email</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<!-- /content -->
|
||||
</td>
|
||||
<td style="margin-top:0;margin-bottom:0;margin-right:0;margin-left:0;padding-top:0;padding-bottom:0;padding-right:0;padding-left:0;font-family:'Helvetica Neue', 'Helvetica', Helvetica, Arial, sans-serif;font-size:100%;line-height:1.6;"></td>
|
||||
</tr>
|
||||
</table>
|
||||
<!-- /body -->
|
||||
</body>
|
||||
|
||||
</html>
|
File diff suppressed because one or more lines are too long
|
@ -22,7 +22,7 @@
|
|||
<div class="row">
|
||||
<div class="col-sm-8">
|
||||
<div class="compact">
|
||||
{!! $users->links() !!}
|
||||
{{ $users->links() }}
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-4">
|
||||
|
@ -76,7 +76,7 @@
|
|||
</table>
|
||||
|
||||
<div>
|
||||
{!! $users->links() !!}
|
||||
{{ $users->links() }}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
0
resources/views/vendor/.gitkeep
vendored
0
resources/views/vendor/.gitkeep
vendored
22
resources/views/vendor/notifications/email-plain.blade.php
vendored
Normal file
22
resources/views/vendor/notifications/email-plain.blade.php
vendored
Normal file
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
|
||||
if (! empty($greeting)) {
|
||||
echo $greeting, "\n\n";
|
||||
} else {
|
||||
echo $level == 'error' ? 'Whoops!' : 'Hello!', "\n\n";
|
||||
}
|
||||
|
||||
if (! empty($introLines)) {
|
||||
echo implode("\n", $introLines), "\n\n";
|
||||
}
|
||||
|
||||
if (isset($actionText)) {
|
||||
echo "{$actionText}: {$actionUrl}", "\n\n";
|
||||
}
|
||||
|
||||
if (! empty($outroLines)) {
|
||||
echo implode("\n", $outroLines), "\n\n";
|
||||
}
|
||||
|
||||
echo 'Regards,', "\n";
|
||||
echo config('app.name'), "\n";
|
206
resources/views/vendor/notifications/email.blade.php
vendored
Normal file
206
resources/views/vendor/notifications/email.blade.php
vendored
Normal file
|
@ -0,0 +1,206 @@
|
|||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html>
|
||||
<head>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
|
||||
|
||||
<style type="text/css" rel="stylesheet" media="all">
|
||||
/* Media Queries */
|
||||
@media only screen and (max-width: 500px) {
|
||||
.button {
|
||||
width: 100% !important;
|
||||
}
|
||||
}
|
||||
|
||||
@media only screen and (max-width: 600px) {
|
||||
.button {
|
||||
width: 100% !important;
|
||||
}
|
||||
.mobile {
|
||||
max-width: 100%;
|
||||
display: block;
|
||||
width: 100%;
|
||||
}
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
|
||||
<?php
|
||||
|
||||
$style = [
|
||||
/* Layout ------------------------------ */
|
||||
|
||||
'body' => 'margin: 0; padding: 0; width: 100%; background-color: #F2F4F6;',
|
||||
'email-wrapper' => 'width: 100%; margin: 0; padding: 0; background-color: #F2F4F6;',
|
||||
|
||||
/* Masthead ----------------------- */
|
||||
|
||||
'email-masthead' => 'padding: 25px 0; text-align: center;',
|
||||
'email-masthead_name' => 'font-size: 24px; font-weight: 400; color: #2F3133; text-decoration: none; text-shadow: 0 1px 0 white;',
|
||||
|
||||
'email-body' => 'width: 100%; margin: 0; padding: 0; border-top: 4px solid '.setting('app-color').'; border-bottom: 1px solid #EDEFF2; background-color: #FFF;',
