Changeset 2084

Timestamp:

Sep 11, 2007, 4:24:51 AM (17 years ago)

Author:

rvelices

Message:

feature 731: permissions at image level

• this is the first version - I wait for feedback before changing help files

Location:

trunk

Files:

• action.php (modified) (1 diff)
• admin/element_set_global.php (modified) (7 diffs)
• admin/user_list.php (modified) (6 diffs)
• include/config_default.inc.php (modified) (7 diffs)
• include/functions_user.inc.php (modified) (11 diffs)
• install/db/63-database.php (added)
• install/phpwebgallery_structure.sql (modified) (3 diffs)
• language/en_UK.iso-8859-1/admin.lang.php (modified) (1 diff)
• language/fr_FR.iso-8859-1/admin.lang.php (modified) (1 diff)
• template/yoga/admin/element_set_global.tpl (modified) (2 diffs)
• template/yoga/admin/user_list.tpl (modified) (1 diff)
• template/yoga/menubar.css (modified) (1 diff)
• template/yoga/thumbnails.css (modified) (1 diff)

trunk/action.php

@@ -90 +90 @@
   WHERE image_id = '.$_GET['id'].'
 '.get_sql_condition_FandF(
-  array('forbidden_categories' => 'category_id'),
+  array(
+      'forbidden_categories' => 'category_id',
+      'forbidden_images' => 'image_id',
+    ),
   '    AND'
   ).'

trunk/admin/element_set_global.php

@@ -137 +137 @@
   $dbfields = array('primary' => array('id'), 'update' => array());
 
-  $formfields = array('author', 'name', 'date_creation');
+  $formfields = array('author', 'name', 'date_creation', 'level');
   foreach ($formfields as $formfield)
   {
@@ -164 +164 @@
       {
         $data['author'] = $_POST['author'];
-
         if ('' == $data['author'])
         {
@@ -174 +173 @@
       {
         $data['name'] = $_POST['name'];
-
         if ('' == $data['name'])
         {
@@ -188 +186 @@
           .'-'.$_POST['date_creation_day']
           ;
+      }
+
+      if ('set' == $_POST['level_action'])
+      {
+        $data['level'] = $_POST['level'];
       }
 
@@ -346 +349 @@
 $template->assign_vars(array('DATE_CREATION_YEAR_VALUE'=>$year));
 
+// image level options
+$blockname = 'level_option';
+foreach ($conf['available_permission_levels'] as $level)
+{
+  $template->assign_block_vars(
+    $blockname,
+    array(
+      'VALUE' => $level,
+      'CONTENT' => l10n( sprintf('Level %d', $level) ),
+      ));
+}
+
 // +-----------------------------------------------------------------------+
 // |                        global mode thumbnails                         |
@@ -378 +393 @@
 
   $query = '
-SELECT id,path,tn_ext,file,filesize
+SELECT id,path,tn_ext,file,filesize,level
   FROM '.IMAGES_TABLE.'
   WHERE id IN ('.implode(',', $page['cat_elements_id']).')
@@ -406 +421 @@
         )
       );
+
+    if ( $row['level']>0 )
+    {
+      $template->assign_block_vars('thumbnails.thumbnail.level',
+          array(
+              'LEVEL' => $row['level'],
+              'TITLE' => l10n( sprintf('Level %d', $row['level']) ),
+            )
+        );
+    }
   }
 }

