Changeset 9500 for extensions

Timestamp:

Mar 3, 2011, 10:12:57 PM (13 years ago)

Author:

plg

Message:

a permission may not automatically apply to sub-albums

in the upload form, the album list does not show private (and unreachable for
the user) albums and public albums that contains photos invisible to the user.

Location:

extensions/community

Files:

• add_photos.php (modified) (5 diffs)
• admin_permissions.php (modified) (2 diffs)
• admin_permissions.tpl (modified) (3 diffs)
• include/functions_community.inc.php (modified) (5 diffs)
• maintain.inc.php (modified) (3 diffs)

extensions/community/add_photos.php

@@ -51 +51 @@
   {
     // is the user authorized to upload in this album?
-    if (!$user_permissions['upload_whole_gallery'])
-    {
-      if (!in_array($_POST['category'], $user_permissions['upload_categories']))
-      {
-        echo 'Hacking attempt, you have no permission to upload in this album';
-        $hacking_attempt = true;
-      }
+    if (!in_array($_POST['category'], $user_permissions['upload_categories']))
+    {
+      echo 'Hacking attempt, you have no permission to upload in this album';
+      $hacking_attempt = true;
     }
   }
   elseif ('new' == $_POST['category_type'])
   {
-    if (!$user_permissions['create_whole_gallery'])
-    {
-      if (!in_array($_POST['category_parent'], $user_permissions['create_categories']))
-      {
-        echo 'Hacking attempt, you have no permission to create this album';
-        $hacking_attempt = true;
-      }
+    if (!in_array($_POST['category_parent'], $user_permissions['create_categories']))
+    {
+      echo 'Hacking attempt, you have no permission to create this album';
+      $hacking_attempt = true;
     }
   }
@@ -291 +285 @@
 include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_prepare.inc.php');
 
-if (!$user_permissions['upload_whole_gallery'])
-{
-  // we have to change the list of uploadable albums
-  $query = '
+// we have to change the list of uploadable albums
+$query = '
 SELECT id,name,uppercats,global_rank
   FROM '.CATEGORIES_TABLE.'
@@ -300 +292 @@
 ;';
 
-  display_select_cat_wrapper(
-    $query,
-    $selected_category,
-    'category_options'
-    );
-}
+display_select_cat_wrapper(
+  $query,
+  $selected_category,
+  'category_options'
+  );
 
 $create_subcategories = false;
 
-if ($user_permissions['create_whole_gallery'] or count($user_permissions['create_categories']) > 0)
+if (count($user_permissions['create_categories']) > 0)
 {
   $create_subcategories = true;
@@ -316 +307 @@
   $query = '
 SELECT id,name,uppercats,global_rank
-  FROM '.CATEGORIES_TABLE;
-  
-  if (!$user_permissions['create_whole_gallery'])
-  {
-    $query.= '
-  WHERE id IN ('.implode(',', $user_permissions['create_categories']).')';
-  }
-
-  $query.= '
+  FROM '.CATEGORIES_TABLE.'
+  WHERE id IN ('.implode(',', $user_permissions['create_categories']).')
 ;';
 
@@ -358 +342 @@
 $title = l10n('Upload Photos');
 $page['body_id'] = 'theUploadPage';
-// include(PHPWG_ROOT_PATH.'include/page_header.php');
-// $template->pparse('add_photos');
-// include(PHPWG_ROOT_PATH.'include/page_tail.php');
 
 $template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'add_photos');

extensions/community/admin_permissions.php

@@ -74 +74 @@
     'user_id' => ('user' == $_POST['who']) ? $_POST['who_user'] : null,
     'category_id' => ($_POST['category'] > 0) ? $_POST['category'] : null,
+    'recursive' => isset($_POST['recursive']) ? 'true' : 'false',
     'create_subcategories' => isset($_POST['create_subcategories']) ? 'true' : 'false',
     'moderated' => $_POST['moderate'],
     );
+  
   mass_inserts(
     COMMUNITY_PERMISSIONS_TABLE,
@@ -324 +326 @@
       'TRUST' => $trust,
       'TRUST_TOOLTIP' => $trust_tooltip,
+      'RECURSIVE' => get_boolean($permission['recursive']),
+      'RECURSIVE_TOOLTIP' => l10n('Apply to sub-albums'),
       'CREATE_SUBCATEGORIES' => get_boolean($permission['create_subcategories']),
       'U_DELETE' => $admin_base_url.'&delete='.$permission['id']

extensions/community/admin_permissions.tpl

@@ -10 +10 @@
     $("[name^=who_]").hide();
     $("[name=who_"+$(this).attr("value")+"]").show();
+  });
+
+  function checkWhereOptions() {
+    var recursive = $("input[name=recursive]");
+    var create = $("input[name=create_subcategories]");
+
+    if ($("select[name=category] option:selected").val() == 0) {
+      $(recursive).attr("disabled", true);
+      $(recursive).attr('checked', true);
+    }
+    else {
+      $(recursive).removeAttr("disabled");
+    }
+
+    if (!$(recursive).is(':checked')) {
+      $(create).attr('checked', false);
+      $(create).attr("disabled", true);
+    }
+    else {
+      $(create).removeAttr("disabled");
+    }
+  }
+
+  checkWhereOptions();
+
+  $("select[name=category]").change(function() {
+    checkWhereOptions();
+  });
+
+  $("input[name=recursive]").change(function() {
+    checkWhereOptions();
   });
 
