Merge branch 'development' into release

Author: ssddanbrown

.github/translators.txt

@@ -280,3 +280,11 @@ DerLinkman (derlinkman) :: German; German Informal
 TurnArabic :: Arabic
 Martin Sebek (sebekmartin) :: Czech
 Kuchinashi Hoshikawa (kuchinashi) :: Chinese Simplified
+digilady :: Greek
+Linus (LinusOP) :: Swedish
+Felipe Cardoso (felipecardosoruff) :: Portuguese, Brazilian
+RandomUser0815 :: German
+Ismael Mesquita (mesquitoliveira) :: Portuguese, Brazilian
+구인회 (laskdjlaskdj12) :: Korean
+LiZerui (CNLiZerui) :: Chinese Traditional
+Fabrice Boyer (FabriceBoyer) :: French

LICENSE

@@ -1,7 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2015-present, Dan Brown and the BookStack Project contributors
-https://github.com/BookStackApp/BookStack/graphs/contributors
+Copyright (c) 2015-2022, Dan Brown and the BookStack Project contributors.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

app/Actions/TagRepo.php

@@ -57,29 +57,29 @@ public function queryWithTotals(string $searchTerm, string $nameFilter): Builder
      * Get tag name suggestions from scanning existing tag names.
      * If no search term is given the 50 most popular tag names are provided.
      */
-    public function getNameSuggestions(?string $searchTerm): Collection
+    public function getNameSuggestions(string $searchTerm): Collection
     {
         $query = Tag::query()
             ->select('*', DB::raw('count(*) as count'))
             ->groupBy('name');
 
         if ($searchTerm) {
-            $query = $query->where('name', 'LIKE', $searchTerm . '%')->orderBy('name', 'desc');
+            $query = $query->where('name', 'LIKE', $searchTerm . '%')->orderBy('name', 'asc');
         } else {
             $query = $query->orderBy('count', 'desc')->take(50);
         }
 
         $query = $this->permissions->restrictEntityRelationQuery($query, 'tags', 'entity_id', 'entity_type');
 
-        return $query->get(['name'])->pluck('name');
+        return $query->pluck('name');
     }
 
     /**
      * Get tag value suggestions from scanning existing tag values.
      * If no search is given the 50 most popular values are provided.
      * Passing a tagName will only find values for a tags with a particular name.
      */
-    public function getValueSuggestions(?string $searchTerm, ?string $tagName): Collection
+    public function getValueSuggestions(string $searchTerm, string $tagName): Collection
     {
         $query = Tag::query()
             ->select('*', DB::raw('count(*) as count'))
@@ -97,7 +97,7 @@ public function getValueSuggestions(?string $searchTerm, ?string $tagName): Coll
 
         $query = $this->permissions->restrictEntityRelationQuery($query, 'tags', 'entity_id', 'entity_type');
 
-        return $query->get(['value'])->pluck('value');
+        return $query->pluck('value');
     }
 
     /**

app/Api/ApiEntityListFormatter.php

@@ -0,0 +1,107 @@
+<?php
+
+namespace BookStack\Api;
+
+use BookStack\Entities\Models\Entity;
+
+class ApiEntityListFormatter
+{
+    /**
+     * The list to be formatted.
+     * @var Entity[]
+     */
+    protected $list = [];
+
+    /**
+     * The fields to show in the formatted data.
+     * Can be a plain string array item for a direct model field (If existing on model).
+     * If the key is a string, with a callable value, the return value of the callable
+     * will be used for the resultant value. A null return value will omit the property.
+     * @var array<string|int, string|callable>
+     */
+    protected $fields = [
+        'id', 'name', 'slug', 'book_id', 'chapter_id',
+        'draft', 'template', 'created_at', 'updated_at',
+    ];
+
+    public function __construct(array $list)
+    {
+        $this->list = $list;
+
+        // Default dynamic fields
+        $this->withField('url', fn(Entity $entity) => $entity->getUrl());
+    }
+
+    /**
+     * Add a field to be used in the formatter, with the property using the given
+     * name and value being the return type of the given callback.
+     */
+    public function withField(string $property, callable $callback): self
+    {
+        $this->fields[$property] = $callback;
+        return $this;
+    }
+
+    /**
+     * Show the 'type' property in the response reflecting the entity type.
+     * EG: page, chapter, bookshelf, book
+     * To be included in results with non-pre-determined types.
+     */
+    public function withType(): self
+    {
+        $this->withField('type', fn(Entity $entity) => $entity->getType());
+        return $this;
+    }
+
+    /**
+     * Include tags in the formatted data.
+     */
+    public function withTags(): self
+    {
+        $this->withField('tags', fn(Entity $entity) => $entity->tags);
+        return $this;
+    }
+
+    /**
+     * Format the data and return an array of formatted content.
+     * @return array[]
+     */
+    public function format(): array
+    {
+        $results = [];
+
+        foreach ($this->list as $item) {
+            $results[] = $this->formatSingle($item);
+        }
+
+        return $results;
+    }
+
+    /**
+     * Format a single entity item to a plain array.
+     */
+    protected function formatSingle(Entity $entity): array
+    {
+        $result = [];
+        $values = (clone $entity)->toArray();
+
+        foreach ($this->fields as $field => $callback) {
+            if (is_string($callback)) {
+                $field = $callback;
+                if (!isset($values[$field])) {
+                    continue;
+                }
+                $value = $values[$field];
+            } else {
+                $value = $callback($entity);
+                if (is_null($value)) {
+                    continue;
+                }
+            }
+
+            $result[$field] = $value;
+        }
+
+        return $result;
+    }
+}

