source: trunk/admin/cat_perm.php @ 13018

Last change on this file since 13018 was 13013, checked in by plg, 12 years ago

feature 2561: redesign on album administration screen.

  • only one form on the screen and several tabs
  • simpler URL pattern : page=album-123-properties / page=album-123-sort_order / page=album-123-permissions
  • action to associate all photos of an album to another (new) virtual album was removed. This can be easily done with the new Batch Manager
  • notification by email on an album still has to be moved on a new dedicated tab
  • action icons (jump to album, manage photos, manage sub-albums, delete album...) replaced by plain text links
  • Property svn:eol-style set to LF
File size: 9.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2012 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH'))
25{
26  die ("Hacking attempt!");
27}
28
29include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31// +-----------------------------------------------------------------------+
32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_ADMINISTRATOR);
35
36// +-----------------------------------------------------------------------+
37// |                       variable initialization                         |
38// +-----------------------------------------------------------------------+
39
40// if the category is not correct (not numeric, not private)
41if (isset($_GET['cat']) and is_numeric($_GET['cat']))
42{
43  $query = '
44SELECT status
45  FROM '.CATEGORIES_TABLE.'
46  WHERE id = '.$_GET['cat'].'
47;';
48  list($status) = pwg_db_fetch_row(pwg_query($query));
49 
50  if ('private' == $status)
51  {
52    $page['cat'] = $_GET['cat'];
53  }
54}
55
56if (!isset($page['cat']))
57{
58  $query = '
59SELECT id
60  FROM '.CATEGORIES_TABLE.'
61  WHERE status = \'private\'
62  LIMIT 1
63;';
64
65  list($page['cat']) = pwg_db_fetch_row(pwg_query($query));
66}
67
68// +-----------------------------------------------------------------------+
69// |                           form submission                             |
70// +-----------------------------------------------------------------------+
71if (isset($_POST['deny_groups_submit']) or isset($_POST['grant_groups_submit']) or isset($_POST['deny_users_submit']) or isset($_POST['grant_users_submit']) )
72{
73  check_pwg_token();
74}
75
76if (isset($_POST['deny_groups_submit'])
77         and isset($_POST['deny_groups'])
78         and count($_POST['deny_groups']) > 0)
79{
80  // if you forbid access to a category, all sub-categories become
81  // automatically forbidden
82  $query = '
83DELETE
84  FROM '.GROUP_ACCESS_TABLE.'
85  WHERE group_id IN ('.implode(',', $_POST['deny_groups']).')
86    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
87;';
88  pwg_query($query);
89}
90else if (isset($_POST['grant_groups_submit'])
91         and isset($_POST['grant_groups'])
92         and count($_POST['grant_groups']) > 0)
93{
94  $cat_ids = (isset($_POST['apply_on_sub'])) ? implode(',', get_subcat_ids(array($page['cat']))).",".implode(',', get_uppercat_ids(array($page['cat']))) : implode(',', get_uppercat_ids(array($page['cat'])));
95
96  $query = '
97SELECT id
98  FROM '.CATEGORIES_TABLE.'
99  WHERE id IN ('.$cat_ids.')
100  AND status = \'private\'
101;';
102  $private_cats = array_from_query($query, 'id');
103
104  // We must not reinsert already existing lines in group_access table
105  $granteds = array();
106  foreach ($private_cats as $cat_id)
107  {
108    $granteds[$cat_id] = array();
109  }
110 
111  $query = '
112SELECT group_id, cat_id
113  FROM '.GROUP_ACCESS_TABLE.'
114  WHERE cat_id IN ('.implode(',', $private_cats).')
115    AND group_id IN ('.implode(',', $_POST['grant_groups']).')
116;';
117  $result = pwg_query($query);
118  while ($row = pwg_db_fetch_assoc($result))
119  {
120    array_push($granteds[$row['cat_id']], $row['group_id']);
121  }
122
123  $inserts = array();
124 
125  foreach ($private_cats as $cat_id)
126  {
127    $group_ids = array_diff($_POST['grant_groups'], $granteds[$cat_id]);
128    foreach ($group_ids as $group_id)
129    {
130      array_push($inserts, array('group_id' => $group_id,
131                                 'cat_id' => $cat_id));
132    }
133  }
134
135  mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
136}
137else if (isset($_POST['deny_users_submit'])
138         and isset($_POST['deny_users'])
139         and count($_POST['deny_users']) > 0)
140{
141  // if you forbid access to a category, all sub-categories become
142  // automatically forbidden
143  $query = '
144DELETE
145  FROM '.USER_ACCESS_TABLE.'
146  WHERE user_id IN ('.implode(',', $_POST['deny_users']).')
147    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
148;';
149  pwg_query($query);
150}
151else if (isset($_POST['grant_users_submit'])
152         and isset($_POST['grant_users'])
