mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-07-25 18:51:40 +02:00
Code Issues Releases Wiki Activity

Overhaul permissions

Browse Source 
Get rid of Permissible - too complex and inefficient. Replace with:
- a “Locked” trait which works similarly but only evaluates logic on
hydrated models.
- a “VisibleScope” trait which also works similarly but only scopes
queries

This is all we need, Permissible is overkill. There is only one
instance where we have to duplicate some logic
(Discussion::scopeVisiblePosts and Post::allow(‘view’, …)) but it’s
barely anything.

Haven’t decoupled for now, we can definitely look at doing that later.

Permissions table seeder slightly updated.

Also did a bit of a query audit, there’s still a lot to be done but
it’s much better than it was. Some relatively low-hanging fruit
detailed in EloquentPostRepository.
This commit is contained in:
Toby Zerner
2015-06-16 17:33:56 +09:30
parent 27b9dbe4c4
commit f0df751465
16 changed files with 247 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/Core/Models/Discussion.php
View File

@@ -1,7 +1,8 @@
<?php namespace Flarum\Core\Models;
use Tobscure\Permissible\Permissible;
use Flarum\Core\Support\EventGenerator;
use Flarum\Core\Support\Locked;
use Flarum\Core\Support\VisibleScope;
use Flarum\Core\Events\DiscussionWasDeleted;
use Flarum\Core\Events\DiscussionWasStarted;
use Flarum\Core\Events\DiscussionWasRenamed;
@@ -9,7 +10,8 @@ use Flarum\Core\Models\User;
class Discussion extends Model
{
use Permissible;
use Locked;
use VisibleScope;
/**
* The validation rules for this model.
@@ -215,6 +217,24 @@ class Discussion extends Model
return $this->hasMany('Flarum\Core\Models\Post');
}
protected static $visiblePostsScopes = [];
public static function scopeVisiblePosts($scope)
{
static::$visiblePostsScopes[] = $scope;
}
public function visiblePosts(User $user)
{
$query = $this->posts();
foreach (static::$visiblePostsScopes as $scope) {
$scope($query, $user, $this);
}
return $query;
}
/**
* Define the relationship with the discussion's comments.
*
@@ -297,9 +317,8 @@ class Discussion extends Model
*/
public function stateFor(User $user)
{
$loadedState = array_get($this->relations, 'state');
if ($loadedState && $loadedState->user_id === $user->id) {
return $loadedState;
if ($this->isRelationLoaded('state')) {
return $this->relations['state'];
}
$state = $this->state($user)->first();