app/Api/ListingResponseBuilder.php

@@ -2,7 +2,6 @@
 
 namespace BookStack\Api;
 
-use BookStack\Model;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Collection;
 use Illuminate\Http\JsonResponse;

app/Auth/Access/LoginService.php

@@ -5,6 +5,7 @@
 use BookStack\Actions\ActivityType;
 use BookStack\Auth\Access\Mfa\MfaSession;
 use BookStack\Auth\User;
+use BookStack\Exceptions\LoginAttemptException;
 use BookStack\Exceptions\StoppedAuthenticationException;
 use BookStack\Facades\Activity;
 use BookStack\Facades\Theme;
@@ -149,6 +150,7 @@ public function awaitingEmailConfirmation(User $user): bool
      * May interrupt the flow if extra authentication requirements are imposed.
      *
      * @throws StoppedAuthenticationException
+     * @throws LoginAttemptException
      */
     public function attempt(array $credentials, string $method, bool $remember = false): bool
     {

app/Auth/Access/Saml2Service.php

@@ -20,14 +20,11 @@
  */
 class Saml2Service
 {
-    protected $config;
-    protected $registrationService;
-    protected $loginService;
-    protected $groupSyncService;
+    protected array $config;
+    protected RegistrationService $registrationService;
+    protected LoginService $loginService;
+    protected GroupSyncService $groupSyncService;
 
-    /**
-     * Saml2Service constructor.
-     */
     public function __construct(
         RegistrationService $registrationService,
         LoginService $loginService,
@@ -169,7 +166,7 @@ protected function actionLogout()
      */
     public function metadata(): string
     {
-        $toolKit = $this->getToolkit();
+        $toolKit = $this->getToolkit(true);
         $settings = $toolKit->getSettings();
         $metadata = $settings->getSPMetadata();
         $errors = $settings->validateMetadata($metadata);
@@ -190,7 +187,7 @@ public function metadata(): string
      * @throws Error
      * @throws Exception
      */
-    protected function getToolkit(): Auth
+    protected function getToolkit(bool $spOnly = false): Auth
     {
         $settings = $this->config['onelogin'];
         $overrides = $this->config['onelogin_overrides'] ?? [];
@@ -200,14 +197,14 @@ protected function getToolkit(): Auth
         }
 
         $metaDataSettings = [];
-        if ($this->config['autoload_from_metadata']) {
+        if (!$spOnly && $this->config['autoload_from_metadata']) {
             $metaDataSettings = IdPMetadataParser::parseRemoteXML($settings['idp']['entityId']);
         }
 
         $spSettings = $this->loadOneloginServiceProviderDetails();
         $settings = array_replace_recursive($settings, $spSettings, $metaDataSettings, $overrides);
 
-        return new Auth($settings);
+        return new Auth($settings, $spOnly);
     }
 
     /**

app/Auth/Permissions/EntityPermission.php

@@ -2,20 +2,41 @@
 
 namespace BookStack\Auth\Permissions;
 
+use BookStack\Auth\Role;
 use BookStack\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Database\Eloquent\Relations\MorphTo;
 
+/**
+ * @property int $id
+ * @property int $role_id
+ * @property int $entity_id
+ * @property string $entity_type
+ * @property boolean $view
+ * @property boolean $create
+ * @property boolean $update
+ * @property boolean $delete
+ */
 class EntityPermission extends Model
 {
-    protected $fillable = ['role_id', 'action'];
+    public const PERMISSIONS = ['view', 'create', 'update', 'delete'];
+
+    protected $fillable = ['role_id', 'view', 'create', 'update', 'delete'];
     public $timestamps = false;
 
     /**
-     * Get all this restriction's attached entity.
-     *
-     * @return \Illuminate\Database\Eloquent\Relations\MorphTo
+     * Get this restriction's attached entity.
      */
-    public function restrictable()
+    public function restrictable(): MorphTo
     {
         return $this->morphTo('restrictable');
     }
+
+    /**
+     * Get the role assigned to this entity permission.
+     */
+    public function role(): BelongsTo
+    {
+        return $this->belongsTo(Role::class);
+    }
 }