153         and count($_POST['grant_users']) > 0)
154{
155  add_permission_on_category($page['cat'], $_POST['grant_users']);
156}
157
158// +-----------------------------------------------------------------------+
159// |                       template initialization                         |
160// +-----------------------------------------------------------------------+
161
162$template->set_filename('cat_perm', 'cat_perm.tpl');
163
164$template->assign(
165  array(
166    'CATEGORIES_NAV' =>
167      get_cat_display_name_from_id(
168        $page['cat'],
169        'admin.php?page=album-'
170        ),
171    'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_perm',
172    'F_ACTION' => $admin_album_base_url.'-permissions',
173    )
174  );
175
176// +-----------------------------------------------------------------------+
177// |                          form construction                            |
178// +-----------------------------------------------------------------------+
179
180// groups denied are the groups not granted. So we need to find all groups
181// minus groups granted to find groups denied.
182
183$groups = array();
184
185$query = '
186SELECT id, name
187  FROM '.GROUPS_TABLE.'
188  ORDER BY name ASC
189;';
190$groups = simple_hash_from_query($query, 'id', 'name');
191$template->assign('all_groups', $groups);
192
193// groups granted to access the category
194$query = '
195SELECT group_id
196  FROM '.GROUP_ACCESS_TABLE.'
197  WHERE cat_id = '.$page['cat'].'
198;';
199$group_granted_ids = array_from_query($query, 'group_id');
200$group_granted_ids = order_by_name($group_granted_ids, $groups);
201$template->assign('group_granted_ids', $group_granted_ids);
202
203
204// groups denied
205$template->assign('group_denied_ids',
206    order_by_name(array_diff(array_keys($groups), $group_granted_ids), $groups)
207  );
208
209// users...
210$users = array();
211
212$query = '
213SELECT '.$conf['user_fields']['id'].' AS id,
214       '.$conf['user_fields']['username'].' AS username
215  FROM '.USERS_TABLE.'
216;';
217$users = simple_hash_from_query($query, 'id', 'username');
218$template->assign('all_users', $users);
219
220
221$query = '
222SELECT user_id
223  FROM '.USER_ACCESS_TABLE.'
224  WHERE cat_id = '.$page['cat'].'
225;';
226$user_granted_direct_ids = array_from_query($query, 'user_id');
227$user_granted_direct_ids = order_by_name($user_granted_direct_ids, $users);
228$template->assign('user_granted_direct_ids', $user_granted_direct_ids);
229
230
231
232$user_granted_indirect_ids = array();
233if (count($group_granted_ids) > 0)
234{
235  $granted_groups = array();
236
237  $query = '
238SELECT user_id, group_id
239  FROM '.USER_GROUP_TABLE.'
240  WHERE group_id IN ('.implode(',', $group_granted_ids).')
241';
242  $result = pwg_query($query);
243  while ($row = pwg_db_fetch_assoc($result))
244  {
245    if (!isset($granted_groups[$row['group_id']]))
246    {
247      $granted_groups[$row['group_id']] = array();
248    }
249    array_push($granted_groups[$row['group_id']], $row['user_id']);
250  }
251
252  $user_granted_by_group_ids = array();
253
254  foreach ($granted_groups as $group_users)
255  {
256    $user_granted_by_group_ids = array_merge($user_granted_by_group_ids,
257                                             $group_users);
258  }
259  $user_granted_by_group_ids = array_unique($user_granted_by_group_ids);
260 
261 
262  $user_granted_indirect_ids = array_diff($user_granted_by_group_ids,
263                                          $user_granted_direct_ids);
264  $user_granted_indirect_ids = 
265    order_by_name($user_granted_indirect_ids, $users); 
266  foreach ($user_granted_indirect_ids as $user_id)
267  {
268    foreach ($granted_groups as $group_id => $group_users)
269    {
270      if (in_array($user_id, $group_users))
271      {
272        $template->append(
273          'user_granted_indirects',
274          array(
275            'USER'=>$users[$user_id],
276            'GROUP'=>$groups[$group_id]
277            )
278          );
279        break;
280      }
281    }
282  }
283}
284
285$user_denied_ids = array_diff(array_keys($users),
286                              $user_granted_indirect_ids,
287                              $user_granted_direct_ids);
288$user_denied_ids = order_by_name($user_denied_ids, $users);
289$template->assign('user_denied_ids', $user_denied_ids);
290
291
292// +-----------------------------------------------------------------------+
293// |                           sending html code                           |
294// +-----------------------------------------------------------------------+
295$template->assign(array('PWG_TOKEN' => get_pwg_token()));
296
297$template->assign_var_from_handle('ADMIN_CONTENT', 'cat_perm');
298?>
Note: See TracBrowser for help on using the repository browser.