trunk/admin/user_list.php

@@ -98 +98 @@
                 ui.status,
                 ui.adviser,
-                ui.enabled_high
+                ui.enabled_high,
+                ui.level
   FROM '.USERS_TABLE.' AS u
     INNER JOIN '.USER_INFOS_TABLE.' AS ui
@@ -257 +258 @@
     array_push($page['errors'], l10n('Guest cannot be deleted'));
   }
-  if (($conf['guest_id'] != $conf['default_user_id']) and 
+  if (($conf['guest_id'] != $conf['default_user_id']) and
       in_array($conf['default_user_id'], $collection))
   {
@@ -352 +353 @@
     array('nb_image_line', 'nb_line_page', 'template', 'language',
           'recent_period', 'maxwidth', 'expand', 'show_nb_comments',
-          'show_nb_hits', 'maxheight', 'status', 'enabled_high');
-
-  $true_false_fields = array('expand', 'show_nb_comments', 
+          'show_nb_hits', 'maxheight', 'status', 'enabled_high',
+          'level');
+
+  $true_false_fields = array('expand', 'show_nb_comments',
                        'show_nb_hits', 'enabled_high');
   if ($conf['allow_adviser'])
@@ -757 +759 @@
 }
 
+// user level options
+$blockname = 'level_option';
+foreach ($conf['available_permission_levels'] as $level)
+{
+  $template->assign_block_vars(
+    $blockname,
+    array(
+      'VALUE' => $level,
+      'CONTENT' => l10n( sprintf('Level %d', $level) ),
+      'SELECTED' => $level==$default_user['level'] ? 'selected="selected"' : '',
+      ));
+}
+
 // +-----------------------------------------------------------------------+
 // |                            navigation bar                             |
@@ -818 +833 @@
     $checked = '';
   }
+
+  $properties = array();
+  $properties[] =
+    (isset($local_user['enabled_high']) and ($local_user['enabled_high'] == 'true'))
+        ? $lang['is_high_enabled'] : $lang['is_high_disabled'];
+
+  $properties[] = l10n( sprintf('Level %d', $local_user['level']) );
 
   $template->assign_block_vars(
@@ -837 +859 @@
       'EMAIL' => get_email_address_as_display_text($local_user['email']),
       'GROUPS' => $groups_string,
-      'PROPERTIES' => 
-        (isset($local_user['enabled_high']) and ($local_user['enabled_high'] == 'true'))
-        ? $lang['is_high_enabled'] : $lang['is_high_disabled']
+      'PROPERTIES' => implode( ',', $properties),
+
       )
     );

trunk/include/config_default.inc.php

@@ -169 +169 @@
 //
 // Advenced use:
-//  You can also used special options. Instead to pass a string like parameter value 
+//  You can also used special options. Instead to pass a string like parameter value
 //  you can pass a array with different optional parameter values
 //  $conf['links'] = array(
@@ -175 +175 @@
 //    'http://forum.phpwebgallery.net' => array('label' => 'For ADMIN', 'new_window' => true, 'eval_visible' => 'return is_admin();'),
 //    'http://phpwebgallery.net/doc' => array('label' => 'For Guest', 'new_window' => true, 'eval_visible' => 'return is_a_guest();'),
-//    'http://download.gna.org/phpwebgallery/' => 
-//      array('label' => 'PopUp', 'new_window' => true, 
+//    'http://download.gna.org/phpwebgallery/' =>
+//      array('label' => 'PopUp', 'new_window' => true,
 //      'nw_name' => 'PopUp', 'nw_features' => 'width=800,height=450,location=no,status=no,toolbar=no,scrollbars=no,menubar=no'),
 //    );
@@ -264 +264 @@
 $conf['users_page'] = 20;
 
+// image level permissions available in the admin interface
+$conf['available_permission_levels'] = array(0,1,2,4,8);
+
 // mail_options: only set it true if you have a send mail warning with
 // "options" parameter missing on mail() function execution.
@@ -615 +618 @@
 
 // On Access control false / Admim Web Service need Php cURL extension
-// Controls are done on public basis or 
+// Controls are done on public basis or
 // if connected on member authorization basis
 $conf['ws_access_control'] = false;
-  
-// On Access control true 
+
+// On Access control true
 // Additionnal controls are made based on Web Service Access Table
 
@@ -629 +632 @@
   $conf['ws_postponed_start'] = array(0,1,2,3,5,7,14,30); /* In days */
 