|
||||
'email-body_inner' => 'width: auto; max-width: 100%; margin: 0 auto; padding: 0;',
|
||||
'email-body_cell' => 'padding: 35px;',
|
||||
|
||||
'email-footer' => 'width: auto; max-width: 570px; margin: 0 auto; padding: 0; text-align: center;',
|
||||
'email-footer_cell' => 'color: #AEAEAE; padding: 35px; text-align: center;',
|
||||
|
||||
/* Body ------------------------------ */
|
||||
|
||||
'body_action' => 'width: 100%; margin: 30px auto; padding: 0; text-align: center;',
|
||||
'body_sub' => 'margin-top: 25px; padding-top: 25px; border-top: 1px solid #EDEFF2;',
|
||||
|
||||
/* Type ------------------------------ */
|
||||
|
||||
'anchor' => 'color: '.setting('app-color').';overflow-wrap: break-word;word-wrap: break-word;word-break: break-all;word-break:break-word;',
|
||||
'header-1' => 'margin-top: 0; color: #2F3133; font-size: 19px; font-weight: bold; text-align: left;',
|
||||
'paragraph' => 'margin-top: 0; color: #74787E; font-size: 16px; line-height: 1.5em;',
|
||||
'paragraph-sub' => 'margin-top: 0; color: #74787E; font-size: 12px; line-height: 1.5em;',
|
||||
'paragraph-center' => 'text-align: center;',
|
||||
|
||||
/* Buttons ------------------------------ */
|
||||
|
||||
'button' => 'display: block; display: inline-block; width: 200px; min-height: 20px; padding: 10px;
|
||||
background-color: #3869D4; border-radius: 3px; color: #ffffff; font-size: 15px; line-height: 25px;
|
||||
text-align: center; text-decoration: none; -webkit-text-size-adjust: none;',
|
||||
|
||||
'button--green' => 'background-color: #22BC66;',
|
||||
'button--red' => 'background-color: #dc4d2f;',
|
||||
'button--blue' => 'background-color: '.setting('app-color').';',
|
||||
];
|
||||
?>
|
||||
|
||||
<?php $fontFamily = 'font-family: Arial, \'Helvetica Neue\', Helvetica, sans-serif;'; ?>
|
||||
|
||||
<body style="{{ $style['body'] }}">
|
||||
<table width="100%" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td align="center" class="mobile">
|
||||
<table width="600" style="max-width: 100%; padding: 12px;text-align: left;" cellpadding="0" cellspacing="0" class="mobile">
|
||||
<tr>
|
||||
<td style="{{ $style['email-wrapper'] }}" align="center">
|
||||
<table width="100%" cellpadding="0" cellspacing="0">
|
||||
<!-- Logo -->
|
||||
<tr>
|
||||
<td style="{{ $style['email-masthead'] }}">
|
||||
<a style="{{ $fontFamily }} {{ $style['email-masthead_name'] }}" href="{{ baseUrl('/') }}" target="_blank">
|
||||
{{ setting('app-name') }}
|
||||
</a>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<!-- Email Body -->
|
||||
<tr>
|
||||
<td style="{{ $style['email-body'] }}" width="100%">
|
||||
<table style="{{ $style['email-body_inner'] }}" align="center" width="100%" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td style="{{ $fontFamily }} {{ $style['email-body_cell'] }}">
|
||||
|
||||
<!-- Greeting -->
|
||||
@if (!empty($greeting) || $level == 'error')
|
||||
<h1 style="{{ $style['header-1'] }}">
|
||||
@if (! empty($greeting))
|
||||
{{ $greeting }}
|
||||
@else
|
||||
@if ($level == 'error')
|
||||
Whoops!
