diff --git a/app/Http/Controllers/Crud/BookmarkController.php b/app/Http/Controllers/Crud/BookmarkController.php index 2ca4eae673..e4b84df5da 100644 --- a/app/Http/Controllers/Crud/BookmarkController.php +++ b/app/Http/Controllers/Crud/BookmarkController.php @@ -55,9 +55,10 @@ protected function setNavActions(): CrudController public function index(Request $request, Campaign $campaign) { // Check that the user has permission to actually be here - if (auth()->guest() || !auth()->user()->can('browse', new Bookmark())) { + if (!$this->authorize('browse', new Bookmark())) { return redirect()->route('dashboard', $campaign); } + return $this->campaign($campaign)->crudIndex($request); } diff --git a/app/Http/Controllers/Entity/Attributes/LiveApiController.php b/app/Http/Controllers/Entity/Attributes/LiveApiController.php index 7193a14541..36967e68cb 100644 --- a/app/Http/Controllers/Entity/Attributes/LiveApiController.php +++ b/app/Http/Controllers/Entity/Attributes/LiveApiController.php @@ -5,12 +5,10 @@ use App\Http\Controllers\Controller; use App\Http\Requests\StoreAttribute; use App\Http\Requests\UpdateAttribute; -use App\Http\Requests\UpdateEntityAttribute; use App\Http\Resources\Attributes\LiveAttributeResource; use App\Models\Attribute; use App\Models\Campaign; use App\Models\Entity; -use App\Services\Attributes\ApiService; use App\Traits\GuestAuthTrait; class LiveApiController extends Controller diff --git a/app/Http/Controllers/Entity/Posts/TemplateController.php b/app/Http/Controllers/Entity/Posts/TemplateController.php index 8c06d9fc97..337076577f 100644 --- a/app/Http/Controllers/Entity/Posts/TemplateController.php +++ b/app/Http/Controllers/Entity/Posts/TemplateController.php @@ -27,7 +27,7 @@ public function __construct(TemplateService $templateService) */ public function update(Campaign $campaign, Post $post) { - $this->authorize('setTemplates', $campaign); + $this->authorize('setPostTemplates', $campaign); $this->service->post($post)->toggle(); return redirect()->back() ->with( diff --git a/app/Http/Resources/Attributes/LiveAttributeResource.php b/app/Http/Resources/Attributes/LiveAttributeResource.php index 7efbfbcf5d..796876e611 100644 --- a/app/Http/Resources/Attributes/LiveAttributeResource.php +++ b/app/Http/Resources/Attributes/LiveAttributeResource.php @@ -3,8 +3,6 @@ namespace App\Http\Resources\Attributes; use App\Models\Attribute; -use App\Traits\CampaignAware; -use App\Traits\EntityAware; use Illuminate\Http\Resources\Json\JsonResource; class LiveAttributeResource extends JsonResource diff --git a/app/Models/CampaignPermission.php b/app/Models/CampaignPermission.php index 2d50958604..6d78064dd2 100644 --- a/app/Models/CampaignPermission.php +++ b/app/Models/CampaignPermission.php @@ -50,6 +50,10 @@ class CampaignPermission extends Model public const ACTION_GALLERY_BROWSE = 15; public const ACTION_GALLERY_UPLOAD = 16; + public const ACTION_TEMPLATES = 17; + public const ACTION_POST_TEMPLATES = 18; + public const ACTION_BOOKMARKS = 19; + protected $fillable = [ 'campaign_role_id', 'campaign_id', @@ -143,4 +147,21 @@ public function isGallery(): bool ]; return in_array($this->action, $galleryPermissions); } + + public function isTemplate(): bool + { + $templatePermissions = [ + self::ACTION_TEMPLATES, + self::ACTION_POST_TEMPLATES, + ]; + return in_array($this->action, $templatePermissions); + } + + public function isBookmark(): bool + { + $templatePermissions = [ + self::ACTION_BOOKMARKS, + ]; + return in_array($this->action, $templatePermissions); + } } diff --git a/app/Policies/BookmarkPolicy.php b/app/Policies/BookmarkPolicy.php index b2a50b7f55..983b916751 100644 --- a/app/Policies/BookmarkPolicy.php +++ b/app/Policies/BookmarkPolicy.php @@ -4,34 +4,42 @@ use App\Facades\UserCache; use App\Models\User; +use App\Facades\EntityPermission; +use App\Models\Campaign; +use