@@ -59 +90 @@
       </select>
       <br>
+      <label><input type="checkbox" name="recursive" checked="checked"> {'Apply to sub-albums'|@translate}</label>
+      <br>
       <label><input type="checkbox" name="create_subcategories"> {'ability to create sub-albums'|@translate}</label>
     </p>
@@ -88 +121 @@
     <td>
       <span title="{$permission.TRUST_TOOLTIP}">{$permission.TRUST}</span>
+    {if $permission.RECURSIVE}
+, <span title="{$permission.RECURSIVE_TOOLTIP}">{'sub-albums'|@translate}</span>
+    {/if}
     {if $permission.CREATE_SUBCATEGORIES}
 , {'sub-albums creation'|@translate}

extensions/community/include/functions_community.inc.php

@@ -24 +24 @@
 function community_get_user_permissions($user_id)
 {
-  global $conf;
-
-  if (is_admin())
-  {
-    return array(
-      'upload_whole_gallery' => true,
-      'create_whole_gallery' => true,
-      'create_categories' => array(),
-      'upload_categories' => array(),
-      'permission_ids' => array(),
-      );
-  }
+  global $conf, $user;
 
   $return = array(
@@ -58 +47 @@
     id,
     category_id,
+    recursive,
     create_subcategories
   FROM '.COMMUNITY_PERMISSIONS_TABLE.'
@@ -78 +68 @@
 ;';
 
+  $recursive_categories = array();
+
   $result = pwg_query($query);
   while ($row = pwg_db_fetch_assoc($result))
@@ -90 +82 @@
     {
       array_push($return['upload_categories'], $row['category_id']);
+
+      if ('true' == $row['recursive'])
+      {
+        array_push($recursive_categories, $row['category_id']);
+      }
     }
 
@@ -105 +102 @@
   }
 
-  if (!$return['upload_whole_gallery'] and count($return['upload_categories']) > 0)
-  {
-    $return['upload_categories'] = get_subcat_ids($return['upload_categories']);
-  }
-
-  if (!$return ['create_whole_gallery'] and count($return['create_categories']) > 0)
-  {
+  if (is_admin())
+  {
+    $return ['upload_whole_gallery'] = true;
+    $return ['create_whole_gallery'] = true;
+  }
+
+  // these are categories with access permission but considering the user
+  // has a level 8 (maximum level). We want to keep categories with no
+  // photos inside (for nobody)
+  $forbidden_categories = calculate_permissions($user['id'], $user['status']);
+  
+  $empty_categories = array_diff(
+    explode(',', $user['forbidden_categories']),
+    explode(',', $forbidden_categories)
+    );
+
+  if (count($empty_categories) > 0)
+  {
+    $query = '
+SELECT
+    category_id
+  FROM '.IMAGE_CATEGORY_TABLE.'
+    JOIN '.IMAGES_TABLE.'
+  WHERE category_id IN ('.implode(',', $empty_categories).')
+    AND level > '.$user['level'].'
+    AND level <= 8
+  GROUP BY category_id
+;';
+    $not_really_empty_categories = array_keys(hash_from_query($query, 'category_id'));
+    $forbidden_categories.= ','.implode(',', $not_really_empty_categories);
+  }
+
+  $query = '
+SELECT
+    id
+  FROM '.CATEGORIES_TABLE.'
+;';
+  $all_categories = array_keys(hash_from_query($query, 'id'));
+
+  if ($return['upload_whole_gallery'])
+  {
+    $return['upload_categories'] = array_diff(
+      $all_categories,
+      explode(',', $forbidden_categories)
+      );
+  }
+  elseif (count($return['upload_categories']) > 0)
+  {
+    if (count($recursive_categories) > 0)
+    {
+      $return['upload_categories'] = array_unique(
+        array_merge(
+          $return['upload_categories'],
+          get_subcat_ids($recursive_categories)
+          )
+        );
+    }
+
+    $return['upload_categories'] = array_diff(
+      $return['upload_categories'],
+      explode(',', $forbidden_categories)
+      );
+  }
+
+  if ($return ['create_whole_gallery'])
+  {
+    $return['create_categories'] = array_diff(
+      $all_categories,
+      explode(',', $forbidden_categories)
+      );
+  }
+  elseif (count($return['create_categories']) > 0)
+  {
+    // no need to check for "recursive", an upload permission can't be
+    // "create_subcategories" without being "recursive"
     $return['create_categories'] = get_subcat_ids($return['create_categories']);
+
+    $return['create_categories'] = array_diff(
+      $return['create_categories'],
+      explode(',', $forbidden_categories)
+      );
   }
 

extensions/community/maintain.inc.php

@@ -19 +19 @@
   user_id smallint(5) DEFAULT NULL,
   category_id smallint(5) unsigned DEFAULT NULL,
+  recursive enum(\'true\',\'false\') NOT NULL DEFAULT \'true\',
   create_subcategories enum(\'true\',\'false\') NOT NULL DEFAULT \'false\',
   moderated enum(\'true\',\'false\') NOT NULL DEFAULT \'true\',
@@ -45 +46 @@
   "user_id" INTEGER,
   "category_id" INTEGER,
+  "recursive" BOOLEAN default true,
   "create_subcategories" BOOLEAN default false,
   "moderated" BOOLEAN default true,
@@ -71 +73 @@
   "user_id" INTEGER,
   "category_id" INTEGER,
+  "recursive" BOOLEAN default true,
   "create_subcategories" BOOLEAN default false,
   "moderated" BOOLEAN default true,