|
||||
@endif
|
||||
@endif
|
||||
</h1>
|
||||
@endif
|
||||
|
||||
<!-- Intro -->
|
||||
@foreach ($introLines as $line)
|
||||
<p style="{{ $style['paragraph'] }}">
|
||||
{{ $line }}
|
||||
</p>
|
||||
@endforeach
|
||||
|
||||
<!-- Action Button -->
|
||||
@if (isset($actionText))
|
||||
<table style="{{ $style['body_action'] }}" align="center" width="100%" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td align="center">
|
||||
<?php
|
||||
switch ($level) {
|
||||
case 'success':
|
||||
$actionColor = 'button--green';
|
||||
break;
|
||||
case 'error':
|
||||
$actionColor = 'button--red';
|
||||
break;
|
||||
default:
|
||||
$actionColor = 'button--blue';
|
||||
}
|
||||
?>
|
||||
|
||||
<a href="{{ $actionUrl }}"
|
||||
style="{{ $fontFamily }} {{ $style['button'] }} {{ $style[$actionColor] }}"
|
||||
class="button"
|
||||
target="_blank">
|
||||
{{ $actionText }}
|
||||
</a>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
@endif
|
||||
|
||||
<!-- Outro -->
|
||||
@foreach ($outroLines as $line)
|
||||
<p style="{{ $style['paragraph'] }}">
|
||||
{{ $line }}
|
||||
</p>
|
||||
@endforeach
|
||||
|
||||
|
||||
<!-- Sub Copy -->
|
||||
@if (isset($actionText))
|
||||
<table style="{{ $style['body_sub'] }}">
|
||||
<tr>
|
||||
<td style="{{ $fontFamily }}">
|
||||
<p style="{{ $style['paragraph-sub'] }}">
|
||||
If you’re having trouble clicking the "{{ $actionText }}" button,
|
||||
copy and paste the URL below into your web browser:
|
||||
</p>
|
||||
|
||||
<p style="{{ $style['paragraph-sub'] }}">
|
||||
<a style="{{ $style['anchor'] }}" href="{{ $actionUrl }}" target="_blank">
|
||||
{{ $actionUrl }}
|
||||
</a>
|
||||
</p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
@endif
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<!-- Footer -->
|
||||
<tr>
|
||||
<td>
|
||||
<table style="{{ $style['email-footer'] }}" align="center" width="100%" cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<td style="{{ $fontFamily }} {{ $style['email-footer_cell'] }}">
|
||||
<p style="{{ $style['paragraph-sub'] }}">
|
||||
© {{ date('Y') }}
|
||||
<a style="{{ $style['anchor'] }}" href="{{ baseUrl('/') }}" target="_blank">{{ setting('app-name') }}</a>.
|
||||
All rights reserved.
|
||||
</p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</body>
|
||||
</html>
|
|
@ -139,27 +139,27 @@ Route::group(['middleware' => 'auth'], function () {
|
|||
|
||||
});
|
||||
|
||||
// Login using social authentication
|
||||
Route::get('/login/service/{socialDriver}', 'Auth\AuthController@getSocialLogin');
|
||||
Route::get('/login/service/{socialDriver}/callback', 'Auth\AuthController@socialCallback');
|
||||
Route::get('/login/service/{socialDriver}/detach', 'Auth\AuthController@detachSocialAccount');
|
||||
// Social auth routes
|
||||
Route::get('/login/service/{socialDriver}', 'Auth\RegisterController@getSocialLogin');
|
||||
Route::get('/login/service/{socialDriver}/callback', 'Auth\RegisterController@socialCallback');
|
||||
Route::get('/login/service/{socialDriver}/detach', 'Auth\RegisterController@detachSocialAccount');
|
||||
Route::get('/register/service/{socialDriver}', 'Auth\RegisterController@socialRegister');
|
||||
|
||||
// Login/Logout routes
|
||||
Route::get('/login', 'Auth\AuthController@getLogin');
|
||||
Route::post('/login', 'Auth\AuthController@postLogin');
|
||||
Route::get('/logout', 'Auth\AuthController@getLogout');
|
||||
Route::get('/register', 'Auth\AuthController@getRegister');
|
||||
Route::get('/register/confirm', 'Auth\AuthController@getRegisterConfirmation');
|
||||
Route::get('/register/confirm/awaiting', 'Auth\AuthController@showAwaitingConfirmation');
|
||||
Route::post('/register/confirm/resend', 'Auth\AuthController@resendConfirmation');