App\Models\CampaignPermission; use Illuminate\Auth\Access\HandlesAuthorization; class BookmarkPolicy { use HandlesAuthorization; - public function browse(User $user) + public function browse(User $user): bool { - return UserCache::user($user)->admin(); + return UserCache::user($user)->admin() || $this->checkPermission(CampaignPermission::ACTION_BOOKMARKS, $user); } public function view(User $user): bool { - return UserCache::user($user)->admin(); + return UserCache::user($user)->admin() || $this->checkPermission(CampaignPermission::ACTION_BOOKMARKS, $user); } public function create(User $user): bool { - return UserCache::user($user)->admin(); + return UserCache::user($user)->admin() || $this->checkPermission(CampaignPermission::ACTION_BOOKMARKS, $user); } public function update(User $user): bool { - return UserCache::user($user)->admin(); + return UserCache::user($user)->admin() || $this->checkPermission(CampaignPermission::ACTION_BOOKMARKS, $user); } public function delete(User $user): bool { - return UserCache::user($user)->admin(); + return UserCache::user($user)->admin() || $this->checkPermission(CampaignPermission::ACTION_BOOKMARKS, $user); + } + + protected function checkPermission(int $action, User $user, ?Campaign $campaign = null): bool + { + return EntityPermission::hasPermission(0, $action, $user, null, $campaign); } } diff --git a/app/Policies/CampaignPolicy.php b/app/Policies/CampaignPolicy.php index c3665b1654..5c7ab6daba 100644 --- a/app/Policies/CampaignPolicy.php +++ b/app/Policies/CampaignPolicy.php @@ -293,6 +293,14 @@ public function useTemplates(?User $user, Campaign $campaign): bool */ public function setTemplates(?User $user, Campaign $campaign): bool { - return $this->isAdmin($user); + return $this->isAdmin($user) || $this->checkPermission(CampaignPermission::ACTION_TEMPLATES, $user, $campaign); + } + + /** + * Determine if the user can set post templates on the campaign + */ + public function setPostTemplates(?User $user, Campaign $campaign): bool + { + return $this->isAdmin($user) || $this->checkPermission(CampaignPermission::ACTION_POST_TEMPLATES, $user, $campaign); } } diff --git a/app/Services/Entity/RecoverySetupService.php b/app/Services/Entity/RecoverySetupService.php index 287d96834f..e3d4820561 100644 --- a/app/Services/Entity/RecoverySetupService.php +++ b/app/Services/Entity/RecoverySetupService.php @@ -8,7 +8,6 @@ use App\Traits\UserAware; use Illuminate\Support\Collection; use Illuminate\Support\Facades\DB; -use Illuminate\Support\Str; class RecoverySetupService { diff --git a/app/Services/Permissions/RolePermissionService.php b/app/Services/Permissions/RolePermissionService.php index e97064d231..e90ea59622 100644 --- a/app/Services/Permissions/RolePermissionService.php +++ b/app/Services/Permissions/RolePermissionService.php @@ -197,6 +197,85 @@ public function galleryPermissions(): array return $permissions; } + public function templatePermissions(): array + { + $permissions = []; + + $campaignRolePermissions = []; + foreach ($this->role->permissions as $perm) { + if ($perm->entity_type_id || !$perm->isTemplate()) { + continue; + } + $campaignRolePermissions["campaign_" . $perm->action] = 1; + } + + $entityActions = [ + CampaignPermission::ACTION_TEMPLATES, + CampaignPermission::ACTION_POST_TEMPLATES, + + ]; + $icons = [ + CampaignPermission::ACTION_TEMPLATES => [ + 'fa-solid fa-cog', 'entities', + ], + CampaignPermission::ACTION_POST_TEMPLATES => [ + 'fa-solid fa-cog', 'posts', + ], + ]; + + foreach ($entityActions as $action) { + if (!isset($permissions['campaign'])) { + $permissions['campaign'] = []; + } + $key = "campaign_{$action}"; + $permissions['campaign'][] = [ + 'action' => $action, + 'key' => $key, + 'icon' => Arr::first($icons[$action]), + 'label' => Arr::last($icons[$action]), + 'enabled' => isset($campaignRolePermissions[$key]), + ]; + } + return $permissions; + } + + public function bookmarkPermissions(): array + { + $permissions = []; + + $campaignRolePermissions = []; + foreach ($this->role->permissions as $perm) { + if ($perm->entity_type_id || !