-// By default 10, 5, 2, 1 year(s) or 6, 3, 1 month(s) 
+// By default 10, 5, 2, 1 year(s) or 6, 3, 1 month(s)
 // or 15, 10, 7, 5, 1, 0 day(s)
 // 0 it's temporary closed (Useful for one access)
-  $conf['ws_durations'] = array(3650,1825,730,365,182,91,30,15,10,7,5,1,0); 
+  $conf['ws_durations'] = array(3650,1825,730,365,182,91,30,15,10,7,5,1,0);
 
 // +-----------------------------------------------------------------------+
@@ -676 +679 @@
 // | Light slideshow                                                       |
 // +-----------------------------------------------------------------------+
-// $conf['light_slideshow'] indicates to use slideshow.tpl in state of 
+// $conf['light_slideshow'] indicates to use slideshow.tpl in state of
 // picture.tpl for slideshow
 // Take care to have slideshow.tpl in all available templates
@@ -682 +685 @@
 // Check if Picture's plugins are compliant with it
 // Every plugin from 1.7 would be design to manage light_slideshow case.
-$conf['light_slideshow'] = true;  
+$conf['light_slideshow'] = true;
 
 ?>

trunk/include/functions_user.inc.php

@@ -258 +258 @@
         calculate_permissions($userdata['id'], $userdata['status']);
 
+      /* now we build the list of forbidden images (this list does not contain
+      images that are not in at least an authorized category)*/
+      $query = '
+SELECT DISTINCT(id)
+  FROM '.IMAGES_TABLE.' INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id=image_id
+  WHERE category_id NOT IN ('.$userdata['forbidden_categories'].')
+    AND level>'.$userdata['level'];
+      $forbidden_ids = array_from_query($query, 'id');
+
+      if ( empty($forbidden_ids) )
+      {
+        array_push( $forbidden_ids, 0 );
+      }
+      $userdata['image_access_type'] = 'NOT IN'; //TODO maybe later
+      $userdata['image_access_list'] = implode(',',$forbidden_ids);
+
       update_user_cache_categories($userdata);
 
@@ -270 +286 @@
   FROM '.IMAGE_CATEGORY_TABLE.'
   WHERE category_id NOT IN ('.$userdata['forbidden_categories'].')
+    AND image_id '.$userdata['image_access_type'].' ('.$userdata['image_access_list'].')
 ;';
       list($userdata['nb_total_images']) = mysql_fetch_array(pwg_query($query));
@@ -282 +299 @@
       $query = '
 INSERT INTO '.USER_CACHE_TABLE.'
-  (user_id, need_update, forbidden_categories, nb_total_images)
+  (user_id, need_update, forbidden_categories, nb_total_images,
+    image_access_type, image_access_list)
   VALUES
   ('.$userdata['id'].',\''.boolean_to_string($userdata['need_update']).'\',\''
-  .$userdata['forbidden_categories'].'\','.$userdata['nb_total_images'].')
+  .$userdata['forbidden_categories'].'\','.$userdata['nb_total_images'].',"'
+  .$userdata['image_access_type'].'","'.$userdata['image_access_list'].'")
 ;';
       pwg_query($query);
@@ -528 +547 @@
 
   $query = 'SELECT c.id cat_id, global_rank';
-  if ( !isset($filter_days) )
-  {
-    $query .= ',
-    date_last cat_date_last,
-    nb_images cat_nb_images
-  FROM '.CATEGORIES_TABLE.' as c';
-  }
-  else
-  {
-    // Count by date_available to avoid count null
-    $query .= ',
-    MAX(date_available) cat_date_last,
-    COUNT(date_available) cat_nb_images
-  FROM '.CATEGORIES_TABLE.' as c
-    LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON ic.category_id = c.id
-    LEFT JOIN '.IMAGES_TABLE.' AS i
-      ON ic.image_id = i.id AND
-          i.date_available > SUBDATE(CURRENT_DATE,INTERVAL '.$filter_days.' DAY)';
-    $group_by = 'c.id';
-  }
+  // Count by date_available to avoid count null
+  $query .= ',
+  MAX(date_available) cat_date_last,  COUNT(date_available) cat_nb_images
+FROM '.CATEGORIES_TABLE.' as c
+  LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON ic.category_id = c.id
+  LEFT JOIN '.IMAGES_TABLE.' AS i
+    ON ic.image_id = i.id
+      AND i.level<='.$userdata['level'];
+
+  if ( isset($filter_days) )
+  {
+    $query .= ' AND i.date_available > SUBDATE(CURRENT_DATE,INTERVAL '.$filter_days.' DAY)';
+  }
+  $group_by = 'c.id';
 
