Changeset 13580 for trunk/admin/cat_perm.php

Timestamp:

03/17/12 01:47:17 (14 months ago)

Author:

plg

Message:

feature 2594: redesign on album permission screen. The choice "public/private"
is not on the "properties" tab anymore. Simpler ergonomy to select grant users
and groups.

Files:

• trunk/admin/cat_perm.php (modified) (7 diffs)

trunk/admin/cat_perm.php

@@ -38 +38 @@
 // +-----------------------------------------------------------------------+
 
-// if the category is not correct (not numeric, not private)
-if (isset($_GET['cat']) and is_numeric($_GET['cat']))
+$page['cat'] = $category['id'];
+
+// +-----------------------------------------------------------------------+
+// |                           form submission                             |
+// +-----------------------------------------------------------------------+
+
+if (!empty($_POST))
 {
-  $query = '
-SELECT status
-  FROM '.CATEGORIES_TABLE.'
-  WHERE id = '.$_GET['cat'].'
-;';
-  list($status) = pwg_db_fetch_row(pwg_query($query));
-  
-  if ('private' == $status)
-  {
-    $page['cat'] = $_GET['cat'];
-  }
-}
-
-if (!isset($page['cat']))
-{
-  $query = '
+  check_pwg_token();
+
+  if ($category['status'] != $_POST['status'])
+  {
+    set_cat_status(array($page['cat']), $_POST['status']);
+    $category['status'] = $_POST['status'];
+  }
+
+  if ('private' == $_POST['status'])
+  {
+    //
+    // manage groups
+    //
+    $query = '
+SELECT group_id
+  FROM '.GROUP_ACCESS_TABLE.'
+  WHERE cat_id = '.$page['cat'].'
+;';
+    $groups_granted = array_from_query($query, 'group_id');
+
+    if (!isset($_POST['groups']))
+    {
+      $_POST['groups'] = array();
+    }
+    
+    //
+    // remove permissions to groups
+    //
+    $deny_groups = array_diff($groups_granted, $_POST['groups']);
+    if (count($deny_groups) > 0)
+    {
+      // if you forbid access to an album, all sub-albums become
+      // automatically forbidden
+      $query = '
+DELETE
+  FROM '.GROUP_ACCESS_TABLE.'
+  WHERE group_id IN ('.implode(',', $deny_groups).')
+    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
+;';
+      pwg_query($query);
+    }
+
+    //
+    // add permissions to groups
+    //
+    $grant_groups = array_diff($_POST['groups'], $groups_granted);
+    if (count($grant_groups) > 0)
+    {
+      $cat_ids = get_uppercat_ids(array($page['cat']));
+      if (isset($_POST['apply_on_sub']))
+      {
+        $cat_ids = array_merge($cat_ids, get_subcat_ids(array($page['cat'])));
+      }
+      
+      $query = '
 SELECT id
   FROM '.CATEGORIES_TABLE.'
-  WHERE status = \'private\'
-  LIMIT 1
-;';
-
-  list($page['cat']) = pwg_db_fetch_row(pwg_query($query));
-}
-
-// +-----------------------------------------------------------------------+
-// |                           form submission                             |
-// +-----------------------------------------------------------------------+
-if (isset($_POST['deny_groups_submit']) or isset($_POST['grant_groups_submit']) or isset($_POST['deny_users_submit']) or isset($_POST['grant_users_submit']) )
-{
-  check_pwg_token();
-}
-
-if (isset($_POST['deny_groups_submit'])
-         and isset($_POST['deny_groups'])
-         and count($_POST['deny_groups']) > 0)
-{
-  // if you forbid access to a category, all sub-categories become
-  // automatically forbidden
-  $query = '
-DELETE
-  FROM '.GROUP_ACCESS_TABLE.'
-  WHERE group_id IN ('.implode(',', $_POST['deny_groups']).')
-    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
-;';
-  pwg_query($query);
-}
-else if (isset($_POST['grant_groups_submit'])
-         and isset($_POST['grant_groups'])
-         and count($_POST['grant_groups']) > 0)
-{
-  $cat_ids = (isset($_POST['apply_on_sub'])) ? implode(',', get_subcat_ids(array($page['cat']))).",".implode(',', get_uppercat_ids(array($page['cat']))) : implode(',', get_uppercat_ids(array($page['cat'])));
-
-  $query = '
-SELECT id
-  FROM '.CATEGORIES_TABLE.'
-  WHERE id IN ('.$cat_ids.')
-  AND status = \'private\'
-;';
-  $private_cats = array_from_query($query, 'id');
-
-  // We must not reinsert already existing lines in group_access table
-  $granteds = array();
-  foreach ($private_cats as $cat_id)
-  {
-    $granteds[$cat_id] = array();
-  }
+  WHERE id IN ('.implode(',', $cat_ids).')
+    AND status = \'private\'
+;';
+      $private_cats = array_from_query($query, 'id');
+
+      // We must not reinsert already existing lines in group_access table
+      $granteds = array();
+      foreach ($private_cats as $cat_id)
+      {
+        $granteds[$cat_id] = array();
+      }
   