|
||||
Route::get('/register/confirm/{token}', 'Auth\AuthController@confirmEmail');
|
||||
Route::get('/register/confirm/{token}/email', 'Auth\AuthController@viewConfirmEmail');
|
||||
Route::get('/register/service/{socialDriver}', 'Auth\AuthController@socialRegister');
|
||||
Route::post('/register', 'Auth\AuthController@postRegister');
|
||||
Route::get('/login', 'Auth\LoginController@getLogin');
|
||||
Route::post('/login', 'Auth\LoginController@login');
|
||||
Route::get('/logout', 'Auth\LoginController@logout');
|
||||
Route::get('/register', 'Auth\RegisterController@getRegister');
|
||||
Route::get('/register/confirm', 'Auth\RegisterController@getRegisterConfirmation');
|
||||
Route::get('/register/confirm/awaiting', 'Auth\RegisterController@showAwaitingConfirmation');
|
||||
Route::post('/register/confirm/resend', 'Auth\RegisterController@resendConfirmation');
|
||||
Route::get('/register/confirm/{token}', 'Auth\RegisterController@confirmEmail');
|
||||
Route::post('/register', 'Auth\RegisterController@postRegister');
|
||||
|
||||
// Password reset link request routes...
|
||||
Route::get('/password/email', 'Auth\PasswordController@getEmail');
|
||||
Route::post('/password/email', 'Auth\PasswordController@postEmail');
|
||||
Route::get('/password/email', 'Auth\ForgotPasswordController@showLinkRequestForm');
|
||||
Route::post('/password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail');
|
||||
|
||||
// Password reset routes...
|
||||
Route::get('/password/reset/{token}', 'Auth\PasswordController@getReset');
|
||||
Route::post('/password/reset', 'Auth\PasswordController@postReset');
|
||||
Route::get('/password/reset/{token}', 'Auth\ResetPasswordController@showResetForm');
|
||||
Route::post('/password/reset', 'Auth\ResetPasswordController@reset');
|
|
@ -1,6 +1,7 @@
|
|||
<?php
|
||||
|
||||
use BookStack\EmailConfirmation;
|
||||
use BookStack\Notifications\ConfirmEmail;
|
||||
use Illuminate\Support\Facades\Notification;
|
||||
|
||||
class AuthTest extends TestCase
|
||||
{
|
||||
|
@ -57,15 +58,13 @@ class AuthTest extends TestCase
|
|||
|
||||
public function test_confirmed_registration()
|
||||
{
|
||||
// Fake notifications
|
||||
Notification::fake();
|
||||
|
||||
// Set settings and get user instance
|
||||
$this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true']);
|
||||
$user = factory(\BookStack\User::class)->make();
|
||||
|
||||
// Mock Mailer to ensure mail is being sent
|
||||
$mockMailer = Mockery::mock('Illuminate\Contracts\Mail\Mailer');
|
||||
$mockMailer->shouldReceive('send')->with('emails/email-confirmation', Mockery::type('array'), Mockery::type('callable'))->twice();
|
||||
$this->app->instance('mailer', $mockMailer);
|
||||
|
||||
// Go through registration process
|
||||
$this->visit('/register')
|
||||
->see('Sign Up')
|
||||
|
@ -76,6 +75,10 @@ class AuthTest extends TestCase
|
|||
->seePageIs('/register/confirm')
|
||||
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
|
||||
|
||||
// Ensure notification sent
|
||||
$dbUser = \BookStack\User::where('email', '=', $user->email)->first();
|
||||
Notification::assertSentTo($dbUser, ConfirmEmail::class);
|
||||
|
||||
// Test access and resend confirmation email
|
||||
$this->login($user->email, $user->password)
|
||||
->seePageIs('/register/confirm/awaiting')
|
||||
|
@ -84,19 +87,18 @@ class AuthTest extends TestCase
|
|||
->seePageIs('/register/confirm/awaiting')
|
||||
->press('Resend Confirmation Email');
|
||||
|
||||
// Get confirmation
|
||||
$user = $user->where('email', '=', $user->email)->first();
|
||||
$emailConfirmation = EmailConfirmation::where('user_id', '=', $user->id)->first();
|
||||
|
||||
|
||||
// Check confirmation email button and confirmation activation.