   if ( !empty($userdata['forbidden_categories']) )
@@ -720 +733 @@
 {
   global $page, $conf;
-  
+
   if (!isset($page['cache_default_user']))
   {
@@ -728 +741 @@
     $result = pwg_query($query);
     $page['cache_default_user'] = mysql_fetch_assoc($result);
-    
+
     if ($page['cache_default_user'] !== false)
     {
@@ -840 +853 @@
     foreach ($user_ids as $user_id)
     {
+      $level= isset($default_user['level']) ? $default_user['level'] : 0;
       if ($user_id == $conf['webmaster_id'])
       {
         $status = 'webmaster';
-      }
-      else if (($user_id == $conf['guest_id']) or 
+        $level = max( $conf['available_permission_levels'] );
+      }
+      else if (($user_id == $conf['guest_id']) or
                ($user_id == $conf['default_user_id']))
       {
@@ -859 +874 @@
           'user_id' => $user_id,
           'status' => $status,
-          'registration_date' => $dbnow
+          'registration_date' => $dbnow,
+          'level' => $level
           ));
 
       array_push($inserts, $insert);
-      }
+    }
 
     include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
@@ -902 +918 @@
  * availability of the file
  *
- * in descending order of preference: 
+ * in descending order of preference:
  *   param language, user language, default language
  * PhpWebGallery default language.
@@ -1291 +1307 @@
       }
       case 'visible_images':
-      {
         if (!empty($filter['visible_images']))
         {
@@ -1297 +1312 @@
             $field_name.' IN ('.$filter['visible_images'].')';
         }
+        // note there is no break - visible include forbidden
+      case 'forbidden_images':
+        if (
+            !empty($user['image_access_list'])
+            or $user['image_access_type']!='NOT IN'
+            )
+        {
+          $table_prefix=null;
+          if ($field_name=='id')
+          {
+            $table_prefix = '';
+          }
+          elseif ($field_name=='i.id')
+          {
+            $table_prefix = 'i.';
+          }
+          if ( isset($table_prefix) )
+          {
+            $sql_list[]=$table_prefix.'level<='.$user['level'];
+          }
+          else
+          {
+            $sql_list[]=$field_name.' '.$user['image_access_type']
+                .' ('.$user['image_access_list'].')';
+          }
+        }
         break;
-      }
       default:
       {

trunk/install/phpwebgallery_structure.sql

@@ -199 +199 @@
   `storage_category_id` smallint(5) unsigned default NULL,
   `high_filesize` mediumint(9) unsigned default NULL,
+  `level` tinyint unsigned NOT NULL default '0',
   PRIMARY KEY  (`id`),
   KEY `images_i2` (`date_available`),
@@ -329 +330 @@
   `forbidden_categories` text,
   `nb_total_images` mediumint(8) unsigned default NULL,
+  `image_access_type` enum('NOT IN','IN') NOT NULL default 'NOT IN',
+  `image_access_list` text default NULL,
   PRIMARY KEY  (`user_id`)
 ) TYPE=MyISAM;
@@ -390 +393 @@
   `registration_date` datetime NOT NULL default '0000-00-00 00:00:00',
   `enabled_high` enum('true','false') NOT NULL default 'true',
+  `level` tinyint unsigned NOT NULL default '0',
   UNIQUE KEY `user_infos_ui1` (`user_id`)
 ) TYPE=MyISAM;