-  $query = '
-SELECT group_id, cat_id
+      $query = '
+SELECT
+    group_id,
+    cat_id
   FROM '.GROUP_ACCESS_TABLE.'
   WHERE cat_id IN ('.implode(',', $private_cats).')
-    AND group_id IN ('.implode(',', $_POST['grant_groups']).')
-;';
-  $result = pwg_query($query);
-  while ($row = pwg_db_fetch_assoc($result))
-  {
-    array_push($granteds[$row['cat_id']], $row['group_id']);
-  }
-
-  $inserts = array();
-  
-  foreach ($private_cats as $cat_id)
-  {
-    $group_ids = array_diff($_POST['grant_groups'], $granteds[$cat_id]);
-    foreach ($group_ids as $group_id)
-    {
-      array_push($inserts, array('group_id' => $group_id,
-                                 'cat_id' => $cat_id));
-    }
-  }
-
-  mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
-}
-else if (isset($_POST['deny_users_submit'])
-         and isset($_POST['deny_users'])
-         and count($_POST['deny_users']) > 0)
-{
-  // if you forbid access to a category, all sub-categories become
-  // automatically forbidden
-  $query = '
+    AND group_id IN ('.implode(',', $grant_groups).')
+;';
+      $result = pwg_query($query);
+      while ($row = pwg_db_fetch_assoc($result))
+      {
+        array_push($granteds[$row['cat_id']], $row['group_id']);
+      }
+
+      $inserts = array();
+      
+      foreach ($private_cats as $cat_id)
+      {
+        $group_ids = array_diff($grant_groups, $granteds[$cat_id]);
+        foreach ($group_ids as $group_id)
+        {
+          array_push(
+            $inserts,
+            array(
+              'group_id' => $group_id,
+              'cat_id' => $cat_id
+              )
+            );
+        }
+      }
+
+      mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
+    }
+
+    //
+    // users
+    //
+    $query = '
+SELECT user_id
+  FROM '.USER_ACCESS_TABLE.'
+  WHERE cat_id = '.$page['cat'].'
+;';
+    $users_granted = array_from_query($query, 'user_id');
+
+    if (!isset($_POST['users']))
+    {
+      $_POST['users'] = array();
+    }
+    
+    //
+    // remove permissions to users
+    //
+    $deny_users = array_diff($users_granted, $_POST['users']);
+    if (count($deny_users) > 0)
+    {
+      // if you forbid access to an album, all sub-album become automatically
+      // forbidden
+      $query = '
 DELETE
   FROM '.USER_ACCESS_TABLE.'
-  WHERE user_id IN ('.implode(',', $_POST['deny_users']).')
+  WHERE user_id IN ('.implode(',', $deny_users).')
     AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
 ;';
-  pwg_query($query);
-}
-else if (isset($_POST['grant_users_submit'])
-         and isset($_POST['grant_users'])
-         and count($_POST['grant_users']) > 0)
-{
-  add_permission_on_category($page['cat'], $_POST['grant_users']);
+      pwg_query($query);
+    }
+
+    //
+    // add permissions to users
+    //
+    $grant_users = array_diff($_POST['users'], $users_granted);
+    if (count($grant_users) > 0)
+    {
+      add_permission_on_category($page['cat'], $grant_users);
+    }
+  }
+
+  array_push($page['infos'], l10n('Album updated successfully'));
 }
 
@@ -171 +209 @@
     'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_perm',
     'F_ACTION' => $admin_album_base_url.'-permissions',
+    'private' => ('private' == $category['status']),
     )
   );
@@ -189 +228 @@
 ;';
 $groups = simple_hash_from_query($query, 'id', 'name');
-$template->assign('all_groups', $groups);
+$template->assign('groups', $groups);
 
 // groups granted to access the category
@@ -198 +237 @@
 ;';
 $group_granted_ids = array_from_query($query, 'group_id');
-$group_granted_ids = order_by_name($group_granted_ids, $groups);
-$template->assign('group_granted_ids', $group_granted_ids);
-
-
-// groups denied
-$template->assign('group_denied_ids',
-    order_by_name(array_diff(array_keys($groups), $group_granted_ids), $groups)
-  );
+$template->assign('groups_selected', $group_granted_ids);
 
 // users...
@@ -216 +248 @@
 ;';
 $users = simple_hash_from_query($query, 'id', 'username');
-$template->assign('all_users', $users);
+$template->assign('users', $users);
 
 
@@ -225 +257 @@
 ;';
 $user_granted_direct_ids = array_from_query($query, 'user_id');
-$user_granted_direct_ids = order_by_name($user_granted_direct_ids, $users);
-$template->assign('user_granted_direct_ids', $user_granted_direct_ids);
-
+$template->assign('users_selected', $user_granted_direct_ids);
 
 
@@ -283 +313 @@
 }
 
-$user_denied_ids = array_diff(array_keys($users),
-                              $user_granted_indirect_ids,
-                              $user_granted_direct_ids);
-$user_denied_ids = order_by_name($user_denied_ids, $users);
-$template->assign('user_denied_ids', $user_denied_ids);
-
-
 // +-----------------------------------------------------------------------+
 // |                           sending html code                           |