|
||||
$this->visit('/register/confirm/' . $emailConfirmation->token . '/email')
|
||||
->see('Email Confirmation')
|
||||
->click('Confirm Email')
|
||||
// Get confirmation and confirm notification matches
|
||||
$emailConfirmation = DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first();
|
||||
Notification::assertSentTo($dbUser, ConfirmEmail::class, function($notification, $channels) use ($emailConfirmation) {
|
||||
return $notification->token === $emailConfirmation->token;
|
||||
});
|
||||
|
||||
// Check confirmation email confirmation activation.
|
||||
$this->visit('/register/confirm/' . $emailConfirmation->token)
|
||||
->seePageIs('/')
|
||||
->see($user->name)
|
||||
->notSeeInDatabase('email_confirmations', ['token' => $emailConfirmation->token])
|
||||
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => true]);
|
||||
->seeInDatabase('users', ['name' => $dbUser->name, 'email' => $dbUser->email, 'email_confirmed' => true]);
|
||||
}
|
||||
|
||||
public function test_restricted_registration()
|
||||
|
|
|
@ -236,8 +236,9 @@ class EntityTest extends TestCase
|
|||
->type('super test page', '#name')
|
||||
->press('Save Page')
|
||||
// Check redirect
|
||||
->seePageIs($newPageUrl)
|
||||
->visit($pageUrl)
|
||||
->seePageIs($newPageUrl);
|
||||
|
||||
$this->visit($pageUrl)
|
||||
->seePageIs($newPageUrl);
|
||||
}
|
||||
|
||||
|
|
|
@ -86,7 +86,7 @@ class PageDraftTest extends TestCase
|
|||
->visit($chapter->getUrl() . '/create-page')
|
||||
->visit($book->getUrl())
|
||||
->seeInElement('.page-list', 'New Page');
|
||||
|
||||
|
||||
$this->asAdmin()
|
||||
->visit($book->getUrl())
|
||||
->dontSeeInElement('.page-list', 'New Page')
|
||||
|
|
|
@ -59,8 +59,10 @@ class ImageTest extends TestCase
|
|||
|
||||
$this->assertTrue(file_exists(public_path($relPath)), 'Uploaded image exists');
|
||||
|
||||
$this->deleteImage($relPath);
|
||||
|
||||
$this->seeInDatabase('images', [
|
||||
'url' => $relPath,
|
||||
'url' => $this->baseUrl . $relPath,
|
||||
'type' => 'gallery',
|
||||
'uploaded_to' => $page->id,
|
||||
'path' => $relPath,
|
||||
|
@ -69,7 +71,7 @@ class ImageTest extends TestCase
|
|||
'name' => $imageName
|
||||
]);
|
||||
|
||||
$this->deleteImage($relPath);
|
||||
|
||||
}
|
||||
|
||||
public function test_image_delete()
|
||||
|
@ -85,7 +87,7 @@ class ImageTest extends TestCase
|
|||
$this->assertResponseOk();
|
||||
|
||||
$this->dontSeeInDatabase('images', [
|
||||
'url' => $relPath,
|
||||
'url' => $this->baseUrl . $relPath,
|
||||
'type' => 'gallery'
|
||||
]);
|
||||
|
||||
|
|
Loading…
Reference in a new issue