$perm->isBookmark()) { + continue; + } + $campaignRolePermissions["campaign_" . $perm->action] = 1; + } + + $entityActions = [ + CampaignPermission::ACTION_BOOKMARKS, + ]; + $icons = [ + CampaignPermission::ACTION_BOOKMARKS => [ + 'fa-solid fa-cog', 'manage', + ], + ]; + + foreach ($entityActions as $action) { + if (!isset($permissions['campaign'])) { + $permissions['campaign'] = []; + } + $key = "campaign_{$action}"; + $permissions['campaign'][] = [ + 'action' => $action, + 'key' => $key, + 'icon' => Arr::first($icons[$action]), + 'label' => Arr::last($icons[$action]), + 'enabled' => isset($campaignRolePermissions[$key]), + ]; + } + return $permissions; + } + public function savePermissions(array $permissions = []): void { // Load existing diff --git a/app/View/Components/Ad.php b/app/View/Components/Ad.php index e7c11e0611..10adbcc65c 100644 --- a/app/View/Components/Ad.php +++ b/app/View/Components/Ad.php @@ -57,11 +57,11 @@ protected function hasAd(): bool return false; } // Parameter to force ads to be displayed - if (request()->has('_showads')) { - return true; - } + return (bool) (request()->has('_showads')) + + // Temp workaround for venatus to fix their ads - return false; + ; if (isset($this->user)) { // Subscribed users don't have ads if ($this->user->isSubscriber()) { diff --git a/database/factories/CharacterFactory.php b/database/factories/CharacterFactory.php index fdf9878598..08d6acffd6 100644 --- a/database/factories/CharacterFactory.php +++ b/database/factories/CharacterFactory.php @@ -3,7 +3,6 @@ namespace Database\Factories; //use Faker\Generator as Faker; -use Illuminate\Support\Str; use Illuminate\Database\Eloquent\Factories\Factory; use App\Models\Character; diff --git a/lang/en/entities.php b/lang/en/entities.php index b888f4697e..52ab22bb0a 100644 --- a/lang/en/entities.php +++ b/lang/en/entities.php @@ -99,6 +99,7 @@ 'relations' => 'Connections', 'tag' => 'Tag', 'tags' => 'Tags', + 'templates' => 'Templates', 'timeline' => 'Timeline', 'timeline_element' => 'Timeline element', 'timelines' => 'Timelines', diff --git a/resources/views/campaigns/roles/_pretty.blade.php b/resources/views/campaigns/roles/_pretty.blade.php index 931a4daa31..24d611468e 100644 --- a/resources/views/campaigns/roles/_pretty.blade.php +++ b/resources/views/campaigns/roles/_pretty.blade.php @@ -135,3 +135,57 @@ @endforeach @endforeach + +
+
+ {{ __('entities.templates') }} +
+ @foreach ($permissionService->templatePermissions() as $entity => $permissions) + @foreach ($permissions as $perm) +
+
+ +
+ + +
+
+ + +
+
+
+ @endforeach + @endforeach +
+ +
+
+ {{ __('entities.bookmarks') }} +
+ @foreach ($permissionService->bookmarkPermissions() as $entity => $permissions) + @foreach ($permissions as $perm) +
+
+ +
+ + +
+
+ + +
+
+
+ @endforeach + @endforeach +
\ No newline at end of file diff --git a/resources/views/entities/pages/posts/_actions.blade.php b/resources/views/entities/pages/posts/_actions.blade.php index 1a87626763..2339e7f45d 100644 --- a/resources/views/entities/pages/posts/_actions.blade.php +++ b/resources/views/entities/pages/posts/_actions.blade.php @@ -33,7 +33,7 @@ {{ __('entities/notes.move.move') }} @endif -@can('setTemplates', $campaign) +@can('setPostTemplates', $campaign) @if ($post->isTemplate()) {{ __('entities/actions.templates.unset') }} diff --git a/resources/views/layouts/sidebars/quick-links.blade.php b/resources/views/layouts/sidebars/quick-links.blade.php index edf6e2303b..b8b87f012f 100644 --- a/resources/views/layouts/sidebars/quick-links.blade.php +++ b/resources/views/layouts/sidebars/quick-links.blade.php @@ -1,6 +1,6 @@