trunk/language/en_UK.iso-8859-1/admin.lang.php

@@ -642 +642 @@
 $lang['Thumbnails'] = 'Thumbnails';
 $lang['obligatory_user_mail_address'] = 'Mail address is obligatory for all users';
+$lang['Minimum privacy level'] = 'Minimum privacy level';
+$lang['Privacy level'] = 'Privacy level';
+$lang['Level 0'] = 'Public';
+$lang['Level 1'] = 'Contacts';
+$lang['Level 2'] = 'Friends';
+$lang['Level 4'] = 'Family';
+$lang['Level 8'] = 'Admins';
 ?>

trunk/language/fr_FR.iso-8859-1/admin.lang.php

@@ -643 +643 @@
 $lang['Thumbnails'] = 'Miniatures';
 $lang['obligatory_user_mail_address'] = 'L\'adresse mail est obligatoire pour tous les utilisateurs';
+$lang['Minimum privacy level'] = 'Niveau minimal de confidentialité';
+$lang['Privacy level'] = 'Niveau de confidentialité';
+$lang['Level 0'] = 'Public';
+$lang['Level 1'] = 'Contacts';
+$lang['Level 2'] = 'Amis';
+$lang['Level 4'] = 'Famille';
+$lang['Level 8'] = 'Admins';
 ?>

trunk/template/yoga/admin/element_set_global.tpl

@@ -35 +35 @@
     <li><span class="wrap1">
         <label>
-          <span class="wrap2"><span>
+          <span class="wrap2">
+                        <!-- BEGIN level -->
+                        <em class="levelIndicatorB">{thumbnails.thumbnail.level.LEVEL}</em><em class="levelIndicatorF" title="{thumbnails.thumbnail.level.TITLE}">{thumbnails.thumbnail.level.LEVEL}</em>
+                        <!-- END level -->
+          <span>
             <img src="{thumbnails.thumbnail.SRC}"
                alt="{thumbnails.thumbnail.ALT}"
@@ -134 +138 @@
     </tr>
 
+        <tr>
+                <td>{lang:Minimum privacy level}</td>
+                <td>
+                        <label><input type="radio" name="level_action" value="leave" checked="checked" />{lang:leave}</label>
+                        <label><input type="radio" name="level_action" value="set" id="level_action_set" />{lang:set to}</label>
+                        <select onmousedown="document.getElementById('level_action_set').checked = true;" name="level" size="1">
+                        <!-- BEGIN level_option -->
+                        <option {level_option.SELECTED} value="{level_option.VALUE}">{level_option.CONTENT} ({level_option.VALUE})</option>
+                        <!-- END level_option -->
+                        </select>
+          </td>
+        </tr>
+
   </table>
 

trunk/template/yoga/admin/user_list.tpl

@@ -191 +191 @@
     </tr>
 
+        <tr>
+                <td>{lang:Privacy level}</td>
+                <td>
+                        <label><input type="radio" name="level_action" value="leave" checked="checked" />{lang:leave}</label>
+                        <label><input type="radio" name="level_action" value="set" id="level_action_set" />{lang:set to}</label>
+                        <select onmousedown="document.getElementById('level_action_set').checked = true;" name="level" size="1">
+                        <!-- BEGIN level_option -->
+                        <option {level_option.SELECTED} value="{level_option.VALUE}">{level_option.CONTENT} ({level_option.VALUE})</option>
+                        <!-- END level_option -->
+                        </select>
+          </td>
+        </tr>
+
   </table>
 

trunk/template/yoga/menubar.css

@@ -48 +48 @@
     font-size: 100%;
     margin-top: 0;
+    margin-bottom: 0;
 }
 

trunk/template/yoga/thumbnails.css

@@ -52 +52 @@
 }
  
+UL.thumbnails .levelIndicatorB {
+display:block; position:absolute; z-index:100;padding:0px 0 0 14px; color:black; font-weight:bold; fontsize:120%;
+}
+
+UL.thumbnails .levelIndicatorF {
+display:block; position:absolute; z-index:101;padding:1px 0 0 15px; color:white; font-weight:bold; fontsize:120%;
+}