Changeset 2084 for trunk/include/functions_user.inc.php

Timestamp:

Sep 11, 2007, 4:24:51 AM (17 years ago)

Author:

rvelices

Message:

feature 731: permissions at image level

• this is the first version - I wait for feedback before changing help files

File:

• trunk/include/functions_user.inc.php (modified) (11 diffs)

trunk/include/functions_user.inc.php

@@ -258 +258 @@
         calculate_permissions($userdata['id'], $userdata['status']);
 
+      /* now we build the list of forbidden images (this list does not contain
+      images that are not in at least an authorized category)*/
+      $query = '
+SELECT DISTINCT(id)
+  FROM '.IMAGES_TABLE.' INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id=image_id
+  WHERE category_id NOT IN ('.$userdata['forbidden_categories'].')
+    AND level>'.$userdata['level'];
+      $forbidden_ids = array_from_query($query, 'id');
+
+      if ( empty($forbidden_ids) )
+      {
+        array_push( $forbidden_ids, 0 );
+      }
+      $userdata['image_access_type'] = 'NOT IN'; //TODO maybe later
+      $userdata['image_access_list'] = implode(',',$forbidden_ids);
+
       update_user_cache_categories($userdata);
 
@@ -270 +286 @@
   FROM '.IMAGE_CATEGORY_TABLE.'
   WHERE category_id NOT IN ('.$userdata['forbidden_categories'].')
+    AND image_id '.$userdata['image_access_type'].' ('.$userdata['image_access_list'].')
 ;';
       list($userdata['nb_total_images']) = mysql_fetch_array(pwg_query($query));
@@ -282 +299 @@
       $query = '
 INSERT INTO '.USER_CACHE_TABLE.'
-  (user_id, need_update, forbidden_categories, nb_total_images)
+  (user_id, need_update, forbidden_categories, nb_total_images,
+    image_access_type, image_access_list)
   VALUES
   ('.$userdata['id'].',\''.boolean_to_string($userdata['need_update']).'\',\''
-  .$userdata['forbidden_categories'].'\','.$userdata['nb_total_images'].')
+  .$userdata['forbidden_categories'].'\','.$userdata['nb_total_images'].',"'
+  .$userdata['image_access_type'].'","'.$userdata['image_access_list'].'")
 ;';
       pwg_query($query);
@@ -528 +547 @@
 
   $query = 'SELECT c.id cat_id, global_rank';
-  if ( !isset($filter_days) )
-  {
-    $query .= ',
-    date_last cat_date_last,
-    nb_images cat_nb_images
-  FROM '.CATEGORIES_TABLE.' as c';
-  }
-  else
-  {
-    // Count by date_available to avoid count null
-    $query .= ',
-    MAX(date_available) cat_date_last,
-    COUNT(date_available) cat_nb_images
-  FROM '.CATEGORIES_TABLE.' as c
-    LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON ic.category_id = c.id
-    LEFT JOIN '.IMAGES_TABLE.' AS i
-      ON ic.image_id = i.id AND
-          i.date_available > SUBDATE(CURRENT_DATE,INTERVAL '.$filter_days.' DAY)';
-    $group_by = 'c.id';
-  }
+  // Count by date_available to avoid count null
+  $query .= ',
+  MAX(date_available) cat_date_last,  COUNT(date_available) cat_nb_images
+FROM '.CATEGORIES_TABLE.' as c
+  LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON ic.category_id = c.id
+  LEFT JOIN '.IMAGES_TABLE.' AS i
+    ON ic.image_id = i.id
+      AND i.level<='.$userdata['level'];
+
+  if ( isset($filter_days) )
+  {
+    $query .= ' AND i.date_available > SUBDATE(CURRENT_DATE,INTERVAL '.$filter_days.' DAY)';
+  }
+  $group_by = 'c.id';
 
   if ( !empty($userdata['forbidden_categories']) )
@@ -720 +733 @@
 {
   global $page, $conf;
-  
+
   if (!isset($page['cache_default_user']))
   {
@@ -728 +741 @@
     $result = pwg_query($query);
     $page['cache_default_user'] = mysql_fetch_assoc($result);
-    
+
     if ($page['cache_default_user'] !== false)
     {
@@ -840 +853 @@
     foreach ($user_ids as $user_id)
     {
+      $level= isset($default_user['level']) ? $default_user['level'] : 0;
       if ($user_id == $conf['webmaster_id'])
       {
         $status = 'webmaster';
-      }
-      else if (($user_id == $conf['guest_id']) or 
+        $level = max( $conf['available_permission_levels'] );
+      }
+      else if (($user_id == $conf['guest_id']) or
                ($user_id == $conf['default_user_id']))
       {
@@ -859 +874 @@
           'user_id' => $user_id,
           'status' => $status,
-          'registration_date' => $dbnow
+          'registration_date' => $dbnow,
+          'level' => $level
           ));
 
       array_push($inserts, $insert);
-      }
+    }
 
     include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
@@ -902 +918 @@
  * availability of the file
  *
- * in descending order of preference: 
+ * in descending order of preference:
  *   param language, user language, default language
  * PhpWebGallery default language.
@@ -1291 +1307 @@
       }
       case 'visible_images':
-      {
         if (!empty($filter['visible_images']))
         {
@@ -1297 +1312 @@
             $field_name.' IN ('.$filter['visible_images'].')';
         }
+        // note there is no break - visible include forbidden
+      case 'forbidden_images':
+        if (
+            !empty($user['image_access_list'])
+            or $user['image_access_type']!='NOT IN'
+            )
+        {
+          $table_prefix=null;
+          if ($field_name=='id')
+          {
+            $table_prefix = '';
+          }
+          elseif ($field_name=='i.id')
+          {
+            $table_prefix = 'i.';
+          }
+          if ( isset($table_prefix) )
+          {
+            $sql_list[]=$table_prefix.'level<='.$user['level'];
+          }
+          else
+          {
+            $sql_list[]=$field_name.' '.$user['image_access_type']
+                .' ('.$user['image_access_list'].')';
+          }
+        }
         break;
-      }
       default:
       {